From a344e58392d528c168b74ccda5caa309923fff56 Mon Sep 17 00:00:00 2001 From: Arpit Nandwani Date: Mon, 20 Feb 2017 22:39:07 +0530 Subject: [PATCH] Initial Commit --- 0.11.10/CSS/.svn/all-wcprops | 71 + 0.11.10/CSS/.svn/entries | 402 ++ 0.11.10/CSS/.svn/text-base/cleanup.c.svn-base | 59 + 0.11.10/CSS/.svn/text-base/input.c.svn-base | 118 + .../text-base/process-access-list.c.svn-base | 308 ++ .../text-base/process-restrict.c.svn-base | 90 + .../.svn/text-base/process-snmp.c.svn-base | 194 + .../text-base/report-access-list.c.svn-base | 129 + .../.svn/text-base/report-debug.c.svn-base | 83 + .../.svn/text-base/report-general.c.svn-base | 73 + .../.svn/text-base/report-restrict.c.svn-base | 71 + .../CSS/.svn/text-base/report-snmp.c.svn-base | 123 + 0.11.10/CSS/.svn/text-base/report.c.svn-base | 78 + 0.11.10/CSS/cleanup.c | 59 + 0.11.10/CSS/input.c | 118 + 0.11.10/CSS/process-access-list.c | 308 ++ 0.11.10/CSS/process-restrict.c | 90 + 0.11.10/CSS/process-snmp.c | 194 + 0.11.10/CSS/report-access-list.c | 129 + 0.11.10/CSS/report-debug.c | 83 + 0.11.10/CSS/report-general.c | 73 + 0.11.10/CSS/report-restrict.c | 71 + 0.11.10/CSS/report-snmp.c | 123 + 0.11.10/CSS/report.c | 78 + 0.11.10/Changelog | 1167 ++++ 0.11.10/FW1/.svn/all-wcprops | 77 + 0.11.10/FW1/.svn/entries | 436 ++ 0.11.10/FW1/.svn/text-base/cleanup.c.svn-base | 57 + 0.11.10/FW1/.svn/text-base/input.c.svn-base | 211 + .../.svn/text-base/process-objects.c.svn-base | 447 ++ .../process-policycollections.c.svn-base | 242 + .../text-base/process-rulebases.c.svn-base | 145 + .../.svn/text-base/process-rules.c.svn-base | 693 +++ .../text-base/process-services.c.svn-base | 220 + .../.svn/text-base/report-debug.c.svn-base | 85 + .../.svn/text-base/report-objects.c.svn-base | 476 ++ .../.svn/text-base/report-rules.c.svn-base | 120 + .../.svn/text-base/report-services.c.svn-base | 134 + 0.11.10/FW1/.svn/text-base/report.c.svn-base | 82 + 0.11.10/FW1/cleanup.c | 57 + 0.11.10/FW1/input.c | 211 + 0.11.10/FW1/process-objects.c | 447 ++ 0.11.10/FW1/process-policycollections.c | 242 + 0.11.10/FW1/process-rulebases.c | 145 + 0.11.10/FW1/process-rules.c | 693 +++ 0.11.10/FW1/process-services.c | 220 + 0.11.10/FW1/report-debug.c | 85 + 0.11.10/FW1/report-objects.c | 476 ++ 0.11.10/FW1/report-rules.c | 120 + 0.11.10/FW1/report-services.c | 134 + 0.11.10/FW1/report.c | 82 + 0.11.10/INSTALL | 54 + 0.11.10/IOS/.svn/all-wcprops | 293 + 0.11.10/IOS/.svn/entries | 1660 ++++++ 0.11.10/IOS/.svn/text-base/cleanup.c.svn-base | 446 ++ 0.11.10/IOS/.svn/text-base/input.c.svn-base | 425 ++ .../IOS/.svn/text-base/process-aaa.c.svn-base | 243 + .../text-base/process-access-list.c.svn-base | 632 +++ .../.svn/text-base/process-banner.c.svn-base | 121 + .../IOS/.svn/text-base/process-cef.c.svn-base | 71 + .../.svn/text-base/process-clock.c.svn-base | 103 + .../IOS/.svn/text-base/process-dns.c.svn-base | 70 + .../.svn/text-base/process-enable.c.svn-base | 149 + .../IOS/.svn/text-base/process-ftp.c.svn-base | 138 + .../.svn/text-base/process-general.c.svn-base | 194 + .../.svn/text-base/process-http.c.svn-base | 109 + .../text-base/process-interface.c.svn-base | 887 +++ .../text-base/process-keychain.c.svn-base | 169 + .../.svn/text-base/process-line.c.svn-base | 338 ++ .../.svn/text-base/process-logging.c.svn-base | 328 ++ .../IOS/.svn/text-base/process-nat.c.svn-base | 193 + .../IOS/.svn/text-base/process-ntp.c.svn-base | 234 + .../text-base/process-route-map.c.svn-base | 121 + .../.svn/text-base/process-router.c.svn-base | 1111 ++++ .../.svn/text-base/process-snmp.c.svn-base | 715 +++ .../IOS/.svn/text-base/process-ssh.c.svn-base | 120 + .../.svn/text-base/process-tacacs.c.svn-base | 129 + .../text-base/process-username.c.svn-base | 146 + .../IOS/.svn/text-base/process-vtp.c.svn-base | 71 + .../IOS/.svn/text-base/report-aaa.c.svn-base | 92 + .../text-base/report-access-list.c.svn-base | 178 + .../.svn/text-base/report-clock.c.svn-base | 70 + .../.svn/text-base/report-debug.c.svn-base | 700 +++ .../IOS/.svn/text-base/report-dns.c.svn-base | 79 + .../IOS/.svn/text-base/report-ftp.c.svn-base | 81 + .../.svn/text-base/report-general.c.svn-base | 427 ++ .../IOS/.svn/text-base/report-http.c.svn-base | 135 + .../text-base/report-interface.c.svn-base | 510 ++ .../.svn/text-base/report-keychain.c.svn-base | 59 + .../IOS/.svn/text-base/report-line.c.svn-base | 189 + .../.svn/text-base/report-logging.c.svn-base | 273 + .../IOS/.svn/text-base/report-nat.c.svn-base | 195 + .../IOS/.svn/text-base/report-ntp.c.svn-base | 135 + .../text-base/report-passwords.c.svn-base | 910 ++++ .../.svn/text-base/report-router.c.svn-base | 1047 ++++ .../IOS/.svn/text-base/report-snmp.c.svn-base | 473 ++ .../IOS/.svn/text-base/report-ssh.c.svn-base | 113 + .../.svn/text-base/report-tacacs.c.svn-base | 76 + .../.svn/text-base/report-timeout.c.svn-base | 225 + .../.svn/text-base/report-username.c.svn-base | 165 + .../IOS/.svn/text-base/report-vtp.c.svn-base | 62 + 0.11.10/IOS/.svn/text-base/report.c.svn-base | 555 ++ 0.11.10/IOS/cleanup.c | 446 ++ 0.11.10/IOS/input.c | 425 ++ 0.11.10/IOS/process-aaa.c | 243 + 0.11.10/IOS/process-access-list.c | 632 +++ 0.11.10/IOS/process-banner.c | 121 + 0.11.10/IOS/process-cef.c | 71 + 0.11.10/IOS/process-clock.c | 103 + 0.11.10/IOS/process-dns.c | 70 + 0.11.10/IOS/process-enable.c | 149 + 0.11.10/IOS/process-ftp.c | 138 + 0.11.10/IOS/process-general.c | 194 + 0.11.10/IOS/process-http.c | 109 + 0.11.10/IOS/process-interface.c | 887 +++ 0.11.10/IOS/process-keychain.c | 169 + 0.11.10/IOS/process-line.c | 338 ++ 0.11.10/IOS/process-logging.c | 328 ++ 0.11.10/IOS/process-nat.c | 193 + 0.11.10/IOS/process-ntp.c | 234 + 0.11.10/IOS/process-route-map.c | 121 + 0.11.10/IOS/process-router.c | 1111 ++++ 0.11.10/IOS/process-snmp.c | 715 +++ 0.11.10/IOS/process-ssh.c | 120 + 0.11.10/IOS/process-tacacs.c | 129 + 0.11.10/IOS/process-username.c | 146 + 0.11.10/IOS/process-vtp.c | 71 + 0.11.10/IOS/report-aaa.c | 92 + 0.11.10/IOS/report-access-list.c | 178 + 0.11.10/IOS/report-clock.c | 70 + 0.11.10/IOS/report-debug.c | 700 +++ 0.11.10/IOS/report-dns.c | 79 + 0.11.10/IOS/report-ftp.c | 81 + 0.11.10/IOS/report-general.c | 427 ++ 0.11.10/IOS/report-http.c | 135 + 0.11.10/IOS/report-interface.c | 510 ++ 0.11.10/IOS/report-keychain.c | 59 + 0.11.10/IOS/report-line.c | 189 + 0.11.10/IOS/report-logging.c | 273 + 0.11.10/IOS/report-nat.c | 195 + 0.11.10/IOS/report-ntp.c | 135 + 0.11.10/IOS/report-passwords.c | 910 ++++ 0.11.10/IOS/report-router.c | 1047 ++++ 0.11.10/IOS/report-snmp.c | 473 ++ 0.11.10/IOS/report-ssh.c | 113 + 0.11.10/IOS/report-tacacs.c | 76 + 0.11.10/IOS/report-timeout.c | 225 + 0.11.10/IOS/report-username.c | 165 + 0.11.10/IOS/report-vtp.c | 62 + 0.11.10/IOS/report.c | 555 ++ 0.11.10/LICENSE | 653 +++ 0.11.10/Makefile | 22 + 0.11.10/NMP/.svn/all-wcprops | 107 + 0.11.10/NMP/.svn/entries | 606 +++ 0.11.10/NMP/.svn/text-base/cleanup.c.svn-base | 120 + 0.11.10/NMP/.svn/text-base/input.c.svn-base | 231 + .../NMP/.svn/text-base/process-cdp.c.svn-base | 140 + .../.svn/text-base/process-general.c.svn-base | 156 + .../.svn/text-base/process-permit.c.svn-base | 166 + .../.svn/text-base/process-port.c.svn-base | 745 +++ .../.svn/text-base/process-snmp.c.svn-base | 253 + .../text-base/process-spantree.c.svn-base | 121 + .../.svn/text-base/process-vlan.c.svn-base | 287 + .../.svn/text-base/report-debug.c.svn-base | 197 + .../.svn/text-base/report-general.c.svn-base | 162 + .../text-base/report-passwords.c.svn-base | 350 ++ .../.svn/text-base/report-permit.c.svn-base | 103 + .../NMP/.svn/text-base/report-port.c.svn-base | 227 + .../NMP/.svn/text-base/report-snmp.c.svn-base | 102 + .../NMP/.svn/text-base/report-vlan.c.svn-base | 64 + 0.11.10/NMP/.svn/text-base/report.c.svn-base | 105 + 0.11.10/NMP/cleanup.c | 120 + 0.11.10/NMP/input.c | 231 + 0.11.10/NMP/process-cdp.c | 140 + 0.11.10/NMP/process-general.c | 156 + 0.11.10/NMP/process-permit.c | 166 + 0.11.10/NMP/process-port.c | 745 +++ 0.11.10/NMP/process-snmp.c | 253 + 0.11.10/NMP/process-spantree.c | 121 + 0.11.10/NMP/process-vlan.c | 287 + 0.11.10/NMP/report-debug.c | 197 + 0.11.10/NMP/report-general.c | 162 + 0.11.10/NMP/report-passwords.c | 350 ++ 0.11.10/NMP/report-permit.c | 103 + 0.11.10/NMP/report-port.c | 227 + 0.11.10/NMP/report-snmp.c | 102 + 0.11.10/NMP/report-vlan.c | 64 + 0.11.10/NMP/report.c | 105 + 0.11.10/PIX/.svn/all-wcprops | 173 + 0.11.10/PIX/.svn/entries | 980 ++++ 0.11.10/PIX/.svn/text-base/cleanup.c.svn-base | 154 + 0.11.10/PIX/.svn/text-base/input.c.svn-base | 220 + .../text-base/process-access-list.c.svn-base | 429 ++ .../.svn/text-base/process-enable.c.svn-base | 193 + .../.svn/text-base/process-general.c.svn-base | 55 + .../.svn/text-base/process-http.c.svn-base | 152 + .../.svn/text-base/process-icmp.c.svn-base | 115 + .../text-base/process-interface.c.svn-base | 357 ++ .../PIX/.svn/text-base/process-nat.c.svn-base | 324 ++ .../.svn/text-base/process-objects.c.svn-base | 185 + .../text-base/process-protocols.c.svn-base | 98 + .../.svn/text-base/process-route.c.svn-base | 118 + .../.svn/text-base/process-snmp.c.svn-base | 333 ++ .../PIX/.svn/text-base/process-ssh.c.svn-base | 107 + .../text-base/report-access-list.c.svn-base | 154 + .../.svn/text-base/report-debug.c.svn-base | 267 + .../.svn/text-base/report-enable.c.svn-base | 105 + .../.svn/text-base/report-general.c.svn-base | 293 + .../PIX/.svn/text-base/report-http.c.svn-base | 77 + .../PIX/.svn/text-base/report-icmp.c.svn-base | 62 + .../text-base/report-interface.c.svn-base | 78 + .../PIX/.svn/text-base/report-nat.c.svn-base | 151 + .../text-base/report-passwords.c.svn-base | 265 + .../text-base/report-protocols.c.svn-base | 57 + .../.svn/text-base/report-route.c.svn-base | 64 + .../PIX/.svn/text-base/report-snmp.c.svn-base | 109 + .../PIX/.svn/text-base/report-ssh.c.svn-base | 95 + 0.11.10/PIX/.svn/text-base/report.c.svn-base | 196 + 0.11.10/PIX/cleanup.c | 154 + 0.11.10/PIX/input.c | 220 + 0.11.10/PIX/process-access-list.c | 429 ++ 0.11.10/PIX/process-enable.c | 193 + 0.11.10/PIX/process-general.c | 55 + 0.11.10/PIX/process-http.c | 152 + 0.11.10/PIX/process-icmp.c | 115 + 0.11.10/PIX/process-interface.c | 357 ++ 0.11.10/PIX/process-nat.c | 324 ++ 0.11.10/PIX/process-objects.c | 185 + 0.11.10/PIX/process-protocols.c | 98 + 0.11.10/PIX/process-route.c | 118 + 0.11.10/PIX/process-snmp.c | 333 ++ 0.11.10/PIX/process-ssh.c | 107 + 0.11.10/PIX/report-access-list.c | 154 + 0.11.10/PIX/report-debug.c | 267 + 0.11.10/PIX/report-enable.c | 105 + 0.11.10/PIX/report-general.c | 293 + 0.11.10/PIX/report-http.c | 77 + 0.11.10/PIX/report-icmp.c | 62 + 0.11.10/PIX/report-interface.c | 78 + 0.11.10/PIX/report-nat.c | 151 + 0.11.10/PIX/report-passwords.c | 265 + 0.11.10/PIX/report-protocols.c | 57 + 0.11.10/PIX/report-route.c | 64 + 0.11.10/PIX/report-snmp.c | 109 + 0.11.10/PIX/report-ssh.c | 95 + 0.11.10/PIX/report.c | 196 + 0.11.10/Passport/.svn/all-wcprops | 53 + 0.11.10/Passport/.svn/entries | 300 ++ .../.svn/text-base/cleanup.c.svn-base | 39 + .../Passport/.svn/text-base/input.c.svn-base | 93 + .../.svn/text-base/process-filters.c.svn-base | 488 ++ .../.svn/text-base/process-general.c.svn-base | 120 + .../.svn/text-base/report-debug.c.svn-base | 52 + .../.svn/text-base/report-filters.c.svn-base | 129 + .../.svn/text-base/report-general.c.svn-base | 42 + .../Passport/.svn/text-base/report.c.svn-base | 62 + 0.11.10/Passport/cleanup.c | 39 + 0.11.10/Passport/input.c | 93 + 0.11.10/Passport/process-filters.c | 488 ++ 0.11.10/Passport/process-general.c | 120 + 0.11.10/Passport/report-debug.c | 52 + 0.11.10/Passport/report-filters.c | 129 + 0.11.10/Passport/report-general.c | 42 + 0.11.10/Passport/report.c | 62 + 0.11.10/Readme | 78 + 0.11.10/ScreenOS/.svn/all-wcprops | 143 + 0.11.10/ScreenOS/.svn/entries | 810 +++ .../.svn/text-base/cleanup.c.svn-base | 95 + .../ScreenOS/.svn/text-base/input.c.svn-base | 162 + .../.svn/text-base/process-address.c.svn-base | 146 + .../.svn/text-base/process-admin.c.svn-base | 296 + .../text-base/process-auth-server.c.svn-base | 179 + .../text-base/process-interface.c.svn-base | 208 + .../.svn/text-base/process-policy.c.svn-base | 399 ++ .../.svn/text-base/process-snmp.c.svn-base | 261 + .../.svn/text-base/process-ssh.c.svn-base | 66 + .../.svn/text-base/process-zone.c.svn-base | 436 ++ .../.svn/text-base/report-address.c.svn-base | 120 + .../.svn/text-base/report-admin.c.svn-base | 167 + .../text-base/report-auth-server.c.svn-base | 98 + .../.svn/text-base/report-debug.c.svn-base | 233 + .../.svn/text-base/report-general.c.svn-base | 56 + .../text-base/report-interface.c.svn-base | 114 + .../text-base/report-passwords.c.svn-base | 392 ++ .../.svn/text-base/report-policy.c.svn-base | 159 + .../.svn/text-base/report-snmp.c.svn-base | 160 + .../.svn/text-base/report-ssh.c.svn-base | 56 + .../.svn/text-base/report-timeout.c.svn-base | 145 + .../.svn/text-base/report-zone.c.svn-base | 297 + .../ScreenOS/.svn/text-base/report.c.svn-base | 140 + 0.11.10/ScreenOS/cleanup.c | 95 + 0.11.10/ScreenOS/input.c | 162 + 0.11.10/ScreenOS/process-address.c | 146 + 0.11.10/ScreenOS/process-admin.c | 296 + 0.11.10/ScreenOS/process-auth-server.c | 179 + 0.11.10/ScreenOS/process-interface.c | 208 + 0.11.10/ScreenOS/process-policy.c | 399 ++ 0.11.10/ScreenOS/process-snmp.c | 261 + 0.11.10/ScreenOS/process-ssh.c | 66 + 0.11.10/ScreenOS/process-zone.c | 436 ++ 0.11.10/ScreenOS/report-address.c | 120 + 0.11.10/ScreenOS/report-admin.c | 167 + 0.11.10/ScreenOS/report-auth-server.c | 98 + 0.11.10/ScreenOS/report-debug.c | 233 + 0.11.10/ScreenOS/report-general.c | 56 + 0.11.10/ScreenOS/report-interface.c | 114 + 0.11.10/ScreenOS/report-passwords.c | 392 ++ 0.11.10/ScreenOS/report-policy.c | 159 + 0.11.10/ScreenOS/report-snmp.c | 160 + 0.11.10/ScreenOS/report-ssh.c | 56 + 0.11.10/ScreenOS/report-timeout.c | 145 + 0.11.10/ScreenOS/report-zone.c | 297 + 0.11.10/ScreenOS/report.c | 140 + 0.11.10/SonicOS/.svn/all-wcprops | 71 + 0.11.10/SonicOS/.svn/entries | 402 ++ .../SonicOS/.svn/text-base/cleanup.c.svn-base | 39 + .../text-base/input-preprocessing.c.svn-base | 76 + .../SonicOS/.svn/text-base/input.c.svn-base | 105 + .../.svn/text-base/process-policy.c.svn-base | 283 + .../.svn/text-base/process-rules.c.svn-base | 308 ++ .../text-base/process-services.c.svn-base | 117 + .../.svn/text-base/report-debug.c.svn-base | 53 + .../.svn/text-base/report-general.c.svn-base | 41 + .../.svn/text-base/report-rules.c.svn-base | 119 + .../.svn/text-base/report-services.c.svn-base | 86 + .../SonicOS/.svn/text-base/report.c.svn-base | 72 + 0.11.10/SonicOS/cleanup.c | 39 + 0.11.10/SonicOS/input-preprocessing.c | 76 + 0.11.10/SonicOS/input.c | 105 + 0.11.10/SonicOS/process-policy.c | 283 + 0.11.10/SonicOS/process-rules.c | 308 ++ 0.11.10/SonicOS/process-services.c | 117 + 0.11.10/SonicOS/report-debug.c | 53 + 0.11.10/SonicOS/report-general.c | 41 + 0.11.10/SonicOS/report-rules.c | 119 + 0.11.10/SonicOS/report-services.c | 86 + 0.11.10/SonicOS/report.c | 72 + 0.11.10/TODO | 20 + 0.11.10/Template/.svn/all-wcprops | 29 + 0.11.10/Template/.svn/entries | 164 + .../.svn/text-base/cleanup.c.svn-base | 39 + .../Template/.svn/text-base/input.c.svn-base | 58 + .../.svn/text-base/report-debug.c.svn-base | 48 + .../Template/.svn/text-base/report.c.svn-base | 57 + 0.11.10/Template/cleanup.c | 39 + 0.11.10/Template/input.c | 58 + 0.11.10/Template/report-debug.c | 48 + 0.11.10/Template/report.c | 57 + 0.11.10/cisco/.svn/all-wcprops | 11 + 0.11.10/cisco/.svn/entries | 62 + .../.svn/text-base/report-acl.c.svn-base | 126 + 0.11.10/cisco/report-acl.c | 126 + 0.11.10/common/.svn/all-wcprops | 131 + 0.11.10/common/.svn/entries | 742 +++ .../.svn/text-base/nipper-acl.c.svn-base | 772 +++ .../.svn/text-base/nipper-base64.c.svn-base | 254 + .../.svn/text-base/nipper-cleanup.c.svn-base | 215 + .../text-base/nipper-cmdoptions.c.svn-base | 468 ++ .../.svn/text-base/nipper-common.c.svn-base | 538 ++ .../.svn/text-base/nipper-config.c.svn-base | 315 ++ .../.svn/text-base/nipper-defaults.c.svn-base | 520 ++ .../.svn/text-base/nipper-defs.c.svn-base | 180 + .../.svn/text-base/nipper-help.c.svn-base | 433 ++ .../.svn/text-base/nipper-input.c.svn-base | 449 ++ .../text-base/nipper-namemappings.c.svn-base | 218 + .../.svn/text-base/nipper-objects.c.svn-base | 303 ++ .../text-base/nipper-remote-snmp.c.svn-base | 131 + .../.svn/text-base/nipper-struct.c.svn-base | 254 + .../.svn/text-base/report-acl.c.svn-base | 2363 ++++++++ .../.svn/text-base/report-appendix.c.svn-base | 566 ++ .../.svn/text-base/report-debug.c.svn-base | 131 + .../text-base/report-functions.c.svn-base | 1818 +++++++ .../.svn/text-base/report-text.c.svn-base | 1634 ++++++ .../.svn/text-base/report-vulns.c.svn-base | 219 + .../common/.svn/text-base/report.c.svn-base | 694 +++ 0.11.10/common/nipper-acl.c | 772 +++ 0.11.10/common/nipper-base64.c | 254 + 0.11.10/common/nipper-cleanup.c | 215 + 0.11.10/common/nipper-cmdoptions.c | 468 ++ 0.11.10/common/nipper-common.c | 538 ++ 0.11.10/common/nipper-config.c | 315 ++ 0.11.10/common/nipper-defaults.c | 520 ++ 0.11.10/common/nipper-defs.c | 180 + 0.11.10/common/nipper-help.c | 433 ++ 0.11.10/common/nipper-input.c | 449 ++ 0.11.10/common/nipper-namemappings.c | 218 + 0.11.10/common/nipper-objects.c | 303 ++ 0.11.10/common/nipper-remote-snmp.c | 131 + 0.11.10/common/nipper-struct.c | 254 + 0.11.10/common/report-acl.c | 2363 ++++++++ 0.11.10/common/report-appendix.c | 566 ++ 0.11.10/common/report-debug.c | 131 + 0.11.10/common/report-functions.c | 1818 +++++++ 0.11.10/common/report-text.c | 1634 ++++++ 0.11.10/common/report-vulns.c | 219 + 0.11.10/common/report.c | 694 +++ 0.11.10/docs/.svn/all-wcprops | 29 + 0.11.10/docs/.svn/entries | 164 + .../docs/.svn/text-base/Features.txt.svn-base | 70 + .../docs/.svn/text-base/Options.txt.svn-base | 289 + .../.svn/text-base/Quickstart.txt.svn-base | 82 + 0.11.10/docs/.svn/text-base/XML.txt.svn-base | 448 ++ 0.11.10/docs/Features.txt | 70 + 0.11.10/docs/Options.txt | 289 + 0.11.10/docs/Quickstart.txt | 82 + 0.11.10/docs/XML.txt | 448 ++ 0.11.10/install.script | 22 + 0.11.10/man/.svn/all-wcprops | 17 + 0.11.10/man/.svn/entries | 96 + 0.11.10/man/.svn/text-base/nipper.1.svn-base | 53 + .../man/.svn/text-base/nipper.conf.5.svn-base | 172 + 0.11.10/man/nipper.1 | 53 + 0.11.10/man/nipper.conf.5 | 172 + 0.11.10/nipper | Bin 0 -> 827915 bytes 0.11.10/nipper.c | 487 ++ 0.11.10/nipper.conf | 173 + 0.11.10/nipper.ini | 148 + .../.svn/all-wcprops | 17 + .../3Com-SuperStack3-Firewall/.svn/entries | 96 + .../.svn/text-base/device.cpp.svn-base | 43 + .../.svn/text-base/device.h.svn-base | 46 + .../3Com-SuperStack3-Firewall/device.cpp | 43 + .../3Com-SuperStack3-Firewall/device.h | 46 + .../BayNetworks-Accelar/.svn/all-wcprops | 17 + .../BayNetworks-Accelar/.svn/entries | 96 + .../.svn/text-base/device.cpp.svn-base | 41 + .../.svn/text-base/device.h.svn-base | 46 + .../BayNetworks-Accelar/device.cpp | 41 + libnipper-0.12.6/BayNetworks-Accelar/device.h | 46 + libnipper-0.12.6/CMakeCache.txt | 243 + libnipper-0.12.6/CMakeFiles/.svn/all-wcprops | 53 + libnipper-0.12.6/CMakeFiles/.svn/entries | 306 ++ .../text-base/CMakeCXXCompiler.cmake.svn-base | 30 + .../CMakeDirectoryInformation.cmake.svn-base | 16 + .../.svn/text-base/CMakeOutput.log.svn-base | 21 + .../.svn/text-base/CMakeSystem.cmake.svn-base | 5 + .../.svn/text-base/Makefile.cmake.svn-base | 38 + .../.svn/text-base/Makefile2.svn-base | 85 + .../.svn/text-base/cmake.check_cache.svn-base | 1 + .../.svn/text-base/progress.make.svn-base | 1 + .../CMakeFiles/CMakeCXXCompiler.cmake | 30 + .../CMakeDirectoryInformation.cmake | 16 + libnipper-0.12.6/CMakeFiles/CMakeOutput.log | 21 + libnipper-0.12.6/CMakeFiles/CMakeSystem.cmake | 5 + .../CMakeFiles/CMakeTmp/.svn/all-wcprops | 5 + .../CMakeFiles/CMakeTmp/.svn/entries | 31 + .../CMakeTmp/CMakeFiles/.svn/all-wcprops | 5 + .../CMakeTmp/CMakeFiles/.svn/entries | 31 + .../cmTryCompileExec.dir/.svn/all-wcprops | 5 + .../cmTryCompileExec.dir/.svn/entries | 28 + libnipper-0.12.6/CMakeFiles/Makefile.cmake | 38 + libnipper-0.12.6/CMakeFiles/Makefile2 | 85 + libnipper-0.12.6/CMakeFiles/cmake.check_cache | 1 + .../CMakeFiles/nipper.dir/.svn/all-wcprops | 71 + .../CMakeFiles/nipper.dir/.svn/entries | 474 ++ .../.svn/text-base/CXX.includecache.svn-base | 3664 +++++++++++++ .../.svn/text-base/DependInfo.cmake.svn-base | 356 ++ .../.svn/text-base/build.make.svn-base | 4796 +++++++++++++++++ .../.svn/text-base/cmake_clean.cmake.svn-base | 180 + .../cmake_clean_target.cmake.svn-base | 4 + .../.svn/text-base/depend.internal.svn-base | 1664 ++++++ .../.svn/text-base/depend.make.mark.svn-base | 1 + .../.svn/text-base/depend.make.svn-base | 1664 ++++++ .../.svn/text-base/flags.make.svn-base | 5 + .../.svn/text-base/link.txt.svn-base | 1 + .../.svn/text-base/progress.make.svn-base | 176 + .../.svn/all-wcprops | 5 + .../3Com-SuperStack3-Firewall/.svn/entries | 28 + .../BayNetworks-Accelar/.svn/all-wcprops | 5 + .../BayNetworks-Accelar/.svn/entries | 28 + .../CMakeFiles/nipper.dir/CXX.includecache | 3664 +++++++++++++ .../CheckPoint-Firewall/.svn/all-wcprops | 5 + .../CheckPoint-Firewall/.svn/entries | 28 + .../CheckPoint-Management/.svn/all-wcprops | 5 + .../CheckPoint-Management/.svn/entries | 28 + .../nipper.dir/CheckPoint/.svn/all-wcprops | 5 + .../nipper.dir/CheckPoint/.svn/entries | 28 + .../nipper.dir/Cisco-CSS/.svn/all-wcprops | 5 + .../nipper.dir/Cisco-CSS/.svn/entries | 28 + .../Cisco-Catalyst-CatOS/.svn/all-wcprops | 5 + .../Cisco-Catalyst-CatOS/.svn/entries | 28 + .../Cisco-Catalyst-NMP/.svn/all-wcprops | 5 + .../Cisco-Catalyst-NMP/.svn/entries | 28 + .../Cisco-Catalyst/.svn/all-wcprops | 5 + .../nipper.dir/Cisco-Catalyst/.svn/entries | 28 + .../Cisco-IOS-Catalyst/.svn/all-wcprops | 5 + .../Cisco-IOS-Catalyst/.svn/entries | 28 + .../Cisco-IOS-Router/.svn/all-wcprops | 5 + .../nipper.dir/Cisco-IOS-Router/.svn/entries | 28 + .../nipper.dir/Cisco-IOS/.svn/all-wcprops | 5 + .../nipper.dir/Cisco-IOS/.svn/entries | 28 + .../Cisco-Security-ASA/.svn/all-wcprops | 5 + .../Cisco-Security-ASA/.svn/entries | 28 + .../Cisco-Security-FWSM/.svn/all-wcprops | 5 + .../Cisco-Security-FWSM/.svn/entries | 28 + .../Cisco-Security-PIX/.svn/all-wcprops | 5 + .../Cisco-Security-PIX/.svn/entries | 28 + .../Cisco-Security/.svn/all-wcprops | 5 + .../nipper.dir/Cisco-Security/.svn/entries | 28 + .../CMakeFiles/nipper.dir/DependInfo.cmake | 356 ++ .../nipper.dir/HP-ProCurve/.svn/all-wcprops | 5 + .../nipper.dir/HP-ProCurve/.svn/entries | 28 + .../Juniper-ScreenOS/.svn/all-wcprops | 5 + .../nipper.dir/Juniper-ScreenOS/.svn/entries | 28 + .../nipper.dir/Nokia-IP/.svn/all-wcprops | 5 + .../nipper.dir/Nokia-IP/.svn/entries | 28 + .../Nortel-Passport/.svn/all-wcprops | 5 + .../nipper.dir/Nortel-Passport/.svn/entries | 28 + .../Nortel-RoutingSwitch/.svn/all-wcprops | 5 + .../Nortel-RoutingSwitch/.svn/entries | 28 + .../SonicWALL-SonicOS/.svn/all-wcprops | 5 + .../nipper.dir/SonicWALL-SonicOS/.svn/entries | 28 + .../CMakeFiles/nipper.dir/build.make | 4796 +++++++++++++++++ .../CMakeFiles/nipper.dir/cmake_clean.cmake | 180 + .../nipper.dir/cmake_clean_target.cmake | 4 + .../CMakeFiles/nipper.dir/depend.internal | 1664 ++++++ .../CMakeFiles/nipper.dir/depend.make | 1664 ++++++ .../CMakeFiles/nipper.dir/depend.make.mark | 1 + .../nipper.dir/device/.svn/all-wcprops | 5 + .../CMakeFiles/nipper.dir/device/.svn/entries | 61 + .../device/administration/.svn/all-wcprops | 5 + .../device/administration/.svn/entries | 28 + .../device/authentication/.svn/all-wcprops | 5 + .../device/authentication/.svn/entries | 28 + .../nipper.dir/device/banner/.svn/all-wcprops | 5 + .../nipper.dir/device/banner/.svn/entries | 28 + .../nipper.dir/device/common/.svn/all-wcprops | 5 + .../nipper.dir/device/common/.svn/entries | 28 + .../nipper.dir/device/crypto/.svn/all-wcprops | 5 + .../nipper.dir/device/crypto/.svn/entries | 28 + .../nipper.dir/device/dns/.svn/all-wcprops | 5 + .../nipper.dir/device/dns/.svn/entries | 28 + .../nipper.dir/device/filter/.svn/all-wcprops | 5 + .../nipper.dir/device/filter/.svn/entries | 28 + .../device/general/.svn/all-wcprops | 5 + .../nipper.dir/device/general/.svn/entries | 28 + .../device/interfaces/.svn/all-wcprops | 5 + .../nipper.dir/device/interfaces/.svn/entries | 28 + .../device/reportgen/.svn/all-wcprops | 5 + .../nipper.dir/device/reportgen/.svn/entries | 28 + .../nipper.dir/device/snmp/.svn/all-wcprops | 5 + .../nipper.dir/device/snmp/.svn/entries | 28 + .../CMakeFiles/nipper.dir/flags.make | 5 + .../CMakeFiles/nipper.dir/link.txt | 1 + .../CMakeFiles/nipper.dir/progress.make | 176 + .../nipper.dir/report/.svn/all-wcprops | 5 + .../CMakeFiles/nipper.dir/report/.svn/entries | 28 + libnipper-0.12.6/CMakeFiles/progress.make | 1 + libnipper-0.12.6/CMakeLists.txt | 325 ++ libnipper-0.12.6/Changelog | 265 + .../CheckPoint-Firewall/.svn/all-wcprops | 17 + .../CheckPoint-Firewall/.svn/entries | 96 + .../.svn/text-base/device.cpp.svn-base | 41 + .../.svn/text-base/device.h.svn-base | 47 + .../CheckPoint-Firewall/device.cpp | 41 + libnipper-0.12.6/CheckPoint-Firewall/device.h | 47 + .../CheckPoint-Management/.svn/all-wcprops | 17 + .../CheckPoint-Management/.svn/entries | 96 + .../.svn/text-base/device.cpp.svn-base | 41 + .../.svn/text-base/device.h.svn-base | 46 + .../CheckPoint-Management/device.cpp | 41 + .../CheckPoint-Management/device.h | 46 + libnipper-0.12.6/CheckPoint/.svn/all-wcprops | 65 + libnipper-0.12.6/CheckPoint/.svn/entries | 368 ++ .../text-base/device-policies.cpp.svn-base | 136 + .../.svn/text-base/device.cpp.svn-base | 429 ++ .../.svn/text-base/device.h.svn-base | 65 + .../text-base/filter-objects.cpp.svn-base | 599 ++ .../.svn/text-base/filter-rules.cpp.svn-base | 901 ++++ .../text-base/filter-services.cpp.svn-base | 289 + .../.svn/text-base/filter.cpp.svn-base | 481 ++ .../.svn/text-base/filter.h.svn-base | 59 + .../.svn/text-base/general.cpp.svn-base | 143 + .../.svn/text-base/general.h.svn-base | 53 + .../CheckPoint/device-policies.cpp | 136 + libnipper-0.12.6/CheckPoint/device.cpp | 429 ++ libnipper-0.12.6/CheckPoint/device.h | 65 + .../CheckPoint/filter-objects.cpp | 599 ++ libnipper-0.12.6/CheckPoint/filter-rules.cpp | 901 ++++ .../CheckPoint/filter-services.cpp | 289 + libnipper-0.12.6/CheckPoint/filter.cpp | 481 ++ libnipper-0.12.6/CheckPoint/filter.h | 59 + libnipper-0.12.6/CheckPoint/general.cpp | 143 + libnipper-0.12.6/CheckPoint/general.h | 53 + libnipper-0.12.6/Cisco-CSS/.svn/all-wcprops | 119 + libnipper-0.12.6/Cisco-CSS/.svn/entries | 674 +++ .../text-base/administration.cpp.svn-base | 515 ++ .../.svn/text-base/administration.h.svn-base | 60 + .../text-base/authentication.cpp.svn-base | 387 ++ .../.svn/text-base/authentication.h.svn-base | 60 + .../.svn/text-base/banner.cpp.svn-base | 69 + .../.svn/text-base/banner.h.svn-base | 48 + .../.svn/text-base/device.cpp.svn-base | 235 + .../.svn/text-base/device.h.svn-base | 51 + .../Cisco-CSS/.svn/text-base/dns.cpp.svn-base | 174 + .../Cisco-CSS/.svn/text-base/dns.h.svn-base | 50 + .../.svn/text-base/filter.cpp.svn-base | 620 +++ .../.svn/text-base/filter.h.svn-base | 53 + .../.svn/text-base/general.cpp.svn-base | 195 + .../.svn/text-base/general.h.svn-base | 55 + .../.svn/text-base/interfaces.cpp.svn-base | 232 + .../.svn/text-base/interfaces.h.svn-base | 50 + .../.svn/text-base/snmp-report.cpp.svn-base | 212 + .../.svn/text-base/snmp.cpp.svn-base | 276 + .../Cisco-CSS/.svn/text-base/snmp.h.svn-base | 55 + libnipper-0.12.6/Cisco-CSS/administration.cpp | 515 ++ libnipper-0.12.6/Cisco-CSS/administration.h | 60 + libnipper-0.12.6/Cisco-CSS/authentication.cpp | 387 ++ libnipper-0.12.6/Cisco-CSS/authentication.h | 60 + libnipper-0.12.6/Cisco-CSS/banner.cpp | 69 + libnipper-0.12.6/Cisco-CSS/banner.h | 48 + libnipper-0.12.6/Cisco-CSS/device.cpp | 235 + libnipper-0.12.6/Cisco-CSS/device.h | 51 + libnipper-0.12.6/Cisco-CSS/dns.cpp | 174 + libnipper-0.12.6/Cisco-CSS/dns.h | 50 + libnipper-0.12.6/Cisco-CSS/filter.cpp | 620 +++ libnipper-0.12.6/Cisco-CSS/filter.h | 53 + libnipper-0.12.6/Cisco-CSS/general.cpp | 195 + libnipper-0.12.6/Cisco-CSS/general.h | 55 + libnipper-0.12.6/Cisco-CSS/interfaces.cpp | 232 + libnipper-0.12.6/Cisco-CSS/interfaces.h | 50 + libnipper-0.12.6/Cisco-CSS/snmp-report.cpp | 212 + libnipper-0.12.6/Cisco-CSS/snmp.cpp | 276 + libnipper-0.12.6/Cisco-CSS/snmp.h | 55 + .../Cisco-Catalyst-CatOS/.svn/all-wcprops | 17 + .../Cisco-Catalyst-CatOS/.svn/entries | 96 + .../.svn/text-base/device.cpp.svn-base | 94 + .../.svn/text-base/device.h.svn-base | 47 + .../Cisco-Catalyst-CatOS/device.cpp | 94 + .../Cisco-Catalyst-CatOS/device.h | 47 + .../Cisco-Catalyst-NMP/.svn/all-wcprops | 17 + .../Cisco-Catalyst-NMP/.svn/entries | 96 + .../.svn/text-base/device.cpp.svn-base | 87 + .../.svn/text-base/device.h.svn-base | 47 + .../Cisco-Catalyst-NMP/device.cpp | 87 + libnipper-0.12.6/Cisco-Catalyst-NMP/device.h | 47 + .../Cisco-Catalyst/.svn/all-wcprops | 101 + libnipper-0.12.6/Cisco-Catalyst/.svn/entries | 572 ++ .../text-base/administration.cpp.svn-base | 257 + .../.svn/text-base/administration.h.svn-base | 51 + .../text-base/authentication.cpp.svn-base | 300 ++ .../.svn/text-base/authentication.h.svn-base | 57 + .../.svn/text-base/banner.cpp.svn-base | 250 + .../.svn/text-base/banner.h.svn-base | 55 + .../.svn/text-base/device.cpp.svn-base | 233 + .../.svn/text-base/device.h.svn-base | 49 + .../.svn/text-base/dns.cpp.svn-base | 129 + .../.svn/text-base/dns.h.svn-base | 50 + .../.svn/text-base/general.cpp.svn-base | 182 + .../.svn/text-base/general.h.svn-base | 57 + .../.svn/text-base/interfaces.cpp.svn-base | 422 ++ .../.svn/text-base/interfaces.h.svn-base | 52 + .../.svn/text-base/snmp.cpp.svn-base | 569 ++ .../.svn/text-base/snmp.h.svn-base | 55 + .../Cisco-Catalyst/administration.cpp | 257 + .../Cisco-Catalyst/administration.h | 51 + .../Cisco-Catalyst/authentication.cpp | 300 ++ .../Cisco-Catalyst/authentication.h | 57 + libnipper-0.12.6/Cisco-Catalyst/banner.cpp | 250 + libnipper-0.12.6/Cisco-Catalyst/banner.h | 55 + libnipper-0.12.6/Cisco-Catalyst/device.cpp | 233 + libnipper-0.12.6/Cisco-Catalyst/device.h | 49 + libnipper-0.12.6/Cisco-Catalyst/dns.cpp | 129 + libnipper-0.12.6/Cisco-Catalyst/dns.h | 50 + libnipper-0.12.6/Cisco-Catalyst/general.cpp | 182 + libnipper-0.12.6/Cisco-Catalyst/general.h | 57 + .../Cisco-Catalyst/interfaces.cpp | 422 ++ libnipper-0.12.6/Cisco-Catalyst/interfaces.h | 52 + libnipper-0.12.6/Cisco-Catalyst/snmp.cpp | 569 ++ libnipper-0.12.6/Cisco-Catalyst/snmp.h | 55 + .../Cisco-IOS-Catalyst/.svn/all-wcprops | 17 + .../Cisco-IOS-Catalyst/.svn/entries | 96 + .../.svn/text-base/device.cpp.svn-base | 102 + .../.svn/text-base/device.h.svn-base | 48 + .../Cisco-IOS-Catalyst/device.cpp | 102 + libnipper-0.12.6/Cisco-IOS-Catalyst/device.h | 48 + .../Cisco-IOS-Router/.svn/all-wcprops | 17 + .../Cisco-IOS-Router/.svn/entries | 96 + .../.svn/text-base/device.cpp.svn-base | 92 + .../.svn/text-base/device.h.svn-base | 47 + libnipper-0.12.6/Cisco-IOS-Router/device.cpp | 92 + libnipper-0.12.6/Cisco-IOS-Router/device.h | 47 + libnipper-0.12.6/Cisco-IOS/.svn/all-wcprops | 137 + libnipper-0.12.6/Cisco-IOS/.svn/entries | 776 +++ .../administration-line.cpp.svn-base | 326 ++ .../administration-report.cpp.svn-base | 329 ++ .../administration-security.cpp.svn-base | 993 ++++ .../text-base/administration.cpp.svn-base | 862 +++ .../.svn/text-base/administration.h.svn-base | 133 + .../text-base/authentication.cpp.svn-base | 784 +++ .../.svn/text-base/authentication.h.svn-base | 67 + .../.svn/text-base/banner.cpp.svn-base | 446 ++ .../.svn/text-base/banner.h.svn-base | 49 + .../Cisco-IOS/.svn/text-base/dns.cpp.svn-base | 323 ++ .../Cisco-IOS/.svn/text-base/dns.h.svn-base | 55 + .../.svn/text-base/filter.cpp.svn-base | 828 +++ .../.svn/text-base/filter.h.svn-base | 66 + .../.svn/text-base/general.cpp.svn-base | 216 + .../.svn/text-base/general.h.svn-base | 57 + .../.svn/text-base/interfaces.cpp.svn-base | 783 +++ .../.svn/text-base/interfaces.h.svn-base | 49 + .../.svn/text-base/iosdevice.cpp.svn-base | 325 ++ .../.svn/text-base/iosdevice.h.svn-base | 50 + .../.svn/text-base/snmp-report.cpp.svn-base | 419 ++ .../.svn/text-base/snmp.cpp.svn-base | 662 +++ .../Cisco-IOS/.svn/text-base/snmp.h.svn-base | 61 + .../Cisco-IOS/administration-line.cpp | 326 ++ .../Cisco-IOS/administration-report.cpp | 329 ++ .../Cisco-IOS/administration-security.cpp | 993 ++++ libnipper-0.12.6/Cisco-IOS/administration.cpp | 862 +++ libnipper-0.12.6/Cisco-IOS/administration.h | 133 + libnipper-0.12.6/Cisco-IOS/authentication.cpp | 784 +++ libnipper-0.12.6/Cisco-IOS/authentication.h | 67 + libnipper-0.12.6/Cisco-IOS/banner.cpp | 446 ++ libnipper-0.12.6/Cisco-IOS/banner.h | 49 + libnipper-0.12.6/Cisco-IOS/dns.cpp | 323 ++ libnipper-0.12.6/Cisco-IOS/dns.h | 55 + libnipper-0.12.6/Cisco-IOS/filter.cpp | 828 +++ libnipper-0.12.6/Cisco-IOS/filter.h | 66 + libnipper-0.12.6/Cisco-IOS/general.cpp | 216 + libnipper-0.12.6/Cisco-IOS/general.h | 57 + libnipper-0.12.6/Cisco-IOS/interfaces.cpp | 783 +++ libnipper-0.12.6/Cisco-IOS/interfaces.h | 49 + libnipper-0.12.6/Cisco-IOS/iosdevice.cpp | 325 ++ libnipper-0.12.6/Cisco-IOS/iosdevice.h | 50 + libnipper-0.12.6/Cisco-IOS/snmp-report.cpp | 419 ++ libnipper-0.12.6/Cisco-IOS/snmp.cpp | 662 +++ libnipper-0.12.6/Cisco-IOS/snmp.h | 61 + .../Cisco-Security-ASA/.svn/all-wcprops | 41 + .../Cisco-Security-ASA/.svn/entries | 232 + .../text-base/administration.cpp.svn-base | 68 + .../.svn/text-base/administration.h.svn-base | 46 + .../.svn/text-base/device.cpp.svn-base | 110 + .../.svn/text-base/device.h.svn-base | 51 + .../.svn/text-base/general.cpp.svn-base | 55 + .../.svn/text-base/general.h.svn-base | 50 + .../Cisco-Security-ASA/administration.cpp | 68 + .../Cisco-Security-ASA/administration.h | 46 + .../Cisco-Security-ASA/device.cpp | 110 + libnipper-0.12.6/Cisco-Security-ASA/device.h | 51 + .../Cisco-Security-ASA/general.cpp | 55 + libnipper-0.12.6/Cisco-Security-ASA/general.h | 50 + .../Cisco-Security-FWSM/.svn/all-wcprops | 29 + .../Cisco-Security-FWSM/.svn/entries | 164 + .../text-base/administration.cpp.svn-base | 94 + .../.svn/text-base/administration.h.svn-base | 48 + .../.svn/text-base/device.cpp.svn-base | 109 + .../.svn/text-base/device.h.svn-base | 50 + .../Cisco-Security-FWSM/administration.cpp | 94 + .../Cisco-Security-FWSM/administration.h | 48 + .../Cisco-Security-FWSM/device.cpp | 109 + libnipper-0.12.6/Cisco-Security-FWSM/device.h | 50 + .../Cisco-Security-PIX/.svn/all-wcprops | 29 + .../Cisco-Security-PIX/.svn/entries | 164 + .../text-base/administration.cpp.svn-base | 104 + .../.svn/text-base/administration.h.svn-base | 48 + .../.svn/text-base/device.cpp.svn-base | 109 + .../.svn/text-base/device.h.svn-base | 50 + .../Cisco-Security-PIX/administration.cpp | 104 + .../Cisco-Security-PIX/administration.h | 48 + .../Cisco-Security-PIX/device.cpp | 109 + libnipper-0.12.6/Cisco-Security-PIX/device.h | 50 + .../Cisco-Security/.svn/all-wcprops | 113 + libnipper-0.12.6/Cisco-Security/.svn/entries | 640 +++ .../text-base/administration.cpp.svn-base | 593 ++ .../.svn/text-base/administration.h.svn-base | 71 + .../text-base/authentication.cpp.svn-base | 841 +++ .../.svn/text-base/authentication.h.svn-base | 62 + .../.svn/text-base/banner.cpp.svn-base | 139 + .../.svn/text-base/banner.h.svn-base | 49 + .../.svn/text-base/device.cpp.svn-base | 311 ++ .../.svn/text-base/device.h.svn-base | 51 + .../.svn/text-base/dns.cpp.svn-base | 308 ++ .../.svn/text-base/dns.h.svn-base | 54 + .../.svn/text-base/filter.cpp.svn-base | 991 ++++ .../.svn/text-base/filter.h.svn-base | 61 + .../.svn/text-base/general.cpp.svn-base | 115 + .../.svn/text-base/general.h.svn-base | 57 + .../.svn/text-base/interfaces.cpp.svn-base | 279 + .../.svn/text-base/interfaces.h.svn-base | 49 + .../.svn/text-base/snmp.cpp.svn-base | 299 + .../.svn/text-base/snmp.h.svn-base | 50 + .../Cisco-Security/administration.cpp | 593 ++ .../Cisco-Security/administration.h | 71 + .../Cisco-Security/authentication.cpp | 841 +++ .../Cisco-Security/authentication.h | 62 + libnipper-0.12.6/Cisco-Security/banner.cpp | 139 + libnipper-0.12.6/Cisco-Security/banner.h | 49 + libnipper-0.12.6/Cisco-Security/device.cpp | 311 ++ libnipper-0.12.6/Cisco-Security/device.h | 51 + libnipper-0.12.6/Cisco-Security/dns.cpp | 308 ++ libnipper-0.12.6/Cisco-Security/dns.h | 54 + libnipper-0.12.6/Cisco-Security/filter.cpp | 991 ++++ libnipper-0.12.6/Cisco-Security/filter.h | 61 + libnipper-0.12.6/Cisco-Security/general.cpp | 115 + libnipper-0.12.6/Cisco-Security/general.h | 57 + .../Cisco-Security/interfaces.cpp | 279 + libnipper-0.12.6/Cisco-Security/interfaces.h | 49 + libnipper-0.12.6/Cisco-Security/snmp.cpp | 299 + libnipper-0.12.6/Cisco-Security/snmp.h | 50 + libnipper-0.12.6/HP-ProCurve/.svn/all-wcprops | 107 + libnipper-0.12.6/HP-ProCurve/.svn/entries | 606 +++ .../text-base/administration.cpp.svn-base | 573 ++ .../.svn/text-base/administration.h.svn-base | 68 + .../text-base/authentication.cpp.svn-base | 285 + .../.svn/text-base/authentication.h.svn-base | 66 + .../.svn/text-base/banner.cpp.svn-base | 111 + .../.svn/text-base/banner.h.svn-base | 49 + .../.svn/text-base/device.cpp.svn-base | 226 + .../.svn/text-base/device.h.svn-base | 50 + .../.svn/text-base/dns.cpp.svn-base | 140 + .../HP-ProCurve/.svn/text-base/dns.h.svn-base | 54 + .../.svn/text-base/general.cpp.svn-base | 167 + .../.svn/text-base/general.h.svn-base | 56 + .../.svn/text-base/interfaces.cpp.svn-base | 160 + .../.svn/text-base/interfaces.h.svn-base | 50 + .../.svn/text-base/snmp-report.cpp.svn-base | 342 ++ .../.svn/text-base/snmp.cpp.svn-base | 359 ++ .../.svn/text-base/snmp.h.svn-base | 54 + .../HP-ProCurve/administration.cpp | 573 ++ libnipper-0.12.6/HP-ProCurve/administration.h | 68 + .../HP-ProCurve/authentication.cpp | 285 + libnipper-0.12.6/HP-ProCurve/authentication.h | 66 + libnipper-0.12.6/HP-ProCurve/banner.cpp | 111 + libnipper-0.12.6/HP-ProCurve/banner.h | 49 + libnipper-0.12.6/HP-ProCurve/device.cpp | 226 + libnipper-0.12.6/HP-ProCurve/device.h | 50 + libnipper-0.12.6/HP-ProCurve/dns.cpp | 140 + libnipper-0.12.6/HP-ProCurve/dns.h | 54 + libnipper-0.12.6/HP-ProCurve/general.cpp | 167 + libnipper-0.12.6/HP-ProCurve/general.h | 56 + libnipper-0.12.6/HP-ProCurve/interfaces.cpp | 160 + libnipper-0.12.6/HP-ProCurve/interfaces.h | 50 + libnipper-0.12.6/HP-ProCurve/snmp-report.cpp | 342 ++ libnipper-0.12.6/HP-ProCurve/snmp.cpp | 359 ++ libnipper-0.12.6/HP-ProCurve/snmp.h | 54 + .../Juniper-ScreenOS/.svn/all-wcprops | 119 + .../Juniper-ScreenOS/.svn/entries | 674 +++ .../administration-report.cpp.svn-base | 168 + .../text-base/administration.cpp.svn-base | 702 +++ .../.svn/text-base/administration.h.svn-base | 91 + .../text-base/authentication.cpp.svn-base | 626 +++ .../.svn/text-base/authentication.h.svn-base | 65 + .../.svn/text-base/banner.cpp.svn-base | 121 + .../.svn/text-base/banner.h.svn-base | 49 + .../.svn/text-base/device.cpp.svn-base | 398 ++ .../.svn/text-base/device.h.svn-base | 50 + .../.svn/text-base/dns.cpp.svn-base | 172 + .../.svn/text-base/dns.h.svn-base | 50 + .../.svn/text-base/filter.cpp.svn-base | 916 ++++ .../.svn/text-base/filter.h.svn-base | 70 + .../.svn/text-base/general.cpp.svn-base | 157 + .../.svn/text-base/general.h.svn-base | 58 + .../.svn/text-base/interfaces.cpp.svn-base | 293 + .../.svn/text-base/interfaces.h.svn-base | 50 + .../.svn/text-base/snmp.cpp.svn-base | 400 ++ .../.svn/text-base/snmp.h.svn-base | 56 + .../administration-report.cpp | 168 + .../Juniper-ScreenOS/administration.cpp | 702 +++ .../Juniper-ScreenOS/administration.h | 91 + .../Juniper-ScreenOS/authentication.cpp | 626 +++ .../Juniper-ScreenOS/authentication.h | 65 + libnipper-0.12.6/Juniper-ScreenOS/banner.cpp | 121 + libnipper-0.12.6/Juniper-ScreenOS/banner.h | 49 + libnipper-0.12.6/Juniper-ScreenOS/device.cpp | 398 ++ libnipper-0.12.6/Juniper-ScreenOS/device.h | 50 + libnipper-0.12.6/Juniper-ScreenOS/dns.cpp | 172 + libnipper-0.12.6/Juniper-ScreenOS/dns.h | 50 + libnipper-0.12.6/Juniper-ScreenOS/filter.cpp | 916 ++++ libnipper-0.12.6/Juniper-ScreenOS/filter.h | 70 + libnipper-0.12.6/Juniper-ScreenOS/general.cpp | 157 + libnipper-0.12.6/Juniper-ScreenOS/general.h | 58 + .../Juniper-ScreenOS/interfaces.cpp | 293 + .../Juniper-ScreenOS/interfaces.h | 50 + libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp | 400 ++ libnipper-0.12.6/Juniper-ScreenOS/snmp.h | 56 + libnipper-0.12.6/LICENSE | 648 +++ libnipper-0.12.6/Makefile | 2773 ++++++++++ libnipper-0.12.6/Nokia-IP/.svn/all-wcprops | 17 + libnipper-0.12.6/Nokia-IP/.svn/entries | 96 + .../.svn/text-base/device.cpp.svn-base | 42 + .../Nokia-IP/.svn/text-base/device.h.svn-base | 47 + libnipper-0.12.6/Nokia-IP/device.cpp | 42 + libnipper-0.12.6/Nokia-IP/device.h | 47 + .../Nortel-Passport/.svn/all-wcprops | 89 + libnipper-0.12.6/Nortel-Passport/.svn/entries | 504 ++ .../text-base/administration.cpp.svn-base | 165 + .../.svn/text-base/administration.h.svn-base | 58 + .../.svn/text-base/banner.cpp.svn-base | 127 + .../.svn/text-base/banner.h.svn-base | 49 + .../.svn/text-base/device.cpp.svn-base | 209 + .../.svn/text-base/device.h.svn-base | 50 + .../.svn/text-base/filter.cpp.svn-base | 541 ++ .../.svn/text-base/filter.h.svn-base | 53 + .../.svn/text-base/general.cpp.svn-base | 175 + .../.svn/text-base/general.h.svn-base | 56 + .../.svn/text-base/interfaces.cpp.svn-base | 197 + .../.svn/text-base/interfaces.h.svn-base | 50 + .../.svn/text-base/snmp.cpp.svn-base | 195 + .../.svn/text-base/snmp.h.svn-base | 50 + .../Nortel-Passport/administration.cpp | 165 + .../Nortel-Passport/administration.h | 58 + libnipper-0.12.6/Nortel-Passport/banner.cpp | 127 + libnipper-0.12.6/Nortel-Passport/banner.h | 49 + libnipper-0.12.6/Nortel-Passport/device.cpp | 209 + libnipper-0.12.6/Nortel-Passport/device.h | 50 + libnipper-0.12.6/Nortel-Passport/filter.cpp | 541 ++ libnipper-0.12.6/Nortel-Passport/filter.h | 53 + libnipper-0.12.6/Nortel-Passport/general.cpp | 175 + libnipper-0.12.6/Nortel-Passport/general.h | 56 + .../Nortel-Passport/interfaces.cpp | 197 + libnipper-0.12.6/Nortel-Passport/interfaces.h | 50 + libnipper-0.12.6/Nortel-Passport/snmp.cpp | 195 + libnipper-0.12.6/Nortel-Passport/snmp.h | 50 + .../Nortel-RoutingSwitch/.svn/all-wcprops | 17 + .../Nortel-RoutingSwitch/.svn/entries | 96 + .../.svn/text-base/device.cpp.svn-base | 41 + .../.svn/text-base/device.h.svn-base | 46 + .../Nortel-RoutingSwitch/device.cpp | 41 + .../Nortel-RoutingSwitch/device.h | 46 + .../SonicWALL-SonicOS/.svn/all-wcprops | 83 + .../SonicWALL-SonicOS/.svn/entries | 470 ++ .../administration-report.cpp.svn-base | 144 + .../text-base/administration.cpp.svn-base | 475 ++ .../.svn/text-base/administration.h.svn-base | 77 + .../.svn/text-base/device.cpp.svn-base | 262 + .../.svn/text-base/device.h.svn-base | 54 + .../.svn/text-base/dns.cpp.svn-base | 102 + .../.svn/text-base/dns.h.svn-base | 50 + .../.svn/text-base/filter.cpp.svn-base | 1294 +++++ .../.svn/text-base/filter.h.svn-base | 52 + .../.svn/text-base/general.cpp.svn-base | 134 + .../.svn/text-base/general.h.svn-base | 56 + .../.svn/text-base/snmp.cpp.svn-base | 214 + .../.svn/text-base/snmp.h.svn-base | 53 + .../administration-report.cpp | 144 + .../SonicWALL-SonicOS/administration.cpp | 475 ++ .../SonicWALL-SonicOS/administration.h | 77 + libnipper-0.12.6/SonicWALL-SonicOS/device.cpp | 262 + libnipper-0.12.6/SonicWALL-SonicOS/device.h | 54 + libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp | 102 + libnipper-0.12.6/SonicWALL-SonicOS/dns.h | 50 + libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp | 1294 +++++ libnipper-0.12.6/SonicWALL-SonicOS/filter.h | 52 + .../SonicWALL-SonicOS/general.cpp | 134 + libnipper-0.12.6/SonicWALL-SonicOS/general.h | 56 + libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp | 214 + libnipper-0.12.6/SonicWALL-SonicOS/snmp.h | 53 + libnipper-0.12.6/TODO | 67 + .../Template-Device/.svn/all-wcprops | 113 + libnipper-0.12.6/Template-Device/.svn/entries | 640 +++ .../text-base/administration.cpp.svn-base | 173 + .../.svn/text-base/administration.h.svn-base | 58 + .../text-base/authentication.cpp.svn-base | 108 + .../.svn/text-base/authentication.h.svn-base | 54 + .../.svn/text-base/banner.cpp.svn-base | 52 + .../.svn/text-base/banner.h.svn-base | 49 + .../.svn/text-base/device.cpp.svn-base | 86 + .../.svn/text-base/device.h.svn-base | 48 + .../.svn/text-base/dns.cpp.svn-base | 82 + .../.svn/text-base/dns.h.svn-base | 50 + .../.svn/text-base/filter.cpp.svn-base | 174 + .../.svn/text-base/filter.h.svn-base | 52 + .../.svn/text-base/general.cpp.svn-base | 141 + .../.svn/text-base/general.h.svn-base | 53 + .../.svn/text-base/interfaces.cpp.svn-base | 85 + .../.svn/text-base/interfaces.h.svn-base | 50 + .../.svn/text-base/snmp.cpp.svn-base | 173 + .../.svn/text-base/snmp.h.svn-base | 50 + .../Template-Device/administration.cpp | 173 + .../Template-Device/administration.h | 58 + .../Template-Device/authentication.cpp | 108 + .../Template-Device/authentication.h | 54 + libnipper-0.12.6/Template-Device/banner.cpp | 52 + libnipper-0.12.6/Template-Device/banner.h | 49 + libnipper-0.12.6/Template-Device/device.cpp | 86 + libnipper-0.12.6/Template-Device/device.h | 48 + libnipper-0.12.6/Template-Device/dns.cpp | 82 + libnipper-0.12.6/Template-Device/dns.h | 50 + libnipper-0.12.6/Template-Device/filter.cpp | 174 + libnipper-0.12.6/Template-Device/filter.h | 52 + libnipper-0.12.6/Template-Device/general.cpp | 141 + libnipper-0.12.6/Template-Device/general.h | 53 + .../Template-Device/interfaces.cpp | 85 + libnipper-0.12.6/Template-Device/interfaces.h | 50 + libnipper-0.12.6/Template-Device/snmp.cpp | 173 + libnipper-0.12.6/Template-Device/snmp.h | 50 + libnipper-0.12.6/cmake_install.cmake | 48 + libnipper-0.12.6/config.cpp | 958 ++++ libnipper-0.12.6/config.h | 549 ++ libnipper-0.12.6/device/.svn/all-wcprops | 23 + libnipper-0.12.6/device/.svn/entries | 163 + .../device/.svn/text-base/device.cpp.svn-base | 486 ++ .../device/.svn/text-base/device.h.svn-base | 849 +++ .../.svn/text-base/errortext.h.svn-base | 42 + .../device/administration/.svn/all-wcprops | 77 + .../device/administration/.svn/entries | 436 ++ .../administration-bootp.cpp.svn-base | 126 + .../administration-finger.cpp.svn-base | 128 + .../text-base/administration-ftp.cpp.svn-base | 370 ++ .../administration-general.cpp.svn-base | 244 + .../administration-hosts.cpp.svn-base | 221 + .../administration-http.cpp.svn-base | 744 +++ .../text-base/administration-ssh.cpp.svn-base | 404 ++ .../administration-telnet.cpp.svn-base | 377 ++ .../administration-tftp.cpp.svn-base | 361 ++ .../administration-timeout.cpp.svn-base | 625 +++ .../text-base/administration.cpp.svn-base | 737 +++ .../.svn/text-base/administration.h.svn-base | 371 ++ .../administration/administration-bootp.cpp | 126 + .../administration/administration-finger.cpp | 128 + .../administration/administration-ftp.cpp | 370 ++ .../administration/administration-general.cpp | 244 + .../administration/administration-hosts.cpp | 221 + .../administration/administration-http.cpp | 744 +++ .../administration/administration-ssh.cpp | 404 ++ .../administration/administration-telnet.cpp | 377 ++ .../administration/administration-tftp.cpp | 361 ++ .../administration/administration-timeout.cpp | 625 +++ .../device/administration/administration.cpp | 737 +++ .../device/administration/administration.h | 371 ++ .../device/authentication/.svn/all-wcprops | 65 + .../device/authentication/.svn/entries | 368 ++ .../authentication-general.cpp.svn-base | 337 ++ .../authentication-kerberos.cpp.svn-base | 123 + .../authentication-ldap.cpp.svn-base | 385 ++ .../text-base/authentication-nt.cpp.svn-base | 104 + .../authentication-radius.cpp.svn-base | 472 ++ .../authentication-securid.cpp.svn-base | 121 + .../authentication-tacacs.cpp.svn-base | 485 ++ .../authentication-users.cpp.svn-base | 580 ++ .../text-base/authentication.cpp.svn-base | 188 + .../.svn/text-base/authentication.h.svn-base | 360 ++ .../authentication/authentication-general.cpp | 337 ++ .../authentication-kerberos.cpp | 123 + .../authentication/authentication-ldap.cpp | 385 ++ .../authentication/authentication-nt.cpp | 104 + .../authentication/authentication-radius.cpp | 472 ++ .../authentication/authentication-securid.cpp | 121 + .../authentication/authentication-tacacs.cpp | 485 ++ .../authentication/authentication-users.cpp | 580 ++ .../device/authentication/authentication.cpp | 188 + .../device/authentication/authentication.h | 360 ++ .../device/banner/.svn/all-wcprops | 23 + libnipper-0.12.6/device/banner/.svn/entries | 130 + .../.svn/text-base/banner-report.cpp.svn-base | 538 ++ .../banner/.svn/text-base/banner.cpp.svn-base | 150 + .../banner/.svn/text-base/banner.h.svn-base | 128 + .../device/banner/banner-report.cpp | 538 ++ libnipper-0.12.6/device/banner/banner.cpp | 150 + libnipper-0.12.6/device/banner/banner.h | 128 + .../device/common/.svn/all-wcprops | 59 + libnipper-0.12.6/device/common/.svn/entries | 334 ++ .../.svn/text-base/configline.cpp.svn-base | 172 + .../.svn/text-base/configline.h.svn-base | 83 + .../.svn/text-base/deviceconfig.cpp.svn-base | 81 + .../.svn/text-base/deviceconfig.h.svn-base | 59 + .../common/.svn/text-base/file.cpp.svn-base | 123 + .../common/.svn/text-base/misc.cpp.svn-base | 428 ++ .../.svn/text-base/paragraph.cpp.svn-base | 230 + .../.svn/text-base/passwords.cpp.svn-base | 430 ++ .../common/.svn/text-base/tables.cpp.svn-base | 158 + libnipper-0.12.6/device/common/configline.cpp | 172 + libnipper-0.12.6/device/common/configline.h | 83 + .../device/common/deviceconfig.cpp | 81 + libnipper-0.12.6/device/common/deviceconfig.h | 59 + libnipper-0.12.6/device/common/file.cpp | 123 + libnipper-0.12.6/device/common/misc.cpp | 428 ++ libnipper-0.12.6/device/common/paragraph.cpp | 230 + libnipper-0.12.6/device/common/passwords.cpp | 430 ++ libnipper-0.12.6/device/common/tables.cpp | 158 + .../device/crypto/.svn/all-wcprops | 23 + libnipper-0.12.6/device/crypto/.svn/entries | 130 + .../.svn/text-base/crypto-base64.cpp.svn-base | 119 + .../text-base/crypto-ciscotype7.cpp.svn-base | 105 + .../.svn/text-base/crypto-url.cpp.svn-base | 85 + .../device/crypto/crypto-base64.cpp | 119 + .../device/crypto/crypto-ciscotype7.cpp | 105 + libnipper-0.12.6/device/crypto/crypto-url.cpp | 85 + libnipper-0.12.6/device/device.cpp | 486 ++ libnipper-0.12.6/device/device.h | 849 +++ libnipper-0.12.6/device/dns/.svn/all-wcprops | 23 + libnipper-0.12.6/device/dns/.svn/entries | 130 + .../.svn/text-base/dns-report.cpp.svn-base | 435 ++ .../dns/.svn/text-base/dns.cpp.svn-base | 286 + .../device/dns/.svn/text-base/dns.h.svn-base | 140 + libnipper-0.12.6/device/dns/dns-report.cpp | 435 ++ libnipper-0.12.6/device/dns/dns.cpp | 286 + libnipper-0.12.6/device/dns/dns.h | 140 + libnipper-0.12.6/device/errortext.h | 42 + .../device/filter/.svn/all-wcprops | 53 + libnipper-0.12.6/device/filter/.svn/entries | 300 ++ .../filter-filter-report.cpp.svn-base | 645 +++ .../.svn/text-base/filter-filter.cpp.svn-base | 633 +++ .../filter-object-report.cpp.svn-base | 688 +++ .../.svn/text-base/filter-object.cpp.svn-base | 419 ++ .../filter-security-report.cpp.svn-base | 2548 +++++++++ .../text-base/filter-security.cpp.svn-base | 2012 +++++++ .../filter/.svn/text-base/filter.cpp.svn-base | 828 +++ .../filter/.svn/text-base/filter.h.svn-base | 584 ++ .../device/filter/filter-filter-report.cpp | 645 +++ .../device/filter/filter-filter.cpp | 633 +++ .../device/filter/filter-object-report.cpp | 688 +++ .../device/filter/filter-object.cpp | 419 ++ .../device/filter/filter-security-report.cpp | 2548 +++++++++ .../device/filter/filter-security.cpp | 2012 +++++++ libnipper-0.12.6/device/filter/filter.cpp | 828 +++ libnipper-0.12.6/device/filter/filter.h | 584 ++ .../device/general/.svn/all-wcprops | 17 + libnipper-0.12.6/device/general/.svn/entries | 96 + .../.svn/text-base/general.cpp.svn-base | 353 ++ .../general/.svn/text-base/general.h.svn-base | 115 + libnipper-0.12.6/device/general/general.cpp | 353 ++ libnipper-0.12.6/device/general/general.h | 115 + .../device/interfaces/.svn/all-wcprops | 35 + .../device/interfaces/.svn/entries | 198 + .../interfaces-interface.cpp.svn-base | 303 ++ .../text-base/interfaces-report.cpp.svn-base | 457 ++ .../interfaces-security.cpp.svn-base | 1452 +++++ .../.svn/text-base/interfaces.cpp.svn-base | 222 + .../.svn/text-base/interfaces.h.svn-base | 223 + .../interfaces/interfaces-interface.cpp | 303 ++ .../device/interfaces/interfaces-report.cpp | 457 ++ .../device/interfaces/interfaces-security.cpp | 1452 +++++ .../device/interfaces/interfaces.cpp | 222 + .../device/interfaces/interfaces.h | 223 + .../device/reportgen/.svn/all-wcprops | 53 + .../device/reportgen/.svn/entries | 300 ++ .../report-abbreviations.cpp.svn-base | 620 +++ .../text-base/report-commonports.cpp.svn-base | 229 + .../.svn/text-base/report-icmp.cpp.svn-base | 258 + .../report-logginglevels.cpp.svn-base | 89 + .../.svn/text-base/report-misc.cpp.svn-base | 340 ++ .../text-base/report-numbering.cpp.svn-base | 255 + .../text-base/report-protocols.cpp.svn-base | 310 ++ .../.svn/text-base/report.cpp.svn-base | 807 +++ .../device/reportgen/report-abbreviations.cpp | 620 +++ .../device/reportgen/report-commonports.cpp | 229 + .../device/reportgen/report-icmp.cpp | 258 + .../device/reportgen/report-logginglevels.cpp | 89 + .../device/reportgen/report-misc.cpp | 340 ++ .../device/reportgen/report-numbering.cpp | 255 + .../device/reportgen/report-protocols.cpp | 310 ++ libnipper-0.12.6/device/reportgen/report.cpp | 807 +++ libnipper-0.12.6/device/snmp/.svn/all-wcprops | 59 + libnipper-0.12.6/device/snmp/.svn/entries | 334 ++ .../text-base/snmp-community.cpp.svn-base | 807 +++ .../.svn/text-base/snmp-group.cpp.svn-base | 222 + .../.svn/text-base/snmp-host.cpp.svn-base | 201 + .../text-base/snmp-misc-issues.cpp.svn-base | 954 ++++ .../.svn/text-base/snmp-traps.cpp.svn-base | 640 +++ .../.svn/text-base/snmp-user.cpp.svn-base | 465 ++ .../.svn/text-base/snmp-view.cpp.svn-base | 483 ++ .../snmp/.svn/text-base/snmp.cpp.svn-base | 616 +++ .../snmp/.svn/text-base/snmp.h.svn-base | 374 ++ .../device/snmp/snmp-community.cpp | 807 +++ libnipper-0.12.6/device/snmp/snmp-group.cpp | 222 + libnipper-0.12.6/device/snmp/snmp-host.cpp | 201 + .../device/snmp/snmp-misc-issues.cpp | 954 ++++ libnipper-0.12.6/device/snmp/snmp-traps.cpp | 640 +++ libnipper-0.12.6/device/snmp/snmp-user.cpp | 465 ++ libnipper-0.12.6/device/snmp/snmp-view.cpp | 483 ++ libnipper-0.12.6/device/snmp/snmp.cpp | 616 +++ libnipper-0.12.6/device/snmp/snmp.h | 374 ++ libnipper-0.12.6/docs/.svn/all-wcprops | 11 + libnipper-0.12.6/docs/.svn/entries | 62 + .../docs/.svn/text-base/xml.txt.svn-base | 365 ++ libnipper-0.12.6/docs/xml.txt | 365 ++ libnipper-0.12.6/globaldefs.h | 72 + libnipper-0.12.6/install_manifest.txt | 5 + libnipper-0.12.6/libnipper.cpp | 494 ++ libnipper-0.12.6/libnipper.h | 205 + libnipper-0.12.6/man/.svn/all-wcprops | 11 + libnipper-0.12.6/man/.svn/entries | 62 + .../man/.svn/text-base/nipper.conf.5.svn-base | 15 + libnipper-0.12.6/man/nipper.conf.5 | 15 + libnipper-0.12.6/nipper.conf | 252 + libnipper-0.12.6/nipper.cpp | 1694 ++++++ libnipper-0.12.6/report/.svn/all-wcprops | 95 + libnipper-0.12.6/report/.svn/entries | 538 ++ .../text-base/report-contents.cpp.svn-base | 377 ++ .../text-base/report-frontpage.cpp.svn-base | 70 + .../text-base/report-functions.cpp.svn-base | 346 ++ .../report-introduction.cpp.svn-base | 64 + .../.svn/text-base/report-list.cpp.svn-base | 141 + .../report-section-appendix.cpp.svn-base | 65 + .../report-section-compliance.cpp.svn-base | 39 + .../report-section-config.cpp.svn-base | 67 + .../report-section-security.cpp.svn-base | 357 ++ .../.svn/text-base/report-start.cpp.svn-base | 155 + .../.svn/text-base/report-table.cpp.svn-base | 441 ++ .../.svn/text-base/report-text.cpp.svn-base | 948 ++++ .../.svn/text-base/report-titles.cpp.svn-base | 310 ++ .../report/.svn/text-base/report.cpp.svn-base | 135 + .../report/.svn/text-base/report.h.svn-base | 186 + libnipper-0.12.6/report/report-contents.cpp | 377 ++ libnipper-0.12.6/report/report-frontpage.cpp | 70 + libnipper-0.12.6/report/report-functions.cpp | 346 ++ .../report/report-introduction.cpp | 64 + libnipper-0.12.6/report/report-list.cpp | 141 + .../report/report-section-appendix.cpp | 65 + .../report/report-section-compliance.cpp | 39 + .../report/report-section-config.cpp | 67 + .../report/report-section-security.cpp | 357 ++ libnipper-0.12.6/report/report-start.cpp | 155 + libnipper-0.12.6/report/report-table.cpp | 441 ++ libnipper-0.12.6/report/report-text.cpp | 948 ++++ libnipper-0.12.6/report/report-titles.cpp | 310 ++ libnipper-0.12.6/report/report.cpp | 135 + libnipper-0.12.6/report/report.h | 186 + 1210 files changed, 301809 insertions(+) create mode 100644 0.11.10/CSS/.svn/all-wcprops create mode 100644 0.11.10/CSS/.svn/entries create mode 100644 0.11.10/CSS/.svn/text-base/cleanup.c.svn-base create mode 100644 0.11.10/CSS/.svn/text-base/input.c.svn-base create mode 100644 0.11.10/CSS/.svn/text-base/process-access-list.c.svn-base create mode 100644 0.11.10/CSS/.svn/text-base/process-restrict.c.svn-base create mode 100644 0.11.10/CSS/.svn/text-base/process-snmp.c.svn-base create mode 100644 0.11.10/CSS/.svn/text-base/report-access-list.c.svn-base create mode 100644 0.11.10/CSS/.svn/text-base/report-debug.c.svn-base create mode 100644 0.11.10/CSS/.svn/text-base/report-general.c.svn-base create mode 100644 0.11.10/CSS/.svn/text-base/report-restrict.c.svn-base create mode 100644 0.11.10/CSS/.svn/text-base/report-snmp.c.svn-base create mode 100644 0.11.10/CSS/.svn/text-base/report.c.svn-base create mode 100644 0.11.10/CSS/cleanup.c create mode 100644 0.11.10/CSS/input.c create mode 100644 0.11.10/CSS/process-access-list.c create mode 100644 0.11.10/CSS/process-restrict.c create mode 100644 0.11.10/CSS/process-snmp.c create mode 100644 0.11.10/CSS/report-access-list.c create mode 100644 0.11.10/CSS/report-debug.c create mode 100644 0.11.10/CSS/report-general.c create mode 100644 0.11.10/CSS/report-restrict.c create mode 100644 0.11.10/CSS/report-snmp.c create mode 100644 0.11.10/CSS/report.c create mode 100644 0.11.10/Changelog create mode 100644 0.11.10/FW1/.svn/all-wcprops create mode 100644 0.11.10/FW1/.svn/entries create mode 100644 0.11.10/FW1/.svn/text-base/cleanup.c.svn-base create mode 100644 0.11.10/FW1/.svn/text-base/input.c.svn-base create mode 100644 0.11.10/FW1/.svn/text-base/process-objects.c.svn-base create mode 100644 0.11.10/FW1/.svn/text-base/process-policycollections.c.svn-base create mode 100644 0.11.10/FW1/.svn/text-base/process-rulebases.c.svn-base create mode 100644 0.11.10/FW1/.svn/text-base/process-rules.c.svn-base create mode 100644 0.11.10/FW1/.svn/text-base/process-services.c.svn-base create mode 100644 0.11.10/FW1/.svn/text-base/report-debug.c.svn-base create mode 100644 0.11.10/FW1/.svn/text-base/report-objects.c.svn-base create mode 100644 0.11.10/FW1/.svn/text-base/report-rules.c.svn-base create mode 100644 0.11.10/FW1/.svn/text-base/report-services.c.svn-base create mode 100644 0.11.10/FW1/.svn/text-base/report.c.svn-base create mode 100644 0.11.10/FW1/cleanup.c create mode 100644 0.11.10/FW1/input.c create mode 100644 0.11.10/FW1/process-objects.c create mode 100644 0.11.10/FW1/process-policycollections.c create mode 100644 0.11.10/FW1/process-rulebases.c create mode 100644 0.11.10/FW1/process-rules.c create mode 100644 0.11.10/FW1/process-services.c create mode 100644 0.11.10/FW1/report-debug.c create mode 100644 0.11.10/FW1/report-objects.c create mode 100644 0.11.10/FW1/report-rules.c create mode 100644 0.11.10/FW1/report-services.c create mode 100644 0.11.10/FW1/report.c create mode 100644 0.11.10/INSTALL create mode 100644 0.11.10/IOS/.svn/all-wcprops create mode 100644 0.11.10/IOS/.svn/entries create mode 100644 0.11.10/IOS/.svn/text-base/cleanup.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/input.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-aaa.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-access-list.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-banner.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-cef.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-clock.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-dns.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-enable.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-ftp.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-general.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-http.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-interface.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-keychain.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-line.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-logging.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-nat.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-ntp.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-route-map.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-router.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-snmp.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-ssh.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-tacacs.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-username.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/process-vtp.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-aaa.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-access-list.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-clock.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-debug.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-dns.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-ftp.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-general.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-http.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-interface.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-keychain.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-line.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-logging.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-nat.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-ntp.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-passwords.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-router.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-snmp.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-ssh.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-tacacs.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-timeout.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-username.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report-vtp.c.svn-base create mode 100644 0.11.10/IOS/.svn/text-base/report.c.svn-base create mode 100644 0.11.10/IOS/cleanup.c create mode 100644 0.11.10/IOS/input.c create mode 100644 0.11.10/IOS/process-aaa.c create mode 100644 0.11.10/IOS/process-access-list.c create mode 100644 0.11.10/IOS/process-banner.c create mode 100644 0.11.10/IOS/process-cef.c create mode 100644 0.11.10/IOS/process-clock.c create mode 100644 0.11.10/IOS/process-dns.c create mode 100644 0.11.10/IOS/process-enable.c create mode 100644 0.11.10/IOS/process-ftp.c create mode 100644 0.11.10/IOS/process-general.c create mode 100644 0.11.10/IOS/process-http.c create mode 100644 0.11.10/IOS/process-interface.c create mode 100644 0.11.10/IOS/process-keychain.c create mode 100644 0.11.10/IOS/process-line.c create mode 100644 0.11.10/IOS/process-logging.c create mode 100644 0.11.10/IOS/process-nat.c create mode 100644 0.11.10/IOS/process-ntp.c create mode 100644 0.11.10/IOS/process-route-map.c create mode 100644 0.11.10/IOS/process-router.c create mode 100644 0.11.10/IOS/process-snmp.c create mode 100644 0.11.10/IOS/process-ssh.c create mode 100644 0.11.10/IOS/process-tacacs.c create mode 100644 0.11.10/IOS/process-username.c create mode 100644 0.11.10/IOS/process-vtp.c create mode 100644 0.11.10/IOS/report-aaa.c create mode 100644 0.11.10/IOS/report-access-list.c create mode 100644 0.11.10/IOS/report-clock.c create mode 100644 0.11.10/IOS/report-debug.c create mode 100644 0.11.10/IOS/report-dns.c create mode 100644 0.11.10/IOS/report-ftp.c create mode 100644 0.11.10/IOS/report-general.c create mode 100644 0.11.10/IOS/report-http.c create mode 100644 0.11.10/IOS/report-interface.c create mode 100644 0.11.10/IOS/report-keychain.c create mode 100644 0.11.10/IOS/report-line.c create mode 100644 0.11.10/IOS/report-logging.c create mode 100644 0.11.10/IOS/report-nat.c create mode 100644 0.11.10/IOS/report-ntp.c create mode 100644 0.11.10/IOS/report-passwords.c create mode 100644 0.11.10/IOS/report-router.c create mode 100644 0.11.10/IOS/report-snmp.c create mode 100644 0.11.10/IOS/report-ssh.c create mode 100644 0.11.10/IOS/report-tacacs.c create mode 100644 0.11.10/IOS/report-timeout.c create mode 100644 0.11.10/IOS/report-username.c create mode 100644 0.11.10/IOS/report-vtp.c create mode 100644 0.11.10/IOS/report.c create mode 100644 0.11.10/LICENSE create mode 100644 0.11.10/Makefile create mode 100644 0.11.10/NMP/.svn/all-wcprops create mode 100644 0.11.10/NMP/.svn/entries create mode 100644 0.11.10/NMP/.svn/text-base/cleanup.c.svn-base create mode 100644 0.11.10/NMP/.svn/text-base/input.c.svn-base create mode 100644 0.11.10/NMP/.svn/text-base/process-cdp.c.svn-base create mode 100644 0.11.10/NMP/.svn/text-base/process-general.c.svn-base create mode 100644 0.11.10/NMP/.svn/text-base/process-permit.c.svn-base create mode 100644 0.11.10/NMP/.svn/text-base/process-port.c.svn-base create mode 100644 0.11.10/NMP/.svn/text-base/process-snmp.c.svn-base create mode 100644 0.11.10/NMP/.svn/text-base/process-spantree.c.svn-base create mode 100644 0.11.10/NMP/.svn/text-base/process-vlan.c.svn-base create mode 100644 0.11.10/NMP/.svn/text-base/report-debug.c.svn-base create mode 100644 0.11.10/NMP/.svn/text-base/report-general.c.svn-base create mode 100644 0.11.10/NMP/.svn/text-base/report-passwords.c.svn-base create mode 100644 0.11.10/NMP/.svn/text-base/report-permit.c.svn-base create mode 100644 0.11.10/NMP/.svn/text-base/report-port.c.svn-base create mode 100644 0.11.10/NMP/.svn/text-base/report-snmp.c.svn-base create mode 100644 0.11.10/NMP/.svn/text-base/report-vlan.c.svn-base create mode 100644 0.11.10/NMP/.svn/text-base/report.c.svn-base create mode 100644 0.11.10/NMP/cleanup.c create mode 100644 0.11.10/NMP/input.c create mode 100644 0.11.10/NMP/process-cdp.c create mode 100644 0.11.10/NMP/process-general.c create mode 100644 0.11.10/NMP/process-permit.c create mode 100644 0.11.10/NMP/process-port.c create mode 100644 0.11.10/NMP/process-snmp.c create mode 100644 0.11.10/NMP/process-spantree.c create mode 100644 0.11.10/NMP/process-vlan.c create mode 100644 0.11.10/NMP/report-debug.c create mode 100644 0.11.10/NMP/report-general.c create mode 100644 0.11.10/NMP/report-passwords.c create mode 100644 0.11.10/NMP/report-permit.c create mode 100644 0.11.10/NMP/report-port.c create mode 100644 0.11.10/NMP/report-snmp.c create mode 100644 0.11.10/NMP/report-vlan.c create mode 100644 0.11.10/NMP/report.c create mode 100644 0.11.10/PIX/.svn/all-wcprops create mode 100644 0.11.10/PIX/.svn/entries create mode 100644 0.11.10/PIX/.svn/text-base/cleanup.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/input.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/process-access-list.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/process-enable.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/process-general.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/process-http.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/process-icmp.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/process-interface.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/process-nat.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/process-objects.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/process-protocols.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/process-route.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/process-snmp.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/process-ssh.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/report-access-list.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/report-debug.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/report-enable.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/report-general.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/report-http.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/report-icmp.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/report-interface.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/report-nat.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/report-passwords.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/report-protocols.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/report-route.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/report-snmp.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/report-ssh.c.svn-base create mode 100644 0.11.10/PIX/.svn/text-base/report.c.svn-base create mode 100644 0.11.10/PIX/cleanup.c create mode 100644 0.11.10/PIX/input.c create mode 100644 0.11.10/PIX/process-access-list.c create mode 100644 0.11.10/PIX/process-enable.c create mode 100644 0.11.10/PIX/process-general.c create mode 100644 0.11.10/PIX/process-http.c create mode 100644 0.11.10/PIX/process-icmp.c create mode 100644 0.11.10/PIX/process-interface.c create mode 100644 0.11.10/PIX/process-nat.c create mode 100644 0.11.10/PIX/process-objects.c create mode 100644 0.11.10/PIX/process-protocols.c create mode 100644 0.11.10/PIX/process-route.c create mode 100644 0.11.10/PIX/process-snmp.c create mode 100644 0.11.10/PIX/process-ssh.c create mode 100644 0.11.10/PIX/report-access-list.c create mode 100644 0.11.10/PIX/report-debug.c create mode 100644 0.11.10/PIX/report-enable.c create mode 100644 0.11.10/PIX/report-general.c create mode 100644 0.11.10/PIX/report-http.c create mode 100644 0.11.10/PIX/report-icmp.c create mode 100644 0.11.10/PIX/report-interface.c create mode 100644 0.11.10/PIX/report-nat.c create mode 100644 0.11.10/PIX/report-passwords.c create mode 100644 0.11.10/PIX/report-protocols.c create mode 100644 0.11.10/PIX/report-route.c create mode 100644 0.11.10/PIX/report-snmp.c create mode 100644 0.11.10/PIX/report-ssh.c create mode 100644 0.11.10/PIX/report.c create mode 100644 0.11.10/Passport/.svn/all-wcprops create mode 100644 0.11.10/Passport/.svn/entries create mode 100644 0.11.10/Passport/.svn/text-base/cleanup.c.svn-base create mode 100644 0.11.10/Passport/.svn/text-base/input.c.svn-base create mode 100644 0.11.10/Passport/.svn/text-base/process-filters.c.svn-base create mode 100644 0.11.10/Passport/.svn/text-base/process-general.c.svn-base create mode 100644 0.11.10/Passport/.svn/text-base/report-debug.c.svn-base create mode 100644 0.11.10/Passport/.svn/text-base/report-filters.c.svn-base create mode 100644 0.11.10/Passport/.svn/text-base/report-general.c.svn-base create mode 100644 0.11.10/Passport/.svn/text-base/report.c.svn-base create mode 100644 0.11.10/Passport/cleanup.c create mode 100644 0.11.10/Passport/input.c create mode 100644 0.11.10/Passport/process-filters.c create mode 100644 0.11.10/Passport/process-general.c create mode 100644 0.11.10/Passport/report-debug.c create mode 100644 0.11.10/Passport/report-filters.c create mode 100644 0.11.10/Passport/report-general.c create mode 100644 0.11.10/Passport/report.c create mode 100644 0.11.10/Readme create mode 100644 0.11.10/ScreenOS/.svn/all-wcprops create mode 100644 0.11.10/ScreenOS/.svn/entries create mode 100644 0.11.10/ScreenOS/.svn/text-base/cleanup.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/input.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/process-address.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/process-admin.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/process-auth-server.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/process-interface.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/process-policy.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/process-snmp.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/process-ssh.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/process-zone.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/report-address.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/report-admin.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/report-auth-server.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/report-debug.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/report-general.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/report-interface.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/report-passwords.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/report-policy.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/report-snmp.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/report-ssh.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/report-timeout.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/report-zone.c.svn-base create mode 100644 0.11.10/ScreenOS/.svn/text-base/report.c.svn-base create mode 100644 0.11.10/ScreenOS/cleanup.c create mode 100644 0.11.10/ScreenOS/input.c create mode 100644 0.11.10/ScreenOS/process-address.c create mode 100644 0.11.10/ScreenOS/process-admin.c create mode 100644 0.11.10/ScreenOS/process-auth-server.c create mode 100644 0.11.10/ScreenOS/process-interface.c create mode 100644 0.11.10/ScreenOS/process-policy.c create mode 100644 0.11.10/ScreenOS/process-snmp.c create mode 100644 0.11.10/ScreenOS/process-ssh.c create mode 100644 0.11.10/ScreenOS/process-zone.c create mode 100644 0.11.10/ScreenOS/report-address.c create mode 100644 0.11.10/ScreenOS/report-admin.c create mode 100644 0.11.10/ScreenOS/report-auth-server.c create mode 100644 0.11.10/ScreenOS/report-debug.c create mode 100644 0.11.10/ScreenOS/report-general.c create mode 100644 0.11.10/ScreenOS/report-interface.c create mode 100644 0.11.10/ScreenOS/report-passwords.c create mode 100644 0.11.10/ScreenOS/report-policy.c create mode 100644 0.11.10/ScreenOS/report-snmp.c create mode 100644 0.11.10/ScreenOS/report-ssh.c create mode 100644 0.11.10/ScreenOS/report-timeout.c create mode 100644 0.11.10/ScreenOS/report-zone.c create mode 100644 0.11.10/ScreenOS/report.c create mode 100644 0.11.10/SonicOS/.svn/all-wcprops create mode 100644 0.11.10/SonicOS/.svn/entries create mode 100644 0.11.10/SonicOS/.svn/text-base/cleanup.c.svn-base create mode 100644 0.11.10/SonicOS/.svn/text-base/input-preprocessing.c.svn-base create mode 100644 0.11.10/SonicOS/.svn/text-base/input.c.svn-base create mode 100644 0.11.10/SonicOS/.svn/text-base/process-policy.c.svn-base create mode 100644 0.11.10/SonicOS/.svn/text-base/process-rules.c.svn-base create mode 100644 0.11.10/SonicOS/.svn/text-base/process-services.c.svn-base create mode 100644 0.11.10/SonicOS/.svn/text-base/report-debug.c.svn-base create mode 100644 0.11.10/SonicOS/.svn/text-base/report-general.c.svn-base create mode 100644 0.11.10/SonicOS/.svn/text-base/report-rules.c.svn-base create mode 100644 0.11.10/SonicOS/.svn/text-base/report-services.c.svn-base create mode 100644 0.11.10/SonicOS/.svn/text-base/report.c.svn-base create mode 100644 0.11.10/SonicOS/cleanup.c create mode 100644 0.11.10/SonicOS/input-preprocessing.c create mode 100644 0.11.10/SonicOS/input.c create mode 100644 0.11.10/SonicOS/process-policy.c create mode 100644 0.11.10/SonicOS/process-rules.c create mode 100644 0.11.10/SonicOS/process-services.c create mode 100644 0.11.10/SonicOS/report-debug.c create mode 100644 0.11.10/SonicOS/report-general.c create mode 100644 0.11.10/SonicOS/report-rules.c create mode 100644 0.11.10/SonicOS/report-services.c create mode 100644 0.11.10/SonicOS/report.c create mode 100644 0.11.10/TODO create mode 100644 0.11.10/Template/.svn/all-wcprops create mode 100644 0.11.10/Template/.svn/entries create mode 100644 0.11.10/Template/.svn/text-base/cleanup.c.svn-base create mode 100644 0.11.10/Template/.svn/text-base/input.c.svn-base create mode 100644 0.11.10/Template/.svn/text-base/report-debug.c.svn-base create mode 100644 0.11.10/Template/.svn/text-base/report.c.svn-base create mode 100644 0.11.10/Template/cleanup.c create mode 100644 0.11.10/Template/input.c create mode 100644 0.11.10/Template/report-debug.c create mode 100644 0.11.10/Template/report.c create mode 100644 0.11.10/cisco/.svn/all-wcprops create mode 100644 0.11.10/cisco/.svn/entries create mode 100644 0.11.10/cisco/.svn/text-base/report-acl.c.svn-base create mode 100644 0.11.10/cisco/report-acl.c create mode 100644 0.11.10/common/.svn/all-wcprops create mode 100644 0.11.10/common/.svn/entries create mode 100644 0.11.10/common/.svn/text-base/nipper-acl.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/nipper-base64.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/nipper-cleanup.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/nipper-cmdoptions.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/nipper-common.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/nipper-config.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/nipper-defaults.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/nipper-defs.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/nipper-help.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/nipper-input.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/nipper-namemappings.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/nipper-objects.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/nipper-remote-snmp.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/nipper-struct.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/report-acl.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/report-appendix.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/report-debug.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/report-functions.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/report-text.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/report-vulns.c.svn-base create mode 100644 0.11.10/common/.svn/text-base/report.c.svn-base create mode 100644 0.11.10/common/nipper-acl.c create mode 100644 0.11.10/common/nipper-base64.c create mode 100644 0.11.10/common/nipper-cleanup.c create mode 100644 0.11.10/common/nipper-cmdoptions.c create mode 100644 0.11.10/common/nipper-common.c create mode 100644 0.11.10/common/nipper-config.c create mode 100644 0.11.10/common/nipper-defaults.c create mode 100644 0.11.10/common/nipper-defs.c create mode 100644 0.11.10/common/nipper-help.c create mode 100644 0.11.10/common/nipper-input.c create mode 100644 0.11.10/common/nipper-namemappings.c create mode 100644 0.11.10/common/nipper-objects.c create mode 100644 0.11.10/common/nipper-remote-snmp.c create mode 100644 0.11.10/common/nipper-struct.c create mode 100644 0.11.10/common/report-acl.c create mode 100644 0.11.10/common/report-appendix.c create mode 100644 0.11.10/common/report-debug.c create mode 100644 0.11.10/common/report-functions.c create mode 100644 0.11.10/common/report-text.c create mode 100644 0.11.10/common/report-vulns.c create mode 100644 0.11.10/common/report.c create mode 100644 0.11.10/docs/.svn/all-wcprops create mode 100644 0.11.10/docs/.svn/entries create mode 100644 0.11.10/docs/.svn/text-base/Features.txt.svn-base create mode 100644 0.11.10/docs/.svn/text-base/Options.txt.svn-base create mode 100644 0.11.10/docs/.svn/text-base/Quickstart.txt.svn-base create mode 100644 0.11.10/docs/.svn/text-base/XML.txt.svn-base create mode 100644 0.11.10/docs/Features.txt create mode 100644 0.11.10/docs/Options.txt create mode 100644 0.11.10/docs/Quickstart.txt create mode 100644 0.11.10/docs/XML.txt create mode 100644 0.11.10/install.script create mode 100644 0.11.10/man/.svn/all-wcprops create mode 100644 0.11.10/man/.svn/entries create mode 100644 0.11.10/man/.svn/text-base/nipper.1.svn-base create mode 100644 0.11.10/man/.svn/text-base/nipper.conf.5.svn-base create mode 100644 0.11.10/man/nipper.1 create mode 100644 0.11.10/man/nipper.conf.5 create mode 100644 0.11.10/nipper create mode 100644 0.11.10/nipper.c create mode 100644 0.11.10/nipper.conf create mode 100644 0.11.10/nipper.ini create mode 100644 libnipper-0.12.6/3Com-SuperStack3-Firewall/.svn/all-wcprops create mode 100644 libnipper-0.12.6/3Com-SuperStack3-Firewall/.svn/entries create mode 100644 libnipper-0.12.6/3Com-SuperStack3-Firewall/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/3Com-SuperStack3-Firewall/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp create mode 100644 libnipper-0.12.6/3Com-SuperStack3-Firewall/device.h create mode 100644 libnipper-0.12.6/BayNetworks-Accelar/.svn/all-wcprops create mode 100644 libnipper-0.12.6/BayNetworks-Accelar/.svn/entries create mode 100644 libnipper-0.12.6/BayNetworks-Accelar/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/BayNetworks-Accelar/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/BayNetworks-Accelar/device.cpp create mode 100644 libnipper-0.12.6/BayNetworks-Accelar/device.h create mode 100644 libnipper-0.12.6/CMakeCache.txt create mode 100644 libnipper-0.12.6/CMakeFiles/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/.svn/text-base/CMakeCXXCompiler.cmake.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/.svn/text-base/CMakeDirectoryInformation.cmake.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/.svn/text-base/CMakeOutput.log.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/.svn/text-base/CMakeSystem.cmake.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/.svn/text-base/Makefile.cmake.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/.svn/text-base/Makefile2.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/.svn/text-base/cmake.check_cache.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/.svn/text-base/progress.make.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/CMakeCXXCompiler.cmake create mode 100644 libnipper-0.12.6/CMakeFiles/CMakeDirectoryInformation.cmake create mode 100644 libnipper-0.12.6/CMakeFiles/CMakeOutput.log create mode 100644 libnipper-0.12.6/CMakeFiles/CMakeSystem.cmake create mode 100644 libnipper-0.12.6/CMakeFiles/CMakeTmp/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/CMakeTmp/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/cmTryCompileExec.dir/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/cmTryCompileExec.dir/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/Makefile.cmake create mode 100644 libnipper-0.12.6/CMakeFiles/Makefile2 create mode 100644 libnipper-0.12.6/CMakeFiles/cmake.check_cache create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/CXX.includecache.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/DependInfo.cmake.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/build.make.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/cmake_clean.cmake.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/cmake_clean_target.cmake.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/depend.internal.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/depend.make.mark.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/depend.make.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/flags.make.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/link.txt.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/progress.make.svn-base create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/BayNetworks-Accelar/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/BayNetworks-Accelar/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/CXX.includecache create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Firewall/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Firewall/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Management/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Management/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Router/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Router/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-ASA/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-ASA/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-FWSM/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-FWSM/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-PIX/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-PIX/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/DependInfo.cmake create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Nokia-IP/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Nokia-IP/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-RoutingSwitch/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-RoutingSwitch/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/build.make create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/cmake_clean.cmake create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/cmake_clean_target.cmake create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/depend.internal create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/depend.make create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/depend.make.mark create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/banner/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/banner/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/crypto/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/crypto/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/dns/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/dns/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/general/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/general/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/flags.make create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/link.txt create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/progress.make create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/report/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CMakeFiles/nipper.dir/report/.svn/entries create mode 100644 libnipper-0.12.6/CMakeFiles/progress.make create mode 100644 libnipper-0.12.6/CMakeLists.txt create mode 100644 libnipper-0.12.6/Changelog create mode 100644 libnipper-0.12.6/CheckPoint-Firewall/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CheckPoint-Firewall/.svn/entries create mode 100644 libnipper-0.12.6/CheckPoint-Firewall/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/CheckPoint-Firewall/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/CheckPoint-Firewall/device.cpp create mode 100644 libnipper-0.12.6/CheckPoint-Firewall/device.h create mode 100644 libnipper-0.12.6/CheckPoint-Management/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CheckPoint-Management/.svn/entries create mode 100644 libnipper-0.12.6/CheckPoint-Management/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/CheckPoint-Management/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/CheckPoint-Management/device.cpp create mode 100644 libnipper-0.12.6/CheckPoint-Management/device.h create mode 100644 libnipper-0.12.6/CheckPoint/.svn/all-wcprops create mode 100644 libnipper-0.12.6/CheckPoint/.svn/entries create mode 100644 libnipper-0.12.6/CheckPoint/.svn/text-base/device-policies.cpp.svn-base create mode 100644 libnipper-0.12.6/CheckPoint/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/CheckPoint/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/CheckPoint/.svn/text-base/filter-objects.cpp.svn-base create mode 100644 libnipper-0.12.6/CheckPoint/.svn/text-base/filter-rules.cpp.svn-base create mode 100644 libnipper-0.12.6/CheckPoint/.svn/text-base/filter-services.cpp.svn-base create mode 100644 libnipper-0.12.6/CheckPoint/.svn/text-base/filter.cpp.svn-base create mode 100644 libnipper-0.12.6/CheckPoint/.svn/text-base/filter.h.svn-base create mode 100644 libnipper-0.12.6/CheckPoint/.svn/text-base/general.cpp.svn-base create mode 100644 libnipper-0.12.6/CheckPoint/.svn/text-base/general.h.svn-base create mode 100644 libnipper-0.12.6/CheckPoint/device-policies.cpp create mode 100644 libnipper-0.12.6/CheckPoint/device.cpp create mode 100644 libnipper-0.12.6/CheckPoint/device.h create mode 100644 libnipper-0.12.6/CheckPoint/filter-objects.cpp create mode 100644 libnipper-0.12.6/CheckPoint/filter-rules.cpp create mode 100644 libnipper-0.12.6/CheckPoint/filter-services.cpp create mode 100644 libnipper-0.12.6/CheckPoint/filter.cpp create mode 100644 libnipper-0.12.6/CheckPoint/filter.h create mode 100644 libnipper-0.12.6/CheckPoint/general.cpp create mode 100644 libnipper-0.12.6/CheckPoint/general.h create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/all-wcprops create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/entries create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/administration.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/administration.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/authentication.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/authentication.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/banner.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/banner.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/dns.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/dns.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/filter.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/filter.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/general.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/general.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/interfaces.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/interfaces.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/snmp-report.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/snmp.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/.svn/text-base/snmp.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-CSS/administration.cpp create mode 100644 libnipper-0.12.6/Cisco-CSS/administration.h create mode 100644 libnipper-0.12.6/Cisco-CSS/authentication.cpp create mode 100644 libnipper-0.12.6/Cisco-CSS/authentication.h create mode 100644 libnipper-0.12.6/Cisco-CSS/banner.cpp create mode 100644 libnipper-0.12.6/Cisco-CSS/banner.h create mode 100644 libnipper-0.12.6/Cisco-CSS/device.cpp create mode 100644 libnipper-0.12.6/Cisco-CSS/device.h create mode 100644 libnipper-0.12.6/Cisco-CSS/dns.cpp create mode 100644 libnipper-0.12.6/Cisco-CSS/dns.h create mode 100644 libnipper-0.12.6/Cisco-CSS/filter.cpp create mode 100644 libnipper-0.12.6/Cisco-CSS/filter.h create mode 100644 libnipper-0.12.6/Cisco-CSS/general.cpp create mode 100644 libnipper-0.12.6/Cisco-CSS/general.h create mode 100644 libnipper-0.12.6/Cisco-CSS/interfaces.cpp create mode 100644 libnipper-0.12.6/Cisco-CSS/interfaces.h create mode 100644 libnipper-0.12.6/Cisco-CSS/snmp-report.cpp create mode 100644 libnipper-0.12.6/Cisco-CSS/snmp.cpp create mode 100644 libnipper-0.12.6/Cisco-CSS/snmp.h create mode 100644 libnipper-0.12.6/Cisco-Catalyst-CatOS/.svn/all-wcprops create mode 100644 libnipper-0.12.6/Cisco-Catalyst-CatOS/.svn/entries create mode 100644 libnipper-0.12.6/Cisco-Catalyst-CatOS/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst-CatOS/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp create mode 100644 libnipper-0.12.6/Cisco-Catalyst-CatOS/device.h create mode 100644 libnipper-0.12.6/Cisco-Catalyst-NMP/.svn/all-wcprops create mode 100644 libnipper-0.12.6/Cisco-Catalyst-NMP/.svn/entries create mode 100644 libnipper-0.12.6/Cisco-Catalyst-NMP/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst-NMP/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp create mode 100644 libnipper-0.12.6/Cisco-Catalyst-NMP/device.h create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/all-wcprops create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/entries create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/administration.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/administration.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/authentication.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/authentication.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/banner.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/banner.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/dns.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/dns.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/general.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/general.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/interfaces.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/interfaces.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/snmp.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/snmp.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Catalyst/administration.cpp create mode 100644 libnipper-0.12.6/Cisco-Catalyst/administration.h create mode 100644 libnipper-0.12.6/Cisco-Catalyst/authentication.cpp create mode 100644 libnipper-0.12.6/Cisco-Catalyst/authentication.h create mode 100644 libnipper-0.12.6/Cisco-Catalyst/banner.cpp create mode 100644 libnipper-0.12.6/Cisco-Catalyst/banner.h create mode 100644 libnipper-0.12.6/Cisco-Catalyst/device.cpp create mode 100644 libnipper-0.12.6/Cisco-Catalyst/device.h create mode 100644 libnipper-0.12.6/Cisco-Catalyst/dns.cpp create mode 100644 libnipper-0.12.6/Cisco-Catalyst/dns.h create mode 100644 libnipper-0.12.6/Cisco-Catalyst/general.cpp create mode 100644 libnipper-0.12.6/Cisco-Catalyst/general.h create mode 100644 libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp create mode 100644 libnipper-0.12.6/Cisco-Catalyst/interfaces.h create mode 100644 libnipper-0.12.6/Cisco-Catalyst/snmp.cpp create mode 100644 libnipper-0.12.6/Cisco-Catalyst/snmp.h create mode 100644 libnipper-0.12.6/Cisco-IOS-Catalyst/.svn/all-wcprops create mode 100644 libnipper-0.12.6/Cisco-IOS-Catalyst/.svn/entries create mode 100644 libnipper-0.12.6/Cisco-IOS-Catalyst/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS-Catalyst/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp create mode 100644 libnipper-0.12.6/Cisco-IOS-Catalyst/device.h create mode 100644 libnipper-0.12.6/Cisco-IOS-Router/.svn/all-wcprops create mode 100644 libnipper-0.12.6/Cisco-IOS-Router/.svn/entries create mode 100644 libnipper-0.12.6/Cisco-IOS-Router/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS-Router/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS-Router/device.cpp create mode 100644 libnipper-0.12.6/Cisco-IOS-Router/device.h create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/all-wcprops create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/entries create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration-line.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration-report.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration-security.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/authentication.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/authentication.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/banner.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/banner.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/dns.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/dns.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/filter.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/filter.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/general.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/general.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/interfaces.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/interfaces.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/iosdevice.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/iosdevice.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/snmp-report.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/snmp.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/.svn/text-base/snmp.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-IOS/administration-line.cpp create mode 100644 libnipper-0.12.6/Cisco-IOS/administration-report.cpp create mode 100644 libnipper-0.12.6/Cisco-IOS/administration-security.cpp create mode 100644 libnipper-0.12.6/Cisco-IOS/administration.cpp create mode 100644 libnipper-0.12.6/Cisco-IOS/administration.h create mode 100644 libnipper-0.12.6/Cisco-IOS/authentication.cpp create mode 100644 libnipper-0.12.6/Cisco-IOS/authentication.h create mode 100644 libnipper-0.12.6/Cisco-IOS/banner.cpp create mode 100644 libnipper-0.12.6/Cisco-IOS/banner.h create mode 100644 libnipper-0.12.6/Cisco-IOS/dns.cpp create mode 100644 libnipper-0.12.6/Cisco-IOS/dns.h create mode 100644 libnipper-0.12.6/Cisco-IOS/filter.cpp create mode 100644 libnipper-0.12.6/Cisco-IOS/filter.h create mode 100644 libnipper-0.12.6/Cisco-IOS/general.cpp create mode 100644 libnipper-0.12.6/Cisco-IOS/general.h create mode 100644 libnipper-0.12.6/Cisco-IOS/interfaces.cpp create mode 100644 libnipper-0.12.6/Cisco-IOS/interfaces.h create mode 100644 libnipper-0.12.6/Cisco-IOS/iosdevice.cpp create mode 100644 libnipper-0.12.6/Cisco-IOS/iosdevice.h create mode 100644 libnipper-0.12.6/Cisco-IOS/snmp-report.cpp create mode 100644 libnipper-0.12.6/Cisco-IOS/snmp.cpp create mode 100644 libnipper-0.12.6/Cisco-IOS/snmp.h create mode 100644 libnipper-0.12.6/Cisco-Security-ASA/.svn/all-wcprops create mode 100644 libnipper-0.12.6/Cisco-Security-ASA/.svn/entries create mode 100644 libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/administration.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/administration.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/general.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/general.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security-ASA/administration.cpp create mode 100644 libnipper-0.12.6/Cisco-Security-ASA/administration.h create mode 100644 libnipper-0.12.6/Cisco-Security-ASA/device.cpp create mode 100644 libnipper-0.12.6/Cisco-Security-ASA/device.h create mode 100644 libnipper-0.12.6/Cisco-Security-ASA/general.cpp create mode 100644 libnipper-0.12.6/Cisco-Security-ASA/general.h create mode 100644 libnipper-0.12.6/Cisco-Security-FWSM/.svn/all-wcprops create mode 100644 libnipper-0.12.6/Cisco-Security-FWSM/.svn/entries create mode 100644 libnipper-0.12.6/Cisco-Security-FWSM/.svn/text-base/administration.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security-FWSM/.svn/text-base/administration.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security-FWSM/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security-FWSM/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp create mode 100644 libnipper-0.12.6/Cisco-Security-FWSM/administration.h create mode 100644 libnipper-0.12.6/Cisco-Security-FWSM/device.cpp create mode 100644 libnipper-0.12.6/Cisco-Security-FWSM/device.h create mode 100644 libnipper-0.12.6/Cisco-Security-PIX/.svn/all-wcprops create mode 100644 libnipper-0.12.6/Cisco-Security-PIX/.svn/entries create mode 100644 libnipper-0.12.6/Cisco-Security-PIX/.svn/text-base/administration.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security-PIX/.svn/text-base/administration.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security-PIX/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security-PIX/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security-PIX/administration.cpp create mode 100644 libnipper-0.12.6/Cisco-Security-PIX/administration.h create mode 100644 libnipper-0.12.6/Cisco-Security-PIX/device.cpp create mode 100644 libnipper-0.12.6/Cisco-Security-PIX/device.h create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/all-wcprops create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/entries create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/administration.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/administration.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/authentication.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/authentication.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/banner.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/banner.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/dns.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/dns.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/filter.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/filter.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/general.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/general.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/interfaces.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/interfaces.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/snmp.cpp.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/.svn/text-base/snmp.h.svn-base create mode 100644 libnipper-0.12.6/Cisco-Security/administration.cpp create mode 100644 libnipper-0.12.6/Cisco-Security/administration.h create mode 100644 libnipper-0.12.6/Cisco-Security/authentication.cpp create mode 100644 libnipper-0.12.6/Cisco-Security/authentication.h create mode 100644 libnipper-0.12.6/Cisco-Security/banner.cpp create mode 100644 libnipper-0.12.6/Cisco-Security/banner.h create mode 100644 libnipper-0.12.6/Cisco-Security/device.cpp create mode 100644 libnipper-0.12.6/Cisco-Security/device.h create mode 100644 libnipper-0.12.6/Cisco-Security/dns.cpp create mode 100644 libnipper-0.12.6/Cisco-Security/dns.h create mode 100644 libnipper-0.12.6/Cisco-Security/filter.cpp create mode 100644 libnipper-0.12.6/Cisco-Security/filter.h create mode 100644 libnipper-0.12.6/Cisco-Security/general.cpp create mode 100644 libnipper-0.12.6/Cisco-Security/general.h create mode 100644 libnipper-0.12.6/Cisco-Security/interfaces.cpp create mode 100644 libnipper-0.12.6/Cisco-Security/interfaces.h create mode 100644 libnipper-0.12.6/Cisco-Security/snmp.cpp create mode 100644 libnipper-0.12.6/Cisco-Security/snmp.h create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/all-wcprops create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/entries create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/administration.cpp.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/administration.h.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/authentication.cpp.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/authentication.h.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/banner.cpp.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/banner.h.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/dns.cpp.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/dns.h.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/general.cpp.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/general.h.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/interfaces.cpp.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/interfaces.h.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/snmp-report.cpp.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/snmp.cpp.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/.svn/text-base/snmp.h.svn-base create mode 100644 libnipper-0.12.6/HP-ProCurve/administration.cpp create mode 100644 libnipper-0.12.6/HP-ProCurve/administration.h create mode 100644 libnipper-0.12.6/HP-ProCurve/authentication.cpp create mode 100644 libnipper-0.12.6/HP-ProCurve/authentication.h create mode 100644 libnipper-0.12.6/HP-ProCurve/banner.cpp create mode 100644 libnipper-0.12.6/HP-ProCurve/banner.h create mode 100644 libnipper-0.12.6/HP-ProCurve/device.cpp create mode 100644 libnipper-0.12.6/HP-ProCurve/device.h create mode 100644 libnipper-0.12.6/HP-ProCurve/dns.cpp create mode 100644 libnipper-0.12.6/HP-ProCurve/dns.h create mode 100644 libnipper-0.12.6/HP-ProCurve/general.cpp create mode 100644 libnipper-0.12.6/HP-ProCurve/general.h create mode 100644 libnipper-0.12.6/HP-ProCurve/interfaces.cpp create mode 100644 libnipper-0.12.6/HP-ProCurve/interfaces.h create mode 100644 libnipper-0.12.6/HP-ProCurve/snmp-report.cpp create mode 100644 libnipper-0.12.6/HP-ProCurve/snmp.cpp create mode 100644 libnipper-0.12.6/HP-ProCurve/snmp.h create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/all-wcprops create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/entries create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/administration-report.cpp.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/administration.cpp.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/administration.h.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/authentication.cpp.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/authentication.h.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/banner.cpp.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/banner.h.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/dns.cpp.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/dns.h.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/filter.cpp.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/filter.h.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/general.cpp.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/general.h.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/interfaces.cpp.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/interfaces.h.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/snmp.cpp.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/snmp.h.svn-base create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/administration.cpp create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/administration.h create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/authentication.h create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/banner.cpp create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/banner.h create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/device.cpp create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/device.h create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/dns.cpp create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/dns.h create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/filter.cpp create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/filter.h create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/general.cpp create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/general.h create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/interfaces.h create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp create mode 100644 libnipper-0.12.6/Juniper-ScreenOS/snmp.h create mode 100644 libnipper-0.12.6/LICENSE create mode 100644 libnipper-0.12.6/Makefile create mode 100644 libnipper-0.12.6/Nokia-IP/.svn/all-wcprops create mode 100644 libnipper-0.12.6/Nokia-IP/.svn/entries create mode 100644 libnipper-0.12.6/Nokia-IP/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/Nokia-IP/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/Nokia-IP/device.cpp create mode 100644 libnipper-0.12.6/Nokia-IP/device.h create mode 100644 libnipper-0.12.6/Nortel-Passport/.svn/all-wcprops create mode 100644 libnipper-0.12.6/Nortel-Passport/.svn/entries create mode 100644 libnipper-0.12.6/Nortel-Passport/.svn/text-base/administration.cpp.svn-base create mode 100644 libnipper-0.12.6/Nortel-Passport/.svn/text-base/administration.h.svn-base create mode 100644 libnipper-0.12.6/Nortel-Passport/.svn/text-base/banner.cpp.svn-base create mode 100644 libnipper-0.12.6/Nortel-Passport/.svn/text-base/banner.h.svn-base create mode 100644 libnipper-0.12.6/Nortel-Passport/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/Nortel-Passport/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/Nortel-Passport/.svn/text-base/filter.cpp.svn-base create mode 100644 libnipper-0.12.6/Nortel-Passport/.svn/text-base/filter.h.svn-base create mode 100644 libnipper-0.12.6/Nortel-Passport/.svn/text-base/general.cpp.svn-base create mode 100644 libnipper-0.12.6/Nortel-Passport/.svn/text-base/general.h.svn-base create mode 100644 libnipper-0.12.6/Nortel-Passport/.svn/text-base/interfaces.cpp.svn-base create mode 100644 libnipper-0.12.6/Nortel-Passport/.svn/text-base/interfaces.h.svn-base create mode 100644 libnipper-0.12.6/Nortel-Passport/.svn/text-base/snmp.cpp.svn-base create mode 100644 libnipper-0.12.6/Nortel-Passport/.svn/text-base/snmp.h.svn-base create mode 100644 libnipper-0.12.6/Nortel-Passport/administration.cpp create mode 100644 libnipper-0.12.6/Nortel-Passport/administration.h create mode 100644 libnipper-0.12.6/Nortel-Passport/banner.cpp create mode 100644 libnipper-0.12.6/Nortel-Passport/banner.h create mode 100644 libnipper-0.12.6/Nortel-Passport/device.cpp create mode 100644 libnipper-0.12.6/Nortel-Passport/device.h create mode 100644 libnipper-0.12.6/Nortel-Passport/filter.cpp create mode 100644 libnipper-0.12.6/Nortel-Passport/filter.h create mode 100644 libnipper-0.12.6/Nortel-Passport/general.cpp create mode 100644 libnipper-0.12.6/Nortel-Passport/general.h create mode 100644 libnipper-0.12.6/Nortel-Passport/interfaces.cpp create mode 100644 libnipper-0.12.6/Nortel-Passport/interfaces.h create mode 100644 libnipper-0.12.6/Nortel-Passport/snmp.cpp create mode 100644 libnipper-0.12.6/Nortel-Passport/snmp.h create mode 100644 libnipper-0.12.6/Nortel-RoutingSwitch/.svn/all-wcprops create mode 100644 libnipper-0.12.6/Nortel-RoutingSwitch/.svn/entries create mode 100644 libnipper-0.12.6/Nortel-RoutingSwitch/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/Nortel-RoutingSwitch/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp create mode 100644 libnipper-0.12.6/Nortel-RoutingSwitch/device.h create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/.svn/all-wcprops create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/.svn/entries create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/administration-report.cpp.svn-base create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/administration.cpp.svn-base create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/administration.h.svn-base create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/dns.cpp.svn-base create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/dns.h.svn-base create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/filter.cpp.svn-base create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/filter.h.svn-base create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/general.cpp.svn-base create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/general.h.svn-base create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/snmp.cpp.svn-base create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/snmp.h.svn-base create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/administration.h create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/device.cpp create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/device.h create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/dns.h create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/filter.h create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/general.cpp create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/general.h create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp create mode 100644 libnipper-0.12.6/SonicWALL-SonicOS/snmp.h create mode 100644 libnipper-0.12.6/TODO create mode 100644 libnipper-0.12.6/Template-Device/.svn/all-wcprops create mode 100644 libnipper-0.12.6/Template-Device/.svn/entries create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/administration.cpp.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/administration.h.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/authentication.cpp.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/authentication.h.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/banner.cpp.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/banner.h.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/dns.cpp.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/dns.h.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/filter.cpp.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/filter.h.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/general.cpp.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/general.h.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/interfaces.cpp.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/interfaces.h.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/snmp.cpp.svn-base create mode 100644 libnipper-0.12.6/Template-Device/.svn/text-base/snmp.h.svn-base create mode 100644 libnipper-0.12.6/Template-Device/administration.cpp create mode 100644 libnipper-0.12.6/Template-Device/administration.h create mode 100644 libnipper-0.12.6/Template-Device/authentication.cpp create mode 100644 libnipper-0.12.6/Template-Device/authentication.h create mode 100644 libnipper-0.12.6/Template-Device/banner.cpp create mode 100644 libnipper-0.12.6/Template-Device/banner.h create mode 100644 libnipper-0.12.6/Template-Device/device.cpp create mode 100644 libnipper-0.12.6/Template-Device/device.h create mode 100644 libnipper-0.12.6/Template-Device/dns.cpp create mode 100644 libnipper-0.12.6/Template-Device/dns.h create mode 100644 libnipper-0.12.6/Template-Device/filter.cpp create mode 100644 libnipper-0.12.6/Template-Device/filter.h create mode 100644 libnipper-0.12.6/Template-Device/general.cpp create mode 100644 libnipper-0.12.6/Template-Device/general.h create mode 100644 libnipper-0.12.6/Template-Device/interfaces.cpp create mode 100644 libnipper-0.12.6/Template-Device/interfaces.h create mode 100644 libnipper-0.12.6/Template-Device/snmp.cpp create mode 100644 libnipper-0.12.6/Template-Device/snmp.h create mode 100644 libnipper-0.12.6/cmake_install.cmake create mode 100644 libnipper-0.12.6/config.cpp create mode 100644 libnipper-0.12.6/config.h create mode 100644 libnipper-0.12.6/device/.svn/all-wcprops create mode 100644 libnipper-0.12.6/device/.svn/entries create mode 100644 libnipper-0.12.6/device/.svn/text-base/device.cpp.svn-base create mode 100644 libnipper-0.12.6/device/.svn/text-base/device.h.svn-base create mode 100644 libnipper-0.12.6/device/.svn/text-base/errortext.h.svn-base create mode 100644 libnipper-0.12.6/device/administration/.svn/all-wcprops create mode 100644 libnipper-0.12.6/device/administration/.svn/entries create mode 100644 libnipper-0.12.6/device/administration/.svn/text-base/administration-bootp.cpp.svn-base create mode 100644 libnipper-0.12.6/device/administration/.svn/text-base/administration-finger.cpp.svn-base create mode 100644 libnipper-0.12.6/device/administration/.svn/text-base/administration-ftp.cpp.svn-base create mode 100644 libnipper-0.12.6/device/administration/.svn/text-base/administration-general.cpp.svn-base create mode 100644 libnipper-0.12.6/device/administration/.svn/text-base/administration-hosts.cpp.svn-base create mode 100644 libnipper-0.12.6/device/administration/.svn/text-base/administration-http.cpp.svn-base create mode 100644 libnipper-0.12.6/device/administration/.svn/text-base/administration-ssh.cpp.svn-base create mode 100644 libnipper-0.12.6/device/administration/.svn/text-base/administration-telnet.cpp.svn-base create mode 100644 libnipper-0.12.6/device/administration/.svn/text-base/administration-tftp.cpp.svn-base create mode 100644 libnipper-0.12.6/device/administration/.svn/text-base/administration-timeout.cpp.svn-base create mode 100644 libnipper-0.12.6/device/administration/.svn/text-base/administration.cpp.svn-base create mode 100644 libnipper-0.12.6/device/administration/.svn/text-base/administration.h.svn-base create mode 100644 libnipper-0.12.6/device/administration/administration-bootp.cpp create mode 100644 libnipper-0.12.6/device/administration/administration-finger.cpp create mode 100644 libnipper-0.12.6/device/administration/administration-ftp.cpp create mode 100644 libnipper-0.12.6/device/administration/administration-general.cpp create mode 100644 libnipper-0.12.6/device/administration/administration-hosts.cpp create mode 100644 libnipper-0.12.6/device/administration/administration-http.cpp create mode 100644 libnipper-0.12.6/device/administration/administration-ssh.cpp create mode 100644 libnipper-0.12.6/device/administration/administration-telnet.cpp create mode 100644 libnipper-0.12.6/device/administration/administration-tftp.cpp create mode 100644 libnipper-0.12.6/device/administration/administration-timeout.cpp create mode 100644 libnipper-0.12.6/device/administration/administration.cpp create mode 100644 libnipper-0.12.6/device/administration/administration.h create mode 100644 libnipper-0.12.6/device/authentication/.svn/all-wcprops create mode 100644 libnipper-0.12.6/device/authentication/.svn/entries create mode 100644 libnipper-0.12.6/device/authentication/.svn/text-base/authentication-general.cpp.svn-base create mode 100644 libnipper-0.12.6/device/authentication/.svn/text-base/authentication-kerberos.cpp.svn-base create mode 100644 libnipper-0.12.6/device/authentication/.svn/text-base/authentication-ldap.cpp.svn-base create mode 100644 libnipper-0.12.6/device/authentication/.svn/text-base/authentication-nt.cpp.svn-base create mode 100644 libnipper-0.12.6/device/authentication/.svn/text-base/authentication-radius.cpp.svn-base create mode 100644 libnipper-0.12.6/device/authentication/.svn/text-base/authentication-securid.cpp.svn-base create mode 100644 libnipper-0.12.6/device/authentication/.svn/text-base/authentication-tacacs.cpp.svn-base create mode 100644 libnipper-0.12.6/device/authentication/.svn/text-base/authentication-users.cpp.svn-base create mode 100644 libnipper-0.12.6/device/authentication/.svn/text-base/authentication.cpp.svn-base create mode 100644 libnipper-0.12.6/device/authentication/.svn/text-base/authentication.h.svn-base create mode 100644 libnipper-0.12.6/device/authentication/authentication-general.cpp create mode 100644 libnipper-0.12.6/device/authentication/authentication-kerberos.cpp create mode 100644 libnipper-0.12.6/device/authentication/authentication-ldap.cpp create mode 100644 libnipper-0.12.6/device/authentication/authentication-nt.cpp create mode 100644 libnipper-0.12.6/device/authentication/authentication-radius.cpp create mode 100644 libnipper-0.12.6/device/authentication/authentication-securid.cpp create mode 100644 libnipper-0.12.6/device/authentication/authentication-tacacs.cpp create mode 100644 libnipper-0.12.6/device/authentication/authentication-users.cpp create mode 100644 libnipper-0.12.6/device/authentication/authentication.cpp create mode 100644 libnipper-0.12.6/device/authentication/authentication.h create mode 100644 libnipper-0.12.6/device/banner/.svn/all-wcprops create mode 100644 libnipper-0.12.6/device/banner/.svn/entries create mode 100644 libnipper-0.12.6/device/banner/.svn/text-base/banner-report.cpp.svn-base create mode 100644 libnipper-0.12.6/device/banner/.svn/text-base/banner.cpp.svn-base create mode 100644 libnipper-0.12.6/device/banner/.svn/text-base/banner.h.svn-base create mode 100644 libnipper-0.12.6/device/banner/banner-report.cpp create mode 100644 libnipper-0.12.6/device/banner/banner.cpp create mode 100644 libnipper-0.12.6/device/banner/banner.h create mode 100644 libnipper-0.12.6/device/common/.svn/all-wcprops create mode 100644 libnipper-0.12.6/device/common/.svn/entries create mode 100644 libnipper-0.12.6/device/common/.svn/text-base/configline.cpp.svn-base create mode 100644 libnipper-0.12.6/device/common/.svn/text-base/configline.h.svn-base create mode 100644 libnipper-0.12.6/device/common/.svn/text-base/deviceconfig.cpp.svn-base create mode 100644 libnipper-0.12.6/device/common/.svn/text-base/deviceconfig.h.svn-base create mode 100644 libnipper-0.12.6/device/common/.svn/text-base/file.cpp.svn-base create mode 100644 libnipper-0.12.6/device/common/.svn/text-base/misc.cpp.svn-base create mode 100644 libnipper-0.12.6/device/common/.svn/text-base/paragraph.cpp.svn-base create mode 100644 libnipper-0.12.6/device/common/.svn/text-base/passwords.cpp.svn-base create mode 100644 libnipper-0.12.6/device/common/.svn/text-base/tables.cpp.svn-base create mode 100644 libnipper-0.12.6/device/common/configline.cpp create mode 100644 libnipper-0.12.6/device/common/configline.h create mode 100644 libnipper-0.12.6/device/common/deviceconfig.cpp create mode 100644 libnipper-0.12.6/device/common/deviceconfig.h create mode 100644 libnipper-0.12.6/device/common/file.cpp create mode 100644 libnipper-0.12.6/device/common/misc.cpp create mode 100644 libnipper-0.12.6/device/common/paragraph.cpp create mode 100644 libnipper-0.12.6/device/common/passwords.cpp create mode 100644 libnipper-0.12.6/device/common/tables.cpp create mode 100644 libnipper-0.12.6/device/crypto/.svn/all-wcprops create mode 100644 libnipper-0.12.6/device/crypto/.svn/entries create mode 100644 libnipper-0.12.6/device/crypto/.svn/text-base/crypto-base64.cpp.svn-base create mode 100644 libnipper-0.12.6/device/crypto/.svn/text-base/crypto-ciscotype7.cpp.svn-base create mode 100644 libnipper-0.12.6/device/crypto/.svn/text-base/crypto-url.cpp.svn-base create mode 100644 libnipper-0.12.6/device/crypto/crypto-base64.cpp create mode 100644 libnipper-0.12.6/device/crypto/crypto-ciscotype7.cpp create mode 100644 libnipper-0.12.6/device/crypto/crypto-url.cpp create mode 100644 libnipper-0.12.6/device/device.cpp create mode 100644 libnipper-0.12.6/device/device.h create mode 100644 libnipper-0.12.6/device/dns/.svn/all-wcprops create mode 100644 libnipper-0.12.6/device/dns/.svn/entries create mode 100644 libnipper-0.12.6/device/dns/.svn/text-base/dns-report.cpp.svn-base create mode 100644 libnipper-0.12.6/device/dns/.svn/text-base/dns.cpp.svn-base create mode 100644 libnipper-0.12.6/device/dns/.svn/text-base/dns.h.svn-base create mode 100644 libnipper-0.12.6/device/dns/dns-report.cpp create mode 100644 libnipper-0.12.6/device/dns/dns.cpp create mode 100644 libnipper-0.12.6/device/dns/dns.h create mode 100644 libnipper-0.12.6/device/errortext.h create mode 100644 libnipper-0.12.6/device/filter/.svn/all-wcprops create mode 100644 libnipper-0.12.6/device/filter/.svn/entries create mode 100644 libnipper-0.12.6/device/filter/.svn/text-base/filter-filter-report.cpp.svn-base create mode 100644 libnipper-0.12.6/device/filter/.svn/text-base/filter-filter.cpp.svn-base create mode 100644 libnipper-0.12.6/device/filter/.svn/text-base/filter-object-report.cpp.svn-base create mode 100644 libnipper-0.12.6/device/filter/.svn/text-base/filter-object.cpp.svn-base create mode 100644 libnipper-0.12.6/device/filter/.svn/text-base/filter-security-report.cpp.svn-base create mode 100644 libnipper-0.12.6/device/filter/.svn/text-base/filter-security.cpp.svn-base create mode 100644 libnipper-0.12.6/device/filter/.svn/text-base/filter.cpp.svn-base create mode 100644 libnipper-0.12.6/device/filter/.svn/text-base/filter.h.svn-base create mode 100644 libnipper-0.12.6/device/filter/filter-filter-report.cpp create mode 100644 libnipper-0.12.6/device/filter/filter-filter.cpp create mode 100644 libnipper-0.12.6/device/filter/filter-object-report.cpp create mode 100644 libnipper-0.12.6/device/filter/filter-object.cpp create mode 100644 libnipper-0.12.6/device/filter/filter-security-report.cpp create mode 100644 libnipper-0.12.6/device/filter/filter-security.cpp create mode 100644 libnipper-0.12.6/device/filter/filter.cpp create mode 100644 libnipper-0.12.6/device/filter/filter.h create mode 100644 libnipper-0.12.6/device/general/.svn/all-wcprops create mode 100644 libnipper-0.12.6/device/general/.svn/entries create mode 100644 libnipper-0.12.6/device/general/.svn/text-base/general.cpp.svn-base create mode 100644 libnipper-0.12.6/device/general/.svn/text-base/general.h.svn-base create mode 100644 libnipper-0.12.6/device/general/general.cpp create mode 100644 libnipper-0.12.6/device/general/general.h create mode 100644 libnipper-0.12.6/device/interfaces/.svn/all-wcprops create mode 100644 libnipper-0.12.6/device/interfaces/.svn/entries create mode 100644 libnipper-0.12.6/device/interfaces/.svn/text-base/interfaces-interface.cpp.svn-base create mode 100644 libnipper-0.12.6/device/interfaces/.svn/text-base/interfaces-report.cpp.svn-base create mode 100644 libnipper-0.12.6/device/interfaces/.svn/text-base/interfaces-security.cpp.svn-base create mode 100644 libnipper-0.12.6/device/interfaces/.svn/text-base/interfaces.cpp.svn-base create mode 100644 libnipper-0.12.6/device/interfaces/.svn/text-base/interfaces.h.svn-base create mode 100644 libnipper-0.12.6/device/interfaces/interfaces-interface.cpp create mode 100644 libnipper-0.12.6/device/interfaces/interfaces-report.cpp create mode 100644 libnipper-0.12.6/device/interfaces/interfaces-security.cpp create mode 100644 libnipper-0.12.6/device/interfaces/interfaces.cpp create mode 100644 libnipper-0.12.6/device/interfaces/interfaces.h create mode 100644 libnipper-0.12.6/device/reportgen/.svn/all-wcprops create mode 100644 libnipper-0.12.6/device/reportgen/.svn/entries create mode 100644 libnipper-0.12.6/device/reportgen/.svn/text-base/report-abbreviations.cpp.svn-base create mode 100644 libnipper-0.12.6/device/reportgen/.svn/text-base/report-commonports.cpp.svn-base create mode 100644 libnipper-0.12.6/device/reportgen/.svn/text-base/report-icmp.cpp.svn-base create mode 100644 libnipper-0.12.6/device/reportgen/.svn/text-base/report-logginglevels.cpp.svn-base create mode 100644 libnipper-0.12.6/device/reportgen/.svn/text-base/report-misc.cpp.svn-base create mode 100644 libnipper-0.12.6/device/reportgen/.svn/text-base/report-numbering.cpp.svn-base create mode 100644 libnipper-0.12.6/device/reportgen/.svn/text-base/report-protocols.cpp.svn-base create mode 100644 libnipper-0.12.6/device/reportgen/.svn/text-base/report.cpp.svn-base create mode 100644 libnipper-0.12.6/device/reportgen/report-abbreviations.cpp create mode 100644 libnipper-0.12.6/device/reportgen/report-commonports.cpp create mode 100644 libnipper-0.12.6/device/reportgen/report-icmp.cpp create mode 100644 libnipper-0.12.6/device/reportgen/report-logginglevels.cpp create mode 100644 libnipper-0.12.6/device/reportgen/report-misc.cpp create mode 100644 libnipper-0.12.6/device/reportgen/report-numbering.cpp create mode 100644 libnipper-0.12.6/device/reportgen/report-protocols.cpp create mode 100644 libnipper-0.12.6/device/reportgen/report.cpp create mode 100644 libnipper-0.12.6/device/snmp/.svn/all-wcprops create mode 100644 libnipper-0.12.6/device/snmp/.svn/entries create mode 100644 libnipper-0.12.6/device/snmp/.svn/text-base/snmp-community.cpp.svn-base create mode 100644 libnipper-0.12.6/device/snmp/.svn/text-base/snmp-group.cpp.svn-base create mode 100644 libnipper-0.12.6/device/snmp/.svn/text-base/snmp-host.cpp.svn-base create mode 100644 libnipper-0.12.6/device/snmp/.svn/text-base/snmp-misc-issues.cpp.svn-base create mode 100644 libnipper-0.12.6/device/snmp/.svn/text-base/snmp-traps.cpp.svn-base create mode 100644 libnipper-0.12.6/device/snmp/.svn/text-base/snmp-user.cpp.svn-base create mode 100644 libnipper-0.12.6/device/snmp/.svn/text-base/snmp-view.cpp.svn-base create mode 100644 libnipper-0.12.6/device/snmp/.svn/text-base/snmp.cpp.svn-base create mode 100644 libnipper-0.12.6/device/snmp/.svn/text-base/snmp.h.svn-base create mode 100644 libnipper-0.12.6/device/snmp/snmp-community.cpp create mode 100644 libnipper-0.12.6/device/snmp/snmp-group.cpp create mode 100644 libnipper-0.12.6/device/snmp/snmp-host.cpp create mode 100644 libnipper-0.12.6/device/snmp/snmp-misc-issues.cpp create mode 100644 libnipper-0.12.6/device/snmp/snmp-traps.cpp create mode 100644 libnipper-0.12.6/device/snmp/snmp-user.cpp create mode 100644 libnipper-0.12.6/device/snmp/snmp-view.cpp create mode 100644 libnipper-0.12.6/device/snmp/snmp.cpp create mode 100644 libnipper-0.12.6/device/snmp/snmp.h create mode 100644 libnipper-0.12.6/docs/.svn/all-wcprops create mode 100644 libnipper-0.12.6/docs/.svn/entries create mode 100644 libnipper-0.12.6/docs/.svn/text-base/xml.txt.svn-base create mode 100644 libnipper-0.12.6/docs/xml.txt create mode 100644 libnipper-0.12.6/globaldefs.h create mode 100644 libnipper-0.12.6/install_manifest.txt create mode 100644 libnipper-0.12.6/libnipper.cpp create mode 100644 libnipper-0.12.6/libnipper.h create mode 100644 libnipper-0.12.6/man/.svn/all-wcprops create mode 100644 libnipper-0.12.6/man/.svn/entries create mode 100644 libnipper-0.12.6/man/.svn/text-base/nipper.conf.5.svn-base create mode 100644 libnipper-0.12.6/man/nipper.conf.5 create mode 100644 libnipper-0.12.6/nipper.conf create mode 100644 libnipper-0.12.6/nipper.cpp create mode 100644 libnipper-0.12.6/report/.svn/all-wcprops create mode 100644 libnipper-0.12.6/report/.svn/entries create mode 100644 libnipper-0.12.6/report/.svn/text-base/report-contents.cpp.svn-base create mode 100644 libnipper-0.12.6/report/.svn/text-base/report-frontpage.cpp.svn-base create mode 100644 libnipper-0.12.6/report/.svn/text-base/report-functions.cpp.svn-base create mode 100644 libnipper-0.12.6/report/.svn/text-base/report-introduction.cpp.svn-base create mode 100644 libnipper-0.12.6/report/.svn/text-base/report-list.cpp.svn-base create mode 100644 libnipper-0.12.6/report/.svn/text-base/report-section-appendix.cpp.svn-base create mode 100644 libnipper-0.12.6/report/.svn/text-base/report-section-compliance.cpp.svn-base create mode 100644 libnipper-0.12.6/report/.svn/text-base/report-section-config.cpp.svn-base create mode 100644 libnipper-0.12.6/report/.svn/text-base/report-section-security.cpp.svn-base create mode 100644 libnipper-0.12.6/report/.svn/text-base/report-start.cpp.svn-base create mode 100644 libnipper-0.12.6/report/.svn/text-base/report-table.cpp.svn-base create mode 100644 libnipper-0.12.6/report/.svn/text-base/report-text.cpp.svn-base create mode 100644 libnipper-0.12.6/report/.svn/text-base/report-titles.cpp.svn-base create mode 100644 libnipper-0.12.6/report/.svn/text-base/report.cpp.svn-base create mode 100644 libnipper-0.12.6/report/.svn/text-base/report.h.svn-base create mode 100644 libnipper-0.12.6/report/report-contents.cpp create mode 100644 libnipper-0.12.6/report/report-frontpage.cpp create mode 100644 libnipper-0.12.6/report/report-functions.cpp create mode 100644 libnipper-0.12.6/report/report-introduction.cpp create mode 100644 libnipper-0.12.6/report/report-list.cpp create mode 100644 libnipper-0.12.6/report/report-section-appendix.cpp create mode 100644 libnipper-0.12.6/report/report-section-compliance.cpp create mode 100644 libnipper-0.12.6/report/report-section-config.cpp create mode 100644 libnipper-0.12.6/report/report-section-security.cpp create mode 100644 libnipper-0.12.6/report/report-start.cpp create mode 100644 libnipper-0.12.6/report/report-table.cpp create mode 100644 libnipper-0.12.6/report/report-text.cpp create mode 100644 libnipper-0.12.6/report/report-titles.cpp create mode 100644 libnipper-0.12.6/report/report.cpp create mode 100644 libnipper-0.12.6/report/report.h diff --git a/0.11.10/CSS/.svn/all-wcprops b/0.11.10/CSS/.svn/all-wcprops new file mode 100644 index 0000000..b728e56 --- /dev/null +++ b/0.11.10/CSS/.svn/all-wcprops @@ -0,0 +1,71 @@ +K 25 +svn:wc:ra_dav:version-url +V 33 +/svn/!svn/ver/3/trunk/0.11.10/CSS +END +input.c +K 25 +svn:wc:ra_dav:version-url +V 41 +/svn/!svn/ver/3/trunk/0.11.10/CSS/input.c +END +report-debug.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/CSS/report-debug.c +END +report-access-list.c +K 25 +svn:wc:ra_dav:version-url +V 54 +/svn/!svn/ver/3/trunk/0.11.10/CSS/report-access-list.c +END +report-general.c +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/0.11.10/CSS/report-general.c +END +process-access-list.c +K 25 +svn:wc:ra_dav:version-url +V 55 +/svn/!svn/ver/3/trunk/0.11.10/CSS/process-access-list.c +END +report-snmp.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/CSS/report-snmp.c +END +cleanup.c +K 25 +svn:wc:ra_dav:version-url +V 43 +/svn/!svn/ver/3/trunk/0.11.10/CSS/cleanup.c +END +report-restrict.c +K 25 +svn:wc:ra_dav:version-url +V 51 +/svn/!svn/ver/3/trunk/0.11.10/CSS/report-restrict.c +END +process-snmp.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/CSS/process-snmp.c +END +report.c +K 25 +svn:wc:ra_dav:version-url +V 42 +/svn/!svn/ver/3/trunk/0.11.10/CSS/report.c +END +process-restrict.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/CSS/process-restrict.c +END diff --git a/0.11.10/CSS/.svn/entries b/0.11.10/CSS/.svn/entries new file mode 100644 index 0000000..d7abfab --- /dev/null +++ b/0.11.10/CSS/.svn/entries @@ -0,0 +1,402 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/0.11.10/CSS +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +report-general.c +file + + + + +2016-02-13T06:47:11.580156Z +eacbe73f50835378aebc895d23fd89f2 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4692 + +process-access-list.c +file + + + + +2016-02-13T06:47:11.580156Z +2b350546f85d0d1dcd0a7adaa44e3c6f +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +11306 + +report-snmp.c +file + + + + +2016-02-13T06:47:11.580156Z +bb5633b32625c99442900a27371276a3 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6677 + +cleanup.c +file + + + + +2016-02-13T06:47:11.580156Z +0da31716583ce268d54ed7b970444746 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2921 + +report-restrict.c +file + + + + +2016-02-13T06:47:11.580156Z +e61c2888a653aabe78ae77224c2f9fcd +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3601 + +process-snmp.c +file + + + + +2016-02-13T06:47:11.580156Z +51468cff85fa8816575ae3c918f349f5 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6373 + +report.c +file + + + + +2016-02-13T06:47:11.584155Z +761b1552ab20d9aa5ea82541e3415622 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3986 + +process-restrict.c +file + + + + +2016-02-13T06:47:11.584155Z +81e9b1b902d285760b00647596aef7f5 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3408 + +input.c +file + + + + +2016-02-13T06:47:11.580156Z +9998b139a0b78eac067a4c392045f551 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4750 + +report-debug.c +file + + + + +2016-02-13T06:47:11.580156Z +53517799daa0ef6dc860bd60e2b3910a +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4283 + +report-access-list.c +file + + + + +2016-02-13T06:47:11.580156Z +2a2bffec2327bc7312080a52b8049b86 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6092 + diff --git a/0.11.10/CSS/.svn/text-base/cleanup.c.svn-base b/0.11.10/CSS/.svn/text-base/cleanup.c.svn-base new file mode 100644 index 0000000..ae118e2 --- /dev/null +++ b/0.11.10/CSS/.svn/text-base/cleanup.c.svn-base @@ -0,0 +1,59 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void cleanupCSS(struct nipperConfig *nipper) +{ + // Pointers... + struct snmpCSSCommunity *snmpCSSCommunityPointer = 0; + struct snmpCSSHost *snmpCSSHostPointer = 0; + + // SNMP + if (nipper->css->snmp != 0) + { + while (nipper->css->snmp->community != 0) + { + snmpCSSCommunityPointer = nipper->css->snmp->community->next; + free (nipper->css->snmp->community); + nipper->css->snmp->community = snmpCSSCommunityPointer; + } + while (nipper->css->snmp->host != 0) + { + snmpCSSHostPointer = nipper->css->snmp->host->next; + free (nipper->css->snmp->host); + nipper->css->snmp->host = snmpCSSHostPointer; + } + free (nipper->css->snmp); + } + + // Cleanup CSS config + free(nipper->css); +} + diff --git a/0.11.10/CSS/.svn/text-base/input.c.svn-base b/0.11.10/CSS/.svn/text-base/input.c.svn-base new file mode 100644 index 0000000..798d4e1 --- /dev/null +++ b/0.11.10/CSS/.svn/text-base/input.c.svn-base @@ -0,0 +1,118 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct ciscoCSSConfig // Cisco CSS Configuration +{ + // Services + int snmpAccess; // true (default) or false + int ftpAccess; // true (default) or false + int telnetAccess; // true (default) or false + int sshAccess; // true (default) or false + int consoleAccess; // true (default) or false + int webManagementAccess; // true or false (default) + + // Device Settings + int aclEnabled; // true or false (default) + + // Configuration structures + struct snmpCSS *snmp; +}; + + +// Processing CSS includes... +#include "process-access-list.c" +#include "process-restrict.c" +#include "process-snmp.c" + + +void processCSSInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + int setting = 0; + int tempInt = 0; + + // Split the command line up + command = splitLine(line); + + // Init + if (strcmp(command.part[0], "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Version + if ((strcmp(command.part[0], "!Active") == 0) && (strcmp(command.part[1], "version:") == 0)) + { + if (nipper->debugMode == true) + printf("Version Line: %s\n", line); + strncpy(nipper->version, command.part[2] + 2, 2); + nipper->versionMajor = atoi(nipper->version); + strncpy(nipper->version, command.part[2] + 4, 2); + nipper->versionMinor = atoi(nipper->version); + strncpy(nipper->version, command.part[2] + 6, 3); + nipper->versionRevision = atoi(nipper->version); + sprintf(nipper->version, "%d.%d(%d)", nipper->versionMajor, nipper->versionMinor, nipper->versionRevision); + } + + // Name (Config doesn't include a name, this is a little bit of a hack.) + else if ((nipper->hostname[0] == 0) && (strncmp(command.part[0] + strlen(command.part[0]) - 1, "#", 1) == 0) && (strncmp(command.part[1], "sh", 2) == 0) && (strncmp(command.part[2], "run", 3) == 0)) + { + if (nipper->debugMode == true) + printf("Hostname Line: %s\n", line); + strncpy(nipper->hostname, command.part[0], sizeof(nipper->hostname) - 1); + nipper->hostname[strlen(nipper->hostname) - 1] = 0; + } + + // Restrict + else if (strcmp(command.part[tempInt], "restrict") == 0) + processCSSRestrict(line, nipper); + + // SNMP + else if (strcmp(command.part[tempInt], "snmp") == 0) + processCSSSNMP(line, nipper); + + // ACL + else if (strcmp(command.part[tempInt], "acl") == 0) + processCSSACL(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} diff --git a/0.11.10/CSS/.svn/text-base/process-access-list.c.svn-base b/0.11.10/CSS/.svn/text-base/process-access-list.c.svn-base new file mode 100644 index 0000000..bd3c063 --- /dev/null +++ b/0.11.10/CSS/.svn/text-base/process-access-list.c.svn-base @@ -0,0 +1,308 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Access List +void processCSSACL(char *line, struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + int setting = 0; + fpos_t filePosition; + struct filterListConfig *filterListPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterObjectConfig *filterMemberPointer = 0; + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("Access-List Line: %s\n", line); + } + + // Init + command = splitLine(line); + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 2; + } + else + { + setting = true; + tempInt = 1; + } + + // If enabled ... + if (strcmp(command.part[tempInt], "enable") == 0) + nipper->css->aclEnabled = true; + + // If Disabled + else if(strcmp(command.part[tempInt], "disable") == 0) + nipper->css->aclEnabled = false; + + // Else it is a new ACL + else + { + // Create ACL struct + filterListPointer = getFilterList(nipper, command.part[tempInt], "", false); + + // Get the rules... + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (command.parts != 0)) + { + // Debug + if (nipper->debugMode == true) + { + printf("Access-List Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Apply + if (strcmp(command.part[0], "apply") == 0) + strncpy(filterListPointer->applyTo, command.part[1], sizeof(filterListPointer->applyTo) -1); + + // Clause + else if (strcmp(command.part[0], "clause") == 0) + { + tempInt = 1; + + // Create clause rule... + if (filterListPointer->filter == 0) + { + filterListPointer->filter = malloc(sizeof(struct filterConfig)); + filterPointer = filterListPointer->filter; + } + else + { + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + filterPointer->next = malloc(sizeof(struct filterConfig)); + filterPointer = filterPointer->next; + } + + // Init Structure + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->enabled = true; + + // Clause no. + filterPointer->id = atoi(command.part[tempInt]); + tempInt++; + + // Log? + if (strcmp(command.part[tempInt], "log") == 0) + { + tempInt++; + if (strcmp(command.part[tempInt], "enable") == 0) + filterPointer->log = true; + else + filterPointer->log = false; + tempInt++; + } + else + filterPointer->log = false; + + // Bypass / permit / deny + if (strcmp(command.part[tempInt], "bypass") == 0) + filterPointer->action = filter_action_bypass; + else if (strcmp(command.part[tempInt], "permit") == 0) + filterPointer->action = filter_action_accept; + else + filterPointer->action = filter_action_drop; + tempInt++; + + // Protocol + strncpy(filterPointer->protocol, command.part[tempInt], sizeof(filterPointer->protocol) -1); + tempInt++; + + // Source + if (strcasecmp(command.part[tempInt], "nql") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + filterMemberPointer->type = object_type_object; + tempInt++; + } + else if (strcasecmp(command.part[tempInt], "any") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, "Any", object_filter_source); + filterMemberPointer->type = object_type_any; + } + else + { + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + filterMemberPointer->type = object_type_host; + tempInt++; + if ((strcmp(command.part[tempInt], "destination") != 0) && (strcmp(command.part[tempInt], "range") != 0) && (strcmp(command.part[tempInt], "neq") != 0) && (strcmp(command.part[tempInt], "gt") != 0) && (strcmp(command.part[tempInt], "lt") != 0) && (strcmp(command.part[tempInt], "eq") != 0)) + { + strncpy(filterMemberPointer->netMask, command.part[tempInt], sizeof(filterMemberPointer->netMask) - 1); + if (strcmp(filterMemberPointer->netMask, "255.255.255.255") != 0) + filterMemberPointer->type = object_type_network; + tempInt++; + } + } + + // Source port + if (strcmp(command.part[tempInt], "destination") != 0) + { + // Equal... + if (strcmp(command.part[tempInt], "eq") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterMemberPointer->serviceOp = service_oper_eq; + } + + // Less than + else if (strcmp(command.part[tempInt], "lt") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterMemberPointer->serviceOp = service_oper_lt; + } + + // Greater than + else if (strcmp(command.part[tempInt], "gt") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterMemberPointer->serviceOp = service_oper_gt; + } + + // Not equal to... + else if (strcmp(command.part[tempInt], "neq") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterMemberPointer->serviceOp = service_oper_neq; + } + + // Range + else if (strcmp(command.part[tempInt], "range") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterMemberPointer->serviceOp = service_oper_range; + tempInt++; + strncpy(filterMemberPointer->netMask, command.part[tempInt], sizeof(filterMemberPointer->netMask) -1); + } + tempInt++; + } + + // destination + tempInt++; + if (strcasecmp(command.part[tempInt], "nql") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + filterMemberPointer->type = object_type_object; + tempInt++; + } + else if (strcasecmp(command.part[tempInt], "any") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, "Any", object_filter_destination); + filterMemberPointer->type = object_type_any; + } + else + { + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + filterMemberPointer->type = object_type_host; + tempInt++; + if ((tempInt < command.parts) && (strcmp(command.part[tempInt], "prefer") != 0) && (strcmp(command.part[tempInt], "sourcegroup") != 0) && (strcmp(command.part[tempInt], "range") != 0) && (strcmp(command.part[tempInt], "neq") != 0) && (strcmp(command.part[tempInt], "gt") != 0) && (strcmp(command.part[tempInt], "lt") != 0) && (strcmp(command.part[tempInt], "eq") != 0)) + { + strncpy(filterMemberPointer->netMask, command.part[tempInt], sizeof(filterMemberPointer->netMask) -1); + if (strcmp(filterMemberPointer->netMask, "255.255.255.255") != 0) + filterMemberPointer->type = object_type_network; + tempInt++; + } + } + + // Destination port + if ((strcmp(command.part[tempInt], "range") == 0) || (strcmp(command.part[tempInt], "neq") == 0) || (strcmp(command.part[tempInt], "gt") == 0) || (strcmp(command.part[tempInt], "lt") == 0) || (strcmp(command.part[tempInt], "eq") == 0)) + { + // Equal... + if (strcmp(command.part[tempInt], "eq") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterMemberPointer->serviceOp = service_oper_eq; + } + + // Less than + else if (strcmp(command.part[tempInt], "lt") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterMemberPointer->serviceOp = service_oper_lt; + } + + // Greater than + else if (strcmp(command.part[tempInt], "gt") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterMemberPointer->serviceOp = service_oper_gt; + } + + // Not equal to... + else if (strcmp(command.part[tempInt], "neq") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterMemberPointer->serviceOp = service_oper_neq; + } + + // Range + else if (strcmp(command.part[tempInt], "range") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterMemberPointer->serviceOp = service_oper_range; + tempInt++; + strncpy(filterMemberPointer->netMask, command.part[tempInt], sizeof(filterMemberPointer->netMask) -1); + } + } + } + + // Get next + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + + // Set to previous position... + fsetpos(nipper->input, &filePosition); + } +} diff --git a/0.11.10/CSS/.svn/text-base/process-restrict.c.svn-base b/0.11.10/CSS/.svn/text-base/process-restrict.c.svn-base new file mode 100644 index 0000000..bf80d8b --- /dev/null +++ b/0.11.10/CSS/.svn/text-base/process-restrict.c.svn-base @@ -0,0 +1,90 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Restrict +void processCSSRestrict(char *line, struct nipperConfig *nipper) +{ + // Variables + int tempInt = 0; + int setting = 0; + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("Restrict Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // No line? + if (strcmp(command.part[0], "no") == 0) + { + tempInt = 2; + setting = true; + } + else + { + tempInt = 1; + setting = false; + } + + // FTP + if (strcmp(command.part[tempInt], "ftp") == 0) + nipper->css->ftpAccess = setting; + + // Telnet + else if (strcmp(command.part[tempInt], "telnet") == 0) + nipper->css->telnetAccess = setting; + + // SNMP + else if (strcmp(command.part[tempInt], "snmp") == 0) + nipper->css->snmpAccess = setting; + + // SSH + else if (strcmp(command.part[tempInt], "ssh") == 0) + nipper->css->sshAccess = setting; + + // Console + else if (strcmp(command.part[tempInt], "console") == 0) + nipper->css->consoleAccess = setting; + + // Web Management + else if (strcmp(command.part[tempInt], "web-mgmt") == 0) + nipper->css->webManagementAccess = setting; + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} + + diff --git a/0.11.10/CSS/.svn/text-base/process-snmp.c.svn-base b/0.11.10/CSS/.svn/text-base/process-snmp.c.svn-base new file mode 100644 index 0000000..c75de4d --- /dev/null +++ b/0.11.10/CSS/.svn/text-base/process-snmp.c.svn-base @@ -0,0 +1,194 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// SNMP Community +struct snmpCSSCommunity +{ + char community[32]; + int readOnly; + struct snmpCSSCommunity *next; +}; + +// SNMP Host +struct snmpCSSHost +{ + char host[64]; + char community[13]; + int snmpType; // snmp1 (default) or snmp2c + struct snmpCSSHost *next; +}; + + +// SNMP Config +struct snmpCSS +{ + char name[128]; + char contact[128]; + char location[128]; + int reloadEnabled; // true or false (default) + struct snmpCSSCommunity *community; + struct snmpCSSHost *host; +}; + + +// Process SNMP +void processCSSSNMP(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct snmpCSSCommunity *snmpCSSCommunityPointer = 0; + struct snmpCSSHost *snmpCSSHostPointer = 0; + int tempInt = 0; + int setting = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("SNMP Line: %s\n", line); + } + + // Init + command = splitLine(line); + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 2; + } + else + { + setting = true; + tempInt = 1; + } + + // Check to see if SNMP already exists + if (nipper->css->snmp == 0) + { + nipper->css->snmp = malloc(sizeof(struct snmpCSS)); + memset(nipper->css->snmp, 0, sizeof(struct snmpCSS)); + nipper->css->snmp->reloadEnabled = false; + } + + // Community + if (strcmp(command.part[tempInt], "community") == 0) + { + tempInt++; + + // Create Community + if (nipper->css->snmp->community == 0) + { + snmpCSSCommunityPointer = malloc(sizeof(struct snmpCSSCommunity)); + nipper->css->snmp->community = snmpCSSCommunityPointer; + } + else + { + snmpCSSCommunityPointer = nipper->css->snmp->community; + while (snmpCSSCommunityPointer->next != 0) + snmpCSSCommunityPointer = snmpCSSCommunityPointer->next; + snmpCSSCommunityPointer->next = malloc(sizeof(struct snmpCSSCommunity)); + snmpCSSCommunityPointer = snmpCSSCommunityPointer->next; + } + + // Init + memset(snmpCSSCommunityPointer, 0, sizeof(struct snmpCSSCommunity)); + + // Community + strncpy(snmpCSSCommunityPointer->community, command.part[tempInt], sizeof(snmpCSSCommunityPointer->community) -1); + tempInt++; + + // Read / Read+Write + if (strcmp(command.part[tempInt], "read-only") == 0) + snmpCSSCommunityPointer->readOnly = true; + else + snmpCSSCommunityPointer->readOnly = false; + } + + // Contact + else if (strcmp(command.part[tempInt], "contact") == 0) + stripQuotes(command.part[tempInt+1], nipper->css->snmp->contact, sizeof(nipper->css->snmp->contact) -1); + + // Location + else if (strcmp(command.part[tempInt], "location") == 0) + stripQuotes(command.part[tempInt+1], nipper->css->snmp->location, sizeof(nipper->css->snmp->location) -1); + + // Name + else if (strcmp(command.part[tempInt], "name") == 0) + { + stripQuotes(command.part[tempInt+1], nipper->css->snmp->name, sizeof(nipper->css->snmp->name) -1); + if (strlen(nipper->hostname) == 0) + stripQuotes(command.part[tempInt+1], nipper->hostname, sizeof(nipper->hostname) -1); + } + + // Reload Enable + else if (strcmp(command.part[tempInt], "reload-enable") == 0) + nipper->css->snmp->reloadEnabled = setting; + + // Trap Host + else if (strcmp(command.part[tempInt], "trap-host") == 0) + { + tempInt++; + + // Create Host + if (nipper->css->snmp->host == 0) + { + snmpCSSHostPointer = malloc(sizeof(struct snmpCSSHost)); + nipper->css->snmp->host = snmpCSSHostPointer; + } + else + { + snmpCSSHostPointer = nipper->css->snmp->host; + while (snmpCSSHostPointer->next != 0) + snmpCSSHostPointer = snmpCSSHostPointer->next; + snmpCSSHostPointer->next = malloc(sizeof(struct snmpCSSHost)); + snmpCSSHostPointer = snmpCSSHostPointer->next; + } + + // Init + memset(snmpCSSHostPointer, 0, sizeof(struct snmpCSSHost)); + + // Host + strncpy(snmpCSSHostPointer->host, command.part[tempInt], sizeof(snmpCSSHostPointer->host) -1); + tempInt++; + + // Community + strncpy(snmpCSSHostPointer->community, command.part[tempInt], sizeof(snmpCSSHostPointer->community) -1); + tempInt++; + + // SNMP Version + if (strcmp(command.part[tempInt], "snmpv2") == 0) + snmpCSSHostPointer->snmpType = snmp2c; + else + snmpCSSHostPointer->snmpType = snmp1; + } + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} diff --git a/0.11.10/CSS/.svn/text-base/report-access-list.c.svn-base b/0.11.10/CSS/.svn/text-base/report-access-list.c.svn-base new file mode 100644 index 0000000..fa684b1 --- /dev/null +++ b/0.11.10/CSS/.svn/text-base/report-access-list.c.svn-base @@ -0,0 +1,129 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for CSS ACL reporting + +void cssACLIssue(struct nipperConfig *nipper) +{ + // Variables... + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + + if (nipper->filterList == 0) + nipper->aclIssues = -1; + + output_parseText(report_accesslist_css_obs, nipper, section_obs, rate_none, nipper->aclIssues, nipper->tableNum); + + // One Access List issue... + if (nipper->aclIssues == 1) + { + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + reportCommonFilterIssues(nipper, filterListPointer->name, "ACL", "clause", filterPointer, 0, filterListPointer); + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "ACL %s %s", filterListPointer->name, report_accesslist_denylog); + + filterListPointer = filterListPointer->next; + } + output_newPara(nipper); + } + + // More than one issue... + else if (nipper->aclIssues > 1) + { + output_table(nipper, true, report_accesslist_css_table, &report_accesslist_css_heading); + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + reportCommonFilterTableIssues(nipper, filterListPointer->name, filterPointer, 0, filterListPointer); + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "%s%s%sN/A%s%s%s", nipper->tablerow_start, filterListPointer->name, nipper->tablerow_mid, nipper->tablerow_mid, report_accesslist_denylog, nipper->tablerow_end); + + filterListPointer = filterListPointer->next; + } + output_table(nipper, false, report_accesslist_css_table, &report_accesslist_css_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_accesslist_css_impact, nipper, section_imp, rate_med, nipper->aclIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_accesslist_ease, nipper, section_ease, rate_noease, nipper->aclIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_accesslist_rec, nipper, section_rec, rate_none, nipper->aclIssues, nipper->tableNum); + set_aclrec_list(nipper, &report_aclrec_css_heading); + output_list(nipper, &report_aclrec_css_heading); + output_parseText(report_fw1policy_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void cssACLDisabledIssue(struct nipperConfig *nipper) +{ + if (nipper->filterList == 0) + output_parseText(report_accesslist_disabled_css_obs, nipper, section_obs, rate_none, -1, nipper->tableNum); + else + output_parseText(report_accesslist_disabled_css_obs, nipper, section_obs, rate_none, 1, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_accesslist_disabled_css_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_accesslist_ease, nipper, section_ease, rate_noease, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_accesslist_disabled_css_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void cssACLConfig(struct nipperConfig *nipper) +{ + if (nipper->css->aclEnabled == true) + output_parseText(settings_accesslist_css, nipper, section_none, rate_none, 1, 0); + else + output_parseText(settings_accesslist_css, nipper, section_none, rate_none, -1, 0); + + // ACL + reportRules(nipper); +} + diff --git a/0.11.10/CSS/.svn/text-base/report-debug.c.svn-base b/0.11.10/CSS/.svn/text-base/report-debug.c.svn-base new file mode 100644 index 0000000..769cd18 --- /dev/null +++ b/0.11.10/CSS/.svn/text-base/report-debug.c.svn-base @@ -0,0 +1,83 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void reportCSSDebug(struct nipperConfig *nipper) +{ + // Variables + struct snmpCSSCommunity *snmpCSSCommunityPointer = 0; + struct snmpCSSHost *snmpCSSHostPointer = 0; + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf("True or Enabled = %d\n", true); + printf("False or Disabled = %d\n", false); + printf("Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + printf("Hostname: %s\n", nipper->hostname); + printf("IOS Version: %s\n", nipper->version); + printf("IOS Version: %d.%d(%d)\n", nipper->versionMajor, nipper->versionMinor, nipper->versionRevision); + printf("SNMP Access: %d\n", nipper->css->snmpAccess); + printf("FTP Access: %d\n", nipper->css->ftpAccess); + printf("Telnet Access: %d\n", nipper->css->telnetAccess); + printf("SSH Access: %d\n", nipper->css->sshAccess); + printf("Console Access: %d\n", nipper->css->consoleAccess); + printf("Web Management Access: %d\n", nipper->css->webManagementAccess); + printf("ACL Enabled: %d\n", nipper->css->aclEnabled); + + // Filter Rules... + reportRulesDebug(nipper); + + // SNMP + if (nipper->css->snmp != 0) + { + printf("SNMP Host Name: %s\n", nipper->css->snmp->name); + printf("SNMP Contact: %s\n", nipper->css->snmp->contact); + printf("SNMP Location: %s\n", nipper->css->snmp->location); + printf("SNMP Reload Enabled: %d\n", nipper->css->snmp->reloadEnabled); + snmpCSSCommunityPointer = nipper->css->snmp->community; + while (snmpCSSCommunityPointer != 0) + { + printf("SNMP Community: %s\n", snmpCSSCommunityPointer->community); + printf(" Read Only: %d\n", snmpCSSCommunityPointer->readOnly); + snmpCSSCommunityPointer = snmpCSSCommunityPointer->next; + } + snmpCSSHostPointer = nipper->css->snmp->host; + while (snmpCSSHostPointer != 0) + { + printf("SNMP Host: %s\n", snmpCSSHostPointer->host); + printf(" SNMP Community: %s\n", snmpCSSHostPointer->community); + printf(" Host Type: %d\n", snmpCSSHostPointer->snmpType); + snmpCSSHostPointer = snmpCSSHostPointer->next; + } + } +} diff --git a/0.11.10/CSS/.svn/text-base/report-general.c.svn-base b/0.11.10/CSS/.svn/text-base/report-general.c.svn-base new file mode 100644 index 0000000..fa6343f --- /dev/null +++ b/0.11.10/CSS/.svn/text-base/report-general.c.svn-base @@ -0,0 +1,73 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for CSS General reporting + + +void cssGeneralConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_general_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sHostname%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->friendlyHostname, nipper->tablerow_end); + if (nipper->version[0] != 0) + fprintf(nipper->reportFile, "%sCSS Version%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->version, nipper->tablerow_end); + output_table(nipper, false, settings_general_table, &settings_general_heading); + addAbbreviation("CSS", false); +} + + +void cssServicesConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_services_table, &report_services_heading); + if (nipper->css->ftpAccess == true) + fprintf(nipper->reportFile, "%sFTP Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sFTP Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->css->snmpAccess == true) + fprintf(nipper->reportFile, "%sSNMP Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSNMP Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->css->sshAccess == true) + fprintf(nipper->reportFile, "%sSSH Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSSH Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->css->telnetAccess == true) + fprintf(nipper->reportFile, "%sTelnet Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sTelnet Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->css->webManagementAccess == true) + fprintf(nipper->reportFile, "%sWeb Management Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sWeb Management Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_services_table, &report_services_heading); + addAbbreviation("FTP", false); + addAbbreviation("SNMP", false); + addAbbreviation("SSH", false); +} + diff --git a/0.11.10/CSS/.svn/text-base/report-restrict.c.svn-base b/0.11.10/CSS/.svn/text-base/report-restrict.c.svn-base new file mode 100644 index 0000000..5bc3c9e --- /dev/null +++ b/0.11.10/CSS/.svn/text-base/report-restrict.c.svn-base @@ -0,0 +1,71 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for CSS Telnet reporting + +void cssTelnetIssue(struct nipperConfig *nipper) +{ + // Table Pointers + const char *tablerow_start; + const char *tablerow_mid; + const char *tablerow_end; + switch (nipper->outputFormat) + { + case output_html: + tablerow_start = table_html_rowstart; + tablerow_mid = table_html_rowmid; + tablerow_end = table_html_rowend; + break; + case output_xml: + tablerow_start = table_xml_rowstart; + tablerow_mid = table_xml_rowmid; + tablerow_end = table_xml_rowend; + break; + case output_text: + tablerow_start = table_text_rowstart; + tablerow_mid = table_text_rowmid; + tablerow_end = table_text_rowend; + break; + case output_latex: + tablerow_start = table_latex_rowstart; + tablerow_mid = table_latex_rowmid; + tablerow_end = table_latex_rowend; + break; + } + + output_parseText(report_telnet_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_telnet_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_telnet_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_css_telnet_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} diff --git a/0.11.10/CSS/.svn/text-base/report-snmp.c.svn-base b/0.11.10/CSS/.svn/text-base/report-snmp.c.svn-base new file mode 100644 index 0000000..d682418 --- /dev/null +++ b/0.11.10/CSS/.svn/text-base/report-snmp.c.svn-base @@ -0,0 +1,123 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for CSS SNMP reporting + +void cssSNMPIssue(struct nipperConfig *nipper) +{ + output_parseText(settings_snmp_desc, nipper, section_obs, rate_none, 0, nipper->tableNum); + if (nipper->css->snmp != 0) + { + if (nipper->css->snmp->host != 0) + output_parseText(report_snmp_css_obs, nipper, section_none, rate_none, -1, nipper->tableNum); + else + output_parseText(report_snmp_css_obs, nipper, section_none, rate_none, 0, nipper->tableNum); + } + else + output_parseText(report_snmp_css_obs, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_snmp_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_snmp_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + if (nipper->css->snmp != 0) + { + if (nipper->css->snmp->host != 0) + output_parseText(report_snmp_css_rec, nipper, section_rec, rate_none, -1, nipper->tableNum); + else + output_parseText(report_snmp_css_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + } + else + output_parseText(report_snmp_css_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void cssSNMPConfig(struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + struct snmpCSSCommunity *snmpCSSCommunityPointer = 0; + struct snmpCSSHost *snmpCSSHostPointer = 0; + + output_parseText(settings_snmp_desc, nipper, section_none, rate_none, -1, 0); + + // SNMP Settings + output_table(nipper, true, settings_snmp_table, &settings_general_heading); + outputFriendly(nipper->css->snmp->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sHostname%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + outputFriendly(nipper->css->snmp->contact, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sContact%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + outputFriendly(nipper->css->snmp->location, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sLocation%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + if (nipper->css->snmp->reloadEnabled == true) + fprintf(nipper->reportFile, "%sSNMP Device Reload%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSNMP Device Reload%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_snmp_table, &settings_general_heading); + + // SNMP Community + if (nipper->passwords == true) + { + snmpCSSCommunityPointer = nipper->css->snmp->community; + output_table(nipper, true, settings_snmpstring_table, &settings_snmp_css_heading); + while (snmpCSSCommunityPointer != 0) + { + outputFriendly(snmpCSSCommunityPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (snmpCSSCommunityPointer->readOnly) + fprintf(nipper->reportFile, "Read Only%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Read-Write%s", nipper->tablerow_end); + snmpCSSCommunityPointer = snmpCSSCommunityPointer->next; + } + output_table(nipper, false, settings_snmpstring_table, &settings_snmp_css_heading); + } + + snmpCSSHostPointer = nipper->css->snmp->host; + output_table(nipper, true, settings_snmphost_table, &settings_snmphost_heading); + while (snmpCSSHostPointer != 0) + { + outputFriendly(snmpCSSHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (snmpCSSHostPointer->snmpType == snmp1) + fprintf(nipper->reportFile, "SNMP v1"); + else + fprintf(nipper->reportFile, "SNMP v2c"); + if (nipper->passwords == true) + { + outputFriendly(snmpCSSHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, tempString); + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + snmpCSSHostPointer = snmpCSSHostPointer->next; + } + output_table(nipper, false, settings_snmphost_table, &settings_snmphost_heading); +} diff --git a/0.11.10/CSS/.svn/text-base/report.c.svn-base b/0.11.10/CSS/.svn/text-base/report.c.svn-base new file mode 100644 index 0000000..2859958 --- /dev/null +++ b/0.11.10/CSS/.svn/text-base/report.c.svn-base @@ -0,0 +1,78 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for CSS reporting + +// Report CSS includes... +#include "report-access-list.c" +#include "report-debug.c" +#include "report-general.c" +#include "report-restrict.c" +#include "report-snmp.c" + + +void generateCSSReport(struct nipperConfig *nipper) +{ + // Security Issues... + if (nipper->fullReport == true) + { + // SNMP + if (nipper->css->snmpAccess == true) + addReportSection(nipper, section_security, report_snmp_title, report_snmp_context, report_snmp_css_rectext, 10, 8, 5, 3, cssSNMPIssue); + + // Telnet + if (nipper->css->telnetAccess == true) + addReportSection(nipper, section_security, report_telnet_title, report_telnet_context, report_telnet_rectext, 10, 8, 5, 3, cssTelnetIssue); + + // ACL + if (nipper->filterList == 0) + nipper->aclIssues = -1; + else + rulesAudit(nipper); + if (nipper->aclIssues != 0) + addReportSection(nipper, section_security, report_accesslist_title, report_accesslist_context, report_accesslist_rectext, 10, 8, 5, 3, cssACLIssue); + + // ACL Disabled + if (nipper->css->aclEnabled == false) + addReportSection(nipper, section_security, report_accesslist_noacl_title, report_accesslist_noacl_context, report_accesslist_noacl_rectext, 10, 8, 5, 3, cssACLDisabledIssue); + } + + // In Configuration Index + addReportSection(nipper, section_config, settings_general_title, 0, 0, 0, 0, 0, 0, cssGeneralConfig); + addReportSection(nipper, section_config, settings_services_title, 0, 0, 0, 0, 0, 0, cssServicesConfig); + if (nipper->css->snmp != 0) + addReportSection(nipper, section_config, settings_snmp_title, 0, 0, 0, 0, 0, 0, cssSNMPConfig); + addReportSection(nipper, section_config, settings_accesslists_title, 0, 0, 0, 0, 0, 0, cssACLConfig); + + // Generate Report... + generateReport(nipper); +} + + diff --git a/0.11.10/CSS/cleanup.c b/0.11.10/CSS/cleanup.c new file mode 100644 index 0000000..ae118e2 --- /dev/null +++ b/0.11.10/CSS/cleanup.c @@ -0,0 +1,59 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void cleanupCSS(struct nipperConfig *nipper) +{ + // Pointers... + struct snmpCSSCommunity *snmpCSSCommunityPointer = 0; + struct snmpCSSHost *snmpCSSHostPointer = 0; + + // SNMP + if (nipper->css->snmp != 0) + { + while (nipper->css->snmp->community != 0) + { + snmpCSSCommunityPointer = nipper->css->snmp->community->next; + free (nipper->css->snmp->community); + nipper->css->snmp->community = snmpCSSCommunityPointer; + } + while (nipper->css->snmp->host != 0) + { + snmpCSSHostPointer = nipper->css->snmp->host->next; + free (nipper->css->snmp->host); + nipper->css->snmp->host = snmpCSSHostPointer; + } + free (nipper->css->snmp); + } + + // Cleanup CSS config + free(nipper->css); +} + diff --git a/0.11.10/CSS/input.c b/0.11.10/CSS/input.c new file mode 100644 index 0000000..798d4e1 --- /dev/null +++ b/0.11.10/CSS/input.c @@ -0,0 +1,118 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct ciscoCSSConfig // Cisco CSS Configuration +{ + // Services + int snmpAccess; // true (default) or false + int ftpAccess; // true (default) or false + int telnetAccess; // true (default) or false + int sshAccess; // true (default) or false + int consoleAccess; // true (default) or false + int webManagementAccess; // true or false (default) + + // Device Settings + int aclEnabled; // true or false (default) + + // Configuration structures + struct snmpCSS *snmp; +}; + + +// Processing CSS includes... +#include "process-access-list.c" +#include "process-restrict.c" +#include "process-snmp.c" + + +void processCSSInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + int setting = 0; + int tempInt = 0; + + // Split the command line up + command = splitLine(line); + + // Init + if (strcmp(command.part[0], "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Version + if ((strcmp(command.part[0], "!Active") == 0) && (strcmp(command.part[1], "version:") == 0)) + { + if (nipper->debugMode == true) + printf("Version Line: %s\n", line); + strncpy(nipper->version, command.part[2] + 2, 2); + nipper->versionMajor = atoi(nipper->version); + strncpy(nipper->version, command.part[2] + 4, 2); + nipper->versionMinor = atoi(nipper->version); + strncpy(nipper->version, command.part[2] + 6, 3); + nipper->versionRevision = atoi(nipper->version); + sprintf(nipper->version, "%d.%d(%d)", nipper->versionMajor, nipper->versionMinor, nipper->versionRevision); + } + + // Name (Config doesn't include a name, this is a little bit of a hack.) + else if ((nipper->hostname[0] == 0) && (strncmp(command.part[0] + strlen(command.part[0]) - 1, "#", 1) == 0) && (strncmp(command.part[1], "sh", 2) == 0) && (strncmp(command.part[2], "run", 3) == 0)) + { + if (nipper->debugMode == true) + printf("Hostname Line: %s\n", line); + strncpy(nipper->hostname, command.part[0], sizeof(nipper->hostname) - 1); + nipper->hostname[strlen(nipper->hostname) - 1] = 0; + } + + // Restrict + else if (strcmp(command.part[tempInt], "restrict") == 0) + processCSSRestrict(line, nipper); + + // SNMP + else if (strcmp(command.part[tempInt], "snmp") == 0) + processCSSSNMP(line, nipper); + + // ACL + else if (strcmp(command.part[tempInt], "acl") == 0) + processCSSACL(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} diff --git a/0.11.10/CSS/process-access-list.c b/0.11.10/CSS/process-access-list.c new file mode 100644 index 0000000..bd3c063 --- /dev/null +++ b/0.11.10/CSS/process-access-list.c @@ -0,0 +1,308 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Access List +void processCSSACL(char *line, struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + int setting = 0; + fpos_t filePosition; + struct filterListConfig *filterListPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterObjectConfig *filterMemberPointer = 0; + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("Access-List Line: %s\n", line); + } + + // Init + command = splitLine(line); + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 2; + } + else + { + setting = true; + tempInt = 1; + } + + // If enabled ... + if (strcmp(command.part[tempInt], "enable") == 0) + nipper->css->aclEnabled = true; + + // If Disabled + else if(strcmp(command.part[tempInt], "disable") == 0) + nipper->css->aclEnabled = false; + + // Else it is a new ACL + else + { + // Create ACL struct + filterListPointer = getFilterList(nipper, command.part[tempInt], "", false); + + // Get the rules... + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (command.parts != 0)) + { + // Debug + if (nipper->debugMode == true) + { + printf("Access-List Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Apply + if (strcmp(command.part[0], "apply") == 0) + strncpy(filterListPointer->applyTo, command.part[1], sizeof(filterListPointer->applyTo) -1); + + // Clause + else if (strcmp(command.part[0], "clause") == 0) + { + tempInt = 1; + + // Create clause rule... + if (filterListPointer->filter == 0) + { + filterListPointer->filter = malloc(sizeof(struct filterConfig)); + filterPointer = filterListPointer->filter; + } + else + { + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + filterPointer->next = malloc(sizeof(struct filterConfig)); + filterPointer = filterPointer->next; + } + + // Init Structure + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->enabled = true; + + // Clause no. + filterPointer->id = atoi(command.part[tempInt]); + tempInt++; + + // Log? + if (strcmp(command.part[tempInt], "log") == 0) + { + tempInt++; + if (strcmp(command.part[tempInt], "enable") == 0) + filterPointer->log = true; + else + filterPointer->log = false; + tempInt++; + } + else + filterPointer->log = false; + + // Bypass / permit / deny + if (strcmp(command.part[tempInt], "bypass") == 0) + filterPointer->action = filter_action_bypass; + else if (strcmp(command.part[tempInt], "permit") == 0) + filterPointer->action = filter_action_accept; + else + filterPointer->action = filter_action_drop; + tempInt++; + + // Protocol + strncpy(filterPointer->protocol, command.part[tempInt], sizeof(filterPointer->protocol) -1); + tempInt++; + + // Source + if (strcasecmp(command.part[tempInt], "nql") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + filterMemberPointer->type = object_type_object; + tempInt++; + } + else if (strcasecmp(command.part[tempInt], "any") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, "Any", object_filter_source); + filterMemberPointer->type = object_type_any; + } + else + { + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + filterMemberPointer->type = object_type_host; + tempInt++; + if ((strcmp(command.part[tempInt], "destination") != 0) && (strcmp(command.part[tempInt], "range") != 0) && (strcmp(command.part[tempInt], "neq") != 0) && (strcmp(command.part[tempInt], "gt") != 0) && (strcmp(command.part[tempInt], "lt") != 0) && (strcmp(command.part[tempInt], "eq") != 0)) + { + strncpy(filterMemberPointer->netMask, command.part[tempInt], sizeof(filterMemberPointer->netMask) - 1); + if (strcmp(filterMemberPointer->netMask, "255.255.255.255") != 0) + filterMemberPointer->type = object_type_network; + tempInt++; + } + } + + // Source port + if (strcmp(command.part[tempInt], "destination") != 0) + { + // Equal... + if (strcmp(command.part[tempInt], "eq") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterMemberPointer->serviceOp = service_oper_eq; + } + + // Less than + else if (strcmp(command.part[tempInt], "lt") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterMemberPointer->serviceOp = service_oper_lt; + } + + // Greater than + else if (strcmp(command.part[tempInt], "gt") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterMemberPointer->serviceOp = service_oper_gt; + } + + // Not equal to... + else if (strcmp(command.part[tempInt], "neq") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterMemberPointer->serviceOp = service_oper_neq; + } + + // Range + else if (strcmp(command.part[tempInt], "range") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterMemberPointer->serviceOp = service_oper_range; + tempInt++; + strncpy(filterMemberPointer->netMask, command.part[tempInt], sizeof(filterMemberPointer->netMask) -1); + } + tempInt++; + } + + // destination + tempInt++; + if (strcasecmp(command.part[tempInt], "nql") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + filterMemberPointer->type = object_type_object; + tempInt++; + } + else if (strcasecmp(command.part[tempInt], "any") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, "Any", object_filter_destination); + filterMemberPointer->type = object_type_any; + } + else + { + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + filterMemberPointer->type = object_type_host; + tempInt++; + if ((tempInt < command.parts) && (strcmp(command.part[tempInt], "prefer") != 0) && (strcmp(command.part[tempInt], "sourcegroup") != 0) && (strcmp(command.part[tempInt], "range") != 0) && (strcmp(command.part[tempInt], "neq") != 0) && (strcmp(command.part[tempInt], "gt") != 0) && (strcmp(command.part[tempInt], "lt") != 0) && (strcmp(command.part[tempInt], "eq") != 0)) + { + strncpy(filterMemberPointer->netMask, command.part[tempInt], sizeof(filterMemberPointer->netMask) -1); + if (strcmp(filterMemberPointer->netMask, "255.255.255.255") != 0) + filterMemberPointer->type = object_type_network; + tempInt++; + } + } + + // Destination port + if ((strcmp(command.part[tempInt], "range") == 0) || (strcmp(command.part[tempInt], "neq") == 0) || (strcmp(command.part[tempInt], "gt") == 0) || (strcmp(command.part[tempInt], "lt") == 0) || (strcmp(command.part[tempInt], "eq") == 0)) + { + // Equal... + if (strcmp(command.part[tempInt], "eq") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterMemberPointer->serviceOp = service_oper_eq; + } + + // Less than + else if (strcmp(command.part[tempInt], "lt") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterMemberPointer->serviceOp = service_oper_lt; + } + + // Greater than + else if (strcmp(command.part[tempInt], "gt") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterMemberPointer->serviceOp = service_oper_gt; + } + + // Not equal to... + else if (strcmp(command.part[tempInt], "neq") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterMemberPointer->serviceOp = service_oper_neq; + } + + // Range + else if (strcmp(command.part[tempInt], "range") == 0) + { + tempInt++; + filterMemberPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterMemberPointer->serviceOp = service_oper_range; + tempInt++; + strncpy(filterMemberPointer->netMask, command.part[tempInt], sizeof(filterMemberPointer->netMask) -1); + } + } + } + + // Get next + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + + // Set to previous position... + fsetpos(nipper->input, &filePosition); + } +} diff --git a/0.11.10/CSS/process-restrict.c b/0.11.10/CSS/process-restrict.c new file mode 100644 index 0000000..bf80d8b --- /dev/null +++ b/0.11.10/CSS/process-restrict.c @@ -0,0 +1,90 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Restrict +void processCSSRestrict(char *line, struct nipperConfig *nipper) +{ + // Variables + int tempInt = 0; + int setting = 0; + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("Restrict Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // No line? + if (strcmp(command.part[0], "no") == 0) + { + tempInt = 2; + setting = true; + } + else + { + tempInt = 1; + setting = false; + } + + // FTP + if (strcmp(command.part[tempInt], "ftp") == 0) + nipper->css->ftpAccess = setting; + + // Telnet + else if (strcmp(command.part[tempInt], "telnet") == 0) + nipper->css->telnetAccess = setting; + + // SNMP + else if (strcmp(command.part[tempInt], "snmp") == 0) + nipper->css->snmpAccess = setting; + + // SSH + else if (strcmp(command.part[tempInt], "ssh") == 0) + nipper->css->sshAccess = setting; + + // Console + else if (strcmp(command.part[tempInt], "console") == 0) + nipper->css->consoleAccess = setting; + + // Web Management + else if (strcmp(command.part[tempInt], "web-mgmt") == 0) + nipper->css->webManagementAccess = setting; + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} + + diff --git a/0.11.10/CSS/process-snmp.c b/0.11.10/CSS/process-snmp.c new file mode 100644 index 0000000..c75de4d --- /dev/null +++ b/0.11.10/CSS/process-snmp.c @@ -0,0 +1,194 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// SNMP Community +struct snmpCSSCommunity +{ + char community[32]; + int readOnly; + struct snmpCSSCommunity *next; +}; + +// SNMP Host +struct snmpCSSHost +{ + char host[64]; + char community[13]; + int snmpType; // snmp1 (default) or snmp2c + struct snmpCSSHost *next; +}; + + +// SNMP Config +struct snmpCSS +{ + char name[128]; + char contact[128]; + char location[128]; + int reloadEnabled; // true or false (default) + struct snmpCSSCommunity *community; + struct snmpCSSHost *host; +}; + + +// Process SNMP +void processCSSSNMP(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct snmpCSSCommunity *snmpCSSCommunityPointer = 0; + struct snmpCSSHost *snmpCSSHostPointer = 0; + int tempInt = 0; + int setting = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("SNMP Line: %s\n", line); + } + + // Init + command = splitLine(line); + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 2; + } + else + { + setting = true; + tempInt = 1; + } + + // Check to see if SNMP already exists + if (nipper->css->snmp == 0) + { + nipper->css->snmp = malloc(sizeof(struct snmpCSS)); + memset(nipper->css->snmp, 0, sizeof(struct snmpCSS)); + nipper->css->snmp->reloadEnabled = false; + } + + // Community + if (strcmp(command.part[tempInt], "community") == 0) + { + tempInt++; + + // Create Community + if (nipper->css->snmp->community == 0) + { + snmpCSSCommunityPointer = malloc(sizeof(struct snmpCSSCommunity)); + nipper->css->snmp->community = snmpCSSCommunityPointer; + } + else + { + snmpCSSCommunityPointer = nipper->css->snmp->community; + while (snmpCSSCommunityPointer->next != 0) + snmpCSSCommunityPointer = snmpCSSCommunityPointer->next; + snmpCSSCommunityPointer->next = malloc(sizeof(struct snmpCSSCommunity)); + snmpCSSCommunityPointer = snmpCSSCommunityPointer->next; + } + + // Init + memset(snmpCSSCommunityPointer, 0, sizeof(struct snmpCSSCommunity)); + + // Community + strncpy(snmpCSSCommunityPointer->community, command.part[tempInt], sizeof(snmpCSSCommunityPointer->community) -1); + tempInt++; + + // Read / Read+Write + if (strcmp(command.part[tempInt], "read-only") == 0) + snmpCSSCommunityPointer->readOnly = true; + else + snmpCSSCommunityPointer->readOnly = false; + } + + // Contact + else if (strcmp(command.part[tempInt], "contact") == 0) + stripQuotes(command.part[tempInt+1], nipper->css->snmp->contact, sizeof(nipper->css->snmp->contact) -1); + + // Location + else if (strcmp(command.part[tempInt], "location") == 0) + stripQuotes(command.part[tempInt+1], nipper->css->snmp->location, sizeof(nipper->css->snmp->location) -1); + + // Name + else if (strcmp(command.part[tempInt], "name") == 0) + { + stripQuotes(command.part[tempInt+1], nipper->css->snmp->name, sizeof(nipper->css->snmp->name) -1); + if (strlen(nipper->hostname) == 0) + stripQuotes(command.part[tempInt+1], nipper->hostname, sizeof(nipper->hostname) -1); + } + + // Reload Enable + else if (strcmp(command.part[tempInt], "reload-enable") == 0) + nipper->css->snmp->reloadEnabled = setting; + + // Trap Host + else if (strcmp(command.part[tempInt], "trap-host") == 0) + { + tempInt++; + + // Create Host + if (nipper->css->snmp->host == 0) + { + snmpCSSHostPointer = malloc(sizeof(struct snmpCSSHost)); + nipper->css->snmp->host = snmpCSSHostPointer; + } + else + { + snmpCSSHostPointer = nipper->css->snmp->host; + while (snmpCSSHostPointer->next != 0) + snmpCSSHostPointer = snmpCSSHostPointer->next; + snmpCSSHostPointer->next = malloc(sizeof(struct snmpCSSHost)); + snmpCSSHostPointer = snmpCSSHostPointer->next; + } + + // Init + memset(snmpCSSHostPointer, 0, sizeof(struct snmpCSSHost)); + + // Host + strncpy(snmpCSSHostPointer->host, command.part[tempInt], sizeof(snmpCSSHostPointer->host) -1); + tempInt++; + + // Community + strncpy(snmpCSSHostPointer->community, command.part[tempInt], sizeof(snmpCSSHostPointer->community) -1); + tempInt++; + + // SNMP Version + if (strcmp(command.part[tempInt], "snmpv2") == 0) + snmpCSSHostPointer->snmpType = snmp2c; + else + snmpCSSHostPointer->snmpType = snmp1; + } + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} diff --git a/0.11.10/CSS/report-access-list.c b/0.11.10/CSS/report-access-list.c new file mode 100644 index 0000000..fa684b1 --- /dev/null +++ b/0.11.10/CSS/report-access-list.c @@ -0,0 +1,129 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for CSS ACL reporting + +void cssACLIssue(struct nipperConfig *nipper) +{ + // Variables... + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + + if (nipper->filterList == 0) + nipper->aclIssues = -1; + + output_parseText(report_accesslist_css_obs, nipper, section_obs, rate_none, nipper->aclIssues, nipper->tableNum); + + // One Access List issue... + if (nipper->aclIssues == 1) + { + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + reportCommonFilterIssues(nipper, filterListPointer->name, "ACL", "clause", filterPointer, 0, filterListPointer); + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "ACL %s %s", filterListPointer->name, report_accesslist_denylog); + + filterListPointer = filterListPointer->next; + } + output_newPara(nipper); + } + + // More than one issue... + else if (nipper->aclIssues > 1) + { + output_table(nipper, true, report_accesslist_css_table, &report_accesslist_css_heading); + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + reportCommonFilterTableIssues(nipper, filterListPointer->name, filterPointer, 0, filterListPointer); + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "%s%s%sN/A%s%s%s", nipper->tablerow_start, filterListPointer->name, nipper->tablerow_mid, nipper->tablerow_mid, report_accesslist_denylog, nipper->tablerow_end); + + filterListPointer = filterListPointer->next; + } + output_table(nipper, false, report_accesslist_css_table, &report_accesslist_css_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_accesslist_css_impact, nipper, section_imp, rate_med, nipper->aclIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_accesslist_ease, nipper, section_ease, rate_noease, nipper->aclIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_accesslist_rec, nipper, section_rec, rate_none, nipper->aclIssues, nipper->tableNum); + set_aclrec_list(nipper, &report_aclrec_css_heading); + output_list(nipper, &report_aclrec_css_heading); + output_parseText(report_fw1policy_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void cssACLDisabledIssue(struct nipperConfig *nipper) +{ + if (nipper->filterList == 0) + output_parseText(report_accesslist_disabled_css_obs, nipper, section_obs, rate_none, -1, nipper->tableNum); + else + output_parseText(report_accesslist_disabled_css_obs, nipper, section_obs, rate_none, 1, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_accesslist_disabled_css_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_accesslist_ease, nipper, section_ease, rate_noease, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_accesslist_disabled_css_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void cssACLConfig(struct nipperConfig *nipper) +{ + if (nipper->css->aclEnabled == true) + output_parseText(settings_accesslist_css, nipper, section_none, rate_none, 1, 0); + else + output_parseText(settings_accesslist_css, nipper, section_none, rate_none, -1, 0); + + // ACL + reportRules(nipper); +} + diff --git a/0.11.10/CSS/report-debug.c b/0.11.10/CSS/report-debug.c new file mode 100644 index 0000000..769cd18 --- /dev/null +++ b/0.11.10/CSS/report-debug.c @@ -0,0 +1,83 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void reportCSSDebug(struct nipperConfig *nipper) +{ + // Variables + struct snmpCSSCommunity *snmpCSSCommunityPointer = 0; + struct snmpCSSHost *snmpCSSHostPointer = 0; + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf("True or Enabled = %d\n", true); + printf("False or Disabled = %d\n", false); + printf("Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + printf("Hostname: %s\n", nipper->hostname); + printf("IOS Version: %s\n", nipper->version); + printf("IOS Version: %d.%d(%d)\n", nipper->versionMajor, nipper->versionMinor, nipper->versionRevision); + printf("SNMP Access: %d\n", nipper->css->snmpAccess); + printf("FTP Access: %d\n", nipper->css->ftpAccess); + printf("Telnet Access: %d\n", nipper->css->telnetAccess); + printf("SSH Access: %d\n", nipper->css->sshAccess); + printf("Console Access: %d\n", nipper->css->consoleAccess); + printf("Web Management Access: %d\n", nipper->css->webManagementAccess); + printf("ACL Enabled: %d\n", nipper->css->aclEnabled); + + // Filter Rules... + reportRulesDebug(nipper); + + // SNMP + if (nipper->css->snmp != 0) + { + printf("SNMP Host Name: %s\n", nipper->css->snmp->name); + printf("SNMP Contact: %s\n", nipper->css->snmp->contact); + printf("SNMP Location: %s\n", nipper->css->snmp->location); + printf("SNMP Reload Enabled: %d\n", nipper->css->snmp->reloadEnabled); + snmpCSSCommunityPointer = nipper->css->snmp->community; + while (snmpCSSCommunityPointer != 0) + { + printf("SNMP Community: %s\n", snmpCSSCommunityPointer->community); + printf(" Read Only: %d\n", snmpCSSCommunityPointer->readOnly); + snmpCSSCommunityPointer = snmpCSSCommunityPointer->next; + } + snmpCSSHostPointer = nipper->css->snmp->host; + while (snmpCSSHostPointer != 0) + { + printf("SNMP Host: %s\n", snmpCSSHostPointer->host); + printf(" SNMP Community: %s\n", snmpCSSHostPointer->community); + printf(" Host Type: %d\n", snmpCSSHostPointer->snmpType); + snmpCSSHostPointer = snmpCSSHostPointer->next; + } + } +} diff --git a/0.11.10/CSS/report-general.c b/0.11.10/CSS/report-general.c new file mode 100644 index 0000000..fa6343f --- /dev/null +++ b/0.11.10/CSS/report-general.c @@ -0,0 +1,73 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for CSS General reporting + + +void cssGeneralConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_general_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sHostname%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->friendlyHostname, nipper->tablerow_end); + if (nipper->version[0] != 0) + fprintf(nipper->reportFile, "%sCSS Version%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->version, nipper->tablerow_end); + output_table(nipper, false, settings_general_table, &settings_general_heading); + addAbbreviation("CSS", false); +} + + +void cssServicesConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_services_table, &report_services_heading); + if (nipper->css->ftpAccess == true) + fprintf(nipper->reportFile, "%sFTP Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sFTP Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->css->snmpAccess == true) + fprintf(nipper->reportFile, "%sSNMP Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSNMP Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->css->sshAccess == true) + fprintf(nipper->reportFile, "%sSSH Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSSH Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->css->telnetAccess == true) + fprintf(nipper->reportFile, "%sTelnet Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sTelnet Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->css->webManagementAccess == true) + fprintf(nipper->reportFile, "%sWeb Management Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sWeb Management Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_services_table, &report_services_heading); + addAbbreviation("FTP", false); + addAbbreviation("SNMP", false); + addAbbreviation("SSH", false); +} + diff --git a/0.11.10/CSS/report-restrict.c b/0.11.10/CSS/report-restrict.c new file mode 100644 index 0000000..5bc3c9e --- /dev/null +++ b/0.11.10/CSS/report-restrict.c @@ -0,0 +1,71 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for CSS Telnet reporting + +void cssTelnetIssue(struct nipperConfig *nipper) +{ + // Table Pointers + const char *tablerow_start; + const char *tablerow_mid; + const char *tablerow_end; + switch (nipper->outputFormat) + { + case output_html: + tablerow_start = table_html_rowstart; + tablerow_mid = table_html_rowmid; + tablerow_end = table_html_rowend; + break; + case output_xml: + tablerow_start = table_xml_rowstart; + tablerow_mid = table_xml_rowmid; + tablerow_end = table_xml_rowend; + break; + case output_text: + tablerow_start = table_text_rowstart; + tablerow_mid = table_text_rowmid; + tablerow_end = table_text_rowend; + break; + case output_latex: + tablerow_start = table_latex_rowstart; + tablerow_mid = table_latex_rowmid; + tablerow_end = table_latex_rowend; + break; + } + + output_parseText(report_telnet_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_telnet_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_telnet_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_css_telnet_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} diff --git a/0.11.10/CSS/report-snmp.c b/0.11.10/CSS/report-snmp.c new file mode 100644 index 0000000..d682418 --- /dev/null +++ b/0.11.10/CSS/report-snmp.c @@ -0,0 +1,123 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for CSS SNMP reporting + +void cssSNMPIssue(struct nipperConfig *nipper) +{ + output_parseText(settings_snmp_desc, nipper, section_obs, rate_none, 0, nipper->tableNum); + if (nipper->css->snmp != 0) + { + if (nipper->css->snmp->host != 0) + output_parseText(report_snmp_css_obs, nipper, section_none, rate_none, -1, nipper->tableNum); + else + output_parseText(report_snmp_css_obs, nipper, section_none, rate_none, 0, nipper->tableNum); + } + else + output_parseText(report_snmp_css_obs, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_snmp_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_snmp_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + if (nipper->css->snmp != 0) + { + if (nipper->css->snmp->host != 0) + output_parseText(report_snmp_css_rec, nipper, section_rec, rate_none, -1, nipper->tableNum); + else + output_parseText(report_snmp_css_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + } + else + output_parseText(report_snmp_css_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void cssSNMPConfig(struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + struct snmpCSSCommunity *snmpCSSCommunityPointer = 0; + struct snmpCSSHost *snmpCSSHostPointer = 0; + + output_parseText(settings_snmp_desc, nipper, section_none, rate_none, -1, 0); + + // SNMP Settings + output_table(nipper, true, settings_snmp_table, &settings_general_heading); + outputFriendly(nipper->css->snmp->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sHostname%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + outputFriendly(nipper->css->snmp->contact, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sContact%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + outputFriendly(nipper->css->snmp->location, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sLocation%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + if (nipper->css->snmp->reloadEnabled == true) + fprintf(nipper->reportFile, "%sSNMP Device Reload%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSNMP Device Reload%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_snmp_table, &settings_general_heading); + + // SNMP Community + if (nipper->passwords == true) + { + snmpCSSCommunityPointer = nipper->css->snmp->community; + output_table(nipper, true, settings_snmpstring_table, &settings_snmp_css_heading); + while (snmpCSSCommunityPointer != 0) + { + outputFriendly(snmpCSSCommunityPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (snmpCSSCommunityPointer->readOnly) + fprintf(nipper->reportFile, "Read Only%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Read-Write%s", nipper->tablerow_end); + snmpCSSCommunityPointer = snmpCSSCommunityPointer->next; + } + output_table(nipper, false, settings_snmpstring_table, &settings_snmp_css_heading); + } + + snmpCSSHostPointer = nipper->css->snmp->host; + output_table(nipper, true, settings_snmphost_table, &settings_snmphost_heading); + while (snmpCSSHostPointer != 0) + { + outputFriendly(snmpCSSHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (snmpCSSHostPointer->snmpType == snmp1) + fprintf(nipper->reportFile, "SNMP v1"); + else + fprintf(nipper->reportFile, "SNMP v2c"); + if (nipper->passwords == true) + { + outputFriendly(snmpCSSHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, tempString); + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + snmpCSSHostPointer = snmpCSSHostPointer->next; + } + output_table(nipper, false, settings_snmphost_table, &settings_snmphost_heading); +} diff --git a/0.11.10/CSS/report.c b/0.11.10/CSS/report.c new file mode 100644 index 0000000..2859958 --- /dev/null +++ b/0.11.10/CSS/report.c @@ -0,0 +1,78 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for CSS reporting + +// Report CSS includes... +#include "report-access-list.c" +#include "report-debug.c" +#include "report-general.c" +#include "report-restrict.c" +#include "report-snmp.c" + + +void generateCSSReport(struct nipperConfig *nipper) +{ + // Security Issues... + if (nipper->fullReport == true) + { + // SNMP + if (nipper->css->snmpAccess == true) + addReportSection(nipper, section_security, report_snmp_title, report_snmp_context, report_snmp_css_rectext, 10, 8, 5, 3, cssSNMPIssue); + + // Telnet + if (nipper->css->telnetAccess == true) + addReportSection(nipper, section_security, report_telnet_title, report_telnet_context, report_telnet_rectext, 10, 8, 5, 3, cssTelnetIssue); + + // ACL + if (nipper->filterList == 0) + nipper->aclIssues = -1; + else + rulesAudit(nipper); + if (nipper->aclIssues != 0) + addReportSection(nipper, section_security, report_accesslist_title, report_accesslist_context, report_accesslist_rectext, 10, 8, 5, 3, cssACLIssue); + + // ACL Disabled + if (nipper->css->aclEnabled == false) + addReportSection(nipper, section_security, report_accesslist_noacl_title, report_accesslist_noacl_context, report_accesslist_noacl_rectext, 10, 8, 5, 3, cssACLDisabledIssue); + } + + // In Configuration Index + addReportSection(nipper, section_config, settings_general_title, 0, 0, 0, 0, 0, 0, cssGeneralConfig); + addReportSection(nipper, section_config, settings_services_title, 0, 0, 0, 0, 0, 0, cssServicesConfig); + if (nipper->css->snmp != 0) + addReportSection(nipper, section_config, settings_snmp_title, 0, 0, 0, 0, 0, 0, cssSNMPConfig); + addReportSection(nipper, section_config, settings_accesslists_title, 0, 0, 0, 0, 0, 0, cssACLConfig); + + // Generate Report... + generateReport(nipper); +} + + diff --git a/0.11.10/Changelog b/0.11.10/Changelog new file mode 100644 index 0000000..0102fc0 --- /dev/null +++ b/0.11.10/Changelog @@ -0,0 +1,1167 @@ +Changelog +========= + +Version: 0.11.10 +Date : 15/08/2008 +Author : Ian Ventura-Whiting +Changes: The following changes have been made to this + version: + > Minor tweak to Passport filter processing. + > Fixed a processing issue with Passport source + port options. + > Fixed XML issue with a particular OSPF issue + reporting without a closing tag. + > Fixed default IOS Telnet service issue. + +Version: 0.11.9 +Date : 23/07/2008 +Author : Ian Ventura-Whiting +Thanks : Erwin Paternotte + ADR & Monstro + MooMaunder +Changes: The following changes have been made to this + version: + > Cisco PIX/ASA/FWSM uRPF Fix (Ref. 14) + > Cisco IOS/PIX/ASA/FWSM Version Bug Fix + > Fixed file buffering issue on Windows. + +Version: 0.11.8 +Date : 08/06/2008 +Author : Ian Ventura-Whiting +Changes: The following changes have been made to this + version: + > Misc minor internal updates. + > Stripped quotes from CSS SNMP entries. + > Improved hostname collection for CSS devices. + > Improved CheckPoint file identification. + > Improved the date output. It also fixes an issue + with the Windows version not printing a day. + > Updated Nipper URL from the Source Forge one + in the report output. + +Version: 0.11.7 +Date : 10/05/2008 +Author : Ian Ventura-Whiting +Thanks : MrK +Changes: The following changes have been made to this + version: + > Fixed issue with Domain Lookups. + > Updated the SNMP text again. + > CSV output of network filter rules. + > Added FW-1 comments. + > Added command option for Nokia IP firewall + devices. + > Added command option for Bay Networks + Accelar devices. + +Version: 0.11.6 +Date : 07/04/2008 +Author : Ian Ventura-Whiting +Thanks : MrK +Changes: The following changes have been made to this + version: + > Made the SNMP text more concise. + > Fixed alternative IOS domain name line. + > Fixed ICMP message in ACL line issue. + > Changed MOP default for VLAN interfaces. + > Fixed MOP setting for subinterfaces. + > Updated subinterface output in configuration + report for IOS devices. + > Fixed IOS banner line + +Version: 0.11.5 +Date : 28/02/2008 +Author : Ian Ventura-Whiting +Changes: The following changes have been made to this + version: + > Fixed issue with processing PIX/ASA/FWSM + usernames. + > Fixed issue with SNMP PIX observation + report text. + > Fixed PQR issue with IOS Interface table. + > Fixed PQR issue with the password strength + text. + > Fixed issue with SNMP users with no group. + (Ref. 1896844) + > Fixed long abbreviation text report issue. + > Fixed issue with IOS no auth users report + output. + > Added table for users that are not in a + group for IOS report output. + > Fixed EIGRP MD5 authentication issue with + IOS devices. (Ref. 1897734) + +Version: 0.11.4 +Date : 18/02/2008 +Author : Ian Ventura-Whiting +Changes: The following changes have been made to this + version: + > Added a missing line to the default + configuration files. + > Fixed missing XML table item for table + entries that span an entire row. + > Fixed ScreenOS segmentation fault when + reporting a single RADIUS password issue. + > ScreenOS passwords are now included in + the johntheripper output, rather than + treating them as text. This also fixes + another issue with complex encryption + strings being marked as weak. + > Updated the Nipper license to bring it + into line with the development license. + +Version: 0.11.3 +Date : 27/01/2008 +Author : Ian Ventura-Whiting +Note : The improvements made to SonicOS & Firewall1 + support constitute feature additions. Not + something that would normally be in a + maintenance release. +Changes: The following changes have been made to this + version: + > Improved SonicOS service processing. + > Improved SonicOS policy processing. + > Optimisations to base64 routine. + > General SonicOS optimisations. + > Imrpoved Cisco PIX SSH remote access + host processing. + > Added Cisco PIX SSH remote access hosts + issue. + > Added support for Firewall-1 rules.C + files from the database directory. + > Modified the Nipper Appendix section URL. + > Fixed bug with Dynamic Objects report + table output for Firewall-1 devices. + > Improved Firewall-1 service object + processing. + > Fixed a PQR issue with the software + version issue. + > Fixed an issue with FW1 policies that + are logged on some configs (Ref. + 1879064). + > Windows version now loads nipper.ini + from the current directory. + +Version: 0.11.2 +Date : 12/01/2008 +Author : Ian Ventura-Whiting +Notes : Don't shoot, this maintenance release has a + new non-disruptive feature. +Changes: The following changes have been made to this + version: + > Added configuration only report option. + > Added HTML id to report header div. + > Modified CheckPoint internal text + (Ref. 1863387) + > Modified default management settings for + ScreenOS Interfaces that are in the "Trust" + or "Management" zones. (Ref. 1868791) + > Fixed CEF default for IOS devices. However, + the model needs to be specified at the + command line. It is enabled by default for + specific devices and disabled for all others. + An improvement, but not perfect. + (Ref. 1869191) + > Updated the documentation for 0.11.x + series, including the developer docs. + > Improved the command line processing for + device types (and config file line). + > Added --model= command option and config + file line. + > Fixed SNMP help option. + > Fixed issue introduced in the last + minor release with a single PIX SNMP + password issue. + > Updated man page. + +Version: 0.11.1 +Date : 02/01/2008 +Author : Ian Ventura-Whiting +Changes: The following changes have been made to this + version: + > Fixed online help for ACL and Password + auditing. (ref. 1862039) + > Memory leaks fixed with the help of + valgrind. Great tool! + > Added support for standard Windows help + switch. + +Version: 0.11.0 +Date : 30/12/2007 +Author : Ian Ventura-Whiting +Notes : This is a feature release of Nipper and includes + a number of new features. This release also + extends the number of supported devices. +Warning: The subversion repository contains testdata. I + would very strong advise against using those + configurations on any devices. They are intended + for testing purposes only. Use those configs at + your own risk. +Changes: The following nipper features have been added or + improved with this release. A * represents new + features. + + General Program Features: + > Added support for an external configuration + files. * + > Modified input code to enable support for + multiple file configurations. * + > Added support for Nortel Passport devices. * + > Added support for Checkpoint Firewall-1 + devices. * + > Added support for SonicWall Firewalls. * + > Added option to force a config type. * + > Added conclusions section to security audit. * + > Added a stdin timeout to stop some users from + staring at a blank console. * + > Added filter/policy/acl object HTML report + to the object definitions. * + > Added man pages for nipper and nipper.conf * + > Added Makefile. * + > Removed CMake file. + > Improved on-line help system. + > Improved Nipper error reporting and feedback. + > Improved command processing. + > Improved program return codes. + > Expanded the built-in mini dictionary. + > Improved firewall rule auditing. + > Improved built-in HTML CSS. + > Moved main introduction to after the table of + contents. + > Improved contents page. + > Improved report introduction. + > Improved report command text output. + > Improved ScreenOS config processing. + > Improved HTML report opening. + > Feature 1839093 - More info on ACL audit + lines. * + + Cisco Security Device (PIX/ASA/FWSM) Security Audit: + > Dictionary-based Passwords * + > Weak Passwords * + > Vulnerabilities * + > uRPF * + > SNMP * + > Flood Guard * + > ACL + + Cisco Security Device (PIX/ASA/FWSM) Configuration Reports: + > Static PAT * + > Static NAT + > SNMP * + > Interfaces + > HTTPS * + > Flood Guard * + > Name Mappings + > Objects + > ICMP + > ACL + + Cisco IOS-based Device Configuration Reports: + > ACL + > Interfaces + + Cisco IOS-based Device Security Audit: + > ACL + + Cisco CSS-based Device Configuration Reports: + > ACL + + Cisco CSS-based Device Security Audit: + > ACL + + ScreenOS-based Device Security Audit: + > Dictionary-based Passwords * + > Weak Passwords * + > SNMP v1/2 * + > SSH Protocol Version 1 * + > Policy Lists + + ScreenOS-based Device Configuration Reports: + > SNMP Configuration * + > Zones * + > Administrative Settings + > Policy Lists + > Name Mappings + > Name Mapping Groups * + > Default Policy * + + Firewall-1-based Device Security Audit: + > Policy Collections * + + Firewall-1-based Device Configuration Reports: + > Object Definitions * + > Service Definitions * + > Policy Collections * + + Passport-based Device Security Audit: + > Filters * + + Passport-based Device Configuration Reports: + > Software Version * + > Monitor Version * + > Passport Device configuration Type * + > Hostname * (guessed) + > Filters * + > Filter Sets (incl. Global Sets) * + + SonicOS-based Device Configuration Reports: + > Access Rules * + + SonicOS-based Device Configuration Reports: + > Device Name * + > Serial No. * + > IP Address and Network Mask * + > Access Rules * + > Service Definitions * + + +------------------------------------------------------- + + +Version: 0.10.10 +Date : 08/12/2007 +Authors: Ian Ventura-Whiting +Changes: The following changes have been made to this + version: + > Fixed ScreenOS permit list with some configs. + > Fixed IOS interface issue with some configs. + > Removed IOS ACL Remarks, this is fixed in the + next feature release (version 0.11.0). + +Version: 0.10.9 +Date : 29/11/2007 +Authors: Ian Ventura-Whiting +Changes: The following changes have been made to this + version: + > Fixed a typo in the help text. + > Disabled PIX remarks, they still dont work + properly and they are working in the new + feature version (0.11.0). + > Made corrections to the ScreenOS text. + > Fixed XML output error with ScreenOS. + > Fixed a bug with NMP report output. + +Version: 0.10.8 +Date : 23/10/2007 +Authors: Ian Ventura-Whiting +Thanks : Bambam + Kartick Suriamoorthy +Changes: The following changes have been made to this + version: + > Fixed a bug with the CatOS report output + with the Windows version of nipper. + > Fixed a bug with the IOS minimum password + length issue. + > Fixed a PQR issue with the IOS report text. + +Version: 0.10.7 +Date : 12/10/2007 +Authors: Ian Ventura-Whiting +Changes: The following changes have been made to this + version: + > Improved list item output. + > Fixed PIX XML Object Group report output + issue. + > Fixed PIX XML Timeout report output issue. + > Fixed item list Text format output. + +Version: 0.10.6 +Date : 01/10/2007 +Authors: Ian Ventura-Whiting +Changes: The following changes have been made to this + version: + > Fixed a specific bug with processing PIX + ACL under specific configurations. + > Fixed SSH version issue, for PIX/ASA devices + with a software version < 7.0(1). + > Fixed an internal counter issue that effects + some report output paragraphs. + > Fixed PIX Interface processing issue. + +Version: 0.10.5 +Date : 29/08/2007 +Authors: Ian Ventura-Whiting + David Croft +Thanks : To the community for all the feedback. +Changes: The following changes have been made to this + version: + > Fixed IOS std ACL log detection + (Ref: 1782218) + > Fixed IOS OSPF/BGP var mixup + (Ref: 1782202) + > Fixed IOS MOP Interface enabled type + (Ref: 1782222) + > Fixed IOS CDP and MOP for specific + interface types (Ref: 1782226) + > Fixed Trunks and Port Security on VLANs + (Ref: 1782236) + > Added remark output for ALL ACL types + for PIX devices in the configuration + report. (Feature Ref: 1777716) + > Various initialisation improvements. + > Added SNMP disable on Win32 platform. + Hope to introduce it properly with the + next feature release. + > Adjusted console colours for Win32. + +Version: 0.10.4 +Date : 19/08/2007 +Author : Ian Ventura-Whiting (Fizz) +Thanks : David Croft for the bug reports and code. +Changes: The following changes have been made to this + version: + > Fixed service pad (Ref: 1775043) + > Fixed OSPF / BGP (Ref: 1775033) + +Version: 0.10.3 +Date : 06/08/2007 +Author : Ian Ventura-Whiting (Fizz) +Changes: The following changes have been made to this + version: + > Added XML . + > Improved help text. + > Added URL to banner. + +Version: 0.10.2 +Date : 11/07/2007 +Author : Ian Ventura-Whiting (Fizz) +Changes: The following changes have been made to this + version: + > Fixed seg fault when processing lines with + lots of words. + +Version: 0.10.1 +Date : 03/07/2007 +Author : Ian Ventura-Whiting (Fizz) +Notes : Although this is a maintenance release there is a + major change, but with regards to the license. + nipper has now been re-licensed using the GPL v3 + license. +Changes: The following features have been improved or bugs + fixed since the previous release. + > Improved output to add N/A to interface + features when the port is a switchport and + doesn't have an IP address. (Ref. 1740541) + > Improve support for BGP to include passive + interface configuration. + > Minor changes to resolve all the compiler + warning messages. + > License changes to all files. + > Improved report to add Nipper version details + to the report output. (Ref. 1746197) + > Altered Calalyst IOS software version issue + due to IOS version 12.2. being the latest + version on that platform. (Ref. 1746200) + > Minor report PQR updates. + > Improved OSPF support to include passive + interface configurations. Also identified an + OSPF issue reporting problem and resolved at + the same time. (Ref. 1740539) +Thanks : Mike Auty (for PQR changes) + All users for feedback. + + +Version: 0.10.0 +Date : 17/06/2007 +Author : Ian Ventura-Whiting (Fizz) +Notes : This release concentrates on adding a large number + of additional features for IOS-based devices. IOS + devices contain far more configuration options than + all the other devices combined. Additionally, Cisco + CSS devices have been added as another supported + device type. Other device types will have support + extended in upcoming versions. +Warning: The subversion repository now contains testdata. + I would very strong advise against using those + configurations on any devices, they are intended + for testing purposes only. Use those configs at + your own risk. +Changes: The following nipper features have been added or + improved with this release. A * represents new + features. + + General Program Features: + > Additional appendix section addition or + removal options. + > Filter Source Checking * + > Filter Deny and Log Checking * + > Seperation of Switch and Router issues + > Options for device usage. I.e. Internal or + edge routing device * + > Added command line option to specify a + device name. It helps for configs where + the name is not specified in the config. * + > Much better documentation. + > Much improved report introduction. + + IOS-based Device Security Audit: + > Logging * + > RIP * + > IOS Versions * + > SNMP * + > uRPF * + > Classless Routing * + > TCP Keep Alives * + > Name Lookups * + > Telnet * + > SSH Protocol Version * + > Minimum Password Length * + > EIGRP Authentication * + > Switch Port Security * + > Switch Port Trunking * + > Proxy ARP + > ACL + > VRRP Authentication * + > BGP Route Dampening + + IOS-based Device Configuration Reports: + > Switchport VLAN * + > Switchport Security * + > CEF * + > uRPF * + > Logging + > SNMP + > Classless Routing * + > TCP Keep alives * + > DNS * + > Line Configuration + > SSH + > FTP + > ACL + > Gratuitous ARP * + > NAT (All types) * + > RIP + > Clock and TimeZones * + > Minimum Password Length (IOS 12.3(1)+) * + > VTP Mode and Domain * + > Named ACL * + > VRRP * + + CSS-based Device Security Audit: * + > Telnet * + > SNMP * + > ACL * + + CSS-based Device Configuration Reports: * + > General Settings * + > Services * + > SNMP * + > ACL * + + PIX-based Device Security Audit: + > ACL + + Report Appendix Features: + > Logging Message Levels * + > Abbreviations + > Time Zones * + + In addition to these changes, a number of other + less obvious changes have been made. + > Command line interface cleanup. + > A general update of security-related + report issues. + > A major rewrite of the internal data + structures. Enables future feature + enhancements. + > Seperation of cleanup routines. + > Improvements to config file parsing. + > Added text markup to enable device type + output in report text. + > Added text markup to enable the device + software version to be output in the report. + > Processing text paragraphs that are broken + into seperate character arrays. + > Improvements to IOS-based interface name + handling. + > Report opening improvements. + > Report PQR issues. + + Test configuration files have been added to the + subversion repository. These configs should not be + used on any device, they are for testing only. + > Cisco IOS Switch * + > Cisco IOS Router (--edge for all issues) * + > Cisco CSS * + + A small number of issues identified since the + previous release have been fixed. + > XML timeout report issue when there is only + a single timeout issue. + > XML password report issue when there is only + a single password issue. + +-------------------------------------------------------------- + +Version: 0.9.5 +Date : 09/05/2007 +Authors: Ian Ventura-Whiting (Fizz) + Mike Auty (thanks for the patches) +Changes: Fixed : Getting a banner that starts with ! + Fixed : Bug with PIX SSH configuration output + with XML. + Fixed : Minor appendix abbreviation PQR issue. + +Version: 0.9.4 +Date : 29/04/2007 +Authors: Ian Ventura-Whiting (Fizz) + Mike Auty (thanks for XML ref update) +Changes: Improved: XML table reference within report + text. + Fixed : Report text output for when a single + weak password has been identified for + an IOS device. + Fixed : Bug with processing certain types of IOS + enable passwords. + Fixed : A minor error in the IOS report text. + Fixed : Bug processing ASA Firewall interfaces, + Bug 1709061. + +Version: 0.9.3 +Date : 21/04/2007 +Authors: Ian Ventura-Whiting (Fizz) + Benjamin Allen (thanks for the patch :-) +Notes : Thanks to Mike Auty for the feedback, leading + to improvements made in this and previous + 0.9.x maintenance releases. +Changes: Improved: XML appendix and configuration + subsection tags. + Improved: XML table tag reference. + Improved: Added an XML section tag reference. + Improved: Dictionary-based password checking using + the small built in dictionary. + Improved: A really minor PQR change to the + report text. + Improved: Minor tweaks to the on-line help + text. + Fixed : Typo in the report markup language. + Fixed : PIX Access List Segmentation Fault. + Fixed : Bug 1703687, which fixes the handling + of quoted text, specifically with + NetScreen devices. + +Version: 0.9.2 +Date : 11/04/2007 +Author : Ian Ventura-Whiting (Fizz) +Notes : Improved: XML tags for table captions. + Improved: Added XML report text command markup. + Improved: Added reference to XML section tag. + Fixed : Typo in the report markup language. + +Version: 0.9.1 +Date : 08/04/2007 +Author : Ian Ventura-Whiting (Fizz) +Notes : Improved: Added abbreviation to XML output. + Fixed : Some PQR issues with various report text + output. + +Version: 0.9.0 +Date : 23/03/2007 +Author : Ian Ventura-Whiting (Fizz) +Notes : The program name has changed from CiscoParse to + Nipper (The Network Infrastructure Config Parser). + This will better represent what the program now + does, and it sounds friendly too :-) + Feature : The abbreviations are only expanded on + first use for all file formats. + Feature : Added common ports to appendix. + Feature : Added command line options to disable + individual appendix sections or the + whole appendix. + Feature : When the --no-passwords option is used + it will list which authentication / keys + but will not show the password. Previous + versions just reported that there were + issues with the passwords. + Feature : Added option to convert name mappings + back into IP addresses. + Feature : Added option to expand ACL. + Feature : Added option to configure latex paper + size. + Feature : Added option to configure latex document + class. + Feature : Added additional support to IOS-based + devices: + > Interfaces with ACL + > Static Routes + Feature : Added additional support to PIX-based + devices: + > NAT + > Static Routes + > SSH + Feature : Added additional support to NMP-based + devices: + > Permit Lists + > Idle Session Timeout + > VLAN Configuration + > Modules and Ports + > Port Security + > CDP + Feature : Added support for Juniper NetScreen + ScreenOS-based devices: + > General Settings + > Admin Settings + > SSH Settings + > Name Mappings + > Interfaces + > Policy Settings + > Authentication Settings + Feature : Added compilation/installation methods: + > install.script + > CMake + Feature : Added XML report output. + Feature : Added debug option to list abbreviations + that were not identified. + Improved: Added no issues found text for when there + were no identified issues. + Improved: Added report output format shortcut + options. + Improved: Added even more abbreviations. + Imrpoved: Lots of minor improvements to the report + text and configuration text output. + Improved: Complete redesign of the report writing + code to easliy allow for additional + report formats to be added in the + future. + Improved: Redesign of the parser to allow for + different configuration file types, such + as those from the NetScreen. + Improved: If passwords are disabled, the keys and + authentication that are being refered to + are now listed rather than just not + shown at all. + Improved: ICMP PIX Permission Configuration output. + Improved: Latex column widths. + Improved: Moved CDP configuration to + services section in IOS configuration + output. + Improved: Colour console help output. + Improved: Added examples to help output. + Improved: Errors are now output to the console + in red. + Improved: The Bootp report text. + Improved: The auxiliary port ease and recommendation + text. + Improved: OSPF keys and encryption type in IOS report + output. + Improved: Installation notes. + Improved: Loads of code and memory optimisations. + Fixed : No longer report IOS IP-based issues for + interfaces that do not have IP addresses + assigned. + Fixed : Some debug mode typos. + Fixed : Object type remark capture for PIX devices. + Fixed : PIX access list remark truncation. + +Version: 0.8.8 +Date : 14/02/2007 +Author : Ian Ventura-Whiting (Fizz) +Notes : Fixed : Inifinite loop in IOS-based q report + output. + +Version: 0.8.7 +Date : 11/02/2007 +Author : Ian Ventura-Whiting (Fizz) +Notes : Fixed : PIX object group description processing. + Fixed : Disabled latex output option, this will + be reintroduced with 0.9.0. + +Version: 0.8.6 +Date : 07/02/2007 +Author : Ian Ventura-Whiting (Fizz) +Notes : Fixed : SNMP segfault when processing specific + IOS configurations. + +Version: 0.8.5 +Date : 05/02/2007 +Author : Ian Ventura-Whiting (Fizz) +Notes : Fixed : Auxiliary connection timeout security + report output. + +Version: 0.8.4 +Date : 05/01/2007 +Author : Ian Ventura-Whiting (Fizz) +Notes : Fixed : Removed duplication from NMP-based weak + password report paragraph. + Fixed : Latex banner in configuration output. + +Version: 0.8.3 +Date : 03/01/2006 +Author : Ian Ventura-Whiting (Fizz) +Notes : Fixed : PQR issues in the ACL report output. + Fixed : PQR issue in the weak passwords output. + Fixed : PQR issue in the dictionary output. + Fixed : PQR issues in the timeout report output. + Fixed : PQR issue in the aux report output. + Fixed : PQR issue in the ICMP unreachable output. + Fixed : PQR issues in Proxy ARP report output. + Fixed : PQR issues in CDP report output. + Fixed : PQR issues in enable secret output. + Fixed : NMP-based weak password impact output. + +Version: 0.8.2 +Date : 20/12/2006 +Author : Ian Ventura-Whiting (Fizz) +Notes : Improved: PIX ACL Configuration for Latex reports + is now in landscape, so it now fits! + Improved: Removed TFTP and Telnet from IOS + configuration / report output. This is + an improvement, honest. + Fixed : PIX Object definition text for Latex + configuration output. + Fixed : Report recommendation text for a single + dictionary-based password. + Fixed : Report text for weak passwords. + Fixed : Report observation text for connection + timeouts. + Fixed : Latex table column widths. + Fixed : Minor report text typos. + +Version: 0.8.1 +Date : 19/12/2006 +Author : Ian Ventura-Whiting (Fizz) +Notes : Fixed : Readme text + Fixed : License text + Fixed : Escaping Latex characters in tables + Fixed : HTML tags in Latex output + +Version: 0.8.0 +Date : 14/12/2006 +Author : Ian Ventura-Whiting (Fizz) +Notes : Feature : Added to q, HTML and Text device + configuration report output for PIX- + based devices: + > Fixup Protocol Inspection + > ICMP Access Restrictions + Feature : Added to q, HTML and Text device + configuration report output for NMP- + based devices: + > ICMP Unreachables + > ICMP Redirects + > IP Fragmentation + > CDP + Feature : q, HTML and Text security reports + for Firewall devices: + > Access Control Lists + Feature : q, HTML and Text security reports + for NMP devices: + > ICMP Unreachables + > ICMP Redirects + > CDP + Feature : Added abbreviations to HTML output + Improved: Firewall ACL configuration settings with + general settings. + Improved: Added transparent firewall to general + configuration. + Improved: The ACL are now split into seperate + tables in the configuration report. + Improved: Use the acronyms in the ACL configuration + settings report. + Improved: Added logging to firewall extended ACL + configuration output. + Improved: Firewall interface configuration output. + Fixed : HTML end-of-document tags. + Fixed : Issue with q configuration output + of firewall ACL. + +Version: 0.7.1 +Date : 11/12/2006 +Author : Ian Ventura-Whiting (Fizz) +Notes : Feature : Added to q, HTML and Text device + configuration report output for PIX- + based devices: + > IP address name mappings + > Enable Passwords + > Logon Password + > Usernames + Improved: PIX Access List Support + Improved: Added object definitions introduction. + Improved: Added FWSM to Firewall parsing. + Fixed : Error when parsing the wrong kind of + config using the wrong Cisco type. + +Version: 0.7.0 +Date : 29/11/2006 +Author : Ian Ventura-Whiting (Fizz) +Notes : Feature : q, HTML and Text security reports + for IOS-based devices: + > Banners + > BGP Route Dampening + > OSPF Password Encryption + > Telnet + Feature : q, HTML and Text security reports + for NMP-based devices: + > Password Strength + > Dictionary-based Passwords + Feature : Added to q, HTML and Text device + configuration report output for IOS- + based devices: + > Banners + > OSPF + Feature : Added to q, HTML and Text device + configuration report output for PIX- + based devices: + > General Settings + > Interfaces + > Access Lists + > Object Groups + Feature : Added to q, HTML and Text device + configuration report output for NMP- + based devices: + > General Settings + > Passwords + > SNMP + Feature : Added support for PIX/ASA configs ( IP Source Routing + > Finger + > HTTP + > Bootp + > Configuration Auto-Loading + > PAD + > IP Unreachables + > ICMP Mask Reply + > ICMP Redirects + > Directed Broadcasts + > Dictionary-based Passwords + > Weak Passwords + > High / No Timeout + > Auxiliary Port + > MOP + > Access Lists + > Password Encryption + > Enable Secret Passwords + Feature : Added to q, HTML and Text device + configuration report output: + > User Accounts & Privilages + > Privilage Levels + > Device Services + > Logging Configuration + > SNMP + > SSH + > NTP + > FTP + > TACACS + > AAA + > Routing + * BGP + > Key Chains and Keys + > Interfaces + > Access Lists + > HTTP + > IP Directed Broadcast + > Lines and description + Feature : Added support for the following: + > IP Directed Broadcast + > Lines + > OSPF + Improved: Numbers 1 - 14 in report body are + converted to text where applicable. + Improved: HTTP support + Improved: Code optimization to HTML report output + Improved: CDP report paragraph + Improved: Minor changes to debug output + Improved: Report paragraph sharing between report + output formats. + Improved: Table title sharing between report + formats. + Improved: Section title sharing between report + formats. + Improved: HTML report introduction paragraphs. + Fixed : No longer parses empty configuration files. + Fixed : Made gramatical corrections to CDP text. + Fixed : Routing BGP Latex report typo. + Fixed : SNMP v3 Latex generation bug + Fixed : BGP password capture bug + Fixed : NTP Trusted key default + Fixed : SSH Timeout and Retries report defaults. + Fixed : Memory allocation bug with q reports + Fixed : IOS version detection for report issues. + Fixed : Latex bugs with q output. + Fixed : ProxyARP typo + + +Version: 0.5.0 +Date : 12/06/2006 +Author : Fizz +Notes : Feature : Added / improved support for the + following Cisco configuration options: + > Domain Lookup + > Routing Protocols + * BGP + > Key Chains and Keys (Basic) + > Interface + * RIP configuration + Feature : Output report paragraphs in addition to + configuration details for the following: + > CDP + > TCP & UDP Small Servers + > Proxy ARP + Feature : Added the following report formats: + > HTML (Basic) + > q + Improved: Report paragraph text sharing. + Improved: Changed some default settings. + Fixed : CDP in q appendix. + + +Version: 0.4.0 +Date : 08/06/2006 +Author : Fizz +Notes : Feature : Added / improved support for the + following Cisco configuration options: + > SSH + > FTP (Added source interface(s)) + > HTTP (basic) + > Access-Lists (improved logging) + > Network boot (check "no boot config" & + "no service config") + > Packet Assembler / Disassembler (PAD) + > Interfaces: + * Proxy ARP + * NTP Disable + * MOP + * IP unreachables + * IP redirects + * IP Mask Reply + * IP Direct Broadcast + * CDP + * Shutdown + Improved: Added description paragraph to Access-Lists + q appendix output. + Improved: Broke code up into seperate files. The program + was starting to get large and it is easier to + manage as seperate files. + Improved: Added TODO file. + Fixed : Bootp, tftp and finger report issue. + Fixed : Issue collecting remark on Access-Lists. + Fixed : Problem with --no-passwords option. + + +Version: 0.3.1 +Date : 07/06/2006 +Author : Fizz +Notes : Only a minor increase in version number, even though + there is an additional feature. This is a + maintenance release. + Feature : Option to disable password output in + reports. + Improved: Access-list output is now in landscape + to cope with all the details. + Improved: Removed encrypted passwords from the + report (whats the point?) + Improved: Changed blank password to + Fixed : --output= option. + Fixed : Privilage line order. + Fixed : Latex character _, # and $ output. + Fixed : Latex column widths (Access-list & user + accounts) + + +Version: 0.3.0 +Date : 06/06/2006 +Author : Fizz +Notes : * Improved the following report output formats: + > q (Appendix) + Please note: Currently it does not check for + _ and $ ... in the latex. Next version will. + + +Version: 0.2.0 +Date : 03/06/2006 +Author : Fizz +Notes : * Split the program into four distinct sections: + 1) Program parameter parsing and init + 2) Parsing the configuration file + 3) Report format output + 4) Cleanup + * Better type-7 password decoding + * Added john-the-ripper output for type-5 passwords + * Added program debug output + * Added/improved support for the following Cisco + configuration items: + > Hostname + > Version + > Enable Password + > Usernames & Passwords + > Privilages + > IP Source Routing + > TCP Small Servers (Check syntax) + > UDP Small Servers (Check syntax) + > Finger + > CDP + > NTP + > SNMP (Full SNMP v1 & v2, partial v3) + > FTP (basic) + > Access Lists (most) + > Telnet (basic) + > TFTP (basic) + > Service Password Encryption + > Logging (most) + > Bootp (basic) + > TACACS (key & servers) + > AAA (Authentication, Authorization, Accounting) + (Radius servers & keys) + * Added the following report output formats: + > q (basic) + + +Version: 0.1 +Date : 22/05/2006 +Author : Fizz +Notes : Initial version diff --git a/0.11.10/FW1/.svn/all-wcprops b/0.11.10/FW1/.svn/all-wcprops new file mode 100644 index 0000000..c1bdda0 --- /dev/null +++ b/0.11.10/FW1/.svn/all-wcprops @@ -0,0 +1,77 @@ +K 25 +svn:wc:ra_dav:version-url +V 33 +/svn/!svn/ver/3/trunk/0.11.10/FW1 +END +process-services.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/FW1/process-services.c +END +input.c +K 25 +svn:wc:ra_dav:version-url +V 41 +/svn/!svn/ver/3/trunk/0.11.10/FW1/input.c +END +report-debug.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/FW1/report-debug.c +END +process-rulebases.c +K 25 +svn:wc:ra_dav:version-url +V 53 +/svn/!svn/ver/3/trunk/0.11.10/FW1/process-rulebases.c +END +report-objects.c +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/0.11.10/FW1/report-objects.c +END +report-rules.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/FW1/report-rules.c +END +process-objects.c +K 25 +svn:wc:ra_dav:version-url +V 51 +/svn/!svn/ver/3/trunk/0.11.10/FW1/process-objects.c +END +process-rules.c +K 25 +svn:wc:ra_dav:version-url +V 49 +/svn/!svn/ver/3/trunk/0.11.10/FW1/process-rules.c +END +cleanup.c +K 25 +svn:wc:ra_dav:version-url +V 43 +/svn/!svn/ver/3/trunk/0.11.10/FW1/cleanup.c +END +process-policycollections.c +K 25 +svn:wc:ra_dav:version-url +V 61 +/svn/!svn/ver/3/trunk/0.11.10/FW1/process-policycollections.c +END +report.c +K 25 +svn:wc:ra_dav:version-url +V 42 +/svn/!svn/ver/3/trunk/0.11.10/FW1/report.c +END +report-services.c +K 25 +svn:wc:ra_dav:version-url +V 51 +/svn/!svn/ver/3/trunk/0.11.10/FW1/report-services.c +END diff --git a/0.11.10/FW1/.svn/entries b/0.11.10/FW1/.svn/entries new file mode 100644 index 0000000..8e7e08c --- /dev/null +++ b/0.11.10/FW1/.svn/entries @@ -0,0 +1,436 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/0.11.10/FW1 +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +process-rulebases.c +file + + + + +2016-02-13T06:47:11.852154Z +c6382e4a1d7b6cceaec9927eaae11094 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5282 + +report-objects.c +file + + + + +2016-02-13T06:47:11.852154Z +532fea9017f6b0df1f7a9ce79ed86ecf +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +23939 + +report-rules.c +file + + + + +2016-02-13T06:47:11.852154Z +e57ac2cb05e40a80b399ee1963e2d663 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5260 + +process-objects.c +file + + + + +2016-02-13T06:47:11.852154Z +9bb6697bf7b3ea9a145ab678d70aa78b +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +15101 + +process-rules.c +file + + + + +2016-02-13T06:47:11.852154Z +a4a733804fe965154906aaeb7f05f18f +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +21310 + +cleanup.c +file + + + + +2016-02-13T06:47:11.852154Z +dcd9c949de8c29fbc7f5120c3a5fcacc +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2903 + +process-policycollections.c +file + + + + +2016-02-13T06:47:11.852154Z +7bf36c21efe6954574d4ad34b5edef94 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7985 + +report.c +file + + + + +2016-02-13T06:47:11.852154Z +afa832a86c5c780da75ce3231080372d +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4655 + +report-services.c +file + + + + +2016-02-13T06:47:11.852154Z +38780ad7697d47dc30c179e34be8c8c6 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5832 + +process-services.c +file + + + + +2016-02-13T06:47:11.848154Z +34ff8b8ac656f70425247ea3986cd9df +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +8289 + +input.c +file + + + + +2016-02-13T06:47:11.848154Z +e352ad84db9673b72c420ec3ac7ce0c9 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6905 + +report-debug.c +file + + + + +2016-02-13T06:47:11.852154Z +da68eee0b59217034ceed3399b058e0e +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3970 + diff --git a/0.11.10/FW1/.svn/text-base/cleanup.c.svn-base b/0.11.10/FW1/.svn/text-base/cleanup.c.svn-base new file mode 100644 index 0000000..a203c41 --- /dev/null +++ b/0.11.10/FW1/.svn/text-base/cleanup.c.svn-base @@ -0,0 +1,57 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the Passport cleanup code + + +void cleanupFW1(struct nipperConfig *nipper) +{ + // Variables... + struct host *memberPointer = 0; + struct policyCollection *policyCollectionPointer; + + // Cleanup Policy Collections + while (nipper->fw1->policies != 0) + { + while (nipper->fw1->policies->targets != 0) + { + memberPointer = nipper->fw1->policies->targets->next; + free(nipper->fw1->policies->targets); + nipper->fw1->policies->targets = memberPointer; + } + policyCollectionPointer = nipper->fw1->policies->next; + free(nipper->fw1->policies); + nipper->fw1->policies = policyCollectionPointer; + } + + // Cleanup Firewall-1 config + free(nipper->fw1); +} + diff --git a/0.11.10/FW1/.svn/text-base/input.c.svn-base b/0.11.10/FW1/.svn/text-base/input.c.svn-base new file mode 100644 index 0000000..7597357 --- /dev/null +++ b/0.11.10/FW1/.svn/text-base/input.c.svn-base @@ -0,0 +1,211 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct firewall1Config +{ + struct policyCollection *policies; // Policy Collections... + + // Service Counts + int serviceCount; + int serviceGroupCount; + + // Object Counts + int groupObjectCount; + int gatewayObjectCount; + int gatewayClusterObjectCount; + int clusterMemberObjectCount; + int networkObjectCount; + int dynamicNetObjectCount; + int machinesRangeObjectCount; + int hostObjectCount; +}; + + +// FW1 Unhandled Processing (Recursive...) +void processFW1Unknown(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + + // Split the command line up + command = splitLine(line); + + // If it is a section end... + if (strcmp(command.part[0], ")") == 0) + {} + + // If item with no data... + else if (strcmp(command.part[1], "()") == 0) + {} + + // If item that has a little data... + else if ((command.part[1][0] == '(') && (command.part[command.parts - 1][strlen(command.part[command.parts - 1]) - 1] == ')')) + {} + + // If item has a lot more data... + else if (command.part[1][0] == '(') + { + while ((feof(nipper->input) == 0) && (strcmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Debug (lines not processed) + if (nipper->linesnotprocessed == true) + printf("%s\n", line); + + // Init... + command = splitLine(line); + + processFW1Unknown(nipper, line); + } + } +} + + +// Processing Firewall-1 includes... +#include "process-objects.c" +#include "process-policycollections.c" +#include "process-rules.c" +#include "process-rulebases.c" +#include "process-services.c" + + +// Process FW1 Input (Excluding Rules) +void processFW1Input(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + + // Split the command line up + command = splitLine(line); + + // Process objects... + if (((strcmp(command.part[0], ":netobj") == 0) || (strcmp(command.part[0], ":network_objects") == 0)) && (strcmp(command.part[1], "()") != 0)) + processFW1Objects(line, nipper); + + // Process Services... + else if (((strcmp(command.part[0], ":servobj") == 0) || (strcmp(command.part[0], ":services") == 0)) && (strcmp(command.part[1], "()") != 0)) + processFW1Services(line, nipper); + + // Process Policy Collections... + else if ((strcmp(command.part[0], ":policies_collections") == 0) && (strcmp(command.part[1], "()") != 0)) + processFW1PolicyCollections(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} + + +// Process FW1 Rules... +void processFW1RulesInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + struct filterListConfig *filterListPointer = 0; + + // Init... + filterListPointer = getFilterList(nipper, "Firewall-1", "", false); + + // Split the command line up + command = splitLine(line); + + // Process lines + while (feof(nipper->input) == 0) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Process Rules... + if ((strcmp(command.part[0], ":rules") == 0) && (strcmp(command.part[1], "()") != 0) && (filterListPointer != 0)) + { + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + if ((strcmp(command.part[0], ":") == 0) && (strcmp(command.part[1], "()") != 0)) + processFW1Rule(line, nipper, filterListPointer); + } + } + } +} + + +// Process FW1 Rules... +void processFW1RuleInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + struct filterListConfig *filterListPointer = 0; + + // Split the command line up + command = splitLine(line); + + // Process lines + while (feof(nipper->input) == 0) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Policy Collection Line: %s\n", line); + + // Process Rules... + if ((strcmp(command.part[0], ":rule") == 0) && (strcmp(command.part[1], "()") != 0) && (filterListPointer != 0)) + processFW1Rule(line, nipper, filterListPointer); + + else if ((strcmp(command.part[0], ":collection") == 0) && (strcmp(command.part[1], "()") != 0)) + filterListPointer = processFW1RuleCollection(line, nipper); + + else if ((strcmp(command.part[0], ":rule-base") == 0) && (strncmp(command.part[1], "(\"##", 4) == 0)) + processFW1Rulebase(line, nipper); + } +} + + diff --git a/0.11.10/FW1/.svn/text-base/process-objects.c.svn-base b/0.11.10/FW1/.svn/text-base/process-objects.c.svn-base new file mode 100644 index 0000000..6151a75 --- /dev/null +++ b/0.11.10/FW1/.svn/text-base/process-objects.c.svn-base @@ -0,0 +1,447 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for FW1 Objects + + +// Get pointer to interface (or create a new one)... +struct hostInterfaces *getFW1HostInterface(struct nipperConfig *nipper, struct objectConfig *objectPointer, int interface) +{ + // Variables... + struct hostInterfaces *fw1InterfacePointer = 0; + int init = false; + + // Is it the first one? + if (objectPointer->interfaces == 0) + { + objectPointer->interfaces = malloc(sizeof(struct hostInterfaces)); + fw1InterfacePointer = objectPointer->interfaces; + init = true; + } + else + { + fw1InterfacePointer = objectPointer->interfaces; + while ((fw1InterfacePointer->next != 0) && (fw1InterfacePointer->interface != interface)) + fw1InterfacePointer = fw1InterfacePointer->next; + if (fw1InterfacePointer->interface != interface) + { + fw1InterfacePointer->next = malloc(sizeof(struct hostInterfaces)); + fw1InterfacePointer = fw1InterfacePointer->next; + init = true; + } + } + + // Does the structure need initing? + if (init == true) + { + memset(fw1InterfacePointer, 0, sizeof(struct hostInterfaces)); + fw1InterfacePointer->interface = interface; + fw1InterfacePointer->dynamicIP = false; + } + + return fw1InterfacePointer; +} + + +// Process an object interface... +void processFW1ObjectsInterfaces(char *line, struct nipperConfig *nipper, struct objectConfig *objectPointer) +{ + // Variables... + struct ciscoCommand command; + struct hostInterfaces *fw1InterfacePointer = 0; + + // Init... + command = splitLine(line); + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Object Interface Line: %s\n", line); + + // New Interface... + if ((command.part[0][0] == ':') && (strcasecmp(command.part[1], "()") != 0)) + { + // Create Interface... + fw1InterfacePointer = getFW1HostInterface(nipper, objectPointer, atoi(command.part[0] + 1)); + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Object Interface Line: %s\n", line); + + // IP Address... + if (strcasecmp(command.part[0], ":ipaddr") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + strncpy(fw1InterfacePointer->address, command.part[1] + 1, sizeof(fw1InterfacePointer->address) - 1); + } + + // Net Mask... + else if (strcasecmp(command.part[0], ":netmask") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + strncpy(fw1InterfacePointer->netMask, command.part[1] + 1, sizeof(fw1InterfacePointer->netMask) - 1); + } + + // Dynamic IP... + else if ((strcasecmp(command.part[0], ":dynamic_ip") == 0) && (strcasecmp(command.part[1], "(true)") == 0)) + fw1InterfacePointer->dynamicIP = true; + else if ((strcasecmp(command.part[0], ":dynamic_ip") == 0) && (strcasecmp(command.part[1], "(false)") == 0)) + fw1InterfacePointer->dynamicIP = false; + + // Dynamic IP... + else if (strcasecmp(command.part[0], ":officialname") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + strncpy(fw1InterfacePointer->name, command.part[1] + 1, sizeof(fw1InterfacePointer->name) - 1); + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + fw1InterfacePointer = 0; + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } +} + + +// Process Firewall-1 objects... +void processFW1Objects(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct objectMember *memberPointer = 0; + struct objectConfig *objectPointer = 0; + struct hostInterfaces *fw1InterfacePointer = 0; + struct objectListConfig *objectListPointer = 0; + int tempInt = 0; + + // Debug output + if (nipper->debugMode == true) + printf("Object Line: %s\n", line); + + // Init... + command = splitLine(line); + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Object Line: %s\n", line); + + // If it is a new object + if (strcasecmp(command.part[0], ":") == 0) + { + // If the object list has not been created + if (objectListPointer == 0) + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = getObjectPointer(objectListPointer, command.part[1] + 1); + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Object Line: %s\n", line); + + // IP Address... + if ((strcasecmp(command.part[0], ":ipaddr") == 0) || (strcasecmp(command.part[0], ":ipaddr_first") == 0)) + { + command.part[1][strlen(command.part[1]) -1] = 0; + strncpy(objectPointer->address, command.part[1] + 1, sizeof(objectPointer->address) - 1); + } + + // Net Mask... + else if ((strcasecmp(command.part[0], ":netmask") == 0) || (strcasecmp(command.part[0], ":ipaddr_last") == 0)) + { + command.part[1][strlen(command.part[1]) -1] = 0; + strncpy(objectPointer->netMask, command.part[1] + 1, sizeof(objectPointer->netMask) - 1); + } + + // Firewall... + else if ((strcasecmp(command.part[0], ":firewall") == 0) && (strcasecmp(command.part[1], "(installed)") == 0)) + objectPointer->firewall = true; + + // Location... + else if ((strcasecmp(command.part[0], ":location") == 0) && (strcasecmp(command.part[1], "(external)") == 0)) + objectPointer->internal = false; + + // CP Version... + else if (strcasecmp(command.part[0], ":cpver") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + strncpy(objectPointer->cpVersion, command.part[1] + 1, sizeof(objectPointer->cpVersion) - 1); + objectPointer->cpVersionMajor = atoi(objectPointer->cpVersion); + objectPointer->cpVersionMinor = atoi(strchr(objectPointer->cpVersion, '.') + 1); + } + + // Interfaces... + else if ((strcasecmp(command.part[0], ":interfaces") == 0) && (strcasecmp(command.part[1], "()") != 0)) + processFW1ObjectsInterfaces(line, nipper, objectPointer); + + // Management... + else if ((strcasecmp(command.part[0], ":management") == 0) && (strcasecmp(command.part[1], "(true)") == 0)) + objectPointer->management = true; + + // Type... + else if (strcasecmp(command.part[0], ":type") == 0) + { + if (strcasecmp(command.part[1], "(host)") == 0) + { + nipper->fw1->hostObjectCount++; + objectPointer->type = object_type_host; + } + else if (strcasecmp(command.part[1], "(machines_range)") == 0) + { + nipper->fw1->machinesRangeObjectCount++; + objectPointer->type = object_type_machinesrange; + } + else if (strcasecmp(command.part[1], "(dynamic_net_obj)") == 0) + { + nipper->fw1->dynamicNetObjectCount++; + objectPointer->type = object_type_dynamicnet; + } + else if (strcasecmp(command.part[1], "(group)") == 0) + { + nipper->fw1->groupObjectCount++; + objectPointer->type = object_type_group; + } + else if (strcasecmp(command.part[1], "(network)") == 0) + { + nipper->fw1->networkObjectCount++; + objectPointer->type = object_type_network; + } + else if (strcasecmp(command.part[1], "(gateway)") == 0) + { + nipper->fw1->gatewayObjectCount++; + objectPointer->type = object_type_gateway; + } + else if (strcasecmp(command.part[1], "(gateway_cluster)") == 0) + { + nipper->fw1->gatewayClusterObjectCount++; + objectPointer->type = object_type_gateway_cluster; + } + else if (strcasecmp(command.part[1], "(cluster_member)") == 0) + { + nipper->fw1->clusterMemberObjectCount++; + objectPointer->type = object_type_cluster_member; + } + + // Create a delete me object... + else + objectPointer->type = object_type_delete_me; + } + + // Cluster Members... + else if ((strcasecmp(command.part[0], ":cluster_members") == 0) && (strcasecmp(command.part[1], "(") == 0)) + { + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Object Line: %s\n", line); + + // New member... + if ((command.part[0][0] == ':') && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + tempInt = atoi(command.part[0] + 1); + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Object Line: %s\n", line); + + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + memberPointer = getObjectMember(objectPointer, command.part[1] + 1); + memberPointer->type = object_type_object; + memberPointer->number = tempInt; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Group Members... + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") != 0) && (strncmp(line, "\t\t\t:", 4) == 0)) + { + memberPointer = getObjectMember(objectPointer, command.part[1]); + memberPointer->type = object_type_object; + } + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Object Line: %s\n", line); + + // Name... + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + memberPointer = getObjectMember(objectPointer, command.part[1] + 1); + memberPointer->type = object_type_object; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + + // If delete me object... + if (objectPointer->type == object_type_delete_me) + { + if (objectListPointer->object->type == object_type_delete_me) + { + while (objectListPointer->object->interfaces != 0) + { + fw1InterfacePointer = objectListPointer->object->interfaces->next; + free(objectListPointer->object->interfaces); + objectListPointer->object->interfaces = fw1InterfacePointer; + } + while (objectListPointer->object->members != 0) + { + memberPointer = objectListPointer->object->members->next; + free(objectListPointer->object->members); + objectListPointer->object->members = memberPointer; + } + free(objectListPointer->object); + objectListPointer->object = 0; + } + else + { + objectPointer = objectListPointer->object; + while (objectPointer->next->type != object_type_delete_me) + objectPointer = objectPointer->next; + while (objectPointer->next->interfaces != 0) + { + fw1InterfacePointer = objectPointer->next->interfaces->next; + free(objectPointer->next->interfaces); + objectPointer->next->interfaces = fw1InterfacePointer; + } + while (objectPointer->next->members != 0) + { + memberPointer = objectPointer->next->members->next; + free(objectPointer->next->members); + objectPointer->next->members = memberPointer; + } + free(objectPointer->next); + objectPointer->next = 0; + } + } + objectPointer = 0; + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } +} diff --git a/0.11.10/FW1/.svn/text-base/process-policycollections.c.svn-base b/0.11.10/FW1/.svn/text-base/process-policycollections.c.svn-base new file mode 100644 index 0000000..20ec3ec --- /dev/null +++ b/0.11.10/FW1/.svn/text-base/process-policycollections.c.svn-base @@ -0,0 +1,242 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for FW1 Policy Collections + +struct policyCollection +{ + char name[32]; + int def; + int allInternal; + struct host *targets; + struct policyCollection *next; +}; + + +struct policyCollection *getFW1PolicyCollection(struct nipperConfig *nipper, char *name) +{ + // Variables... + struct policyCollection *policyCollectionPointer = 0; + int init = false; + + // If first... + if (nipper->fw1->policies == 0) + { + nipper->fw1->policies = malloc(sizeof(struct policyCollection)); + policyCollectionPointer = nipper->fw1->policies; + init = true; + } + else + { + policyCollectionPointer = nipper->fw1->policies; + while ((policyCollectionPointer->next != 0) && (strcmp(policyCollectionPointer->name, name) != 0)) + policyCollectionPointer = policyCollectionPointer->next; + if (strcmp(policyCollectionPointer->name, name) != 0) + { + policyCollectionPointer->next = malloc(sizeof(struct policyCollection)); + policyCollectionPointer = policyCollectionPointer->next; + init = true; + } + } + + // Init? + if (init == true) + { + memset(policyCollectionPointer, 0, sizeof(struct policyCollection)); + strncpy(policyCollectionPointer->name, name, sizeof(policyCollectionPointer->name) - 1); + } + + return policyCollectionPointer; +} + + +void addFW1InstallableTarget(struct policyCollection *policyCollectionPointer, char *target) +{ + // Variables... + struct host *targetPointer; + int init = false; + + // If first... + if (policyCollectionPointer->targets == 0) + { + policyCollectionPointer->targets = malloc(sizeof(struct host)); + targetPointer = policyCollectionPointer->targets; + init = true; + } + else + { + targetPointer = policyCollectionPointer->targets; + while ((targetPointer->next != 0) && (strcmp(targetPointer->server, target) != 0)) + targetPointer = targetPointer->next; + if (strcmp(targetPointer->server, target) != 0) + { + targetPointer->next = malloc(sizeof(struct host)); + targetPointer = targetPointer->next; + init = true; + } + } + + // Init? + if (init == true) + { + memset(targetPointer, 0, sizeof(struct host)); + strncpy(targetPointer->server, target, sizeof(targetPointer->server) - 1); + } +} + + +void processFW1PolicyCollections(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct policyCollection *policyCollectionPointer = 0; + + // Debug output + if (nipper->debugMode == true) + printf("Policy Collection Line: %s\n", line); + + // Init... + command = splitLine(line); + + // Process lines + while ((feof(nipper->input) == 0) && (strcmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Policy Collection Line: %s\n", line); + + // Policy Collection + if ((strcmp(command.part[0], ":") == 0) && (strcmp(command.part[1], "()") != 0)) + { + policyCollectionPointer = getFW1PolicyCollection(nipper, command.part[1] + 1); + + // Process lines + while ((feof(nipper->input) == 0) && (strcmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Policy Collection Line: %s\n", line); + + // Default... + if (strcmp(command.part[0], ":default") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + policyCollectionPointer->def = atoi(command.part[1] + 1); + } + + // All Internal Modules... + else if ((strcmp(command.part[0], ":all_internal_modules") == 0) && (strcmp(command.part[1], "(true)") == 0)) + policyCollectionPointer->allInternal = true; + else if ((strcmp(command.part[0], ":all_internal_modules") == 0) && (strcmp(command.part[1], "(false)") == 0)) + policyCollectionPointer->allInternal = false; + + // Installable Targets... + else if ((strcmp(command.part[0], ":installable_targets") == 0) && (strcmp(command.part[1], "()") != 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Installable Targets Line: %s\n", line); + + // If reference object... + if ((strcmp(command.part[0], ":") == 0) && (strcmp(command.part[1], "(ReferenceObject") == 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Reference Object Line: %s\n", line); + + // Name... + if ((strcmp(command.part[0], ":Name") == 0) && (strcmp(command.part[1], "()") != 0)) + { + command.part[1][strlen(command.part[1]) -1] = 0; + addFW1InstallableTarget(policyCollectionPointer, command.part[1] + 1); + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + + } + policyCollectionPointer = 0; + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } +} diff --git a/0.11.10/FW1/.svn/text-base/process-rulebases.c.svn-base b/0.11.10/FW1/.svn/text-base/process-rulebases.c.svn-base new file mode 100644 index 0000000..30d138a --- /dev/null +++ b/0.11.10/FW1/.svn/text-base/process-rulebases.c.svn-base @@ -0,0 +1,145 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void processFW1Rulebase(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct filterListConfig *filterListPointer = 0; + struct filterConfig *filterPointer = 0; + struct ciscoCommand command; + char tempString[nipper->maxSize]; + int tempInt = false; + + // Init... + command = splitLine(line); + + // Get Filter List Pointer... + command.part[1][strlen(command.part[1]) - 1] = 0; + filterListPointer = getFilterList(nipper, command.part[1] + 4, "", false); + + // Does the list already exist? + if (filterListPointer->filter != 0) + { + filterPointer = filterListPointer->filter; + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0) && (filterPointer != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rulebase Line: %s\n", line); + + // Process Rules... + if ((strcmp(command.part[0], ":rule") == 0) && (strcmp(command.part[1], "()") != 0)) + { + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0) && (filterPointer != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rulebase Line: %s\n", line); + + // Comments... + if ((strcasecmp(command.part[0], ":comments") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + command.part[1][strlen(command.part[1]) - 1] = 0; + stripQuotes(command.part[1] + 1, filterPointer->remark, sizeof(filterPointer->remark) -1); + } + + // Header Text... + else if ((strcasecmp(command.part[0], ":header_text") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + command.part[1][strlen(command.part[1]) - 1] = 0; + stripQuotes(command.part[1] + 1, tempString, sizeof(tempString) -1); + insertFilterRemark(filterListPointer, filterPointer, true, tempString); + tempInt = true; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + if (tempInt == false) + filterPointer = filterPointer->next; + else + tempInt = false; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // List already exists... + else + { + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rulebase Line: %s\n", line); + + // Process Rules... + if ((strcmp(command.part[0], ":rule") == 0) && (strcmp(command.part[1], "()") != 0)) + processFW1Rule(line, nipper, filterListPointer); + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + } +} + diff --git a/0.11.10/FW1/.svn/text-base/process-rules.c.svn-base b/0.11.10/FW1/.svn/text-base/process-rules.c.svn-base new file mode 100644 index 0000000..1dfa9c5 --- /dev/null +++ b/0.11.10/FW1/.svn/text-base/process-rules.c.svn-base @@ -0,0 +1,693 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for FW1 Rules + + +void processFW1Rule(char *line, struct nipperConfig *nipper, struct filterListConfig *filterListPointer) +{ + // Variables... + struct ciscoCommand command; + struct filterConfig *filterPointer = 0; + struct filterConfig *filterSearchPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + char tempString[nipper->maxSize]; + + // Debug output + if (nipper->debugMode == true) + printf("Rules Line: %s\n", line); + + // If first rule... + if (filterListPointer->filter == 0) + { + filterListPointer->filter = malloc(sizeof(struct filterConfig)); + filterPointer = filterListPointer->filter; + } + else + { + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + filterPointer->next = malloc(sizeof(struct filterConfig)); + filterPointer = filterPointer->next; + } + + // Init... + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->enabled = true; + filterPointer->log = false; + filterPointer->deleteMe = false; + filterPointer->anySource = false; + filterPointer->networkSource = false; + filterPointer->anySourceService = false; + filterPointer->anyDestination = false; + filterPointer->networkDestination = false; + filterPointer->anyDestinationService = false; + filterPointer->logging = false; + filterPointer->logDeny = false; + + // Init... + command = splitLine(line); + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Line: %s\n", line); + + // Action... + if ((strcasecmp(command.part[0], ":action") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Action Line: %s\n", line); + + // Action structure + if (strcasecmp(command.part[0], ":") == 0) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Action Line: %s\n", line); + + // Action Type + if ((strcasecmp(command.part[0], ":action") == 0) || (strcasecmp(command.part[0], ":type") == 0)) + { + if (strcasecmp(command.part[1], "(accept)") == 0) + filterPointer->action = filter_action_accept; + else if (strcasecmp(command.part[1], "(drop)") == 0) + filterPointer->action = filter_action_drop; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Admin info (UID)... + else if ((strcasecmp(command.part[0], ":AdminInfo") == 0) && (strcasecmp(command.part[1], "(") == 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Admin Line: %s\n", line); + + if ((strcasecmp(command.part[0], ":chkpf_uid") == 0) && (strcasecmp(command.part[1], "()") != 0)) + strncpy(filterPointer->uid, command.part[1], sizeof(filterPointer->uid) -1); + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Header Text... + else if ((strcasecmp(command.part[0], ":header_text") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + command.part[1][strlen(command.part[1]) - 1] = 0; + stripQuotes(command.part[1] + 1, tempString, sizeof(tempString) -1); + insertFilterRemark(filterListPointer, filterPointer, true, tempString); + filterPointer->deleteMe = true; + } + + // Comments... + else if ((strcasecmp(command.part[0], ":comments") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + command.part[1][strlen(command.part[1]) - 1] = 0; + stripQuotes(command.part[1] + 1, filterPointer->remark, sizeof(filterPointer->remark) -1); + } + + // Disabled... + else if ((strcasecmp(command.part[0], ":disabled") == 0) && (strcasecmp(command.part[1], "(false)") == 0)) + filterPointer->enabled = true; + else if ((strcasecmp(command.part[0], ":disabled") == 0) && (strcasecmp(command.part[1], "(true)") == 0)) + filterPointer->enabled = false; + + // Track (Log)... + else if ((strcasecmp(command.part[0], ":track") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Track Line: %s\n", line); + + // Log structure + if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "log") == 0)) + filterPointer->log = true; + + // If reference object + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Track Line: %s\n", line); + + if ((strcasecmp(command.part[0], ":Name") == 0) && (strcasecmp(command.part[1], "(Log)") == 0)) + filterPointer->log = true; + else if ((strcasecmp(command.part[0], ":Name") == 0) && (strcasecmp(command.part[1], "(None)") == 0)) + filterPointer->log = false; + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Destination... + else if (strcasecmp(command.part[0], ":dst") == 0) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Destination Line: %s\n", line); + + // Member line + if ((strcasecmp(command.part[0], ":") == 0) && (command.part[1][0] != '(')) + { + filterObjectPointer = getFilterMember(filterPointer, command.part[1], object_filter_destination); + filterObjectPointer->type = object_type_object; + } + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Install Line: %s\n", line); + + // Name + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + filterObjectPointer = getFilterMember(filterPointer, command.part[1] + 1, object_filter_destination); + filterObjectPointer->type = object_type_object; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Source... + else if (strcasecmp(command.part[0], ":src") == 0) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Source Line: %s\n", line); + + // Member line + if ((strcasecmp(command.part[0], ":") == 0) && (command.part[1][0] != '(')) + { + filterObjectPointer = getFilterMember(filterPointer, command.part[1], object_filter_source); + filterObjectPointer->type = object_type_object; + } + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Install Line: %s\n", line); + + // Name + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + filterObjectPointer = getFilterMember(filterPointer, command.part[1] + 1, object_filter_source); + filterObjectPointer->type = object_type_object; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Install... + else if (strcasecmp(command.part[0], ":install") == 0) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Install Line: %s\n", line); + + // Member line + if ((strcasecmp(command.part[0], ":") == 0) && (command.part[1][0] != '(')) + { + filterObjectPointer = getFilterMember(filterPointer, command.part[1], object_filter_install); + filterObjectPointer->type = object_type_object; + } + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Install Line: %s\n", line); + + // Name + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + filterObjectPointer = getFilterMember(filterPointer, command.part[1] + 1, object_filter_install); + filterObjectPointer->type = object_type_object; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Through... + else if (strcasecmp(command.part[0], ":through") == 0) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Install Line: %s\n", line); + + // Member line + if ((strcasecmp(command.part[0], ":") == 0) && (command.part[1][0] != '(')) + { + filterObjectPointer = getFilterMember(filterPointer, command.part[1], object_filter_through); + filterObjectPointer->type = object_type_object; + } + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Install Line: %s\n", line); + + // Name + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + filterObjectPointer = getFilterMember(filterPointer, command.part[1] + 1, object_filter_through); + filterObjectPointer->type = object_type_object; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Services (destination)... + else if (strcasecmp(command.part[0], ":services") == 0) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Service Line: %s\n", line); + + // Member line + if ((strcasecmp(command.part[0], ":") == 0) && (command.part[1][0] != '(')) + { + filterObjectPointer = getFilterMember(filterPointer, command.part[1], object_filter_service); + filterObjectPointer->type = object_type_object; + } + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Install Line: %s\n", line); + + // Name + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + filterObjectPointer = getFilterMember(filterPointer, command.part[1] + 1, object_filter_service); + filterObjectPointer->type = object_type_object; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + + // If the filter should be deleted... + if (filterPointer->deleteMe == true) + { + // Sort out pointers... + if (filterPointer == filterListPointer->filter) + filterListPointer->filter = filterPointer->next; + else + { + filterSearchPointer = filterListPointer->filter; + while (filterSearchPointer->next != filterPointer) + filterSearchPointer = filterSearchPointer->next; + filterSearchPointer->next = filterPointer->next; + } + + // Delete struct... + while (filterPointer->source != 0) + { + filterObjectPointer = filterPointer->source->next; + free (filterPointer->source); + filterPointer->source = filterObjectPointer; + } + while (filterPointer->sourceService != 0) + { + filterObjectPointer = filterPointer->sourceService->next; + free (filterPointer->sourceService); + filterPointer->sourceService = filterObjectPointer; + } + while (filterPointer->destination != 0) + { + filterObjectPointer = filterPointer->destination->next; + free (filterPointer->destination); + filterPointer->destination = filterObjectPointer; + } + while (filterPointer->destinationService != 0) + { + filterObjectPointer = filterPointer->destinationService->next; + free (filterPointer->destinationService); + filterPointer->destinationService = filterObjectPointer; + } + while (filterPointer->through != 0) + { + filterObjectPointer = filterPointer->through->next; + free (filterPointer->through); + filterPointer->through = filterObjectPointer; + } + while (filterPointer->install != 0) + { + filterObjectPointer = filterPointer->install->next; + free (filterPointer->install); + filterPointer->install = filterObjectPointer; + } + free (filterPointer); + } +} + + +struct filterListConfig *processFW1RuleCollection(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct filterListConfig *filterListPointer = 0; + char tempString[nipper->maxSize]; + int init = false; + + // Debug output + if (nipper->debugMode == true) + printf("Rule Collection Line: %s\n", line); + + // Init... + command = splitLine(line); + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Policy Collection Line: %s\n", line); + + // Policy Collection Name... + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + memset(tempString, 0, nipper->maxSize); + strncpy(tempString, command.part[1] + 1, nipper->maxSize - 1); + + // If first filter list... + if (nipper->filterList == 0) + { + nipper->filterList = malloc(sizeof(struct filterListConfig)); + filterListPointer = nipper->filterList; + init = true; + } + else + { + filterListPointer = nipper->filterList; + while ((filterListPointer->next != 0) && (strcasecmp(filterListPointer->name, tempString) != 0)) + filterListPointer = filterListPointer->next; + if (strcasecmp(filterListPointer->name, tempString) != 0) + { + filterListPointer->next = malloc(sizeof(struct filterListConfig)); + filterListPointer = filterListPointer->next; + init = true; + } + } + + // Needs initialisation... + if (init == true) + { + memset(filterListPointer, 0, sizeof(struct filterListConfig)); + strncpy(filterListPointer->name, tempString, sizeof(filterListPointer->name) - 1); + filterListPointer->denyAllAndLog = false; + } + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + + return filterListPointer; +} + diff --git a/0.11.10/FW1/.svn/text-base/process-services.c.svn-base b/0.11.10/FW1/.svn/text-base/process-services.c.svn-base new file mode 100644 index 0000000..009c1ef --- /dev/null +++ b/0.11.10/FW1/.svn/text-base/process-services.c.svn-base @@ -0,0 +1,220 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void processFW1Services(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct objectMember *memberPointer = 0; + + // Debug output + if (nipper->debugMode == true) + printf("Service Line: %s\n", line); + + // Init... + command = splitLine(line); + + // Process lines + while ((feof(nipper->input) == 0) && (strcmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Service Line: %s\n", line); + + // If it is a new object + if (strcasecmp(command.part[0], ":") == 0) + { + // If the object list has not been created + if (objectListPointer == 0) + objectListPointer = getObjectListPointer(nipper, "FW1-Services"); + objectPointer = getObjectPointer(objectListPointer, command.part[1] + 1); + objectPointer->type = object_type_service; + nipper->fw1->serviceCount++; + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Object Line: %s\n", line); + + // Protocol... + if ((strcasecmp(command.part[0], ":protocol") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + command.part[1][strlen(command.part[1]) - 2] = 0; + objectPointer->serviceType = atoi(command.part[1] + 1); + } + + // Port... + else if ((strcasecmp(command.part[0], ":port") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + command.part[1][strlen(command.part[1]) - 1] = 0; + stripQuotes(command.part[1] + 1, objectPointer->address, sizeof(objectPointer->address) -1); + } + + // Type... + else if (strcasecmp(command.part[0], ":type") == 0) + { + if (strcasecmp(command.part[1], "(tcp)") == 0) + objectPointer->serviceType = service_protocol_tcp; + else if (strcasecmp(command.part[1], "(udp)") == 0) + objectPointer->serviceType = service_protocol_udp; + else if (strcasecmp(command.part[1], "(other)") == 0) + objectPointer->serviceType = service_protocol_other; + else if (strcasecmp(command.part[1], "(group)") == 0) + { + nipper->fw1->serviceCount--; + nipper->fw1->serviceGroupCount++; + objectPointer->type = object_type_group; + objectPointer->serviceType = service_protocol_none; + } + else if (strcasecmp(command.part[1], "(DceRpc)") == 0) + objectPointer->serviceType = service_protocol_dcerpc; + else if (strcasecmp(command.part[1], "(Rpc)") == 0) + objectPointer->serviceType = service_protocol_rpc; + else if (strcasecmp(command.part[1], "(Icmp)") == 0) + objectPointer->serviceType = service_protocol_icmp; + else if (strcasecmp(command.part[1], "(Tcp_subservice)") == 0) + objectPointer->serviceType = service_protocol_tcpsub; + else if (strcasecmp(command.part[1], "(gtp)") == 0) + objectPointer->serviceType = service_protocol_gtp0; + else if (strcasecmp(command.part[1], "(gtp_v1)") == 0) + objectPointer->serviceType = service_protocol_gtp1; + else + objectPointer->serviceType = service_protocol_unknown; + } + + // Comments... + else if ((strcasecmp(command.part[0], ":comments") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + command.part[1][strlen(command.part[1]) - 1] = 0; + stripQuotes(command.part[1] + 1, objectPointer->comment, sizeof(objectPointer->comment) -1); + } + + // Group Members... + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") != 0) && (strncmp(line, "\t\t\t:", 4) == 0)) + { + memberPointer = getObjectMember(objectPointer, command.part[1]); + memberPointer->type = object_type_object; + } + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Service Line: %s\n", line); + + // Name... + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + memberPointer = getObjectMember(objectPointer, command.part[1] + 1); + memberPointer->type = object_type_object; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + + // If delete me object... + if (objectPointer->type == object_type_delete_me) + { + nipper->fw1->serviceCount--; + if (objectListPointer->object->type == object_type_delete_me) + { + while (objectListPointer->object->members != 0) + { + memberPointer = objectListPointer->object->members->next; + free(objectListPointer->object->members); + objectListPointer->object->members = memberPointer; + } + free(objectListPointer->object); + objectListPointer->object = 0; + } + else + { + objectPointer = objectListPointer->object; + while (objectPointer->next->type != object_type_delete_me) + objectPointer = objectPointer->next; + while (objectPointer->next->members != 0) + { + memberPointer = objectPointer->next->members->next; + free(objectPointer->next->members); + objectPointer->next->members = memberPointer; + } + free(objectPointer->next); + objectPointer->next = 0; + } + } + objectPointer = 0; + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } +} + + + diff --git a/0.11.10/FW1/.svn/text-base/report-debug.c.svn-base b/0.11.10/FW1/.svn/text-base/report-debug.c.svn-base new file mode 100644 index 0000000..19c40a4 --- /dev/null +++ b/0.11.10/FW1/.svn/text-base/report-debug.c.svn-base @@ -0,0 +1,85 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void reportFW1Debug(struct nipperConfig *nipper) +{ + // Variables... + struct johnPassword *johnPointer = 0; + struct policyCollection *policyCollectionPointer = 0; + struct host *memberPointer = 0; + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf("True or Enabled = %d\n", true); + printf("False or Disabled = %d\n", false); + printf("Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + printf("Hostname: %s\n", nipper->hostname); + printf("Version: %s\n", nipper->version); + printf("Version: %d.%d.%d.%d\n", nipper->versionMajor, nipper->versionMinor, nipper->versionRevision, nipper->versionRevisionMinor); + + // Policy Collections... + policyCollectionPointer = nipper->fw1->policies; + while (policyCollectionPointer != 0) + { + printf("Policies Collection: %s\n", policyCollectionPointer->name); + printf(" Default: %d\n", policyCollectionPointer->def); + printf(" All Internal: %d\n", policyCollectionPointer->allInternal); + memberPointer = policyCollectionPointer->targets; + while (memberPointer != 0) + { + printf(" Installable Target: %s\n", memberPointer->server); + memberPointer = memberPointer->next; + } + policyCollectionPointer = policyCollectionPointer->next; + } + + // Filter Rules... + //reportRulesDebug(nipper); + + // Name Mappings + //reportObjectsDebug(nipper); + + // John-the-ripper + if (nipper->john != 0) + { + printf("\n%sJohn-the-ripper Output\n======================%s\n", COL_BLUE, RESET); + johnPointer = nipper->john; + while (johnPointer != 0) + { + printf("Username: %s\n", johnPointer->username); + printf(" Password: %s\n", johnPointer->password); + johnPointer = johnPointer->next; + } + } +} diff --git a/0.11.10/FW1/.svn/text-base/report-objects.c.svn-base b/0.11.10/FW1/.svn/text-base/report-objects.c.svn-base new file mode 100644 index 0000000..90f978b --- /dev/null +++ b/0.11.10/FW1/.svn/text-base/report-objects.c.svn-base @@ -0,0 +1,476 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the reporting for FW1 Objects + + +// Object Definitions (Gateway Clusters...) +void fw1GatewayClusterConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct hostInterfaces *fw1InterfacePointer = 0; + struct objectMember *memberPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_gateway_cluster) + { + // Gateway Configuration Settings... + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "", objectPointer->name); + sprintf(tempString, "%s %s", objectPointer->name, settings_objects_gatewaycluster_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_general_heading); + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sGateway Cluster Name%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sIP Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, objectPointer->address, nipper->tablerow_end); + if (objectPointer->firewall == true) + fprintf(nipper->reportFile, "%sFirewall%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sFirewall%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sCheckPoint Version%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, objectPointer->cpVersion, nipper->tablerow_end); + if (objectPointer->internal == true) + fprintf(nipper->reportFile, "%sManaged%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sManaged%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, tempString2, &settings_general_heading); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, ""); + + // Gateway Cluster Interfaces... + fw1InterfacePointer = objectPointer->interfaces; + if (fw1InterfacePointer != 0) + { + sprintf(tempString, "%s %s", objectPointer->name, settings_objects_gatewaycluster_int_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_object_gateinter_heading); + while (fw1InterfacePointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, fw1InterfacePointer->interface, nipper->tablerow_mid); + outputFriendly(fw1InterfacePointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (fw1InterfacePointer->dynamicIP == true) + fprintf(nipper->reportFile, "Enabled%sN/A%sN/A%s", nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Disabled%s%s%s%s%s", nipper->tablerow_mid, fw1InterfacePointer->address, nipper->tablerow_mid, fw1InterfacePointer->netMask, nipper->tablerow_end); + fw1InterfacePointer = fw1InterfacePointer->next; + } + output_table(nipper, false, tempString2, &settings_object_gateinter_heading); + } + + // Gateway Cluster Members... + memberPointer = objectPointer->members; + if (memberPointer != 0) + { + sprintf(tempString, "%s %s", objectPointer->name, settings_objects_gatewaycluster_mem_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_object_gatemem_heading); + while (memberPointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, memberPointer->number, nipper->tablerow_mid); + outputFriendly(memberPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "", tempString); + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + memberPointer = memberPointer->next; + } + output_table(nipper, false, tempString2, &settings_object_gatemem_heading); + } + } + objectPointer = objectPointer->next; + } +} + + +// Object Definitions (Gateway Cluster Members...) +void fw1GatewayClusterMemberConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct hostInterfaces *fw1InterfacePointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_cluster_member) + { + // Gateway Configuration Settings... + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "", objectPointer->name); + sprintf(tempString, "%s %s", objectPointer->name, settings_objects_gatewayclustermem_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_general_heading); + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sGateway Cluster Member Name%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sIP Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, objectPointer->address, nipper->tablerow_end); + output_table(nipper, false, tempString2, &settings_general_heading); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, ""); + + // Gateway Interfaces... + fw1InterfacePointer = objectPointer->interfaces; + if (fw1InterfacePointer != 0) + { + sprintf(tempString, "%s %s", objectPointer->name, settings_objects_gatewayclustermem_int_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_object_gateinter_heading); + while (fw1InterfacePointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, fw1InterfacePointer->interface, nipper->tablerow_mid); + outputFriendly(fw1InterfacePointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (fw1InterfacePointer->dynamicIP == true) + fprintf(nipper->reportFile, "Enabled%sN/A%sN/A%s", nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Disabled%s%s%s%s%s", nipper->tablerow_mid, fw1InterfacePointer->address, nipper->tablerow_mid, fw1InterfacePointer->netMask, nipper->tablerow_end); + fw1InterfacePointer = fw1InterfacePointer->next; + } + output_table(nipper, false, tempString2, &settings_object_gateinter_heading); + } + } + objectPointer = objectPointer->next; + } +} + + +// Object Definitions (Gateways...) +void fw1GatewayConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct hostInterfaces *fw1InterfacePointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_gateway) + { + // Gateway Configuration Settings... + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "", objectPointer->name); + sprintf(tempString, "%s %s", objectPointer->name, settings_objects_gateway_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_general_heading); + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sGateway Name%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sIP Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, objectPointer->address, nipper->tablerow_end); + if (objectPointer->firewall == true) + fprintf(nipper->reportFile, "%sFirewall%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sFirewall%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sCheckPoint Version%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, objectPointer->cpVersion, nipper->tablerow_end); + if (objectPointer->internal == true) + fprintf(nipper->reportFile, "%sManaged%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sManaged%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, tempString2, &settings_general_heading); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, ""); + + // Gateway Interfaces... + fw1InterfacePointer = objectPointer->interfaces; + if (fw1InterfacePointer != 0) + { + sprintf(tempString, "%s %s", objectPointer->name, settings_objects_gateway_int_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_object_gateinter_heading); + while (fw1InterfacePointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, fw1InterfacePointer->interface, nipper->tablerow_mid); + outputFriendly(fw1InterfacePointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (fw1InterfacePointer->dynamicIP == true) + fprintf(nipper->reportFile, "Enabled%sN/A%sN/A%s", nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Disabled%s%s%s%s%s", nipper->tablerow_mid, fw1InterfacePointer->address, nipper->tablerow_mid, fw1InterfacePointer->netMask, nipper->tablerow_end); + fw1InterfacePointer = fw1InterfacePointer->next; + } + output_table(nipper, false, tempString2, &settings_object_gateinter_heading); + } + } + objectPointer = objectPointer->next; + } +} + + +// Object Definitions (Hosts...) +void fw1HostsConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_objects_hosts_table, &settings_object_host_heading); + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_host) + { + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, tempString, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer->address, nipper->tablerow_mid); + if (objectPointer->internal == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + } + objectPointer = objectPointer->next; + } + output_table(nipper, false, settings_objects_hosts_table, &settings_object_host_heading); +} + + +// Object Definitions (Networks...) +void fw1NetworksConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_objects_network_table, &settings_object_network_heading); + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_network) + { + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, tempString, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer->address, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer->netMask, nipper->tablerow_mid); + if (objectPointer->internal == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + } + objectPointer = objectPointer->next; + } + output_table(nipper, false, settings_objects_network_table, &settings_object_network_heading); +} + + +// Object Definitions (Dynamic Network...) +void fw1DynamicNetworkConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_objects_dynamicnet_table, &settings_object_dynamicnet_heading); + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_dynamicnet) + { + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, tempString, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_end); + } + objectPointer = objectPointer->next; + } + output_table(nipper, false, settings_objects_dynamicnet_table, &settings_object_dynamicnet_heading); +} + + +// Machine Range Definitions +void fw1MachRangeConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_objects_machrange_table, &settings_object_machrange_heading); + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_machinesrange) + { + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, tempString, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer->address, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer->netMask, nipper->tablerow_end); + } + objectPointer = objectPointer->next; + } + output_table(nipper, false, settings_objects_machrange_table, &settings_object_machrange_heading); +} + + +// Object Definitions (Groups...) +void fw1GroupObjectsConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectConfig *objectPointer2 = 0; + struct objectMember *memberPointer = 0; + struct objectListConfig *objectListPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_group) + { + sprintf(tempString, "%s %s", objectPointer->name, settings_objects_group_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "", objectPointer->name); + output_table(nipper, true, tempString2, &settings_object_group_heading); + memberPointer = objectPointer->members; + while (memberPointer != 0) + { + objectPointer2 = nipper->objectList->object; + while ((objectPointer2->next != 0) && (strcasecmp(objectPointer2->name, memberPointer->name) != 0)) + objectPointer2 = objectPointer2->next; + outputFriendly(memberPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + if ((nipper->outputFormat == output_html) && (objectPointer2->type == object_type_group)) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, tempString, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (strcasecmp(objectPointer2->name, memberPointer->name) == 0) + { + switch (objectPointer2->type) + { + case object_type_network: + fprintf(nipper->reportFile, "Network%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer2->address, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s %s", objectPointer2->netMask, nipper->tablerow_mid); + if (objectPointer2->internal == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + break; + case object_type_group: + fprintf(nipper->reportFile, "Group%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "-%s-%s-%s", nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + break; + case object_type_host: + fprintf(nipper->reportFile, "Host%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer2->address, nipper->tablerow_mid); + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (objectPointer2->internal == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + break; + case object_type_machinesrange: + fprintf(nipper->reportFile, "Range%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer2->address, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s %s", objectPointer2->netMask, nipper->tablerow_mid); + if (objectPointer2->internal == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + break; + case object_type_dynamicnet: + fprintf(nipper->reportFile, "Dynamic Net%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "-%s-%s-%s", nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + break; + case object_type_gateway: + fprintf(nipper->reportFile, "Gateway%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer2->address, nipper->tablerow_mid); + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (objectPointer2->internal == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + break; + case object_type_cluster_member: + fprintf(nipper->reportFile, "Cluster Member%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer2->address, nipper->tablerow_mid); + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (objectPointer2->internal == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + break; + case object_type_gateway_cluster: + fprintf(nipper->reportFile, "Gateway Cluster%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer2->address, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s %s", objectPointer2->netMask, nipper->tablerow_mid); + if (objectPointer2->internal == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + break; + default: + fprintf(nipper->reportFile, "Unknown%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "-%s-%s-%s", nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + } + else + fprintf(nipper->reportFile, "Unknown%s-%s-%s-%s", nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + memberPointer = memberPointer->next; + } + output_table(nipper, false, tempString2, &settings_object_group_heading); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, ""); + } + objectPointer = objectPointer->next; + } +} diff --git a/0.11.10/FW1/.svn/text-base/report-rules.c.svn-base b/0.11.10/FW1/.svn/text-base/report-rules.c.svn-base new file mode 100644 index 0000000..8faf5e3 --- /dev/null +++ b/0.11.10/FW1/.svn/text-base/report-rules.c.svn-base @@ -0,0 +1,120 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the reporting for FW1 Rules + + +// Object Definitions (Hosts, Groups, Networks...) +void fw1RulesConfig(struct nipperConfig *nipper) +{ + reportRules(nipper); +} + + +// Firewall-1 rule issues... +void fw1RulesIssue(struct nipperConfig *nipper) +{ + // Variables... + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + int ruleNumber = 0; + + output_parseText(report_fw1policy_obs, nipper, section_obs, rate_none, nipper->aclIssues, nipper->tableNum); + + // One issue... + if (nipper->aclIssues == 1) + { + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + ruleNumber = 1; + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + reportCommonFilterIssues(nipper, filterListPointer->name, "The", "policy collection rule", filterPointer, ruleNumber, filterListPointer); + ruleNumber++; + } + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "The %s %s", filterListPointer->name, report_fw1policy_denylog); + + filterListPointer = filterListPointer->next; + } + output_newPara(nipper); + } + + // More than one issue... + else if (nipper->aclIssues > 1) + { + output_table(nipper, true, report_fw1policy_table, &report_fw1policy_heading); + + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + ruleNumber = 1; + + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + // Report issues... + reportCommonFilterTableIssues(nipper, filterListPointer->name, filterPointer, ruleNumber, filterListPointer); + + ruleNumber++; + } + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "%s%s%sN/A%s%s%s", nipper->tablerow_start, filterListPointer->name, nipper->tablerow_mid, nipper->tablerow_mid, report_fw1policyt_denylog, nipper->tablerow_end); + + filterListPointer = filterListPointer->next; + } + + output_table(nipper, false, report_fw1policy_table, &report_fw1policy_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_fw1policy_impact, nipper, section_imp, rate_med, nipper->aclIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_fw1policy_ease, nipper, section_ease, rate_noease, nipper->aclIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_fw1policy_rec1, nipper, section_rec, rate_none, nipper->aclIssues, nipper->tableNum); + set_aclrec_list(nipper, &report_fw1issues_heading); + output_list(nipper, &report_fw1issues_heading); + output_parseText(report_fw1policy_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} diff --git a/0.11.10/FW1/.svn/text-base/report-services.c.svn-base b/0.11.10/FW1/.svn/text-base/report-services.c.svn-base new file mode 100644 index 0000000..16d5c7f --- /dev/null +++ b/0.11.10/FW1/.svn/text-base/report-services.c.svn-base @@ -0,0 +1,134 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Services +void fw1ServiceConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_fw1services_title, &settings_fw1services_heading); + objectListPointer = getObjectListPointer(nipper, "FW1-Services"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type != object_type_group) + { + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + addAbbreviation(objectPointer->name, false); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + switch (objectPointer->serviceType) + { + case service_protocol_tcp: + addAbbreviation("TCP", false); + fprintf(nipper->reportFile, "TCP"); + break; + case service_protocol_udp: + addAbbreviation("UDP", false); + fprintf(nipper->reportFile, "UDP"); + break; + case service_protocol_other: + fprintf(nipper->reportFile, "Other"); + break; + case service_protocol_dcerpc: + fprintf(nipper->reportFile, "DCE/RPC"); + addAbbreviation("DCERPC", false); + addAbbreviation("RPC", false); + addAbbreviation("DCE", false); + break; + case service_protocol_rpc: + fprintf(nipper->reportFile, "RPC"); + addAbbreviation("RPC", false); + break; + case service_protocol_icmp: + fprintf(nipper->reportFile, "ICMP"); + addAbbreviation("ICMP", false); + break; + case service_protocol_tcpsub: + fprintf(nipper->reportFile, "TCP Sub"); + addAbbreviation("TCP", false); + break; + case service_protocol_gtp0: + fprintf(nipper->reportFile, "GTP v0"); + addAbbreviation("GTP", false); + break; + case service_protocol_gtp1: + fprintf(nipper->reportFile, "GTP v1"); + addAbbreviation("GTP", false); + break; + default: + fprintf(nipper->reportFile, "Unknown"); + break; + } + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, objectPointer->address, nipper->tablerow_mid); + outputFriendly(objectPointer->comment, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + objectPointer = objectPointer->next; + } + output_table(nipper, false, settings_fw1services_title, &settings_fw1services_heading); +} + + +// Service Groups +void fw1ServiceGroupConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct objectMember *memberPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + objectListPointer = getObjectListPointer(nipper, "FW1-Services"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_group) + { + sprintf(tempString, "%s %s", objectPointer->name, settings_fw1servicegroup_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString, &settings_fw1servicegroup_heading); + memberPointer = objectPointer->members; + while (memberPointer != 0) + { + outputFriendly(memberPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_end); + memberPointer = memberPointer->next; + } + output_table(nipper, false, tempString2, &settings_fw1servicegroup_heading); + } + objectPointer = objectPointer->next; + } +} + diff --git a/0.11.10/FW1/.svn/text-base/report.c.svn-base b/0.11.10/FW1/.svn/text-base/report.c.svn-base new file mode 100644 index 0000000..f658757 --- /dev/null +++ b/0.11.10/FW1/.svn/text-base/report.c.svn-base @@ -0,0 +1,82 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for Firewall-1 reporting + +// Report Firewall-1 includes... +#include "report-debug.c" +#include "report-objects.c" +#include "report-rules.c" +#include "report-services.c" + + +void generateFW1Report(struct nipperConfig *nipper) +{ + // Security Issues... + if (nipper->fullReport == true) + { + + // Firewall Rule Issues + if (nipper->filterList == 0) + nipper->aclIssues = -1; + else + rulesAudit(nipper); + if (nipper->aclIssues != 0) + addReportSection(nipper, section_security, report_fw1policy_title, report_fw1policy_context, report_fw1policy_rectext, 10, 8, 5, 3, fw1RulesIssue); + } + + // Configuration Output + if (nipper->filterList != 0) + addReportSection(nipper, section_config, settings_policycol_title, 0, 0, 0, 0, 0, 0, fw1RulesConfig); + if (nipper->fw1->gatewayClusterObjectCount > 0) + addReportSection(nipper, section_config, settings_objects_gatewaycluster_title, 0, 0, 0, 0, 0, 0, fw1GatewayClusterConfig); + if (nipper->fw1->clusterMemberObjectCount > 0) + addReportSection(nipper, section_config, settings_objects_gatewayclustermem_title, 0, 0, 0, 0, 0, 0, fw1GatewayClusterMemberConfig); + if (nipper->fw1->gatewayObjectCount > 0) + addReportSection(nipper, section_config, settings_objects_gateway_title, 0, 0, 0, 0, 0, 0, fw1GatewayConfig); + if (nipper->fw1->groupObjectCount > 0) + addReportSection(nipper, section_config, settings_objects_groups_title, 0, 0, 0, 0, 0, 0, fw1GroupObjectsConfig); + if (nipper->fw1->hostObjectCount > 0) + addReportSection(nipper, section_config, settings_objects_hosts_title, 0, 0, 0, 0, 0, 0, fw1HostsConfig); + if (nipper->fw1->networkObjectCount > 0) + addReportSection(nipper, section_config, settings_objects_network_title, 0, 0, 0, 0, 0, 0, fw1NetworksConfig); + if (nipper->fw1->dynamicNetObjectCount > 0) + addReportSection(nipper, section_config, settings_objects_dynnet_title, 0, 0, 0, 0, 0, 0, fw1DynamicNetworkConfig); + if (nipper->fw1->machinesRangeObjectCount > 0) + addReportSection(nipper, section_config, settings_objects_machrange_title, 0, 0, 0, 0, 0, 0, fw1MachRangeConfig); + if (nipper->fw1->serviceGroupCount > 0) + addReportSection(nipper, section_config, settings_fw1servicegroup_title, 0, 0, 0, 0, 0, 0, fw1ServiceGroupConfig); + if (nipper->fw1->serviceCount > 0) + addReportSection(nipper, section_config, settings_fw1services_title, 0, 0, 0, 0, 0, 0, fw1ServiceConfig); + + // Generate Report... + generateReport(nipper); +} + diff --git a/0.11.10/FW1/cleanup.c b/0.11.10/FW1/cleanup.c new file mode 100644 index 0000000..a203c41 --- /dev/null +++ b/0.11.10/FW1/cleanup.c @@ -0,0 +1,57 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the Passport cleanup code + + +void cleanupFW1(struct nipperConfig *nipper) +{ + // Variables... + struct host *memberPointer = 0; + struct policyCollection *policyCollectionPointer; + + // Cleanup Policy Collections + while (nipper->fw1->policies != 0) + { + while (nipper->fw1->policies->targets != 0) + { + memberPointer = nipper->fw1->policies->targets->next; + free(nipper->fw1->policies->targets); + nipper->fw1->policies->targets = memberPointer; + } + policyCollectionPointer = nipper->fw1->policies->next; + free(nipper->fw1->policies); + nipper->fw1->policies = policyCollectionPointer; + } + + // Cleanup Firewall-1 config + free(nipper->fw1); +} + diff --git a/0.11.10/FW1/input.c b/0.11.10/FW1/input.c new file mode 100644 index 0000000..7597357 --- /dev/null +++ b/0.11.10/FW1/input.c @@ -0,0 +1,211 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct firewall1Config +{ + struct policyCollection *policies; // Policy Collections... + + // Service Counts + int serviceCount; + int serviceGroupCount; + + // Object Counts + int groupObjectCount; + int gatewayObjectCount; + int gatewayClusterObjectCount; + int clusterMemberObjectCount; + int networkObjectCount; + int dynamicNetObjectCount; + int machinesRangeObjectCount; + int hostObjectCount; +}; + + +// FW1 Unhandled Processing (Recursive...) +void processFW1Unknown(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + + // Split the command line up + command = splitLine(line); + + // If it is a section end... + if (strcmp(command.part[0], ")") == 0) + {} + + // If item with no data... + else if (strcmp(command.part[1], "()") == 0) + {} + + // If item that has a little data... + else if ((command.part[1][0] == '(') && (command.part[command.parts - 1][strlen(command.part[command.parts - 1]) - 1] == ')')) + {} + + // If item has a lot more data... + else if (command.part[1][0] == '(') + { + while ((feof(nipper->input) == 0) && (strcmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Debug (lines not processed) + if (nipper->linesnotprocessed == true) + printf("%s\n", line); + + // Init... + command = splitLine(line); + + processFW1Unknown(nipper, line); + } + } +} + + +// Processing Firewall-1 includes... +#include "process-objects.c" +#include "process-policycollections.c" +#include "process-rules.c" +#include "process-rulebases.c" +#include "process-services.c" + + +// Process FW1 Input (Excluding Rules) +void processFW1Input(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + + // Split the command line up + command = splitLine(line); + + // Process objects... + if (((strcmp(command.part[0], ":netobj") == 0) || (strcmp(command.part[0], ":network_objects") == 0)) && (strcmp(command.part[1], "()") != 0)) + processFW1Objects(line, nipper); + + // Process Services... + else if (((strcmp(command.part[0], ":servobj") == 0) || (strcmp(command.part[0], ":services") == 0)) && (strcmp(command.part[1], "()") != 0)) + processFW1Services(line, nipper); + + // Process Policy Collections... + else if ((strcmp(command.part[0], ":policies_collections") == 0) && (strcmp(command.part[1], "()") != 0)) + processFW1PolicyCollections(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} + + +// Process FW1 Rules... +void processFW1RulesInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + struct filterListConfig *filterListPointer = 0; + + // Init... + filterListPointer = getFilterList(nipper, "Firewall-1", "", false); + + // Split the command line up + command = splitLine(line); + + // Process lines + while (feof(nipper->input) == 0) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Process Rules... + if ((strcmp(command.part[0], ":rules") == 0) && (strcmp(command.part[1], "()") != 0) && (filterListPointer != 0)) + { + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + if ((strcmp(command.part[0], ":") == 0) && (strcmp(command.part[1], "()") != 0)) + processFW1Rule(line, nipper, filterListPointer); + } + } + } +} + + +// Process FW1 Rules... +void processFW1RuleInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + struct filterListConfig *filterListPointer = 0; + + // Split the command line up + command = splitLine(line); + + // Process lines + while (feof(nipper->input) == 0) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Policy Collection Line: %s\n", line); + + // Process Rules... + if ((strcmp(command.part[0], ":rule") == 0) && (strcmp(command.part[1], "()") != 0) && (filterListPointer != 0)) + processFW1Rule(line, nipper, filterListPointer); + + else if ((strcmp(command.part[0], ":collection") == 0) && (strcmp(command.part[1], "()") != 0)) + filterListPointer = processFW1RuleCollection(line, nipper); + + else if ((strcmp(command.part[0], ":rule-base") == 0) && (strncmp(command.part[1], "(\"##", 4) == 0)) + processFW1Rulebase(line, nipper); + } +} + + diff --git a/0.11.10/FW1/process-objects.c b/0.11.10/FW1/process-objects.c new file mode 100644 index 0000000..6151a75 --- /dev/null +++ b/0.11.10/FW1/process-objects.c @@ -0,0 +1,447 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for FW1 Objects + + +// Get pointer to interface (or create a new one)... +struct hostInterfaces *getFW1HostInterface(struct nipperConfig *nipper, struct objectConfig *objectPointer, int interface) +{ + // Variables... + struct hostInterfaces *fw1InterfacePointer = 0; + int init = false; + + // Is it the first one? + if (objectPointer->interfaces == 0) + { + objectPointer->interfaces = malloc(sizeof(struct hostInterfaces)); + fw1InterfacePointer = objectPointer->interfaces; + init = true; + } + else + { + fw1InterfacePointer = objectPointer->interfaces; + while ((fw1InterfacePointer->next != 0) && (fw1InterfacePointer->interface != interface)) + fw1InterfacePointer = fw1InterfacePointer->next; + if (fw1InterfacePointer->interface != interface) + { + fw1InterfacePointer->next = malloc(sizeof(struct hostInterfaces)); + fw1InterfacePointer = fw1InterfacePointer->next; + init = true; + } + } + + // Does the structure need initing? + if (init == true) + { + memset(fw1InterfacePointer, 0, sizeof(struct hostInterfaces)); + fw1InterfacePointer->interface = interface; + fw1InterfacePointer->dynamicIP = false; + } + + return fw1InterfacePointer; +} + + +// Process an object interface... +void processFW1ObjectsInterfaces(char *line, struct nipperConfig *nipper, struct objectConfig *objectPointer) +{ + // Variables... + struct ciscoCommand command; + struct hostInterfaces *fw1InterfacePointer = 0; + + // Init... + command = splitLine(line); + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Object Interface Line: %s\n", line); + + // New Interface... + if ((command.part[0][0] == ':') && (strcasecmp(command.part[1], "()") != 0)) + { + // Create Interface... + fw1InterfacePointer = getFW1HostInterface(nipper, objectPointer, atoi(command.part[0] + 1)); + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Object Interface Line: %s\n", line); + + // IP Address... + if (strcasecmp(command.part[0], ":ipaddr") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + strncpy(fw1InterfacePointer->address, command.part[1] + 1, sizeof(fw1InterfacePointer->address) - 1); + } + + // Net Mask... + else if (strcasecmp(command.part[0], ":netmask") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + strncpy(fw1InterfacePointer->netMask, command.part[1] + 1, sizeof(fw1InterfacePointer->netMask) - 1); + } + + // Dynamic IP... + else if ((strcasecmp(command.part[0], ":dynamic_ip") == 0) && (strcasecmp(command.part[1], "(true)") == 0)) + fw1InterfacePointer->dynamicIP = true; + else if ((strcasecmp(command.part[0], ":dynamic_ip") == 0) && (strcasecmp(command.part[1], "(false)") == 0)) + fw1InterfacePointer->dynamicIP = false; + + // Dynamic IP... + else if (strcasecmp(command.part[0], ":officialname") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + strncpy(fw1InterfacePointer->name, command.part[1] + 1, sizeof(fw1InterfacePointer->name) - 1); + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + fw1InterfacePointer = 0; + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } +} + + +// Process Firewall-1 objects... +void processFW1Objects(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct objectMember *memberPointer = 0; + struct objectConfig *objectPointer = 0; + struct hostInterfaces *fw1InterfacePointer = 0; + struct objectListConfig *objectListPointer = 0; + int tempInt = 0; + + // Debug output + if (nipper->debugMode == true) + printf("Object Line: %s\n", line); + + // Init... + command = splitLine(line); + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Object Line: %s\n", line); + + // If it is a new object + if (strcasecmp(command.part[0], ":") == 0) + { + // If the object list has not been created + if (objectListPointer == 0) + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = getObjectPointer(objectListPointer, command.part[1] + 1); + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Object Line: %s\n", line); + + // IP Address... + if ((strcasecmp(command.part[0], ":ipaddr") == 0) || (strcasecmp(command.part[0], ":ipaddr_first") == 0)) + { + command.part[1][strlen(command.part[1]) -1] = 0; + strncpy(objectPointer->address, command.part[1] + 1, sizeof(objectPointer->address) - 1); + } + + // Net Mask... + else if ((strcasecmp(command.part[0], ":netmask") == 0) || (strcasecmp(command.part[0], ":ipaddr_last") == 0)) + { + command.part[1][strlen(command.part[1]) -1] = 0; + strncpy(objectPointer->netMask, command.part[1] + 1, sizeof(objectPointer->netMask) - 1); + } + + // Firewall... + else if ((strcasecmp(command.part[0], ":firewall") == 0) && (strcasecmp(command.part[1], "(installed)") == 0)) + objectPointer->firewall = true; + + // Location... + else if ((strcasecmp(command.part[0], ":location") == 0) && (strcasecmp(command.part[1], "(external)") == 0)) + objectPointer->internal = false; + + // CP Version... + else if (strcasecmp(command.part[0], ":cpver") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + strncpy(objectPointer->cpVersion, command.part[1] + 1, sizeof(objectPointer->cpVersion) - 1); + objectPointer->cpVersionMajor = atoi(objectPointer->cpVersion); + objectPointer->cpVersionMinor = atoi(strchr(objectPointer->cpVersion, '.') + 1); + } + + // Interfaces... + else if ((strcasecmp(command.part[0], ":interfaces") == 0) && (strcasecmp(command.part[1], "()") != 0)) + processFW1ObjectsInterfaces(line, nipper, objectPointer); + + // Management... + else if ((strcasecmp(command.part[0], ":management") == 0) && (strcasecmp(command.part[1], "(true)") == 0)) + objectPointer->management = true; + + // Type... + else if (strcasecmp(command.part[0], ":type") == 0) + { + if (strcasecmp(command.part[1], "(host)") == 0) + { + nipper->fw1->hostObjectCount++; + objectPointer->type = object_type_host; + } + else if (strcasecmp(command.part[1], "(machines_range)") == 0) + { + nipper->fw1->machinesRangeObjectCount++; + objectPointer->type = object_type_machinesrange; + } + else if (strcasecmp(command.part[1], "(dynamic_net_obj)") == 0) + { + nipper->fw1->dynamicNetObjectCount++; + objectPointer->type = object_type_dynamicnet; + } + else if (strcasecmp(command.part[1], "(group)") == 0) + { + nipper->fw1->groupObjectCount++; + objectPointer->type = object_type_group; + } + else if (strcasecmp(command.part[1], "(network)") == 0) + { + nipper->fw1->networkObjectCount++; + objectPointer->type = object_type_network; + } + else if (strcasecmp(command.part[1], "(gateway)") == 0) + { + nipper->fw1->gatewayObjectCount++; + objectPointer->type = object_type_gateway; + } + else if (strcasecmp(command.part[1], "(gateway_cluster)") == 0) + { + nipper->fw1->gatewayClusterObjectCount++; + objectPointer->type = object_type_gateway_cluster; + } + else if (strcasecmp(command.part[1], "(cluster_member)") == 0) + { + nipper->fw1->clusterMemberObjectCount++; + objectPointer->type = object_type_cluster_member; + } + + // Create a delete me object... + else + objectPointer->type = object_type_delete_me; + } + + // Cluster Members... + else if ((strcasecmp(command.part[0], ":cluster_members") == 0) && (strcasecmp(command.part[1], "(") == 0)) + { + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Object Line: %s\n", line); + + // New member... + if ((command.part[0][0] == ':') && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + tempInt = atoi(command.part[0] + 1); + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Object Line: %s\n", line); + + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + memberPointer = getObjectMember(objectPointer, command.part[1] + 1); + memberPointer->type = object_type_object; + memberPointer->number = tempInt; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Group Members... + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") != 0) && (strncmp(line, "\t\t\t:", 4) == 0)) + { + memberPointer = getObjectMember(objectPointer, command.part[1]); + memberPointer->type = object_type_object; + } + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Object Line: %s\n", line); + + // Name... + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + memberPointer = getObjectMember(objectPointer, command.part[1] + 1); + memberPointer->type = object_type_object; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + + // If delete me object... + if (objectPointer->type == object_type_delete_me) + { + if (objectListPointer->object->type == object_type_delete_me) + { + while (objectListPointer->object->interfaces != 0) + { + fw1InterfacePointer = objectListPointer->object->interfaces->next; + free(objectListPointer->object->interfaces); + objectListPointer->object->interfaces = fw1InterfacePointer; + } + while (objectListPointer->object->members != 0) + { + memberPointer = objectListPointer->object->members->next; + free(objectListPointer->object->members); + objectListPointer->object->members = memberPointer; + } + free(objectListPointer->object); + objectListPointer->object = 0; + } + else + { + objectPointer = objectListPointer->object; + while (objectPointer->next->type != object_type_delete_me) + objectPointer = objectPointer->next; + while (objectPointer->next->interfaces != 0) + { + fw1InterfacePointer = objectPointer->next->interfaces->next; + free(objectPointer->next->interfaces); + objectPointer->next->interfaces = fw1InterfacePointer; + } + while (objectPointer->next->members != 0) + { + memberPointer = objectPointer->next->members->next; + free(objectPointer->next->members); + objectPointer->next->members = memberPointer; + } + free(objectPointer->next); + objectPointer->next = 0; + } + } + objectPointer = 0; + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } +} diff --git a/0.11.10/FW1/process-policycollections.c b/0.11.10/FW1/process-policycollections.c new file mode 100644 index 0000000..20ec3ec --- /dev/null +++ b/0.11.10/FW1/process-policycollections.c @@ -0,0 +1,242 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for FW1 Policy Collections + +struct policyCollection +{ + char name[32]; + int def; + int allInternal; + struct host *targets; + struct policyCollection *next; +}; + + +struct policyCollection *getFW1PolicyCollection(struct nipperConfig *nipper, char *name) +{ + // Variables... + struct policyCollection *policyCollectionPointer = 0; + int init = false; + + // If first... + if (nipper->fw1->policies == 0) + { + nipper->fw1->policies = malloc(sizeof(struct policyCollection)); + policyCollectionPointer = nipper->fw1->policies; + init = true; + } + else + { + policyCollectionPointer = nipper->fw1->policies; + while ((policyCollectionPointer->next != 0) && (strcmp(policyCollectionPointer->name, name) != 0)) + policyCollectionPointer = policyCollectionPointer->next; + if (strcmp(policyCollectionPointer->name, name) != 0) + { + policyCollectionPointer->next = malloc(sizeof(struct policyCollection)); + policyCollectionPointer = policyCollectionPointer->next; + init = true; + } + } + + // Init? + if (init == true) + { + memset(policyCollectionPointer, 0, sizeof(struct policyCollection)); + strncpy(policyCollectionPointer->name, name, sizeof(policyCollectionPointer->name) - 1); + } + + return policyCollectionPointer; +} + + +void addFW1InstallableTarget(struct policyCollection *policyCollectionPointer, char *target) +{ + // Variables... + struct host *targetPointer; + int init = false; + + // If first... + if (policyCollectionPointer->targets == 0) + { + policyCollectionPointer->targets = malloc(sizeof(struct host)); + targetPointer = policyCollectionPointer->targets; + init = true; + } + else + { + targetPointer = policyCollectionPointer->targets; + while ((targetPointer->next != 0) && (strcmp(targetPointer->server, target) != 0)) + targetPointer = targetPointer->next; + if (strcmp(targetPointer->server, target) != 0) + { + targetPointer->next = malloc(sizeof(struct host)); + targetPointer = targetPointer->next; + init = true; + } + } + + // Init? + if (init == true) + { + memset(targetPointer, 0, sizeof(struct host)); + strncpy(targetPointer->server, target, sizeof(targetPointer->server) - 1); + } +} + + +void processFW1PolicyCollections(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct policyCollection *policyCollectionPointer = 0; + + // Debug output + if (nipper->debugMode == true) + printf("Policy Collection Line: %s\n", line); + + // Init... + command = splitLine(line); + + // Process lines + while ((feof(nipper->input) == 0) && (strcmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Policy Collection Line: %s\n", line); + + // Policy Collection + if ((strcmp(command.part[0], ":") == 0) && (strcmp(command.part[1], "()") != 0)) + { + policyCollectionPointer = getFW1PolicyCollection(nipper, command.part[1] + 1); + + // Process lines + while ((feof(nipper->input) == 0) && (strcmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Policy Collection Line: %s\n", line); + + // Default... + if (strcmp(command.part[0], ":default") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + policyCollectionPointer->def = atoi(command.part[1] + 1); + } + + // All Internal Modules... + else if ((strcmp(command.part[0], ":all_internal_modules") == 0) && (strcmp(command.part[1], "(true)") == 0)) + policyCollectionPointer->allInternal = true; + else if ((strcmp(command.part[0], ":all_internal_modules") == 0) && (strcmp(command.part[1], "(false)") == 0)) + policyCollectionPointer->allInternal = false; + + // Installable Targets... + else if ((strcmp(command.part[0], ":installable_targets") == 0) && (strcmp(command.part[1], "()") != 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Installable Targets Line: %s\n", line); + + // If reference object... + if ((strcmp(command.part[0], ":") == 0) && (strcmp(command.part[1], "(ReferenceObject") == 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Reference Object Line: %s\n", line); + + // Name... + if ((strcmp(command.part[0], ":Name") == 0) && (strcmp(command.part[1], "()") != 0)) + { + command.part[1][strlen(command.part[1]) -1] = 0; + addFW1InstallableTarget(policyCollectionPointer, command.part[1] + 1); + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + + } + policyCollectionPointer = 0; + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } +} diff --git a/0.11.10/FW1/process-rulebases.c b/0.11.10/FW1/process-rulebases.c new file mode 100644 index 0000000..30d138a --- /dev/null +++ b/0.11.10/FW1/process-rulebases.c @@ -0,0 +1,145 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void processFW1Rulebase(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct filterListConfig *filterListPointer = 0; + struct filterConfig *filterPointer = 0; + struct ciscoCommand command; + char tempString[nipper->maxSize]; + int tempInt = false; + + // Init... + command = splitLine(line); + + // Get Filter List Pointer... + command.part[1][strlen(command.part[1]) - 1] = 0; + filterListPointer = getFilterList(nipper, command.part[1] + 4, "", false); + + // Does the list already exist? + if (filterListPointer->filter != 0) + { + filterPointer = filterListPointer->filter; + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0) && (filterPointer != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rulebase Line: %s\n", line); + + // Process Rules... + if ((strcmp(command.part[0], ":rule") == 0) && (strcmp(command.part[1], "()") != 0)) + { + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0) && (filterPointer != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rulebase Line: %s\n", line); + + // Comments... + if ((strcasecmp(command.part[0], ":comments") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + command.part[1][strlen(command.part[1]) - 1] = 0; + stripQuotes(command.part[1] + 1, filterPointer->remark, sizeof(filterPointer->remark) -1); + } + + // Header Text... + else if ((strcasecmp(command.part[0], ":header_text") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + command.part[1][strlen(command.part[1]) - 1] = 0; + stripQuotes(command.part[1] + 1, tempString, sizeof(tempString) -1); + insertFilterRemark(filterListPointer, filterPointer, true, tempString); + tempInt = true; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + if (tempInt == false) + filterPointer = filterPointer->next; + else + tempInt = false; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // List already exists... + else + { + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rulebase Line: %s\n", line); + + // Process Rules... + if ((strcmp(command.part[0], ":rule") == 0) && (strcmp(command.part[1], "()") != 0)) + processFW1Rule(line, nipper, filterListPointer); + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + } +} + diff --git a/0.11.10/FW1/process-rules.c b/0.11.10/FW1/process-rules.c new file mode 100644 index 0000000..1dfa9c5 --- /dev/null +++ b/0.11.10/FW1/process-rules.c @@ -0,0 +1,693 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for FW1 Rules + + +void processFW1Rule(char *line, struct nipperConfig *nipper, struct filterListConfig *filterListPointer) +{ + // Variables... + struct ciscoCommand command; + struct filterConfig *filterPointer = 0; + struct filterConfig *filterSearchPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + char tempString[nipper->maxSize]; + + // Debug output + if (nipper->debugMode == true) + printf("Rules Line: %s\n", line); + + // If first rule... + if (filterListPointer->filter == 0) + { + filterListPointer->filter = malloc(sizeof(struct filterConfig)); + filterPointer = filterListPointer->filter; + } + else + { + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + filterPointer->next = malloc(sizeof(struct filterConfig)); + filterPointer = filterPointer->next; + } + + // Init... + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->enabled = true; + filterPointer->log = false; + filterPointer->deleteMe = false; + filterPointer->anySource = false; + filterPointer->networkSource = false; + filterPointer->anySourceService = false; + filterPointer->anyDestination = false; + filterPointer->networkDestination = false; + filterPointer->anyDestinationService = false; + filterPointer->logging = false; + filterPointer->logDeny = false; + + // Init... + command = splitLine(line); + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Line: %s\n", line); + + // Action... + if ((strcasecmp(command.part[0], ":action") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Action Line: %s\n", line); + + // Action structure + if (strcasecmp(command.part[0], ":") == 0) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Action Line: %s\n", line); + + // Action Type + if ((strcasecmp(command.part[0], ":action") == 0) || (strcasecmp(command.part[0], ":type") == 0)) + { + if (strcasecmp(command.part[1], "(accept)") == 0) + filterPointer->action = filter_action_accept; + else if (strcasecmp(command.part[1], "(drop)") == 0) + filterPointer->action = filter_action_drop; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Admin info (UID)... + else if ((strcasecmp(command.part[0], ":AdminInfo") == 0) && (strcasecmp(command.part[1], "(") == 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Admin Line: %s\n", line); + + if ((strcasecmp(command.part[0], ":chkpf_uid") == 0) && (strcasecmp(command.part[1], "()") != 0)) + strncpy(filterPointer->uid, command.part[1], sizeof(filterPointer->uid) -1); + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Header Text... + else if ((strcasecmp(command.part[0], ":header_text") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + command.part[1][strlen(command.part[1]) - 1] = 0; + stripQuotes(command.part[1] + 1, tempString, sizeof(tempString) -1); + insertFilterRemark(filterListPointer, filterPointer, true, tempString); + filterPointer->deleteMe = true; + } + + // Comments... + else if ((strcasecmp(command.part[0], ":comments") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + command.part[1][strlen(command.part[1]) - 1] = 0; + stripQuotes(command.part[1] + 1, filterPointer->remark, sizeof(filterPointer->remark) -1); + } + + // Disabled... + else if ((strcasecmp(command.part[0], ":disabled") == 0) && (strcasecmp(command.part[1], "(false)") == 0)) + filterPointer->enabled = true; + else if ((strcasecmp(command.part[0], ":disabled") == 0) && (strcasecmp(command.part[1], "(true)") == 0)) + filterPointer->enabled = false; + + // Track (Log)... + else if ((strcasecmp(command.part[0], ":track") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Track Line: %s\n", line); + + // Log structure + if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "log") == 0)) + filterPointer->log = true; + + // If reference object + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Track Line: %s\n", line); + + if ((strcasecmp(command.part[0], ":Name") == 0) && (strcasecmp(command.part[1], "(Log)") == 0)) + filterPointer->log = true; + else if ((strcasecmp(command.part[0], ":Name") == 0) && (strcasecmp(command.part[1], "(None)") == 0)) + filterPointer->log = false; + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Destination... + else if (strcasecmp(command.part[0], ":dst") == 0) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Destination Line: %s\n", line); + + // Member line + if ((strcasecmp(command.part[0], ":") == 0) && (command.part[1][0] != '(')) + { + filterObjectPointer = getFilterMember(filterPointer, command.part[1], object_filter_destination); + filterObjectPointer->type = object_type_object; + } + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Install Line: %s\n", line); + + // Name + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + filterObjectPointer = getFilterMember(filterPointer, command.part[1] + 1, object_filter_destination); + filterObjectPointer->type = object_type_object; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Source... + else if (strcasecmp(command.part[0], ":src") == 0) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Source Line: %s\n", line); + + // Member line + if ((strcasecmp(command.part[0], ":") == 0) && (command.part[1][0] != '(')) + { + filterObjectPointer = getFilterMember(filterPointer, command.part[1], object_filter_source); + filterObjectPointer->type = object_type_object; + } + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Install Line: %s\n", line); + + // Name + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + filterObjectPointer = getFilterMember(filterPointer, command.part[1] + 1, object_filter_source); + filterObjectPointer->type = object_type_object; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Install... + else if (strcasecmp(command.part[0], ":install") == 0) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Install Line: %s\n", line); + + // Member line + if ((strcasecmp(command.part[0], ":") == 0) && (command.part[1][0] != '(')) + { + filterObjectPointer = getFilterMember(filterPointer, command.part[1], object_filter_install); + filterObjectPointer->type = object_type_object; + } + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Install Line: %s\n", line); + + // Name + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + filterObjectPointer = getFilterMember(filterPointer, command.part[1] + 1, object_filter_install); + filterObjectPointer->type = object_type_object; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Through... + else if (strcasecmp(command.part[0], ":through") == 0) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Install Line: %s\n", line); + + // Member line + if ((strcasecmp(command.part[0], ":") == 0) && (command.part[1][0] != '(')) + { + filterObjectPointer = getFilterMember(filterPointer, command.part[1], object_filter_through); + filterObjectPointer->type = object_type_object; + } + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Install Line: %s\n", line); + + // Name + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + filterObjectPointer = getFilterMember(filterPointer, command.part[1] + 1, object_filter_through); + filterObjectPointer->type = object_type_object; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Services (destination)... + else if (strcasecmp(command.part[0], ":services") == 0) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Service Line: %s\n", line); + + // Member line + if ((strcasecmp(command.part[0], ":") == 0) && (command.part[1][0] != '(')) + { + filterObjectPointer = getFilterMember(filterPointer, command.part[1], object_filter_service); + filterObjectPointer->type = object_type_object; + } + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Rules Install Line: %s\n", line); + + // Name + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + filterObjectPointer = getFilterMember(filterPointer, command.part[1] + 1, object_filter_service); + filterObjectPointer->type = object_type_object; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + + // If the filter should be deleted... + if (filterPointer->deleteMe == true) + { + // Sort out pointers... + if (filterPointer == filterListPointer->filter) + filterListPointer->filter = filterPointer->next; + else + { + filterSearchPointer = filterListPointer->filter; + while (filterSearchPointer->next != filterPointer) + filterSearchPointer = filterSearchPointer->next; + filterSearchPointer->next = filterPointer->next; + } + + // Delete struct... + while (filterPointer->source != 0) + { + filterObjectPointer = filterPointer->source->next; + free (filterPointer->source); + filterPointer->source = filterObjectPointer; + } + while (filterPointer->sourceService != 0) + { + filterObjectPointer = filterPointer->sourceService->next; + free (filterPointer->sourceService); + filterPointer->sourceService = filterObjectPointer; + } + while (filterPointer->destination != 0) + { + filterObjectPointer = filterPointer->destination->next; + free (filterPointer->destination); + filterPointer->destination = filterObjectPointer; + } + while (filterPointer->destinationService != 0) + { + filterObjectPointer = filterPointer->destinationService->next; + free (filterPointer->destinationService); + filterPointer->destinationService = filterObjectPointer; + } + while (filterPointer->through != 0) + { + filterObjectPointer = filterPointer->through->next; + free (filterPointer->through); + filterPointer->through = filterObjectPointer; + } + while (filterPointer->install != 0) + { + filterObjectPointer = filterPointer->install->next; + free (filterPointer->install); + filterPointer->install = filterObjectPointer; + } + free (filterPointer); + } +} + + +struct filterListConfig *processFW1RuleCollection(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct filterListConfig *filterListPointer = 0; + char tempString[nipper->maxSize]; + int init = false; + + // Debug output + if (nipper->debugMode == true) + printf("Rule Collection Line: %s\n", line); + + // Init... + command = splitLine(line); + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Policy Collection Line: %s\n", line); + + // Policy Collection Name... + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + memset(tempString, 0, nipper->maxSize); + strncpy(tempString, command.part[1] + 1, nipper->maxSize - 1); + + // If first filter list... + if (nipper->filterList == 0) + { + nipper->filterList = malloc(sizeof(struct filterListConfig)); + filterListPointer = nipper->filterList; + init = true; + } + else + { + filterListPointer = nipper->filterList; + while ((filterListPointer->next != 0) && (strcasecmp(filterListPointer->name, tempString) != 0)) + filterListPointer = filterListPointer->next; + if (strcasecmp(filterListPointer->name, tempString) != 0) + { + filterListPointer->next = malloc(sizeof(struct filterListConfig)); + filterListPointer = filterListPointer->next; + init = true; + } + } + + // Needs initialisation... + if (init == true) + { + memset(filterListPointer, 0, sizeof(struct filterListConfig)); + strncpy(filterListPointer->name, tempString, sizeof(filterListPointer->name) - 1); + filterListPointer->denyAllAndLog = false; + } + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + + return filterListPointer; +} + diff --git a/0.11.10/FW1/process-services.c b/0.11.10/FW1/process-services.c new file mode 100644 index 0000000..009c1ef --- /dev/null +++ b/0.11.10/FW1/process-services.c @@ -0,0 +1,220 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void processFW1Services(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct objectMember *memberPointer = 0; + + // Debug output + if (nipper->debugMode == true) + printf("Service Line: %s\n", line); + + // Init... + command = splitLine(line); + + // Process lines + while ((feof(nipper->input) == 0) && (strcmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Service Line: %s\n", line); + + // If it is a new object + if (strcasecmp(command.part[0], ":") == 0) + { + // If the object list has not been created + if (objectListPointer == 0) + objectListPointer = getObjectListPointer(nipper, "FW1-Services"); + objectPointer = getObjectPointer(objectListPointer, command.part[1] + 1); + objectPointer->type = object_type_service; + nipper->fw1->serviceCount++; + + // Process lines + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Object Line: %s\n", line); + + // Protocol... + if ((strcasecmp(command.part[0], ":protocol") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + command.part[1][strlen(command.part[1]) - 2] = 0; + objectPointer->serviceType = atoi(command.part[1] + 1); + } + + // Port... + else if ((strcasecmp(command.part[0], ":port") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + command.part[1][strlen(command.part[1]) - 1] = 0; + stripQuotes(command.part[1] + 1, objectPointer->address, sizeof(objectPointer->address) -1); + } + + // Type... + else if (strcasecmp(command.part[0], ":type") == 0) + { + if (strcasecmp(command.part[1], "(tcp)") == 0) + objectPointer->serviceType = service_protocol_tcp; + else if (strcasecmp(command.part[1], "(udp)") == 0) + objectPointer->serviceType = service_protocol_udp; + else if (strcasecmp(command.part[1], "(other)") == 0) + objectPointer->serviceType = service_protocol_other; + else if (strcasecmp(command.part[1], "(group)") == 0) + { + nipper->fw1->serviceCount--; + nipper->fw1->serviceGroupCount++; + objectPointer->type = object_type_group; + objectPointer->serviceType = service_protocol_none; + } + else if (strcasecmp(command.part[1], "(DceRpc)") == 0) + objectPointer->serviceType = service_protocol_dcerpc; + else if (strcasecmp(command.part[1], "(Rpc)") == 0) + objectPointer->serviceType = service_protocol_rpc; + else if (strcasecmp(command.part[1], "(Icmp)") == 0) + objectPointer->serviceType = service_protocol_icmp; + else if (strcasecmp(command.part[1], "(Tcp_subservice)") == 0) + objectPointer->serviceType = service_protocol_tcpsub; + else if (strcasecmp(command.part[1], "(gtp)") == 0) + objectPointer->serviceType = service_protocol_gtp0; + else if (strcasecmp(command.part[1], "(gtp_v1)") == 0) + objectPointer->serviceType = service_protocol_gtp1; + else + objectPointer->serviceType = service_protocol_unknown; + } + + // Comments... + else if ((strcasecmp(command.part[0], ":comments") == 0) && (strcasecmp(command.part[1], "()") != 0)) + { + command.part[1][strlen(command.part[1]) - 1] = 0; + stripQuotes(command.part[1] + 1, objectPointer->comment, sizeof(objectPointer->comment) -1); + } + + // Group Members... + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") != 0) && (strncmp(line, "\t\t\t:", 4) == 0)) + { + memberPointer = getObjectMember(objectPointer, command.part[1]); + memberPointer->type = object_type_object; + } + else if ((strcasecmp(command.part[0], ":") == 0) && (strcasecmp(command.part[1], "(ReferenceObject") == 0)) + { + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], ")") != 0)) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Init... + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Service Line: %s\n", line); + + // Name... + if (strcasecmp(command.part[0], ":Name") == 0) + { + command.part[1][strlen(command.part[1]) -1] = 0; + memberPointer = getObjectMember(objectPointer, command.part[1] + 1); + memberPointer->type = object_type_object; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } + + // If delete me object... + if (objectPointer->type == object_type_delete_me) + { + nipper->fw1->serviceCount--; + if (objectListPointer->object->type == object_type_delete_me) + { + while (objectListPointer->object->members != 0) + { + memberPointer = objectListPointer->object->members->next; + free(objectListPointer->object->members); + objectListPointer->object->members = memberPointer; + } + free(objectListPointer->object); + objectListPointer->object = 0; + } + else + { + objectPointer = objectListPointer->object; + while (objectPointer->next->type != object_type_delete_me) + objectPointer = objectPointer->next; + while (objectPointer->next->members != 0) + { + memberPointer = objectPointer->next->members->next; + free(objectPointer->next->members); + objectPointer->next->members = memberPointer; + } + free(objectPointer->next); + objectPointer->next = 0; + } + } + objectPointer = 0; + command.part[0][0] = 0; + } + + // Process Unknown... + else + processFW1Unknown(nipper, line); + } +} + + + diff --git a/0.11.10/FW1/report-debug.c b/0.11.10/FW1/report-debug.c new file mode 100644 index 0000000..19c40a4 --- /dev/null +++ b/0.11.10/FW1/report-debug.c @@ -0,0 +1,85 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void reportFW1Debug(struct nipperConfig *nipper) +{ + // Variables... + struct johnPassword *johnPointer = 0; + struct policyCollection *policyCollectionPointer = 0; + struct host *memberPointer = 0; + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf("True or Enabled = %d\n", true); + printf("False or Disabled = %d\n", false); + printf("Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + printf("Hostname: %s\n", nipper->hostname); + printf("Version: %s\n", nipper->version); + printf("Version: %d.%d.%d.%d\n", nipper->versionMajor, nipper->versionMinor, nipper->versionRevision, nipper->versionRevisionMinor); + + // Policy Collections... + policyCollectionPointer = nipper->fw1->policies; + while (policyCollectionPointer != 0) + { + printf("Policies Collection: %s\n", policyCollectionPointer->name); + printf(" Default: %d\n", policyCollectionPointer->def); + printf(" All Internal: %d\n", policyCollectionPointer->allInternal); + memberPointer = policyCollectionPointer->targets; + while (memberPointer != 0) + { + printf(" Installable Target: %s\n", memberPointer->server); + memberPointer = memberPointer->next; + } + policyCollectionPointer = policyCollectionPointer->next; + } + + // Filter Rules... + //reportRulesDebug(nipper); + + // Name Mappings + //reportObjectsDebug(nipper); + + // John-the-ripper + if (nipper->john != 0) + { + printf("\n%sJohn-the-ripper Output\n======================%s\n", COL_BLUE, RESET); + johnPointer = nipper->john; + while (johnPointer != 0) + { + printf("Username: %s\n", johnPointer->username); + printf(" Password: %s\n", johnPointer->password); + johnPointer = johnPointer->next; + } + } +} diff --git a/0.11.10/FW1/report-objects.c b/0.11.10/FW1/report-objects.c new file mode 100644 index 0000000..90f978b --- /dev/null +++ b/0.11.10/FW1/report-objects.c @@ -0,0 +1,476 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the reporting for FW1 Objects + + +// Object Definitions (Gateway Clusters...) +void fw1GatewayClusterConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct hostInterfaces *fw1InterfacePointer = 0; + struct objectMember *memberPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_gateway_cluster) + { + // Gateway Configuration Settings... + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "", objectPointer->name); + sprintf(tempString, "%s %s", objectPointer->name, settings_objects_gatewaycluster_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_general_heading); + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sGateway Cluster Name%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sIP Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, objectPointer->address, nipper->tablerow_end); + if (objectPointer->firewall == true) + fprintf(nipper->reportFile, "%sFirewall%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sFirewall%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sCheckPoint Version%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, objectPointer->cpVersion, nipper->tablerow_end); + if (objectPointer->internal == true) + fprintf(nipper->reportFile, "%sManaged%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sManaged%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, tempString2, &settings_general_heading); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, ""); + + // Gateway Cluster Interfaces... + fw1InterfacePointer = objectPointer->interfaces; + if (fw1InterfacePointer != 0) + { + sprintf(tempString, "%s %s", objectPointer->name, settings_objects_gatewaycluster_int_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_object_gateinter_heading); + while (fw1InterfacePointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, fw1InterfacePointer->interface, nipper->tablerow_mid); + outputFriendly(fw1InterfacePointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (fw1InterfacePointer->dynamicIP == true) + fprintf(nipper->reportFile, "Enabled%sN/A%sN/A%s", nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Disabled%s%s%s%s%s", nipper->tablerow_mid, fw1InterfacePointer->address, nipper->tablerow_mid, fw1InterfacePointer->netMask, nipper->tablerow_end); + fw1InterfacePointer = fw1InterfacePointer->next; + } + output_table(nipper, false, tempString2, &settings_object_gateinter_heading); + } + + // Gateway Cluster Members... + memberPointer = objectPointer->members; + if (memberPointer != 0) + { + sprintf(tempString, "%s %s", objectPointer->name, settings_objects_gatewaycluster_mem_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_object_gatemem_heading); + while (memberPointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, memberPointer->number, nipper->tablerow_mid); + outputFriendly(memberPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "", tempString); + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + memberPointer = memberPointer->next; + } + output_table(nipper, false, tempString2, &settings_object_gatemem_heading); + } + } + objectPointer = objectPointer->next; + } +} + + +// Object Definitions (Gateway Cluster Members...) +void fw1GatewayClusterMemberConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct hostInterfaces *fw1InterfacePointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_cluster_member) + { + // Gateway Configuration Settings... + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "", objectPointer->name); + sprintf(tempString, "%s %s", objectPointer->name, settings_objects_gatewayclustermem_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_general_heading); + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sGateway Cluster Member Name%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sIP Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, objectPointer->address, nipper->tablerow_end); + output_table(nipper, false, tempString2, &settings_general_heading); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, ""); + + // Gateway Interfaces... + fw1InterfacePointer = objectPointer->interfaces; + if (fw1InterfacePointer != 0) + { + sprintf(tempString, "%s %s", objectPointer->name, settings_objects_gatewayclustermem_int_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_object_gateinter_heading); + while (fw1InterfacePointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, fw1InterfacePointer->interface, nipper->tablerow_mid); + outputFriendly(fw1InterfacePointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (fw1InterfacePointer->dynamicIP == true) + fprintf(nipper->reportFile, "Enabled%sN/A%sN/A%s", nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Disabled%s%s%s%s%s", nipper->tablerow_mid, fw1InterfacePointer->address, nipper->tablerow_mid, fw1InterfacePointer->netMask, nipper->tablerow_end); + fw1InterfacePointer = fw1InterfacePointer->next; + } + output_table(nipper, false, tempString2, &settings_object_gateinter_heading); + } + } + objectPointer = objectPointer->next; + } +} + + +// Object Definitions (Gateways...) +void fw1GatewayConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct hostInterfaces *fw1InterfacePointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_gateway) + { + // Gateway Configuration Settings... + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "", objectPointer->name); + sprintf(tempString, "%s %s", objectPointer->name, settings_objects_gateway_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_general_heading); + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sGateway Name%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sIP Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, objectPointer->address, nipper->tablerow_end); + if (objectPointer->firewall == true) + fprintf(nipper->reportFile, "%sFirewall%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sFirewall%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sCheckPoint Version%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, objectPointer->cpVersion, nipper->tablerow_end); + if (objectPointer->internal == true) + fprintf(nipper->reportFile, "%sManaged%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sManaged%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, tempString2, &settings_general_heading); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, ""); + + // Gateway Interfaces... + fw1InterfacePointer = objectPointer->interfaces; + if (fw1InterfacePointer != 0) + { + sprintf(tempString, "%s %s", objectPointer->name, settings_objects_gateway_int_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_object_gateinter_heading); + while (fw1InterfacePointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, fw1InterfacePointer->interface, nipper->tablerow_mid); + outputFriendly(fw1InterfacePointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (fw1InterfacePointer->dynamicIP == true) + fprintf(nipper->reportFile, "Enabled%sN/A%sN/A%s", nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Disabled%s%s%s%s%s", nipper->tablerow_mid, fw1InterfacePointer->address, nipper->tablerow_mid, fw1InterfacePointer->netMask, nipper->tablerow_end); + fw1InterfacePointer = fw1InterfacePointer->next; + } + output_table(nipper, false, tempString2, &settings_object_gateinter_heading); + } + } + objectPointer = objectPointer->next; + } +} + + +// Object Definitions (Hosts...) +void fw1HostsConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_objects_hosts_table, &settings_object_host_heading); + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_host) + { + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, tempString, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer->address, nipper->tablerow_mid); + if (objectPointer->internal == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + } + objectPointer = objectPointer->next; + } + output_table(nipper, false, settings_objects_hosts_table, &settings_object_host_heading); +} + + +// Object Definitions (Networks...) +void fw1NetworksConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_objects_network_table, &settings_object_network_heading); + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_network) + { + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, tempString, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer->address, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer->netMask, nipper->tablerow_mid); + if (objectPointer->internal == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + } + objectPointer = objectPointer->next; + } + output_table(nipper, false, settings_objects_network_table, &settings_object_network_heading); +} + + +// Object Definitions (Dynamic Network...) +void fw1DynamicNetworkConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_objects_dynamicnet_table, &settings_object_dynamicnet_heading); + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_dynamicnet) + { + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, tempString, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_end); + } + objectPointer = objectPointer->next; + } + output_table(nipper, false, settings_objects_dynamicnet_table, &settings_object_dynamicnet_heading); +} + + +// Machine Range Definitions +void fw1MachRangeConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_objects_machrange_table, &settings_object_machrange_heading); + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_machinesrange) + { + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, tempString, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer->address, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer->netMask, nipper->tablerow_end); + } + objectPointer = objectPointer->next; + } + output_table(nipper, false, settings_objects_machrange_table, &settings_object_machrange_heading); +} + + +// Object Definitions (Groups...) +void fw1GroupObjectsConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectConfig *objectPointer2 = 0; + struct objectMember *memberPointer = 0; + struct objectListConfig *objectListPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + objectListPointer = getObjectListPointer(nipper, "FW1-Objects"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_group) + { + sprintf(tempString, "%s %s", objectPointer->name, settings_objects_group_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "", objectPointer->name); + output_table(nipper, true, tempString2, &settings_object_group_heading); + memberPointer = objectPointer->members; + while (memberPointer != 0) + { + objectPointer2 = nipper->objectList->object; + while ((objectPointer2->next != 0) && (strcasecmp(objectPointer2->name, memberPointer->name) != 0)) + objectPointer2 = objectPointer2->next; + outputFriendly(memberPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + if ((nipper->outputFormat == output_html) && (objectPointer2->type == object_type_group)) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, tempString, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (strcasecmp(objectPointer2->name, memberPointer->name) == 0) + { + switch (objectPointer2->type) + { + case object_type_network: + fprintf(nipper->reportFile, "Network%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer2->address, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s %s", objectPointer2->netMask, nipper->tablerow_mid); + if (objectPointer2->internal == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + break; + case object_type_group: + fprintf(nipper->reportFile, "Group%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "-%s-%s-%s", nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + break; + case object_type_host: + fprintf(nipper->reportFile, "Host%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer2->address, nipper->tablerow_mid); + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (objectPointer2->internal == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + break; + case object_type_machinesrange: + fprintf(nipper->reportFile, "Range%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer2->address, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s %s", objectPointer2->netMask, nipper->tablerow_mid); + if (objectPointer2->internal == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + break; + case object_type_dynamicnet: + fprintf(nipper->reportFile, "Dynamic Net%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "-%s-%s-%s", nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + break; + case object_type_gateway: + fprintf(nipper->reportFile, "Gateway%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer2->address, nipper->tablerow_mid); + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (objectPointer2->internal == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + break; + case object_type_cluster_member: + fprintf(nipper->reportFile, "Cluster Member%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer2->address, nipper->tablerow_mid); + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (objectPointer2->internal == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + break; + case object_type_gateway_cluster: + fprintf(nipper->reportFile, "Gateway Cluster%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", objectPointer2->address, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s %s", objectPointer2->netMask, nipper->tablerow_mid); + if (objectPointer2->internal == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + break; + default: + fprintf(nipper->reportFile, "Unknown%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "-%s-%s-%s", nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + } + else + fprintf(nipper->reportFile, "Unknown%s-%s-%s-%s", nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + memberPointer = memberPointer->next; + } + output_table(nipper, false, tempString2, &settings_object_group_heading); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, ""); + } + objectPointer = objectPointer->next; + } +} diff --git a/0.11.10/FW1/report-rules.c b/0.11.10/FW1/report-rules.c new file mode 100644 index 0000000..8faf5e3 --- /dev/null +++ b/0.11.10/FW1/report-rules.c @@ -0,0 +1,120 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the reporting for FW1 Rules + + +// Object Definitions (Hosts, Groups, Networks...) +void fw1RulesConfig(struct nipperConfig *nipper) +{ + reportRules(nipper); +} + + +// Firewall-1 rule issues... +void fw1RulesIssue(struct nipperConfig *nipper) +{ + // Variables... + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + int ruleNumber = 0; + + output_parseText(report_fw1policy_obs, nipper, section_obs, rate_none, nipper->aclIssues, nipper->tableNum); + + // One issue... + if (nipper->aclIssues == 1) + { + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + ruleNumber = 1; + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + reportCommonFilterIssues(nipper, filterListPointer->name, "The", "policy collection rule", filterPointer, ruleNumber, filterListPointer); + ruleNumber++; + } + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "The %s %s", filterListPointer->name, report_fw1policy_denylog); + + filterListPointer = filterListPointer->next; + } + output_newPara(nipper); + } + + // More than one issue... + else if (nipper->aclIssues > 1) + { + output_table(nipper, true, report_fw1policy_table, &report_fw1policy_heading); + + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + ruleNumber = 1; + + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + // Report issues... + reportCommonFilterTableIssues(nipper, filterListPointer->name, filterPointer, ruleNumber, filterListPointer); + + ruleNumber++; + } + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "%s%s%sN/A%s%s%s", nipper->tablerow_start, filterListPointer->name, nipper->tablerow_mid, nipper->tablerow_mid, report_fw1policyt_denylog, nipper->tablerow_end); + + filterListPointer = filterListPointer->next; + } + + output_table(nipper, false, report_fw1policy_table, &report_fw1policy_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_fw1policy_impact, nipper, section_imp, rate_med, nipper->aclIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_fw1policy_ease, nipper, section_ease, rate_noease, nipper->aclIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_fw1policy_rec1, nipper, section_rec, rate_none, nipper->aclIssues, nipper->tableNum); + set_aclrec_list(nipper, &report_fw1issues_heading); + output_list(nipper, &report_fw1issues_heading); + output_parseText(report_fw1policy_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} diff --git a/0.11.10/FW1/report-services.c b/0.11.10/FW1/report-services.c new file mode 100644 index 0000000..16d5c7f --- /dev/null +++ b/0.11.10/FW1/report-services.c @@ -0,0 +1,134 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Services +void fw1ServiceConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_fw1services_title, &settings_fw1services_heading); + objectListPointer = getObjectListPointer(nipper, "FW1-Services"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type != object_type_group) + { + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + addAbbreviation(objectPointer->name, false); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + switch (objectPointer->serviceType) + { + case service_protocol_tcp: + addAbbreviation("TCP", false); + fprintf(nipper->reportFile, "TCP"); + break; + case service_protocol_udp: + addAbbreviation("UDP", false); + fprintf(nipper->reportFile, "UDP"); + break; + case service_protocol_other: + fprintf(nipper->reportFile, "Other"); + break; + case service_protocol_dcerpc: + fprintf(nipper->reportFile, "DCE/RPC"); + addAbbreviation("DCERPC", false); + addAbbreviation("RPC", false); + addAbbreviation("DCE", false); + break; + case service_protocol_rpc: + fprintf(nipper->reportFile, "RPC"); + addAbbreviation("RPC", false); + break; + case service_protocol_icmp: + fprintf(nipper->reportFile, "ICMP"); + addAbbreviation("ICMP", false); + break; + case service_protocol_tcpsub: + fprintf(nipper->reportFile, "TCP Sub"); + addAbbreviation("TCP", false); + break; + case service_protocol_gtp0: + fprintf(nipper->reportFile, "GTP v0"); + addAbbreviation("GTP", false); + break; + case service_protocol_gtp1: + fprintf(nipper->reportFile, "GTP v1"); + addAbbreviation("GTP", false); + break; + default: + fprintf(nipper->reportFile, "Unknown"); + break; + } + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, objectPointer->address, nipper->tablerow_mid); + outputFriendly(objectPointer->comment, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + objectPointer = objectPointer->next; + } + output_table(nipper, false, settings_fw1services_title, &settings_fw1services_heading); +} + + +// Service Groups +void fw1ServiceGroupConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectConfig *objectPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct objectMember *memberPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + objectListPointer = getObjectListPointer(nipper, "FW1-Services"); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (objectPointer->type == object_type_group) + { + sprintf(tempString, "%s %s", objectPointer->name, settings_fw1servicegroup_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString, &settings_fw1servicegroup_heading); + memberPointer = objectPointer->members; + while (memberPointer != 0) + { + outputFriendly(memberPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_end); + memberPointer = memberPointer->next; + } + output_table(nipper, false, tempString2, &settings_fw1servicegroup_heading); + } + objectPointer = objectPointer->next; + } +} + diff --git a/0.11.10/FW1/report.c b/0.11.10/FW1/report.c new file mode 100644 index 0000000..f658757 --- /dev/null +++ b/0.11.10/FW1/report.c @@ -0,0 +1,82 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for Firewall-1 reporting + +// Report Firewall-1 includes... +#include "report-debug.c" +#include "report-objects.c" +#include "report-rules.c" +#include "report-services.c" + + +void generateFW1Report(struct nipperConfig *nipper) +{ + // Security Issues... + if (nipper->fullReport == true) + { + + // Firewall Rule Issues + if (nipper->filterList == 0) + nipper->aclIssues = -1; + else + rulesAudit(nipper); + if (nipper->aclIssues != 0) + addReportSection(nipper, section_security, report_fw1policy_title, report_fw1policy_context, report_fw1policy_rectext, 10, 8, 5, 3, fw1RulesIssue); + } + + // Configuration Output + if (nipper->filterList != 0) + addReportSection(nipper, section_config, settings_policycol_title, 0, 0, 0, 0, 0, 0, fw1RulesConfig); + if (nipper->fw1->gatewayClusterObjectCount > 0) + addReportSection(nipper, section_config, settings_objects_gatewaycluster_title, 0, 0, 0, 0, 0, 0, fw1GatewayClusterConfig); + if (nipper->fw1->clusterMemberObjectCount > 0) + addReportSection(nipper, section_config, settings_objects_gatewayclustermem_title, 0, 0, 0, 0, 0, 0, fw1GatewayClusterMemberConfig); + if (nipper->fw1->gatewayObjectCount > 0) + addReportSection(nipper, section_config, settings_objects_gateway_title, 0, 0, 0, 0, 0, 0, fw1GatewayConfig); + if (nipper->fw1->groupObjectCount > 0) + addReportSection(nipper, section_config, settings_objects_groups_title, 0, 0, 0, 0, 0, 0, fw1GroupObjectsConfig); + if (nipper->fw1->hostObjectCount > 0) + addReportSection(nipper, section_config, settings_objects_hosts_title, 0, 0, 0, 0, 0, 0, fw1HostsConfig); + if (nipper->fw1->networkObjectCount > 0) + addReportSection(nipper, section_config, settings_objects_network_title, 0, 0, 0, 0, 0, 0, fw1NetworksConfig); + if (nipper->fw1->dynamicNetObjectCount > 0) + addReportSection(nipper, section_config, settings_objects_dynnet_title, 0, 0, 0, 0, 0, 0, fw1DynamicNetworkConfig); + if (nipper->fw1->machinesRangeObjectCount > 0) + addReportSection(nipper, section_config, settings_objects_machrange_title, 0, 0, 0, 0, 0, 0, fw1MachRangeConfig); + if (nipper->fw1->serviceGroupCount > 0) + addReportSection(nipper, section_config, settings_fw1servicegroup_title, 0, 0, 0, 0, 0, 0, fw1ServiceGroupConfig); + if (nipper->fw1->serviceCount > 0) + addReportSection(nipper, section_config, settings_fw1services_title, 0, 0, 0, 0, 0, 0, fw1ServiceConfig); + + // Generate Report... + generateReport(nipper); +} + diff --git a/0.11.10/INSTALL b/0.11.10/INSTALL new file mode 100644 index 0000000..161aaa3 --- /dev/null +++ b/0.11.10/INSTALL @@ -0,0 +1,54 @@ + _ ____ + _ __ (_)_ __ _ __ ___ _ __ / ->/| + | '_ \| | '_ \| '_ \ / _ \ '__| /<-_/ | + | | | | | |_) | |_) | __/ | | | / + |_| |_|_| .__/| .__/ \___|_| |___|/ + |_| |_| + + The Network Infrastructure Parser + +Nipper does not have to be compiled under the Windows platform +as a pre-built version is available for download. + +The nipper configuration file, nipper.conf is stored in /etc +on UNIX systems. Under Windows Nipper will look for a file +called nipper.ini in the current directory. + +Nipper can be compiled and installed using a number of +different methods. Select one of the following: + + +1) install.script (UNIX) + + This method applies to UNIX platforms only. The shell script + will compile the source code and then copy the built program + to the /usr/bin directory. + + To compile and install Cisco Parse enter the following + command as root: + + ./install.script + + +2) Makefile (UNIX and Mac) + + The CMake program is required for this method. CMake can be + found at http://www.cmake.org. + + To compile and install using CMake use the following + commands: + + make + make install (root user privileges) + + +3) Manual (All platforms) + + Nipper can be compiled and installed manually using the + following commands: + + gcc -o nipper nipper.c + cp nipper /usr/bin/ + cp nipper.conf /etc/ + cp man/nipper.1 /usr/share/man/man1/ + cp man/nipper.conf.5 /usr/share/man/man5/ diff --git a/0.11.10/IOS/.svn/all-wcprops b/0.11.10/IOS/.svn/all-wcprops new file mode 100644 index 0000000..2665955 --- /dev/null +++ b/0.11.10/IOS/.svn/all-wcprops @@ -0,0 +1,293 @@ +K 25 +svn:wc:ra_dav:version-url +V 33 +/svn/!svn/ver/3/trunk/0.11.10/IOS +END +cleanup.c +K 25 +svn:wc:ra_dav:version-url +V 43 +/svn/!svn/ver/3/trunk/0.11.10/IOS/cleanup.c +END +process-snmp.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-snmp.c +END +report-router.c +K 25 +svn:wc:ra_dav:version-url +V 49 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-router.c +END +process-http.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-http.c +END +report-nat.c +K 25 +svn:wc:ra_dav:version-url +V 46 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-nat.c +END +process-username.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-username.c +END +process-nat.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-nat.c +END +report-timeout.c +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-timeout.c +END +report-logging.c +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-logging.c +END +report-line.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-line.c +END +process-logging.c +K 25 +svn:wc:ra_dav:version-url +V 51 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-logging.c +END +report-keychain.c +K 25 +svn:wc:ra_dav:version-url +V 51 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-keychain.c +END +report-clock.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-clock.c +END +report-ssh.c +K 25 +svn:wc:ra_dav:version-url +V 46 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-ssh.c +END +report-tacacs.c +K 25 +svn:wc:ra_dav:version-url +V 49 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-tacacs.c +END +process-clock.c +K 25 +svn:wc:ra_dav:version-url +V 49 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-clock.c +END +process-ssh.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-ssh.c +END +report-interface.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-interface.c +END +report.c +K 25 +svn:wc:ra_dav:version-url +V 42 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report.c +END +process-interface.c +K 25 +svn:wc:ra_dav:version-url +V 53 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-interface.c +END +process-banner.c +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-banner.c +END +process-route-map.c +K 25 +svn:wc:ra_dav:version-url +V 53 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-route-map.c +END +report-snmp.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-snmp.c +END +report-general.c +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-general.c +END +report-http.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-http.c +END +report-username.c +K 25 +svn:wc:ra_dav:version-url +V 51 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-username.c +END +process-general.c +K 25 +svn:wc:ra_dav:version-url +V 51 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-general.c +END +report-aaa.c +K 25 +svn:wc:ra_dav:version-url +V 46 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-aaa.c +END +process-router.c +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-router.c +END +report-dns.c +K 25 +svn:wc:ra_dav:version-url +V 46 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-dns.c +END +process-aaa.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-aaa.c +END +report-passwords.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-passwords.c +END +input.c +K 25 +svn:wc:ra_dav:version-url +V 41 +/svn/!svn/ver/3/trunk/0.11.10/IOS/input.c +END +report-debug.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-debug.c +END +process-dns.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-dns.c +END +report-ftp.c +K 25 +svn:wc:ra_dav:version-url +V 46 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-ftp.c +END +process-enable.c +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-enable.c +END +process-line.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-line.c +END +process-ftp.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-ftp.c +END +process-keychain.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-keychain.c +END +process-cef.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-cef.c +END +process-tacacs.c +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-tacacs.c +END +report-ntp.c +K 25 +svn:wc:ra_dav:version-url +V 46 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-ntp.c +END +process-ntp.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-ntp.c +END +report-vtp.c +K 25 +svn:wc:ra_dav:version-url +V 46 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-vtp.c +END +report-access-list.c +K 25 +svn:wc:ra_dav:version-url +V 54 +/svn/!svn/ver/3/trunk/0.11.10/IOS/report-access-list.c +END +process-vtp.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-vtp.c +END +process-access-list.c +K 25 +svn:wc:ra_dav:version-url +V 55 +/svn/!svn/ver/3/trunk/0.11.10/IOS/process-access-list.c +END diff --git a/0.11.10/IOS/.svn/entries b/0.11.10/IOS/.svn/entries new file mode 100644 index 0000000..4793dab --- /dev/null +++ b/0.11.10/IOS/.svn/entries @@ -0,0 +1,1660 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/0.11.10/IOS +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +process-banner.c +file + + + + +2016-02-13T06:47:11.812154Z +4e958f5ea3794a7c58fd27e9cdeaee4b +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4467 + +process-route-map.c +file + + + + +2016-02-13T06:47:11.812154Z +9423350458cb4fddd56accd3677c5ac0 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4430 + +report-snmp.c +file + + + + +2016-02-13T06:47:11.812154Z +272f47e17dc30a6bb1d1bbdde5051985 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +20475 + +report-general.c +file + + + + +2016-02-13T06:47:11.812154Z +00f7477c3e57eafd5b6d66b0ae2432c9 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +20858 + +report-http.c +file + + + + +2016-02-13T06:47:11.812154Z +be6bf8e7894e0591374434a447f05165 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6947 + +report-username.c +file + + + + +2016-02-13T06:47:11.812154Z +67c09bd8a91b1d250a8b08890afb8b70 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6480 + +process-general.c +file + + + + +2016-02-13T06:47:11.812154Z +c02c174bc25826fe3a39170dee3af1d1 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5955 + +report-aaa.c +file + + + + +2016-02-13T06:47:11.812154Z +8d637abddf076c824751e574993dc965 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4564 + +process-router.c +file + + + + +2016-02-13T06:47:11.812154Z +3465e43edebb1d06bdf9bb26c6001f53 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +34115 + +report-dns.c +file + + + + +2016-02-13T06:47:11.812154Z +ca7287c224ff7e0a202ae1ed775146d2 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4155 + +process-aaa.c +file + + + + +2016-02-13T06:47:11.812154Z +52116d89a667396cd57ba0367f54817f +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7902 + +report-passwords.c +file + + + + +2016-02-13T06:47:11.808154Z +0d976f903686a78e1941fdaababed42c +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +34074 + +input.c +file + + + + +2016-02-13T06:47:11.812154Z +25044452d966211af2d509724f8eef6a +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +13709 + +report-debug.c +file + + + + +2016-02-13T06:47:11.808154Z +9ca02bb515787ab882488ff84fca7979 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +30387 + +process-dns.c +file + + + + +2016-02-13T06:47:11.812154Z +70ca2952178b65c099009570a3378bf9 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3056 + +report-ftp.c +file + + + + +2016-02-13T06:47:11.808154Z +88de8994cbde7658558d59d8b7de25e7 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4481 + +process-enable.c +file + + + + +2016-02-13T06:47:11.808154Z +3e577d3f274dc3f6201387448b936abb +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5447 + +process-line.c +file + + + + +2016-02-13T06:47:11.808154Z +3611d8b65cf2844e6db88c8b82d68fa5 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +11655 + +process-ftp.c +file + + + + +2016-02-13T06:47:11.812154Z +7bf7646592c9bd33df19ec8431dba29a +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5230 + +process-keychain.c +file + + + + +2016-02-13T06:47:11.808154Z +58369c07edf4e42b869785d8cf4ee7e4 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5138 + +process-cef.c +file + + + + +2016-02-13T06:47:11.812154Z +00aa95c69576f47e95db12f9f934c7af +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2975 + +process-tacacs.c +file + + + + +2016-02-13T06:47:11.808154Z +450a1c793698b7d1575f0e0f3ba6667b +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4954 + +report-ntp.c +file + + + + +2016-02-13T06:47:11.808154Z +05231ce1777378f7954ff0a33f9cd7a8 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6879 + +process-ntp.c +file + + + + +2016-02-13T06:47:11.812154Z +5fdd475d750c5d0ff66debffad9aefbe +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7131 + +report-vtp.c +file + + + + +2016-02-13T06:47:11.808154Z +5615ae48e1988f46575ac7501386ca80 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3519 + +report-access-list.c +file + + + + +2016-02-13T06:47:11.808154Z +b8a7feb7fde1d7509b5eebe38090d2c0 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7423 + +process-vtp.c +file + + + + +2016-02-13T06:47:11.812154Z +bc40cfa94e4f5e257d8be9b51afa58b8 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3530 + +process-access-list.c +file + + + + +2016-02-13T06:47:11.812154Z +3af7e97478875f9bcdcdb7ea8f98c76b +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +21411 + +cleanup.c +file + + + + +2016-02-13T06:47:11.812154Z +3e3522c9c1606c0d0d6408defc1c4c26 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +13709 + +process-snmp.c +file + + + + +2016-02-13T06:47:11.812154Z +d451831955f70a882c267225665a42e7 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +20296 + +report-router.c +file + + + + +2016-02-13T06:47:11.812154Z +3d799c54294dfe597e7706586100b544 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +50996 + +process-http.c +file + + + + +2016-02-13T06:47:11.812154Z +c245c8cebe1a06d3aa0c542360a321f3 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4343 + +report-nat.c +file + + + + +2016-02-13T06:47:11.812154Z +5686958d036bf91e5b1eac9d15df7c98 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +8493 + +process-username.c +file + + + + +2016-02-13T06:47:11.812154Z +5e5a4b0ff356e3b4e6193b10c37dee06 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5535 + +process-nat.c +file + + + + +2016-02-13T06:47:11.808154Z +19aafdbb1379ba5ce1e356d18b535799 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6956 + +report-timeout.c +file + + + + +2016-02-13T06:47:11.812154Z +89020f3a8290e444acd679f3e19c9948 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +10773 + +report-logging.c +file + + + + +2016-02-13T06:47:11.812154Z +891b3289cfdb308cadb05a539456e8a8 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +15281 + +report-line.c +file + + + + +2016-02-13T06:47:11.808154Z +1b68a18ba6d1a38edfc72f077ece0a70 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7729 + +process-logging.c +file + + + + +2016-02-13T06:47:11.808154Z +ee3ba29dbc96225512b62ac241bcb7c7 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +14144 + +report-keychain.c +file + + + + +2016-02-13T06:47:11.808154Z +53009337ce7c11c71247842189d19344 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3239 + +report-clock.c +file + + + + +2016-02-13T06:47:11.812154Z +d8b461850ea9829e3033a2d20c483455 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4299 + +report-ssh.c +file + + + + +2016-02-13T06:47:11.812154Z +269231b46020781c830fe7ad3c7ea30b +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5753 + +report-tacacs.c +file + + + + +2016-02-13T06:47:11.808154Z +79f05334d92d738243fef83ff258ea2a +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4152 + +process-clock.c +file + + + + +2016-02-13T06:47:11.808154Z +db1a996a98bfab1144b2a815a50e07a2 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3699 + +process-ssh.c +file + + + + +2016-02-13T06:47:11.808154Z +de3b288e3fbf6526344f073aef338163 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4265 + +report-interface.c +file + + + + +2016-02-13T06:47:11.812154Z +9b506ac0dde38791fa21ba08d9ed6da6 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +24617 + +report.c +file + + + + +2016-02-13T06:47:11.812154Z +4eaa50e9498cd4e29bb7f9313bcabebb +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +25982 + +process-interface.c +file + + + + +2016-02-13T06:47:11.808154Z +e4ea1c43a26a98d9822f847f3506c783 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +30503 + diff --git a/0.11.10/IOS/.svn/text-base/cleanup.c.svn-base b/0.11.10/IOS/.svn/text-base/cleanup.c.svn-base new file mode 100644 index 0000000..55ae0ab --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/cleanup.c.svn-base @@ -0,0 +1,446 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void cleanupIOS(struct nipperConfig *nipper) +{ + // Pointers... + struct enablePassword *enablePointer = 0; + struct ntpKey *ntpKeyPointer = 0; + struct ntpHost *ntpHostPointer = 0; + struct ntpAccessGroup *ntpAccessPointer = 0; + struct snmpCommunity *communityPointer = 0; + struct snmpViewItem *snmpViewItemPointer = 0; + struct snmpView *snmpViewPointer = 0; + struct snmpGroup *snmpGroupPointer = 0; + struct snmpUser *snmpUserPointer = 0; + struct snmpTrap *snmpTrapPointer = 0; + struct snmpHost *snmpHostPointer = 0; + struct usernameList *usernamePointer = 0; + struct privilageLevels *privilagePointer = 0; + struct host *logServerPointer = 0; + struct host *tacacsHostPointer = 0; + struct aaaGroupServer *aaaGroupServerPointer = 0; + struct aaaServer *aaaServerPointer = 0; + struct netInterface *interfacePointer = 0; + struct interfaceConfig *interfaceConfigPointer = 0; + struct bgpNeighbor *neighborPointer = 0; + struct keyChain *keyChainPointer = 0; + struct keyConfig *keyPointer = 0; + struct lineConfig *linePointer = 0; + struct bannerConfig *bannerPointer = 0; + struct ospfNetworkConfig *ospfNetworkPointer = 0; + struct ospfAreaConfig *ospfAreaPointer = 0; + struct ospfNeighbor *ospfNeighborPointer = 0; + struct ospfConfig *ospfPointer = 0; + struct staticRoute *routePointer = 0; + struct routeMapConfig *routeMapPointer = 0; + struct natConfig *natPointer = 0; + struct host *hostPointer = 0; + struct passiveStruct *passivePointer = 0; + struct eigrpConfig *eigrpPointer = 0; + struct eigrpNetwork *eigrpNetworkPointer = 0; + struct eigrpNeighbor *eigrpNeighborPointer = 0; + struct eigrpAutonStruct *eigrpAutonPointer = 0; + struct ospfInterStruct *ospfInterPointer = 0; + struct bgpInterStruct *bgpInterPointer = 0; + struct bgpConfig *bgpPointer = 0; + struct vrrpStruct *vrrpPointer = 0; + + // Cleanup EIGRP + while (nipper->ios->eigrp != 0) + { + eigrpPointer = nipper->ios->eigrp->next; + while (nipper->ios->eigrp->network != 0) + { + eigrpNetworkPointer = nipper->ios->eigrp->network->next; + free (nipper->ios->eigrp->network); + nipper->ios->eigrp->network = eigrpNetworkPointer; + } + while (nipper->ios->eigrp->neighbor != 0) + { + eigrpNeighborPointer = nipper->ios->eigrp->neighbor->next; + free (nipper->ios->eigrp->neighbor); + nipper->ios->eigrp->neighbor = eigrpNeighborPointer; + } + while (nipper->ios->eigrp->passive != 0) + { + passivePointer = nipper->ios->eigrp->passive->next; + free(nipper->ios->eigrp->passive); + nipper->ios->eigrp->passive = passivePointer; + } + free (nipper->ios->eigrp); + nipper->ios->eigrp = eigrpPointer; + } + + // Cleanup NAT + while (nipper->ios->nat != 0) + { + natPointer = nipper->ios->nat->next; + free (nipper->ios->nat); + nipper->ios->nat = natPointer; + } + + // Cleanup Route Map + while (nipper->ios->routeMap != 0) + { + routeMapPointer = nipper->ios->routeMap->next; + free (nipper->ios->routeMap); + nipper->ios->routeMap = routeMapPointer; + } + + // Cleanup enable passwords + while (nipper->ios->enable != 0) + { + enablePointer = nipper->ios->enable->next; + free(nipper->ios->enable); + nipper->ios->enable = enablePointer; + } + + // Cleanup usernames + while (nipper->ios->username != 0) + { + usernamePointer = nipper->ios->username->next; + free(nipper->ios->username); + nipper->ios->username = usernamePointer; + } + + // Cleanup DNS servers + while (nipper->ios->dns != 0) + { + logServerPointer = nipper->ios->dns->next; + free(nipper->ios->dns); + nipper->ios->dns = logServerPointer; + } + + // Cleanup Privilages + while (nipper->ios->privilage != 0) + { + privilagePointer = nipper->ios->privilage->next; + free(nipper->ios->privilage); + nipper->ios->privilage = privilagePointer; + } + + // Cleanup Route + while (nipper->ios->route != 0) + { + routePointer = nipper->ios->route->next; + free(nipper->ios->route); + nipper->ios->route = routePointer; + } + + // Cleanup HTTP + if (nipper->ios->http != 0) + free(nipper->ios->http); + + // Cleanup Key Chain + while (nipper->ios->chain != 0) + { + while (nipper->ios->chain->key != 0) + { + keyPointer = nipper->ios->chain->key->next; + free (nipper->ios->chain->key); + nipper->ios->chain->key = keyPointer; + } + keyChainPointer = nipper->ios->chain->next; + free (nipper->ios->chain); + nipper->ios->chain = keyChainPointer; + } + + // Cleanup SSH + if (nipper->ios->ssh != 0) + { + while (nipper->ios->ssh->interface != 0) + { + interfacePointer = nipper->ios->ssh->interface->next; + free(nipper->ios->ssh->interface); + nipper->ios->ssh->interface = interfacePointer; + } + free(nipper->ios->ssh); + } + + // Cleanup Line + while (nipper->ios->line != 0) + { + linePointer = nipper->ios->line->next; + free(nipper->ios->line); + nipper->ios->line = linePointer; + } + + // Cleanup BGP + while (nipper->ios->bgp != 0) + { + bgpPointer = nipper->ios->bgp->next; + while (nipper->ios->bgp->neighbor != 0) + { + neighborPointer = nipper->ios->bgp->neighbor->next; + free(nipper->ios->bgp->neighbor); + nipper->ios->bgp->neighbor = neighborPointer; + } + while (nipper->ios->bgp->passive != 0) + { + passivePointer = nipper->ios->bgp->passive->next; + free(nipper->ios->bgp->passive); + nipper->ios->bgp->passive = passivePointer; + } + free(nipper->ios->bgp); + nipper->ios->bgp = bgpPointer; + } + + // Cleanup RIP + if (nipper->ios->rip != 0) + { + while (nipper->ios->rip->neighbor != 0) + { + hostPointer = nipper->ios->rip->neighbor->next; + free(nipper->ios->rip->neighbor); + nipper->ios->rip->neighbor = hostPointer; + } + while (nipper->ios->rip->network != 0) + { + hostPointer = nipper->ios->rip->network->next; + free(nipper->ios->rip->network); + nipper->ios->rip->network = hostPointer; + } + while (nipper->ios->rip->passive != 0) + { + passivePointer = nipper->ios->rip->passive->next; + free(nipper->ios->rip->passive); + nipper->ios->rip->passive = passivePointer; + } + free(nipper->ios->rip); + } + + // Interfaces + while (nipper->ios->interface != 0) + { + interfaceConfigPointer = nipper->ios->interface->next; + while (nipper->ios->interface->eigrp != 0) + { + eigrpAutonPointer = nipper->ios->interface->eigrp->next; + free(nipper->ios->interface->eigrp); + nipper->ios->interface->eigrp = eigrpAutonPointer; + } + while (nipper->ios->interface->bgp != 0) + { + bgpInterPointer = nipper->ios->interface->bgp->next; + free(nipper->ios->interface->bgp); + nipper->ios->interface->bgp = bgpInterPointer; + } + while (nipper->ios->interface->ospf != 0) + { + ospfInterPointer = nipper->ios->interface->ospf->next; + free(nipper->ios->interface->ospf); + nipper->ios->interface->ospf = ospfInterPointer; + } + while (nipper->ios->interface->vrrp != 0) + { + vrrpPointer = nipper->ios->interface->vrrp->next; + free(nipper->ios->interface->vrrp); + nipper->ios->interface->vrrp = vrrpPointer; + } + free(nipper->ios->interface); + nipper->ios->interface = interfaceConfigPointer; + } + + // Banner + while (nipper->ios->banner != 0) + { + bannerPointer = nipper->ios->banner->next; + free(nipper->ios->banner->line); + free(nipper->ios->banner); + nipper->ios->banner = bannerPointer; + } + + // Cleanup AAA + if (nipper->ios->aaa != 0) + { + while (nipper->ios->aaa->groupServer != 0) + { + while (nipper->ios->aaa->groupServer->server != 0) + { + aaaServerPointer = nipper->ios->aaa->groupServer->server->next; + free (nipper->ios->aaa->groupServer->server); + nipper->ios->aaa->groupServer->server = aaaServerPointer; + } + aaaGroupServerPointer = nipper->ios->aaa->groupServer->next; + free (nipper->ios->aaa->groupServer); + nipper->ios->aaa->groupServer = aaaGroupServerPointer; + } + free (nipper->ios->aaa); + } + + // Cleanup Logging + if (nipper->ios->logging != 0) + { + while (nipper->ios->logging->logServer != 0) + { + logServerPointer = nipper->ios->logging->logServer->next; + free(nipper->ios->logging->logServer); + nipper->ios->logging->logServer = logServerPointer; + } + free(nipper->ios->logging); + } + + // Cleanup TACACS + if (nipper->ios->tacacs != 0) + { + while (nipper->ios->tacacs->host != 0) + { + tacacsHostPointer = nipper->ios->tacacs->host->next; + free(nipper->ios->tacacs->host); + nipper->ios->tacacs->host = tacacsHostPointer; + } + free(nipper->ios->tacacs); + } + + // OSPF + while (nipper->ios->ospf != 0) + { + ospfPointer = nipper->ios->ospf->next; + // Cleanup OSPF Area + while (nipper->ios->ospf->ospfArea != 0) + { + ospfAreaPointer = nipper->ios->ospf->ospfArea->next; + free(nipper->ios->ospf->ospfArea); + nipper->ios->ospf->ospfArea = ospfAreaPointer; + } + // Cleanup OSPF Network + while (nipper->ios->ospf->ospfNetwork != 0) + { + ospfNetworkPointer = nipper->ios->ospf->ospfNetwork->next; + free(nipper->ios->ospf->ospfNetwork); + nipper->ios->ospf->ospfNetwork = ospfNetworkPointer; + } + // Cleanup OSPF Neighbor + while (nipper->ios->ospf->neighbor != 0) + { + ospfNeighborPointer = nipper->ios->ospf->neighbor->next; + free(nipper->ios->ospf->neighbor); + nipper->ios->ospf->neighbor = ospfNeighborPointer; + } + free(nipper->ios->ospf); + nipper->ios->ospf = ospfPointer; + } + + // Cleanup ftp + if (nipper->ios->ftp != 0) + { + while (nipper->ios->ftp->interface != 0) + { + interfacePointer = nipper->ios->ftp->interface->next; + free(nipper->ios->ftp->interface); + nipper->ios->ftp->interface = interfacePointer; + } + free(nipper->ios->ftp); + } + + // Cleanup ntp + if (nipper->ios->ntp != 0) + { + while (nipper->ios->ntp->key != 0) + { + ntpKeyPointer = nipper->ios->ntp->key->next; + free(nipper->ios->ntp->key); + nipper->ios->ntp->key = ntpKeyPointer; + } + while (nipper->ios->ntp->server != 0) + { + ntpHostPointer = nipper->ios->ntp->server->next; + free(nipper->ios->ntp->server); + nipper->ios->ntp->server = ntpHostPointer; + } + while (nipper->ios->ntp->peer != 0) + { + ntpHostPointer = nipper->ios->ntp->peer->next; + free(nipper->ios->ntp->peer); + nipper->ios->ntp->peer = ntpHostPointer; + } + while (nipper->ios->ntp->access != 0) + { + ntpAccessPointer = nipper->ios->ntp->access->next; + free(nipper->ios->ntp->access); + nipper->ios->ntp->access = ntpAccessPointer; + } + free(nipper->ios->ntp); + } + + // Cleanup snmp + if (nipper->ios->snmp != 0) + { + while (nipper->ios->snmp->community != 0) + { + communityPointer = nipper->ios->snmp->community->next; + free(nipper->ios->snmp->community); + nipper->ios->snmp->community = communityPointer; + } + while (nipper->ios->snmp->trap != 0) + { + snmpTrapPointer = nipper->ios->snmp->trap->next; + free(nipper->ios->snmp->trap); + nipper->ios->snmp->trap = snmpTrapPointer; + } + while (nipper->ios->snmp->host != 0) + { + snmpHostPointer = nipper->ios->snmp->host->next; + free(nipper->ios->snmp->host); + nipper->ios->snmp->host = snmpHostPointer; + } + while (nipper->ios->snmp->view != 0) + { + while (nipper->ios->snmp->view->viewItem != 0) + { + snmpViewItemPointer = nipper->ios->snmp->view->viewItem->next; + free(nipper->ios->snmp->view->viewItem); + nipper->ios->snmp->view->viewItem = snmpViewItemPointer; + } + snmpViewPointer = nipper->ios->snmp->view->next; + free(nipper->ios->snmp->view); + nipper->ios->snmp->view = snmpViewPointer; + } + while (nipper->ios->snmp->group != 0) + { + snmpGroupPointer = nipper->ios->snmp->group->next; + free(nipper->ios->snmp->group); + nipper->ios->snmp->group = snmpGroupPointer; + } + while (nipper->ios->snmp->user != 0) + { + snmpUserPointer = nipper->ios->snmp->user->next; + free(nipper->ios->snmp->user); + nipper->ios->snmp->user = snmpUserPointer; + } + free(nipper->ios->snmp); + } + + // Cleanup IOS config + free(nipper->ios); +} + diff --git a/0.11.10/IOS/.svn/text-base/input.c.svn-base b/0.11.10/IOS/.svn/text-base/input.c.svn-base new file mode 100644 index 0000000..8de3816 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/input.c.svn-base @@ -0,0 +1,425 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct ciscoIOSConfig // Cisco IOS configuration +{ + // Configuration settings... + int sourceRouting; // true or false + int tcpSmallServers; // true, false, unconfigured + int udpSmallServers; // true, false, unconfigured + int finger; // true, false, unconfigured + int cdp; // true or false + int cef; // true or false + int bootp; // true or false + int servicePasswordEncryption; // true or false + int bootNetwork; // true or false + int serviceConfig; // true or false + int pad; // true or false + int domainLookup; // true or false + int classlessRouting; // true or false + int keepAlivesIn; // true or false + int keepAlivesOut; // true or false + int gratuitousArps; // true or false + int calendarValid; // true (default) or false + char summerTimeZone[8]; // Empty is disabled + char timeZone[8]; // default (UTC) + int timeOffsetHours; + int timeOffsetMins; + int passwordMinLength; // 6 is default on IOS 12.3(1)+, otherwise it doesn't exist + int vtpMode; // vtp_mode_server (default)... + char vtpDomain[34]; // VTP Domain + struct host *dns; // DNS Servers + struct ntpConfig *ntp; // NTP + struct enablePassword *enable; // Enable Passwords + struct snmpConfig *snmp; // SNMP + struct ftpConfig *ftp; // FTP + struct usernameList *username; // Users + struct privilageLevels *privilage; // Privilege Levels + struct loggingConfig *logging; // Logging + struct tacacsConfig *tacacs; // TACACS + struct aaaConfig *aaa; // AAA + struct httpConfig *http; // HTTP + struct sshConfig *ssh; // SSH + struct interfaceConfig *interface; // Interfaces + struct routeMapConfig *routeMap; // Routing - Route Maps + struct staticRoute *route; // Routing - Static + struct ripConfig *rip; // Routing - RIP + struct ospfConfig *ospf; // Routing - OSPF + struct eigrpConfig *eigrp; // Routing - EIGRP + struct isisConfig *isis; // Routing - ISIS + struct bgpConfig *bgp; // Routing - BGP + struct keyChain *chain; // Key Chain + struct lineConfig *line; // Local / Remote Administration Lines + struct bannerConfig *banner; // Logon Banner + struct natConfig *nat; // NAT +}; + + +struct netInterface // Interfaces +{ + char interface[32]; + struct netInterface *next; +}; + + +#define vtp_mode_server 0 +#define vtp_mode_client 1 +#define vtp_mode_transparent 2 +#define vtp_mode_none 3 + + +// Processing IOS includes... +#include "process-aaa.c" +#include "process-access-list.c" +#include "process-banner.c" +#include "process-cef.c" +#include "process-clock.c" +#include "process-dns.c" +#include "process-enable.c" +#include "process-ftp.c" +#include "process-general.c" +#include "process-http.c" +#include "process-interface.c" +#include "process-keychain.c" +#include "process-line.c" +#include "process-logging.c" +#include "process-nat.c" +#include "process-ntp.c" +#include "process-route-map.c" +#include "process-router.c" +#include "process-snmp.c" +#include "process-ssh.c" +#include "process-tacacs.c" +#include "process-username.c" +#include "process-vtp.c" + + +void processIOSInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + int setting = 0; + int tempInt = 0; + + // Split the command line up + command = splitLine(line); + + // Init + if (strcmp(command.part[0], "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + if (strncmp("!", line, 1) == 0) + { } + + // Hostname + else if (strcmp(command.part[tempInt], "hostname") == 0) + { + if (nipper->debugMode == true) + printf("Hostname Line: %s\n", line); + strncpy(nipper->hostname, command.part[tempInt+1], sizeof(nipper->hostname) - 1); + } + + // Version + else if (strcmp(command.part[tempInt], "version") == 0) + { + if (nipper->debugMode == true) + printf("Version Line: %s\n", line); + strncpy(nipper->version, command.part[tempInt+1], sizeof(nipper->version) - 1); + nipper->versionMajor = atoi(nipper->version); + if (strchr(nipper->version, '.') != 0) + nipper->versionMinor = atoi(strchr(nipper->version, '.') + 1); + } + + // Service lines... + else if (strcmp(command.part[tempInt], "service") == 0) + { + tempInt++; + + // Service Password Encryption... + if (strcmp(command.part[tempInt], "password-encryption") == 0) + { + if (nipper->debugMode == true) + printf("Service Password-Encryption Line: %s\n", line); + nipper->ios->servicePasswordEncryption = setting; + } + + // TCP keep alives in + else if (strcmp(command.part[tempInt], "tcp-keepalives-in") == 0) + { + if (nipper->debugMode == true) + printf("TCP Keep Alives In Line: %s\n", line); + nipper->ios->keepAlivesIn = setting; + } + + // TCP keep alives out + else if (strcmp(command.part[tempInt], "tcp-keepalives-out") == 0) + { + if (nipper->debugMode == true) + printf("TCP Keep Alives Out Line: %s\n", line); + nipper->ios->keepAlivesOut = setting; + } + + // Service Config + else if (strcmp(command.part[tempInt], "config") == 0) + processServiceConfig(line, nipper); + + // PAD Service... + else if (strcmp(command.part[tempInt], "pad") == 0) + { + if (nipper->debugMode == true) + printf("PAD Line: %s\n", line); + nipper->ios->pad = setting; + } + + // TCP Small Servers... + else if (strcmp(command.part[tempInt], "tcp-small-servers") == 0) + processSmallServers(line, nipper); + + // UDP Small Servers... + else if (strcmp(command.part[tempInt], "udp-small-servers") == 0) + processSmallServers(line, nipper); + + // Finger... + else if (strcmp(command.part[tempInt], "finger") == 0) + { + if (nipper->debugMode == true) + printf("Finger Line: %s\n", line); + nipper->ios->finger = setting; + } + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + } + + // IP lines... + else if (strcmp(command.part[tempInt], "ip") == 0) + { + tempInt++; + + // Cisco Express Forwarding + if (strcmp(command.part[tempInt], "cef") == 0) + processCEF(line, nipper); + + // IP Classless Routing + else if (strcmp(command.part[tempInt], "classless") == 0) + { + if (nipper->debugMode == true) + printf("Classless Routing Line: %s\n", line); + nipper->ios->classlessRouting = setting; + } + + // Access Lists... + else if (strcmp(command.part[tempInt], "access-list") == 0) + processIPAccessList(line, nipper); + + // Gratuitous ARPs + else if (strcmp(command.part[tempInt], "gratuitous-arps") == 0) + { + if (nipper->debugMode == true) + printf("Gratuitous ARPs Line: %s\n", line); + nipper->ios->gratuitousArps = setting; + } + + // SSH + else if (strcmp(command.part[tempInt], "ssh") == 0) + processSsh(line, nipper); + + // Name Servers + else if (strcmp(command.part[tempInt], "name-server") == 0) + processNameServer(line, nipper); + + // Domain Name + else if (strcmp(command.part[tempInt], "domain-name") == 0) + { + if (nipper->debugMode == true) + printf("Domain Name Line: %s\n", line); + strncpy(nipper->domainName, command.part[tempInt+1], sizeof(nipper->domainName) - 1); + } + else if ((strcmp(command.part[tempInt], "domain") == 0) && (strcmp(command.part[tempInt+1], "name") == 0)) + { + if (nipper->debugMode == true) + printf("Domain Name Line: %s\n", line); + strncpy(nipper->domainName, command.part[tempInt+2], sizeof(nipper->domainName) - 1); + } + + // Domain Lookup + else if ((strcmp(command.part[tempInt], "domain-lookup") == 0) || ((strcmp(command.part[tempInt], "domain") == 0) && (strcmp(command.part[tempInt+1], "lookup") == 0))) + processDomainLookup(line, nipper); + + // Source routing... + else if (strcmp(command.part[tempInt], "source-route") == 0) + { + if (nipper->debugMode == true) + printf("IP Source Route Line: %s\n", line); + nipper->ios->sourceRouting = setting; + } + + // Bootp... + else if ((strcmp(command.part[tempInt], "bootp") == 0) && (strcmp(command.part[tempInt+1], "server") == 0)) + processBootp(line, nipper); + + // HTTP... + else if (strcmp(command.part[tempInt], "http") == 0) + processHttp(line, nipper); + + // FTP username / password... + else if (strcmp(command.part[tempInt], "ftp") == 0) + processFtp(line, nipper); + + // IP Route... + else if ((strcmp(command.part[tempInt], "route") == 0) && (strcmp(command.part[tempInt+1], "vrf") != 0)) + processRoute(line, nipper); + + // IP NAT... + else if (strcmp(command.part[tempInt], "nat") == 0) + processNAT(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + } + + // Security + else if (strcmp(command.part[tempInt], "security") == 0) + { + tempInt++; + + // Passwords Minimum Length + if ((strcmp(command.part[tempInt], "passwords") == 0) && (strcmp(command.part[tempInt+1], "min-length") == 0)) + { + if (nipper->debugMode == true) + printf("Password Length Line: %s\n", line); + if (setting == false) + nipper->ios->passwordMinLength = 0; + else + nipper->ios->passwordMinLength = atoi(command.part[tempInt+2]); + } + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + } + + // Enable Passwords + else if (strcmp(command.part[tempInt], "enable") == 0) + processEnable(line, nipper); + + // Usernames... + else if (strcmp(command.part[tempInt], "username") == 0) + processUsername(line, nipper); + + // Interfaces + else if (strcmp(command.part[tempInt], "interface") == 0) + processInterface(line, nipper); + + // Banner... + else if (strcmp(command.part[tempInt], "banner") == 0) + processBanner(line, nipper); + + // CDP... + else if ((strcmp(command.part[tempInt], "cdp") == 0) && (strcmp(command.part[tempInt+1], "run") == 0)) + { + if (nipper->debugMode == true) + printf("CDP Line: %s\n", line); + nipper->ios->cdp = setting; + } + + // Access Lists... + else if (strcmp(command.part[tempInt], "access-list") == 0) + processAccessList(line, nipper); + + // Line... + else if (strcmp(command.part[tempInt], "line") == 0) + processLine(line, nipper); + + // VTP... + else if (strcmp(command.part[tempInt], "vtp") == 0) + processVTP(line, nipper); + + // Key chain... + else if ((strcmp(command.part[tempInt], "key") == 0) && (strcmp(command.part[tempInt+1], "chain") == 0)) + processKeyChain(line, nipper); + + // Routing... + else if (strcmp(command.part[tempInt], "router") == 0) + processRouter(line, nipper); + + // Route Map... + else if (strcmp(command.part[tempInt], "route-map") == 0) + processRouteMap(line, nipper); + + // TACACS... + else if (strcmp(command.part[tempInt], "tacacs-server") == 0) + processTacacs(line, nipper); + + // AAA... + else if (strcmp(command.part[tempInt], "aaa") == 0) + processAaa(line, nipper); + + // NTP... + else if (strcmp(command.part[tempInt], "ntp") == 0) + processNtp(line, nipper); + + // Privilage Levels... + else if ((strcmp(command.part[tempInt], "privilage") == 0) && (strcmp(command.part[tempInt+1], "exec") == 0) && (strcmp(command.part[tempInt+2], "level") == 0)) + processPrivilage(line, nipper); + + // SNMP... + else if (strcmp(command.part[tempInt], "snmp-server") == 0) + processSnmp(line, nipper); + + // Logging... + else if (strcmp(command.part[tempInt], "logging") == 0) + processLogging(line, nipper); + + // Clock... + else if (strcmp(command.part[tempInt], "clock") == 0) + processClock(line, nipper); + + // Boot Network + else if ((strcmp(command.part[tempInt], "boot") == 0) && (strcmp(command.part[tempInt+1], "network") == 0)) + processBootNetwork(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} diff --git a/0.11.10/IOS/.svn/text-base/process-aaa.c.svn-base b/0.11.10/IOS/.svn/text-base/process-aaa.c.svn-base new file mode 100644 index 0000000..c255dfc --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-aaa.c.svn-base @@ -0,0 +1,243 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +#define aaa_radius 0 +#define aaa_tacacs 1 +#define aaa_kerberos 2 + + +// AAA Server +struct aaaServer +{ + char server[32]; + int authPort; + int acctPort; + char key[128]; + char keyEncrypted[128]; + int encryption; + int weak; + int dictionary; + struct aaaServer *next; +}; + + +// AAA Group Server +struct aaaGroupServer +{ + int type; // aaa_radius, aaa_tacacs or aaa_kerberos + char username[64]; + struct aaaServer *server; + struct aaaGroupServer *next; +}; + + +// AAA +struct aaaConfig +{ + struct aaaGroupServer *groupServer; +}; + + +// Process AAA +void processAaa(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + struct aaaGroupServer *groupServerPointer = 0; + struct aaaServer *serverPointer = 0; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("AAA Line: %s\n", line); + } + + // If there is no aaa config, create one + if (nipper->ios->aaa == 0) + { + // Create + nipper->ios->aaa = malloc(sizeof(struct aaaConfig)); + + // Init + memset(nipper->ios->aaa, 0, sizeof(struct aaaConfig)); + } + + // Init + command = splitLine(line); + + // If group server line + if (strncmp("aaa group server ", line, 17) == 0) + { + // Create + groupServerPointer = malloc(sizeof(struct aaaGroupServer)); + memset(groupServerPointer, 0, sizeof(struct aaaGroupServer)); + + // Sort out pointers + groupServerPointer->next = nipper->ios->aaa->groupServer; + nipper->ios->aaa->groupServer = groupServerPointer; + + // Init + groupServerPointer->server = 0; + + // Type of group server + if (strncmp(command.part[3], "radius", 6) == 0) + groupServerPointer->type = aaa_radius; + else if (strncmp(command.part[3], "tacacs", 6) == 0) + groupServerPointer->type = aaa_tacacs; + else if (strncmp(command.part[3], "kerberos", 8) == 0) + groupServerPointer->type = aaa_kerberos; + + // Username + strncpy(groupServerPointer->username, command.part[command.parts - 1], sizeof(groupServerPointer->username)); + + // Loop through aaa group server lines + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + { + printf("AAA Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Get server-private line + if (strncmp(command.part[0], "server-private", 14) == 0) + { + // Create structure + serverPointer = malloc(sizeof(struct aaaServer)); + memset(serverPointer, 0, sizeof(struct aaaServer)); + + // Sort out pointers + serverPointer->next = groupServerPointer->server; + groupServerPointer->server = serverPointer; + + // Init + strcpy(serverPointer->server, ""); + serverPointer->authPort = -1; + serverPointer->acctPort = -1; + strcpy(serverPointer->key, ""); + strcpy(serverPointer->keyEncrypted, ""); + serverPointer->weak = false; + serverPointer->dictionary = false; + serverPointer->encryption = -1; + + // Get server + strncpy(serverPointer->server, command.part[1], sizeof(serverPointer->server)); + tempInt = 2; + + // Get parameters + while (tempInt < command.parts) + { + // Auth port + if (strncmp(command.part[tempInt], "auth-port", 9) == 0) + { + tempInt++; + serverPointer->authPort = atoi(command.part[tempInt]); + } + + // Acct Port + else if ((strncmp(command.part[tempInt], "acct-port", 9) == 0) && (command.parts > tempInt)) + { + tempInt++; + serverPointer->acctPort = atoi(command.part[tempInt]); + } + + // Key + else if ((strncmp(command.part[tempInt], "key", 3) == 0) && (command.parts > tempInt)) + { + tempInt++; + // Password type + switch (command.part[tempInt][0]) + { + case '7': + serverPointer->encryption = encrypt_type7; + if (password7(command.part[tempInt + 1], serverPointer->key, sizeof(serverPointer->key), nipper->debugMode) != 0) + strcpy(serverPointer->key, ""); + strncpy(serverPointer->keyEncrypted, command.part[tempInt + 1], sizeof(serverPointer->keyEncrypted)); + break; + + case '5': + serverPointer->encryption = encrypt_md5; + strcpy(serverPointer->key, ""); + strncpy(serverPointer->keyEncrypted, command.part[tempInt + 1], sizeof(serverPointer->keyEncrypted)); + addJohnPassword(nipper, serverPointer->server , serverPointer->keyEncrypted); + break; + + case '0': + serverPointer->encryption = encrypt_none; + strncpy(serverPointer->key, command.part[tempInt + 1], sizeof(serverPointer->key)); + strcpy(serverPointer->keyEncrypted, ""); + break; + + default: + if (command.parts == tempInt + 2) + { + serverPointer->encryption = encrypt_none; + strncpy(serverPointer->key, command.part[command.parts - 1], sizeof(serverPointer->key)); + strcpy(serverPointer->keyEncrypted, ""); + } + else + { + serverPointer->encryption = encrypt_unknown; + strcpy(serverPointer->key, ""); + strncpy(serverPointer->keyEncrypted, command.part[command.parts - 1], sizeof(serverPointer->keyEncrypted)); + } + break; + } + if ((strcmp(serverPointer->key, "") != 0) && strlen(serverPointer->key) != 0) + { + if (simplePassword(serverPointer->key, nipper) == true) + { + nipper->simplePasswords++; + serverPointer->dictionary = true; + } + if (passwordStrength(serverPointer->key, nipper) == false) + { + nipper->passwordStrengths++; + serverPointer->weak = true; + } + } + } + + // Increment + tempInt++; + } + } + + // Read next line + readLine(nipper->input, line, nipper->maxSize); + } + } +} diff --git a/0.11.10/IOS/.svn/text-base/process-access-list.c.svn-base b/0.11.10/IOS/.svn/text-base/process-access-list.c.svn-base new file mode 100644 index 0000000..354cf6e --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-access-list.c.svn-base @@ -0,0 +1,632 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Access List +void processAccessList(char *line, struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + int loop = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + struct filterConfig *filterPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + struct filterListConfig *filterListPointer = 0; + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("Access-List Line: %s\n", line); + } + + // Init + command = splitLine(line); + tempString[0] = 0; + if (command.parts < 4) + return; + + // Get / create access list + filterListPointer = getFilterList(nipper, command.part[1], "", false); + + // Set ACL type, if not already set... + if (filterListPointer->type == access_none) + { + if (atoi(command.part[1]) < 100) + filterListPointer->type = access_std; + else + filterListPointer->type = access_ext; + } + + // Is the line a remark? + if ((strcmp(command.part[2], "remark") == 0) && (command.parts > 3)) + { + strcpy(tempString, command.part[3]); + if (command.parts > 4) + { + for (loop = 4; loop < command.parts; loop++) + { + sprintf(tempString2, "%s %s",tempString, command.part[loop]); + strcpy(tempString, tempString2); + } + } + insertFilterRemark(filterListPointer, 0, false, tempString); + } + else + { + tempInt = 2; + + // Is the line a permit / deny line? + if ((strcmp(command.part[tempInt], "permit") == 0) || (strcmp(command.part[tempInt], "deny") == 0)) + { + // Is this the first permission + if (filterListPointer->filter == 0) + { + // Create a new permission storage structure + filterPointer = malloc(sizeof(struct filterConfig)); + // sort out pointer + filterListPointer->filter = filterPointer; + } + else + { + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + // Create a new permission storage structure + filterPointer->next = malloc(sizeof(struct filterConfig)); + // Sort out pointer + filterPointer = filterPointer->next; + } + + // Init... + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->enabled = true; + filterPointer->established = false; + filterPointer->fragments = false; + filterPointer->log = false; + + // Was it a permit line? + if (strcmp(command.part[tempInt], "permit") == 0) + filterPointer->action = filter_action_accept; + else + filterPointer->action = filter_action_drop; + tempInt++; + + // Is it an extended access-list? + if (filterListPointer->type == access_ext) + { + strncpy(filterPointer->protocol, command.part[tempInt], sizeof(filterPointer->protocol) -1); + tempInt++; + } + + // Get source + if (strcmp(command.part[tempInt], "host") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + filterObjectPointer->type = object_type_host; + tempInt++; + } + else if (strcasecmp(command.part[tempInt], "any") == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_source); + filterObjectPointer->type = object_type_any; + tempInt++; + } + else + { + // Standard access-list? + if (filterListPointer->type == access_std) + { + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + filterObjectPointer->type = object_type_host; + tempInt++; + if ((tempInt < command.parts) && (strncmp(command.part[tempInt], "log", 3) != 0)) + { + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + if (strcmp(filterObjectPointer->netMask, "255.255.255.255") != 0) + filterObjectPointer->type = object_type_network; + tempInt++; + } + } + else + { + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + if (strcmp(filterObjectPointer->netMask, "255.255.255.255") == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_network; + tempInt++; + } + } + + // Standard access-list? + if (filterListPointer->type == access_std) + { + if ((tempInt < command.parts) && (strcmp(command.part[tempInt], "log") == 0)) + filterPointer->log = true; + return; + } + + // Is operator used with source? + if (strncmp(command.part[tempInt], "lt", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_lt; + tempInt++; + } + else if (strncmp(command.part[tempInt], "gt", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_gt; + tempInt++; + } + else if (strncmp(command.part[tempInt], "eq", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_eq; + tempInt++; + } + else if (strncmp(command.part[tempInt], "neq", 3) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_neq; + tempInt++; + } + else if (strncmp(command.part[tempInt], "range", 5) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_range; + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + tempInt++; + } + + // Get destination + if (strncmp(command.part[tempInt], "host", 4) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + filterObjectPointer->type = object_type_host; + tempInt++; + } + else if (strcasecmp(command.part[tempInt], "any") == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_destination); + filterObjectPointer->type = object_type_any; + tempInt++; + } + else + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + if (strcmp(filterObjectPointer->netMask, "255.255.255.255") == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_network; + tempInt++; + } + + // If no more, then exit + if (tempInt == command.parts) + return; + + // Is operator used with destination? + if (strncmp(command.part[tempInt], "lt", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_lt; + tempInt++; + } + else if (strncmp(command.part[tempInt], "gt", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_gt; + tempInt++; + } + else if (strncmp(command.part[tempInt], "eq", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_eq; + tempInt++; + } + else if (strncmp(command.part[tempInt], "neq", 3) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_neq; + tempInt++; + } + else if (strncmp(command.part[tempInt], "range", 5) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_range; + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + tempInt++; + } + + // If no more, then exit + if (tempInt == command.parts) + return; + + // established? + if (strncmp(command.part[tempInt], "established", 11) == 0) + { + filterPointer->established = true; + tempInt++; + } + + // fragments? + if (strncmp(command.part[tempInt], "fragments", 9) == 0) + { + filterPointer->fragments = true; + tempInt++; + } + + // If no more, then exit + if (tempInt == command.parts) + return; + + // Log? + if ((strncmp(command.part[tempInt], "log", 3) == 0) || (strncmp(command.part[tempInt], "log-input", 9) == 0)) + { + filterPointer->log = true; + tempInt++; + } + } + } +} + + +// Process IP Access List +void processIPAccessList(char *line, struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + int loop; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + fpos_t filePosition; + struct filterConfig *filterPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + struct filterListConfig *filterListPointer = 0; + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("IP Access-List Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Get / Create ACL... + filterListPointer = getFilterList(nipper, command.part[3], "", false); + + // Set type... + if (filterListPointer->type == access_none) + { + if (strcmp(command.part[2], "standard") == 0) + filterListPointer->type = access_std; + else + filterListPointer->type = access_ext; + } + + // Loop through the interface lines + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + { + printf("IP Access-List Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Permit or deny + if ((strcmp(command.part[0], "permit") == 0) || (strcmp(command.part[0], "deny") == 0)) + { + // If first permission + if (filterListPointer->filter == 0) + { + // Create a new permission storage structure + filterPointer = malloc(sizeof(struct filterConfig)); + // sort out pointer + filterListPointer->filter = filterPointer; + } + else + { + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + // Create a new permission storage structure + filterPointer->next = malloc(sizeof(struct filterConfig)); + // Sort out pointer + filterPointer = filterPointer->next; + } + + // Init... + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->enabled = true; + filterPointer->established = false; + filterPointer->fragments = false; + filterPointer->log = false; + + // Permit or Deny + if (strcmp(command.part[0], "permit") == 0) + filterPointer->action = filter_action_accept; + else + filterPointer->action = filter_action_drop; + + // Protocol + if (filterListPointer->type == access_ext) + { + strncpy(filterPointer->protocol, command.part[1], sizeof(filterPointer->protocol) -1); + tempInt = 2; + } + else + tempInt = 1; + + // Source + if (strncmp(command.part[tempInt], "host", 4) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + filterObjectPointer->type = object_type_host; + tempInt++; + } + else if (strncmp(command.part[tempInt], "any", 3) == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_source); + filterObjectPointer->type = object_type_any; + tempInt++; + } + else + { + // Standard access-list? + if (filterListPointer->type == access_std) + { + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + tempInt++; + if ((tempInt < command.parts) && (strncmp(command.part[tempInt], "log", 3) != 0)) + { + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) -1); + if (strcmp(filterObjectPointer->netMask, "255.255.255.255") == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_network; + tempInt++; + } + } + else + { + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) -1); + if (strcmp(filterObjectPointer->netMask, "255.255.255.255") == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_network; + tempInt++; + } + } + + // Standard ACL only... + if (filterListPointer->type == access_std) + { + // Log? + if ((strncmp(command.part[tempInt], "log", 3) == 0)) + { + filterPointer->log = true; + tempInt++; + } + } + + // Extended ACL only... + if (filterListPointer->type == access_ext) + { + // Is operator used with source? + if (strncmp(command.part[tempInt], "lt", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_lt; + tempInt++; + } + else if (strncmp(command.part[tempInt], "gt", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_gt; + tempInt++; + } + else if (strncmp(command.part[tempInt], "eq", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_eq; + tempInt++; + } + else if (strncmp(command.part[tempInt], "neq", 3) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_neq; + tempInt++; + } + else if (strncmp(command.part[tempInt], "range", 5) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_range; + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) -1); + tempInt++; + } + + // Get destination + if (strncmp(command.part[tempInt], "host", 4) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + filterObjectPointer->type = object_type_host; + tempInt++; + } + else if (strncmp(command.part[tempInt], "any", 3) == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_destination); + filterObjectPointer->type = object_type_any; + tempInt++; + } + else + { + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) -1); + if (strcmp(filterObjectPointer->netMask, "255.255.255.255") == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_network; + tempInt++; + } + + // Get all the rest... + while (tempInt < command.parts) + { + // Is operator used with destination? + if (strncmp(command.part[tempInt], "lt", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_lt; + } + else if (strncmp(command.part[tempInt], "gt", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_gt; + } + else if (strncmp(command.part[tempInt], "eq", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_eq; + } + else if (strncmp(command.part[tempInt], "neq", 3) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_neq; + } + else if (strncmp(command.part[tempInt], "range", 5) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_range; + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) -1); + } + + // established? + else if (strncmp(command.part[tempInt], "established", 11) == 0) + filterPointer->established = true; + + // fragments? + else if (strncmp(command.part[tempInt], "fragments", 9) == 0) + filterPointer->fragments = true; + + // Log? + else if ((strncmp(command.part[tempInt], "log", 3) == 0) || (strncmp(command.part[tempInt], "log-input", 9) == 0)) + filterPointer->log = true; + + // Others... + else if ((strcmp(command.part[tempInt], "precendence") == 0) || (strcmp(command.part[tempInt], "tos") == 0) || (strcmp(command.part[tempInt], "reflect") == 0) || (strcmp(command.part[tempInt], "time-range") == 0) || (strcmp(command.part[tempInt], "option") == 0)) + tempInt++; + else if ((strcmp(command.part[tempInt], "match-any") == 0) || (strcmp(command.part[tempInt], "match-all") == 0)) + tempInt+=2; + + // Else ICMP options... + else if (strcmp(filterPointer->protocol, "icmp") == 0) + { + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_eq; + } + + tempInt++; + } + } + } + + // Remark... + else if (strcmp(command.part[0], "remark") == 0) + { + strcpy(tempString, command.part[1]); + if (command.parts > 2) + { + for (loop = 2; loop < command.parts; loop++) + { + sprintf(tempString2, "%s %s",tempString, command.part[loop]); + strcpy(tempString, tempString2); + } + } + insertFilterRemark(filterListPointer, 0, false, tempString); + } + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + + // Get next line... + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + + // Set to previous position... + fsetpos(nipper->input, &filePosition); +} diff --git a/0.11.10/IOS/.svn/text-base/process-banner.c.svn-base b/0.11.10/IOS/.svn/text-base/process-banner.c.svn-base new file mode 100644 index 0000000..01404a0 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-banner.c.svn-base @@ -0,0 +1,121 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Banner +struct bannerConfig +{ + char *line; + struct bannerConfig *next; +}; + + +// Process Banner +void processBanner(char *line, struct nipperConfig *nipper) +{ + // Variables + struct bannerConfig *bannerPointer = 0; + struct ciscoCommand command; + char bannerTerminator[3]; + + // Debug + if (nipper->debugMode == true) + { + printf("Banner Line: %s\n", line); + } + + // Only process if banner has not already been set and banner line is made up of 3 parts... + command = splitLine(line); + if ((nipper->ios->banner == 0) && (command.parts > 2)) + { + // init + if (command.part[2][0] != '^') + { + bannerTerminator[0] = command.part[2][0]; + bannerTerminator[1] = 0; + } + else + { + bannerTerminator[0] = command.part[2][0]; + bannerTerminator[1] = command.part[2][1]; + bannerTerminator[2] = 0; + } + + // If banner starts on the banner line... + if ((command.parts > 3) || (strlen(command.part[2]) > 2)) + { + nipper->ios->banner = malloc(sizeof(struct bannerConfig)); + bannerPointer = nipper->ios->banner; + memset(bannerPointer, 0, sizeof(struct bannerConfig)); + bannerPointer->line = malloc(strlen(strstr(line, bannerTerminator) - strlen(bannerTerminator))); + strcpy(bannerPointer->line, strstr(line, bannerTerminator) + strlen(bannerTerminator)); + bannerPointer->next = 0; + } + + // Read next line + readLine(nipper->input, line, nipper->maxSize); + + // Get all parts of the banner message... + while ((strstr(line, bannerTerminator) == 0) && (feof(nipper->input) == 0)) + { + if (nipper->debugMode == true) + { + printf("Banner: %s\n", line); + } + + // Is this the first line of text... + if (nipper->ios->banner == 0) + { + // create struct + nipper->ios->banner = malloc(sizeof(struct bannerConfig)); + bannerPointer = nipper->ios->banner; + } + + // or Add another line... + else + { + // Create structure + bannerPointer->next = malloc(sizeof(struct bannerConfig)); + bannerPointer = bannerPointer->next; + } + + // Init structure... + memset(bannerPointer, 0, sizeof(struct bannerConfig)); + bannerPointer->line = malloc(strlen(line) + 1); + strcpy(bannerPointer->line, line); + bannerPointer->next = 0; + + // Read next line + readLine(nipper->input, line, nipper->maxSize); + } + } +} + + diff --git a/0.11.10/IOS/.svn/text-base/process-cef.c.svn-base b/0.11.10/IOS/.svn/text-base/process-cef.c.svn-base new file mode 100644 index 0000000..1fd8aee --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-cef.c.svn-base @@ -0,0 +1,71 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process CEF +void processCEF(char *line, struct nipperConfig *nipper) +{ + // Variables + int tempInt = 0; + int setting = 0; + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("Cisco Express Forwarding Line: %s\n", line); + } + + // Init + command = splitLine(line); + if (strcmp(command.part[0], "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Just "ip cef" / "no ip cef" + if (command.parts == tempInt + 2) + nipper->ios->cef = setting; + + // Distributed CEF + else if (strcmp(command.part[tempInt+2], "distributed") == 0) + nipper->ios->cef = setting; + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} + diff --git a/0.11.10/IOS/.svn/text-base/process-clock.c.svn-base b/0.11.10/IOS/.svn/text-base/process-clock.c.svn-base new file mode 100644 index 0000000..77db9d6 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-clock.c.svn-base @@ -0,0 +1,103 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Clock +void processClock(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + int tempInt = 0; + int setting = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Clock Line: %s\n", line); + } + + //init + command = splitLine(line); + + // Setting + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 2; + } + else + { + setting = true; + tempInt = 1; + } + + // Timezone + if (strcmp(command.part[tempInt], "timezone") == 0) + { + if (setting == false) + { + strcpy(nipper->ios->timeZone, "UTC"); + nipper->ios->timeOffsetHours = 0; + nipper->ios->timeOffsetMins = 0; + } + else + { + tempInt++; + strncpy(nipper->ios->timeZone, command.part[tempInt], sizeof(nipper->ios->timeZone) -1); + tempInt++; + nipper->ios->timeOffsetHours = atoi(command.part[tempInt]); + tempInt++; + if (tempInt < command.parts) + nipper->ios->timeOffsetMins = atoi(command.part[tempInt]); + } + } + + // Sumertime Zone + else if (strcmp(command.part[tempInt], "summer-time") == 0) + { + if (setting == false) + strcpy(nipper->ios->summerTimeZone, ""); + else + { + tempInt++; + strncpy(nipper->ios->summerTimeZone, command.part[tempInt], sizeof(nipper->ios->summerTimeZone) -1); + } + } + + // Calendar Valid + else if (strcmp(command.part[tempInt], "calendar-valid") == 0) + nipper->ios->calendarValid = setting; + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} + + diff --git a/0.11.10/IOS/.svn/text-base/process-dns.c.svn-base b/0.11.10/IOS/.svn/text-base/process-dns.c.svn-base new file mode 100644 index 0000000..f9fe4ce --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-dns.c.svn-base @@ -0,0 +1,70 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Domain Name +void processNameServer(char *line, struct nipperConfig *nipper) +{ + // Variables + struct host *dnsPointer = 0; + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("Name Server Line: %s\n", line); + } + + // Create DNS Server struct + if (nipper->ios->dns == 0) + { + // create struct + nipper->ios->dns = malloc(sizeof(struct host)); + dnsPointer = nipper->ios->dns; + } + else + { + dnsPointer = nipper->ios->dns; + while (dnsPointer->next != 0) + dnsPointer = dnsPointer->next; + // create struct + dnsPointer->next = malloc(sizeof(struct host)); + dnsPointer = dnsPointer->next; + } + + // Init + command = splitLine(line); + memset(dnsPointer, 0, sizeof(struct host)); + + // Copy DNS server + strncpy(dnsPointer->server, command.part[2], sizeof(dnsPointer->server) - 1); +} + + diff --git a/0.11.10/IOS/.svn/text-base/process-enable.c.svn-base b/0.11.10/IOS/.svn/text-base/process-enable.c.svn-base new file mode 100644 index 0000000..84db5dd --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-enable.c.svn-base @@ -0,0 +1,149 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Enable password(s) +struct enablePassword +{ + char password[128]; + char passwordEncrypted[128]; + int secret; // true or false + int level; + int encryption; // encrypt_type7, encrypt_md5... + int weak; // true or false + int dictionary; // true or false + struct enablePassword *next; +}; + + +// Process enable +void processEnable(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct enablePassword *enablePointer = 0; + struct ciscoCommand command; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Enable Line: %s\n", line); + } + + // Create storage for enable... + enablePointer = malloc(sizeof(struct enablePassword)); + memset(enablePointer, 0, sizeof(struct enablePassword)); + + // Sort out pointers... + enablePointer->next = nipper->ios->enable; + nipper->ios->enable = enablePointer; + + // Init + command = splitLine(line); + tempInt = 1; + enablePointer->weak = false; + enablePointer->dictionary = false; + enablePointer->secret = false; + enablePointer->level = 15; + + // secret + if (strncmp(command.part[tempInt], "secret", 6) == 0) + { + enablePointer->secret = true; + tempInt++; + } + + // password + if (strncmp(command.part[tempInt], "password", 8) == 0) + tempInt++; + + if (strncmp(command.part[tempInt], "level ", 6) == 0) + { + tempInt++; + enablePointer->level = atoi(command.part[tempInt]); + tempInt++; + } + + // Password type + switch (command.part[tempInt][0]) + { + case '7': + enablePointer->encryption = encrypt_type7; + if (password7(command.part[tempInt + 1], enablePointer->password, sizeof(enablePointer->password), nipper->debugMode) != 0) + strcpy(enablePointer->password, ""); + strncpy(enablePointer->passwordEncrypted, command.part[tempInt + 1], sizeof(enablePointer->passwordEncrypted)); + break; + + case '5': + enablePointer->encryption = encrypt_md5; + strcpy(enablePointer->password, ""); + strncpy(enablePointer->passwordEncrypted, command.part[tempInt + 1], sizeof(enablePointer->passwordEncrypted)); + addJohnPassword(nipper, "enable" , enablePointer->passwordEncrypted); + break; + + case '0': + enablePointer->encryption = encrypt_none; + strncpy(enablePointer->password, command.part[tempInt + 1], sizeof(enablePointer->password)); + strcpy(enablePointer->passwordEncrypted, ""); + break; + + default: + if (command.parts == tempInt + 1) + { + enablePointer->encryption = encrypt_none; + strncpy(enablePointer->password, command.part[command.parts - 1], sizeof(enablePointer->password)); + strcpy(enablePointer->passwordEncrypted, ""); + } + else + { + enablePointer->encryption = encrypt_unknown; + strcpy(enablePointer->password, ""); + strncpy(enablePointer->passwordEncrypted, command.part[command.parts - 1], sizeof(enablePointer->passwordEncrypted)); + } + break; + } + + // Check Passwords... + if ((strcmp(enablePointer->password, "") != 0) && (strlen(enablePointer->password) != 0)) + { + if (simplePassword(enablePointer->password, nipper) == true) + { + nipper->simplePasswords++; + enablePointer->dictionary = true; + } + if (passwordStrength(enablePointer->password, nipper) == false) + { + nipper->passwordStrengths++; + enablePointer->weak = true; + } + } +} + + diff --git a/0.11.10/IOS/.svn/text-base/process-ftp.c.svn-base b/0.11.10/IOS/.svn/text-base/process-ftp.c.svn-base new file mode 100644 index 0000000..9b9a381 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-ftp.c.svn-base @@ -0,0 +1,138 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// FTP +struct ftpConfig +{ + char username[128]; + char password[128]; + char passwordEncrypted[128]; + int encryption; + int weak; + int dictionary; + struct netInterface *interface; +}; + + +// Process FTP +void processFtp(char *line, struct nipperConfig *nipper) +{ + // Variables + struct netInterface *interfacePointer = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("FTP Line: %s\n", line); + } + + // Check to see if FTP already exists + if (nipper->ios->ftp == 0) + { + // Create struct + nipper->ios->ftp = malloc(sizeof(struct ftpConfig)); + memset(nipper->ios->ftp, 0, sizeof(struct ftpConfig)); + + // Init + nipper->ios->ftp->encryption = -1; + nipper->ios->ftp->weak = false; + nipper->ios->ftp->dictionary = false; + } + + // Check for username + if (strncmp(line, "ip ftp username ", 16) == 0) + { + strncpy(nipper->ios->ftp->username, line + 16, sizeof(nipper->ios->ftp->username)); + } + + // Check for interface + if (strncmp(line, "ip ftp source-interface ", 24) == 0) + { + // Allocate struct + interfacePointer = malloc(sizeof(struct netInterface)); + memset(interfacePointer, 0, sizeof(struct netInterface)); + + // Pointers + interfacePointer->next = nipper->ios->ftp->interface; + nipper->ios->ftp->interface = interfacePointer; + + // Copy interface + strncpy(interfacePointer->interface, line + 24, sizeof(interfacePointer->interface)); + } + + // Check for password + else if (strncmp("ip ftp password ", line, 16) == 0) + { + switch (line[16]) + { + case '7': + nipper->ios->ftp->encryption = encrypt_type7; + if (password7(line+18, nipper->ios->ftp->password, sizeof(nipper->ios->ftp->password), nipper->debugMode) != 0) + strcpy(nipper->ios->ftp->password, ""); + strncpy(nipper->ios->ftp->passwordEncrypted, line+18, sizeof(nipper->ios->ftp->passwordEncrypted)); + break; + + case '5': + nipper->ios->ftp->encryption = encrypt_md5; + strcpy(nipper->ios->ftp->password, ""); + strncpy(nipper->ios->ftp->passwordEncrypted, line+18, sizeof(nipper->ios->ftp->passwordEncrypted)); + addJohnPassword(nipper, nipper->ios->ftp->username, nipper->ios->ftp->passwordEncrypted); + break; + + case '0': + nipper->ios->ftp->encryption = encrypt_none; + strncpy(nipper->ios->ftp->password, line+18, sizeof(nipper->ios->ftp->password)); + strcpy(nipper->ios->enable->passwordEncrypted, ""); + break; + + default: + nipper->ios->ftp->encryption = encrypt_unknown; + strcpy(nipper->ios->ftp->password, ""); + strncpy(nipper->ios->ftp->passwordEncrypted, line+18, sizeof(nipper->ios->ftp->passwordEncrypted)); + break; + } + if ((strcmp(nipper->ios->ftp->password, "") != 0) && (strlen(nipper->ios->ftp->password) != 0)) + { + if (simplePassword(nipper->ios->ftp->password, nipper) == true) + { + nipper->simplePasswords++; + nipper->ios->ftp->dictionary = true; + } + if (passwordStrength(nipper->ios->ftp->password, nipper) == false) + { + nipper->passwordStrengths++; + nipper->ios->ftp->weak = true; + } + } + } +} + + diff --git a/0.11.10/IOS/.svn/text-base/process-general.c.svn-base b/0.11.10/IOS/.svn/text-base/process-general.c.svn-base new file mode 100644 index 0000000..06620f1 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-general.c.svn-base @@ -0,0 +1,194 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Small Servers +void processSmallServers(char *line, struct nipperConfig *nipper) +{ + // Debug output + if (nipper->debugMode == true) + printf("Small Servers Line: %s\n", line); + + // Get setting + if (strncmp("service tcp-small-servers", line, 25) == 0) + nipper->ios->tcpSmallServers = true; + + else if (strncmp("service udp-small-servers", line, 25) == 0) + nipper->ios->udpSmallServers = true; + + else if (strncmp("no service tcp-small-servers", line, 28) == 0) + nipper->ios->tcpSmallServers = false; + + else if (strncmp("no service udp-small-servers", line, 28) == 0) + nipper->ios->udpSmallServers = false; +} + + +// Process Bootp +void processBootp(char *line, struct nipperConfig *nipper) +{ + // Debug output + if (nipper->debugMode == true) + printf("Bootp Line: %s\n", line); + + // Get setting + if (strncmp("no ip bootp server", line, 18) == 0) + nipper->ios->bootp = false; + + else if (strncmp("ip bootp server", line, 15) == 0) + nipper->ios->bootp = true; +} + + +// Process Domain Loopup +void processDomainLookup(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + + // Split the command line up + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Domain Lookup Line: %s\n", line); + + // Get setting + if (strcmp(command.part[0], "no") == 0) + nipper->ios->domainLookup = false; + else + nipper->ios->domainLookup = true; +} + + +// Process Boot Network +void processBootNetwork(char *line, struct nipperConfig *nipper) +{ + // Debug + if (nipper->debugMode == true) + { + printf("Boot Network Line: %s\n", line); + } + + // Enabled + if (strncmp(line, "boot network", 12) == 0) + nipper->ios->bootNetwork = true; + + // Disabled + if (strncmp(line, "no boot network", 15) == 0) + nipper->ios->bootNetwork = false; +} + + +// Process Service Config +void processServiceConfig(char *line, struct nipperConfig *nipper) +{ + // Debug + if (nipper->debugMode == true) + { + printf("Service Config Line: %s\n", line); + } + + // Enabled + if (strncmp(line, "service config", 14) == 0) + nipper->ios->serviceConfig = true; + + // Disabled + if (strncmp(line, "no service config", 17) == 0) + nipper->ios->serviceConfig = false; +} + + +// Privilage Levels +struct privilageLevels +{ + char command[64]; + int level; + struct privilageLevels *next; +}; + + +// Process privilage +void processPrivilage(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct privilageLevels *privilagePointer = 0; + struct ciscoCommand command; + char tempString[sizeof(line)]; + + // Debug + if (nipper->debugMode == true) + { + printf("Privilage Line: %s\n", line); + } + + // Is this the first privilage + if (nipper->ios->privilage == 0) + { + // Create storage for enable... + privilagePointer = malloc(sizeof(struct privilageLevels)); + memset(privilagePointer, 0, sizeof(struct privilageLevels)); + + // Sort out pointers... + privilagePointer->next = nipper->ios->privilage; + nipper->ios->privilage = privilagePointer; + } + else + { + // Get last privilage + privilagePointer = nipper->ios->privilage; + while (privilagePointer->next != 0) + privilagePointer = privilagePointer->next; + + // Create structure + privilagePointer->next = malloc(sizeof(struct privilageLevels)); + memset(privilagePointer->next, 0, sizeof(struct privilageLevels)); + privilagePointer = privilagePointer->next; + + // Init + privilagePointer->next = 0; + } + + // Init + command = splitLine(line); + strcpy(tempString, ""); + + // Privilage Level + privilagePointer->level = atoi(command.part[3]); + + // Command Access + int loop; + for (loop = 4; loop < command.parts; loop++) + { + sprintf(tempString, "%s %s", tempString, command.part[loop]); + } + strncpy(privilagePointer->command, tempString, sizeof(privilagePointer->command)); +} + diff --git a/0.11.10/IOS/.svn/text-base/process-http.c.svn-base b/0.11.10/IOS/.svn/text-base/process-http.c.svn-base new file mode 100644 index 0000000..4bd5e7d --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-http.c.svn-base @@ -0,0 +1,109 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#define http_auth_enable 0 +#define http_auth_local 1 +#define http_auth_tacacs 2 +#define http_auth_aaa 3 + + +// HTTP +struct httpConfig +{ + int enabled; // true, false + int authentication; // http_auth_enable... + char accessClass[65]; +}; + + +// Process HTTP +void processHttp(char *line, struct nipperConfig *nipper) +{ + // Debug + if (nipper->debugMode == true) + { + printf("HTTP Line: %s\n", line); + } + + // Create struct? + if (nipper->ios->http == 0) + { + nipper->ios->http = malloc(sizeof(struct httpConfig)); + memset(nipper->ios->http, 0, sizeof(struct httpConfig)); + nipper->ios->http->enabled = true; + nipper->ios->http->authentication = http_auth_enable; // default auth method + } + + // HTTP server enabled + if (strncmp(line, "ip http server", 14) == 0) + nipper->ios->http->enabled = true; + + // HTTP server disabled + if (strncmp(line, "no ip http server", 17) == 0) + nipper->ios->http->enabled = false; + + // HTTP Access Class (Access List) + if (strncmp(line, "ip http access-class", 20) == 0) + strncpy(nipper->ios->http->accessClass, line + 21, sizeof(nipper->ios->http->accessClass) -1); + + // HTTP Authentication method + if (strncmp(line, "ip http authentication", 22) == 0) + { + if (strncmp(line + 23, "aaa", 3) == 0) + nipper->ios->http->authentication = http_auth_aaa; + + else if (strncmp(line + 23, "local", 5) == 0) + nipper->ios->http->authentication = http_auth_local; + + else if (strncmp(line + 23, "tacacs", 6) == 0) + nipper->ios->http->authentication = http_auth_tacacs; + + else if (strncmp(line + 23, "enable", 6) == 0) + nipper->ios->http->authentication = http_auth_enable; + } + + // HTTP Authentication method 2 + if (strncmp(line, "ip http auth", 12) == 0) + { + if (strncmp(line + 13, "aaa", 3) == 0) + nipper->ios->http->authentication = http_auth_aaa; + + else if (strncmp(line + 13, "local", 5) == 0) + nipper->ios->http->authentication = http_auth_local; + + else if (strncmp(line + 13, "tacacs", 6) == 0) + nipper->ios->http->authentication = http_auth_tacacs; + + else if (strncmp(line + 13, "enable", 6) == 0) + nipper->ios->http->authentication = http_auth_enable; + } +} + + diff --git a/0.11.10/IOS/.svn/text-base/process-interface.c.svn-base b/0.11.10/IOS/.svn/text-base/process-interface.c.svn-base new file mode 100644 index 0000000..b773103 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-interface.c.svn-base @@ -0,0 +1,887 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +#define rip_auth_default 0 +#define rip_auth_text 1 +#define rip_auth_md5 2 +#define rip_auth_none 3 +#define rip_auth_unknown 4 + +#define rip_version_default 0 +#define rip_version1 1 +#define rip_version2 2 +#define rip_version1and2 3 +#define rip_version_global 4 + +#define sp_mode_access 0 +#define sp_mode_trunk 1 +#define sp_mode_dynamic 2 +#define sp_mode_dot1qtunnel 3 +#define sp_mode_pvlan_host 4 +#define sp_mode_pvlan_promiscuous 5 + +#define sp_violation_shutdown 0 +#define sp_violation_restrict 1 +#define sp_violation_protect 2 + +#define ospf_default 0 +#define ospf_broadcast 1 +#define ospf_nonbroadcast 2 +#define ospf_p2p 3 +#define ospf_p2multi 4 +#define ospf_p2multinon 5 + +struct eigrpAutonStruct +{ + int autonomousNo; + char keyChain[32]; + int md5Auth; // true or false (default) + int bandwidth; // default is 50% + int passive; // true, false or unconfigured (default) + struct eigrpAutonStruct *next; +}; + +struct bgpInterStruct +{ + int autonomousNo; + int passive; // true, false or unconfigured (default) + struct bgpInterStruct *next; +}; + +struct ospfInterStruct +{ + int processID; + int passive; // true, false or unconfigured (default) + struct ospfInterStruct *next; +}; + +#define vrrp_auth_none 0 +#define vrrp_auth_text 1 +#define vrrp_auth_md5 2 + +struct vrrpStruct +{ + int group; + char description[81]; + int authentication; // vrrp_auth_none (default) + int keyChain; // false (default) or true + char authString[65]; + char authStringEnc[65]; + int weak; // true or false (default) + int dictionary; // true or false (default) + char ipAddress[32]; + char ipAddress2[32]; + int priorityLevel; // 100 (default) + int shutdown; // true (default), false when ip address is configured. + struct vrrpStruct *next; +}; + + +struct interfaceConfig +{ + // Standard... + char name[48]; + char description[128]; + char ipAddress[32]; + int shutdown; // true, false + + // Interface Options... + int proxyArp; // true, false + int ntp; // true, false + int mop; // true, false + int ipUnreachables; // true, false + int ipRedirects; // true, false + int ipMaskReply; // true, false + int ipDirectBroadcast; // true, false, unconfigured + int cdp; // true, false + int uRPF; // true, false + + // Access Control Lists + char accessGroupIn[65]; + char accessGroupOut[65]; + + // Switchport + int switchportMode; // sp_mode_access... + int switchportModePVLAN; // sp_mode_pvlan_host... + int switchportVLAN; // VLAN number + int switchportSecurity; // true or false + int switchportViolation; // sp_violation_shutdown... + + // Routing Protocols... + struct eigrpAutonStruct *eigrp; // EIGRP + struct vrrpStruct *vrrp; // VRRP + struct bgpInterStruct *bgp; // BGP + struct ospfInterStruct *ospf; // OSPF + + // RIP Configuration... + int ripAuthMode; // rip_auth_default, rip_auth_text... + char ripKeyChain[32]; + int ripSendVersion; // rip_version1... + int ripReceiveVersion; // rip_version1... + int ripTriggered; // true or false (default) + int ripV2Broadcast; // true or false (default) + int ripPassive; // true, false, unconfigured (default) + + // OSPF Configuration... + int ospfAuthentication; // auth_none... + char ospfKey[128]; + int ospfKeyEncryption; + char ospfKeyEncrypted[128]; + int ospfDictionary; // true, false + int ospfWeak; // true, false + int ospfFloodReduction; // true, false + int ospfNetwork; // ospf_broadcast... + + struct interfaceConfig *next; +}; + + +// Returns pointer to vrrp struct +struct vrrpStruct *getVRRPPointer(struct interfaceConfig *interfacePointer, int groupId) +{ + // Variables + struct vrrpStruct *vrrpPointer = 0; + + // No VRRP struct + if (interfacePointer->vrrp == 0) + { + // create struct + interfacePointer->vrrp = malloc(sizeof(struct vrrpStruct)); + // Pointers + vrrpPointer = interfacePointer->vrrp; + + // Init VRRP config + memset(vrrpPointer, 0, sizeof(struct vrrpStruct)); + vrrpPointer->group = groupId; + vrrpPointer->authentication = vrrp_auth_none; + vrrpPointer->keyChain = false; + vrrpPointer->priorityLevel = 100; + vrrpPointer->shutdown = true; + vrrpPointer->weak = false; + vrrpPointer->dictionary = false; + } + else + { + // Find + vrrpPointer = interfacePointer->vrrp; + while ((vrrpPointer->next != 0) && (vrrpPointer->group != groupId)) + vrrpPointer = vrrpPointer->next; + if (vrrpPointer->group != groupId) + { + // Create struct + vrrpPointer->next = malloc(sizeof(struct vrrpStruct)); + // Pointers + vrrpPointer = vrrpPointer->next; + + // Init VRRP config + memset(vrrpPointer, 0, sizeof(struct vrrpStruct)); + vrrpPointer->group = groupId; + vrrpPointer->authentication = vrrp_auth_none; + vrrpPointer->keyChain = false; + vrrpPointer->priorityLevel = 100; + vrrpPointer->shutdown = true; + vrrpPointer->weak = false; + vrrpPointer->dictionary = false; + } + } + return vrrpPointer; +} + + +// Returns BGP Interface Config (creates a new one if it doesn't exist) +struct bgpInterStruct *bgpInterfaceConfig(struct interfaceConfig *interfacePointer, int autonomousNo) +{ + // Variables... + struct bgpInterStruct *bgpInterPointer = 0; + + // If this is the first auth mode + if (interfacePointer->bgp == 0) + { + interfacePointer->bgp = malloc(sizeof(struct bgpInterStruct)); + bgpInterPointer = interfacePointer->bgp; + memset(bgpInterPointer, 0, sizeof(struct bgpInterStruct)); + bgpInterPointer->autonomousNo = autonomousNo; + bgpInterPointer->passive = unconfigured; + } + + // If this is not the first + else + { + bgpInterPointer = interfacePointer->bgp; + while ((bgpInterPointer->next != 0) && (autonomousNo != bgpInterPointer->autonomousNo)) + bgpInterPointer = bgpInterPointer->next; + if (autonomousNo != bgpInterPointer->autonomousNo) + { + bgpInterPointer->next = malloc(sizeof(struct bgpInterStruct)); + bgpInterPointer = bgpInterPointer->next; + memset(bgpInterPointer, 0, sizeof(struct bgpInterStruct)); + bgpInterPointer->autonomousNo = autonomousNo; + bgpInterPointer->passive = unconfigured; + } + } + + return bgpInterPointer; +} + + +// Returns OSPF Interface Config (creates a new one if it doesn't exist) +struct ospfInterStruct *ospfInterfaceConfig(struct interfaceConfig *interfacePointer, int processID) +{ + // Variables... + struct ospfInterStruct *ospfInterPointer = 0; + + // If this is the first auth mode + if (interfacePointer->ospf == 0) + { + interfacePointer->ospf = malloc(sizeof(struct ospfInterStruct)); + ospfInterPointer = interfacePointer->ospf; + memset(ospfInterPointer, 0, sizeof(struct ospfInterStruct)); + ospfInterPointer->processID = processID; + ospfInterPointer->passive = unconfigured; + } + + // If this is not the first + else + { + ospfInterPointer = interfacePointer->ospf; + while ((ospfInterPointer->next != 0) && (processID != ospfInterPointer->processID)) + ospfInterPointer = ospfInterPointer->next; + if (processID != ospfInterPointer->processID) + { + ospfInterPointer->next = malloc(sizeof(struct ospfInterStruct)); + ospfInterPointer = ospfInterPointer->next; + memset(ospfInterPointer, 0, sizeof(struct ospfInterStruct)); + ospfInterPointer->processID = processID; + ospfInterPointer->passive = unconfigured; + } + } + + return ospfInterPointer; +} + + +// Returns EIGRP Interface Config (creates a new one if it doesn't exist) +struct eigrpAutonStruct *eigrpInterfaceConfig(struct interfaceConfig *interfacePointer, int autonomousNo) +{ + // Variables... + struct eigrpAutonStruct *eigrpAutonPointer = 0; + + // If this is the first auth mode + if (interfacePointer->eigrp == 0) + { + interfacePointer->eigrp = malloc(sizeof(struct eigrpAutonStruct)); + eigrpAutonPointer = interfacePointer->eigrp; + memset(eigrpAutonPointer, 0, sizeof(struct eigrpAutonStruct)); + eigrpAutonPointer->autonomousNo = autonomousNo; + eigrpAutonPointer->md5Auth = false; + eigrpAutonPointer->passive = unconfigured; + eigrpAutonPointer->bandwidth = 50; + } + + // If this is not the first + else + { + eigrpAutonPointer = interfacePointer->eigrp; + while ((eigrpAutonPointer->next != 0) && (autonomousNo != eigrpAutonPointer->autonomousNo)) + eigrpAutonPointer = eigrpAutonPointer->next; + if (autonomousNo != eigrpAutonPointer->autonomousNo) + { + eigrpAutonPointer->next = malloc(sizeof(struct eigrpAutonStruct)); + eigrpAutonPointer = eigrpAutonPointer->next; + memset(eigrpAutonPointer, 0, sizeof(struct eigrpAutonStruct)); + eigrpAutonPointer->autonomousNo = autonomousNo; + eigrpAutonPointer->md5Auth = false; + eigrpAutonPointer->passive = unconfigured; + eigrpAutonPointer->bandwidth = 50; + } + } + + return eigrpAutonPointer; +} + + +// Process Interface +void processInterface(char *line, struct nipperConfig *nipper) +{ + // Variables + struct interfaceConfig *interfacePointer = 0; + struct eigrpAutonStruct *eigrpAutonPointer = 0; + struct vrrpStruct *vrrpPointer = 0; + struct ciscoCommand command; + char tempString[nipper->maxSize]; + int setting = 0; + int tempInt = 0; + int partPointer = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Interface Line: %s\n", line); + } + + // First interface + if (nipper->ios->interface == 0) + { + // create struct + nipper->ios->interface = malloc(sizeof(struct interfaceConfig)); + + // Pointers + interfacePointer = nipper->ios->interface; + } + else + { + // Find last interface + interfacePointer = nipper->ios->interface; + while (interfacePointer->next != 0) + interfacePointer = interfacePointer->next; + + // Create struct + interfacePointer->next = malloc(sizeof(struct interfaceConfig)); + + // Pointers + interfacePointer = interfacePointer->next; + } + + // Init + command = splitLine(line); + memset(interfacePointer, 0, sizeof(struct interfaceConfig)); + if (command.parts == 2) + strncpy(interfacePointer->name, command.part[1], sizeof(interfacePointer->name)); + else + { + if ((strcmp(command.part[2], "point-to-point") == 0) || (strcmp(command.part[2], "multipoint") == 0)) + sprintf(tempString, "%s %s", command.part[1], command.part[2]); + else + sprintf(tempString, "%s%s", command.part[1], command.part[2]); + strncpy(interfacePointer->name, tempString, sizeof(interfacePointer->name) - 1); + } + strcpy(interfacePointer->ipAddress, "None"); + interfacePointer->proxyArp = true; + interfacePointer->ntp = true; + if ((strncmp(interfacePointer->name, "GigabitEthernet", 15) == 0) || (strncmp(interfacePointer->name, "FastEthernet", 12)) || (strncmp(interfacePointer->name, "Ethernet", 8) == 0)) + interfacePointer->mop = true; + else + interfacePointer->mop = false; + interfacePointer->ipUnreachables = true; + interfacePointer->ipRedirects = true; + interfacePointer->ipMaskReply = false; + if ((nipper->versionMajor < 11) || ((nipper->versionMajor == 11) && (nipper->versionMinor < 4))) + interfacePointer->ipDirectBroadcast = true; + else + interfacePointer->ipDirectBroadcast = false; + interfacePointer->cdp = true; + interfacePointer->uRPF = false; + interfacePointer->shutdown = false; + interfacePointer->ripAuthMode = rip_auth_none; + interfacePointer->ripSendVersion = rip_version_global; + interfacePointer->ripReceiveVersion = rip_version_global; + interfacePointer->ripTriggered = false; + interfacePointer->ripV2Broadcast = false; + interfacePointer->ripPassive = unconfigured; + if (nipper->deviceType == type_ios_catalyst) + interfacePointer->switchportMode = sp_mode_dynamic; + else + interfacePointer->switchportMode = sp_mode_access; + interfacePointer->switchportVLAN = 1; + interfacePointer->switchportSecurity = false; + interfacePointer->switchportViolation = sp_violation_shutdown; + interfacePointer->ospfAuthentication = auth_none; + interfacePointer->ospfKeyEncryption = encrypt_none; + interfacePointer->ospfDictionary = false; + interfacePointer->ospfWeak = false; + if ((nipper->versionMajor < 12) || ((nipper->versionMajor == 12) && (nipper->versionMinor < 1))) + interfacePointer->ospfFloodReduction = false; + else + interfacePointer->ospfFloodReduction = unconfigured; + interfacePointer->ospfNetwork = ospf_default; + + // Loop through the interface lines + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + { + printf("Interface Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // If no + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + partPointer = 1; + } + else + { + setting = true; + partPointer = 0; + } + + // Description + if ((strcmp(command.part[0], "description") == 0) && (command.parts > 1)) + { + int loop; + strncpy(interfacePointer->description, command.part[1], sizeof(interfacePointer->description) - 1); + tempString[0] = 0; + for (loop = 2; loop < command.parts; loop++) + { + sprintf(tempString, "%s %s", interfacePointer->description, command.part[loop]); + strncpy(interfacePointer->description, tempString, sizeof(interfacePointer->description) - 1); + } + } + + // IP + else if (strcmp(command.part[partPointer], "ip") == 0) + { + partPointer++; + + // IP Address + if ((strcmp(command.part[partPointer], "address") == 0) && (setting == true) && (command.parts > 2)) + { + int loop; + strncpy(interfacePointer->ipAddress, command.part[2], sizeof(interfacePointer->ipAddress) - 1); + tempString[0] = 0; + for (loop = 3; loop < command.parts; loop++) + { + sprintf(tempString, "%s %s", interfacePointer->ipAddress, command.part[loop]); + strncpy(interfacePointer->ipAddress, tempString, sizeof(interfacePointer->ipAddress) - 1); + } + } + + // Access Group + else if (strcmp(command.part[partPointer], "access-group") == 0) + { + // In + if (strcmp(command.part[partPointer + 2], "in") == 0) + strncpy(interfacePointer->accessGroupIn, command.part[partPointer + 1], sizeof(interfacePointer->accessGroupIn) -1); + else if (strcmp(command.part[partPointer + 2], "out") == 0) + strncpy(interfacePointer->accessGroupOut, command.part[partPointer + 1], sizeof(interfacePointer->accessGroupOut) -1); + } + + // uRPF verification + else if ((strcmp(command.part[partPointer], "verify") == 0) && (strcmp(command.part[partPointer+1], "unicast") == 0) && (strcmp(command.part[partPointer+2], "reverse-path") == 0)) + interfacePointer->uRPF = setting; + + // ARP Proxy + else if (strcmp(command.part[partPointer], "proxy-arp") == 0) + interfacePointer->proxyArp = setting; + + // IP Unreachables + else if (strcmp(command.part[partPointer], "unreachables") == 0) + interfacePointer->ipUnreachables = setting; + + // IP Redirects + else if (strcmp(command.part[partPointer], "redirects") == 0) + interfacePointer->ipRedirects = setting; + + // IP Mask-reply + else if (strcmp(command.part[partPointer], "mask-reply") == 0) + interfacePointer->ipMaskReply = setting; + + // IP Direct Broadcast + else if (strcmp(command.part[partPointer], "directed-broadcast") == 0) + interfacePointer->ipDirectBroadcast = setting; + + // EIGRP Key Chain + else if ((strcmp(command.part[partPointer], "authentication") == 0) && (strcmp(command.part[partPointer+1], "key-chain") == 0) && (strcmp(command.part[partPointer+2], "eigrp") == 0)) + { + // Get Pointer... + eigrpAutonPointer = eigrpInterfaceConfig(interfacePointer, atoi(command.part[partPointer+3])); + + // Key Chain + strncpy(eigrpAutonPointer->keyChain, command.part[partPointer+4], sizeof(eigrpAutonPointer->keyChain) - 1); + } + + // EIGRP Authentication Mode + else if ((strcmp(command.part[partPointer], "authentication") == 0) && (strcmp(command.part[partPointer+1], "mode") == 0) && (strcmp(command.part[partPointer+2], "eigrp") == 0)) + { + // Get Pointer... + eigrpAutonPointer = eigrpInterfaceConfig(interfacePointer, atoi(command.part[partPointer+3])); + + // Set MD5 Auth + eigrpAutonPointer->md5Auth = true; + } + + // EIGRP Bandwidth Percentage + else if ((strcmp(command.part[partPointer], "bandwidth-percent") == 0) && (strcmp(command.part[partPointer+1], "eigrp") == 0)) + { + // Get Pointer... + eigrpAutonPointer = eigrpInterfaceConfig(interfacePointer, atoi(command.part[partPointer+2])); + + // Set Bandwidth + eigrpAutonPointer->bandwidth = atoi(command.part[partPointer+3]); + } + + // RIP Authentication + else if (strcmp(command.part[partPointer], "rip") == 0) + { + partPointer++; + + // Authentication... + if (strcmp(command.part[partPointer], "authentication") == 0) + { + partPointer++; + + // Mode + if (strcmp(command.part[partPointer], "mode") == 0) + { + partPointer++; + if (setting == false) + interfacePointer->ripAuthMode = rip_auth_none; + else if (strcmp(command.part[partPointer], "md5") == 0) + interfacePointer->ripAuthMode = rip_auth_md5; + else if (strcmp(command.part[partPointer], "text") == 0) + interfacePointer->ripAuthMode = rip_auth_text; + else + interfacePointer->ripAuthMode = rip_auth_unknown; + } + + // Key Chain + else if (strcmp(command.part[partPointer], "key-chain") == 0) + { + strncpy(interfacePointer->ripKeyChain, command.part[partPointer + 1], sizeof(interfacePointer->ripAuthMode) - 1); + if (interfacePointer->ripAuthMode == rip_auth_none) + interfacePointer->ripAuthMode = rip_auth_text; + } + } + + // Triggered + else if (strcmp(command.part[partPointer], "triggered") == 0) + interfacePointer->ripTriggered = setting; + + // V2 Broadcast + else if (strcmp(command.part[partPointer], "v2-broadcast") == 0) + interfacePointer->ripV2Broadcast = setting; + + // Version... + else if (strcmp(command.part[partPointer + 1], "version") == 0) + { + // Receive... + if (strcmp(command.part[partPointer], "receive") == 0) + { + if (setting == true) + { + interfacePointer->ripReceiveVersion = rip_version_global; + if (command.parts == 5) + { + if (strcmp(command.part[4], "1") == 0) + interfacePointer->ripReceiveVersion = rip_version1; + else + interfacePointer->ripReceiveVersion = rip_version2; + } + else if (command.parts == 6) + interfacePointer->ripReceiveVersion = rip_version1and2; + } + else + interfacePointer->ripReceiveVersion = rip_version_default; + } + + // Send + else if (strcmp(command.part[partPointer], "send") == 0) + { + if (setting == true) + { + interfacePointer->ripSendVersion = rip_version_global; + if (command.parts == 5) + { + if (strcmp(command.part[4], "1") == 0) + interfacePointer->ripSendVersion = rip_version1; + else + interfacePointer->ripSendVersion = rip_version2; + } + else if (command.parts == 6) + interfacePointer->ripSendVersion = rip_version1and2; + } + else + interfacePointer->ripSendVersion = rip_version_default; + } + } + } + + else if (strcmp(command.part[partPointer], "ospf") == 0) + { + // OSPF Clear-text Authentication + if (strcmp(command.part[partPointer + 1], "authentication-key") == 0) + { + interfacePointer->ospfAuthentication = auth_clear; + if (strcmp(command.part[partPointer + 2], "7") == 0) + { + strncpy(interfacePointer->ospfKeyEncrypted, command.part[partPointer + 3], sizeof(interfacePointer->ospfKeyEncrypted) - 1); + interfacePointer->ospfKeyEncryption = encrypt_type7; + if (password7(command.part[partPointer + 3], interfacePointer->ospfKey, sizeof(interfacePointer->ospfKey), nipper->debugMode) != 0) + strcpy(interfacePointer->ospfKey, ""); + if (simplePassword(interfacePointer->ospfKey, nipper) == true) + { + nipper->simplePasswords++; + interfacePointer->ospfDictionary = true; + } + if (passwordStrength(interfacePointer->ospfKey, nipper) == false) + { + nipper->passwordStrengths++; + interfacePointer->ospfWeak = true; + } + } + else if (strcmp(command.part[partPointer + 2], "5") == 0) + { + strncpy(interfacePointer->ospfKeyEncrypted, command.part[partPointer + 3], sizeof(interfacePointer->ospfKeyEncrypted) - 1); + interfacePointer->ospfKeyEncryption = encrypt_md5; + strcpy(interfacePointer->ospfKey, "unknown"); + } + else if (strcmp(command.part[partPointer + 2], "0") == 0) + { + strncpy(interfacePointer->ospfKey, command.part[partPointer + 3], sizeof(interfacePointer->ospfKey) - 1); + if (simplePassword(interfacePointer->ospfKey, nipper) == true) + { + nipper->simplePasswords++; + interfacePointer->ospfDictionary = true; + } + if (passwordStrength(interfacePointer->ospfKey, nipper) == false) + { + nipper->passwordStrengths++; + interfacePointer->ospfWeak = true; + } + } + else + { + strncpy(interfacePointer->ospfKey, command.part[partPointer + 2], sizeof(interfacePointer->ospfKey) - 1); + if (simplePassword(interfacePointer->ospfKey, nipper) == true) + { + nipper->simplePasswords++; + interfacePointer->ospfDictionary = true; + } + if (passwordStrength(interfacePointer->ospfKey, nipper) == false) + { + nipper->passwordStrengths++; + interfacePointer->ospfWeak = true; + } + } + } + + // OSPF MD5 Authentication + else if (strcmp(command.part[partPointer + 1], "message-digest-key") == 0) + { + interfacePointer->ospfAuthentication = auth_md5; + strncpy(interfacePointer->ospfKey, command.part[command.parts - 1], sizeof(interfacePointer->ospfKey) - 1); + sprintf(tempString, "ospf-int-%s", interfacePointer->name); + addJohnPassword(nipper, tempString, interfacePointer->ospfKey); + } + + // OSPF Flood reduction + else if (strcmp(command.part[partPointer + 1], "flood-reduction") == 0) + interfacePointer->ospfFloodReduction = setting; + + // OSPF Network + else if (strcmp(command.part[partPointer + 1], "network") == 0) + { + if (strcmp(command.part[partPointer + 2], "broadcast") == 0) + interfacePointer->ospfNetwork = ospf_broadcast; + else if (strcmp(command.part[partPointer + 2], "non-broadcast") == 0) + interfacePointer->ospfNetwork = ospf_nonbroadcast; + else if (strcmp(command.part[partPointer + 2], "point-to-point") == 0) + interfacePointer->ospfNetwork = ospf_p2p; + else if (strcmp(command.part[partPointer + 2], "point-to-multipoint") == 0) + { + interfacePointer->ospfNetwork = ospf_p2multi; + if (command.parts > partPointer + 3) + { + if (strcmp(command.part[partPointer + 3], "non-broadcast") == 0) + interfacePointer->ospfNetwork = ospf_p2multinon; + } + } + if (setting == false) + interfacePointer->ospfNetwork = ospf_default; + } + } + } + + // MOP + else if ((strcmp(command.part[partPointer], "mop") == 0) && (strncmp(command.part[partPointer + 1], "enable", 6) == 0)) + interfacePointer->mop = setting; + + // CDP + else if ((strcmp(command.part[partPointer], "cdp") == 0) && (strcmp(command.part[partPointer + 1], "enable") == 0)) + interfacePointer->cdp = setting; + + // NTP + else if ((strcmp(command.part[0], "ntp") == 0) && (strcmp(command.part[1], "disable") == 0)) + interfacePointer->ntp = false; + + // Switchport Security Violation + else if ((strcmp(command.part[0], "switchport") == 0) && (strcmp(command.part[1], "port-security") == 0) && (strcmp(command.part[2], "violation") == 0)) + { + if (strcmp(command.part[3], "shutdown") == 0) + interfacePointer->switchportViolation = sp_violation_shutdown; + else if (strcmp(command.part[3], "restrict") == 0) + interfacePointer->switchportViolation = sp_violation_restrict; + else if (strcmp(command.part[3], "protect") == 0) + interfacePointer->switchportViolation = sp_violation_protect; + } + + // Switchport Security + else if ((strcmp(command.part[partPointer], "switchport") == 0) && (strcmp(command.part[partPointer + 1], "port-security") == 0) && (command.parts == partPointer + 2)) + interfacePointer->switchportSecurity = setting; + + // Switchport Mode + else if ((strcmp(command.part[0], "switchport") == 0) && (strcmp(command.part[1], "mode") == 0)) + { + if (strcmp(command.part[2], "access") == 0) + interfacePointer->switchportMode = sp_mode_access; + else if (strcmp(command.part[2], "trunk") == 0) + interfacePointer->switchportMode = sp_mode_trunk; + else if (strcmp(command.part[2], "dynamic") == 0) + interfacePointer->switchportMode = sp_mode_dynamic; + else if (strcmp(command.part[2], "dot1q-tunnel") == 0) + interfacePointer->switchportMode = sp_mode_dot1qtunnel; + else if ((strcmp(command.part[2], "private-vlan") == 0) && (strcmp(command.part[3], "host") == 0)) + interfacePointer->switchportModePVLAN = sp_mode_pvlan_host; + else if (strcmp(command.part[2], "private-vlan") == 0) + interfacePointer->switchportModePVLAN = sp_mode_pvlan_promiscuous; + } + + // Switchport VLAN + else if ((strcmp(command.part[0], "switchport") == 0) && (strcmp(command.part[1], "access") == 0) && (strcmp(command.part[2], "vlan") == 0)) + interfacePointer->switchportVLAN = atoi(command.part[3]); + + // VRRP + else if (strcmp(command.part[0], "vrrp") == 0) + { + // Get / Create VRRP Struct + vrrpPointer = getVRRPPointer(interfacePointer, atoi(command.part[1])); + + // Authentication + if (strcmp(command.part[2], "authentication") == 0) + { + // Text + if (strcmp(command.part[3], "text") == 0) + { + vrrpPointer->authentication = vrrp_auth_text; + strncpy(vrrpPointer->authString, command.part[4], sizeof(vrrpPointer->authString) -1); + } + + // MD5 + else if (strcmp(command.part[3], "md5") == 0) + { + vrrpPointer->authentication = vrrp_auth_md5; + if (strcmp(command.part[4], "key-chain") == 0) + { + vrrpPointer->keyChain = true; + strncpy(vrrpPointer->authString, command.part[5], sizeof(vrrpPointer->authString) -1); + } + else if (strcmp(command.part[4], "key-string") == 0) + { + tempInt = 5; + if (strcmp(command.part[5], "0") == 0) + strncpy(vrrpPointer->authString, command.part[6], sizeof(vrrpPointer->authString) -1); + else if (strcmp(command.part[5], "7") == 0) + { + strncpy(vrrpPointer->authStringEnc, command.part[5], sizeof(vrrpPointer->authStringEnc) -1); + if (password7(vrrpPointer->authStringEnc, vrrpPointer->authString, sizeof(vrrpPointer->authString) - 1, nipper->debugMode) != 0) + { + strcpy(vrrpPointer->authString, ""); + addJohnPassword(nipper, "VRRP", vrrpPointer->authStringEnc); + } + } + else + strncpy(vrrpPointer->authString, command.part[5], sizeof(vrrpPointer->authString) -1); + } + } + + // Text + { + vrrpPointer->authentication = vrrp_auth_text; + strncpy(vrrpPointer->authString, command.part[3], sizeof(vrrpPointer->authString) -1); + } + + // Check Passwords... + if ((strcmp(vrrpPointer->authString, "") != 0) && (strlen(vrrpPointer->authString) != 0) && (vrrpPointer->keyChain != true)) + { + if (simplePassword(vrrpPointer->authString, nipper) == true) + { + nipper->simplePasswords++; + vrrpPointer->dictionary = true; + } + if (passwordStrength(vrrpPointer->authString, nipper) == false) + { + nipper->passwordStrengths++; + vrrpPointer->weak = true; + } + } + } + + // Description + else if (strcmp(command.part[2], "description") == 0) + { + if (command.parts == 4) + strncpy(vrrpPointer->description, command.part[3], sizeof(vrrpPointer->description) -1); + else + { + strcpy(tempString, command.part[3]); + tempInt = 4; + while (tempInt < command.parts) + { + sprintf(tempString, "%s %s", tempString, command.part[tempInt]); + tempInt++; + } + strncpy(vrrpPointer->description, tempString, sizeof(vrrpPointer->description) -1); + } + } + + // IP + else if (strcmp(command.part[2], "ip") == 0) + { + vrrpPointer->shutdown = false; + if (command.parts == 5) + strncpy(vrrpPointer->ipAddress2, command.part[3], sizeof(vrrpPointer->ipAddress2) -1); + else + strncpy(vrrpPointer->ipAddress, command.part[3], sizeof(vrrpPointer->ipAddress) -1); + } + + // Priority Level + else if (strcmp(command.part[2], "priority") == 0) + vrrpPointer->priorityLevel = atoi(command.part[3]); + + // shutdown + else if (strcmp(command.part[2], "shutdown") == 0) + vrrpPointer->shutdown = true; + } + + // Shutdown + else if (strcmp(command.part[0], "shutdown") == 0) + interfacePointer->shutdown = true; + + // Read next line + readLine(nipper->input, line, nipper->maxSize); + } +} + diff --git a/0.11.10/IOS/.svn/text-base/process-keychain.c.svn-base b/0.11.10/IOS/.svn/text-base/process-keychain.c.svn-base new file mode 100644 index 0000000..f135103 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-keychain.c.svn-base @@ -0,0 +1,169 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +struct keyConfig +{ + int keyNumber; + char key[64]; + int weak; + int dictionary; + struct keyConfig *next; +}; + + +struct keyChain +{ + char name[32]; + struct keyConfig *key; + struct keyChain *next; +}; + + +// Process Key Chain +void processKeyChain(char *line, struct nipperConfig *nipper) +{ + // Variables + struct keyChain *keyChainPointer = 0; + struct keyConfig *keyPointer = 0; + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("Key Chain Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Is this the first key chain? + if (nipper->ios->chain == 0) + { + keyChainPointer = malloc(sizeof(struct keyChain)); + memset(keyChainPointer, 0, sizeof(struct keyChain)); + + // Pointers + nipper->ios->chain = keyChainPointer; + keyChainPointer->next = 0; + + // Init + strncpy(keyChainPointer->name, command.part[2], sizeof(keyChainPointer->name)); + keyChainPointer->key = 0; + } + + // other key chains already exist + else + { + // Find last key chain + keyChainPointer = nipper->ios->chain; + while (keyChainPointer->next != 0) + keyChainPointer = keyChainPointer->next; + + // create new + keyChainPointer->next = malloc(sizeof(struct keyChain)); + memset(keyChainPointer->next, 0, sizeof(struct keyChain)); + + // Pointers + keyChainPointer = keyChainPointer->next; + keyChainPointer->next = 0; + + // Init + strncpy(keyChainPointer->name, command.part[2], sizeof(keyChainPointer->name)); + keyChainPointer->key = 0; + } + + // Get keys + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + { + printf("Key Chain Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Key + if (strcmp(command.part[0], "key") == 0) + { + // Is it the first key? + if (keyChainPointer->key == 0) + { + keyPointer = malloc(sizeof(struct keyConfig)); + + // Pointers + keyChainPointer->key = keyPointer; + } + + // Other keys exist + else + { + keyPointer = keyChainPointer->key; + while (keyPointer->next != 0) + keyPointer = keyPointer->next; + keyPointer->next = malloc(sizeof(struct keyConfig)); + + // Pointers + keyPointer = keyPointer->next; + } + + // Init + memset(keyPointer, 0, sizeof(struct keyConfig)); + keyPointer->keyNumber = atoi(command.part[1]); + strcpy(keyPointer->key, ""); + keyPointer->weak = false; + keyPointer->dictionary = false; + } + + // Key String + else if (strcmp(command.part[0], "key-string") == 0) + { + strncpy(keyPointer->key, command.part[1], sizeof(keyPointer->key)); + if (simplePassword(keyPointer->key, nipper) == true) + { + nipper->simplePasswords++; + keyPointer->dictionary = true; + } + if (passwordStrength(keyPointer->key, nipper) == false) + { + nipper->passwordStrengths++; + keyPointer->weak = true; + } + } + + // Get next line + readLine(nipper->input, line, nipper->maxSize); + } +} + + diff --git a/0.11.10/IOS/.svn/text-base/process-line.c.svn-base b/0.11.10/IOS/.svn/text-base/process-line.c.svn-base new file mode 100644 index 0000000..b6df2fa --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-line.c.svn-base @@ -0,0 +1,338 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#define line_console 0 +#define line_vty 1 +#define line_aux 2 +#define line_tty 3 + +#define login_allowed 0 +#define login_disabled 1 +#define login_local 2 +#define login_authentication 3 + +// Line +struct lineConfig +{ + // Basics... + int lineType; // line_console... + int lineNumberStart; + int lineNumberEnd; + + // Security... + int login; // login_disabled... + int exec; // true (default) or false + int authorization; // true or false (default) + int callback; // true or false (default) + char password[81]; + char passwordEncrypted[128]; + int encryption; // encrypt_type7, encrypt_md5... + char aclIn[65]; + char aclOut[65]; + + // Accounting / Logging... + int accounting; // true or false (default) + + // Access Types... + int ssh; // true or false (default) + int telnet; // true (default) or false + + // Timeouts... + int execTimeout; // Exec timeout in seconds, 0 = no timeout (default) + int absoluteTimeout; + int sessionTimeout; + int timeout; + + // Flags... + int weak; + int dictionary; + + struct lineConfig *next; +}; + + +// Process Line +void processLine(char *line, struct nipperConfig *nipper) +{ + // Variables + struct lineConfig *linePointer = 0; + struct ciscoCommand command; + fpos_t filePosition; + int tempInt = 0; + + while ((line[0] != '!') && (feof(nipper->input) == 0)) + { + // Debug + if (nipper->debugMode == true) + { + printf("Line Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // If it is a new line + if (strcmp(command.part[0], "line") == 0) + { + // If this is the first line... + if (nipper->ios->line == 0) + { + nipper->ios->line = malloc(sizeof(struct lineConfig)); + linePointer = nipper->ios->line; + } + + // Else find last line... + else + { + linePointer = nipper->ios->line; + while (linePointer->next != 0) + linePointer = linePointer->next; + linePointer->next = malloc(sizeof(struct lineConfig)); + linePointer = linePointer->next; + } + + // Init the new line structure + memset(linePointer, 0, sizeof(struct lineConfig)); + + // Set the new line to the default settings + linePointer->login = login_allowed; + linePointer->exec = true; + linePointer->authorization = false; + linePointer->callback = false; + linePointer->encryption = encrypt_none; + linePointer->accounting = false; + linePointer->ssh = false; + linePointer->telnet = true; + + // Set line type + if (strcmp(command.part[1], "tty") == 0) + linePointer->lineType = line_tty; + else if (strcmp(command.part[1], "vty") == 0) + linePointer->lineType = line_vty; + else if ((strcmp(command.part[1], "aux") == 0) || (strcmp(command.part[1], "auxiliary") == 0)) + linePointer->lineType = line_aux; + else if ((strcmp(command.part[1], "con") == 0) || (strcmp(command.part[1], "console") == 0)) + linePointer->lineType = line_console; + + // Set line start + linePointer->lineNumberStart = atoi(command.part[2]); + if (command.parts == 4) + linePointer->lineNumberEnd = atoi(command.part[3]); + } + + // Exec + else if (strcmp(command.part[0], "exec") == 0) + linePointer->exec = true; + + // No Exec + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "exec") == 0)) + linePointer->exec = false; + + // Local Login + else if ((strcmp(command.part[0], "login") == 0) && (strcmp(command.part[1], "local") == 0)) + linePointer->login = login_local; + + // Authentication Login + else if ((strcmp(command.part[0], "login") == 0) && (strcmp(command.part[1], "authentication") == 0)) + linePointer->login = login_authentication; + + // Login + else if (strcmp(command.part[0], "login") == 0) + linePointer->login = login_allowed; + + // No Login + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "login") == 0)) + { + linePointer->login = login_allowed; + memset(linePointer->password, 0, sizeof(linePointer->password)); + memset(linePointer->passwordEncrypted, 0, sizeof(linePointer->passwordEncrypted)); + linePointer->encryption = encrypt_none; + } + + // Password + else if (strcmp(command.part[0], "password") == 0) + { + switch(command.part[1][0]) + { + case '7': + linePointer->encryption = encrypt_type7; + if (password7(command.part[command.parts - 1], linePointer->password, sizeof(linePointer->password), nipper->debugMode) != 0) + strcpy(linePointer->password, ""); + strncpy(linePointer->passwordEncrypted, command.part[command.parts - 1], sizeof(linePointer->passwordEncrypted)); + break; + case '5': + linePointer->encryption = encrypt_md5; + strcpy(linePointer->password, ""); + strncpy(linePointer->passwordEncrypted, command.part[command.parts - 1], sizeof(linePointer->passwordEncrypted)); + addJohnPassword(nipper, "line", linePointer->passwordEncrypted); + break; + case '0': + linePointer->encryption = encrypt_none; + strncpy(linePointer->password, command.part[command.parts - 1], sizeof(linePointer->password)); + strcpy(linePointer->passwordEncrypted, ""); + break; + default: + if (command.parts == 2) + { + linePointer->encryption = encrypt_none; + strncpy(linePointer->password, command.part[command.parts - 1], sizeof(linePointer->password)); + strcpy(linePointer->passwordEncrypted, ""); + } + else + { + linePointer->encryption = encrypt_unknown; + strcpy(linePointer->password, ""); + strncpy(linePointer->passwordEncrypted, command.part[command.parts - 1], sizeof(linePointer->passwordEncrypted)); + } + break; + } + if ((strcmp(linePointer->password, "") != 0) && (strlen(linePointer->password) != 0)) + { + if (simplePassword(linePointer->password, nipper) == true) + { + nipper->simplePasswords++; + linePointer->dictionary = true; + } + if (passwordStrength(linePointer->password, nipper) == false) + { + nipper->passwordStrengths++; + linePointer->weak = true; + } + } + } + + // No Password + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "password") == 0)) + { + linePointer->login = login_disabled; + memset(linePointer->password, 0, sizeof(linePointer->password)); + memset(linePointer->passwordEncrypted, 0, sizeof(linePointer->passwordEncrypted)); + linePointer->encryption = encrypt_none; + } + + // Access-Class In + else if ((strcmp(command.part[0], "access-class") == 0) && (strcmp(command.part[2], "in") == 0)) + strncpy(linePointer->aclIn, command.part[1], sizeof(linePointer->aclIn) -1); + + // Access-Class Out + else if ((strcmp(command.part[0], "access-class") == 0) && (strcmp(command.part[2], "out") == 0)) + strncpy(linePointer->aclOut, command.part[1], sizeof(linePointer->aclOut) -1); + + // Callback + else if (strcmp(command.part[0], "callback") == 0) + linePointer->callback = true; + + // No Callback + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "callback") == 0)) + linePointer->callback = false; + + // Transport input + else if ((strcmp(command.part[0], "transport") == 0) && (strcmp(command.part[1], "input") == 0)) + { + tempInt = 2; + linePointer->telnet = false; + linePointer->ssh = false; + while (tempInt < command.parts) + { + if (strcmp(command.part[tempInt], "all") == 0) + { + linePointer->telnet = true; + linePointer->ssh = true; + } + else if (strcmp(command.part[tempInt], "ssh") == 0) + linePointer->ssh = true; + else if (strcmp(command.part[tempInt], "telnet") == 0) + linePointer->telnet = true; + tempInt++; + } + } + + // timeout + else if (strcmp(command.part[0], "timeout") == 0) + { + linePointer->timeout = atoi(command.part[1]) * 60; + if (command.parts == 3) + linePointer->timeout = linePointer->timeout + atoi(command.part[2]); + } + + // No Timeout + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "timeout") == 0)) + linePointer->timeout = 0; + + // Exec-timeout + else if (strcmp(command.part[0], "exec-timeout") == 0) + { + linePointer->execTimeout = atoi(command.part[1]) * 60; + if (command.parts == 3) + linePointer->execTimeout = linePointer->execTimeout + atoi(command.part[2]); + } + + // No Exec Timeout + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "exec-timeout") == 0)) + linePointer->execTimeout = 0; + + // session-timeout + else if (strcmp(command.part[0], "session-timeout") == 0) + { + linePointer->sessionTimeout = atoi(command.part[1]) * 60; + if (command.parts == 3) + linePointer->sessionTimeout = linePointer->sessionTimeout + atoi(command.part[2]); + } + + // No session Timeout + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "session-timeout") == 0)) + linePointer->sessionTimeout = 0; + + // Absolute-timeout + else if (strcmp(command.part[0], "absolute-timeout") == 0) + { + linePointer->absoluteTimeout = atoi(command.part[1]) * 60; + if (command.parts == 3) + linePointer->absoluteTimeout = linePointer->absoluteTimeout + atoi(command.part[2]); + } + + // No Absolute Timeout + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "absolute-timeout") == 0)) + linePointer->absoluteTimeout = 0; + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + + // Get next line... + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + + // Set to previous position... + fsetpos(nipper->input, &filePosition); +} + + diff --git a/0.11.10/IOS/.svn/text-base/process-logging.c.svn-base b/0.11.10/IOS/.svn/text-base/process-logging.c.svn-base new file mode 100644 index 0000000..6793707 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-logging.c.svn-base @@ -0,0 +1,328 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Logging config +struct loggingConfig +{ + int logging; // true (default), false + // Logging to Console + int consoleLogging; // true, false, unconfigured (default) + int consoleLevel; // -1 (default) + // Logging to Terminal Lines + int monitorLogging; // true (default) or false + int monitorLevel; // 7 (default) + // Buffer Logging + int bufferedLogging; // true, false, unconfigured (default) + int bufferSize; // -1 (default) + int bufferLevel; // Buffer Severity level (-1 default) + // Syslog + int loggingTrap; // 6 (default) + char facility[8]; // Syslog facility (default is local7) + char originId[64]; // Syslog Origin ID + char sourceInterface[32]; // Source Interface + int logCount; // true or false (default) + // Logging Options + int logEnable; // true or false (default) + struct host *logServer; // Logging hosts (command is "logging" or "logging host" +}; + + +// Process Logging +void processLogging(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct host *logServerPointer = 0; + struct ciscoCommand command; + char tempString[nipper->maxSize]; + int tempInt = 0; + int setting = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Logging Line: %s\n", line); + } + + // Create logging structure + if (nipper->ios->logging == 0) + { + nipper->ios->logging = malloc(sizeof(struct loggingConfig)); + memset(nipper->ios->logging, 0, sizeof(struct loggingConfig)); + + // init + nipper->loggingLevels = true; + nipper->ios->logging->logging = true; + nipper->ios->logging->consoleLogging = unconfigured; + nipper->ios->logging->consoleLevel = -1; + nipper->ios->logging->bufferedLogging = unconfigured; + nipper->ios->logging->bufferSize = -1; + nipper->ios->logging->bufferLevel = 7; + nipper->ios->logging->logCount = false; + nipper->ios->logging->logEnable = false; + nipper->ios->logging->monitorLogging = true; + nipper->ios->logging->monitorLevel = 7; + nipper->ios->logging->loggingTrap = 6; + strcpy(nipper->ios->logging->facility, "local7"); + } + + // Init... + command = splitLine(line); + + // Setting + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 2; + } + else + { + setting = true; + tempInt = 1; + } + + // Buffered + if (strcmp(command.part[tempInt], "buffered") == 0) + { + nipper->ios->logging->bufferedLogging = setting; + + // Buffered options + if (tempInt < command.parts) + { + tempInt++; + // Levels + if ((strcmp(command.part[tempInt], "0") == 0) || (strcmp(command.part[tempInt], "emergencies") == 0)) + nipper->ios->logging->bufferLevel = 0; + else if ((strcmp(command.part[tempInt], "1") == 0) || (strcmp(command.part[tempInt], "alerts") == 0)) + nipper->ios->logging->bufferLevel = 1; + else if ((strcmp(command.part[tempInt], "2") == 0) || (strcmp(command.part[tempInt], "critical") == 0)) + nipper->ios->logging->bufferLevel = 2; + else if ((strcmp(command.part[tempInt], "3") == 0) || (strcmp(command.part[tempInt], "errors") == 0)) + nipper->ios->logging->bufferLevel = 3; + else if ((strcmp(command.part[tempInt], "4") == 0) || (strcmp(command.part[tempInt], "warnings") == 0)) + nipper->ios->logging->bufferLevel = 4; + else if ((strcmp(command.part[tempInt], "5") == 0) || (strcmp(command.part[tempInt], "notifications") == 0)) + nipper->ios->logging->bufferLevel = 5; + else if ((strcmp(command.part[tempInt], "6") == 0) || (strcmp(command.part[tempInt], "informational") == 0)) + nipper->ios->logging->bufferLevel = 6; + else if ((strcmp(command.part[tempInt], "7") == 0) || (strcmp(command.part[tempInt], "debugging") == 0)) + nipper->ios->logging->bufferLevel = 7; + + // Buffer Size + else + nipper->ios->logging->bufferSize = atoi(command.part[tempInt]); + tempInt++; + } + if (tempInt < command.parts) + { + // Levels + if ((strcmp(command.part[tempInt], "0") == 0) || (strcmp(command.part[tempInt], "emergencies") == 0)) + nipper->ios->logging->bufferLevel = 0; + else if ((strcmp(command.part[tempInt], "1") == 0) || (strcmp(command.part[tempInt], "alerts") == 0)) + nipper->ios->logging->bufferLevel = 1; + else if ((strcmp(command.part[tempInt], "2") == 0) || (strcmp(command.part[tempInt], "critical") == 0)) + nipper->ios->logging->bufferLevel = 2; + else if ((strcmp(command.part[tempInt], "3") == 0) || (strcmp(command.part[tempInt], "errors") == 0)) + nipper->ios->logging->bufferLevel = 3; + else if ((strcmp(command.part[tempInt], "4") == 0) || (strcmp(command.part[tempInt], "warnings") == 0)) + nipper->ios->logging->bufferLevel = 4; + else if ((strcmp(command.part[tempInt], "5") == 0) || (strcmp(command.part[tempInt], "notifications") == 0)) + nipper->ios->logging->bufferLevel = 5; + else if ((strcmp(command.part[tempInt], "6") == 0) || (strcmp(command.part[tempInt], "informational") == 0)) + nipper->ios->logging->bufferLevel = 6; + else if ((strcmp(command.part[tempInt], "7") == 0) || (strcmp(command.part[tempInt], "debugging") == 0)) + nipper->ios->logging->bufferLevel = 7; + } + } + + // Console + else if (strcmp(command.part[tempInt], "console") == 0) + { + nipper->ios->logging->consoleLogging = setting; + + // Options + if (tempInt < command.parts) + { + tempInt++; + // Levels + if ((strcmp(command.part[tempInt], "0") == 0) || (strcmp(command.part[tempInt], "emergencies") == 0)) + nipper->ios->logging->consoleLevel = 0; + else if ((strcmp(command.part[tempInt], "1") == 0) || (strcmp(command.part[tempInt], "alerts") == 0)) + nipper->ios->logging->consoleLevel = 1; + else if ((strcmp(command.part[tempInt], "2") == 0) || (strcmp(command.part[tempInt], "critical") == 0)) + nipper->ios->logging->consoleLevel = 2; + else if ((strcmp(command.part[tempInt], "3") == 0) || (strcmp(command.part[tempInt], "errors") == 0)) + nipper->ios->logging->consoleLevel = 3; + else if ((strcmp(command.part[tempInt], "4") == 0) || (strcmp(command.part[tempInt], "warnings") == 0)) + nipper->ios->logging->consoleLevel = 4; + else if ((strcmp(command.part[tempInt], "5") == 0) || (strcmp(command.part[tempInt], "notifications") == 0)) + nipper->ios->logging->consoleLevel = 5; + else if ((strcmp(command.part[tempInt], "6") == 0) || (strcmp(command.part[tempInt], "informational") == 0)) + nipper->ios->logging->consoleLevel = 6; + else if ((strcmp(command.part[tempInt], "7") == 0) || (strcmp(command.part[tempInt], "debugging") == 0)) + nipper->ios->logging->consoleLevel = 7; + } + } + + // Trap + else if (strcmp(command.part[tempInt], "trap") == 0) + { + if (setting == false) + nipper->ios->logging->loggingTrap = 6; + + // Levels + else + { + tempInt++; + // Levels + if ((strcmp(command.part[tempInt], "0") == 0) || (strcmp(command.part[tempInt], "emergencies") == 0)) + nipper->ios->logging->loggingTrap = 0; + else if ((strcmp(command.part[tempInt], "1") == 0) || (strcmp(command.part[tempInt], "alerts") == 0)) + nipper->ios->logging->loggingTrap = 1; + else if ((strcmp(command.part[tempInt], "2") == 0) || (strcmp(command.part[tempInt], "critical") == 0)) + nipper->ios->logging->loggingTrap = 2; + else if ((strcmp(command.part[tempInt], "3") == 0) || (strcmp(command.part[tempInt], "errors") == 0)) + nipper->ios->logging->loggingTrap = 3; + else if ((strcmp(command.part[tempInt], "4") == 0) || (strcmp(command.part[tempInt], "warnings") == 0)) + nipper->ios->logging->loggingTrap = 4; + else if ((strcmp(command.part[tempInt], "5") == 0) || (strcmp(command.part[tempInt], "notifications") == 0)) + nipper->ios->logging->loggingTrap = 5; + else if ((strcmp(command.part[tempInt], "6") == 0) || (strcmp(command.part[tempInt], "informational") == 0)) + nipper->ios->logging->loggingTrap = 6; + else if ((strcmp(command.part[tempInt], "7") == 0) || (strcmp(command.part[tempInt], "debugging") == 0)) + nipper->ios->logging->loggingTrap = 7; + } + } + + // Monitor + else if (strcmp(command.part[tempInt], "monitor") == 0) + { + nipper->ios->logging->monitorLogging = setting; + + // Options + if (tempInt < command.parts) + { + tempInt++; + // Levels + if ((strcmp(command.part[tempInt], "0") == 0) || (strcmp(command.part[tempInt], "emergencies") == 0)) + nipper->ios->logging->monitorLevel = 0; + else if ((strcmp(command.part[tempInt], "1") == 0) || (strcmp(command.part[tempInt], "alerts") == 0)) + nipper->ios->logging->monitorLevel = 1; + else if ((strcmp(command.part[tempInt], "2") == 0) || (strcmp(command.part[tempInt], "critical") == 0)) + nipper->ios->logging->monitorLevel = 2; + else if ((strcmp(command.part[tempInt], "3") == 0) || (strcmp(command.part[tempInt], "errors") == 0)) + nipper->ios->logging->monitorLevel = 3; + else if ((strcmp(command.part[tempInt], "4") == 0) || (strcmp(command.part[tempInt], "warnings") == 0)) + nipper->ios->logging->monitorLevel = 4; + else if ((strcmp(command.part[tempInt], "5") == 0) || (strcmp(command.part[tempInt], "notifications") == 0)) + nipper->ios->logging->monitorLevel = 5; + else if ((strcmp(command.part[tempInt], "6") == 0) || (strcmp(command.part[tempInt], "informational") == 0)) + nipper->ios->logging->monitorLevel = 6; + else if ((strcmp(command.part[tempInt], "7") == 0) || (strcmp(command.part[tempInt], "debugging") == 0)) + nipper->ios->logging->monitorLevel = 7; + } + } + + // Origin ID + else if (strcmp(command.part[tempInt], "origin-id") == 0) + { + tempInt++; + if (strcmp(command.part[tempInt], "string") == 0) + tempInt++; + strncpy(nipper->ios->logging->originId, command.part[tempInt], sizeof(nipper->ios->logging->originId) - 1); + } + + // Source Interface + else if (strcmp(command.part[tempInt], "source-interface") == 0) + { + tempInt++; + if (setting == true) + { + if (tempInt + 1 == command.parts) + strncpy(nipper->ios->logging->sourceInterface, command.part[tempInt], sizeof(nipper->ios->logging->sourceInterface) -1); + else + { + sprintf(tempString, "%s%s", command.part[tempInt], command.part[tempInt+1]); + strncpy(nipper->ios->logging->sourceInterface, tempString, sizeof(nipper->ios->logging->sourceInterface) -1); + } + } + } + + // Count + else if (strcmp(command.part[tempInt], "count") == 0) + nipper->ios->logging->logCount = setting; + + // Enable + else if (strcmp(command.part[tempInt], "enable") == 0) + nipper->ios->logging->logEnable = setting; + + // On + else if (strcmp(command.part[tempInt], "on") == 0) + nipper->ios->logging->logging = setting; + + // Facility + else if (strcmp(command.part[tempInt], "facility") == 0) + strncpy(nipper->ios->logging->facility, command.part[tempInt+1], sizeof(nipper->ios->logging->facility) - 1); + + // Unsupported logging lines.. + else if ((strcmp(command.part[tempInt], "userinfo") == 0) || (strcmp(command.part[tempInt], "synchronous") == 0) || (strcmp(command.part[tempInt], "size") == 0) || (strcmp(command.part[tempInt], "rate-limit") == 0) || (strcmp(command.part[tempInt], "monitor") == 0) || (strcmp(command.part[tempInt], "linecard") == 0) || (strcmp(command.part[tempInt], "history") == 0) || (strcmp(command.part[tempInt], "filter") == 0) || (strcmp(command.part[tempInt], "buffered") == 0) || (strcmp(command.part[tempInt], "console") == 0)) + { + // Debug (lines not processed) + if (nipper->linesnotprocessed == true) + printf("%s\n", line); + } + + // Logging Host + else + { + if (strcmp(command.part[tempInt], "host") == 0) + tempInt++; + // If first logging host + if (nipper->ios->logging->logServer == 0) + { + // create structure + nipper->ios->logging->logServer = malloc(sizeof(struct host)); + logServerPointer = nipper->ios->logging->logServer; + } + else + { + logServerPointer = nipper->ios->logging->logServer; + while (logServerPointer->next != 0) + logServerPointer = logServerPointer->next; + logServerPointer->next = malloc(sizeof(struct host)); + logServerPointer = logServerPointer->next; + } + memset(logServerPointer, 0, sizeof(struct host)); + // add server + strncpy(logServerPointer->server, command.part[tempInt], sizeof(logServerPointer->server) -1); + } +} + + diff --git a/0.11.10/IOS/.svn/text-base/process-nat.c.svn-base b/0.11.10/IOS/.svn/text-base/process-nat.c.svn-base new file mode 100644 index 0000000..8202a23 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-nat.c.svn-base @@ -0,0 +1,193 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#define nat_static 0 +#define nat_dynamic_acl 1 +#define nat_dynamic_route 2 +#define nat_port 3 +#define nat_network 4 + +// NAT +struct natConfig +{ + int inside; // true or false - if false then it is outside) + int type; // nat_static + char local[64]; // local + int localPort; + char global[64]; // global + int globalPort; + char mask[16]; // Mask + int interNumber; // global number / interface number + int pool; // true or false (default) + int ipSecESP; // true or false (default) + int routeMap; // true or false (default) + int tcp; // true (default) or false + int inter; // true or false (default) + struct natConfig *next; +}; + + +// Process NAT +void processNAT(char *line, struct nipperConfig *nipper) +{ + // Variables + struct natConfig *natPointer = 0; + struct ciscoCommand command; + int tempInt = 0; + + // Init + command = splitLine(line); + + // if it is a source or nat line + if (((strcmp(command.part[2], "inside") == 0) || (strcmp(command.part[2], "outside") == 0)) && (command.parts > 3) && (strcmp(command.part[3], "source") == 0)) + { + // Debug + if (nipper->debugMode == true) + { + printf("NAT inside/outside source Line: %s\n", line); + } + + // Is this the first nat line? + if (nipper->ios->nat == 0) + { + nipper->ios->nat = malloc(sizeof(struct natConfig)); + natPointer = nipper->ios->nat; + } + + // Else find last line... + else + { + natPointer = nipper->ios->nat; + while (natPointer->next != 0) + natPointer = natPointer->next; + natPointer->next = malloc(sizeof(struct natConfig)); + natPointer = natPointer->next; + } + + // Init the new line structure + memset(natPointer, 0, sizeof(struct natConfig)); + + // Defaults... + natPointer->ipSecESP = false; + natPointer->routeMap = false; + natPointer->pool = false; + natPointer->tcp = true; + natPointer->inter = false; + + // Set inside / outside + if (strcmp(command.part[2], "inside") == 0) + natPointer->inside = true; + else + natPointer->inside = false; + + // Set type + if ((strcmp(command.part[4], "static") == 0) && (strcmp(command.part[5], "network") == 0)) + natPointer->type = nat_network; + else if ((strcmp(command.part[4], "static") == 0) && ((strcmp(command.part[5], "tcp") == 0) || (strcmp(command.part[5], "udp") == 0))) + natPointer->type = nat_port; + else if (strcmp(command.part[4], "list") == 0) + natPointer->type = nat_dynamic_acl; + else if (strcmp(command.part[4], "route-map") == 0) + natPointer->type = nat_dynamic_route; + else if (strcmp(command.part[4], "static") == 0) + natPointer->type = nat_static; + + // Process the different nat types... + switch (natPointer->type) + { + // Static NAT + case nat_static: + if (strcmp(command.part[5], "esp") == 0) + { + natPointer->ipSecESP = true; + strncpy(natPointer->local, command.part[6], sizeof(natPointer->local) - 1); + strncpy(natPointer->global, command.part[8], sizeof(natPointer->global) - 1); + natPointer->interNumber = atoi(command.part[9]); + tempInt = 10; + } + else + { + strncpy(natPointer->local, command.part[5], sizeof(natPointer->local) - 1); + strncpy(natPointer->global, command.part[6], sizeof(natPointer->global) - 1); + tempInt = 7; + } + break; + + // Dynamic NAT (ACL / Route Map) + case nat_dynamic_route: + case nat_dynamic_acl: + strncpy(natPointer->local, command.part[5], sizeof(natPointer->local) - 1); + if (strcmp(command.part[6], "pool") == 0) + { + natPointer->pool = true; + strncpy(natPointer->global, command.part[7], sizeof(natPointer->global) - 1); + } + else + { + strncpy(natPointer->global, command.part[7], sizeof(natPointer->global) - 1); + natPointer->interNumber = atoi(command.part[8]); + } + break; + + // Port Static NAT + case nat_port: + if (strcmp(command.part[5], "tcp") == 0) + natPointer->tcp = true; + else + natPointer->tcp = false; + if (strcmp(command.part[6], "interface") == 0) + { + natPointer->inter = true; + natPointer->globalPort = atoi(command.part[7]); + } + else + { + strncpy(natPointer->local, command.part[6], sizeof(natPointer->local) - 1); + natPointer->localPort = atoi(command.part[7]); + strncpy(natPointer->global, command.part[8], sizeof(natPointer->global) - 1); + natPointer->globalPort = atoi(command.part[9]); + } + break; + + // Network NAT + case nat_network: + strncpy(natPointer->local, command.part[6], sizeof(natPointer->local) - 1); + strncpy(natPointer->global, command.part[7], sizeof(natPointer->global) - 1); + strncpy(natPointer->mask, command.part[8], sizeof(natPointer->mask) - 1); + break; + } + } + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} + + diff --git a/0.11.10/IOS/.svn/text-base/process-ntp.c.svn-base b/0.11.10/IOS/.svn/text-base/process-ntp.c.svn-base new file mode 100644 index 0000000..d4e2d42 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-ntp.c.svn-base @@ -0,0 +1,234 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +#define ntp_peer 0 +#define ntp_serve 1 +#define ntp_serve_only 2 +#define ntp_query_only 3 + + +// NTP Server / Peer +struct ntpHost +{ + char ntpHost[32]; + int keyNum; + struct ntpHost *next; +}; + +// NTP Authentication Key +struct ntpKey +{ + int keyNum; + int trusted; // true or false + char key[128]; + int weak; + int dictionary; + struct ntpKey *next; +}; + +// NTP Access Group +struct ntpAccessGroup +{ + int accessType; // ntp_peer, ntp_serve... + char accessList[65]; + struct ntpAccessGroup *next; +}; + +// NTP +struct ntpConfig +{ + int enabled; // true or false + int master; // true or false + int authentication; // true or false + struct ntpAccessGroup *access; + struct ntpKey *key; + struct ntpHost *server; + struct ntpHost *peer; +}; + + +// Process NTP +void processNtp(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ntpKey *ntpKeyPointer = 0; + struct ntpHost *ntpHostPointer = 0; + struct ntpAccessGroup *ntpAccessPointer = 0; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("NTP Line: %s\n", line); + } + + // Check to see if NTP already exists + if (nipper->ios->ntp == 0) + { + nipper->ios->ntp = malloc(sizeof(struct ntpConfig)); + memset(nipper->ios->ntp, 0, sizeof(struct ntpConfig)); + + // Init + nipper->ios->ntp->enabled = true; + nipper->ios->ntp->master = false; + nipper->ios->ntp->authentication = false; + } + + // ntp disable? + if (strncmp(line, "ntp disable", 11) == 0) + nipper->ios->ntp->enabled = false; + + // ntp master? + else if (strncmp(line, "ntp master", 10) == 0) + nipper->ios->ntp->master = true; + + // ntp server / peer? + else if ((strncmp(line, "ntp server ", 11) == 0) || (strncmp(line, "ntp peer ", 9) == 0)) + { + // create ntp host struct + ntpHostPointer = malloc(sizeof(struct ntpHost)); + memset(ntpHostPointer, 0, sizeof(struct ntpHost)); + + // Sort out Pointers + if (strncmp(line, "ntp server ", 11) == 0) + { + ntpHostPointer->next = nipper->ios->ntp->server; + nipper->ios->ntp->server = ntpHostPointer; + } + else + { + ntpHostPointer->next = nipper->ios->ntp->peer; + nipper->ios->ntp->peer = ntpHostPointer; + } + + // Init + ntpHostPointer->keyNum = -1; + + // Get info + tempInt = nextSpace(line + 11); + if (line[11 + tempInt] == 0) + { + strncpy(ntpHostPointer->ntpHost, line + 11, sizeof(ntpHostPointer->ntpHost)); + } + else + { + line[11 + tempInt] = 0; + strncpy(ntpHostPointer->ntpHost, line + 11, sizeof(ntpHostPointer->ntpHost)); + + // If key exists + if (strncmp(line + 11 + tempInt, "key ", 4) == 0) + { + ntpHostPointer->keyNum = atoi(line + 15 + tempInt); + } + } + } + + // ntp authentication? + else if (strncmp(line, "ntp authenticate", 16) == 0) + nipper->ios->ntp->authentication = true; + + // ntp authentication key? + else if (strncmp(line, "ntp authentication-key ", 23) == 0) + { + // create ntp key struct + ntpKeyPointer = malloc(sizeof(struct ntpKey)); + memset(ntpKeyPointer, 0, sizeof(struct ntpKey)); + + // Sort out Pointers + ntpKeyPointer->next = nipper->ios->ntp->key; + nipper->ios->ntp->key = ntpKeyPointer; + + // Init + ntpKeyPointer->trusted = false; + ntpKeyPointer->weak = false; + ntpKeyPointer->dictionary = false; + + tempInt = nextSpace(line + 23); + line[23 + tempInt] = 0; + ntpKeyPointer->keyNum = atoi(line + 23); + strncpy(ntpKeyPointer->key, line + 27 + tempInt, sizeof(ntpKeyPointer->key)); + if (simplePassword(ntpKeyPointer->key, nipper) == true) + { + nipper->simplePasswords++; + ntpKeyPointer->dictionary = true; + } + if (passwordStrength(ntpKeyPointer->key, nipper) == false) + { + nipper->passwordStrengths++; + ntpKeyPointer->weak = true; + } + } + + // ntp authentication key trusted? + else if (strncmp(line, "ntp trusted-key ", 16) == 0) + { + // Init + ntpKeyPointer = nipper->ios->ntp->key; + tempInt = atoi(line + 16); + + // Find key + while ((ntpKeyPointer != 0) && (ntpKeyPointer->keyNum != tempInt)) + { + ntpKeyPointer = ntpKeyPointer->next; + } + + // Set trusted if found + if (ntpKeyPointer->keyNum == tempInt) + ntpKeyPointer->trusted = true; + } + + // ntp access-group? + else if (strncmp(line, "ntp access-group ", 17) == 0) + { + // create ntp access-group struct + ntpAccessPointer = malloc(sizeof(struct ntpAccessGroup)); + memset(ntpAccessPointer, 0, sizeof(struct ntpAccessGroup)); + + // Sort out Pointers + ntpAccessPointer->next = nipper->ios->ntp->access; + nipper->ios->ntp->access = ntpAccessPointer; + + // Get access type + if (strncmp(line + 17, "peer ", 5) == 0) + ntpAccessPointer->accessType = ntp_peer; + else if (strncmp(line + 17, "serve ", 6) == 0) + ntpAccessPointer->accessType = ntp_serve; + else if (strncmp(line + 17, "serve-only ", 11) == 0) + ntpAccessPointer->accessType = ntp_serve_only; + else + ntpAccessPointer->accessType = ntp_query_only; + + // Get access-list num + tempInt = nextSpace(line + 17); + strncpy(ntpAccessPointer->accessList, line + 18 + tempInt, sizeof(ntpAccessPointer->accessList) - 1); + } +} + diff --git a/0.11.10/IOS/.svn/text-base/process-route-map.c.svn-base b/0.11.10/IOS/.svn/text-base/process-route-map.c.svn-base new file mode 100644 index 0000000..99fa0fa --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-route-map.c.svn-base @@ -0,0 +1,121 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Route Map +struct routeMapConfig +{ + char mapTag[64]; + int sequenceNo; + int permission; // perm_allow (default) or perm_deny + struct routeMapConfig *next; +}; + + +// Process Route Map +void processRouteMap(char *line, struct nipperConfig *nipper) +{ + // Variables + struct routeMapConfig *routeMapPointer = 0; + fpos_t filePosition; + int tempInt = 0; + struct ciscoCommand command; + + while ((line[0] != '!') && (feof(nipper->input) == 0)) + { + // Debug + if (nipper->debugMode == true) + { + printf("Route Map Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // If it is a new route map + if (strcmp(command.part[0], "route-map") == 0) + { + // If this is the first route map... + if (nipper->ios->routeMap == 0) + { + nipper->ios->routeMap = malloc(sizeof(struct routeMapConfig)); + routeMapPointer = nipper->ios->routeMap; + } + + // Else find last route map... + else + { + routeMapPointer = nipper->ios->routeMap; + while (routeMapPointer->next != 0) + routeMapPointer = routeMapPointer->next; + routeMapPointer->next = malloc(sizeof(struct routeMapConfig)); + routeMapPointer = routeMapPointer->next; + } + + // Init the new line structure + memset(routeMapPointer, 0, sizeof(struct routeMapConfig)); + + // Set the new route map to the default settings + routeMapPointer->permission = perm_permit; + + // Set map tag... + strncpy(routeMapPointer->mapTag, command.part[1], sizeof(routeMapPointer->mapTag) - 1); + + // Set optional parameters + for (tempInt = 2; tempInt < command.parts; tempInt++) + { + // Permit + if (strcmp(command.part[tempInt], "permit") == 0) + routeMapPointer->permission = perm_permit; + + // Deny + else if (strcmp(command.part[tempInt], "deny") == 0) + routeMapPointer->permission = perm_deny; + + // Sequence no + else + routeMapPointer->sequenceNo = atoi(command.part[tempInt]); + } + } + + // Debug (route map lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + + // Get next line... + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + + // Set to previous position... + fsetpos(nipper->input, &filePosition); +} + + diff --git a/0.11.10/IOS/.svn/text-base/process-router.c.svn-base b/0.11.10/IOS/.svn/text-base/process-router.c.svn-base new file mode 100644 index 0000000..6372e5c --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-router.c.svn-base @@ -0,0 +1,1111 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +struct passiveStruct +{ + char interface[32]; + int passive; + struct passiveStruct *next; +}; + +struct ripConfig +{ + int version; + int autoSummary; + int defaultRoute; + char defaultRouteMap[57]; + int defaultMetric; + int inputQueue; + int outputDelay; + int validateUpdateSource; + int defaultPassive; + struct host *neighbor; + struct host *network; + struct passiveStruct *passive; +}; + +struct ospfNetworkConfig +{ + char network[16]; + char networkMask[16]; + char areaID[16]; + struct ospfNetworkConfig *next; +}; + +struct ospfAreaConfig +{ + char areaID[16]; + int areaAuth; + int defaultCost; + struct ospfAreaConfig *next; +}; + +struct ospfNeighbor +{ + char host[16]; + int priority; + int pollInterval; + int costNumber; + int databaseFilter; + struct ospfNeighbor *next; +}; + +struct ospfConfig +{ + int processID; + int defaultPassive; + struct passiveStruct *passive; + struct ospfNetworkConfig *ospfNetwork; + struct ospfAreaConfig *ospfArea; + struct ospfNeighbor *neighbor; + struct ospfConfig *next; +}; + +struct isisConfig +{ +}; + +#define eigrp_stub_disabled 0 +#define eigrp_stub_enabled 1 +#define eigrp_stub_receive 2 +#define eigrp_stub_connected 3 +#define eigrp_stub_static 4 +#define eigrp_stub_summary 5 +#define eigrp_stub_redist 6 + +struct eigrpNeighbor +{ + char ipAddress[32]; + char interface[32]; + struct eigrpNeighbor *next; +}; + +struct eigrpNetwork +{ + char ipAddress[32]; + char netMask[32]; + struct eigrpNetwork *next; +}; + +struct eigrpConfig +{ + int process; // EIGRP Autonomous No. + char routerId[32]; // If not set, it is automatic + int maximumHops; // default is 100 + int stub; // default is eigrp_stub_disabled + int autoSummary; // true or false (default) + int internalDistance; // default 90 + int externalDistance; // default 170 + int logNeighborChanges; // true (default) or false + int logNeighborWarnings; // true (default) or false + int defaultPassive; // false (default) + struct passiveStruct *passive; + struct eigrpNetwork *network; + struct eigrpNeighbor *neighbor; + struct eigrpConfig *next; +}; + +struct bgpNeighbor +{ + char host[32]; + int encryption; // encrypt_type7, encrypt_md5... + char password[128]; + char passwordEncrypted[128]; + int dictionary; + int weak; + char description[128]; + int autonomousNo; + int ttlHops; + struct bgpNeighbor *next; +}; + +struct bgpConfig +{ + int autonomousNo; + int logNeighborChanges; + int dampening; + int defaultPassive; + struct passiveStruct *passive; + struct bgpNeighbor *neighbor; + struct bgpConfig *next; +}; + +struct staticRoute +{ + char ipAddress[20]; + char netMask[16]; + char gateway[20]; + struct staticRoute *next; +}; + + +// Process Static Route +void processRoute(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + struct staticRoute *routePointer = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Static Route Line: %s\n", line); + } + + // If first? + if (nipper->ios->route == 0) + { + nipper->ios->route = malloc(sizeof(struct staticRoute)); + routePointer = nipper->ios->route; + } + else + { + routePointer = nipper->ios->route; + while (routePointer->next != 0) + routePointer = routePointer->next; + routePointer->next = malloc(sizeof(struct staticRoute)); + routePointer = routePointer->next; + } + + //init + command = splitLine(line); + memset(routePointer, 0, sizeof(struct staticRoute)); + + // IP Address + strncpy(routePointer->ipAddress, command.part[2], sizeof(routePointer->ipAddress) - 1); + + // Net Mask + strncpy(routePointer->netMask, command.part[3], sizeof(routePointer->netMask) - 1); + + // Gateway + strncpy(routePointer->gateway, command.part[4], sizeof(routePointer->gateway) - 1); +} + + +// Process Router +void processRouter(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + struct bgpNeighbor *neighborPointer = 0; + struct ospfNetworkConfig *ospfNetworkPointer = 0; + struct ospfAreaConfig *ospfAreaPointer = 0; + struct ospfNeighbor *ospfNeighborPointer = 0; + struct ospfConfig *ospfPointer = 0; + struct host *hostPointer = 0; + struct passiveStruct *passivePointer = 0; + struct eigrpConfig *eigrpPointer = 0; + struct eigrpNetwork *eigrpNetworkPointer = 0; + struct eigrpNeighbor *eigrpNeighborPointer = 0; + struct bgpConfig *bgpPointer = 0; + fpos_t filePosition; + char tempString[nipper->maxSize]; + int tempInt = 0; + int setting = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Router Line: %s\n", line); + } + + //init + command = splitLine(line); + + // What type of routing protocol was it? + // ISIS + if (strncmp(line+7, "isis", 4) == 0) + { + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + { + printf("ISIS Router Line: %s\n", line); + } + + // Get next + readLine(nipper->input, line, nipper->maxSize); + } + } + + // EIGRP + else if (strcmp(command.part[1], "eigrp") == 0) + { + // if struct doesn't exist + if (nipper->ios->eigrp == 0) + { + nipper->ios->eigrp = malloc(sizeof(struct eigrpConfig)); + eigrpPointer = nipper->ios->eigrp; + } + else + { + eigrpPointer = nipper->ios->eigrp; + while (eigrpPointer->next != 0) + eigrpPointer = eigrpPointer->next; + eigrpPointer->next = malloc(sizeof(struct eigrpConfig)); + eigrpPointer = eigrpPointer->next; + } + + // Init + memset(nipper->ios->eigrp, 0, sizeof(struct eigrpConfig)); + strcpy(eigrpPointer->routerId, "Automatic"); + eigrpPointer->maximumHops = 100; + eigrpPointer->stub = eigrp_stub_disabled; + eigrpPointer->autoSummary = false; + eigrpPointer->internalDistance = 90; + eigrpPointer->externalDistance = 170; + eigrpPointer->logNeighborChanges = true; + eigrpPointer->logNeighborWarnings = true; + eigrpPointer->defaultPassive = false; + + // Process ID + if (command.parts == 3) + eigrpPointer->process = atoi(command.part[2]); + + // Get Routing options... + readLine(nipper->input, line, nipper->maxSize); + while ((line[0] != '!') && (feof(nipper->input) == 0)) + { + // Debug... + if (nipper->debugMode == true) + printf("EIGRP Router Line: %s\n", line); + + // Init... + command = splitLine(line); + + // Setting + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 1; + } + else + { + setting = true; + tempInt = 0; + } + + // Auto Summary + if (strcmp(command.part[tempInt], "auto-summary") == 0) + eigrpPointer->autoSummary = setting; + + // Default Passive Interface + else if ((strcmp(command.part[0], "passive-interface") == 0) && (strcmp(command.part[1], "default") == 0)) + eigrpPointer->defaultPassive = true; + + // Passive + else if (strcmp(command.part[tempInt], "passive-interface") == 0) + { + tempInt++; + // If first passive interface... + if (eigrpPointer->passive == 0) + { + eigrpPointer->passive = malloc(sizeof(struct passiveStruct)); + memset(eigrpPointer->passive, 0, sizeof(struct passiveStruct)); + passivePointer = eigrpPointer->passive; + } + else + { + passivePointer = eigrpPointer->passive; + while (passivePointer->next != 0) + passivePointer = passivePointer->next; + passivePointer->next = malloc(sizeof(struct passiveStruct)); + memset(passivePointer->next, 0, sizeof(struct passiveStruct)); + passivePointer = passivePointer->next; + } + passivePointer->passive = setting; + if (tempInt + 1 == command.parts) + strncpy(passivePointer->interface, command.part[tempInt], sizeof(passivePointer->interface) - 1); + else + { + sprintf(tempString, "%s%s", command.part[tempInt], command.part[tempInt+1]); + strncpy(passivePointer->interface, tempString, sizeof(passivePointer->interface) - 1); + } + } + + // Administrative Distances + else if ((strcmp(command.part[tempInt], "distance") == 0) && (strcmp(command.part[tempInt+1], "eigrp") == 0)) + { + if (setting == false) + { + eigrpPointer->internalDistance = atoi(command.part[tempInt+2]); + eigrpPointer->externalDistance = atoi(command.part[tempInt+3]); + } + else + { + eigrpPointer->internalDistance = 90; + eigrpPointer->externalDistance = 170; + } + } + + // Log Neighbor Changes + else if ((strcmp(command.part[tempInt], "eigrp") == 0) && (strcmp(command.part[tempInt+1], "log-neighbor-changes") == 0)) + eigrpPointer->logNeighborChanges = setting; + + // Log Neighbor Warnings + else if ((strcmp(command.part[tempInt], "eigrp") == 0) && (strcmp(command.part[tempInt+1], "log-neighbor-warnings") == 0)) + eigrpPointer->logNeighborWarnings = setting; + + // Router ID + else if ((strcmp(command.part[tempInt], "eigrp") == 0) && (strcmp(command.part[tempInt+1], "router-id") == 0)) + strncpy(eigrpPointer->routerId, command.part[tempInt+2], sizeof(eigrpPointer->routerId) - 1); + + // Stub + else if ((strcmp(command.part[tempInt], "eigrp") == 0) && (strcmp(command.part[tempInt+1], "router-id") == 0)) + { + if (setting == false) + eigrpPointer->stub = eigrp_stub_disabled; + else + { + eigrpPointer->stub = eigrp_stub_enabled; + if (command.parts > 2) + { + if (strcmp(command.part[tempInt+2], "receive-only") == 0) + eigrpPointer->stub = eigrp_stub_receive; + else if (strcmp(command.part[tempInt+2], "connected") == 0) + eigrpPointer->stub = eigrp_stub_connected; + else if (strcmp(command.part[tempInt+2], "static") == 0) + eigrpPointer->stub = eigrp_stub_static; + else if (strcmp(command.part[tempInt+2], "summary") == 0) + eigrpPointer->stub = eigrp_stub_summary; + else if (strcmp(command.part[tempInt+2], "redistribted") == 0) + eigrpPointer->stub = eigrp_stub_redist; + } + } + } + + // Maximum Hops + else if ((strcmp(command.part[tempInt], "metric") == 0) && (strcmp(command.part[tempInt+1], "maximum-hops") == 0)) + { + if (setting == false) + eigrpPointer->maximumHops = 100; + else + eigrpPointer->maximumHops = atoi(command.part[tempInt+2]); + } + + // Neighbor + else if (strcmp(command.part[tempInt], "neighbor") == 0) + { + tempInt++; + + // Create struct + if (eigrpPointer->neighbor == 0) + { + eigrpPointer->neighbor = malloc(sizeof(struct eigrpNeighbor)); + eigrpNeighborPointer = eigrpPointer->neighbor; + } + else + { + eigrpNeighborPointer = eigrpPointer->neighbor; + while (eigrpNeighborPointer->next != 0) + eigrpNeighborPointer = eigrpNeighborPointer->next; + eigrpNeighborPointer->next = malloc(sizeof(struct eigrpNeighbor)); + eigrpNeighborPointer = eigrpNeighborPointer->next; + } + + // Init + memset(eigrpNeighborPointer, 0, sizeof(struct eigrpNeighbor)); + + // IP Address + strncpy(eigrpNeighborPointer->ipAddress, command.part[tempInt], sizeof(eigrpNeighborPointer->ipAddress) - 1); + tempInt++; + + // Interface + if (command.parts == tempInt + 1) + strncpy(eigrpNeighborPointer->interface, command.part[tempInt], sizeof(eigrpNeighborPointer->interface) - 1); + else if (command.parts == tempInt + 2) + { + sprintf(tempString, "%s%s", command.part[tempInt], command.part[tempInt+1]); + strncpy(eigrpNeighborPointer->interface, tempString, sizeof(eigrpNeighborPointer->interface) - 1); + } + } + + // Network + else if (strcmp(command.part[tempInt], "network") == 0) + { + tempInt++; + + // Create struct + if (eigrpPointer->network == 0) + { + eigrpPointer->network = malloc(sizeof(struct eigrpNetwork)); + eigrpNetworkPointer = eigrpPointer->network; + } + else + { + eigrpNetworkPointer = eigrpPointer->network; + while (eigrpNetworkPointer->next != 0) + eigrpNetworkPointer = eigrpNetworkPointer->next; + eigrpNetworkPointer->next = malloc(sizeof(struct eigrpNetwork)); + eigrpNetworkPointer = eigrpNetworkPointer->next; + } + + // Init + memset(eigrpNetworkPointer, 0, sizeof(struct eigrpNetwork)); + + // IP Address + strncpy(eigrpNetworkPointer->ipAddress, command.part[tempInt], sizeof(eigrpNetworkPointer->ipAddress) - 1); + tempInt++; + + // Netmask + if (tempInt < command.parts) + strncpy(eigrpNetworkPointer->netMask, command.part[tempInt], sizeof(eigrpNetworkPointer->netMask) - 1); + } + + // Get next line... + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + + // Set to previous position... + fsetpos(nipper->input, &filePosition); + } + + // BGP + else if (strncmp(line+7, "bgp", 3) == 0) + { + // If struct doesn't exist + if (nipper->ios->bgp == 0) + { + nipper->ios->bgp = malloc(sizeof(struct bgpConfig)); + memset(nipper->ios->bgp, 0, sizeof(struct bgpConfig)); + bgpPointer = nipper->ios->bgp; + } + else + { + bgpPointer = nipper->ios->bgp; + while (bgpPointer->next != 0) + bgpPointer = bgpPointer->next; + bgpPointer->next = malloc(sizeof(struct bgpConfig)); + memset(bgpPointer->next, 0, sizeof(struct bgpConfig)); + bgpPointer = bgpPointer->next; + } + + // Init + bgpPointer->autonomousNo = atoi(command.part[2]); + bgpPointer->logNeighborChanges = false; + bgpPointer->dampening = false; + bgpPointer->defaultPassive = false; + + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + printf("BGP Router Line: %s\n", line); + + // Init + command = splitLine(line); + + // Setting + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 1; + } + else + { + setting = true; + tempInt = 0; + } + + if (strcmp(command.part[0], "neighbor") == 0) + { + // If this is the first neighbor + if (bgpPointer->neighbor == 0) + { + neighborPointer = malloc(sizeof(struct bgpNeighbor)); + memset(neighborPointer, 0, sizeof(struct bgpNeighbor)); + + // Init + bgpPointer->neighbor = neighborPointer; + strncpy(neighborPointer->host, command.part[1], sizeof(neighborPointer->host)); + neighborPointer->encryption = encrypt_none; + neighborPointer->autonomousNo = -1; + neighborPointer->ttlHops = -1; + neighborPointer->weak = false; + neighborPointer->dictionary = false; + } + + // neighbors already exist + else + { + // Search + neighborPointer = bgpPointer->neighbor; + while ((neighborPointer->next != 0) && (strcmp(command.part[1], neighborPointer->host) != 0)) + neighborPointer = neighborPointer->next; + + // If not found + if (strcmp(command.part[1], neighborPointer->host) != 0) + { + neighborPointer->next = malloc(sizeof(struct bgpNeighbor)); + memset(neighborPointer->next, 0, sizeof(struct bgpNeighbor)); + + // Sort out pointers + neighborPointer = neighborPointer->next; + + // Init + strncpy(neighborPointer->host, command.part[1], sizeof(neighborPointer->host)); + neighborPointer->encryption = encrypt_none; + neighborPointer->autonomousNo = -1; + neighborPointer->ttlHops = -1; + neighborPointer->weak = false; + neighborPointer->dictionary = false; + } + } + + if (command.parts > 2) + { + // Description? + if (strncmp(command.part[2], "description", 11) == 0) + { + int loop; + strncpy(neighborPointer->description, command.part[3], sizeof(neighborPointer->description)); + tempString[0] = 0; + for (loop = 4; loop < command.parts; loop++) + { + sprintf(tempString, "%s %s", neighborPointer->description, command.part[loop]); + strncpy(neighborPointer->description, tempString, sizeof(neighborPointer->description)); + } + } + + // Password? + else if (strncmp(command.part[2], "password", 8) == 0) + { + switch(command.part[3][0]) + { + case '7': + neighborPointer->encryption = encrypt_type7; + if (password7(command.part[4], neighborPointer->password, sizeof(neighborPointer->password), nipper->debugMode) != 0) + strcpy(neighborPointer->password, ""); + strncpy(neighborPointer->passwordEncrypted, command.part[4], sizeof(neighborPointer->passwordEncrypted)); + break; + case '5': + neighborPointer->encryption = encrypt_md5; + strcpy(neighborPointer->password, ""); + strncpy(neighborPointer->passwordEncrypted, command.part[4], sizeof(neighborPointer->passwordEncrypted)); + addJohnPassword(nipper, "bgp", neighborPointer->passwordEncrypted); + break; + case '0': + neighborPointer->encryption = encrypt_none; + strncpy(neighborPointer->password, command.part[4], sizeof(neighborPointer->password)); + strcpy(neighborPointer->passwordEncrypted, ""); + break; + default: + if (command.parts == 3) + { + neighborPointer->encryption = encrypt_none; + strncpy(neighborPointer->password, command.part[3], sizeof(neighborPointer->password)); + strcpy(neighborPointer->passwordEncrypted, ""); + } + else + { + neighborPointer->encryption = encrypt_unknown; + strcpy(neighborPointer->password, ""); + strncpy(neighborPointer->passwordEncrypted, command.part[command.parts - 1], sizeof(neighborPointer->passwordEncrypted)); + } + break; + } + if ((strcmp(neighborPointer->password, "") != 0) && (strlen(neighborPointer->password) != 0)) + { + if (simplePassword(neighborPointer->password, nipper) == true) + { + nipper->simplePasswords++; + neighborPointer->dictionary = true; + } + if (passwordStrength(neighborPointer->password, nipper) == false) + { + nipper->passwordStrengths++; + neighborPointer->weak = true; + } + } + } + + // Autonomous No? + else if (strncmp(command.part[2], "remote-as", 9) == 0) + neighborPointer->autonomousNo = atoi(command.part[3]); + + // TTL Hops? + else if ((strncmp(command.part[2], "ttl-security", 12) == 0) && (strncmp(command.part[3], "hops", 4) == 0)) + neighborPointer->ttlHops = atoi(command.part[4]); + } + } + + // Default Passive Interface + else if ((strcmp(command.part[0], "passive-interface") == 0) && (strcmp(command.part[1], "default") == 0)) + bgpPointer->defaultPassive = true; + + // Passive + else if (strcmp(command.part[tempInt], "passive-interface") == 0) + { + tempInt++; + // If first passive interface... + if (bgpPointer->passive == 0) + { + bgpPointer->passive = malloc(sizeof(struct passiveStruct)); + memset(bgpPointer->passive, 0, sizeof(struct passiveStruct)); + passivePointer = bgpPointer->passive; + } + else + { + passivePointer = bgpPointer->passive; + while (passivePointer->next != 0) + passivePointer = passivePointer->next; + passivePointer->next = malloc(sizeof(struct passiveStruct)); + memset(passivePointer->next, 0, sizeof(struct passiveStruct)); + passivePointer = passivePointer->next; + } + passivePointer->passive = setting; + if (tempInt + 1 == command.parts) + strncpy(passivePointer->interface, command.part[tempInt], sizeof(passivePointer->interface) - 1); + else + { + sprintf(tempString, "%s%s", command.part[tempInt], command.part[tempInt+1]); + strncpy(passivePointer->interface, tempString, sizeof(passivePointer->interface) - 1); + } + } + + else if ((strcmp(command.part[0], "bgp") == 0) && (strcmp(command.part[1], "log-neighbor-changes") == 0)) + bgpPointer->logNeighborChanges = true; + + else if ((strcmp(command.part[0], "bgp") == 0) && (strcmp(command.part[1], "dampening") == 0)) + bgpPointer->dampening = true; + + // Get next + readLine(nipper->input, line, nipper->maxSize); + } + } + + // RIP + else if (strcmp(command.part[1], "rip") == 0) + { + + // If rip config doesn't exist... + if (nipper->ios->rip == 0) + { + // Create... + nipper->ios->rip = malloc(sizeof(struct ripConfig)); + + // Init... + memset(nipper->ios->rip, 0, sizeof(struct ripConfig)); + nipper->ios->rip->version = rip_version_default; + nipper->ios->rip->autoSummary = true; + nipper->ios->rip->defaultRoute = false; + nipper->ios->rip->defaultMetric = -1; + nipper->ios->rip->inputQueue = 50; + nipper->ios->rip->defaultPassive = false; + } + + // Get Routing options... + readLine(nipper->input, line, nipper->maxSize); + while ((line[0] != '!') && (feof(nipper->input) == 0)) + { + // Debug... + if (nipper->debugMode == true) + printf("RIP Router Line: %s\n", line); + + // Init... + command = splitLine(line); + + // Setting + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 1; + } + else + { + setting = true; + tempInt = 0; + } + + // Auto Summary + if (strcmp(command.part[tempInt], "auto-summary") == 0) + nipper->ios->rip->autoSummary = setting; + + // Default Passive Interface + else if ((strcmp(command.part[0], "passive-interface") == 0) && (strcmp(command.part[1], "default") == 0)) + nipper->ios->rip->defaultPassive = true; + + // Passive + else if (strcmp(command.part[tempInt], "passive-interface") == 0) + { + tempInt++; + // If first passive interface... + if (nipper->ios->rip->passive == 0) + { + nipper->ios->rip->passive = malloc(sizeof(struct passiveStruct)); + memset(nipper->ios->rip->passive, 0, sizeof(struct passiveStruct)); + passivePointer = nipper->ios->rip->passive; + } + else + { + passivePointer = nipper->ios->rip->passive; + while (passivePointer->next != 0) + passivePointer = passivePointer->next; + passivePointer->next = malloc(sizeof(struct passiveStruct)); + memset(passivePointer->next, 0, sizeof(struct passiveStruct)); + passivePointer = passivePointer->next; + } + passivePointer->passive = setting; + if (tempInt + 1 == command.parts) + strncpy(passivePointer->interface, command.part[tempInt], sizeof(passivePointer->interface) - 1); + else + { + sprintf(tempString, "%s%s", command.part[tempInt], command.part[tempInt+1]); + strncpy(passivePointer->interface, tempString, sizeof(passivePointer->interface) - 1); + } + } + + // Default Information Originate + else if ((strcmp(command.part[0], "default-information") == 0) && (strcmp(command.part[1], "originate") == 0)) + { + nipper->ios->rip->defaultRoute = true; + if (command.parts > 2) + { + if (strcmp(command.part[2], "route-map") == 0) + strncpy(nipper->ios->rip->defaultRouteMap, command.part[2], sizeof(nipper->ios->rip->defaultRouteMap) - 1); + } + } + + // Default Metric... + else if (strcmp(command.part[tempInt], "default-metric") == 0) + { + if (setting == false) + nipper->ios->rip->defaultMetric = -1; + else + nipper->ios->rip->defaultMetric = atoi(command.part[tempInt+1]); + } + + // Input Queue... + else if (strcmp(command.part[tempInt], "input-queue") == 0) + { + if (setting == false) + nipper->ios->rip->inputQueue = -1; + else + nipper->ios->rip->inputQueue = atoi(command.part[tempInt+1]); + } + + // Output Delay... + else if (strcmp(command.part[tempInt], "output-delay") == 0) + { + if (setting == false) + nipper->ios->rip->outputDelay = 0; + else + nipper->ios->rip->outputDelay = atoi(command.part[tempInt+1]); + } + + // Validate Update Source + else if (strcmp(command.part[tempInt], "validate-update-source") == 0) + nipper->ios->rip->validateUpdateSource = setting; + + // Version + else if (strcmp(command.part[tempInt], "version") == 0) + { + if (setting == false) + nipper->ios->rip->version = rip_version_default; + else if (strcmp(command.part[tempInt + 1], "1") == 0) + nipper->ios->rip->version = rip_version1; + else + nipper->ios->rip->version = rip_version2; + } + + // Neighbor + else if (strcmp(command.part[tempInt], "neighbor") == 0) + { + tempInt++; + if (nipper->ios->rip->neighbor == 0) + { + nipper->ios->rip->neighbor = malloc(sizeof(struct host)); + memset(nipper->ios->rip->neighbor, 0, sizeof(struct host)); + hostPointer = nipper->ios->rip->neighbor; + } + else + { + hostPointer = nipper->ios->rip->neighbor; + while (hostPointer->next != 0) + hostPointer = hostPointer->next; + hostPointer->next = malloc(sizeof(struct host)); + memset(hostPointer->next, 0, sizeof(struct host)); + hostPointer = hostPointer->next; + } + strncpy(hostPointer->server, command.part[tempInt], sizeof(hostPointer->server) - 1); + } + + // Network + else if (strcmp(command.part[tempInt], "network") == 0) + { + tempInt++; + if (nipper->ios->rip->network == 0) + { + nipper->ios->rip->network = malloc(sizeof(struct host)); + memset(nipper->ios->rip->network, 0, sizeof(struct host)); + hostPointer = nipper->ios->rip->network; + } + else + { + hostPointer = nipper->ios->rip->network; + while (hostPointer->next != 0) + hostPointer = hostPointer->next; + hostPointer->next = malloc(sizeof(struct host)); + memset(hostPointer->next, 0, sizeof(struct host)); + hostPointer = hostPointer->next; + } + strncpy(hostPointer->server, command.part[tempInt], sizeof(hostPointer->server) - 1); + } + + // Get next line... + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + + // Set to previous position... + fsetpos(nipper->input, &filePosition); + } + + // OSPF + else if (strcmp(command.part[1], "ospf") == 0) + { + // Is first OSPF struct? + if (nipper->ios->ospf == 0) + { + nipper->ios->ospf = malloc(sizeof(struct ospfConfig)); + ospfPointer = nipper->ios->ospf; + } + else + { + ospfPointer = nipper->ios->ospf; + while (ospfPointer->next != 0) + ospfPointer = ospfPointer->next; + ospfPointer->next = malloc(sizeof(struct ospfConfig)); + ospfPointer = ospfPointer->next; + } + + // Init... + memset(ospfPointer, 0, sizeof(struct ospfConfig)); + ospfPointer->defaultPassive = false; + ospfPointer->processID = atoi(command.part[2]); + + // Get Configuration... + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + { + printf("OSPF Router Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Setting + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 1; + } + else + { + setting = true; + tempInt = 0; + } + + // Area + if (strncmp(command.part[0], "area", 4) == 0) + { + // No area config exists... + if (ospfPointer->ospfArea == 0) + { + ospfPointer->ospfArea = malloc(sizeof(struct ospfAreaConfig)); + ospfAreaPointer = ospfPointer->ospfArea; + + // Init + memset(ospfAreaPointer, 0, sizeof(struct ospfAreaConfig)); + strncpy(ospfAreaPointer->areaID, command.part[1], sizeof(ospfAreaPointer->areaID)); + ospfAreaPointer->areaAuth = auth_none; + ospfAreaPointer->defaultCost = 1; + } + else + { + // Search for the area... + ospfAreaPointer = ospfPointer->ospfArea; + while ((ospfAreaPointer->next != 0) && (strcmp(command.part[1], ospfAreaPointer->areaID) != 0)) + ospfAreaPointer = ospfAreaPointer->next; + + // If area doesn't exists, create... + if (strcmp(command.part[1], ospfAreaPointer->areaID) != 0) + { + ospfAreaPointer->next = malloc(sizeof(struct ospfAreaConfig)); + ospfAreaPointer = ospfAreaPointer->next; + + // Init + memset(ospfAreaPointer, 0, sizeof(struct ospfAreaConfig)); + strncpy(ospfAreaPointer->areaID, command.part[1], sizeof(ospfAreaPointer->areaID)); + ospfAreaPointer->areaAuth = auth_none; + ospfAreaPointer->defaultCost = 1; + } + } + + // Is authentication? + if (strcmp(command.part[2], "authentication") == 0) + { + ospfAreaPointer->areaAuth = auth_clear; + + // Is message digest used? + if (command.parts > 3) + { + if (strcmp(command.part[3], "message-digest") == 0) + ospfAreaPointer->areaAuth = auth_md5; + } + } + + // Is default cost? + else if (strcmp(command.part[2], "default-cost") == 0) + ospfAreaPointer->defaultCost = atoi(command.part[3]); + } + + // Network + else if (strncmp(command.part[0], "network", 7) == 0) + { + // Reserve memory + if (ospfPointer->ospfNetwork == 0) + { + ospfPointer->ospfNetwork = malloc(sizeof(struct ospfNetworkConfig)); + ospfNetworkPointer = ospfPointer->ospfNetwork; + } + else + { + ospfNetworkPointer = ospfPointer->ospfNetwork; + while (ospfNetworkPointer->next != 0) + ospfNetworkPointer = ospfNetworkPointer->next; + ospfNetworkPointer->next = malloc(sizeof(struct ospfNetworkConfig)); + ospfNetworkPointer = ospfNetworkPointer->next; + } + + // Init + memset(ospfNetworkPointer, 0, sizeof(struct ospfNetworkConfig)); + ospfNetworkPointer->next = 0; + strncpy(ospfNetworkPointer->network, command.part[1], sizeof(ospfNetworkPointer->network)); + strncpy(ospfNetworkPointer->networkMask, command.part[2], sizeof(ospfNetworkPointer->networkMask)); + strncpy(ospfNetworkPointer->areaID, command.part[4], sizeof(ospfNetworkPointer->areaID)); + } + + // Neighbor + else if (strncmp(command.part[0], "neighbor", 8) == 0) + { + // Reserve memory + if (ospfPointer->neighbor == 0) + { + ospfPointer->neighbor = malloc(sizeof(struct ospfNeighbor)); + ospfNeighborPointer = ospfPointer->neighbor; + } + else + { + ospfNeighborPointer = ospfPointer->neighbor; + while (ospfNeighborPointer->next != 0) + ospfNeighborPointer = ospfNeighborPointer->next; + ospfNeighborPointer->next = malloc(sizeof(struct ospfNeighbor)); + ospfNeighborPointer = ospfNeighborPointer->next; + } + + // Init + memset(ospfNeighborPointer, 0, sizeof(struct ospfNeighbor)); + ospfNeighborPointer->next = 0; + strncpy(ospfNeighborPointer->host, command.part[1], sizeof(ospfNeighborPointer->host)); + ospfNeighborPointer->priority = 0; + ospfNeighborPointer->pollInterval = 120; + ospfNeighborPointer->costNumber = 0; + ospfNeighborPointer->databaseFilter = false; + + for (tempInt = 2; tempInt < command.parts; tempInt = tempInt + 2) + { + if (strncmp(command.part[tempInt], "cost", 4) == 0) + ospfNeighborPointer->costNumber = atoi(command.part[tempInt + 1]); + + else if (strncmp(command.part[tempInt], "priority", 8) == 0) + ospfNeighborPointer->priority = atoi(command.part[tempInt + 1]); + + else if (strncmp(command.part[tempInt], "poll-interval", 13) == 0) + ospfNeighborPointer->pollInterval = atoi(command.part[tempInt + 1]); + + else if ((strncmp(command.part[tempInt], "database-filter", 15) == 0) && (strncmp(command.part[tempInt + 1], "all", 3) == 0)) + ospfNeighborPointer->databaseFilter = true; + } + } + + // Default Passive Interface + else if ((strcmp(command.part[0], "passive-interface") == 0) && (strcmp(command.part[1], "default") == 0)) + ospfPointer->defaultPassive = true; + + // Passive + else if (strcmp(command.part[tempInt], "passive-interface") == 0) + { + tempInt++; + // If first passive interface... + if (ospfPointer->passive == 0) + { + ospfPointer->passive = malloc(sizeof(struct passiveStruct)); + memset(ospfPointer->passive, 0, sizeof(struct passiveStruct)); + passivePointer = ospfPointer->passive; + } + else + { + passivePointer = ospfPointer->passive; + while (passivePointer->next != 0) + passivePointer = passivePointer->next; + passivePointer->next = malloc(sizeof(struct passiveStruct)); + memset(passivePointer->next, 0, sizeof(struct passiveStruct)); + passivePointer = passivePointer->next; + } + passivePointer->passive = setting; + if (tempInt + 1 == command.parts) + strncpy(passivePointer->interface, command.part[tempInt], sizeof(passivePointer->interface) - 1); + else + { + sprintf(tempString, "%s%s", command.part[tempInt], command.part[tempInt+1]); + strncpy(passivePointer->interface, tempString, sizeof(passivePointer->interface) - 1); + } + } + + // Get next line... + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + + // Set to previous position... + fsetpos(nipper->input, &filePosition); + } +} + + diff --git a/0.11.10/IOS/.svn/text-base/process-snmp.c.svn-base b/0.11.10/IOS/.svn/text-base/process-snmp.c.svn-base new file mode 100644 index 0000000..3dca2ce --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-snmp.c.svn-base @@ -0,0 +1,715 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// SNMP Community +struct snmpCommunity +{ + char community[64]; + int weak; + int dictionary; + int readonly; // true (default) or false + int enabled; // true (default) or false + char accessList[65]; + char viewName[65]; + struct snmpCommunity *next; +}; + +// SNMP View Item +struct snmpViewItem +{ + char mibId[128]; + int include; // true or false + struct snmpViewItem *next; +}; + +// SNMP View +struct snmpView +{ + char viewName[65]; + struct snmpViewItem *viewItem; + struct snmpView *next; +}; + +#define snmp3_none 0 +#define snmp3_des 1 +#define snmp3_3des 2 +#define snmp3_aes128 3 +#define snmp3_aes192 4 +#define snmp3_aes256 5 +#define snmp3_md5 6 +#define snmp3_sha 7 +#define snmp3_des56 8 + +// SNMP User +struct snmpUser +{ + char groupName[65]; + char userName[65]; + int version; + int encryption; // true of false + int snmp3auth; // snmp3_none, snmp3_md5 or snmp3_sha + char authPass[128]; + int snmp3priv; // snmp3_none, snmp3_des, snmp3_3des, snmp3_aes123(192 or 256) + char privPass[128]; + char acl[65]; + int group; + struct snmpUser *next; +}; + +// SNMP Group +struct snmpGroup +{ + char groupName[65]; + int version; // snmp1, snmp2c... + char readView[65]; + char writeView[65]; + char notifyView[65]; + char context[65]; + char acl[65]; + struct snmpGroup *next; +}; + + +// SNMP Host +struct snmpHost +{ + char host[32]; + char community[64]; + int version; // snmp1, snmp2c... + int weak; + int dictionary; + struct snmpHost *next; +}; + +// SNMP +struct snmpConfig +{ + int enabled; // true or false + char tftpServerList[32]; + char contact[64]; + char location[64]; + int trapTimeout; + char trapSource[32]; + struct snmpCommunity *community; + struct snmpGroup *group; + struct snmpUser *user; + struct snmpView *view; + struct snmpTrap *trap; + struct snmpHost *host; +}; + + +// Process SNMP +void processSnmp(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct snmpCommunity *communityPointer = 0; + struct snmpViewItem *snmpViewItemPointer = 0; + struct snmpView *snmpViewPointer = 0; + struct snmpGroup *snmpGroupPointer = 0; + struct snmpUser *snmpUserPointer = 0; + struct snmpTrap *snmpTrapPointer = 0; + struct snmpHost *snmpHostPointer = 0; + struct ciscoCommand command; + char tempString[nipper->maxSize]; + int tempInt = 0; + int setting = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("SNMP Line: %s\n", line); + } + + // Init + command = splitLine(line); + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 2; + } + else + { + setting = true; + tempInt = 1; + } + + // Check to see if SNMP already exists + if (nipper->ios->snmp == 0) + { + nipper->ios->snmp = malloc(sizeof(struct snmpConfig)); + memset(nipper->ios->snmp, 0, sizeof(struct snmpConfig)); + + // Init + nipper->ios->snmp->enabled = true; + nipper->ios->snmp->trapTimeout = 30; + } + + // Is SNMP disabled / enabled? + if (command.parts == tempInt) + nipper->ios->snmp->enabled = setting; + + // snmp contact info? + else if (strcmp(command.part[tempInt], "contact") == 0) + strncpy(nipper->ios->snmp->contact, line + 20, sizeof(nipper->ios->snmp->contact)); + + // snmp location info? + else if (strcmp(command.part[tempInt], "location") == 0) + strncpy(nipper->ios->snmp->location, line + 21, sizeof(nipper->ios->snmp->location)); + + // Trap Timeout + else if (strcmp(command.part[tempInt], "trap-timeout") == 0) + nipper->ios->snmp->trapTimeout = atoi(command.part[tempInt+1]); + + // Trap Interface + else if (strcmp(command.part[tempInt], "trap-source") == 0) + strncpy(nipper->ios->snmp->trapSource, command.part[tempInt+1], sizeof(nipper->ios->snmp->trapSource) - 1); + + // tftp server access list? + else if (strcmp(command.part[tempInt], "tftp-server-list") == 0) + strncpy(nipper->ios->snmp->tftpServerList, command.part[tempInt+1], sizeof(nipper->ios->snmp->tftpServerList) - 1); + + // snmp view? + else if (strcmp(command.part[tempInt], "view") == 0) + { + tempInt++; + + // Is this the first view? + if (nipper->ios->snmp->view == 0) + { + // create structure... + nipper->ios->snmp->view = malloc(sizeof(struct snmpView)); + memset(nipper->ios->snmp->view, 0, sizeof(struct snmpView)); + snmpViewPointer = nipper->ios->snmp->view; + + // init + snmpViewPointer->viewItem = 0; + strncpy(snmpViewPointer->viewName, command.part[tempInt], sizeof(snmpViewPointer->viewName) - 1); + } + + else + { + // Search for existing view name + snmpViewPointer = nipper->ios->snmp->view; + while ((snmpViewPointer->next != 0) && (strcmp(snmpViewPointer->viewName, command.part[tempInt]) != 0)) + snmpViewPointer = snmpViewPointer->next; + + // Do we need to create a new view? + if (strcmp(snmpViewPointer->viewName, command.part[tempInt]) != 0) + { + // create structure... + snmpViewPointer->next = malloc(sizeof(struct snmpView)); + memset(snmpViewPointer->next, 0, sizeof(struct snmpView)); + + // Sort out pointers + snmpViewPointer = snmpViewPointer->next; + + // init + snmpViewPointer->viewItem = 0; + strncpy(snmpViewPointer->viewName, command.part[tempInt], sizeof(snmpViewPointer->viewName) - 1); + } + } + tempInt++; + + // Is it the first view item? + if (snmpViewPointer->viewItem == 0) + { + snmpViewPointer->viewItem = malloc(sizeof(struct snmpViewItem)); + memset(snmpViewPointer->viewItem, 0, sizeof(struct snmpViewItem)); + snmpViewItemPointer = snmpViewPointer->viewItem; + } + else + { + // Find last view item + snmpViewItemPointer = snmpViewPointer->viewItem; + while (snmpViewItemPointer->next != 0) + snmpViewItemPointer = snmpViewItemPointer->next; + + // create view item structure & sort pointers + snmpViewItemPointer->next = malloc(sizeof(struct snmpViewItem)); + memset(snmpViewItemPointer->next, 0, sizeof(struct snmpViewItem)); + snmpViewItemPointer = snmpViewItemPointer->next; + } + + // Set view item + strncpy(snmpViewItemPointer->mibId, command.part[tempInt], sizeof(snmpViewItemPointer->mibId) - 1); + tempInt++; + + // Include? + if ((strcmp(command.part[tempInt], "include") == 0) || (strcmp(command.part[tempInt], "included") == 0)) + snmpViewItemPointer->include = true; + else + snmpViewItemPointer->include = false; + } + + // snmp community? + else if (strcmp(command.part[tempInt], "community") == 0) + { + tempInt++; + + // If first community... + if (nipper->ios->snmp->community == 0) + { + // Reserve memory... + nipper->ios->snmp->community = malloc(sizeof(struct snmpCommunity)); + communityPointer = nipper->ios->snmp->community; + } + else + { + // Find last... + communityPointer = nipper->ios->snmp->community; + while (communityPointer->next != 0) + communityPointer = communityPointer->next; + + // Reserve memory... + communityPointer->next = malloc(sizeof(struct snmpCommunity)); + communityPointer = communityPointer->next; + } + + // Init community struct... + memset(communityPointer, 0, sizeof(struct snmpCommunity)); + communityPointer->readonly = true; + communityPointer->enabled = setting; + communityPointer->weak = false; + communityPointer->dictionary = false; + + // Set community string... + strncpy(communityPointer->community, command.part[tempInt], sizeof(communityPointer->community) - 1); + tempInt++; + + // Check strength / dictionary... + if (simplePassword(communityPointer->community, nipper) == true) + { + nipper->simplePasswords++; + communityPointer->dictionary = true; + } + if (passwordStrength(communityPointer->community, nipper) == false) + { + nipper->passwordStrengths++; + communityPointer->weak = true; + } + + // Get options... + while (tempInt < command.parts) + { + + // If view exists, get it... + if (strcmp(command.part[tempInt], "view") == 0) + { + tempInt++; + // Get view name... + strncpy(communityPointer->viewName, command.part[tempInt], sizeof(communityPointer->viewName) - 1); + } + + // RO + else if (strcasecmp(command.part[tempInt], "ro") == 0) + communityPointer->readonly = true; + + // RW + else if (strcasecmp(command.part[tempInt], "rw") == 0) + communityPointer->readonly = false; + + // IPV6 + else if (strcmp(command.part[tempInt], "ipv6") == 0) + tempInt++; + + // ACL + else + strncpy(communityPointer->accessList, command.part[tempInt], sizeof(communityPointer->accessList) - 1); + + // Increment part pointer... + tempInt++; + } + } + + // snmp trap? + else if ((strcmp(command.part[tempInt], "enable") == 0) && (strcmp(command.part[tempInt+1], "traps") == 0)) + { + tempInt += 2; + + // Is the first trap + if (nipper->ios->snmp->trap == 0) + { + // Create... + nipper->ios->snmp->trap = malloc(sizeof(struct snmpTrap)); + snmpTrapPointer = nipper->ios->snmp->trap; + } + else + { + // Find last trap + snmpTrapPointer = nipper->ios->snmp->trap; + while (snmpTrapPointer->next != 0) + snmpTrapPointer = snmpTrapPointer->next; + + // Create... + snmpTrapPointer->next = malloc(sizeof(struct snmpTrap)); + snmpTrapPointer = snmpTrapPointer->next; + } + + // Init... + memset(snmpTrapPointer, 0, sizeof(struct snmpTrap)); + + // Get traps... + sprintf(tempString, "%s", command.part[tempInt]); + tempInt++; + while (tempInt < command.parts) + { + if (strcmp(command.part[tempInt], "vrrp") != 0) + sprintf(tempString, "%s %s", tempString, command.part[tempInt]); + tempInt++; + } + strncpy(snmpTrapPointer->trap, tempString, sizeof(snmpTrapPointer->trap) - 1); + snmpTrapPointer->enabled = setting; + } + + // snmp host? + else if (strcmp(command.part[tempInt], "host") == 0) + { + tempInt++; + + // First host... + if (nipper->ios->snmp->host == 0) + { + // Create... + nipper->ios->snmp->host = malloc(sizeof(struct snmpHost)); + snmpHostPointer = nipper->ios->snmp->host; + } + else + { + // Find last host... + snmpHostPointer = nipper->ios->snmp->host; + while (snmpHostPointer->next != 0) + snmpHostPointer = snmpHostPointer->next; + + // Create... + snmpHostPointer->next = malloc(sizeof(struct snmpHost)); + snmpHostPointer = snmpHostPointer->next; + } + + // Init... + memset(snmpHostPointer, 0, sizeof(struct snmpHost)); + snmpHostPointer->version = snmp1; + snmpHostPointer->dictionary = false; + snmpHostPointer->weak = false; + + // Host / IP + strncpy(snmpHostPointer->host, command.part[tempInt], sizeof(snmpHostPointer->host) - 1); + tempInt++; + + // Get remaining options and community string + setting = false; + while ((tempInt < command.parts) && (setting == false)) + { + + // VRF... + if (strcmp(command.part[tempInt], "vrf") == 0) + tempInt++; + + // TRAPS / INFORMS... + else if ((strcmp(command.part[tempInt], "traps") == 0) || (strcmp(command.part[tempInt], "informs") == 0)) + { } + + // SNMP version... + else if (strcmp(command.part[tempInt], "version") == 0) + { + tempInt++; + + // Version 1 + if (strcmp(command.part[tempInt], "1") == 0) + snmpHostPointer->version = snmp1; + + // Version 2c + else if (strcmp(command.part[tempInt], "2c") == 0) + snmpHostPointer->version = snmp2c; + + // Version 3 + else if (strcmp(command.part[tempInt], "3") == 0) + { + snmpHostPointer->version = snmp3_no_auth; + + // SNMP auth option + if (strcmp(command.part[tempInt+1], "auth") == 0) + { + snmpHostPointer->version = snmp3_auth; + tempInt++; + } + else if (strcmp(command.part[tempInt+1], "noauth") == 0) + { + snmpHostPointer->version = snmp3_no_auth; + tempInt++; + } + else if (strcmp(command.part[tempInt+1], "priv") == 0) + { + snmpHostPointer->version = snmp3_priv; + tempInt++; + } + } + } + + else + { + setting = true; + strncpy(snmpHostPointer->community, command.part[tempInt], sizeof(snmpHostPointer->host) - 1); + } + + // Increment part pointer + tempInt++; + } + + // Check strength / dictionary + if (simplePassword(snmpHostPointer->community, nipper) == true) + { + nipper->simplePasswords++; + snmpHostPointer->dictionary = true; + } + if (passwordStrength(snmpHostPointer->community, nipper) == false) + { + nipper->passwordStrengths++; + snmpHostPointer->weak = true; + } + } + + // SNMP Group... + else if (strcmp(command.part[tempInt], "group") == 0) + { + tempInt++; + + // If this is the first... + if (nipper->ios->snmp->group == 0) + { + // Create... + nipper->ios->snmp->group = malloc(sizeof(struct snmpGroup)); + snmpGroupPointer = nipper->ios->snmp->group; + } + else + { + // Find last group... + snmpGroupPointer = nipper->ios->snmp->group; + while (snmpGroupPointer->next != 0) + snmpGroupPointer = snmpGroupPointer->next; + + // Create... + snmpGroupPointer->next = malloc(sizeof(struct snmpGroup)); + snmpGroupPointer = snmpGroupPointer->next; + } + + // Init... + memset(snmpGroupPointer, 0, sizeof(struct snmpGroup)); + strcpy(snmpGroupPointer->readView, "MIB OID 1.3.6.1"); + + // Group Name... + strncpy(snmpGroupPointer->groupName, command.part[tempInt], sizeof(snmpGroupPointer->groupName) - 1); + tempInt++; + + // Version... + if (strcmp(command.part[tempInt], "v1") == 0) + snmpGroupPointer->version = snmp1; + else if (strcmp(command.part[tempInt], "v2c") == 0) + snmpGroupPointer->version = snmp2c; + else if (strcmp(command.part[tempInt], "v3") == 0) + { + tempInt++; + if (strcmp(command.part[tempInt], "auth") == 0) + snmpGroupPointer->version = snmp3_auth; + else if (strcmp(command.part[tempInt], "noauth") == 0) + snmpGroupPointer->version = snmp3_no_auth; + else if (strcmp(command.part[tempInt], "priv") == 0) + snmpGroupPointer->version = snmp3_priv; + } + tempInt++; + + // Get Options + while (tempInt < command.parts) + { + // Read + if (strcmp(command.part[tempInt], "read") == 0) + { + tempInt++; + strncpy(snmpGroupPointer->readView, command.part[tempInt], sizeof(snmpGroupPointer->readView) - 1); + } + + // Write + else if (strcmp(command.part[tempInt], "write") == 0) + { + tempInt++; + strncpy(snmpGroupPointer->writeView, command.part[tempInt], sizeof(snmpGroupPointer->writeView) - 1); + } + + // Notify + else if (strcmp(command.part[tempInt], "notify") == 0) + { + tempInt++; + strncpy(snmpGroupPointer->notifyView, command.part[tempInt], sizeof(snmpGroupPointer->notifyView) - 1); + } + + // Context + else if (strcmp(command.part[tempInt], "context") == 0) + { + tempInt++; + strncpy(snmpGroupPointer->context, command.part[tempInt], sizeof(snmpGroupPointer->context) - 1); + } + + // ACL + else if (strcmp(command.part[tempInt], "access") == 0) + { + tempInt++; + if (strcmp(command.part[tempInt], "ipv6") == 0) + tempInt += 2; + strncpy(snmpGroupPointer->acl, command.part[tempInt], sizeof(snmpGroupPointer->acl) - 1); + } + + // Increment part pointer + tempInt++; + } + } + + // SNMP User... + else if (strcmp(command.part[tempInt], "user") == 0) + { + tempInt++; + + // If this is the first user in the group + if (nipper->ios->snmp->user == 0) + { + // Create... + nipper->ios->snmp->user = malloc(sizeof(struct snmpUser)); + snmpUserPointer = nipper->ios->snmp->user; + } + else + { + // Find last group... + snmpUserPointer = nipper->ios->snmp->user; + while (snmpUserPointer->next != 0) + snmpUserPointer = snmpUserPointer->next; + + // Create... + snmpUserPointer->next = malloc(sizeof(struct snmpUser)); + snmpUserPointer = snmpUserPointer->next; + } + + // Init... + memset(snmpUserPointer, 0, sizeof(struct snmpUser)); + snmpUserPointer->encryption = false; + snmpUserPointer->snmp3priv = snmp3_none; + snmpUserPointer->snmp3auth = snmp3_none; + + // User + strncpy(snmpUserPointer->userName, command.part[tempInt], sizeof(snmpUserPointer->userName) - 1); + tempInt++; + + // Group + strncpy(snmpUserPointer->groupName, command.part[tempInt], sizeof(snmpUserPointer->groupName) - 1); + tempInt++; + + // Skip some options + while ((tempInt < command.parts) && (strcmp(command.part[tempInt], "v1") != 0) && (strcmp(command.part[tempInt], "v2c") != 0) && (strcmp(command.part[tempInt], "v3") != 0)) + tempInt++; + + // SNMP version + if (strcmp(command.part[tempInt], "v1") == 0) + snmpUserPointer->version = snmp1; + else if (strcmp(command.part[tempInt], "v2c") == 0) + snmpUserPointer->version = snmp2c; + else if (strcmp(command.part[tempInt], "v3") == 0) + snmpUserPointer->version = snmp3_no_auth; + tempInt++; + + while (tempInt < command.parts) + { + // Encrypted? + if (strcmp(command.part[tempInt], "encrypted") == 0) + snmpUserPointer->encryption = true; + + // Auth? + else if (strcmp(command.part[tempInt], "auth") == 0) + { + snmpUserPointer->version = snmp3_auth; + tempInt++; + + // Algo... + if (strcmp(command.part[tempInt], "md5") == 0) + snmpUserPointer->snmp3auth = snmp3_md5; + else if (strcmp(command.part[tempInt], "sha") == 0) + snmpUserPointer->snmp3auth = snmp3_sha; + tempInt++; + + // Auth Password + strncpy(snmpUserPointer->authPass, command.part[tempInt], sizeof(snmpUserPointer->authPass) - 1); + } + + // Access? + else if (strcmp(command.part[tempInt], "access") == 0) + { + tempInt++; + + // Check for ipv6 + if (strcmp(command.part[tempInt], "ipv6") == 0) + tempInt +=2; + + // Check for Priv + if (strcmp(command.part[tempInt], "priv") == 0) + { + snmpUserPointer->version = snmp3_priv; + tempInt++; + + // Enc... + if (strcmp(command.part[tempInt], "des") == 0) + snmpUserPointer->snmp3priv = snmp3_des; + else if (strcmp(command.part[tempInt], "3des") == 0) + snmpUserPointer->snmp3priv = snmp3_3des; + else if (strcmp(command.part[tempInt], "des56") == 0) + snmpUserPointer->snmp3priv = snmp3_des56; + else if (strcmp(command.part[tempInt], "aes") == 0) + { + tempInt++; + if (strcmp(command.part[tempInt], "128") == 0) + snmpUserPointer->snmp3priv = snmp3_aes128; + else if (strcmp(command.part[tempInt], "192") == 0) + snmpUserPointer->snmp3priv = snmp3_aes192; + else if (strcmp(command.part[tempInt], "256") == 0) + snmpUserPointer->snmp3priv = snmp3_aes256; + } + tempInt++; + + // Priv Password + strncpy(snmpUserPointer->privPass, command.part[tempInt], sizeof(snmpUserPointer->privPass) - 1); + tempInt++; + } + + // ACL + strncpy(snmpUserPointer->acl, command.part[tempInt], sizeof(snmpUserPointer->acl) - 1); + } + + // Increment part pointer + tempInt++; + } + } +} diff --git a/0.11.10/IOS/.svn/text-base/process-ssh.c.svn-base b/0.11.10/IOS/.svn/text-base/process-ssh.c.svn-base new file mode 100644 index 0000000..c3cf3cb --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-ssh.c.svn-base @@ -0,0 +1,120 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +#define ssh_ver_unconfigured 0 +#define ssh_ver_1 1 +#define ssh_ver_2 2 + + +// SSH +struct sshConfig +{ + int enabled; // true, false + int protocolVersion; // ssh_ver_unconfigured, ssh_ver_1, ssh_ver_2 + int timeout; + int retries; + struct netInterface *interface; +}; + + +// Process SSH +void processSsh(char *line, struct nipperConfig *nipper) +{ + // Variables + struct netInterface *interfacePointer = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("SSH Line: %s\n", line); + } + + // Check to see if SSH already exists + if (nipper->ios->ssh == 0) + { + nipper->ios->ssh = malloc(sizeof(struct sshConfig)); + memset(nipper->ios->ssh, 0, sizeof(struct sshConfig)); + + // Init + nipper->ios->ssh->enabled = true; + nipper->ios->ssh->protocolVersion = ssh_ver_unconfigured; + nipper->ios->ssh->timeout = -1; + nipper->ios->ssh->retries = -1; + nipper->ios->ssh->interface = 0; + } + + // No SSH :-( + if (strncmp(line, "no ip ssh", 9) == 0) + nipper->ios->ssh->enabled = false; + + // Retries + else if (strncmp(line, "ip ssh authentication-retries ", 30) == 0) + nipper->ios->ssh->retries = atoi(line + 30); + + // Timeout + else if (strncmp(line, "ip ssh time-out ", 16) == 0) + nipper->ios->ssh->timeout = atoi(line + 16); + + // Protocol Version + else if (strncmp(line, "ip ssh version ", 15) == 0) + { + switch (atoi(line + 15)) + { + case 1: + nipper->ios->ssh->protocolVersion = ssh_ver_1; + break; + + case 2: + nipper->ios->ssh->protocolVersion = ssh_ver_2; + break; + + default: + nipper->ios->ssh->protocolVersion = ssh_ver_unconfigured; + break; + } + } + + // Check for interface + else if (strncmp(line, "ip ssh source-interface ", 24) == 0) + { + // Allocate struct + interfacePointer = malloc(sizeof(struct netInterface)); + memset(interfacePointer, 0, sizeof(struct netInterface)); + + // Pointers + interfacePointer->next = nipper->ios->ssh->interface; + nipper->ios->ssh->interface = interfacePointer; + + // Copy interface + strncpy(interfacePointer->interface, line + 24, sizeof(interfacePointer->interface)); + } +} + diff --git a/0.11.10/IOS/.svn/text-base/process-tacacs.c.svn-base b/0.11.10/IOS/.svn/text-base/process-tacacs.c.svn-base new file mode 100644 index 0000000..bf68d7c --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-tacacs.c.svn-base @@ -0,0 +1,129 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// TACACS config +struct tacacsConfig +{ + char key[128]; + char keyEncrypted[128]; + int encryption; + int weak; + int dictionary; + struct host *host; +}; + + +// Process TACACS +void processTacacs(char *line, struct nipperConfig *nipper) +{ + // Variables + struct host *tacacsHostPointer = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("TACACS Line: %s\n", line); + } + + // Create logging structure + if (nipper->ios->tacacs == 0) + { + nipper->ios->tacacs = malloc(sizeof(struct tacacsConfig)); + memset(nipper->ios->tacacs, 0, sizeof(struct tacacsConfig)); + + // init + strcpy(nipper->ios->tacacs->key, ""); + nipper->ios->tacacs->host = 0; + nipper->ios->tacacs->dictionary = false; + nipper->ios->tacacs->weak = false; + } + + // Key... + if (strncmp("tacacs-server key ", line, 18) == 0) + { + switch (line[18]) + { + case '7': + nipper->ios->tacacs->encryption = encrypt_type7; + if (password7(line+20, nipper->ios->tacacs->key, sizeof(nipper->ios->tacacs->key), nipper->debugMode) != 0) + strcpy(nipper->ios->tacacs->key, ""); + strncpy(nipper->ios->tacacs->keyEncrypted, line + 20, sizeof(nipper->ios->tacacs->keyEncrypted)); + break; + + case '5': + nipper->ios->tacacs->encryption = encrypt_md5; + strcpy(nipper->ios->tacacs->key, ""); + strncpy(nipper->ios->tacacs->keyEncrypted, line + 20, sizeof(nipper->ios->tacacs->keyEncrypted)); + addJohnPassword(nipper, "tacacs", nipper->ios->tacacs->keyEncrypted); + break; + + case '0': + nipper->ios->tacacs->encryption = encrypt_none; + strncpy(nipper->ios->tacacs->key, line + 20, sizeof(nipper->ios->tacacs->key)); + strcpy(nipper->ios->tacacs->keyEncrypted, ""); + break; + + default: + nipper->ios->tacacs->encryption = encrypt_none; + strncpy(nipper->ios->tacacs->key, line + 18, sizeof(nipper->ios->tacacs->key)); + strcpy(nipper->ios->tacacs->keyEncrypted, ""); + break; + } + if ((strcmp(nipper->ios->tacacs->key, "") != 0) && (strlen(nipper->ios->tacacs->key) != 0)) + { + if (simplePassword(nipper->ios->tacacs->key, nipper) == true) + { + nipper->simplePasswords++; + nipper->ios->tacacs->dictionary = true; + } + if (passwordStrength(nipper->ios->tacacs->key, nipper) == false) + { + nipper->passwordStrengths++; + nipper->ios->tacacs->weak = true; + } + } + } + + // Host... + else if (strncmp("tacacs-server host ", line, 19) == 0) + { + // Create struct + tacacsHostPointer = malloc(sizeof(struct host)); + memset(tacacsHostPointer, 0, sizeof(struct host)); + + // Pointers + tacacsHostPointer->next = nipper->ios->tacacs->host; + nipper->ios->tacacs->host = tacacsHostPointer; + + // Copy host + strncpy(tacacsHostPointer->server, line + 19, sizeof(tacacsHostPointer->server)); + } +} diff --git a/0.11.10/IOS/.svn/text-base/process-username.c.svn-base b/0.11.10/IOS/.svn/text-base/process-username.c.svn-base new file mode 100644 index 0000000..555c6f4 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-username.c.svn-base @@ -0,0 +1,146 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Username +struct usernameList +{ + char username[128]; + char password[128]; + char passwordEncrypted[128]; + int secret; // true or false + int privilage; + int encryption; // encrypt_type7, encrypt_md5... + int weak; + int dictionary; + struct usernameList *next; +}; + + +// Process Username +void processUsername(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + struct usernameList *usernamePointer = 0; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Username Line: %s\n", line); + } + + // Create structure + usernamePointer = malloc(sizeof(struct usernameList)); + memset(usernamePointer, 0, sizeof(struct usernameList)); + + // Sort out pointers + usernamePointer->next = nipper->ios->username; + nipper->ios->username = usernamePointer; + + // Init + command = splitLine(line); + tempInt = 1; + usernamePointer->weak = false; + usernamePointer->dictionary = false; + + // username + strncpy(usernamePointer->username, command.part[tempInt], sizeof(usernamePointer->username)); + tempInt++; + + // privilage + if (strncmp(command.part[tempInt], "privilege", 9) == 0) + { + tempInt++; + usernamePointer->privilage = atoi(command.part[tempInt]); + tempInt++; + } + else + usernamePointer->privilage = 1; + + // secret + if (strncmp(command.part[tempInt], "secret", 6) == 0) + usernamePointer->secret = true; + + else + usernamePointer->secret = false; + tempInt++; + + switch(command.part[tempInt][0]) + { + case '7': + usernamePointer->encryption = encrypt_type7; + if (password7(command.part[command.parts - 1], usernamePointer->password, sizeof(usernamePointer->password), nipper->debugMode) != 0) + strcpy(usernamePointer->password, ""); + strncpy(usernamePointer->passwordEncrypted, command.part[command.parts - 1], sizeof(usernamePointer->passwordEncrypted)); + break; + case '5': + usernamePointer->encryption = encrypt_md5; + strcpy(usernamePointer->password, ""); + strncpy(usernamePointer->passwordEncrypted, command.part[command.parts - 1], sizeof(usernamePointer->passwordEncrypted)); + addJohnPassword(nipper, usernamePointer->username , usernamePointer->passwordEncrypted); + break; + case '0': + usernamePointer->encryption = encrypt_none; + strncpy(usernamePointer->password, command.part[command.parts - 1], sizeof(usernamePointer->password)); + strcpy(usernamePointer->passwordEncrypted, ""); + break; + default: + if (command.parts == 4) + { + usernamePointer->encryption = encrypt_none; + strncpy(usernamePointer->password, command.part[command.parts - 1], sizeof(usernamePointer->password)); + strcpy(usernamePointer->passwordEncrypted, ""); + } + else + { + usernamePointer->encryption = encrypt_unknown; + strcpy(usernamePointer->password, ""); + strncpy(usernamePointer->passwordEncrypted, command.part[command.parts - 1], sizeof(usernamePointer->passwordEncrypted)); + } + break; + } + if ((strcmp(usernamePointer->password, "") != 0) && (strlen(usernamePointer->password) != 0)) + { + if (simplePassword(usernamePointer->password, nipper) == true) + { + nipper->simplePasswords++; + usernamePointer->dictionary = true; + } + if (passwordStrength(usernamePointer->password, nipper) == false) + { + nipper->passwordStrengths++; + usernamePointer->weak = true; + } + } +} + + diff --git a/0.11.10/IOS/.svn/text-base/process-vtp.c.svn-base b/0.11.10/IOS/.svn/text-base/process-vtp.c.svn-base new file mode 100644 index 0000000..ab12d39 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/process-vtp.c.svn-base @@ -0,0 +1,71 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process VTP +void processVTP(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("VTP Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // VTP server + if ((strcmp(command.part[1], "server") == 0) || ((strcmp(command.part[1], "mode") == 0) && (strcmp(command.part[2], "server") == 0))) + nipper->ios->vtpMode = vtp_mode_server; + + // VTP client + else if ((strcmp(command.part[1], "client") == 0) || ((strcmp(command.part[1], "mode") == 0) && (strcmp(command.part[2], "client") == 0))) + nipper->ios->vtpMode = vtp_mode_client; + + // VTP transparent + else if ((strcmp(command.part[1], "transparent") == 0) || ((strcmp(command.part[1], "mode") == 0) && (strcmp(command.part[2], "transparent") == 0))) + nipper->ios->vtpMode = vtp_mode_transparent; + + // No VTP Mode + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "vtp") == 0) && (strcmp(command.part[2], "mode") == 0)) + nipper->ios->vtpMode = vtp_mode_none; + + // VTP Domain + else if (strcmp(command.part[1], "domain") == 0) + strncpy(nipper->ios->vtpDomain, command.part[2], sizeof(nipper->ios->vtpDomain) -1); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} + diff --git a/0.11.10/IOS/.svn/text-base/report-aaa.c.svn-base b/0.11.10/IOS/.svn/text-base/report-aaa.c.svn-base new file mode 100644 index 0000000..6ec34d5 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-aaa.c.svn-base @@ -0,0 +1,92 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosAAAConfig(struct nipperConfig *nipper) +{ + // Variables... + struct aaaGroupServer *aaaGroupPointer = 0; + struct aaaServer *aaaServerPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + aaaGroupPointer = nipper->ios->aaa->groupServer; + while (aaaGroupPointer != 0) + { + switch (aaaGroupPointer->type) + { + case aaa_radius: + sprintf(tempString, "%s %s %s", settings_aaa_table1, aaaGroupPointer->username, settings_aaa_table2); + addAbbreviation("RADIUS", false); + break; + case aaa_tacacs: + sprintf(tempString, "%s %s %s", settings_aaa_table1, aaaGroupPointer->username, settings_aaa_table3); + addAbbreviation("TACACS", false); + break; + case aaa_kerberos: + sprintf(tempString, "%s %s %s", settings_aaa_table1, aaaGroupPointer->username, settings_aaa_table4); + break; + } + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_aaa_heading); + aaaServerPointer = aaaGroupPointer->server; + while (aaaServerPointer != 0) + { + outputFriendly(aaaServerPointer->server, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s%d%s%d%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, aaaServerPointer->authPort, nipper->tablerow_mid, aaaServerPointer->acctPort, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(aaaServerPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_mid); + } + switch(aaaServerPointer->encryption) + { + case encrypt_type7: + fprintf(nipper->reportFile, "Type-7%s", nipper->tablerow_end); + break; + case encrypt_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_end); + addAbbreviation("MD5", false); + break; + case encrypt_none: + fprintf(nipper->reportFile, "None%s", nipper->tablerow_end); + break; + case encrypt_unknown: + fprintf(nipper->reportFile, "Unknown%s", nipper->tablerow_end); + break; + } + aaaServerPointer = aaaServerPointer->next; + } + output_table(nipper, false, tempString2, &settings_aaa_heading); + aaaGroupPointer = aaaGroupPointer->next; + } + addAbbreviation("AAA", false); +} diff --git a/0.11.10/IOS/.svn/text-base/report-access-list.c.svn-base b/0.11.10/IOS/.svn/text-base/report-access-list.c.svn-base new file mode 100644 index 0000000..3b46321 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-access-list.c.svn-base @@ -0,0 +1,178 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + + +void iosACLConfig(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + struct interfaceConfig *interfaceConfigPointer = 0; + struct lineConfig *linePointer = 0; + + output_parseText(settings_accesslists1, nipper, section_none, rate_none, 0, 0); + output_parseText(settings_accesslists2, nipper, section_none, rate_none, 0, 0); + + // Interfaces with ACL applied + tempInt = 0; + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->accessGroupIn[0] != 0) || (interfaceConfigPointer->accessGroupOut[0] != 0)) + tempInt++; + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (tempInt > 0) + { + output_table(nipper, true, settings_acl_int_table, &settings_aclinter_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->accessGroupIn[0] != 0) || (interfaceConfigPointer->accessGroupOut[0] != 0)) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, interfaceConfigPointer->name, nipper->tablerow_mid); + if (interfaceConfigPointer->shutdown == true) + fprintf(nipper->reportFile, "No%s%s%s", nipper->tablerow_mid, interfaceConfigPointer->ipAddress, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Yes%s%s%s", nipper->tablerow_mid, interfaceConfigPointer->ipAddress, nipper->tablerow_mid); + if (interfaceConfigPointer->accessGroupIn[0] != 0) + fprintf(nipper->reportFile, "%s%s", interfaceConfigPointer->accessGroupIn, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + if (interfaceConfigPointer->accessGroupOut[0] != 0) + fprintf(nipper->reportFile, "%s%s", interfaceConfigPointer->accessGroupOut, nipper->tablerow_end); + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, settings_acl_int_table, &settings_aclinter_heading); + } + + // Lines with ACL applied + tempInt = 0; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if ((linePointer->aclIn[0] != 0) || (linePointer->aclOut[0] != 0)) + tempInt++; + linePointer = linePointer->next; + } + if (tempInt > 0) + { + output_table(nipper, true, settings_acl_line_table, &settings_aclline_heading); + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if ((linePointer->aclIn[0] != 0) || (linePointer->aclOut[0] != 0)) + { + switch (linePointer->lineType) + { + case line_console: + fprintf(nipper->reportFile, "%sConsole%s", nipper->tablerow_start, nipper->tablerow_mid); + break; + case line_aux: + fprintf(nipper->reportFile, "%sAuxiliary%s", nipper->tablerow_start, nipper->tablerow_mid); + break; + case line_vty: + fprintf(nipper->reportFile, "%sVTY%s", nipper->tablerow_start, nipper->tablerow_mid); + addAbbreviation("VTY", false); + break; + case line_tty: + fprintf(nipper->reportFile, "%sTTY%s", nipper->tablerow_start, nipper->tablerow_mid); + addAbbreviation("TTY", false); + break; + } + fprintf(nipper->reportFile, "%d%s", linePointer->lineNumberStart, nipper->tablerow_mid); + if (linePointer->lineNumberEnd == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", linePointer->lineNumberEnd, nipper->tablerow_mid); + switch (linePointer->login) + { + case login_allowed: + fprintf(nipper->reportFile, "Allowed%s", nipper->tablerow_mid); + break; + case login_disabled: + fprintf(nipper->reportFile, "Denied%s", nipper->tablerow_mid); + break; + case login_local: + fprintf(nipper->reportFile, "Local%s", nipper->tablerow_mid); + break; + case login_authentication: + fprintf(nipper->reportFile, "AAA%s", nipper->tablerow_mid); + break; + } + switch (linePointer->exec) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + switch (linePointer->telnet) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + switch (linePointer->ssh) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + if (linePointer->aclIn[0] != 0) + fprintf(nipper->reportFile, "%s%s", linePointer->aclIn, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + if (linePointer->aclOut[0] != 0) + fprintf(nipper->reportFile, "%s%s", linePointer->aclOut, nipper->tablerow_end); + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + } + linePointer = linePointer->next; + } + output_table(nipper, false, settings_acl_line_table, &settings_aclline_heading); + } + + // ACL + reportRules(nipper); +} + diff --git a/0.11.10/IOS/.svn/text-base/report-clock.c.svn-base b/0.11.10/IOS/.svn/text-base/report-clock.c.svn-base new file mode 100644 index 0000000..f4ad5d4 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-clock.c.svn-base @@ -0,0 +1,70 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosTimeZoneConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_timezone_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sTime Zone%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->timeZone, nipper->tablerow_end); + if ((nipper->ios->timeOffsetHours != 0) || (nipper->ios->timeOffsetMins != 0)) + { + fprintf(nipper->reportFile, "%sUTC Offset%s", nipper->tablerow_start, nipper->tablerow_mid); + if (nipper->ios->timeOffsetHours != 0) + { + if (nipper->ios->timeOffsetHours > 0) + fprintf(nipper->reportFile, "+"); + fprintf(nipper->reportFile, "%d hour", nipper->ios->timeOffsetHours); + if ((nipper->ios->timeOffsetHours > 1) || (nipper->ios->timeOffsetHours < -1)) + fprintf(nipper->reportFile, "s"); + if (nipper->ios->timeOffsetMins != 0) + fprintf(nipper->reportFile, " "); + } + if (nipper->ios->timeOffsetMins != 0) + { + fprintf(nipper->reportFile, "%d min", nipper->ios->timeOffsetMins); + if ((nipper->ios->timeOffsetMins > 1) || (nipper->ios->timeOffsetMins < -1)) + fprintf(nipper->reportFile, "s"); + } + fprintf(nipper->reportFile,"%s", nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%sUTC Offset%sNone%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->summerTimeZone[0] != 0) + fprintf(nipper->reportFile, "%sSummer Time Zone%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->timeZone, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSummer Time Zone%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->calendarValid == true) + fprintf(nipper->reportFile, "%sAuthorative Time Source%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sAuthorative Time Source%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_timezone_table, &settings_general_heading); +} + diff --git a/0.11.10/IOS/.svn/text-base/report-debug.c.svn-base b/0.11.10/IOS/.svn/text-base/report-debug.c.svn-base new file mode 100644 index 0000000..f94536f --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-debug.c.svn-base @@ -0,0 +1,700 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void reportIOSDebug(struct nipperConfig *nipper) +{ + // Variables + struct enablePassword *enablePointer = 0; + struct ntpKey *ntpKeyPointer = 0; + struct ntpHost *ntpHostPointer = 0; + struct ntpAccessGroup *ntpAccessPointer = 0; + struct snmpCommunity *communityPointer = 0; + struct snmpViewItem *snmpViewItemPointer = 0; + struct snmpView *snmpViewPointer = 0; + struct snmpGroup *snmpGroupPointer = 0; + struct snmpUser *snmpUserPointer = 0; + struct snmpTrap *snmpTrapPointer = 0; + struct snmpHost *snmpHostPointer = 0; + struct johnPassword *johnPointer = 0; + struct usernameList *usernamePointer = 0; + struct privilageLevels *privilagePointer = 0; + struct host *logServerPointer = 0; + struct host *tacacsHostPointer = 0; + struct aaaGroupServer *aaaGroupServerPointer = 0; + struct aaaServer *aaaServerPointer = 0; + struct netInterface *interfacePointer = 0; + struct interfaceConfig *interfaceConfigPointer = 0; + struct bgpNeighbor *neighborPointer = 0; + struct keyChain *keyChainPointer = 0; + struct keyConfig *keyPointer = 0; + struct lineConfig *linePointer = 0; + struct bannerConfig *bannerPointer = 0; + struct ospfNetworkConfig *ospfNetworkPointer = 0; + struct ospfAreaConfig *ospfAreaPointer = 0; + struct ospfNeighbor *ospfNeighborPointer = 0; + struct ospfConfig *ospfPointer = 0; + struct ospfInterStruct *ospfInterPointer = 0; + struct staticRoute *routePointer = 0; + struct host *dnsPointer = 0; + struct routeMapConfig *routeMapPointer = 0; + struct natConfig *natPointer = 0; + struct host *hostPointer = 0; + struct passiveStruct *passivePointer = 0; + struct eigrpConfig *eigrpPointer = 0; + struct eigrpAutonStruct *eigrpAutonPointer = 0; + struct eigrpNetwork *eigrpNetworkPointer = 0; + struct eigrpNeighbor *eigrpNeighborPointer = 0; + struct bgpConfig *bgpPointer = 0; + struct bgpInterStruct *bgpInterPointer = 0; + struct vrrpStruct *vrrpPointer = 0; + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf("True or Enabled = %d\n", true); + printf("False or Disabled = %d\n", false); + printf("Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + printf("Hostname: %s\n", nipper->hostname); + printf("Domain Name: %s\n", nipper->domainName); + printf("IOS Version: %s\n", nipper->version); + printf("IOS Version: %d.%d\n", nipper->versionMajor, nipper->versionMinor); + printf("IP Source Routing: %d\n", nipper->ios->sourceRouting); + printf("Service Password Encryption: %d\n", nipper->ios->servicePasswordEncryption); + printf("TCP Small Servers: %d\n", nipper->ios->tcpSmallServers); + printf("UDP Small Servers: %d\n", nipper->ios->udpSmallServers); + printf("Finger: %d\n", nipper->ios->finger); + printf("CDP: %d\n", nipper->ios->cdp); + printf("PAD: %d\n", nipper->ios->pad); + printf("CEF: %d\n", nipper->ios->cef); + printf("Bootp: %d\n", nipper->ios->bootp); + printf("Network Boot: %d\n", nipper->ios->bootNetwork); + printf("Service Config: %d\n", nipper->ios->serviceConfig); + printf("IP Classless Routing: %d\n", nipper->ios->classlessRouting); + printf("TCP Keep Alives In: %d\n", nipper->ios->keepAlivesIn); + printf("TCP Keep Alives Out: %d\n", nipper->ios->keepAlivesOut); + printf("Domain Lookup: %d\n", nipper->ios->domainLookup); + printf("Gratuitous ARPs: %d\n", nipper->ios->gratuitousArps); + printf("Clock Authorative: %d\n", nipper->ios->calendarValid); + printf("Summer Time Zone: %s\n", nipper->ios->summerTimeZone); + printf("Time Zone: %s\n", nipper->ios->timeZone); + printf("UTC Offset (Hours): %d\n", nipper->ios->timeOffsetHours); + printf("UTC Offset (Mins): %d\n", nipper->ios->timeOffsetMins); + printf("Minimum Password Length: %d\n", nipper->ios->passwordMinLength); + printf("VTP Mode: %d\n", nipper->ios->vtpMode); + printf("VTP Domain: %s\n", nipper->ios->vtpDomain); + printf("Number of weak passwords / keys: %d\n", nipper->passwordStrengths); + printf("Number of dictionary-based passwords / keys: %d\n", nipper->simplePasswords); + + // DNS Servers + dnsPointer = nipper->ios->dns; + while (dnsPointer != 0) + { + printf("DNS Server: %s\n", dnsPointer->server); + dnsPointer = dnsPointer->next; + } + + // SSH + if (nipper->ios->ssh != 0) + { + printf("SSH Enabled: %d\n", nipper->ios->ssh->enabled); + printf(" SSH Protocol Version: %d\n", nipper->ios->ssh->protocolVersion); + printf(" SSH Login Timeout: %d\n", nipper->ios->ssh->timeout); + printf(" SSH Login Retries: %d\n", nipper->ios->ssh->retries); + interfacePointer = nipper->ios->ssh->interface; + while (interfacePointer != 0) + { + printf(" SSH Server Interface: %s\n", interfacePointer->interface); + interfacePointer = interfacePointer->next; + } + } + + // NAT + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + printf("NAT Inside: %d\n", natPointer->inside); + printf(" NAT Type: %d\n", natPointer->type); + printf(" NAT From: %s\n", natPointer->local); + printf(" NAT From Port: %d\n", natPointer->localPort); + printf(" NAT To: %s\n", natPointer->global); + printf(" NAT To Port: %d\n", natPointer->globalPort); + printf(" NAT Mask: %s\n", natPointer->mask); + printf(" NAT Interface No.: %d\n", natPointer->interNumber); + printf(" NAT Pool: %d\n", natPointer->pool); + printf(" NAT IPSec-ESP: %d\n", natPointer->ipSecESP); + printf(" NAT Route Map: %d\n", natPointer->routeMap); + printf(" NAT TCP: %d\n", natPointer->tcp); + printf(" NAT Interface: %d\n", natPointer->inter); + natPointer = natPointer->next; + } + + // HTTP + if (nipper->ios->http != 0) + { + printf("HTTP Enabled: %d\n", nipper->ios->http->enabled); + printf(" HTTP Authentication: %d\n", nipper->ios->http->authentication); + printf(" HTTP Access-Class: %s\n", nipper->ios->http->accessClass); + } + + // Enable + enablePointer = nipper->ios->enable; + while (enablePointer != 0) + { + printf("Enable Level: %d\n", enablePointer->level); + printf(" Encryption Type: %d\n", enablePointer->encryption); + printf(" Secret?: %d\n", enablePointer->secret); + printf(" Password: %s\n", enablePointer->password); + printf(" Password Encrypted: %s\n", enablePointer->passwordEncrypted); + printf(" Weak Password: %d\n", enablePointer->weak); + printf(" Dictionary Password: %d\n", enablePointer->dictionary); + enablePointer = enablePointer->next; + } + + // Username + usernamePointer = nipper->ios->username; + while (usernamePointer != 0) + { + printf("Username: %s\n", usernamePointer->username); + printf(" Encryption Type: %d\n", usernamePointer->encryption); + printf(" Secret?: %d\n", usernamePointer->secret); + printf(" Privilage Level: %d\n", usernamePointer->privilage); + printf(" Password: %s\n", usernamePointer->password); + printf(" Password Encrypted: %s\n", usernamePointer->passwordEncrypted); + printf(" Weak Password: %d\n", usernamePointer->weak); + printf(" Dictionary Password: %d\n", usernamePointer->dictionary); + usernamePointer = usernamePointer->next; + } + + // Privilage + privilagePointer = nipper->ios->privilage; + while (privilagePointer != 0) + { + printf("Privilage Level: %d\n", privilagePointer->level); + printf(" Privilage Command: %s\n", privilagePointer->command); + privilagePointer = privilagePointer->next; + } + + // Banner + bannerPointer = nipper->ios->banner; + while (bannerPointer != 0) + { + printf("Banner: %s\n", bannerPointer->line); + bannerPointer = bannerPointer->next; + } + + // Logging + if (nipper->ios->logging != 0) + { + printf("Logging: %d\n", nipper->ios->logging->logging); + printf(" Log Enable: %d\n", nipper->ios->logging->logEnable); + printf(" Console Logging: %d\n", nipper->ios->logging->consoleLogging); + printf(" Console Level: %d\n", nipper->ios->logging->consoleLevel); + printf(" Monitor Logging: %d\n", nipper->ios->logging->monitorLogging); + printf(" Monitor Level: %d\n", nipper->ios->logging->monitorLevel); + printf(" Buffered Logging: %d\n", nipper->ios->logging->bufferedLogging); + printf(" Buffered Level: %d\n", nipper->ios->logging->bufferLevel); + printf(" Buffered Size: %d\n", nipper->ios->logging->bufferSize); + printf(" Syslog Level: %d\n", nipper->ios->logging->loggingTrap); + printf(" Syslog Facility: %s\n", nipper->ios->logging->facility); + printf(" Syslog Count: %d\n", nipper->ios->logging->logCount); + printf(" Syslog Origin ID: %s\n", nipper->ios->logging->originId); + printf(" Syslog Source Interface: %s\n", nipper->ios->logging->sourceInterface); + logServerPointer = nipper->ios->logging->logServer; + while (logServerPointer != 0) + { + printf(" Syslog Logging Server: %s\n", logServerPointer->server); + logServerPointer = logServerPointer->next; + } + } + + // Routing + if (nipper->ios->route != 0) + { + routePointer = nipper->ios->route; + while (routePointer != 0) + { + printf("Static Route\n"); + printf(" IP Address: %s\n", routePointer->ipAddress); + printf(" Net Mask: %s\n", routePointer->netMask); + printf(" Gateway: %s\n", routePointer->gateway); + routePointer = routePointer->next; + } + } + routeMapPointer = nipper->ios->routeMap; + while (routeMapPointer != 0) + { + printf("Route Map: %s\n", routeMapPointer->mapTag); + printf(" Sequence No.: %d\n", routeMapPointer->sequenceNo); + printf(" Permission: %d\n", routeMapPointer->permission); + routeMapPointer = routeMapPointer->next; + } + eigrpPointer = nipper->ios->eigrp; + while (eigrpPointer != 0) + { + printf("EIGRP Autonomous No: %d\n", eigrpPointer->process); + printf(" EIGRP Router ID: %s\n", eigrpPointer->routerId); + printf(" EIGRP Maximum Hops: %d\n", eigrpPointer->maximumHops); + printf(" EIGRP Stub: %d\n", eigrpPointer->stub); + printf(" EIGRP Auto Summary: %d\n", eigrpPointer->autoSummary); + printf(" EIGRP Internal Distance: %d\n", eigrpPointer->internalDistance); + printf(" EIGRP External Distance: %d\n", eigrpPointer->externalDistance); + printf(" EIGRP Log Neighbor Changes: %d\n", eigrpPointer->logNeighborChanges); + printf(" EIGRP Log Neighbor Warnings: %d\n", eigrpPointer->logNeighborWarnings); + eigrpNetworkPointer = eigrpPointer->network; + while (eigrpNetworkPointer != 0) + { + printf(" EIGRP Network IP Address: %s\n", eigrpNetworkPointer->ipAddress); + printf(" EIGRP NetMask: %s\n", eigrpNetworkPointer->netMask); + eigrpNetworkPointer = eigrpNetworkPointer->next; + } + eigrpNeighborPointer = eigrpPointer->neighbor; + while (eigrpNeighborPointer != 0) + { + printf(" EIGRP Neighbor IP Address: %s\n", eigrpNeighborPointer->ipAddress); + printf(" EIGRP NetMask: %s\n", eigrpNeighborPointer->interface); + eigrpNeighborPointer = eigrpNeighborPointer->next; + } + passivePointer = eigrpPointer->passive; + while (passivePointer != 0) + { + printf(" EIGRP Passive Interface: %s\n", passivePointer->interface); + printf(" Passive: %d\n", passivePointer->passive); + passivePointer = passivePointer->next; + } + eigrpPointer = eigrpPointer->next; + } + bgpPointer = nipper->ios->bgp; + while (bgpPointer != 0) + { + printf("BGP Autonomous No: %d\n", bgpPointer->autonomousNo); + printf(" BGP Log Changes: %d\n", bgpPointer->logNeighborChanges); + printf(" BGP Dampening: %d\n", bgpPointer->dampening); + printf(" BGP Default Passive: %d\n", bgpPointer->defaultPassive); + passivePointer = bgpPointer->passive; + while (passivePointer != 0) + { + printf(" BGP Passive Interface: %s\n", passivePointer->interface); + printf(" Passive: %d\n", passivePointer->passive); + passivePointer = passivePointer->next; + } + neighborPointer = bgpPointer->neighbor; + while (neighborPointer != 0) + { + printf(" BGP Neighbor: %s\n", neighborPointer->host); + printf(" BGP Neighbor Description: %s\n", neighborPointer->description); + printf(" BGP Password Encryption Type: %d\n", neighborPointer->encryption); + printf(" BGP Password: %s\n", neighborPointer->password); + printf(" BGP Password Encrypted: %s\n", neighborPointer->passwordEncrypted); + printf(" BGP Neighbor Password: %s\n", neighborPointer->password); + printf(" BGP Weak Password: %d\n", neighborPointer->weak); + printf(" BGP Dictionary Password: %d\n", neighborPointer->dictionary); + printf(" BGP Neighbor Autonomous No: %d\n", neighborPointer->autonomousNo); + printf(" BGP Neighbor TTL Hops: %d\n", neighborPointer->ttlHops); + neighborPointer = neighborPointer->next; + } + bgpPointer = bgpPointer->next; + } + if (nipper->ios->rip != 0) + { + printf("RIP Version: %d\n", nipper->ios->rip->version); + printf("RIP Auto Summary: %d\n", nipper->ios->rip->autoSummary); + printf("RIP Default Route: %d\n", nipper->ios->rip->defaultRoute); + printf("RIP Default Route Map: %s\n", nipper->ios->rip->defaultRouteMap); + printf("RIP Default Metric: %d\n", nipper->ios->rip->defaultMetric); + printf("RIP Input Queue: %d\n", nipper->ios->rip->inputQueue); + printf("RIP Output Delay: %d\n", nipper->ios->rip->outputDelay); + printf("RIP Validate Update Source: %d\n", nipper->ios->rip->validateUpdateSource); + printf("RIP Default Passive: %d\n", nipper->ios->rip->defaultPassive); + hostPointer = nipper->ios->rip->neighbor; + while (hostPointer != 0) + { + printf("RIP Neighbor: %s\n", hostPointer->server); + hostPointer = hostPointer->next; + } + hostPointer = nipper->ios->rip->network; + while (hostPointer != 0) + { + printf("RIP Network: %s\n", hostPointer->server); + hostPointer = hostPointer->next; + } + passivePointer = nipper->ios->rip->passive; + while (passivePointer != 0) + { + printf("RIP Passive Interface: %s\n", passivePointer->interface); + printf(" Passive: %d\n", passivePointer->passive); + passivePointer = passivePointer->next; + } + } + ospfPointer = nipper->ios->ospf; + while (ospfPointer != 0) + { + printf("OSPF Process ID: %d\n", ospfPointer->processID); + ospfNetworkPointer = nipper->ios->ospf->ospfNetwork; + while (ospfNetworkPointer != 0) + { + printf(" OSPF Network: %s\n", ospfNetworkPointer->network); + printf(" OSPF Network Mask: %s\n", ospfNetworkPointer->networkMask); + printf(" OSPF Area ID: %s\n", ospfNetworkPointer->areaID); + ospfNetworkPointer = ospfNetworkPointer->next; + } + ospfAreaPointer = nipper->ios->ospf->ospfArea; + while (ospfNetworkPointer != 0) + { + printf(" OSPF Area ID: %s\n", ospfAreaPointer->areaID); + printf(" OSPF Area Authentication: %d\n", ospfAreaPointer->areaAuth); + printf(" OSPF Area Default Cost: %d\n", ospfAreaPointer->defaultCost); + ospfAreaPointer = ospfAreaPointer->next; + } + ospfNeighborPointer = nipper->ios->ospf->neighbor; + while (ospfNeighborPointer != 0) + { + printf(" OSPF Neighbor: %s\n", ospfNeighborPointer->host); + printf(" OSPF Neighbor Priority: %d\n", ospfNeighborPointer->priority); + printf(" OSPF Neighbor Poll Interval: %d\n", ospfNeighborPointer->pollInterval); + printf(" OSPF Neighbor Cost: %d\n", ospfNeighborPointer->costNumber); + printf(" OSPF Neighbor Database Filter: %d\n", ospfNeighborPointer->databaseFilter); + ospfNeighborPointer = ospfNeighborPointer->next; + } + ospfPointer = ospfPointer->next; + } + + // TACACS + if (nipper->ios->tacacs != 0) + { + printf("TACACS Key: %s\n", nipper->ios->tacacs->key); + printf(" TACACS Encrypted Key: %s\n", nipper->ios->tacacs->keyEncrypted); + printf(" TACACS Encryption Type: %d\n", nipper->ios->tacacs->encryption); + printf(" TACACS Weak Password: %d\n", nipper->ios->tacacs->weak); + printf(" TACACS Dictionary Password: %d\n", nipper->ios->tacacs->dictionary); + tacacsHostPointer = nipper->ios->tacacs->host; + while (tacacsHostPointer != 0) + { + printf("TACACS Server: %s\n", tacacsHostPointer->server); + tacacsHostPointer = tacacsHostPointer->next; + } + } + + // AAA + if (nipper->ios->aaa != 0) + { + aaaGroupServerPointer = nipper->ios->aaa->groupServer; + while (aaaGroupServerPointer != 0) + { + printf("AAA Group Server Type: %d\n", aaaGroupServerPointer->type); + printf("AAA Group Server Username: %s\n", aaaGroupServerPointer->username); + aaaServerPointer = aaaGroupServerPointer->server; + while (aaaServerPointer != 0) + { + printf(" AAA Server: %s\n", aaaServerPointer->server); + printf(" AAA Auth Port: %d\n", aaaServerPointer->authPort); + printf(" AAA Acct Port: %d\n", aaaServerPointer->acctPort); + printf(" AAA Key: %s\n", aaaServerPointer->key); + printf(" AAA Encrypted Key: %s\n", aaaServerPointer->keyEncrypted); + printf(" AAA Encryption: %d\n", aaaServerPointer->encryption); + printf(" AAA Weak Password: %d\n", aaaServerPointer->weak); + printf(" AAA Dictionary Password: %d\n", aaaServerPointer->dictionary); + aaaServerPointer = aaaServerPointer->next; + } + aaaGroupServerPointer = aaaGroupServerPointer->next; + } + } + + // NTP + if (nipper->ios->ntp != 0) + { + printf("NTP Enabled: %d\n", nipper->ios->ntp->enabled); + printf(" NTP Master: %d\n", nipper->ios->ntp->master); + ntpHostPointer = nipper->ios->ntp->server; + while (ntpHostPointer != 0) + { + printf(" NTP Server: %s\n", ntpHostPointer->ntpHost); + printf(" NTP Server Key Num: %d\n", ntpHostPointer->keyNum); + ntpHostPointer = ntpHostPointer->next; + } + ntpHostPointer = nipper->ios->ntp->peer; + while (ntpHostPointer != 0) + { + printf(" NTP Peer: %s\n", ntpHostPointer->ntpHost); + printf(" NTP Peer Key Num: %d\n", ntpHostPointer->keyNum); + ntpHostPointer = ntpHostPointer->next; + } + ntpAccessPointer = nipper->ios->ntp->access; + while (ntpAccessPointer != 0) + { + printf(" Access Type: %d\n", ntpAccessPointer->accessType); + printf(" Access List: %s\n", ntpAccessPointer->accessList); + ntpAccessPointer = ntpAccessPointer->next; + } + ntpKeyPointer = nipper->ios->ntp->key; + while (ntpKeyPointer != 0) + { + printf("NTP Key Num: %d\n", ntpKeyPointer->keyNum); + printf(" NTP Key: %s\n", ntpKeyPointer->key); + printf(" NTP Key Trusted: %d\n", ntpKeyPointer->trusted); + printf(" NTP Weak Password: %d\n", ntpKeyPointer->weak); + printf(" NTP Dictionary Password: %d\n", ntpKeyPointer->dictionary); + ntpKeyPointer = ntpKeyPointer->next; + } + } + + // SNMP + if (nipper->ios->snmp != 0) + { + printf("SNMP Enabled: %d\n", nipper->ios->snmp->enabled); + printf("SNMP TFTP Server Access List: %s\n", nipper->ios->snmp->tftpServerList); + printf("SNMP Contact: %s\n", nipper->ios->snmp->contact); + printf("SNMP Location: %s\n", nipper->ios->snmp->location); + printf("SNMP Trap Timeout: %d\n", nipper->ios->snmp->trapTimeout); + printf("SNMP Trap Source: %s\n", nipper->ios->snmp->trapSource); + communityPointer = nipper->ios->snmp->community; + while (communityPointer != 0) + { + printf("SNMP Community String: %s\n", communityPointer->community); + printf(" SNMP Weak Password: %d\n", communityPointer->weak); + printf(" SNMP Dictionary Password: %d\n", communityPointer->dictionary); + printf(" SNMP Read-Only: %d\n", communityPointer->readonly); + printf(" SNMP Community Enabled: %d\n", communityPointer->enabled); + printf(" SNMP Access List: %s\n", communityPointer->accessList); + communityPointer = communityPointer->next; + } + snmpGroupPointer = nipper->ios->snmp->group; + while (snmpGroupPointer != 0) + { + printf("SNMP Group: %s\n", snmpGroupPointer->groupName); + printf(" SNMP Version: %d\n", snmpGroupPointer->version); + printf(" SNMP Read View: %s\n", snmpGroupPointer->readView); + printf(" SNMP Write View: %s\n", snmpGroupPointer->writeView); + printf(" SNMP Notify View: %s\n", snmpGroupPointer->writeView); + printf(" SNMP Context: %s\n", snmpGroupPointer->context); + printf(" SNMP ACL: %s\n", snmpGroupPointer->acl); + snmpGroupPointer = snmpGroupPointer->next; + } + snmpUserPointer = nipper->ios->snmp->user; + while (snmpUserPointer != 0) + { + printf("SNMP User: %s\n", snmpUserPointer->userName); + printf(" SNMP User Auth Pass: %s\n", snmpUserPointer->authPass); + printf(" SNMP User Priv Pass: %s\n", snmpUserPointer->privPass); + printf(" SNMP Group Name: %s\n", snmpUserPointer->groupName); + printf(" In Group: %d\n", snmpUserPointer->group); + snmpUserPointer = snmpUserPointer->next; + } + snmpViewPointer = nipper->ios->snmp->view; + while (snmpViewPointer != 0) + { + printf("SNMP View: %s\n", snmpViewPointer->viewName); + snmpViewItemPointer = snmpViewPointer->viewItem; + while (snmpViewItemPointer != 0) + { + printf(" SNMP View MIB Item: %s\n", snmpViewItemPointer->mibId); + printf(" SNMP View Item Include: %d\n", snmpViewItemPointer->include); + snmpViewItemPointer = snmpViewItemPointer->next; + } + snmpViewPointer = snmpViewPointer->next; + } + snmpTrapPointer = nipper->ios->snmp->trap; + while (snmpTrapPointer != 0) + { + printf("SNMP Trap: %s\n", snmpTrapPointer->trap); + snmpTrapPointer = snmpTrapPointer->next; + } + snmpHostPointer = nipper->ios->snmp->host; + while (snmpHostPointer != 0) + { + printf("SNMP Host: %s\n", snmpHostPointer->host); + printf(" SNMP Host Community: %s\n", snmpHostPointer->community); + printf(" SNMP Host Version: %d\n", snmpHostPointer->version); + printf(" SNMP Weak Password: %d\n", snmpHostPointer->weak); + printf(" SNMP Dictionary Password: %d\n", snmpHostPointer->dictionary); + snmpHostPointer = snmpHostPointer->next; + } + } + + // Key Chains and Keys + keyChainPointer = nipper->ios->chain; + while (keyChainPointer != 0) + { + printf("KEY CHAIN: %s\n", keyChainPointer->name); + keyPointer = keyChainPointer->key; + while (keyPointer != 0) + { + printf(" KEY NUMBER: %d\n", keyPointer->keyNumber); + printf(" KEY: %s\n", keyPointer->key); + printf(" KEY Weak Password: %d\n", keyPointer->weak); + printf(" KEY Dictionary Password: %d\n", keyPointer->dictionary); + keyPointer = keyPointer->next; + } + keyChainPointer = keyChainPointer->next; + } + + // FTP + if (nipper->ios->ftp != 0) + { + printf("FTP Username: %s\n", nipper->ios->ftp->username); + printf(" FTP Password: %s\n", nipper->ios->ftp->password); + printf(" FTP Password Encrypted: %s\n", nipper->ios->ftp->passwordEncrypted); + printf(" FTP Encryption: %d\n", nipper->ios->ftp->encryption); + printf(" FTP Weak Password: %d\n", nipper->ios->ftp->weak); + printf(" FTP Dictionary Password: %d\n", nipper->ios->ftp->dictionary); + interfacePointer = nipper->ios->ftp->interface; + while (interfacePointer != 0) + { + printf("FTP Server Interface: %s\n", interfacePointer->interface); + interfacePointer = interfacePointer->next; + } + } + + // Line + linePointer = nipper->ios->line; + while (linePointer != 0) + { + printf("Line Start: %d\n", linePointer->lineNumberStart); + printf("Line End: %d\n", linePointer->lineNumberEnd); + printf(" Line Type: %d\n", linePointer->lineType); + printf(" Line Login: %d\n", linePointer->login); + printf(" Line Authorization: %d\n", linePointer->authorization); + printf(" Line Accounting: %d\n", linePointer->accounting); + printf(" Line ACL In: %s\n", linePointer->aclIn); + printf(" Line ACL Out: %s\n", linePointer->aclOut); + printf(" Line Timeout: %d\n", linePointer->timeout); + printf(" Line Exec Timeout: %d\n", linePointer->execTimeout); + printf(" Line Session Timeout: %d\n", linePointer->sessionTimeout); + printf(" Line Absolute Timeout: %d\n", linePointer->absoluteTimeout); + printf(" Line Exec: %d\n", linePointer->exec); + printf(" Line Callback: %d\n", linePointer->callback); + printf(" Line Password: %s\n", linePointer->password); + printf(" Line Password Encrypted: %s\n", linePointer->passwordEncrypted); + printf(" Line Password Encryption: %d\n", linePointer->encryption); + printf(" Line Weak Password: %d\n", linePointer->weak); + printf(" Line Dictionary Password: %d\n", linePointer->dictionary); + printf(" Line Transport SSH: %d\n", linePointer->ssh); + printf(" Line Transport Telnet: %d\n", linePointer->telnet); + linePointer = linePointer->next; + } + + // Interfaces + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + printf("Interface: %s\n", interfaceConfigPointer->name); + printf(" Description: %s\n", interfaceConfigPointer->description); + printf(" IP Address: %s\n", interfaceConfigPointer->ipAddress); + printf(" Access Group (In): %s\n", interfaceConfigPointer->accessGroupIn); + printf(" Access Group (Out): %s\n", interfaceConfigPointer->accessGroupOut); + printf(" Proxy ARP: %d\n", interfaceConfigPointer->proxyArp); + printf(" NTP: %d\n", interfaceConfigPointer->ntp); + printf(" MOP: %d\n", interfaceConfigPointer->mop); + printf(" IP Unreachables: %d\n", interfaceConfigPointer->ipUnreachables); + printf(" IP Redirects: %d\n", interfaceConfigPointer->ipRedirects); + printf(" IP Mask Reply: %d\n", interfaceConfigPointer->ipMaskReply); + printf(" IP Direct Broadcast: %d\n", interfaceConfigPointer->ipDirectBroadcast); + printf(" CDP: %d\n", interfaceConfigPointer->cdp); + printf(" uRPF: %d\n", interfaceConfigPointer->uRPF); + printf(" Shutdown: %d\n", interfaceConfigPointer->shutdown); + printf(" RIP Auth Mode: %d\n", interfaceConfigPointer->ripAuthMode); + printf(" RIP Key Chain: %s\n", interfaceConfigPointer->ripKeyChain); + printf(" RIP Send Version: %d\n", interfaceConfigPointer->ripSendVersion); + printf(" RIP Receive Version: %d\n", interfaceConfigPointer->ripReceiveVersion); + printf(" RIP Triggered: %d\n", interfaceConfigPointer->ripTriggered); + printf(" RIP v2 Broadcast: %d\n", interfaceConfigPointer->ripV2Broadcast); + printf(" RIP Passive: %d\n", interfaceConfigPointer->ripPassive); + eigrpAutonPointer = interfaceConfigPointer->eigrp; + while (eigrpAutonPointer != 0) + { + printf(" EIGRP Auto No: %d\n", eigrpAutonPointer->autonomousNo); + printf(" Key Chain: %s\n", eigrpAutonPointer->keyChain); + printf(" MD5 Auth: %d\n", eigrpAutonPointer->md5Auth); + printf(" Bandwidth: %d\n", eigrpAutonPointer->bandwidth); + printf(" Passive: %d\n", eigrpAutonPointer->passive); + eigrpAutonPointer = eigrpAutonPointer->next; + } + bgpInterPointer = interfaceConfigPointer->bgp; + while (bgpInterPointer != 0) + { + printf(" BGP Auto No: %d\n", bgpInterPointer->autonomousNo); + printf(" Passive: %d\n", bgpInterPointer->passive); + bgpInterPointer = bgpInterPointer->next; + } + ospfInterPointer = interfaceConfigPointer->ospf; + while (ospfInterPointer != 0) + { + printf(" OSPF Process ID: %d\n", ospfInterPointer->processID); + printf(" Passive: %d\n", ospfInterPointer->passive); + ospfInterPointer = ospfInterPointer->next; + } + vrrpPointer = interfaceConfigPointer->vrrp; + while (vrrpPointer != 0) + { + printf(" VRRP Group: %d\n", vrrpPointer->group); + printf(" Description: %s\n", vrrpPointer->description); + printf(" Authentication: %d\n", vrrpPointer->authentication); + printf(" Key Chain: %d\n", vrrpPointer->keyChain); + printf(" Auth String: %s\n", vrrpPointer->authString); + printf(" Encrypted Auth String: %s\n", vrrpPointer->authStringEnc); + printf(" Weak Password: %d\n", vrrpPointer->weak); + printf(" Dictionay Password: %d\n", vrrpPointer->dictionary); + printf(" IP Address: %s\n", vrrpPointer->ipAddress); + printf(" IP Address (Secondary): %s\n", vrrpPointer->ipAddress2); + printf(" Priority Level: %d\n", vrrpPointer->priorityLevel); + printf(" Shutdown: %d\n", vrrpPointer->shutdown); + vrrpPointer = vrrpPointer->next; + } + printf(" Switchport Mode: %d\n", interfaceConfigPointer->switchportMode); + printf(" Switchport VLAN: %d\n", interfaceConfigPointer->switchportVLAN); + printf(" Switchport Port Security: %d\n", interfaceConfigPointer->switchportSecurity); + printf(" Switchport Port Security Violation: %d\n", interfaceConfigPointer->switchportViolation); + printf(" OSPF Auth: %d\n", interfaceConfigPointer->ospfAuthentication); + printf(" OSPF Auth Key: %s\n", interfaceConfigPointer->ospfKey); + printf(" OSPF Flood Reduction: %d\n", interfaceConfigPointer->ospfFloodReduction); + printf(" OSPF Network: %d\n", interfaceConfigPointer->ospfNetwork); + interfaceConfigPointer = interfaceConfigPointer->next; + } + + // Filter Rules... + reportRulesDebug(nipper); + + // John-the-ripper + if (nipper->john != 0) + { + printf("\n%sJohn-the-ripper Output\n======================%s\n", COL_BLUE, RESET); + johnPointer = nipper->john; + while (johnPointer != 0) + { + printf("Username: %s\n", johnPointer->username); + printf(" Password: %s\n", johnPointer->password); + johnPointer = johnPointer->next; + } + } +} + + diff --git a/0.11.10/IOS/.svn/text-base/report-dns.c.svn-base b/0.11.10/IOS/.svn/text-base/report-dns.c.svn-base new file mode 100644 index 0000000..c4fb924 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-dns.c.svn-base @@ -0,0 +1,79 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosDNSConfig(struct nipperConfig *nipper) +{ + // Variables... + struct host *dnsPointer = 0; + char tempString[nipper->maxSize]; + int tempInt = 0; + + output_table(nipper, true, settings_dns_table, &settings_general_heading); + if (nipper->domainName[0] != 0) + { + outputFriendly(nipper->domainName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sDomain Name%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if (nipper->ios->domainLookup == false) + fprintf(nipper->reportFile, "%sDomain Lookup%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sDomain Lookup%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + tempInt = 1; + dnsPointer = nipper->ios->dns; + while (dnsPointer != 0) + { + fprintf(nipper->reportFile, "%sDNS Server %d%s%s%s", nipper->tablerow_start, tempInt, nipper->tablerow_mid, dnsPointer->server, nipper->tablerow_end); + tempInt++; + dnsPointer = dnsPointer->next; + } + output_table(nipper, false, settings_dns_table, &settings_general_heading); +} + + +void iosDomainLookupIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + if (nipper->ios->dns == 0) + tempInt = 1; + else + tempInt = 2; + output_parseText(report_lookup_obs, nipper, section_obs, rate_none, tempInt, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_lookup_impact, nipper, section_imp, rate_low, tempInt, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_lookup_ease, nipper, section_ease, rate_trivial, tempInt, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_lookup_rec, nipper, section_rec, rate_none, tempInt, nipper->tableNum); + output_endsection(nipper, section_rec); +} diff --git a/0.11.10/IOS/.svn/text-base/report-ftp.c.svn-base b/0.11.10/IOS/.svn/text-base/report-ftp.c.svn-base new file mode 100644 index 0000000..77c3b0a --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-ftp.c.svn-base @@ -0,0 +1,81 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosFTPConfig(struct nipperConfig *nipper) +{ + // Variables... + struct netInterface *interfacePointer = 0; + char tempString[nipper->maxSize]; + + if (nipper->ios->ftp->username[0] != 0) + { + output_table(nipper, true, settings_ftp_table, &settings_general_heading); + outputFriendly(nipper->ios->ftp->username, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sFTP Username%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + if (nipper->passwords == true) + { + outputFriendly(nipper->ios->ftp->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sFTP Password%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + switch(nipper->ios->ftp->encryption) + { + case encrypt_type7: + fprintf(nipper->reportFile, "%sPassword Encryption Type%sType-7%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case encrypt_md5: + fprintf(nipper->reportFile, "%sPassword Encryption Type%sMD5%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case encrypt_none: + fprintf(nipper->reportFile, "%sPassword Encryption Type%sNone%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case encrypt_unknown: + fprintf(nipper->reportFile, "%sPassword Encryption Type%sUnknown%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + output_table(nipper, false, settings_ftp_table, &settings_general_heading); + } + addAbbreviation("FTP", false); + + // Show FTP interfaces + if (nipper->ios->ftp->interface != 0) + { + output_table(nipper, true, settings_ftpint_table, &settings_sshint_heading); + interfacePointer = nipper->ios->ftp->interface; + while (interfacePointer != 0) + { + outputFriendly(interfacePointer->interface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_end); + interfacePointer = interfacePointer->next; + } + output_table(nipper, false, settings_ftpint_table, &settings_sshint_heading); + } +} diff --git a/0.11.10/IOS/.svn/text-base/report-general.c.svn-base b/0.11.10/IOS/.svn/text-base/report-general.c.svn-base new file mode 100644 index 0000000..38808f7 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-general.c.svn-base @@ -0,0 +1,427 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + + +void iosGeneralConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_general_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sHostname%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->friendlyHostname, nipper->tablerow_end); + if (nipper->version[0] != 0) + fprintf(nipper->reportFile, "%sIOS Version%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->version, nipper->tablerow_end); + if (nipper->ios->servicePasswordEncryption == false) + fprintf(nipper->reportFile, "%sService Password Encryption%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sService Password Encryption%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if ((nipper->versionMajor == 12) && (nipper->versionMinor > 2)) + { + if (nipper->ios->passwordMinLength == 0) + fprintf(nipper->reportFile, "%sMinimum Password Length%sNone%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sMinimum Password Length%s%d characters%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->passwordMinLength, nipper->tablerow_end); + } + if (nipper->deviceType == type_ios_router) + { + if (nipper->ios->sourceRouting == false) + fprintf(nipper->reportFile, "%sIP Source Routing%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sIP Source Routing%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + } + if (nipper->ios->bootp == unconfigured) + fprintf(nipper->reportFile, "%sBOOTP%sUnconfigured%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->ios->bootp == false) + fprintf(nipper->reportFile, "%sBOOTP%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sBOOTP%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->serviceConfig == unconfigured) + fprintf(nipper->reportFile, "%sService Config%sUnconfigured%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->ios->serviceConfig == false) + fprintf(nipper->reportFile, "%sService Config%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sService Config%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->keepAlivesIn == false) + fprintf(nipper->reportFile, "%sTCP Keep Alives (In)%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sTCP Keep Alives (In)%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->keepAlivesOut == false) + fprintf(nipper->reportFile, "%sTCP Keep Alives (Out)%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sTCP Keep Alives (Out)%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->deviceType == type_ios_router) + { + if (nipper->ios->cef == false) + fprintf(nipper->reportFile, "%sCisco Express Forwarding%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sCisco Express Forwarding%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + addAbbreviation("CEF", false); + } + if ((nipper->versionMajor > 11) || ((nipper->versionMajor == 11) && (nipper->versionMinor > 2))) + { + if (nipper->ios->gratuitousArps == false) + fprintf(nipper->reportFile, "%sGratuitous ARPs%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sGratuitous ARPs%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + addAbbreviation("ARP", false); + } + if (nipper->deviceType == type_ios_router) + { + if (nipper->ios->classlessRouting == false) + fprintf(nipper->reportFile, "%sClassless Routing%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sClassless Routing%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + } + output_table(nipper, false, settings_general_table, &settings_general_heading); + addAbbreviation("IOS", false); + addAbbreviation("IP", false); + addAbbreviation("BOOTP", false); + addAbbreviation("UTC", false); +} + + +void iosServicesConfig(struct nipperConfig *nipper) +{ + // Variables... + struct lineConfig *linePointer = 0; + int tempInt = 0; + + output_table(nipper, true, settings_services_table, &report_services_heading); + tempInt = 0; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if (linePointer->telnet == true) + tempInt++; + linePointer = linePointer->next; + } + switch (tempInt) + { + case 0: + fprintf(nipper->reportFile, "%sTelnet%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + default: + fprintf(nipper->reportFile, "%sTelnet%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + if (nipper->versionMajor >= 12) + { + if (nipper->ios->line != 0) + { + tempInt = 0; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if (linePointer->ssh == true) + tempInt++; + linePointer = linePointer->next; + } + } + switch (tempInt) + { + case 0: + fprintf(nipper->reportFile, "%sSSH%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + default: + fprintf(nipper->reportFile, "%sSSH%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + addAbbreviation("SSH", false); + } + if (nipper->ios->http != 0) + { + switch (nipper->ios->http->enabled) + { + case true: + fprintf(nipper->reportFile, "%sHTTP%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case false: + fprintf(nipper->reportFile, "%sHTTP%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + } + else + fprintf(nipper->reportFile, "%sHTTP%sUnconfigured%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + switch (nipper->ios->finger) + { + case unconfigured: + fprintf(nipper->reportFile, "%sFinger%sUnconfigured%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case false: + fprintf(nipper->reportFile, "%sFinger%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case true: + fprintf(nipper->reportFile, "%sFinger%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + switch (nipper->ios->tcpSmallServers) + { + case false: + fprintf(nipper->reportFile, "%sTCP Small Services%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case true: + fprintf(nipper->reportFile, "%sTCP Small Services%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + switch (nipper->ios->udpSmallServers) + { + case false: + fprintf(nipper->reportFile, "%sUDP Small Services%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case true: + fprintf(nipper->reportFile, "%sUDP Small Services%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + if (nipper->ios->ntp != 0) + { + if (nipper->ios->ntp->enabled == true) + fprintf(nipper->reportFile, "%sNTP%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sNTP%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + } + if (nipper->ios->snmp != 0) + { + if (nipper->ios->snmp->enabled == true) + fprintf(nipper->reportFile, "%sSNMP%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSNMP%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + } + if (nipper->ios->cdp == false) + fprintf(nipper->reportFile, "%sCDP%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sCDP%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->pad == true) + fprintf(nipper->reportFile, "%sPAD%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sPAD%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_services_table, &report_services_heading); + addAbbreviation("CDP", false); + addAbbreviation("PAD", false); + addAbbreviation("NTP", false); + addAbbreviation("SNMP", false); + addAbbreviation("UDP", false); + addAbbreviation("TCP", false); + addAbbreviation("HTTP", false); +} + + +void iosVulnIssue(struct nipperConfig *nipper) +{ + // Variables... + struct vulnerability *vulnPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_osver_obs1, nipper, section_obs, rate_none, nipper->vulnIssues, nipper->tableNum); + if (nipper->vulnIssues > 1) + { + output_table(nipper, true, report_osver_table, &report_osver_heading); + vulnPointer = &report_vuln_ios; + while (vulnPointer->next != 0) + { + if (vulnPointer->include == true) + { + outputFriendly(vulnPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s%s%s", vulnPointer->cve, nipper->tablerow_mid, vulnPointer->bid, nipper->tablerow_end); + } + vulnPointer = vulnPointer->next; + } + output_table(nipper, false, report_osver_table, &report_osver_heading); + output_parseText(report_osver_obs2, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + } + else if (nipper->vulnIssues > 0) + { + output_parseText(report_osver_obs3, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + vulnPointer = &report_vuln_ios; + while (vulnPointer->next != 0) + { + if (vulnPointer->include == true) + { + outputFriendly(vulnPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "\"%s\" (", tempString); + if (vulnPointer->cve[0] != 0) + fprintf(nipper->reportFile, "CVE reference %s", vulnPointer->cve); + if ((vulnPointer->cve[0] != 0) && (vulnPointer->bid[0] != 0)) + fprintf(nipper->reportFile, " and "); + if (vulnPointer->bid[0] != 0) + fprintf(nipper->reportFile, " Bugtraq ID %s", vulnPointer->bid); + fprintf(nipper->reportFile, ")."); + } + vulnPointer = vulnPointer->next; + } + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_parseText(report_osver_obs2, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + } + output_endsection(nipper, section_obs); + if (nipper->vulnIssues > 0) + { + output_parseText(report_osver_impact1, nipper, section_imp, rate_high, nipper->vulnIssues, nipper->tableNum -1); + if ((nipper->vulnIssueDos == true) && (nipper->vulnIssueRemote == true)) + output_parseText(report_osver_impact2, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + else if (nipper->vulnIssueDos == true) + output_parseText(report_osver_impact3, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + else if (nipper->vulnIssueRemote == true) + output_parseText(report_osver_impact4, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + addAbbreviation("CVE", false); + addAbbreviation("BID", false); + } + else + output_parseText(report_osver_impact5, nipper, section_imp, rate_high, nipper->vulnIssues, nipper->tableNum -1); + output_endsection(nipper, section_imp); + output_parseText(report_osver_ease, nipper, section_ease, rate_trivial, nipper->vulnIssues, nipper->tableNum -1); + output_endsection(nipper, section_ease); + output_parseText(report_osver_rec, nipper, section_rec, rate_none, nipper->vulnIssues, nipper->tableNum -1); + output_endsection(nipper, section_rec); +} + + +void iosAutoConfigIssue(struct nipperConfig *nipper) +{ + output_parseText(report_configauto_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_configauto_impact, nipper, section_imp, rate_high, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_configauto_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_configauto_rec, nipper, section_rec, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosKeepAlivesIssue(struct nipperConfig *nipper) +{ + output_parseText(report_keepalive_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_keepalive_impact, nipper, section_imp, rate_high, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_keepalive_ease, nipper, section_ease, rate_moderate, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_keepalive_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosFingerIssue(struct nipperConfig *nipper) +{ + output_parseText(report_finger_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_finger_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_finger_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_finger_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosPasswordLengthIssue(struct nipperConfig *nipper) +{ + if (nipper->ios->passwordMinLength == 0) + output_parseText(report_passlength_obs, nipper, section_obs, rate_none, -1, nipper->tableNum); + else + output_parseText(report_passlength_obs, nipper, section_obs, rate_none, nipper->ios->passwordMinLength, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_passlength_impact, nipper, section_imp, rate_low, nipper->ios->passwordMinLength, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_passlength_ease, nipper, section_ease, rate_trivial, nipper->ios->passwordMinLength, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_passlength_rec, nipper, section_rec, rate_none, nipper->passwordLength, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosBootPIssue(struct nipperConfig *nipper) +{ + output_parseText(report_bootp_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_bootp_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_bootp_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_bootp_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosSmallServersIssue(struct nipperConfig *nipper) +{ + // Check for IOS version... + int olderIOS = false; + if ((nipper->versionMajor < 11) || ((nipper->versionMajor == 11) && (nipper->versionMinor < 3))) + olderIOS = true; + // Report... + output_parseText(report_small_obs1, nipper, section_obs, rate_none, 0, nipper->tableNum); + if (olderIOS == true) + output_parseText(report_small_obs2, nipper, section_none, rate_none, 0, nipper->tableNum); + else if ((nipper->ios->udpSmallServers == true) && (nipper->ios->tcpSmallServers == true)) + output_parseText(report_small_obs3, nipper, section_none, rate_none, 0, nipper->tableNum); + else if (nipper->ios->tcpSmallServers == true) + output_parseText(report_small_obs4, nipper, section_none, rate_none, 0, nipper->tableNum); + else if (nipper->ios->udpSmallServers == true) + output_parseText(report_small_obs5, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_small_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_small_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_small_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + if ((olderIOS == true) || (nipper->ios->tcpSmallServers == true)) + output_parseText(report_small_rec_tcp, nipper, section_none, rate_none, 0, nipper->tableNum); + if ((olderIOS == true) || (nipper->ios->udpSmallServers == true)) + output_parseText(report_small_rec_udp, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosBannerIssue(struct nipperConfig *nipper) +{ + output_parseText(report_banner_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_banner_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_banner_ease, nipper, section_ease, rate_noease, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_banner_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosPADIssue(struct nipperConfig *nipper) +{ + output_parseText(report_pad_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_pad_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_pad_ease, nipper, section_ease, rate_noease, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_pad_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/IOS/.svn/text-base/report-http.c.svn-base b/0.11.10/IOS/.svn/text-base/report-http.c.svn-base new file mode 100644 index 0000000..78959ed --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-http.c.svn-base @@ -0,0 +1,135 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosHTTPConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_http_table, &settings_general_heading); + if (nipper->ios->http->enabled == true) + fprintf(nipper->reportFile, "%sHTTP Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sHTTP Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + switch(nipper->ios->http->authentication) + { + case http_auth_enable: + fprintf(nipper->reportFile, "%sAuthentication Type%sEnable Password%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case http_auth_aaa: + fprintf(nipper->reportFile, "%sAuthentication Type%sAAA%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + addAbbreviation("AAA", false); + break; + case http_auth_tacacs: + fprintf(nipper->reportFile, "%sAuthentication Type%sTACACS%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + addAbbreviation("TACACS", false); + break; + case http_auth_local: + fprintf(nipper->reportFile, "%sAuthentication Type%sLocal Users%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + if (nipper->ios->http->accessClass[0] == 0) + fprintf(nipper->reportFile, "%sAccess Class (Access List Number)%sUnconfigured%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sAccess Class (Access List Number)%s%s%sn", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->http->accessClass, nipper->tablerow_end); + output_table(nipper, false, settings_http_table, &settings_general_heading); + addAbbreviation("HTTP", false); +} + + +void iosHTTPIssue(struct nipperConfig *nipper) +{ + output_parseText(report_http_obs1, nipper, section_obs, rate_none, 0, nipper->tableNum); + if (nipper->ios->http == 0) + output_parseText(report_http_obs2, nipper, section_none, rate_none, 0, nipper->tableNum); + else if ((nipper->ios->http->authentication == http_auth_enable) && (nipper->ios->http->accessClass == 0)) + output_parseText(report_http_obs3, nipper, section_none, rate_none, 0, nipper->tableNum); + else if (nipper->ios->http->accessClass == 0) + output_parseText(report_http_obs4, nipper, section_none, rate_none, 0, nipper->tableNum); + else if (nipper->ios->http->authentication != http_auth_enable) + output_parseText(report_http_obs5, nipper, section_none, rate_none, 0, nipper->tableNum); + else + output_parseText(report_http_obs6, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_http_impact1, nipper, section_imp, rate_med, 0, nipper->tableNum); + if (nipper->ios->http != 0) + { + if (nipper->ios->http->authentication == http_auth_enable) + output_parseText(report_http_impact2, nipper, section_none, rate_med, 0, nipper->tableNum); + } + else + { + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + } + if (nipper->ios->http != 0) + { + if (nipper->ios->http->accessClass[0] != 0) + output_parseText(report_http_impact3, nipper, section_none, rate_med, 0, nipper->tableNum); + else + { + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + } + } + output_newPara(nipper); + output_endsection(nipper, section_imp); + output_parseText(report_http_ease1, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + if (nipper->ios->http != 0) + { + if (nipper->ios->http->accessClass[0] != 0) + output_parseText(report_http_ease2, nipper, section_none, rate_none, 0, nipper->tableNum); + else + { + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + } + } + else + { + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + } + output_endsection(nipper, section_ease); + output_newPara(nipper); + output_parseText(report_http_rec1, nipper, section_rec, rate_none, 0, nipper->tableNum); + if (nipper->ios->http == 0) + output_parseText(report_http_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + else if (nipper->ios->http->accessClass[0] != 0) + output_parseText(report_http_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + else if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + if (nipper->ios->http == 0) + output_parseText(report_http_rec3, nipper, section_none, rate_none, 0, nipper->tableNum); + else if (nipper->ios->http->authentication == http_auth_enable) + output_parseText(report_http_rec3, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + diff --git a/0.11.10/IOS/.svn/text-base/report-interface.c.svn-base b/0.11.10/IOS/.svn/text-base/report-interface.c.svn-base new file mode 100644 index 0000000..358d41f --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-interface.c.svn-base @@ -0,0 +1,510 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosSwitchportConfig(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + + output_table(nipper, true, settings_switchport_table, &settings_switchport_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((strncasecmp(interfaceConfigPointer->name, "Vlan", 4) != 0) && (strncasecmp(interfaceConfigPointer->name, "Loop", 4) != 0)) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, interfaceConfigPointer->name, nipper->tablerow_mid); + if (interfaceConfigPointer->shutdown == true) + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", interfaceConfigPointer->description, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", interfaceConfigPointer->switchportVLAN, nipper->tablerow_mid); + switch (interfaceConfigPointer->switchportMode) + { + case sp_mode_access: + fprintf(nipper->reportFile, "Access%s", nipper->tablerow_mid); + break; + case sp_mode_trunk: + fprintf(nipper->reportFile, "Trunk%s", nipper->tablerow_mid); + break; + case sp_mode_dynamic: + fprintf(nipper->reportFile, "Dynamic%s", nipper->tablerow_mid); + break; + case sp_mode_dot1qtunnel: + fprintf(nipper->reportFile, "802.1q Tunnel%s", nipper->tablerow_mid); + break; + case sp_mode_pvlan_host: + fprintf(nipper->reportFile, "Host%s", nipper->tablerow_mid); + break; + case sp_mode_pvlan_promiscuous: + fprintf(nipper->reportFile, "Promiscuous%s", nipper->tablerow_mid); + break; + } + if (interfaceConfigPointer->switchportSecurity == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + switch (interfaceConfigPointer->switchportViolation) + { + case sp_violation_shutdown: + fprintf(nipper->reportFile, "Shutdown%s", nipper->tablerow_end); + break; + case sp_violation_restrict: + fprintf(nipper->reportFile, "Restrict%s", nipper->tablerow_end); + break; + case sp_violation_protect: + fprintf(nipper->reportFile, "Protect%s", nipper->tablerow_end); + break; + } + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, settings_switchport_table, &settings_switchport_heading); + addAbbreviation("PVLAN", false); + addAbbreviation("VLAN", false); +} + + +void iosInterfacesConfig(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + + if (nipper->deviceType == type_ios_router) + output_table(nipper, true, settings_inter_table, &settings_interIOS_heading); + else + output_table(nipper, true, settings_inter_table, &settings_interIOSswitch_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, interfaceConfigPointer->name, nipper->tablerow_mid); + if (interfaceConfigPointer->shutdown == true) + fprintf(nipper->reportFile, "No%s%s%s", nipper->tablerow_mid, interfaceConfigPointer->ipAddress, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Yes%s%s%s", nipper->tablerow_mid, interfaceConfigPointer->ipAddress, nipper->tablerow_mid); + if (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) + { + if (interfaceConfigPointer->proxyArp == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + if (interfaceConfigPointer->ipUnreachables == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + if (interfaceConfigPointer->ipRedirects == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + if (interfaceConfigPointer->ipMaskReply == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + if (interfaceConfigPointer->ipDirectBroadcast == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceConfigPointer->ipDirectBroadcast == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Default%s", nipper->tablerow_mid); + if (interfaceConfigPointer->ntp == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + if ((strncmp(interfaceConfigPointer->name,"Loopback", 8) == 0) || (strncmp(interfaceConfigPointer->name, "Vlan", 4) == 0)) + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + else if (interfaceConfigPointer->cdp == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + } + else + { + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + } + if (nipper->deviceType == type_ios_router) + { + if (interfaceConfigPointer->uRPF == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + } + if (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) + { + if ((strncmp(interfaceConfigPointer->name, "Loopback", 8) == 0) || (strchr(interfaceConfigPointer->name, '.') != 0)) + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_end); + else if (interfaceConfigPointer->mop == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_end); + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->deviceType == type_ios_router) + output_table(nipper, false, settings_inter_table, &settings_interIOS_heading); + else + output_table(nipper, false, settings_inter_table, &settings_interIOSswitch_heading); + addAbbreviation("ARP", false); + addAbbreviation("NTP", false); + addAbbreviation("CDP", false); + addAbbreviation("MOP", false); + addAbbreviation("uRPF", false); +} + + +void iosIPDirectedIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_ipdirected_obs, nipper, section_obs, rate_none, nipper->ipDirectedIssues, nipper->tableNum); + if (nipper->ipDirectedIssues == 1) + { + + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipDirectBroadcast == true) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + fprintf(nipper->reportFile, "%s", interfaceConfigPointer->name); + interfaceConfigPointer = interfaceConfigPointer->next; + } + fprintf(nipper->reportFile, "."); + output_newPara(nipper); + } + else + { + output_table(nipper, true, report_ipdirected_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipDirectBroadcast == true) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_ipdirected_table, &report_interface_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_ipdirected_impact, nipper, section_imp, rate_high, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_ipdirected_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_ipdirected_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosTrunkingIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_trunking_obs1, nipper, section_obs, rate_none, nipper->switchportModeIssues, nipper->tableNum); + if (nipper->switchportModeIssues == 1) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->switchportMode != sp_mode_access) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (strncmp(interfaceConfigPointer->name, "Vlan", 4) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s", tempString); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_parseText(report_trunking_obs2, nipper, section_none, rate_none, nipper->switchportModeIssues, nipper->tableNum); + } + else + { + output_table(nipper, true, report_trunking_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->switchportMode != sp_mode_access) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (strncmp(interfaceConfigPointer->name, "Vlan", 4) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_trunking_table, &report_interface_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_trunking_impact, nipper, section_imp, rate_medhigh, nipper->switchportModeIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_trunking_ease, nipper, section_ease, rate_moderate, nipper->switchportModeIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_trunking_rec, nipper, section_rec, rate_none, nipper->switchportModeIssues, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosPortSecurityIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_portsecurity_obs1, nipper, section_obs, rate_none, nipper->switchportIssues, nipper->tableNum); + if (nipper->switchportIssues == 1) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->switchportSecurity == false) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (strncmp(interfaceConfigPointer->name, "Vlan", 4) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s", tempString); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_parseText(report_portsecurity_obs2, nipper, section_none, rate_none, nipper->switchportIssues, nipper->tableNum); + } + else + { + output_table(nipper, true, report_portsecurity_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->switchportSecurity == false) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (strncmp(interfaceConfigPointer->name, "Vlan", 4) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_portsecurity_table, &report_interface_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_portsecurity_impact, nipper, section_imp, rate_medhigh, nipper->switchportIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_portsecurity_ease, nipper, section_ease, rate_moderate, nipper->switchportIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_portsecurity_rec, nipper, section_rec, rate_none, nipper->switchportIssues, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosProxyARPIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_proxyarp_obs, nipper, section_obs, rate_none, nipper->proxyArpIssues, nipper->tableNum); + if (nipper->proxyArpIssues > 1) + { + output_table(nipper, true, report_proxyarp_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->proxyArp == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_proxyarp_table, &report_interface_heading); + } + else + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->proxyArp == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + fprintf(nipper->reportFile, "%s.", interfaceConfigPointer->name); + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_newPara(nipper); + } + output_endsection(nipper, section_obs); + output_parseText(report_proxyarp_impact, nipper, section_imp, rate_lowmed, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_proxyarp_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_proxyarp_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosCDPIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + + // Look to see if CDP has been disabled on the network interfaces + int cdpDisabled = true; + interfaceConfigPointer = nipper->ios->interface; + while ((interfaceConfigPointer != 0) && (cdpDisabled == true)) + { + if ((interfaceConfigPointer->cdp == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0)) + cdpDisabled = false; + interfaceConfigPointer = interfaceConfigPointer->next; + } + // If CDP has been disabled on all interfaces... + if (cdpDisabled == true) + output_parseText(report_cdp_obs, nipper, section_obs, rate_none, 1, nipper->tableNum); + else + output_parseText(report_cdp_obs, nipper, section_obs, rate_none, 2, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_cdp_impact, nipper, section_imp, rate_lowmed, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_cdp_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_cdp_rec1, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosIPUnreachablesIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_icmpunreach_obs, nipper, section_obs, rate_none, nipper->unreachIssues, nipper->tableNum); + if (nipper->unreachIssues == 1) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipUnreachables == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + fprintf(nipper->reportFile, "%s", interfaceConfigPointer->name); + interfaceConfigPointer = interfaceConfigPointer->next; + } + fprintf(nipper->reportFile, "."); + output_newPara(nipper); + } + else + { + output_table(nipper, true, report_icmpunreach_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipUnreachables == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_icmpunreach_table, &report_interface_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_icmpunreach_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_icmpunreach_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_icmpunreach_rec1, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosMaskReplyIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_maskreply_obs, nipper, section_obs, rate_none, nipper->maskReplyIssues, nipper->tableNum); + if (nipper->maskReplyIssues == 1) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipMaskReply == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + fprintf(nipper->reportFile, "%s", interfaceConfigPointer->name); + interfaceConfigPointer = interfaceConfigPointer->next; + } + fprintf(nipper->reportFile, "."); + output_newPara(nipper); + } + else + { + output_table(nipper, true, report_maskreply_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipMaskReply == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_icmpunreach_table, &report_interface_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_maskreply_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_maskreply_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_maskreply_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosMOPIssue(struct nipperConfig *nipper) +{ + output_parseText(report_mop_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_mop_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_mop_ease, nipper, section_ease, rate_noease, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_mop_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} diff --git a/0.11.10/IOS/.svn/text-base/report-keychain.c.svn-base b/0.11.10/IOS/.svn/text-base/report-keychain.c.svn-base new file mode 100644 index 0000000..b7c2f9a --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-keychain.c.svn-base @@ -0,0 +1,59 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosKeysConfig(struct nipperConfig *nipper) +{ + // Variables... + struct keyChain *keyChainPointer = 0; + struct keyConfig *keyPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_keys_table, &settings_keys_heading); + keyChainPointer = nipper->ios->chain; + while (keyChainPointer != 0) + { + keyPointer = keyChainPointer->key; + while (keyPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s%d", nipper->tablerow_start, keyChainPointer->name, nipper->tablerow_mid, keyPointer->keyNumber); + if (nipper->passwords == true) + { + outputFriendly(keyPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, tempString); + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + keyPointer = keyPointer->next; + } + keyChainPointer = keyChainPointer->next; + } + output_table(nipper, false, settings_keys_table, &settings_keys_heading); +} diff --git a/0.11.10/IOS/.svn/text-base/report-line.c.svn-base b/0.11.10/IOS/.svn/text-base/report-line.c.svn-base new file mode 100644 index 0000000..1cd446b --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-line.c.svn-base @@ -0,0 +1,189 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosLinesConfig(struct nipperConfig *nipper) +{ + // Variables... + struct lineConfig *linePointer = 0; + + output_parseText(settings_lines_text, nipper, section_none, rate_none, 0, 0); + output_table(nipper, true, settings_lines_table, &settings_lines_heading); + linePointer = nipper->ios->line; + while (linePointer != 0) + { + switch (linePointer->lineType) + { + case line_console: + fprintf(nipper->reportFile, "%sConsole%s", nipper->tablerow_start, nipper->tablerow_mid); + break; + case line_aux: + fprintf(nipper->reportFile, "%sAuxiliary%s", nipper->tablerow_start, nipper->tablerow_mid); + break; + case line_vty: + fprintf(nipper->reportFile, "%sVTY%s", nipper->tablerow_start, nipper->tablerow_mid); + addAbbreviation("VTY", false); + break; + case line_tty: + fprintf(nipper->reportFile, "%sTTY%s", nipper->tablerow_start, nipper->tablerow_mid); + addAbbreviation("TTY", false); + break; + } + fprintf(nipper->reportFile, "%d%s", linePointer->lineNumberStart, nipper->tablerow_mid); + if (linePointer->lineNumberEnd == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", linePointer->lineNumberEnd, nipper->tablerow_mid); + switch (linePointer->login) + { + case login_allowed: + fprintf(nipper->reportFile, "Allowed%s", nipper->tablerow_mid); + break; + case login_disabled: + fprintf(nipper->reportFile, "Denied%s", nipper->tablerow_mid); + break; + case login_local: + fprintf(nipper->reportFile, "Local%s", nipper->tablerow_mid); + break; + case login_authentication: + fprintf(nipper->reportFile, "AAA%s", nipper->tablerow_mid); + break; + } + switch (linePointer->exec) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + switch (linePointer->authorization) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + switch (linePointer->accounting) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + switch (linePointer->telnet) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + switch (linePointer->ssh) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + fprintf(nipper->reportFile, "%ds%s%ds%s%ds%s%ds%s", linePointer->timeout, nipper->tablerow_mid, linePointer->execTimeout, nipper->tablerow_mid, linePointer->sessionTimeout, nipper->tablerow_mid, linePointer->absoluteTimeout, nipper->tablerow_mid); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s%s", linePointer->password, nipper->tablerow_mid); + if (linePointer->encryption == encrypt_type7) + fprintf(nipper->reportFile, "Type-7%s", nipper->tablerow_end); + else if (linePointer->encryption == encrypt_md5) + { + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_end); + addAbbreviation("MD5", false); + } + else if (linePointer->encryption == encrypt_unknown) + fprintf(nipper->reportFile, "Unknown%s", nipper->tablerow_end); + else + { + if (linePointer->password[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "None%s", nipper->tablerow_end); + } + linePointer = linePointer->next; + } + output_table(nipper, false, settings_lines_table, &settings_lines_heading); +} + + +void iosAUXPortIssue(struct nipperConfig *nipper) +{ + output_parseText(report_aux_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_aux_impact, nipper, section_imp, rate_high, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_aux_ease, nipper, section_ease, rate_difficult, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_aux_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosTelnetIssue(struct nipperConfig *nipper) +{ + // Variables... + struct lineConfig *linePointer = 0; + int tempInt = 0; + + output_parseText(report_telnet_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_telnet_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_telnet_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_telnet_rec1, nipper, section_rec, rate_none, 0, nipper->tableNum); + tempInt = 0; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if ((linePointer->telnet == true) && (linePointer->exec == true) && (linePointer->login != login_disabled) && (linePointer->aclIn == 0)) + tempInt++; + linePointer = linePointer->next; + } + if (tempInt > 0) + output_parseText(report_telnet_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + diff --git a/0.11.10/IOS/.svn/text-base/report-logging.c.svn-base b/0.11.10/IOS/.svn/text-base/report-logging.c.svn-base new file mode 100644 index 0000000..ac4b416 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-logging.c.svn-base @@ -0,0 +1,273 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + + +void iosLoggingConfig(struct nipperConfig *nipper) +{ + // Variables... + struct host *hostPointer = 0; + char tempString[nipper->maxSize]; + + if (nipper->loggingLevels == unconfigured) + nipper->loggingLevels = true; + output_table(nipper, true, settings_logging_table, &settings_general_heading); + if (nipper->ios->logging->logging == true) + fprintf(nipper->reportFile, "%sLogging%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sLogging%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->logging->logEnable == true) + fprintf(nipper->reportFile, "%sLog Configuration Changes%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sLog Configuration Changes%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + + // Logging to console + if (nipper->ios->logging->consoleLogging != false) + { + if (nipper->ios->logging->consoleLogging == true) + fprintf(nipper->reportFile, "%sConsole Logging%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sConsole Logging%sSystem Default%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->logging->consoleLevel == -1) + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + { + switch (nipper->ios->logging->consoleLevel) + { + case 0: + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sEmergencies (0)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 1: + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sAlerts (1)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 2: + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sCritical (2)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 3: + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sErrors (3)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 4: + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sWarnings (4)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 5: + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sNotifications (5)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 6: + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sInformational (6)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 7: + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sDebugging (7)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + } + } + else + fprintf(nipper->reportFile, "%sConsole Logging%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + + // Syslog stuff (only works if a host is configured) + if (nipper->ios->logging->logServer != 0) + { + fprintf(nipper->reportFile, "%sSyslog Logging%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + switch (nipper->ios->logging->loggingTrap) + { + case 0: + fprintf(nipper->reportFile, "%sSyslog Logging Severity Level%sEmergencies (0)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 1: + fprintf(nipper->reportFile, "%sSyslog Logging Severity Level%sAlerts (1)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 2: + fprintf(nipper->reportFile, "%sSyslog Logging Severity Level%sCritical (2)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 3: + fprintf(nipper->reportFile, "%sSyslog Logging Severity Level%sErrors (3)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 4: + fprintf(nipper->reportFile, "%sSyslog Logging Severity Level%sWarnings (4)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 5: + fprintf(nipper->reportFile, "%sSyslog Logging Severity Level%sNotifications (5)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 6: + fprintf(nipper->reportFile, "%sSyslog Logging Severity Level%sInformational (6)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 7: + fprintf(nipper->reportFile, "%sSyslog Logging Severity Level%sDebugging (7)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + outputFriendly(nipper->ios->logging->facility, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sSyslog Logging Facility%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + if (nipper->ios->logging->logCount == true) + fprintf(nipper->reportFile, "%sSyslog Message Counting%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSyslog Message Counting%sSystem Default%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->logging->originId[0] != 0) + { + outputFriendly(nipper->ios->logging->originId, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sSyslog Origin ID%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if (nipper->ios->logging->sourceInterface[0] != 0) + { + outputFriendly(nipper->ios->logging->sourceInterface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sSyslog Source Interface%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + hostPointer = nipper->ios->logging->logServer; + while (hostPointer != 0) + { + outputFriendly(hostPointer->server, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sSyslog Logging Server%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + hostPointer = hostPointer->next; + } + } + else + fprintf(nipper->reportFile, "%sSyslog Logging%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + + // Logging to buffer + if (nipper->ios->logging->bufferedLogging != false) + { + if (nipper->ios->logging->bufferedLogging == true) + fprintf(nipper->reportFile, "%sBuffer Logging%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sBuffer Logging%sSystem Default%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->logging->bufferSize == -1) + fprintf(nipper->reportFile, "%sBuffer Size%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sBuffer Size%s%d bytes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->logging->bufferSize, nipper->tablerow_end); + if (nipper->ios->logging->bufferLevel == -1) + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + { + switch (nipper->ios->logging->bufferLevel) + { + case 0: + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sEmergencies (0)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 1: + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sAlerts (1)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 2: + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sCritical (2)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 3: + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sErrors (3)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 4: + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sWarnings (4)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 5: + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sNotifications (5)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 6: + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sInformational (6)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 7: + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sDebugging (7)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + } + } + else + fprintf(nipper->reportFile, "%sBuffer Logging%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + + // Logging to terminal lines + if (nipper->ios->logging->monitorLogging == true) + { + fprintf(nipper->reportFile, "%sTerminal Line Logging%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + switch (nipper->ios->logging->monitorLevel) + { + case 0: + fprintf(nipper->reportFile, "%sTerminal Line Logging Severity Level%sEmergencies (0)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 1: + fprintf(nipper->reportFile, "%sTerminal Line Logging Severity Level%sAlerts (1)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 2: + fprintf(nipper->reportFile, "%sTerminal Line Logging Severity Level%sCritical (2)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 3: + fprintf(nipper->reportFile, "%sTerminal Line Logging Severity Level%sErrors (3)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 4: + fprintf(nipper->reportFile, "%sTerminal Line Logging Severity Level%sWarnings (4)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 5: + fprintf(nipper->reportFile, "%sTerminal Line Logging Severity Level%sNotifications (5)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 6: + fprintf(nipper->reportFile, "%sTerminal Line Logging Severity Level%sInformational (6)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 7: + fprintf(nipper->reportFile, "%sTerminal Line Logging Severity Level%sDebugging (7)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + } + else + fprintf(nipper->reportFile, "%sTerminal Line Logging%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_logging_table, &settings_general_heading); +} + + +void iosLoggingIssue(struct nipperConfig *nipper) +{ + output_parseText(report_logging_obs1, nipper, section_obs, rate_none, nipper->loggingIssue, nipper->tableNum); + switch (nipper->loggingIssue) + { + case -1: + output_parseText(report_logging_obs2, nipper, section_none, rate_none, nipper->loggingIssue, nipper->tableNum); + break; + case 1: + output_parseText(report_logging_obs3, nipper, section_none, rate_none, nipper->loggingIssue, nipper->tableNum); + break; + case 2: + output_parseText(report_logging_obs4, nipper, section_none, rate_none, nipper->loggingIssue, nipper->tableNum); + break; + case 3: + output_parseText(report_logging_obs5, nipper, section_none, rate_none, nipper->loggingIssue, nipper->tableNum); + break; + case 4: + output_parseText(report_logging_obs6, nipper, section_none, rate_none, nipper->loggingIssue, nipper->tableNum); + break; + } + output_endsection(nipper, section_obs); + output_parseText(report_logging_impact, nipper, section_imp, rate_med, nipper->loggingIssue, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_logging_ease, nipper, section_ease, rate_noease, nipper->loggingIssue, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_logging_rec1, nipper, section_rec, rate_none, nipper->loggingIssue, nipper->tableNum); + if (nipper->loggingIssue != 4) + output_parseText(report_logging_rec2, nipper, section_none, rate_none, nipper->loggingIssue, nipper->tableNum); + if ((nipper->versionMajor < 12) || ((nipper->versionMajor == 12) && (nipper->versionMinor < 1))) + output_parseText(report_logging_rec3, nipper, section_none, rate_none, nipper->loggingIssue, nipper->tableNum); + if (nipper->loggingIssue != 3) + output_parseText(report_logging_rec4, nipper, section_none, rate_none, nipper->loggingIssue, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/IOS/.svn/text-base/report-nat.c.svn-base b/0.11.10/IOS/.svn/text-base/report-nat.c.svn-base new file mode 100644 index 0000000..b5dac94 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-nat.c.svn-base @@ -0,0 +1,195 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosNATConfig(struct nipperConfig *nipper) +{ + // Variables... + struct natConfig *natPointer = 0; + int tempInt = 0; + char tempString[nipper->maxSize]; + + output_parseText(settings_natpat_desc, nipper, section_none, rate_none, 2, 0); + + // Static NAT + tempInt = 0; + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + if (natPointer->type == nat_static) + tempInt++; + natPointer = natPointer->next; + } + if (tempInt > 0) + { + output_table(nipper, true, settings_nat_static_table, &settings_natstatic_heading); + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + if (natPointer->type == nat_static) + { + if (natPointer->inside == true) + fprintf(nipper->reportFile, "%sInside Interface%s", nipper->tablerow_start, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%sOutside Interface%s", nipper->tablerow_start, nipper->tablerow_mid); + if (natPointer->ipSecESP == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + outputFriendly(natPointer->local, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(natPointer->global, tempString, nipper->maxSize, nipper->outputFormat); + if (natPointer->ipSecESP == true) + fprintf(nipper->reportFile, "%s%d%s", tempString, natPointer->interNumber, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + natPointer = natPointer->next; + } + output_table(nipper, false, settings_nat_static_table, &settings_natstatic_heading); + } + + // Dynamic NAT + tempInt = 0; + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + if ((natPointer->type == nat_dynamic_acl) || (natPointer->type == nat_dynamic_route)) + tempInt++; + natPointer = natPointer->next; + } + if (tempInt > 0) + { + output_table(nipper, true, settings_nat_dynamic_table, &settings_natdynamic_heading); + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + if ((natPointer->type == nat_dynamic_acl) || (natPointer->type == nat_dynamic_route)) + { + if (natPointer->inside == true) + fprintf(nipper->reportFile, "%sInside Interface%s", nipper->tablerow_start, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%sOutside Interface%s", nipper->tablerow_start, nipper->tablerow_mid); + if (natPointer->type == nat_dynamic_acl) + fprintf(nipper->reportFile, "ACL%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Route Map%s", nipper->tablerow_mid); + outputFriendly(natPointer->local, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(natPointer->global, tempString, nipper->maxSize, nipper->outputFormat); + if (natPointer->pool == true) + { + fprintf(nipper->reportFile, "Pool%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + else + { + fprintf(nipper->reportFile, "Interface%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%d%s", tempString, natPointer->interNumber, nipper->tablerow_end); + } + } + natPointer = natPointer->next; + } + output_table(nipper, false, settings_nat_dynamic_table, &settings_natdynamic_heading); + } + + // Port Static NAT + tempInt = 0; + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + if (natPointer->type == nat_port) + tempInt++; + natPointer = natPointer->next; + } + if (tempInt > 0) + { + output_table(nipper, true, settings_nat_portstatic_table, &settings_natportstat_heading); + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + if (natPointer->type == nat_port) + { + if (natPointer->inside == true) + fprintf(nipper->reportFile, "%sInside Interface%s", nipper->tablerow_start, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%sOutside Interface%s", nipper->tablerow_start, nipper->tablerow_mid); + if (natPointer->inter == true) + { + fprintf(nipper->reportFile, "%s %s %s %s%d%s", nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, natPointer->globalPort, nipper->tablerow_end); + } + else + { + outputFriendly(natPointer->local, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", natPointer->localPort, nipper->tablerow_mid); + outputFriendly(natPointer->global, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%d%s", tempString, nipper->tablerow_mid, natPointer->globalPort, nipper->tablerow_end); + } + } + natPointer = natPointer->next; + } + output_table(nipper, false, settings_nat_portstatic_table, &settings_natportstat_heading); + } + + // Network Static NAT + tempInt = 0; + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + if (natPointer->type == nat_network) + tempInt++; + natPointer = natPointer->next; + } + if (tempInt > 0) + { + output_table(nipper, true, settings_nat_netstatic_table, &settings_natnetstatic_heading); + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + if (natPointer->type == nat_network) + { + if (natPointer->inside == true) + fprintf(nipper->reportFile, "%sInside Interface%s", nipper->tablerow_start, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%sOutside Interface%s", nipper->tablerow_start, nipper->tablerow_mid); + outputFriendly(natPointer->local, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(natPointer->global, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(natPointer->mask, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + natPointer = natPointer->next; + } + output_table(nipper, false, settings_nat_netstatic_table, &settings_natnetstatic_heading); + } +} diff --git a/0.11.10/IOS/.svn/text-base/report-ntp.c.svn-base b/0.11.10/IOS/.svn/text-base/report-ntp.c.svn-base new file mode 100644 index 0000000..ee00a9a --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-ntp.c.svn-base @@ -0,0 +1,135 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosNTPConfig(struct nipperConfig *nipper) +{ + // Variables... + struct ntpHost *ntpHostPointer = 0; + struct ntpKey *ntpKeyPointer = 0; + struct ntpAccessGroup *ntpGroupPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_ntp_table, &settings_general_heading); + if (nipper->ios->ntp->enabled == true) + fprintf(nipper->reportFile, "%sNTP Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sNTP Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->ntp->master == true) + fprintf(nipper->reportFile, "%sNTP Master%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sNTP Master%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->ntp->authentication == true) + fprintf(nipper->reportFile, "%sNTP Authentication%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sNTP Authentication%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_ntp_table, &settings_general_heading); + addAbbreviation("NTP", false); + + if (nipper->ios->ntp->server != 0) + { + output_table(nipper, true, settings_ntpserv_table, &settings_ntpserv_heading); + ntpHostPointer = nipper->ios->ntp->server; + while (ntpHostPointer != 0) + { + outputFriendly(ntpHostPointer->ntpHost, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (ntpHostPointer->keyNum == -1) + fprintf(nipper->reportFile, "None%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%d%s", ntpHostPointer->keyNum, nipper->tablerow_end); + ntpHostPointer = ntpHostPointer->next; + } + output_table(nipper, false, settings_ntpserv_table, &settings_ntpserv_heading); + } + + if (nipper->ios->ntp->peer != 0) + { + output_table(nipper, true, settings_ntppeer_table, &settings_ntppeer_heading); + ntpHostPointer = nipper->ios->ntp->peer; + while (ntpHostPointer != 0) + { + outputFriendly(ntpHostPointer->ntpHost, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s%d%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, ntpHostPointer->keyNum, nipper->tablerow_end); + ntpHostPointer = ntpHostPointer->next; + } + output_table(nipper, false, settings_ntppeer_table, &settings_ntppeer_heading); + } + + if ((nipper->ios->ntp->key != 0) && (nipper->passwords == true)) + { + output_table(nipper, true, settings_ntpkeys_table, &settings_ntpkeys_heading); + ntpKeyPointer = nipper->ios->ntp->key; + while (ntpKeyPointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, ntpKeyPointer->keyNum, nipper->tablerow_mid); + if (ntpKeyPointer->trusted == false) + fprintf(nipper->reportFile, "No"); + else + fprintf(nipper->reportFile, "Yes"); + if (nipper->passwords == true) + { + outputFriendly(ntpKeyPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, tempString); + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + ntpKeyPointer = ntpKeyPointer->next; + } + output_table(nipper, false, settings_ntpkeys_table, &settings_ntpkeys_heading); + } + + if (nipper->ios->ntp->access != 0) + { + output_table(nipper, true, settings_ntpaccess_table, &settings_ntpaccess_heading); + ntpGroupPointer = nipper->ios->ntp->access; + while (ntpGroupPointer != 0) + { + switch (ntpGroupPointer->accessType) + { + case ntp_peer: + fprintf(nipper->reportFile, "%sPeer%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, ntpGroupPointer->accessList, nipper->tablerow_end); + break; + case ntp_serve: + fprintf(nipper->reportFile, "%sServe%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, ntpGroupPointer->accessList, nipper->tablerow_end); + break; + case ntp_serve_only: + fprintf(nipper->reportFile, "%sServe-Only%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, ntpGroupPointer->accessList, nipper->tablerow_end); + break; + case ntp_query_only: + fprintf(nipper->reportFile, "%sQuery-Only%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, ntpGroupPointer->accessList, nipper->tablerow_end); + break; + } + ntpGroupPointer = ntpGroupPointer->next; + } + output_table(nipper, false, settings_ntpaccess_table, &settings_ntpaccess_heading); + } +} + diff --git a/0.11.10/IOS/.svn/text-base/report-passwords.c.svn-base b/0.11.10/IOS/.svn/text-base/report-passwords.c.svn-base new file mode 100644 index 0000000..826c481 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-passwords.c.svn-base @@ -0,0 +1,910 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void output_IOSTablePasswords(struct nipperConfig *nipper, int dictPassword) +{ + // Variables + struct ntpKey *ntpKeyPointer = 0; + struct enablePassword *enablePointer = 0; + struct usernameList *usernamePointer = 0; + struct snmpCommunity *communityPointer = 0; + struct snmpHost *snmpHostPointer = 0; + struct aaaGroupServer *aaaGroupPointer = 0; + struct aaaServer *aaaServerPointer = 0; + struct interfaceConfig *interfaceConfigPointer = 0; + struct bgpNeighbor *neighborPointer = 0; + struct keyChain *keyChainPointer = 0; + struct keyConfig *keyPointer = 0; + struct lineConfig *linePointer = 0; + struct vrrpStruct *vrrpPointer = 0; + char tempString[nipper->maxSize]; + + // Enable passwords + enablePointer = nipper->ios->enable; + while (enablePointer != 0) + { + if (((enablePointer->dictionary == true) && (dictPassword == true)) || ((enablePointer->weak == true) && (dictPassword == false))) + { + outputFriendly(enablePointer->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sPassword%sEnable%sLevel %d", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, enablePointer->level); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + enablePointer = enablePointer->next; + } + + // Usernames + usernamePointer = nipper->ios->username; + while (usernamePointer != 0) + { + if (((usernamePointer->dictionary == true) && (dictPassword == true)) || ((usernamePointer->weak == true) && (dictPassword == false))) + { + outputFriendly(usernamePointer->username, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sPassword%sUsers%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, tempString); + if (nipper->passwords == true) + { + outputFriendly(usernamePointer->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + usernamePointer = usernamePointer->next; + } + + // OSPF + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if (((interfaceConfigPointer->ospfDictionary == true) && (dictPassword == true)) || ((interfaceConfigPointer->ospfWeak == true) && (dictPassword == false))) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sKey%sOSPF%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, tempString); + if (nipper->passwords == true) + { + outputFriendly(interfaceConfigPointer->ospfKey, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + + // BGP + if (nipper->ios->bgp != 0) + { + neighborPointer = nipper->ios->bgp->neighbor; + while (neighborPointer != 0) + { + if (((neighborPointer->dictionary == true) && (dictPassword == true)) || ((neighborPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(neighborPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sPassword%sBGP%sHost %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, tempString); + if (nipper->passwords == true) + { + outputFriendly(neighborPointer->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + neighborPointer = neighborPointer->next; + } + } + + // TACACS + if (nipper->ios->tacacs != 0) + { + if (((nipper->ios->tacacs->dictionary == true) && (dictPassword == true)) || ((nipper->ios->tacacs->weak == true) && (dictPassword == false))) + { + outputFriendly(nipper->ios->tacacs->key, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sKey%sTACACS%sN/A", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + if (nipper->passwords == true) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + } + + // AAA + if (nipper->ios->aaa != 0) + { + aaaGroupPointer = nipper->ios->aaa->groupServer; + while (aaaGroupPointer != 0) + { + aaaServerPointer = aaaGroupPointer->server; + while (aaaServerPointer != 0) + { + if (((aaaServerPointer->dictionary == true) && (dictPassword == true)) || ((aaaServerPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(aaaGroupPointer->username, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sKey%sAAA%s%s (Host: ", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, tempString); + outputFriendly(aaaServerPointer->server, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s)", tempString); + if (nipper->passwords == true) + { + outputFriendly(aaaServerPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + aaaServerPointer = aaaServerPointer->next; + } + aaaGroupPointer = aaaGroupPointer->next; + } + } + + // NTP + if (nipper->ios->ntp != 0) + { + ntpKeyPointer = nipper->ios->ntp->key; + while (ntpKeyPointer != 0) + { + if (((ntpKeyPointer->dictionary == true) && (dictPassword == true)) || ((ntpKeyPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(ntpKeyPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sKey%sNTP%sN/A", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + ntpKeyPointer = ntpKeyPointer->next; + } + } + + // SNMP + if (nipper->ios->snmp != 0) + { + communityPointer = nipper->ios->snmp->community; + while (communityPointer != 0) + { + if (((communityPointer->dictionary == true) && (dictPassword == true)) || ((communityPointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sCommunity%sSNMP%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + if (communityPointer->readonly == true) + fprintf(nipper->reportFile, "read-only"); + else + fprintf(nipper->reportFile, "read/write"); + if (nipper->passwords == true) + { + outputFriendly(communityPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + communityPointer = communityPointer->next; + } + snmpHostPointer = nipper->ios->snmp->host; + while (snmpHostPointer != 0) + { + if (((snmpHostPointer->dictionary == true) && (dictPassword == true)) || ((snmpHostPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(snmpHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sCommunity%sSNMP%sHost: %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, tempString); + if (nipper->passwords == true) + { + outputFriendly(snmpHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + snmpHostPointer = snmpHostPointer->next; + } + } + + // Keys + keyChainPointer = nipper->ios->chain; + while (keyChainPointer != 0) + { + keyPointer = keyChainPointer->key; + while (keyPointer != 0) + { + if (((keyPointer->dictionary == true) && (dictPassword == true)) || ((keyPointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sKey%sKey Chain%sKey No.: %d", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, keyPointer->keyNumber); + if (nipper->passwords == true) + { + outputFriendly(keyPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + keyPointer = keyPointer->next; + } + keyChainPointer = keyChainPointer->next; + } + + // FTP + if (nipper->ios->ftp != 0) + { + if (((nipper->ios->ftp->dictionary == true) && (dictPassword == true)) || ((nipper->ios->ftp->weak == true) && (dictPassword == false))) + { + outputFriendly(nipper->ios->ftp->username, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sPassword%sFTP%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, tempString); + if (nipper->passwords == true) + { + outputFriendly(nipper->ios->ftp->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + } + + // Line + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if (((linePointer->dictionary == true) && (dictPassword == true)) || ((linePointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sPassword%sLine%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + switch (linePointer->lineType) + { + case line_console: + fprintf(nipper->reportFile, "Console "); + break; + case line_vty: + fprintf(nipper->reportFile, "VTY "); + break; + case line_aux: + fprintf(nipper->reportFile, "AUX "); + break; + case line_tty: + fprintf(nipper->reportFile, "TTY "); + break; + } + if (linePointer->lineNumberEnd > 0) + fprintf(nipper->reportFile, "lines %d - %d", linePointer->lineNumberStart, linePointer->lineNumberEnd); + else + fprintf(nipper->reportFile, "line %d", linePointer->lineNumberStart); + if (nipper->passwords == true) + { + outputFriendly(linePointer->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + linePointer = linePointer->next; + } + + // VRRP Authentication + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + vrrpPointer = interfaceConfigPointer->vrrp; + while (vrrpPointer != 0) + { + if (((vrrpPointer->dictionary == true) && (dictPassword == true)) || ((vrrpPointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sPassword%sVRRP%sGroup ID %d on interface %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, vrrpPointer->group, interfaceConfigPointer->name); + if (nipper->passwords == true) + { + outputFriendly(vrrpPointer->authString, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + vrrpPointer = vrrpPointer->next; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } +} + + +void output_IOSLinePasswords(struct nipperConfig *nipper, int dictPassword) +{ + // Variables + struct ntpKey *ntpKeyPointer = 0; + struct enablePassword *enablePointer = 0; + struct usernameList *usernamePointer = 0; + struct snmpCommunity *communityPointer = 0; + struct snmpHost *snmpHostPointer = 0; + struct aaaGroupServer *aaaGroupPointer = 0; + struct aaaServer *aaaServerPointer = 0; + struct interfaceConfig *interfaceConfigPointer = 0; + struct bgpNeighbor *neighborPointer = 0; + struct keyChain *keyChainPointer = 0; + struct keyConfig *keyPointer = 0; + struct lineConfig *linePointer = 0; + struct vrrpStruct *vrrpPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + char tempString3[nipper->maxSize]; + + // Enable + enablePointer = nipper->ios->enable; + while (enablePointer != 0) + { + if (((enablePointer->dictionary == true) && (dictPassword == true)) || ((enablePointer->weak == true) && (dictPassword == false))) + { + outputFriendly(enablePointer->password, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString3, "*NOTEXTSTART*The enable password (level %d) was ", enablePointer->level); + if (nipper->passwords == true) + sprintf(tempString2, "%s%s.", tempString3, tempString); + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + enablePointer = enablePointer->next; + } + + // Username + usernamePointer = nipper->ios->username; + while (usernamePointer != 0) + { + if (((usernamePointer->dictionary == true) && (dictPassword == true)) || ((usernamePointer->weak == true) && (dictPassword == false))) + { + outputFriendly(usernamePointer->username, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString3, "*NOTEXTSTART*The user %s had a ", tempString); + if (nipper->passwords == true) + { + outputFriendly(usernamePointer->password, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%spassword %s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based password.", tempString3); + else + sprintf(tempString2, "%sweak password.", tempString3); + } + } + usernamePointer = usernamePointer->next; + } + + // OSPF + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if (((interfaceConfigPointer->ospfDictionary == true) && (dictPassword == true)) || ((interfaceConfigPointer->ospfWeak == true) && (dictPassword == false))) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString3, "*NOTEXTSTART*The network interface %s was configured with ", tempString); + if (nipper->passwords == true) + { + outputFriendly(interfaceConfigPointer->ospfKey, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%sthe *ABBREV*OSPF*-ABBREV* key %s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sa dictionary-based *ABBREV*OSPF*-ABBREV* key.", tempString3); + else + sprintf(tempString2, "%sa weak *ABBREV*OSPF*-ABBREV* key.", tempString3); + } + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + + // BGP + if (nipper->ios->bgp != 0) + { + neighborPointer = nipper->ios->bgp->neighbor; + while (neighborPointer != 0) + { + if (((neighborPointer->dictionary == true) && (dictPassword == true)) || ((neighborPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(neighborPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString3, "*NOTEXTSTART*The *ABBREV*BGP*-ABBREV* password for host %s was ", tempString); + if (nipper->passwords == true) + { + outputFriendly(neighborPointer->password, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + neighborPointer = neighborPointer->next; + } + } + + // TACACS + if (nipper->ios->tacacs != 0) + { + if (((nipper->ios->tacacs->dictionary == true) && (dictPassword == true)) || ((nipper->ios->tacacs->weak == true) && (dictPassword == false))) + { + sprintf(tempString3, "*NOTEXTSTART*The *ABBREV*TACACS*-ABBREV* key was "); + if (nipper->passwords == true) + { + outputFriendly(nipper->ios->tacacs->key, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + } + + // AAA + if (nipper->ios->aaa != 0) + { + aaaGroupPointer = nipper->ios->aaa->groupServer; + while (aaaGroupPointer != 0) + { + aaaServerPointer = aaaGroupPointer->server; + while (aaaServerPointer != 0) + { + if (((aaaServerPointer->dictionary == true) && (dictPassword == true)) || ((aaaServerPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(aaaGroupPointer->username, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "*NOTEXTSTART*The *ABBREV*AAA*-ABBREV* key for user %s on host ", tempString); + outputFriendly(aaaServerPointer->server, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString3, "%s%s was ", tempString2, tempString); + if (nipper->passwords == true) + { + outputFriendly(aaaServerPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + aaaServerPointer = aaaServerPointer->next; + } + aaaGroupPointer = aaaGroupPointer->next; + } + } + + // NTP + if (nipper->ios->ntp != 0) + { + ntpKeyPointer = nipper->ios->ntp->key; + while (ntpKeyPointer != 0) + { + if (((ntpKeyPointer->dictionary == true) && (dictPassword == true)) || ((ntpKeyPointer->weak == true) && (dictPassword == false))) + { + sprintf(tempString3, "*NOTEXTSTART*The *ABBREV*NTP*-ABBREV* key was "); + if (nipper->passwords == true) + { + outputFriendly(ntpKeyPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + ntpKeyPointer = ntpKeyPointer->next; + } + } + + // SNMP + if (nipper->ios->snmp != 0) + { + communityPointer = nipper->ios->snmp->community; + while (communityPointer != 0) + { + if (((communityPointer->dictionary == true) && (dictPassword == true)) || ((communityPointer->weak == true) && (dictPassword == false))) + { + sprintf(tempString3, "*NOTEXTSTART*The "); + if (communityPointer->readonly == true) + sprintf(tempString2, "%sread-only", tempString3); + else + sprintf(tempString2, "%sread/write", tempString3); + sprintf(tempString3, "%s *ABBREV*SNMP*-ABBREV* community string was ", tempString2); + if (nipper->passwords == true) + { + outputFriendly(communityPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + communityPointer = communityPointer->next; + } + snmpHostPointer = nipper->ios->snmp->host; + while (snmpHostPointer != 0) + { + if (((snmpHostPointer->dictionary == true) && (dictPassword == true)) || ((snmpHostPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(snmpHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString3, "*NOTEXTSTART*The *ABBREV*SNMP*-ABBREV* community string for the host %s was ", tempString); + if (nipper->passwords == true) + { + outputFriendly(snmpHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + snmpHostPointer = snmpHostPointer->next; + } + } + + // Keys + keyChainPointer = nipper->ios->chain; + while (keyChainPointer != 0) + { + keyPointer = keyChainPointer->key; + while (keyPointer != 0) + { + if (((keyPointer->dictionary == true) && (dictPassword == true)) || ((keyPointer->weak == true) && (dictPassword == false))) + { + sprintf(tempString3, "*NOTEXTSTART*The key chain key number %d was ", keyPointer->keyNumber); + if (nipper->passwords == true) + { + outputFriendly(keyPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + keyPointer = keyPointer->next; + } + keyChainPointer = keyChainPointer->next; + } + + // FTP + if (nipper->ios->ftp != 0) + { + if (((nipper->ios->ftp->dictionary == true) && (dictPassword == true)) || ((nipper->ios->ftp->weak == true) && (dictPassword == false))) + { + outputFriendly(nipper->ios->ftp->username, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString3, "*NOTEXTSTART*The *ABBREV*FTP*-ABBREV* password for user %s was ", tempString); + if (nipper->passwords == true) + { + outputFriendly(nipper->ios->ftp->password, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + } + + // Line + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if (((linePointer->dictionary == true) && (dictPassword == true)) || ((linePointer->weak == true) && (dictPassword == false))) + { + switch (linePointer->lineType) + { + case line_console: + sprintf(tempString2, "*NOTEXTSTART*Console "); + break; + case line_vty: + sprintf(tempString2, "*NOTEXTSTART**ABBREV*VTY*-ABBREV* "); + break; + case line_aux: + sprintf(tempString2, "*NOTEXTSTART**ABBREV*AUX*-ABBREV* "); + break; + case line_tty: + sprintf(tempString2, "*NOTEXTSTART**ABBREV*TTY*-ABBREV* "); + break; + } + if (linePointer->lineNumberEnd > 0) + sprintf(tempString3, "%slines %d to %d", tempString2, linePointer->lineNumberStart, linePointer->lineNumberEnd); + else + sprintf(tempString3, "%sline %d", tempString2, linePointer->lineNumberStart); + if (nipper->passwords == true) + { + outputFriendly(linePointer->password, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s had a password of %s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%s was dictionary-based.", tempString3); + else + sprintf(tempString2, "%s was weak.", tempString3); + } + } + linePointer = linePointer->next; + } + + // VRRP Authentication + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + vrrpPointer = interfaceConfigPointer->vrrp; + while (vrrpPointer != 0) + { + if (((vrrpPointer->dictionary == true) && (dictPassword == true)) || ((vrrpPointer->weak == true) && (dictPassword == false))) + { + sprintf(tempString3, "*NOTEXTSTART**ABBREV*VRRP*-ABBREV* group ID %d on interface %s", vrrpPointer->group, interfaceConfigPointer->name); + if (nipper->passwords == true) + { + outputFriendly(vrrpPointer->authString, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s had a password of %s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%s was dictionary-based.", tempString3); + else + sprintf(tempString2, "%s was weak.", tempString3); + } + } + vrrpPointer = vrrpPointer->next; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + + output_parseText(tempString2, nipper, section_none, rate_none, 0, 0); +} + + +void iosDictionaryIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + output_parseText(report_dict_obs, nipper, section_obs, rate_none, nipper->simplePasswords, nipper->tableNum); + if (nipper->simplePasswords > 1) + { + output_table(nipper, true, report_dict_table, &report_dict_heading); + output_IOSTablePasswords(nipper, true); + output_table(nipper, false, report_dict_table, &report_dict_heading); + } + else + output_IOSLinePasswords(nipper, true); + output_endsection(nipper, section_obs); + output_parseText(report_dict_impact, nipper, section_imp, rate_high, nipper->simplePasswords, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_dict_ease, nipper, section_ease, rate_trivial, nipper->simplePasswords, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_dict_rec, nipper, section_rec, rate_none, nipper->simplePasswords, nipper->tableNum); + numToWord(nipper->reportFile, nipper->passwordLength); + fprintf(nipper->reportFile, " characters in length and contain"); + if (nipper->passwordUppers == true) + tempInt = 1; + else + tempInt = 0; + if (nipper->passwordLowers == true) + tempInt++; + if (nipper->passwordEither == true) + tempInt++; + if (nipper->passwordNumbers == true) + tempInt++; + if (nipper->passwordSpecials == true) + tempInt++; + if (nipper->passwordUppers == true) + { + fprintf(nipper->reportFile, " uppercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordLowers == true) + { + fprintf(nipper->reportFile, " lowercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordEither == true) + { + fprintf(nipper->reportFile, " either uppercase or lowercase characters"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordNumbers == true) + { + fprintf(nipper->reportFile, " numbers"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordSpecials == true) + { + fprintf(nipper->reportFile, " special"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (((nipper->passwordNumbers == true) && (nipper->passwordSpecials == false)) || ((nipper->passwordEither == false) && (nipper->passwordNumbers == false) && (nipper->passwordSpecials == false))) + fprintf(nipper->reportFile, "."); + else + fprintf(nipper->reportFile, " characters."); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_endsection(nipper, section_rec); +} + + +void iosStrengthIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + output_parseText(report_strength_obs, nipper, section_obs, rate_none, nipper->passwordStrengths, nipper->tableNum); + if (nipper->passwordStrengths > 1) + { + output_table(nipper, true, report_strength_table, &report_dict_heading); + output_IOSTablePasswords(nipper, false); + output_table(nipper, false, report_strength_table, &report_dict_heading); + } + else + output_IOSLinePasswords(nipper, false); + output_endsection(nipper, section_obs); + output_parseText(report_strength_impact, nipper, section_imp, rate_high, nipper->passwordStrengths, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_strength_ease, nipper, section_ease, rate_trivial, nipper->passwordStrengths, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_strength_rec, nipper, section_rec, rate_trivial, nipper->passwordStrengths, nipper->tableNum); + numToWord(nipper->reportFile, nipper->passwordLength); + fprintf(nipper->reportFile, " characters in length and contain"); + if (nipper->passwordUppers == true) + tempInt = 1; + else + tempInt = 0; + if (nipper->passwordLowers == true) + tempInt++; + if (nipper->passwordEither == true) + tempInt++; + if (nipper->passwordNumbers == true) + tempInt++; + if (nipper->passwordSpecials == true) + tempInt++; + if (nipper->passwordUppers == true) + { + fprintf(nipper->reportFile, " uppercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordLowers == true) + { + fprintf(nipper->reportFile, " lowercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordEither == true) + { + fprintf(nipper->reportFile, " either uppercase or lowercase characters"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordNumbers == true) + { + fprintf(nipper->reportFile, " numbers"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordSpecials == true) + { + fprintf(nipper->reportFile, " special"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (((nipper->passwordNumbers == true) && (nipper->passwordSpecials == false)) || ((nipper->passwordEither == false) && (nipper->passwordNumbers == false) && (nipper->passwordSpecials == false))) + fprintf(nipper->reportFile, "."); + else + fprintf(nipper->reportFile, "characters."); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_endsection(nipper, section_rec); +} + + +void iosEnableSecretIssue(struct nipperConfig *nipper) +{ + output_parseText(report_enablesec_obs, nipper, section_obs, rate_none, nipper->enableIssues, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_enablesec_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_enablesec_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_enablesec_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosPasswordEncryptionIssue(struct nipperConfig *nipper) +{ + output_parseText(report_passenc_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_passenc_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_passenc_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_passenc_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} diff --git a/0.11.10/IOS/.svn/text-base/report-router.c.svn-base b/0.11.10/IOS/.svn/text-base/report-router.c.svn-base new file mode 100644 index 0000000..f7cf421 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-router.c.svn-base @@ -0,0 +1,1047 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosRoutingConfig(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + struct bgpNeighbor *neighborPointer = 0; + struct ospfNetworkConfig *ospfNetworkPointer = 0; + struct ospfAreaConfig *ospfAreaPointer = 0; + struct ospfNeighbor *ospfNeighborPointer = 0; + struct ospfConfig *ospfPointer = 0; + struct ospfInterStruct *ospfInterPointer = 0; + struct bgpConfig *bgpPointer = 0; + struct bgpInterStruct *bgpInterPointer = 0; + struct eigrpConfig *eigrpPointer = 0; + struct eigrpAutonStruct *eigrpAutonPointer = 0; + struct eigrpNetwork *eigrpNetworkPointer = 0; + struct eigrpNeighbor *eigrpNeighborPointer = 0; + struct staticRoute *routePointer = 0; + struct routeMapConfig *routeMapPointer = 0; + struct vrrpStruct *vrrpPointer = 0; + struct host *hostPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + output_parseText(settings_routing_desc, nipper, section_none, rate_none, 0, 0); + + // Static Routes + if (nipper->ios->route != 0) + { + output_table(nipper, true, settings_static_route_table, &settings_routeIOS_heading); + routePointer = nipper->ios->route; + while (routePointer != 0) + { + outputFriendly(routePointer->ipAddress, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(routePointer->netMask, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(routePointer->gateway, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + routePointer = routePointer->next; + } + output_table(nipper, false, settings_static_route_table, &settings_routeIOS_heading); + } + + // Route Maps + if (nipper->ios->routeMap != 0) + { + output_parseText(settings_routemap_desc, nipper, section_none, rate_none, 0, 0); + output_table(nipper, true, settings_routemap_table, &settings_routeMap_heading); + routeMapPointer = nipper->ios->routeMap; + while (routeMapPointer != 0) + { + outputFriendly(routeMapPointer->mapTag, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (routeMapPointer->sequenceNo == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", routeMapPointer->sequenceNo, nipper->tablerow_mid); + if (routeMapPointer->permission == perm_permit) + fprintf(nipper->reportFile, "Permit%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Deny%s", nipper->tablerow_end); + routeMapPointer = routeMapPointer->next; + } + output_table(nipper, false, settings_routemap_table, &settings_routeMap_heading); + } + + // VRRP + if (nipper->vrrpIssues != 0) + { + output_parseText(settings_vrrp_desc, nipper, section_none, rate_none, 0, 0); + output_table(nipper, true, settings_vrrp_table, &settings_vrrp_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + vrrpPointer = interfaceConfigPointer->vrrp; + while (vrrpPointer != 0) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s%d%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, vrrpPointer->group, nipper->tablerow_mid); + if (vrrpPointer->shutdown == false) + fprintf(nipper->reportFile, "Active%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + outputFriendly(vrrpPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", vrrpPointer->ipAddress, nipper->tablerow_mid); + if (vrrpPointer->ipAddress2[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s", vrrpPointer->ipAddress2, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", vrrpPointer->priorityLevel, nipper->tablerow_mid); + switch (vrrpPointer->authentication) + { + case vrrp_auth_none: + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + break; + case vrrp_auth_text: + fprintf(nipper->reportFile, "Clear Text%s", nipper->tablerow_mid); + break; + case vrrp_auth_md5: + if (vrrpPointer->keyChain == false) + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "MD5 Key%s", nipper->tablerow_mid); + break; + } + if (nipper->passwords == true) + { + if (vrrpPointer->authString[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + { + outputFriendly(vrrpPointer->authString, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + } + if (interfaceConfigPointer->shutdown == true) + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + vrrpPointer = vrrpPointer->next; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, settings_vrrp_table, &settings_vrrp_interface_heading); + } + + // RIP + if (nipper->ios->rip != 0) + { + output_parseText(settings_rip_desc, nipper, section_none, rate_none, 0, 0); + output_table(nipper, true, settings_rip_table, &settings_general_heading); + if (nipper->ios->rip->version == rip_version1) + fprintf(nipper->reportFile, "%sRIP Version%s1%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->ios->rip->version == rip_version2) + fprintf(nipper->reportFile, "%sRIP Version%s2%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->ios->rip->version == rip_version1and2) + fprintf(nipper->reportFile, "%sRIP Version%s1 and 2%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->rip->autoSummary == true) + fprintf(nipper->reportFile, "%sRoute Auto Summarisation%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sRoute Auto Summarisation%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->rip->defaultRoute == true) + fprintf(nipper->reportFile, "%sDefault Route Generation%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sDefault Route Generation%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->rip->defaultRouteMap[0] != 0) + { + outputFriendly(nipper->ios->rip->defaultRouteMap, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sDefault Route Route-Map%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if (nipper->ios->rip->defaultMetric == -1) + fprintf(nipper->reportFile, "%sDefault Metric%sAutomatic%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sDefault Metric%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->rip->defaultMetric, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sInput Queue Depth%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->rip->inputQueue, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sRIP Update Delay%s%d milliseconds%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->rip->outputDelay, nipper->tablerow_end); + if (nipper->ios->rip->validateUpdateSource == true) + fprintf(nipper->reportFile, "%sValidate Update Source%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sValidate Update Source%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_rip_table, &settings_general_heading); + + // RIP Interfaces + if (nipper->ios->interface !=0) + { + output_table(nipper, true, settings_rip_interface_table, &settings_rip_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + // Check interface is valid for OSPF + if ((interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (interfaceConfigPointer->ripPassive == false)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->ipAddress, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + switch (interfaceConfigPointer->ripAuthMode) + { + case rip_auth_none: + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + break; + case rip_auth_text: + fprintf(nipper->reportFile, "Clear Text%s", nipper->tablerow_mid); + break; + case rip_auth_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_mid); + break; + default: + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + break; + } + if (interfaceConfigPointer->ripKeyChain[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + { + outputFriendly(interfaceConfigPointer->ripKeyChain, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + switch (interfaceConfigPointer->ripSendVersion) + { + case rip_version1: + fprintf(nipper->reportFile, "1%s", nipper->tablerow_mid); + break; + case rip_version2: + fprintf(nipper->reportFile, "2%s", nipper->tablerow_mid); + break; + case rip_version1and2: + fprintf(nipper->reportFile, "1 and 2%s", nipper->tablerow_mid); + break; + case rip_version_global: + switch (nipper->ios->rip->version) + { + case rip_version1: + fprintf(nipper->reportFile, "1%s", nipper->tablerow_mid); + break; + case rip_version2: + fprintf(nipper->reportFile, "2%s", nipper->tablerow_mid); + break; + case rip_version1and2: + fprintf(nipper->reportFile, "1 and 2%s", nipper->tablerow_mid); + break; + } + break; + } + switch (interfaceConfigPointer->ripReceiveVersion) + { + case rip_version1: + fprintf(nipper->reportFile, "1%s", nipper->tablerow_mid); + break; + case rip_version2: + fprintf(nipper->reportFile, "2%s", nipper->tablerow_mid); + break; + case rip_version1and2: + fprintf(nipper->reportFile, "1 and 2%s", nipper->tablerow_mid); + break; + case rip_version_global: + switch (nipper->ios->rip->version) + { + case rip_version1: + fprintf(nipper->reportFile, "1%s", nipper->tablerow_mid); + break; + case rip_version2: + fprintf(nipper->reportFile, "2%s", nipper->tablerow_mid); + break; + case rip_version1and2: + fprintf(nipper->reportFile, "1 and 2%s", nipper->tablerow_mid); + break; + } + break; + } + switch (interfaceConfigPointer->ripV2Broadcast) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + switch (interfaceConfigPointer->ripTriggered) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_end); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_end); + break; + } + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, settings_rip_interface_table, &settings_rip_interface_heading); + } + + if (nipper->ios->rip->neighbor != 0) + { + hostPointer = nipper->ios->rip->neighbor; + output_table(nipper, true, settings_rip_neightbor_table, &settings_rip_neightbor_heading); + while (hostPointer != 0) + { + outputFriendly(hostPointer->server, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_end); + hostPointer = hostPointer->next; + } + output_table(nipper, false, settings_rip_neightbor_table, &settings_rip_neightbor_heading); + } + + if (nipper->ios->rip->network != 0) + { + hostPointer = nipper->ios->rip->network; + output_table(nipper, true, settings_rip_networks_table, &settings_rip_networks_heading); + while (hostPointer != 0) + { + outputFriendly(hostPointer->server, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_end); + hostPointer = hostPointer->next; + } + output_table(nipper, false, settings_rip_networks_table, &settings_rip_networks_heading); + } + addAbbreviation("RIP", false); + } + + // EIGRP + if (nipper->ios->eigrp != 0) + { + output_parseText(settings_eigrp_desc, nipper, section_none, rate_none, 0, 0); + + // EIGRP Configuration + eigrpPointer = nipper->ios->eigrp; + while (eigrpPointer != 0) + { + sprintf(tempString, "EIGRP autonomous number %d configuration", eigrpPointer->process); + output_table(nipper, true, tempString, &settings_general_heading); + fprintf(nipper->reportFile, "%sRouter ID%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, eigrpPointer->routerId, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sMaximum Hops%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, eigrpPointer->maximumHops, nipper->tablerow_end); + switch (eigrpPointer->stub) + { + case eigrp_stub_disabled: + fprintf(nipper->reportFile, "%sEIGRP Stub Router%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case eigrp_stub_enabled: + fprintf(nipper->reportFile, "%sEIGRP Stub Router%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case eigrp_stub_receive: + fprintf(nipper->reportFile, "%sEIGRP Stub Router%sReceive Only%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case eigrp_stub_connected: + fprintf(nipper->reportFile, "%sEIGRP Stub Router%sAdvertise Connected Routes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case eigrp_stub_static: + fprintf(nipper->reportFile, "%sEIGRP Stub Router%sAdvertise Static Routes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case eigrp_stub_summary: + fprintf(nipper->reportFile, "%sEIGRP Stub Router%sAdvertise Summary Routes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case eigrp_stub_redist: + fprintf(nipper->reportFile, "%sEIGRP Stub Router%sAdvertise Redistributed Routes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + if (eigrpPointer->autoSummary == true) + fprintf(nipper->reportFile, "%sAuto Summary%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sAuto Summary%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sInternal Administrative Distance%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, eigrpPointer->internalDistance, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sExternal Administrative Distance%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, eigrpPointer->externalDistance, nipper->tablerow_end); + if (eigrpPointer->logNeighborChanges == true) + fprintf(nipper->reportFile, "%sLog Neighbor Changes%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sLog Neighbor Changes%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (eigrpPointer->logNeighborWarnings == true) + fprintf(nipper->reportFile, "%sLog Neighbor Warnings%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sLog Neighbor Warnings%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + eigrpNetworkPointer = eigrpPointer->network; + while (eigrpNetworkPointer != 0) + { + fprintf(nipper->reportFile, "%sNetwork IP Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, eigrpNetworkPointer->ipAddress, nipper->tablerow_end); + if (eigrpNetworkPointer->netMask[0] != 0) + fprintf(nipper->reportFile, "%sNetwork Netmask%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, eigrpNetworkPointer->netMask, nipper->tablerow_end); + eigrpNetworkPointer = eigrpNetworkPointer->next; + } + eigrpNeighborPointer = eigrpPointer->neighbor; + while (eigrpNeighborPointer != 0) + { + fprintf(nipper->reportFile, "%sNetwork IP Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, eigrpNeighborPointer->ipAddress, nipper->tablerow_end); + if (eigrpNeighborPointer->interface[0] != 0) + fprintf(nipper->reportFile, "%sNetwork Interface%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, eigrpNeighborPointer->interface, nipper->tablerow_end); + eigrpNeighborPointer = eigrpNeighborPointer->next; + } + output_table(nipper, false, tempString, &settings_general_heading); + + // Interfaces + sprintf(tempString2, "EIGRP autonomous number %d interface configuration", eigrpPointer->process); + output_table(nipper, true, tempString2, &settings_eigrp_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + eigrpAutonPointer = eigrpInterfaceConfig(interfaceConfigPointer, eigrpPointer->process); + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->ipAddress, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (interfaceConfigPointer->shutdown == true) + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + if (eigrpAutonPointer->passive == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (eigrpAutonPointer->md5Auth == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (eigrpAutonPointer->keyChain[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s", eigrpAutonPointer->keyChain, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%%%s", eigrpAutonPointer->bandwidth, nipper->tablerow_end); + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, tempString2, &settings_eigrp_interface_heading); + + // Increment EIGRP Autonomous No. + eigrpPointer = eigrpPointer->next; + } + } + + // BGP + if (nipper->ios->bgp != 0) + { + output_parseText(settings_bgp_desc, nipper, section_none, rate_none, 0, 0); + bgpPointer = nipper->ios->bgp; + while (bgpPointer != 0) + { + sprintf(tempString, "BGP autonomous number %d configuration", bgpPointer->autonomousNo); + output_table(nipper, true, tempString, &settings_general_heading); + fprintf(nipper->reportFile, "%sAutonomous Number%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->bgp->autonomousNo, nipper->tablerow_end); + if (bgpPointer->logNeighborChanges == true) + fprintf(nipper->reportFile, "%sLog Neighbor Changes%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sLog Neighbor Changes%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (bgpPointer->dampening == true) + fprintf(nipper->reportFile, "%sRoute Flap Dampening%sOn%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sRoute Flap Dampening%sOff%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, tempString, &settings_general_heading); + + if (bgpPointer->neighbor != 0) + { + sprintf(tempString2, "BGP autonomous number %d neighbors", bgpPointer->autonomousNo); + output_table(nipper, true, tempString2, &settings_bgp_heading); + neighborPointer = bgpPointer->neighbor; + while (neighborPointer != 0) + { + outputFriendly(neighborPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(neighborPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(neighborPointer->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_mid); + } + switch (neighborPointer->encryption) + { + case encrypt_type7: + fprintf(nipper->reportFile, "Type-7%s", nipper->tablerow_mid); + break; + case encrypt_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_mid); + addAbbreviation("MD5", false); + break; + case encrypt_none: + if (neighborPointer->password[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + break; + case encrypt_unknown: + fprintf(nipper->reportFile, "Unknown%s", nipper->tablerow_mid); + break; + } + if (neighborPointer->autonomousNo != -1) + fprintf(nipper->reportFile, "%d%s", neighborPointer->autonomousNo, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + if (neighborPointer->ttlHops == -1) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%d%s", neighborPointer->ttlHops, nipper->tablerow_end); + neighborPointer = neighborPointer->next; + } + output_table(nipper, false, tempString2, &settings_bgp_heading); + } + + // Interfaces + sprintf(tempString2, "BGP autonomous number %d interface configuration", bgpPointer->autonomousNo); + output_table(nipper, true, tempString2, &settings_bgp_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + bgpInterPointer = bgpInterfaceConfig(interfaceConfigPointer, bgpPointer->autonomousNo); + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->ipAddress, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (interfaceConfigPointer->shutdown == true) + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + if (bgpInterPointer->passive == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, tempString2, &settings_bgp_interface_heading); + + bgpPointer = bgpPointer->next; + } + addAbbreviation("BGP", false); + addAbbreviation("TTL", false); + } + + // OSPF + if (nipper->ios->ospf != 0) + { + output_parseText(settings_ospf_desc, nipper, section_none, rate_none, 0, 0); + + ospfPointer = nipper->ios->ospf; + while (ospfPointer != 0) + { + // OSPF Network + if (nipper->ios->ospf->ospfNetwork != 0) + { + sprintf(tempString2, "OSPF process ID %d network areas", ospfPointer->processID); + output_table(nipper, true, tempString2, &settings_ospf_network_heading); + ospfNetworkPointer = nipper->ios->ospf->ospfNetwork; + while (ospfNetworkPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s%s%s%s%s", nipper->tablerow_start, ospfNetworkPointer->network, nipper->tablerow_mid, ospfNetworkPointer->networkMask, nipper->tablerow_mid, ospfNetworkPointer->areaID, nipper->tablerow_end); + ospfNetworkPointer = ospfNetworkPointer->next; + } + output_table(nipper, false, tempString2, &settings_ospf_network_heading); + } + + // OSPF Areas + if (nipper->ios->ospf->ospfArea != 0) + { + sprintf(tempString2, "OSPF process ID %d area configuration", ospfPointer->processID); + output_table(nipper, true, tempString2, &settings_ospf_area_heading); + ospfAreaPointer = nipper->ios->ospf->ospfArea; + while (ospfAreaPointer != 0) + { + switch (ospfAreaPointer->areaAuth) + { + case auth_none: + fprintf(nipper->reportFile, "%s%s%s%d%sNone%s", nipper->tablerow_start, ospfAreaPointer->areaID, nipper->tablerow_mid, ospfAreaPointer->defaultCost, nipper->tablerow_mid, nipper->tablerow_end); + break; + case auth_clear: + fprintf(nipper->reportFile, "%s%s%s%d%sClear-text%s", nipper->tablerow_start, ospfAreaPointer->areaID, nipper->tablerow_mid, ospfAreaPointer->defaultCost, nipper->tablerow_mid, nipper->tablerow_end); + break; + case auth_md5: + fprintf(nipper->reportFile, "%s%s%s%d%sMD5%s", nipper->tablerow_start, ospfAreaPointer->areaID, nipper->tablerow_mid, ospfAreaPointer->defaultCost, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + ospfAreaPointer = ospfAreaPointer->next; + } + output_table(nipper, false, tempString2, &settings_ospf_area_heading); + } + + // OSPF Interfaces + if (nipper->ios->interface !=0) + { + sprintf(tempString2, "OSPF process ID %d interface configuration", ospfPointer->processID); + output_table(nipper, true, tempString2, &settings_ospf_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + // Check interface is valid for OSPF + ospfInterPointer = ospfInterfaceConfig(interfaceConfigPointer, ospfPointer->processID); + if ((interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (ospfInterPointer->passive == false) && (ospfInterPointer->processID == ospfPointer->processID)) + { + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s%s%s%s%s", nipper->tablerow_start, interfaceConfigPointer->name, nipper->tablerow_mid, tempString, nipper->tablerow_mid, interfaceConfigPointer->ipAddress, nipper->tablerow_mid); + switch (interfaceConfigPointer->ospfAuthentication) + { + case auth_none: + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + break; + case auth_clear: + fprintf(nipper->reportFile, "Clear-Text%s", nipper->tablerow_mid); + break; + case auth_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_mid); + addAbbreviation("MD5", false); + break; + } + if (nipper->passwords == true) + { + outputFriendly(interfaceConfigPointer->ospfKey, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_mid); + } + switch (interfaceConfigPointer->ospfKeyEncryption) + { + case encrypt_type7: + fprintf(nipper->reportFile, "Type-7%s", nipper->tablerow_mid); + break; + case encrypt_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_mid); + addAbbreviation("MD5", false); + break; + case encrypt_none: + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + break; + case encrypt_unknown: + fprintf(nipper->reportFile, "Unknown%s", nipper->tablerow_mid); + break; + } + switch (interfaceConfigPointer->ospfFloodReduction) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + case unconfigured: + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + break; + } + switch (interfaceConfigPointer->ospfNetwork) + { + case ospf_default: + fprintf(nipper->reportFile, "Default"); + break; + case ospf_broadcast: + fprintf(nipper->reportFile, "Broadcast"); + break; + case ospf_nonbroadcast: + fprintf(nipper->reportFile, "Non-Broadcast"); + break; + case ospf_p2p: + fprintf(nipper->reportFile, "Point to Point"); + addAbbreviation("PPP", false); + break; + case ospf_p2multi: + fprintf(nipper->reportFile, "Point to Multipoint"); + break; + case ospf_p2multinon: + fprintf(nipper->reportFile, "Point to Multipoint (Non-Broadcast)"); + break; + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, tempString2, &settings_ospf_interface_heading); + } + + // OSPF Neighbors + if (nipper->ios->ospf->neighbor != 0) + { + sprintf(tempString2, "OSPF process ID %d neighbor configuration", ospfPointer->processID); + output_table(nipper, true, tempString2, &settings_ospf_neighbor_heading); + ospfNeighborPointer = nipper->ios->ospf->neighbor; + while (ospfNeighborPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s%d%s%d%s%d%s", nipper->tablerow_start, ospfNeighborPointer->host, nipper->tablerow_mid, ospfNeighborPointer->priority, nipper->tablerow_mid, ospfNeighborPointer->pollInterval, nipper->tablerow_mid, ospfNeighborPointer->costNumber, nipper->tablerow_mid); + if (ospfNeighborPointer->databaseFilter == false) + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + ospfNeighborPointer = ospfNeighborPointer->next; + } + output_table(nipper, false, tempString2, &settings_ospf_neighbor_heading); + } + + ospfPointer = ospfPointer->next; + } + } +} + + +void iosBGPDampeningIssue(struct nipperConfig *nipper) +{ + output_parseText(report_bgpdamp_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_bgpdamp_impact, nipper, section_imp, rate_high, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_bgpdamp_ease, nipper, section_ease, rate_moderate, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_bgpdamp_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosOSPFAuthenticationIssue(struct nipperConfig *nipper) +{ + // Variables... + struct ospfAreaConfig *ospfAreaPointer = 0; + struct ospfConfig *ospfPointer = 0; + + output_parseText(report_ospfauth_obs1, nipper, section_obs, rate_none, 0, nipper->tableNum); + if (nipper->ospfAuthMD5 > 0) + output_parseText(report_ospfauth_obs2, nipper, section_none, rate_none, nipper->ospfAuthNoneIssues, nipper->tableNum); + if ((nipper->ospfAuthNoneIssues > 0) && (nipper->ospfAuthClearIssues > 0)) + output_parseText(report_ospfauth_obs3, nipper, section_none, rate_none, nipper->ospfAuthNoneIssues + nipper->ospfAuthClearIssues, nipper->tableNum); + else if (nipper->ospfAuthNoneIssues > 0) + output_parseText(report_ospfauth_obs4, nipper, section_none, rate_none, nipper->ospfAuthNoneIssues, nipper->tableNum); + else + output_parseText(report_ospfauth_obs5, nipper, section_none, rate_none, nipper->ospfAuthClearIssues, nipper->tableNum); + if (nipper->ospfAuthNoneIssues + nipper->ospfAuthClearIssues > 1) + { + output_table(nipper, true, report_ospfauth_table, &report_ospfauth_heading); + ospfPointer = nipper->ios->ospf; + while (ospfPointer != 0) + { + ospfAreaPointer = ospfPointer->ospfArea; + if (ospfAreaPointer == 0) + fprintf(nipper->reportFile, "%s%d%sN/A%sNo Authentication%s", nipper->tablerow_start, ospfPointer->processID, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + while (ospfAreaPointer != 0) + { + if (ospfAreaPointer->areaAuth == auth_none) + fprintf(nipper->reportFile, "%s%d%s%s%sNo Authentication%s", nipper->tablerow_start, ospfPointer->processID, nipper->tablerow_mid, ospfAreaPointer->areaID, nipper->tablerow_mid, nipper->tablerow_end); + else if (ospfAreaPointer->areaAuth == auth_clear) + fprintf(nipper->reportFile, "%s%d%s%s%sClear-text Authentication%s", nipper->tablerow_start, ospfPointer->processID, nipper->tablerow_mid, ospfAreaPointer->areaID, nipper->tablerow_mid, nipper->tablerow_end); + ospfAreaPointer = ospfAreaPointer->next; + } + ospfPointer = ospfPointer->next; + } + output_table(nipper, false, report_ospfauth_table, &report_ospfauth_heading); + } + else + { + ospfPointer = nipper->ios->ospf; + while (ospfPointer != 0) + { + ospfAreaPointer = ospfPointer->ospfArea; + if (ospfAreaPointer == 0) + fprintf(nipper->reportFile, "%d.", ospfPointer->processID); + while (ospfAreaPointer != 0) + { + if (ospfAreaPointer->areaAuth == auth_none) + fprintf(nipper->reportFile, "%d area %s.", ospfPointer->processID, ospfAreaPointer->areaID); + else if (ospfAreaPointer->areaAuth == auth_clear) + fprintf(nipper->reportFile, "%d area %s.", ospfPointer->processID, ospfAreaPointer->areaID); + ospfAreaPointer = ospfAreaPointer->next; + } + ospfPointer = ospfPointer->next; + } + output_parseText(endottext, nipper, section_none, rate_none, nipper->ospfAuthNoneIssues, nipper->tableNum); + } + output_endsection(nipper, section_obs); + output_parseText(report_ospfauth_impact, nipper, section_imp, rate_high, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_ospfauth_ease, nipper, section_ease, rate_moderate, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_ospfauth_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosEIGRPIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + struct eigrpAutonStruct *eigrpAutonPointer = 0; + //struct eigrpConfig *eigrpPointer = 0; + int tempInt = 0; + int tempInt2 = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_eigrpauth_obs1, nipper, section_obs, rate_none, nipper->eigrpIssues, nipper->tableNum); + tempInt2 = 0; + //eigrpPointer = nipper->ios->eigrp; + //while (eigrpPointer != 0) + //{ + // tempInt2++; + // eigrpPointer = eigrpPointer->next; + //} + if (nipper->eigrpIssues > 1) + { + output_table(nipper, true, report_eigrpauth_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + tempInt = tempInt2; + eigrpAutonPointer = interfaceConfigPointer->eigrp; + while (eigrpAutonPointer != 0) + { + if ((eigrpAutonPointer->md5Auth == false) && (eigrpAutonPointer->passive != true)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + eigrpAutonPointer = eigrpAutonPointer->next; + } + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_eigrpauth_table, &report_interface_heading); + } + else + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + tempInt = tempInt2; + eigrpAutonPointer = interfaceConfigPointer->eigrp; + while (eigrpAutonPointer != 0) + { + if ((eigrpAutonPointer->md5Auth == false) && (eigrpAutonPointer->passive != true)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s", tempString); + output_parseText(report_eigrpauth_obs2, nipper, section_none, rate_none, nipper->eigrpIssues, 0); + } + eigrpAutonPointer = eigrpAutonPointer->next; + } + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + } + output_endsection(nipper, section_obs); + output_parseText(report_eigrpauth_impact, nipper, section_imp, rate_high, nipper->eigrpIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_eigrpauth_ease, nipper, section_ease, rate_moderate, nipper->eigrpIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_eigrpauth_rec, nipper, section_rec, rate_none, nipper->eigrpIssues, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosRIPIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_rip_obs, nipper, section_obs, rate_none, nipper->ripIssues, nipper->tableNum); + if (nipper->ripIssues == 1) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if (((interfaceConfigPointer->ripKeyChain[0] == 0) || (interfaceConfigPointer->ripAuthMode != rip_auth_md5) || (interfaceConfigPointer->ripSendVersion != rip_version2) || (interfaceConfigPointer->ripReceiveVersion != rip_version2)) && (interfaceConfigPointer->ripPassive == false) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + fprintf(nipper->reportFile, "%s.", interfaceConfigPointer->name); + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_newPara(nipper); + } + else + { + output_table(nipper, true, report_rip_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if (((interfaceConfigPointer->ripKeyChain[0] == 0) || (interfaceConfigPointer->ripAuthMode != rip_auth_md5) || (interfaceConfigPointer->ripSendVersion != rip_version2) || (interfaceConfigPointer->ripReceiveVersion != rip_version2)) && (interfaceConfigPointer->ripPassive == false) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if ((interfaceConfigPointer->ripKeyChain[0] == 0) && (interfaceConfigPointer->ripAuthMode != rip_auth_md5)) + fprintf(nipper->reportFile, "%s%s", report_rip_tab_desc1, nipper->tablerow_end); + else if (interfaceConfigPointer->ripKeyChain[0] == 0) + fprintf(nipper->reportFile, "%s%s", report_rip_tab_desc2, nipper->tablerow_end); + else if (interfaceConfigPointer->ripAuthMode != rip_auth_md5) + fprintf(nipper->reportFile, "%s%s", report_rip_tab_desc3, nipper->tablerow_end); + else if ((interfaceConfigPointer->ripSendVersion != rip_version2) && (interfaceConfigPointer->ripReceiveVersion != rip_version2)) + fprintf(nipper->reportFile, "%s %s", report_rip_tab_desc4, nipper->tablerow_end); + else if (interfaceConfigPointer->ripSendVersion != rip_version2) + fprintf(nipper->reportFile, "%s %s", report_rip_tab_desc5, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s %s", report_rip_tab_desc6, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_rip_table, &report_interface_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_rip_impact, nipper, section_imp, rate_high, nipper->ripIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_rip_ease, nipper, section_ease, rate_moderate, nipper->ripIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_rip_rec, nipper, section_rec, rate_none, nipper->ripIssues, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosVRRPIssue(struct nipperConfig *nipper) +{ + output_parseText(report_vrrp_obs, nipper, section_obs, rate_none, nipper->vrrpIssues, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_vrrp_impact, nipper, section_imp, rate_high, nipper->vrrpIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_vrrp_ease, nipper, section_ease, rate_moderate, nipper->vrrpIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_vrrp_rec, nipper, section_rec, rate_none, nipper->vrrpIssues, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosSourceRoutingIssue(struct nipperConfig *nipper) +{ + output_parseText(report_source_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_source_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_source_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_source_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosRedirectsIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_redirects_obs, nipper, section_obs, rate_none, nipper->redirectsIssues, nipper->tableNum); + if (nipper->redirectsIssues == 1) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipRedirects == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + fprintf(nipper->reportFile, "%s.", interfaceConfigPointer->name); + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_newPara(nipper); + } + else + { + output_table(nipper, true, report_redirects_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipRedirects == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_redirects_table, &report_interface_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_redirects_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_redirects_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_redirects_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosURPFIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_urpf_obs, nipper, section_obs, rate_none, nipper->uRPFIssues, nipper->tableNum); + if (nipper->uRPFIssues > 1) + { + interfaceConfigPointer = nipper->ios->interface; + output_table(nipper, true, report_urpf_table, &report_interface_heading); + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->uRPF == false) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_urpf_table, &report_interface_heading); + } + else if (nipper->uRPFIssues > 0) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->uRPF == false) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s.", tempString); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_newPara(nipper); + } + output_endsection(nipper, section_obs); + output_parseText(report_urpf_impact, nipper, section_imp, rate_med, nipper->uRPFIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_urpf_ease, nipper, section_ease, rate_noease, nipper->uRPFIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_urpf_rec, nipper, section_rec, rate_none, nipper->uRPFIssues, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosClasslessRoutingIssue(struct nipperConfig *nipper) +{ + output_parseText(report_classless_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_classless_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_classless_ease, nipper, section_ease, rate_noease, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_classless_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + diff --git a/0.11.10/IOS/.svn/text-base/report-snmp.c.svn-base b/0.11.10/IOS/.svn/text-base/report-snmp.c.svn-base new file mode 100644 index 0000000..7cfd469 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-snmp.c.svn-base @@ -0,0 +1,473 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosSNMPConfig(struct nipperConfig *nipper) +{ + // Variables... + struct snmpCommunity *communityPointer = 0; + struct snmpView *snmpViewPointer = 0; + struct snmpViewItem *snmpViewItemPointer = 0; + struct snmpGroup *snmpGroupPointer = 0; + struct snmpUser *snmpUserPointer = 0; + struct snmpTrap *snmpTrapPointer = 0; + struct snmpHost *snmpHostPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + int found = false; + + output_parseText(settings_snmp_desc, nipper, section_none, rate_none, 0, 0); + output_table(nipper, true, settings_snmp_table, &settings_general_heading); + if (nipper->ios->snmp->enabled == true) + fprintf(nipper->reportFile, "%sService enabled%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sService enabled%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->snmp->contact[0] != 0) + { + outputFriendly(nipper->ios->snmp->contact, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sContact%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if (nipper->ios->snmp->location[0] != 0) + { + outputFriendly(nipper->ios->snmp->location, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sLocation%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + fprintf(nipper->reportFile, "%sTrap Timeout%s%d seconds%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->snmp->trapTimeout, nipper->tablerow_end); + if (nipper->ios->snmp->trapSource[0] != 0) + { + outputFriendly(nipper->ios->snmp->trapSource, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sTrap Source Interface%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if (nipper->ios->snmp->tftpServerList[0] == 0) + fprintf(nipper->reportFile, "%sTFTP Server List%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + { + outputFriendly(nipper->ios->snmp->tftpServerList, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sTFTP Server List%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + output_table(nipper, false, settings_snmp_table, &settings_general_heading); + addAbbreviation("SNMP", false); + addAbbreviation("TFTP", false); + + if (nipper->ios->snmp->community != 0) + { + output_table(nipper, true, settings_snmpstring_table, &settings_snmpstring_heading); + communityPointer = nipper->ios->snmp->community; + while (communityPointer != 0) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_start); + if (nipper->passwords == true) + { + outputFriendly(communityPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_mid); + } + if (communityPointer->readonly == true) + fprintf(nipper->reportFile, "Read-Only%s%s%s%s%s", nipper->tablerow_mid, communityPointer->viewName, nipper->tablerow_mid, communityPointer->accessList, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Read/Write%s%s%s%s%s", nipper->tablerow_mid, communityPointer->viewName, nipper->tablerow_mid, communityPointer->accessList, nipper->tablerow_mid); + if (communityPointer->enabled == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + communityPointer = communityPointer->next; + } + output_table(nipper, false, settings_snmpstring_table, &settings_snmpstring_heading); + } + + if (nipper->ios->snmp->group != 0) + { + // Groups + snmpGroupPointer = nipper->ios->snmp->group; + output_table(nipper, true, settings_snmpgroups_table, &settings_snmpgroups_heading); + while (snmpGroupPointer != 0) + { + outputFriendly(snmpGroupPointer->groupName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + switch(snmpGroupPointer->version) + { + case snmp1: + fprintf(nipper->reportFile, "1"); + break; + case snmp2c: + fprintf(nipper->reportFile, "2c"); + break; + case snmp3_no_auth: + fprintf(nipper->reportFile, "3 (No Auth)"); + break; + case snmp3_auth: + fprintf(nipper->reportFile, "3 (Auth)"); + break; + case snmp3_priv: + fprintf(nipper->reportFile, "3 (Auth and Priv)"); + break; + } + outputFriendly(snmpGroupPointer->readView, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_mid); + if (snmpGroupPointer->writeView[0] != 0) + { + outputFriendly(snmpGroupPointer->writeView, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + if (snmpGroupPointer->notifyView[0] != 0) + { + outputFriendly(snmpGroupPointer->notifyView, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + if (snmpGroupPointer->context[0] != 0) + { + outputFriendly(snmpGroupPointer->context, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + if (snmpGroupPointer->acl[0] != 0) + { + outputFriendly(snmpGroupPointer->acl, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + snmpGroupPointer = snmpGroupPointer->next; + } + output_table(nipper, false, settings_snmpgroups_table, &settings_snmpgroups_heading); + addAbbreviation("OID", false); + addAbbreviation("MIB", false); + } + + // Users + if (nipper->ios->snmp->user != 0) + { + // Group Users + snmpGroupPointer = nipper->ios->snmp->group; + while (snmpGroupPointer != 0) + { + if (nipper->ios->snmp->user != 0) + { + switch (snmpGroupPointer->version) + { + case snmp1: + case snmp2c: + case snmp3_no_auth: + if (snmpGroupPointer->version == snmp1) + sprintf(tempString, "%s%s", settings_snmpgroup_table1, snmpGroupPointer->groupName); + else if (snmpGroupPointer->version == snmp2c) + sprintf(tempString, "%s%s", settings_snmpgroup_table2, snmpGroupPointer->groupName); + else if (snmpGroupPointer->version == snmp3_no_auth) + sprintf(tempString, "%s%s", settings_snmpgroup_table3, snmpGroupPointer->groupName); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_snmpnoauth_heading); + found = false; + snmpUserPointer = nipper->ios->snmp->user; + while ((snmpUserPointer != 0) && (found == false)) + { + if (strcmp(snmpUserPointer->groupName, snmpGroupPointer->groupName) == 0) + found = true; + else + snmpUserPointer = snmpUserPointer->next; + } + while (snmpUserPointer != 0) + { + if (strcmp(snmpUserPointer->groupName, snmpGroupPointer->groupName) == 0) + { + snmpUserPointer->group++; + outputFriendly(snmpUserPointer->userName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (snmpUserPointer->acl[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + else + { + outputFriendly(snmpUserPointer->acl, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + } + snmpUserPointer = snmpUserPointer->next; + } + output_table(nipper, false, tempString2, &settings_snmpnoauth_heading); + break; + case snmp3_auth: + sprintf(tempString, "%s%s", settings_snmpgroup_table4, snmpGroupPointer->groupName); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_snmpauth_heading); + found = false; + snmpUserPointer = nipper->ios->snmp->user; + while ((snmpUserPointer != 0) && (found == false)) + { + if (strcmp(snmpUserPointer->groupName, snmpGroupPointer->groupName) == 0) + found = true; + else + snmpUserPointer = snmpUserPointer->next; + } + while (snmpUserPointer != 0) + { + if (strcmp(snmpUserPointer->groupName, snmpGroupPointer->groupName) == 0) + { + snmpUserPointer->group++; + outputFriendly(snmpUserPointer->userName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(snmpUserPointer->authPass, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + switch (snmpUserPointer->snmp3auth) + { + case snmp3_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_mid); + addAbbreviation("MD5", false); + break; + case snmp3_sha: + fprintf(nipper->reportFile, "SHA%s", nipper->tablerow_mid); + addAbbreviation("SHA", false); + break; + } + if (snmpUserPointer->acl[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + else + { + outputFriendly(snmpUserPointer->acl, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + } + snmpUserPointer = snmpUserPointer->next; + } + output_table(nipper, false, tempString2, &settings_snmpauth_heading); + break; + case snmp3_priv: + sprintf(tempString, "%s%s", settings_snmpgroup_table4, snmpGroupPointer->groupName); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_snmpauth_heading); + found = false; + snmpUserPointer = nipper->ios->snmp->user; + while ((snmpUserPointer != 0) && (found == false)) + { + if (strcmp(snmpUserPointer->groupName, snmpGroupPointer->groupName) == 0) + found = true; + else + snmpUserPointer = snmpUserPointer->next; + } + while (snmpUserPointer != 0) + { + if (strcmp(snmpUserPointer->groupName, snmpGroupPointer->groupName) == 0) + { + snmpUserPointer->group++; + outputFriendly(snmpUserPointer->userName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(snmpUserPointer->authPass, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + switch (snmpUserPointer->snmp3auth) + { + case snmp3_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_mid); + addAbbreviation("MD5", false); + break; + case snmp3_sha: + fprintf(nipper->reportFile, "SHA%s", nipper->tablerow_mid); + addAbbreviation("SHA", false); + break; + } + if (nipper->passwords == true) + { + outputFriendly(snmpUserPointer->privPass, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + switch (snmpUserPointer->snmp3priv) + { + case snmp3_des: + fprintf(nipper->reportFile, "DES%s", nipper->tablerow_mid); + addAbbreviation("DES", false); + break; + case snmp3_3des: + fprintf(nipper->reportFile, "3DES%s", nipper->tablerow_mid); + addAbbreviation("3DES", false); + break; + case snmp3_des56: + fprintf(nipper->reportFile, "DES 56%s", nipper->tablerow_mid); + addAbbreviation("DES", false); + break; + case snmp3_aes128: + fprintf(nipper->reportFile, "AES 128%s", nipper->tablerow_mid); + addAbbreviation("AES", false); + break; + case snmp3_aes192: + fprintf(nipper->reportFile, "AES 192%s", nipper->tablerow_mid); + addAbbreviation("AES", false); + break; + case snmp3_aes256: + fprintf(nipper->reportFile, "AES 256%s", nipper->tablerow_mid); + addAbbreviation("AES", false); + break; + } + if (snmpUserPointer->acl[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + else + { + outputFriendly(snmpUserPointer->acl, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + } + snmpUserPointer = snmpUserPointer->next; + } + output_table(nipper, false, tempString2, &settings_snmpauth_heading); + break; + } + } + snmpGroupPointer = snmpGroupPointer->next; + } + + found = false; + snmpUserPointer = nipper->ios->snmp->user; + while ((snmpUserPointer != 0) && (found == false)) + { + if (snmpUserPointer->group == 0) + found = true; + else + snmpUserPointer = snmpUserPointer->next; + } + if (snmpUserPointer != 0) + { + output_table(nipper, true, settings_snmpgroup_table6, &settings_snmpnoauth_heading); + while (snmpUserPointer != 0) + { + if (snmpUserPointer->group == 0) + { + outputFriendly(snmpUserPointer->userName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (snmpUserPointer->acl[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + else + { + outputFriendly(snmpUserPointer->acl, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + } + snmpUserPointer = snmpUserPointer->next; + } + output_table(nipper, false, settings_snmpgroup_table6, &settings_snmpnoauth_heading); + } + } + + // Views + if (nipper->ios->snmp->view != 0) + { + snmpViewPointer = nipper->ios->snmp->view; + while (snmpViewPointer != 0) + { + sprintf(tempString, "%s %s", settings_snmpview_table, snmpViewPointer->viewName); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_snmpview_heading); + snmpViewItemPointer = snmpViewPointer->viewItem; + while (snmpViewItemPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, snmpViewItemPointer->mibId, nipper->tablerow_mid); + if (snmpViewItemPointer->include == true) + fprintf(nipper->reportFile, "Include%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Exclude%s", nipper->tablerow_end); + snmpViewItemPointer = snmpViewItemPointer->next; + } + output_table(nipper, false, tempString2, &settings_snmpview_heading); + snmpViewPointer = snmpViewPointer->next; + } + addAbbreviation("MIB", false); + } + + if (nipper->ios->snmp->host != 0) + { + output_table(nipper, true, settings_snmphost_table, &settings_snmphost_heading); + snmpHostPointer = nipper->ios->snmp->host; + while (snmpHostPointer != 0) + { + outputFriendly(snmpHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + switch(snmpHostPointer->version) + { + case snmp1: + fprintf(nipper->reportFile, "1"); + break; + case snmp2c: + fprintf(nipper->reportFile, "2c"); + break; + case snmp3_no_auth: + fprintf(nipper->reportFile, "3 (No Auth)"); + break; + case snmp3_auth: + fprintf(nipper->reportFile, "3 (Auth)"); + break; + case snmp3_priv: + fprintf(nipper->reportFile, "3 (Auth and Priv)"); + break; + } + if (nipper->passwords == true) + { + outputFriendly(snmpHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s ", nipper->tablerow_mid, tempString); + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + snmpHostPointer = snmpHostPointer->next; + } + output_table(nipper, false, settings_snmphost_table, &settings_snmphost_heading); + } + + if (nipper->ios->snmp->trap != 0) + { + output_table(nipper, true, settings_snmptrap_table, &settings_snmptrap_heading); + snmpTrapPointer = nipper->ios->snmp->trap; + while (snmpTrapPointer != 0) + { + outputFriendly(snmpTrapPointer->trap, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_end); + snmpTrapPointer = snmpTrapPointer->next; + } + output_table(nipper, false, settings_snmptrap_table, &settings_snmptrap_heading); + } +} + + +void iosSNMPIssue(struct nipperConfig *nipper) +{ + output_parseText(settings_snmp_desc, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_parseText(report_snmp_obs, nipper, section_none, rate_none, nipper->snmpIssue, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_snmp_impact, nipper, section_imp, rate_med, nipper->snmpIssue, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_snmp_ease, nipper, section_ease, rate_trivial, nipper->snmpIssue, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_snmp_rec, nipper, section_rec, rate_none, nipper->snmpIssue, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/IOS/.svn/text-base/report-ssh.c.svn-base b/0.11.10/IOS/.svn/text-base/report-ssh.c.svn-base new file mode 100644 index 0000000..9b5caac --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-ssh.c.svn-base @@ -0,0 +1,113 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosSSHConfig(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + char tempString[nipper->maxSize]; + struct lineConfig *linePointer = 0; + struct netInterface *interfacePointer = 0; + + output_table(nipper, true, settings_ssh_table, &settings_general_heading); + if (nipper->ios->line != 0) + { + tempInt = 0; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if (linePointer->ssh == true) + tempInt++; + linePointer = linePointer->next; + } + } + switch (tempInt) + { + case 0: + fprintf(nipper->reportFile, "%sSSH%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + default: + fprintf(nipper->reportFile, "%sSSH%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + switch (nipper->ios->ssh->protocolVersion) + { + case ssh_ver_1: + fprintf(nipper->reportFile, "%sProtocol version%s1%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case ssh_ver_2: + fprintf(nipper->reportFile, "%sProtocol version%s2%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + default: + fprintf(nipper->reportFile, "%sProtocol version%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + if (nipper->ios->ssh->timeout > -1) + fprintf(nipper->reportFile, "%sLogin time-out%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->ssh->timeout, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sLogin time-out%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->ssh->retries > -1) + fprintf(nipper->reportFile, "%sLogin retries%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->ssh->retries, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sLogin retries%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_ssh_table, &settings_general_heading); + addAbbreviation("SSH", false); + + // Show SSH interfaces + if (nipper->ios->ssh->interface != 0) + { + output_table(nipper, true, settings_sshint_table, &settings_sshint_heading); + fprintf(nipper->reportFile, "\n\n", nipper->tableNum, settings_sshint_table); + interfacePointer = nipper->ios->ssh->interface; + while (interfacePointer != 0) + { + outputFriendly(interfacePointer->interface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_end); + interfacePointer = interfacePointer->next; + } + output_table(nipper, false, settings_sshint_table, &settings_sshint_heading); + } +} + + +void iosSSHProtocolIssue(struct nipperConfig *nipper) +{ + output_parseText(report_sshproto_obs, nipper, section_obs, rate_none, nipper->sshIssue, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_sshproto_impact, nipper, section_imp, rate_med, nipper->sshIssue, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_sshproto_ease, nipper, section_ease, rate_difficult, nipper->sshIssue, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_sshproto_rec2, nipper, section_rec, rate_none, nipper->sshIssue, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/IOS/.svn/text-base/report-tacacs.c.svn-base b/0.11.10/IOS/.svn/text-base/report-tacacs.c.svn-base new file mode 100644 index 0000000..452389e --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-tacacs.c.svn-base @@ -0,0 +1,76 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosTACACSConfig(struct nipperConfig *nipper) +{ + // Variables... + struct host *hostPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_tacacs_table, &settings_general_heading); + if (nipper->passwords == true) + { + outputFriendly(nipper->ios->tacacs->key, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sTACACS Key%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + switch(nipper->ios->tacacs->encryption) + { + case encrypt_type7: + fprintf(nipper->reportFile, "%sKey Encryption Type%sType-7%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case encrypt_md5: + fprintf(nipper->reportFile, "%sKey Encryption Type%sMD5%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + addAbbreviation("MD5", false); + break; + case encrypt_none: + fprintf(nipper->reportFile, "%sKey Encryption Type%sNone%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case encrypt_unknown: + fprintf(nipper->reportFile, "%sKey Encryption Type%sUnknown%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + output_table(nipper, false, settings_tacacs_table, &settings_general_heading); + addAbbreviation("TACACS", false); + + if (nipper->ios->tacacs->host != 0) + { + output_table(nipper, true, settings_tacacsserv_table, &settings_tacacsserv_heading); + hostPointer = nipper->ios->tacacs->host; + while (hostPointer != 0) + { + outputFriendly(hostPointer->server, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_end); + hostPointer = hostPointer->next; + } + output_table(nipper, false, settings_tacacsserv_table, &settings_tacacsserv_heading); + } +} diff --git a/0.11.10/IOS/.svn/text-base/report-timeout.c.svn-base b/0.11.10/IOS/.svn/text-base/report-timeout.c.svn-base new file mode 100644 index 0000000..c509d7d --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-timeout.c.svn-base @@ -0,0 +1,225 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +void iosTimeoutIssue(struct nipperConfig *nipper) +{ + // Variables... + struct lineConfig *linePointer = 0; + int tempInt = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_timeout_obs1, nipper, section_obs, rate_none, nipper->insecureTimeouts, nipper->tableNum); + if ((nipper->connectionTimeout % 60) == 0) + { + numToWord(nipper->reportFile, (nipper->connectionTimeout / 60)); + fprintf(nipper->reportFile, " minutes"); + } + else + { + numToWord(nipper->reportFile, nipper->connectionTimeout / 60); + fprintf(nipper->reportFile, " minutes and "); + numToWord(nipper->reportFile, nipper->connectionTimeout % 60); + fprintf(nipper->reportFile, " seconds"); + } + output_parseText(report_timeout_obs2, nipper, section_none, rate_none, nipper->insecureTimeouts, nipper->tableNum); + linePointer = nipper->ios->line; + if (nipper->insecureTimeouts > 1) + { + output_table(nipper, true, report_timeout_table, &report_timeout_heading); + while (linePointer != 0) + { + if ((linePointer->login != login_disabled) && ((linePointer->timeout == 0) || (linePointer->timeout > nipper->connectionTimeout)) && ((linePointer->absoluteTimeout == 0) || (linePointer->absoluteTimeout > nipper->connectionTimeout)) && ((linePointer->sessionTimeout == 0) || (linePointer->sessionTimeout > nipper->connectionTimeout)) && ((linePointer->execTimeout == 0) || (linePointer->execTimeout > nipper->connectionTimeout))) + { + switch (linePointer->lineType) + { + case line_console: + fprintf(nipper->reportFile, "%sConsole line", nipper->tablerow_start); + break; + case line_vty: + fprintf(nipper->reportFile, "%sVTY line", nipper->tablerow_start); + break; + case line_tty: + fprintf(nipper->reportFile, "%sTTY line", nipper->tablerow_start); + break; + case line_aux: + fprintf(nipper->reportFile, "%sAuxiliary line", nipper->tablerow_start); + break; + } + if (linePointer->lineNumberEnd == 0) + fprintf(nipper->reportFile, " %d%s", linePointer->lineNumberStart, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "s %d to %d%s", linePointer->lineNumberStart, linePointer->lineNumberEnd, nipper->tablerow_mid); + if ((linePointer->timeout == 0) && (linePointer->sessionTimeout == 0) && (linePointer->absoluteTimeout == 0) && (linePointer->execTimeout == 0)) + fprintf(nipper->reportFile, "No Timeout%s", nipper->tablerow_end); + else + { + tempInt = 0; + if (linePointer->timeout != 0) + { + if ((linePointer->timeout % 60) == 0) + fprintf(nipper->reportFile, "Timeout: %d minutes", (linePointer->timeout / 60)); + else + fprintf(nipper->reportFile, "Timeout: %d minutes and %d seconds", linePointer->timeout / 60, linePointer->timeout % 60); + tempInt++; + } + if (linePointer->absoluteTimeout != 0) + { + if (tempInt > 0) + fprintf(nipper->reportFile, ", "); + if ((linePointer->absoluteTimeout % 60) == 0) + fprintf(nipper->reportFile, "Absolute Timeout: %d minutes", (linePointer->absoluteTimeout / 60)); + else + fprintf(nipper->reportFile, "Absolute Timeout: %d minutes and %d seconds", linePointer->absoluteTimeout / 60, linePointer->absoluteTimeout % 60); + tempInt++; + } + if (linePointer->sessionTimeout != 0) + { + if (tempInt > 0) + fprintf(nipper->reportFile, ", "); + if ((linePointer->sessionTimeout % 60) == 0) + fprintf(nipper->reportFile, "Session Timeout: %d minutes", (linePointer->sessionTimeout / 60)); + else + fprintf(nipper->reportFile, "Session Timeout: %d minutes and %d seconds", linePointer->sessionTimeout / 60, linePointer->sessionTimeout % 60); + tempInt++; + } + if (linePointer->execTimeout != 0) + { + if (tempInt > 0) + fprintf(nipper->reportFile, ", "); + if ((linePointer->execTimeout % 60) == 0) + fprintf(nipper->reportFile, "Exec Timeout: %d minutes", (linePointer->execTimeout / 60)); + else + fprintf(nipper->reportFile, "Exec Timeout: %d minutes and %d seconds", linePointer->execTimeout / 60, linePointer->execTimeout % 60); + tempInt++; + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + } + linePointer = linePointer->next; + } + output_table(nipper, false, report_timeout_table, &report_timeout_heading); + } + else + { + while (linePointer != 0) + { + if ((linePointer->login != login_disabled) && ((linePointer->timeout == 0) || (linePointer->timeout > nipper->connectionTimeout)) && ((linePointer->absoluteTimeout == 0) || (linePointer->absoluteTimeout > nipper->connectionTimeout)) && ((linePointer->sessionTimeout == 0) || (linePointer->sessionTimeout > nipper->connectionTimeout)) && ((linePointer->execTimeout == 0) || (linePointer->execTimeout > nipper->connectionTimeout))) + { + switch (linePointer->lineType) + { + case line_console: + sprintf(tempString, "*NOTEXTSTART*The console line"); + break; + case line_vty: + sprintf(tempString, "*NOTEXTSTART*The *ABBREV*VTY*-ABBREV* line"); + break; + case line_tty: + sprintf(tempString, "*NOTEXTSTART*The *ABBREV*TTY*-ABBVREV* line"); + break; + case line_aux: + sprintf(tempString, "*NOTEXTSTART*The auxiliary ine"); + break; + } + if (linePointer->lineNumberEnd == 0) + sprintf(tempString, "%s %d", tempString, linePointer->lineNumberStart); + else + sprintf(tempString, "%ss %d to %d", tempString, linePointer->lineNumberStart, linePointer->lineNumberEnd); + if ((linePointer->timeout == 0) && (linePointer->sessionTimeout == 0) && (linePointer->absoluteTimeout == 0) && (linePointer->execTimeout == 0)) + sprintf(tempString, "%s had no timeout.", tempString); + else + { + sprintf(tempString, "%s ", tempString); + tempInt = 0; + if (linePointer->timeout != 0) + { + if ((linePointer->timeout % 60) == 0) + sprintf(tempString, "%stimeout was %d minutes", tempString, (linePointer->timeout / 60)); + else + sprintf(tempString, "%stimeout was %d minutes and %d seconds", tempString, linePointer->timeout / 60, linePointer->timeout % 60); + tempInt++; + } + if (linePointer->absoluteTimeout != 0) + { + if (tempInt > 0) + sprintf(tempString, "%s, ", tempString); + if ((linePointer->absoluteTimeout % 60) == 0) + sprintf(tempString, "%sabsolute timeout was %d minutes", tempString, (linePointer->absoluteTimeout / 60)); + else + sprintf(tempString, "%sabsolute timeout was %d minutes and %d seconds", tempString, linePointer->absoluteTimeout / 60, linePointer->absoluteTimeout % 60); + tempInt++; + } + if (linePointer->sessionTimeout != 0) + { + if (tempInt > 0) + sprintf(tempString, "%s, ", tempString); + if ((linePointer->sessionTimeout % 60) == 0) + sprintf(tempString, "%ssession timeout was %d minutes", tempString, (linePointer->sessionTimeout / 60)); + else + sprintf(tempString, "%ssession timeout was %d minutes and %d seconds", tempString, linePointer->sessionTimeout / 60, linePointer->sessionTimeout % 60); + tempInt++; + } + if (linePointer->execTimeout != 0) + { + if (tempInt > 0) + sprintf(tempString, "%s, ", tempString); + if ((linePointer->execTimeout % 60) == 0) + sprintf(tempString, "%sExec timeout was %d minutes", tempString, (linePointer->execTimeout / 60)); + else + sprintf(tempString, "%sExec timeout was %d minutes and %d seconds", tempString, linePointer->execTimeout / 60, linePointer->execTimeout % 60); + tempInt++; + } + } + } + linePointer = linePointer->next; + } + output_parseText(tempString, nipper, section_none, rate_none, 0, 0); + } + output_endsection(nipper, section_obs); + output_parseText(report_timeout_impact, nipper, section_imp, rate_high, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_timeout_ease, nipper, section_ease, rate_difficult, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_timeout_rec1, nipper, section_rec, rate_none, 0, 0); + if ((nipper->connectionTimeout % 60) == 0) + { + numToWord(nipper->reportFile, (nipper->connectionTimeout / 60)); + fprintf(nipper->reportFile, " minutes"); + } + else + { + numToWord(nipper->reportFile, nipper->connectionTimeout / 60); + fprintf(nipper->reportFile, " minutes and "); + numToWord(nipper->reportFile, (nipper->connectionTimeout % 60)); + fprintf(nipper->reportFile, " seconds"); + } + output_parseText(report_timeout_rec2, nipper, section_none, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/IOS/.svn/text-base/report-username.c.svn-base b/0.11.10/IOS/.svn/text-base/report-username.c.svn-base new file mode 100644 index 0000000..a84b6ed --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-username.c.svn-base @@ -0,0 +1,165 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosUsersConfig(struct nipperConfig *nipper) +{ + // Variables... + struct enablePassword *enablePointer = 0; + struct usernameList *usernamePointer = 0; + struct privilageLevels *privilagePointer = 0; + struct bannerConfig *bannerPointer = 0; + char tempString[nipper->maxSize]; + + // Enable Password + if (nipper->ios->enable != 0) + { + output_table(nipper, true, settings_enable_table, &report_enable_heading); + enablePointer = nipper->ios->enable; + while (enablePointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, enablePointer->level, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(enablePointer->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_mid); + } + switch (enablePointer->encryption) + { + case encrypt_type7: + fprintf(nipper->reportFile, "Type-7%s", nipper->tablerow_end); + break; + case encrypt_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_end); + addAbbreviation("MD5", false); + break; + case encrypt_none: + fprintf(nipper->reportFile, "None%s", nipper->tablerow_end); + break; + case encrypt_unknown: + fprintf(nipper->reportFile, "Unknown%s", nipper->tablerow_end); + break; + } + enablePointer = enablePointer->next; + } + output_table(nipper, false, settings_enable_table, &report_enable_heading); + } + + // Usernames + if (nipper->ios->username != 0) + { + output_table(nipper, true, settings_users_table, &report_users_heading); + usernamePointer = nipper->ios->username; + while (usernamePointer != 0) + { + outputFriendly(usernamePointer->username, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s%d%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, usernamePointer->privilage, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(usernamePointer->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_mid); + } + switch (usernamePointer->encryption) + { + case encrypt_type7: + fprintf(nipper->reportFile, "Type-7%s", nipper->tablerow_end); + break; + case encrypt_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_end); + addAbbreviation("MD5", false); + break; + case encrypt_none: + fprintf(nipper->reportFile, "None%s", nipper->tablerow_end); + break; + case encrypt_unknown: + fprintf(nipper->reportFile, "Unknown%s", nipper->tablerow_end); + break; + } + usernamePointer = usernamePointer->next; + } + output_table(nipper, false, settings_users_table, &report_users_heading); + } + + // Privilage + if (nipper->ios->privilage != 0) + { + output_parseText(settings_privs_desc, nipper, section_none, rate_none, 0, 0); + output_table(nipper, true, settings_privs_table, &report_privs_heading); + privilagePointer = nipper->ios->privilage; + while (privilagePointer != 0) + { + printf("%s%d%s%s%s", nipper->tablerow_start, privilagePointer->level, nipper->tablerow_mid, privilagePointer->command, nipper->tablerow_end); + privilagePointer = privilagePointer->next; + } + output_table(nipper, false, settings_privs_table, &report_privs_heading); + } + + // Banner + if (nipper->ios->banner != 0) + { + output_parseText(settings_banner_desc, nipper, section_none, rate_none, 0, 0); + bannerPointer = nipper->ios->banner; + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "\n"); + break; + case output_xml: + fprintf(nipper->reportFile, " "); + break; + } + while (bannerPointer != 0) + { + fprintf(nipper->reportFile, "%s", bannerPointer->line); + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
\n"); + break; + default: + fprintf(nipper->reportFile, "\n"); + break; + } + bannerPointer = bannerPointer->next; + } + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, ""); + break; + case output_xml: + fprintf(nipper->reportFile, "\n"); + break; + } + output_newPara(nipper); + } +} + diff --git a/0.11.10/IOS/.svn/text-base/report-vtp.c.svn-base b/0.11.10/IOS/.svn/text-base/report-vtp.c.svn-base new file mode 100644 index 0000000..d9648f7 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report-vtp.c.svn-base @@ -0,0 +1,62 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosVTPConfig(struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_vtp_table, &settings_general_heading); + switch (nipper->ios->vtpMode) + { + case vtp_mode_server: + fprintf(nipper->reportFile, "%sVTP Mode%sServer%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case vtp_mode_client: + fprintf(nipper->reportFile, "%sVTP Mode%sClient%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case vtp_mode_transparent: + fprintf(nipper->reportFile, "%sVTP Mode%sTransparent%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case vtp_mode_none: + fprintf(nipper->reportFile, "%sVTP Mode%sNone%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + if (nipper->ios->vtpDomain[0] != 0) + { + outputFriendly(nipper->ios->vtpDomain, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sVTP Domain%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + output_table(nipper, false, settings_vtp_table, &settings_general_heading); + addAbbreviation("VTP", false); +} + diff --git a/0.11.10/IOS/.svn/text-base/report.c.svn-base b/0.11.10/IOS/.svn/text-base/report.c.svn-base new file mode 100644 index 0000000..a52bff4 --- /dev/null +++ b/0.11.10/IOS/.svn/text-base/report.c.svn-base @@ -0,0 +1,555 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +// Report IOS includes... +#include "report-aaa.c" +#include "report-access-list.c" +#include "report-clock.c" +#include "report-debug.c" +#include "report-dns.c" +#include "report-ftp.c" +#include "report-general.c" +#include "report-http.c" +#include "report-interface.c" +#include "report-keychain.c" +#include "report-line.c" +#include "report-logging.c" +#include "report-nat.c" +#include "report-ntp.c" +#include "report-passwords.c" +#include "report-router.c" +#include "report-snmp.c" +#include "report-ssh.c" +#include "report-tacacs.c" +#include "report-timeout.c" +#include "report-username.c" +#include "report-vtp.c" + + +void generateIOSReport(struct nipperConfig *nipper) +{ + // Variables + struct enablePassword *enablePointer = 0; + struct snmpGroup *snmpGroupPointer = 0; + struct interfaceConfig *interfaceConfigPointer = 0; + struct ospfAreaConfig *ospfAreaPointer = 0; + struct ospfConfig *ospfPointer = 0; + //struct eigrpConfig *eigrpPointer = 0; + struct eigrpAutonStruct *eigrpAutonPointer = 0; + struct lineConfig *linePointer = 0; + struct vulnerability *vulnPointer = 0; + struct vrrpStruct *vrrpPointer = 0; + int tempInt = 0; + //int tempInt2 = 0; + + // Security Report section + if (nipper->fullReport == true) + { + + // Software Version + if ((nipper->versionMajor < 12) || ((nipper->versionMajor == 12) && (((nipper->deviceType != type_ios_catalyst) && (nipper->versionMinor < 4)) || ((nipper->deviceType == type_ios_catalyst) && (nipper->versionMinor < 2))))) + { + nipper->vulnIssues = 0; + nipper->vulnIssueDos = false; + nipper->vulnIssueRemote = false; + vulnPointer = &report_vuln_ios; + while (vulnPointer->next != 0) + { + checkVulnVersion(nipper, vulnPointer); + vulnPointer = vulnPointer->next; + } + if (nipper->vulnIssues > 0) + addReportSection(nipper, section_security, report_osver_title, report_osver_context, report_osver_rectext, 10, 8, 5, 3, iosVulnIssue); + } + + // Simple Passwords + if (nipper->simplePasswords > 1) + addReportSection(nipper, section_security, report_dict_title1, report_dict_context, report_dict_rectext, 10, 8, 5, 3, iosDictionaryIssue); + else if (nipper->simplePasswords > 0) + addReportSection(nipper, section_security, report_dict_title2, report_dict_context, report_dict_rectext, 10, 8, 5, 3, iosDictionaryIssue); + + // Password Strength + if (nipper->passwordStrengths > 1) + addReportSection(nipper, section_security, report_strength_title1, report_strength_context, report_strength_rectext, 10, 8, 5, 3, iosStrengthIssue); + else if (nipper->passwordStrengths > 0) + addReportSection(nipper, section_security, report_strength_title2, report_strength_context, report_strength_rectext, 10, 8, 5, 3, iosStrengthIssue); + + // Auto configuration + if ((nipper->ios->bootNetwork == true) || (nipper->ios->serviceConfig == true)) + addReportSection(nipper, section_security, report_configauto_title, report_configauto_context, report_configauto_rectext, 10, 8, 5, 3, iosAutoConfigIssue); + + // IP directed broadcasts + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipDirectBroadcast == true) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + nipper->ipDirectedIssues++; + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->ipDirectedIssues > 0) + addReportSection(nipper, section_security, report_ipdirected_title, report_ipdirected_context, report_ipdirected_rectext, 10, 8, 5, 3, iosIPDirectedIssue); + + // BGP Route Dampening + if (nipper->ios->bgp != 0) + { + if (nipper->ios->bgp->dampening != true) + addReportSection(nipper, section_security, report_bgpdamp_title, report_bgpdamp_context, report_bgpdamp_rectext, 10, 8, 5, 3, iosBGPDampeningIssue); + } + + // OSPF Authentication + ospfPointer = nipper->ios->ospf; + while (ospfPointer !=0) + { + ospfAreaPointer = nipper->ios->ospf->ospfArea; + if (ospfAreaPointer == 0) + nipper->ospfAuthNoneIssues++; + while (ospfAreaPointer != 0) + { + if (ospfAreaPointer->areaAuth == auth_none) + nipper->ospfAuthNoneIssues++; + else if (ospfAreaPointer->areaAuth == auth_clear) + nipper->ospfAuthClearIssues++; + else + nipper->ospfAuthMD5++; + ospfAreaPointer = ospfAreaPointer->next; + } + ospfPointer = ospfPointer->next; + } + if ((nipper->ospfAuthNoneIssues > 0) || (nipper->ospfAuthClearIssues > 0)) + addReportSection(nipper, section_security, report_ospfauth_title, report_ospfauth_context, report_ospfauth_rectext, 10, 8, 5, 3, iosOSPFAuthenticationIssue); + + // EIGRP + if (nipper->ios->eigrp != 0) + { + //tempInt2 = 0; + //eigrpPointer = nipper->ios->eigrp; + //while (eigrpPointer != 0) + //{ + // tempInt2++; + // eigrpPointer = eigrpPointer->next; + //} + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + //tempInt = tempInt2; + eigrpAutonPointer = interfaceConfigPointer->eigrp; + while (eigrpAutonPointer != 0) + { + if ((eigrpAutonPointer->md5Auth == false) && (eigrpAutonPointer->passive != true)) + nipper->eigrpIssues++; + eigrpAutonPointer = eigrpAutonPointer->next; + } + //if (tempInt > 0) + // nipper->eigrpIssues++; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->eigrpIssues > 0) + addReportSection(nipper, section_security, report_eigrpauth_title, report_eigrpauth_context, report_eigrpauth_rectext, 10, 8, 5, 3, iosEIGRPIssue); + } + + // RIP + if (nipper->ios->rip != 0) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if (((interfaceConfigPointer->ripKeyChain[0] == 0) || (interfaceConfigPointer->ripAuthMode != rip_auth_md5) || (interfaceConfigPointer->ripSendVersion != rip_version2) || (interfaceConfigPointer->ripReceiveVersion != rip_version2)) && (interfaceConfigPointer->ripPassive == false) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + nipper->ripIssues++; + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->ripIssues > 0) + addReportSection(nipper, section_security, report_rip_title, report_rip_context, report_rip_rectext, 10, 8, 5, 3, iosRIPIssue); + } + + // VRRP + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + vrrpPointer = interfaceConfigPointer->vrrp; + while (vrrpPointer != 0) + { + if ((interfaceConfigPointer->shutdown == false) && (vrrpPointer->shutdown == false) && (vrrpPointer->authentication != vrrp_auth_md5)) + nipper->vrrpIssues++; + vrrpPointer = vrrpPointer->next; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->vrrpIssues > 0) + addReportSection(nipper, section_security, report_vrrp_title, report_vrrp_context, report_vrrp_rectext, 10, 8, 5, 3, iosVRRPIssue); + + // TCP Keep Alives + if (nipper->ios->keepAlivesIn == false) + addReportSection(nipper, section_security, report_keepalive_title, report_keepalive_context, report_keepalive_rectext, 10, 8, 5, 3, iosKeepAlivesIssue); + + // Connection Timeout + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if ((linePointer->login != login_disabled) && ((linePointer->timeout == 0) || (linePointer->timeout > nipper->connectionTimeout)) && ((linePointer->absoluteTimeout == 0) || (linePointer->absoluteTimeout > nipper->connectionTimeout)) && ((linePointer->sessionTimeout == 0) || (linePointer->sessionTimeout > nipper->connectionTimeout)) && ((linePointer->execTimeout == 0) || (linePointer->execTimeout > nipper->connectionTimeout))) + nipper->insecureTimeouts++; + linePointer = linePointer->next; + } + if (nipper->insecureTimeouts > 0) + addReportSection(nipper, section_security, report_timeout_title, report_timeout_context, report_timeout_rectext, 10, 8, 5, 3, iosTimeoutIssue); + + // Aux port + tempInt = 0; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if ((linePointer->callback == false) && (linePointer->login != login_disabled) && (linePointer->exec == true) && (linePointer->lineType == line_aux)) + tempInt++; + linePointer = linePointer->next; + } + if (tempInt > 0) + addReportSection(nipper, section_security, report_aux_title, report_aux_context, report_aux_rectext, 10, 8, 5, 3, iosAUXPortIssue); + + // Source Routing + if ((nipper->ios->sourceRouting != false) && (nipper->deviceType == type_ios_router)) + addReportSection(nipper, section_security, report_source_title, report_source_context, report_source_rectext, 10, 8, 5, 3, iosSourceRoutingIssue); + + // Finger + if (nipper->ios->finger != false) + addReportSection(nipper, section_security, report_finger_title, report_finger_context, report_finger_rectext, 10, 8, 5, 3, iosFingerIssue); + + // HTTP + tempInt = false; + if (nipper->ios->http == 0) + tempInt = true; + else if (nipper->ios->http->enabled == true) + tempInt = true; + if (tempInt == true) + addReportSection(nipper, section_security, report_http_title, report_http_context, report_http_rectext, 10, 8, 5, 3, iosHTTPIssue); + + // SNMP + if (nipper->ios->snmp != 0) + { + if (nipper->ios->snmp->enabled == true) + { + if (nipper->ios->snmp->community != 0) + nipper->snmpIssue = 1; + snmpGroupPointer = nipper->ios->snmp->group; + while (snmpGroupPointer != 0) + { + if (snmpGroupPointer->version == snmp1) + nipper->snmpIssue = 1; + else if ((snmpGroupPointer->version == snmp2c) && (nipper->snmpIssue != 1)) + nipper->snmpIssue = 2; + else if (((snmpGroupPointer->version == snmp3_no_auth) || (snmpGroupPointer->version == snmp3_auth)) && (nipper->snmpIssue == 0)) + nipper->snmpIssue = -1; + snmpGroupPointer = snmpGroupPointer->next; + } + } + } + if (nipper->snmpIssue != 0) + addReportSection(nipper, section_security, report_snmp_title, report_snmp_context, report_snmp_rectext, 10, 8, 5, 3, iosSNMPIssue); + + // Telnet + tempInt = false; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if ((linePointer->telnet == true) && (linePointer->exec == true) && (linePointer->login != login_disabled)) + tempInt = true; + linePointer = linePointer->next; + } + if (tempInt == true) + addReportSection(nipper, section_security, report_telnet_title, report_telnet_context, report_telnet_rectext, 10, 8, 5, 3, iosTelnetIssue); + + // Redirects + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipRedirects == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + nipper->redirectsIssues++; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->redirectsIssues > 0) + addReportSection(nipper, section_security, report_redirects_title, report_redirects_context, report_redirects_rectext, 10, 8, 5, 3, iosRedirectsIssue); + + // Access Lists + rulesAudit(nipper); + if (nipper->aclIssues > 0) + addReportSection(nipper, section_security, report_accesslist_title, report_accesslist_context, report_accesslist_rectext, 10, 8, 5, 3, ciscoACLIssue); + + // uRPF verification + if ((nipper->versionMajor > 11) && (nipper->deviceType == type_ios_router) && (nipper->deviceUse == use_edge)) + { + // If cef hasn't been enabled... + if (nipper->ios->cef == false) + nipper->uRPFIssues = -1; + + // Look for interfaces without uRPF on... + else + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->uRPF == false) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + nipper->uRPFIssues++; + interfaceConfigPointer = interfaceConfigPointer->next; + } + } + } + if (nipper->uRPFIssues != 0) + addReportSection(nipper, section_security, report_urpf_title, report_urpf_context, report_urpf_rectext, 10, 8, 5, 3, iosURPFIssue); + + // Switch Port Mode + if (nipper->deviceType != type_ios_router) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->switchportMode != sp_mode_access) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (strncmp(interfaceConfigPointer->name, "Vlan", 4) != 0)) + nipper->switchportModeIssues++; + interfaceConfigPointer = interfaceConfigPointer->next; + } + } + if (nipper->switchportModeIssues > 0) + addReportSection(nipper, section_security, report_trunking_title, report_trunking_context, report_trunking_rectext, 10, 8, 5, 3, iosTrunkingIssue); + + // Switch Port Security + if (nipper->deviceType != type_ios_router) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->switchportSecurity == false) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (strncmp(interfaceConfigPointer->name, "Vlan", 4) != 0)) + nipper->switchportIssues++; + interfaceConfigPointer = interfaceConfigPointer->next; + } + } + if (nipper->switchportIssues > 0) + addReportSection(nipper, section_security, report_portsecurity_title, report_portsecurity_context, report_portsecurity_rectext, 10, 8, 5, 3, iosPortSecurityIssue); + + // Logging + if (nipper->ios->logging == 0) + nipper->loggingIssue = -1; + else + { + if (nipper->ios->logging->logging == false) + nipper->loggingIssue = 1; + else if ((nipper->ios->logging->logServer == 0) && (nipper->ios->logging->bufferedLogging == 0)) + nipper->loggingIssue = 2; + else if (nipper->ios->logging->logServer == 0) + nipper->loggingIssue = 3; + else if (nipper->ios->logging->bufferedLogging == 0) + nipper->loggingIssue = 4; + } + if (nipper->loggingIssue != 0) + addReportSection(nipper, section_security, report_logging_title, report_logging_context, report_logging_rectext, 10, 8, 5, 3, iosLoggingIssue); + + // Proxy ARP + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->proxyArp == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + nipper->proxyArpIssues++; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->proxyArpIssues > 0) + addReportSection(nipper, section_security, report_proxyarp_title, report_proxyarp_context, report_proxyarp_rectext, 10, 8, 5, 3, iosProxyARPIssue); + + // SSH Protocol Version + tempInt = 0; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if ((linePointer->ssh == true) && (linePointer->exec == true) && (linePointer->login != login_disabled)) + tempInt++; + linePointer = linePointer->next; + } + if (tempInt > 0) + { + if (nipper->ios->ssh != 0) + { + if (nipper->ios->ssh->protocolVersion != ssh_ver_2) + nipper->sshIssue = 2; + } + else + nipper->sshIssue = 2; + if ((nipper->versionMajor == 12) && (nipper->versionMinor < 2)) + nipper->sshIssue = 1; + } + if (nipper->sshIssue != 0) + addReportSection(nipper, section_security, report_sshproto_title, report_sshproto_context, report_sshproto_rectext, 10, 8, 5, 3, iosSSHProtocolIssue); + + // CDP + if (nipper->ios->cdp != false) + addReportSection(nipper, section_security, report_cdp_title, report_cdp_context, report_cdp_rectext, 10, 8, 5, 3, iosCDPIssue); + + // IP Classless Routing + if ((nipper->ios->classlessRouting == true) && (nipper->deviceType == type_ios_router)) + addReportSection(nipper, section_security, report_classless_title, report_classless_context, report_classless_rectext, 10, 8, 5, 3, iosClasslessRoutingIssue); + + // Minimum Password Length + if ((nipper->versionMajor == 12) && (nipper->versionMinor > 2) && (nipper->ios->passwordMinLength < 0)) + addReportSection(nipper, section_security, report_passlength_title, report_passlength2_context, report_passlength_rectext, 10, 8, 5, 3, iosPasswordLengthIssue); + else if ((nipper->versionMajor == 12) && (nipper->versionMinor > 2) && (nipper->ios->passwordMinLength < nipper->passwordLength)) + addReportSection(nipper, section_security, report_passlength_title, report_passlength_context, report_passlength_rectext, 10, 8, 5, 3, iosPasswordLengthIssue); + + // Bootp + if (nipper->ios->bootp == true) + addReportSection(nipper, section_security, report_bootp_title, report_bootp_context, report_bootp_rectext, 10, 8, 5, 3, iosBootPIssue); + + // Small Servers + if ((nipper->ios->udpSmallServers != false) || (nipper->ios->tcpSmallServers != false)) + addReportSection(nipper, section_security, report_small_title, report_small_context, report_small_rectext, 10, 8, 5, 3, iosSmallServersIssue); + + // IP unreachables + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipUnreachables == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + nipper->unreachIssues++; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->unreachIssues > 0) + addReportSection(nipper, section_security, report_icmpunreach_title, report_icmpunreach_context, report_icmpunreach_rectext, 10, 8, 5, 3, iosIPUnreachablesIssue); + + // IP Mask Reply + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipMaskReply == true) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->ipAddress, "None", 8) != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + nipper->maskReplyIssues++; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->maskReplyIssues > 0) + addReportSection(nipper, section_security, report_maskreply_title, report_maskreply_context, report_maskreply_rectext, 10, 8, 5, 3, iosMaskReplyIssue); + + // Enable Secret Passwords + enablePointer = nipper->ios->enable; + while (enablePointer != 0) + { + if (enablePointer->secret == false) + nipper->enableIssues++; + enablePointer = enablePointer->next; + } + if (nipper->enableIssues > 0) + addReportSection(nipper, section_security, report_enablesec_title, report_enablesec_context, report_enablesec_rectext, 10, 8, 5, 3, iosEnableSecretIssue); + + // Password Encryption Service + if (nipper->ios->servicePasswordEncryption == false) + addReportSection(nipper, section_security, report_passenc_title, report_passenc_context, report_passenc_rectext, 10, 8, 5, 3, iosPasswordEncryptionIssue); + + // Banners + if (nipper->ios->banner == 0) + addReportSection(nipper, section_security, report_banner_title, report_banner_context, report_banner_rectext, 10, 8, 5, 3, iosBannerIssue); + + // Domain Lookup + if (nipper->ios->domainLookup == true) + addReportSection(nipper, section_security, report_lookup_title, report_lookup_context, report_lookup_rectext, 10, 8, 5, 3, iosDomainLookupIssue); + + // PAD + if (nipper->ios->pad == true) + addReportSection(nipper, section_security, report_pad_title, report_pad_context, report_pad_rectext, 10, 8, 5, 3, iosPADIssue); + + // MOP + tempInt = 0; + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->mop == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (strchr(interfaceConfigPointer->name, '.') == 0)) + { + tempInt++; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (tempInt > 0) + addReportSection(nipper, section_security, report_mop_title, report_mop_context, report_mop_rectext, 10, 8, 5, 3, iosMOPIssue); + } + + + // In Configuration Index + addReportSection(nipper, section_config, settings_general_title, 0, 0, 0, 0, 0, 0, iosGeneralConfig); + addReportSection(nipper, section_config, settings_services_title, 0, 0, 0, 0, 0, 0, iosServicesConfig); + addReportSection(nipper, section_config, settings_dns_title, 0, 0, 0, 0, 0, 0, iosDNSConfig); + addReportSection(nipper, section_config, settings_timezone_title, 0, 0, 0, 0, 0, 0, iosTimeZoneConfig); + if ((nipper->ios->enable != 0) || (nipper->ios->username != 0) || (nipper->ios->banner != 0)) + addReportSection(nipper, section_config, settings_users_title, 0, 0, 0, 0, 0, 0, iosUsersConfig); + if (nipper->ios->logging != 0) + addReportSection(nipper, section_config, settings_logging_title, 0, 0, 0, 0, 0, 0, iosLoggingConfig); + if (nipper->ios->snmp != 0) + addReportSection(nipper, section_config, settings_snmp_title, 0, 0, 0, 0, 0, 0, iosSNMPConfig); + if (nipper->ios->ssh != 0) + addReportSection(nipper, section_config, settings_ssh_title, 0, 0, 0, 0, 0, 0, iosSSHConfig); + if (nipper->ios->ntp != 0) + addReportSection(nipper, section_config, settings_ntp_title, 0, 0, 0, 0, 0, 0, iosNTPConfig); + if (nipper->ios->ftp != 0) + addReportSection(nipper, section_config, settings_ftp_title, 0, 0, 0, 0, 0, 0, iosFTPConfig); + if (nipper->ios->http != 0) + addReportSection(nipper, section_config, settings_http_title, 0, 0, 0, 0, 0, 0, iosHTTPConfig); + if (nipper->ios->tacacs != 0) + addReportSection(nipper, section_config, settings_tacacs_title, 0, 0, 0, 0, 0, 0, iosTACACSConfig); + if ((nipper->ios->aaa !=0) && (nipper->ios->aaa->groupServer !=0)) + addReportSection(nipper, section_config, settings_aaa_title, 0, 0, 0, 0, 0, 0, iosAAAConfig); + nipper->vrrpIssues = 0; + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if (interfaceConfigPointer->vrrp != 0) + nipper->vrrpIssues++; + interfaceConfigPointer = interfaceConfigPointer->next; + } + if ((nipper->ios->bgp != 0) || (nipper->vrrpIssues != 0) || (nipper->ios->eigrp != 0) || (nipper->ios->isis != 0) || (nipper->ios->rip != 0) || (nipper->ios->ospf != 0) || (nipper->ios->route != 0) || (nipper->ios->routeMap != 0)) + addReportSection(nipper, section_config, settings_routing_title, 0, 0, 0, 0, 0, 0, iosRoutingConfig); + if ((nipper->passwords == true) && (nipper->ios->chain != 0)) + addReportSection(nipper, section_config, settings_keys_title, 0, 0, 0, 0, 0, 0, iosKeysConfig); + if (nipper->ios->line != 0) + addReportSection(nipper, section_config, settings_lines_title, 0, 0, 0, 0, 0, 0, iosLinesConfig); + if (nipper->ios->interface != 0) + addReportSection(nipper, section_config, settings_inter_title, 0, 0, 0, 0, 0, 0, iosInterfacesConfig); + if (nipper->deviceType != type_ios_router) + addReportSection(nipper, section_config, settings_vtp_title, 0, 0, 0, 0, 0, 0, iosVTPConfig); + if ((nipper->ios->interface !=0) && (nipper->deviceType != type_ios_router)) + addReportSection(nipper, section_config, settings_switchport_title, 0, 0, 0, 0, 0, 0, iosSwitchportConfig); + if (nipper->ios->nat !=0) + addReportSection(nipper, section_config, settings_nat_title, 0, 0, 0, 0, 0, 0, iosNATConfig); + if (nipper->filterList !=0) + addReportSection(nipper, section_config, settings_accesslists_title, 0, 0, 0, 0, 0, 0, iosACLConfig); + + // Generate Report... + generateReport(nipper); +} + diff --git a/0.11.10/IOS/cleanup.c b/0.11.10/IOS/cleanup.c new file mode 100644 index 0000000..55ae0ab --- /dev/null +++ b/0.11.10/IOS/cleanup.c @@ -0,0 +1,446 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void cleanupIOS(struct nipperConfig *nipper) +{ + // Pointers... + struct enablePassword *enablePointer = 0; + struct ntpKey *ntpKeyPointer = 0; + struct ntpHost *ntpHostPointer = 0; + struct ntpAccessGroup *ntpAccessPointer = 0; + struct snmpCommunity *communityPointer = 0; + struct snmpViewItem *snmpViewItemPointer = 0; + struct snmpView *snmpViewPointer = 0; + struct snmpGroup *snmpGroupPointer = 0; + struct snmpUser *snmpUserPointer = 0; + struct snmpTrap *snmpTrapPointer = 0; + struct snmpHost *snmpHostPointer = 0; + struct usernameList *usernamePointer = 0; + struct privilageLevels *privilagePointer = 0; + struct host *logServerPointer = 0; + struct host *tacacsHostPointer = 0; + struct aaaGroupServer *aaaGroupServerPointer = 0; + struct aaaServer *aaaServerPointer = 0; + struct netInterface *interfacePointer = 0; + struct interfaceConfig *interfaceConfigPointer = 0; + struct bgpNeighbor *neighborPointer = 0; + struct keyChain *keyChainPointer = 0; + struct keyConfig *keyPointer = 0; + struct lineConfig *linePointer = 0; + struct bannerConfig *bannerPointer = 0; + struct ospfNetworkConfig *ospfNetworkPointer = 0; + struct ospfAreaConfig *ospfAreaPointer = 0; + struct ospfNeighbor *ospfNeighborPointer = 0; + struct ospfConfig *ospfPointer = 0; + struct staticRoute *routePointer = 0; + struct routeMapConfig *routeMapPointer = 0; + struct natConfig *natPointer = 0; + struct host *hostPointer = 0; + struct passiveStruct *passivePointer = 0; + struct eigrpConfig *eigrpPointer = 0; + struct eigrpNetwork *eigrpNetworkPointer = 0; + struct eigrpNeighbor *eigrpNeighborPointer = 0; + struct eigrpAutonStruct *eigrpAutonPointer = 0; + struct ospfInterStruct *ospfInterPointer = 0; + struct bgpInterStruct *bgpInterPointer = 0; + struct bgpConfig *bgpPointer = 0; + struct vrrpStruct *vrrpPointer = 0; + + // Cleanup EIGRP + while (nipper->ios->eigrp != 0) + { + eigrpPointer = nipper->ios->eigrp->next; + while (nipper->ios->eigrp->network != 0) + { + eigrpNetworkPointer = nipper->ios->eigrp->network->next; + free (nipper->ios->eigrp->network); + nipper->ios->eigrp->network = eigrpNetworkPointer; + } + while (nipper->ios->eigrp->neighbor != 0) + { + eigrpNeighborPointer = nipper->ios->eigrp->neighbor->next; + free (nipper->ios->eigrp->neighbor); + nipper->ios->eigrp->neighbor = eigrpNeighborPointer; + } + while (nipper->ios->eigrp->passive != 0) + { + passivePointer = nipper->ios->eigrp->passive->next; + free(nipper->ios->eigrp->passive); + nipper->ios->eigrp->passive = passivePointer; + } + free (nipper->ios->eigrp); + nipper->ios->eigrp = eigrpPointer; + } + + // Cleanup NAT + while (nipper->ios->nat != 0) + { + natPointer = nipper->ios->nat->next; + free (nipper->ios->nat); + nipper->ios->nat = natPointer; + } + + // Cleanup Route Map + while (nipper->ios->routeMap != 0) + { + routeMapPointer = nipper->ios->routeMap->next; + free (nipper->ios->routeMap); + nipper->ios->routeMap = routeMapPointer; + } + + // Cleanup enable passwords + while (nipper->ios->enable != 0) + { + enablePointer = nipper->ios->enable->next; + free(nipper->ios->enable); + nipper->ios->enable = enablePointer; + } + + // Cleanup usernames + while (nipper->ios->username != 0) + { + usernamePointer = nipper->ios->username->next; + free(nipper->ios->username); + nipper->ios->username = usernamePointer; + } + + // Cleanup DNS servers + while (nipper->ios->dns != 0) + { + logServerPointer = nipper->ios->dns->next; + free(nipper->ios->dns); + nipper->ios->dns = logServerPointer; + } + + // Cleanup Privilages + while (nipper->ios->privilage != 0) + { + privilagePointer = nipper->ios->privilage->next; + free(nipper->ios->privilage); + nipper->ios->privilage = privilagePointer; + } + + // Cleanup Route + while (nipper->ios->route != 0) + { + routePointer = nipper->ios->route->next; + free(nipper->ios->route); + nipper->ios->route = routePointer; + } + + // Cleanup HTTP + if (nipper->ios->http != 0) + free(nipper->ios->http); + + // Cleanup Key Chain + while (nipper->ios->chain != 0) + { + while (nipper->ios->chain->key != 0) + { + keyPointer = nipper->ios->chain->key->next; + free (nipper->ios->chain->key); + nipper->ios->chain->key = keyPointer; + } + keyChainPointer = nipper->ios->chain->next; + free (nipper->ios->chain); + nipper->ios->chain = keyChainPointer; + } + + // Cleanup SSH + if (nipper->ios->ssh != 0) + { + while (nipper->ios->ssh->interface != 0) + { + interfacePointer = nipper->ios->ssh->interface->next; + free(nipper->ios->ssh->interface); + nipper->ios->ssh->interface = interfacePointer; + } + free(nipper->ios->ssh); + } + + // Cleanup Line + while (nipper->ios->line != 0) + { + linePointer = nipper->ios->line->next; + free(nipper->ios->line); + nipper->ios->line = linePointer; + } + + // Cleanup BGP + while (nipper->ios->bgp != 0) + { + bgpPointer = nipper->ios->bgp->next; + while (nipper->ios->bgp->neighbor != 0) + { + neighborPointer = nipper->ios->bgp->neighbor->next; + free(nipper->ios->bgp->neighbor); + nipper->ios->bgp->neighbor = neighborPointer; + } + while (nipper->ios->bgp->passive != 0) + { + passivePointer = nipper->ios->bgp->passive->next; + free(nipper->ios->bgp->passive); + nipper->ios->bgp->passive = passivePointer; + } + free(nipper->ios->bgp); + nipper->ios->bgp = bgpPointer; + } + + // Cleanup RIP + if (nipper->ios->rip != 0) + { + while (nipper->ios->rip->neighbor != 0) + { + hostPointer = nipper->ios->rip->neighbor->next; + free(nipper->ios->rip->neighbor); + nipper->ios->rip->neighbor = hostPointer; + } + while (nipper->ios->rip->network != 0) + { + hostPointer = nipper->ios->rip->network->next; + free(nipper->ios->rip->network); + nipper->ios->rip->network = hostPointer; + } + while (nipper->ios->rip->passive != 0) + { + passivePointer = nipper->ios->rip->passive->next; + free(nipper->ios->rip->passive); + nipper->ios->rip->passive = passivePointer; + } + free(nipper->ios->rip); + } + + // Interfaces + while (nipper->ios->interface != 0) + { + interfaceConfigPointer = nipper->ios->interface->next; + while (nipper->ios->interface->eigrp != 0) + { + eigrpAutonPointer = nipper->ios->interface->eigrp->next; + free(nipper->ios->interface->eigrp); + nipper->ios->interface->eigrp = eigrpAutonPointer; + } + while (nipper->ios->interface->bgp != 0) + { + bgpInterPointer = nipper->ios->interface->bgp->next; + free(nipper->ios->interface->bgp); + nipper->ios->interface->bgp = bgpInterPointer; + } + while (nipper->ios->interface->ospf != 0) + { + ospfInterPointer = nipper->ios->interface->ospf->next; + free(nipper->ios->interface->ospf); + nipper->ios->interface->ospf = ospfInterPointer; + } + while (nipper->ios->interface->vrrp != 0) + { + vrrpPointer = nipper->ios->interface->vrrp->next; + free(nipper->ios->interface->vrrp); + nipper->ios->interface->vrrp = vrrpPointer; + } + free(nipper->ios->interface); + nipper->ios->interface = interfaceConfigPointer; + } + + // Banner + while (nipper->ios->banner != 0) + { + bannerPointer = nipper->ios->banner->next; + free(nipper->ios->banner->line); + free(nipper->ios->banner); + nipper->ios->banner = bannerPointer; + } + + // Cleanup AAA + if (nipper->ios->aaa != 0) + { + while (nipper->ios->aaa->groupServer != 0) + { + while (nipper->ios->aaa->groupServer->server != 0) + { + aaaServerPointer = nipper->ios->aaa->groupServer->server->next; + free (nipper->ios->aaa->groupServer->server); + nipper->ios->aaa->groupServer->server = aaaServerPointer; + } + aaaGroupServerPointer = nipper->ios->aaa->groupServer->next; + free (nipper->ios->aaa->groupServer); + nipper->ios->aaa->groupServer = aaaGroupServerPointer; + } + free (nipper->ios->aaa); + } + + // Cleanup Logging + if (nipper->ios->logging != 0) + { + while (nipper->ios->logging->logServer != 0) + { + logServerPointer = nipper->ios->logging->logServer->next; + free(nipper->ios->logging->logServer); + nipper->ios->logging->logServer = logServerPointer; + } + free(nipper->ios->logging); + } + + // Cleanup TACACS + if (nipper->ios->tacacs != 0) + { + while (nipper->ios->tacacs->host != 0) + { + tacacsHostPointer = nipper->ios->tacacs->host->next; + free(nipper->ios->tacacs->host); + nipper->ios->tacacs->host = tacacsHostPointer; + } + free(nipper->ios->tacacs); + } + + // OSPF + while (nipper->ios->ospf != 0) + { + ospfPointer = nipper->ios->ospf->next; + // Cleanup OSPF Area + while (nipper->ios->ospf->ospfArea != 0) + { + ospfAreaPointer = nipper->ios->ospf->ospfArea->next; + free(nipper->ios->ospf->ospfArea); + nipper->ios->ospf->ospfArea = ospfAreaPointer; + } + // Cleanup OSPF Network + while (nipper->ios->ospf->ospfNetwork != 0) + { + ospfNetworkPointer = nipper->ios->ospf->ospfNetwork->next; + free(nipper->ios->ospf->ospfNetwork); + nipper->ios->ospf->ospfNetwork = ospfNetworkPointer; + } + // Cleanup OSPF Neighbor + while (nipper->ios->ospf->neighbor != 0) + { + ospfNeighborPointer = nipper->ios->ospf->neighbor->next; + free(nipper->ios->ospf->neighbor); + nipper->ios->ospf->neighbor = ospfNeighborPointer; + } + free(nipper->ios->ospf); + nipper->ios->ospf = ospfPointer; + } + + // Cleanup ftp + if (nipper->ios->ftp != 0) + { + while (nipper->ios->ftp->interface != 0) + { + interfacePointer = nipper->ios->ftp->interface->next; + free(nipper->ios->ftp->interface); + nipper->ios->ftp->interface = interfacePointer; + } + free(nipper->ios->ftp); + } + + // Cleanup ntp + if (nipper->ios->ntp != 0) + { + while (nipper->ios->ntp->key != 0) + { + ntpKeyPointer = nipper->ios->ntp->key->next; + free(nipper->ios->ntp->key); + nipper->ios->ntp->key = ntpKeyPointer; + } + while (nipper->ios->ntp->server != 0) + { + ntpHostPointer = nipper->ios->ntp->server->next; + free(nipper->ios->ntp->server); + nipper->ios->ntp->server = ntpHostPointer; + } + while (nipper->ios->ntp->peer != 0) + { + ntpHostPointer = nipper->ios->ntp->peer->next; + free(nipper->ios->ntp->peer); + nipper->ios->ntp->peer = ntpHostPointer; + } + while (nipper->ios->ntp->access != 0) + { + ntpAccessPointer = nipper->ios->ntp->access->next; + free(nipper->ios->ntp->access); + nipper->ios->ntp->access = ntpAccessPointer; + } + free(nipper->ios->ntp); + } + + // Cleanup snmp + if (nipper->ios->snmp != 0) + { + while (nipper->ios->snmp->community != 0) + { + communityPointer = nipper->ios->snmp->community->next; + free(nipper->ios->snmp->community); + nipper->ios->snmp->community = communityPointer; + } + while (nipper->ios->snmp->trap != 0) + { + snmpTrapPointer = nipper->ios->snmp->trap->next; + free(nipper->ios->snmp->trap); + nipper->ios->snmp->trap = snmpTrapPointer; + } + while (nipper->ios->snmp->host != 0) + { + snmpHostPointer = nipper->ios->snmp->host->next; + free(nipper->ios->snmp->host); + nipper->ios->snmp->host = snmpHostPointer; + } + while (nipper->ios->snmp->view != 0) + { + while (nipper->ios->snmp->view->viewItem != 0) + { + snmpViewItemPointer = nipper->ios->snmp->view->viewItem->next; + free(nipper->ios->snmp->view->viewItem); + nipper->ios->snmp->view->viewItem = snmpViewItemPointer; + } + snmpViewPointer = nipper->ios->snmp->view->next; + free(nipper->ios->snmp->view); + nipper->ios->snmp->view = snmpViewPointer; + } + while (nipper->ios->snmp->group != 0) + { + snmpGroupPointer = nipper->ios->snmp->group->next; + free(nipper->ios->snmp->group); + nipper->ios->snmp->group = snmpGroupPointer; + } + while (nipper->ios->snmp->user != 0) + { + snmpUserPointer = nipper->ios->snmp->user->next; + free(nipper->ios->snmp->user); + nipper->ios->snmp->user = snmpUserPointer; + } + free(nipper->ios->snmp); + } + + // Cleanup IOS config + free(nipper->ios); +} + diff --git a/0.11.10/IOS/input.c b/0.11.10/IOS/input.c new file mode 100644 index 0000000..8de3816 --- /dev/null +++ b/0.11.10/IOS/input.c @@ -0,0 +1,425 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct ciscoIOSConfig // Cisco IOS configuration +{ + // Configuration settings... + int sourceRouting; // true or false + int tcpSmallServers; // true, false, unconfigured + int udpSmallServers; // true, false, unconfigured + int finger; // true, false, unconfigured + int cdp; // true or false + int cef; // true or false + int bootp; // true or false + int servicePasswordEncryption; // true or false + int bootNetwork; // true or false + int serviceConfig; // true or false + int pad; // true or false + int domainLookup; // true or false + int classlessRouting; // true or false + int keepAlivesIn; // true or false + int keepAlivesOut; // true or false + int gratuitousArps; // true or false + int calendarValid; // true (default) or false + char summerTimeZone[8]; // Empty is disabled + char timeZone[8]; // default (UTC) + int timeOffsetHours; + int timeOffsetMins; + int passwordMinLength; // 6 is default on IOS 12.3(1)+, otherwise it doesn't exist + int vtpMode; // vtp_mode_server (default)... + char vtpDomain[34]; // VTP Domain + struct host *dns; // DNS Servers + struct ntpConfig *ntp; // NTP + struct enablePassword *enable; // Enable Passwords + struct snmpConfig *snmp; // SNMP + struct ftpConfig *ftp; // FTP + struct usernameList *username; // Users + struct privilageLevels *privilage; // Privilege Levels + struct loggingConfig *logging; // Logging + struct tacacsConfig *tacacs; // TACACS + struct aaaConfig *aaa; // AAA + struct httpConfig *http; // HTTP + struct sshConfig *ssh; // SSH + struct interfaceConfig *interface; // Interfaces + struct routeMapConfig *routeMap; // Routing - Route Maps + struct staticRoute *route; // Routing - Static + struct ripConfig *rip; // Routing - RIP + struct ospfConfig *ospf; // Routing - OSPF + struct eigrpConfig *eigrp; // Routing - EIGRP + struct isisConfig *isis; // Routing - ISIS + struct bgpConfig *bgp; // Routing - BGP + struct keyChain *chain; // Key Chain + struct lineConfig *line; // Local / Remote Administration Lines + struct bannerConfig *banner; // Logon Banner + struct natConfig *nat; // NAT +}; + + +struct netInterface // Interfaces +{ + char interface[32]; + struct netInterface *next; +}; + + +#define vtp_mode_server 0 +#define vtp_mode_client 1 +#define vtp_mode_transparent 2 +#define vtp_mode_none 3 + + +// Processing IOS includes... +#include "process-aaa.c" +#include "process-access-list.c" +#include "process-banner.c" +#include "process-cef.c" +#include "process-clock.c" +#include "process-dns.c" +#include "process-enable.c" +#include "process-ftp.c" +#include "process-general.c" +#include "process-http.c" +#include "process-interface.c" +#include "process-keychain.c" +#include "process-line.c" +#include "process-logging.c" +#include "process-nat.c" +#include "process-ntp.c" +#include "process-route-map.c" +#include "process-router.c" +#include "process-snmp.c" +#include "process-ssh.c" +#include "process-tacacs.c" +#include "process-username.c" +#include "process-vtp.c" + + +void processIOSInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + int setting = 0; + int tempInt = 0; + + // Split the command line up + command = splitLine(line); + + // Init + if (strcmp(command.part[0], "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + if (strncmp("!", line, 1) == 0) + { } + + // Hostname + else if (strcmp(command.part[tempInt], "hostname") == 0) + { + if (nipper->debugMode == true) + printf("Hostname Line: %s\n", line); + strncpy(nipper->hostname, command.part[tempInt+1], sizeof(nipper->hostname) - 1); + } + + // Version + else if (strcmp(command.part[tempInt], "version") == 0) + { + if (nipper->debugMode == true) + printf("Version Line: %s\n", line); + strncpy(nipper->version, command.part[tempInt+1], sizeof(nipper->version) - 1); + nipper->versionMajor = atoi(nipper->version); + if (strchr(nipper->version, '.') != 0) + nipper->versionMinor = atoi(strchr(nipper->version, '.') + 1); + } + + // Service lines... + else if (strcmp(command.part[tempInt], "service") == 0) + { + tempInt++; + + // Service Password Encryption... + if (strcmp(command.part[tempInt], "password-encryption") == 0) + { + if (nipper->debugMode == true) + printf("Service Password-Encryption Line: %s\n", line); + nipper->ios->servicePasswordEncryption = setting; + } + + // TCP keep alives in + else if (strcmp(command.part[tempInt], "tcp-keepalives-in") == 0) + { + if (nipper->debugMode == true) + printf("TCP Keep Alives In Line: %s\n", line); + nipper->ios->keepAlivesIn = setting; + } + + // TCP keep alives out + else if (strcmp(command.part[tempInt], "tcp-keepalives-out") == 0) + { + if (nipper->debugMode == true) + printf("TCP Keep Alives Out Line: %s\n", line); + nipper->ios->keepAlivesOut = setting; + } + + // Service Config + else if (strcmp(command.part[tempInt], "config") == 0) + processServiceConfig(line, nipper); + + // PAD Service... + else if (strcmp(command.part[tempInt], "pad") == 0) + { + if (nipper->debugMode == true) + printf("PAD Line: %s\n", line); + nipper->ios->pad = setting; + } + + // TCP Small Servers... + else if (strcmp(command.part[tempInt], "tcp-small-servers") == 0) + processSmallServers(line, nipper); + + // UDP Small Servers... + else if (strcmp(command.part[tempInt], "udp-small-servers") == 0) + processSmallServers(line, nipper); + + // Finger... + else if (strcmp(command.part[tempInt], "finger") == 0) + { + if (nipper->debugMode == true) + printf("Finger Line: %s\n", line); + nipper->ios->finger = setting; + } + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + } + + // IP lines... + else if (strcmp(command.part[tempInt], "ip") == 0) + { + tempInt++; + + // Cisco Express Forwarding + if (strcmp(command.part[tempInt], "cef") == 0) + processCEF(line, nipper); + + // IP Classless Routing + else if (strcmp(command.part[tempInt], "classless") == 0) + { + if (nipper->debugMode == true) + printf("Classless Routing Line: %s\n", line); + nipper->ios->classlessRouting = setting; + } + + // Access Lists... + else if (strcmp(command.part[tempInt], "access-list") == 0) + processIPAccessList(line, nipper); + + // Gratuitous ARPs + else if (strcmp(command.part[tempInt], "gratuitous-arps") == 0) + { + if (nipper->debugMode == true) + printf("Gratuitous ARPs Line: %s\n", line); + nipper->ios->gratuitousArps = setting; + } + + // SSH + else if (strcmp(command.part[tempInt], "ssh") == 0) + processSsh(line, nipper); + + // Name Servers + else if (strcmp(command.part[tempInt], "name-server") == 0) + processNameServer(line, nipper); + + // Domain Name + else if (strcmp(command.part[tempInt], "domain-name") == 0) + { + if (nipper->debugMode == true) + printf("Domain Name Line: %s\n", line); + strncpy(nipper->domainName, command.part[tempInt+1], sizeof(nipper->domainName) - 1); + } + else if ((strcmp(command.part[tempInt], "domain") == 0) && (strcmp(command.part[tempInt+1], "name") == 0)) + { + if (nipper->debugMode == true) + printf("Domain Name Line: %s\n", line); + strncpy(nipper->domainName, command.part[tempInt+2], sizeof(nipper->domainName) - 1); + } + + // Domain Lookup + else if ((strcmp(command.part[tempInt], "domain-lookup") == 0) || ((strcmp(command.part[tempInt], "domain") == 0) && (strcmp(command.part[tempInt+1], "lookup") == 0))) + processDomainLookup(line, nipper); + + // Source routing... + else if (strcmp(command.part[tempInt], "source-route") == 0) + { + if (nipper->debugMode == true) + printf("IP Source Route Line: %s\n", line); + nipper->ios->sourceRouting = setting; + } + + // Bootp... + else if ((strcmp(command.part[tempInt], "bootp") == 0) && (strcmp(command.part[tempInt+1], "server") == 0)) + processBootp(line, nipper); + + // HTTP... + else if (strcmp(command.part[tempInt], "http") == 0) + processHttp(line, nipper); + + // FTP username / password... + else if (strcmp(command.part[tempInt], "ftp") == 0) + processFtp(line, nipper); + + // IP Route... + else if ((strcmp(command.part[tempInt], "route") == 0) && (strcmp(command.part[tempInt+1], "vrf") != 0)) + processRoute(line, nipper); + + // IP NAT... + else if (strcmp(command.part[tempInt], "nat") == 0) + processNAT(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + } + + // Security + else if (strcmp(command.part[tempInt], "security") == 0) + { + tempInt++; + + // Passwords Minimum Length + if ((strcmp(command.part[tempInt], "passwords") == 0) && (strcmp(command.part[tempInt+1], "min-length") == 0)) + { + if (nipper->debugMode == true) + printf("Password Length Line: %s\n", line); + if (setting == false) + nipper->ios->passwordMinLength = 0; + else + nipper->ios->passwordMinLength = atoi(command.part[tempInt+2]); + } + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + } + + // Enable Passwords + else if (strcmp(command.part[tempInt], "enable") == 0) + processEnable(line, nipper); + + // Usernames... + else if (strcmp(command.part[tempInt], "username") == 0) + processUsername(line, nipper); + + // Interfaces + else if (strcmp(command.part[tempInt], "interface") == 0) + processInterface(line, nipper); + + // Banner... + else if (strcmp(command.part[tempInt], "banner") == 0) + processBanner(line, nipper); + + // CDP... + else if ((strcmp(command.part[tempInt], "cdp") == 0) && (strcmp(command.part[tempInt+1], "run") == 0)) + { + if (nipper->debugMode == true) + printf("CDP Line: %s\n", line); + nipper->ios->cdp = setting; + } + + // Access Lists... + else if (strcmp(command.part[tempInt], "access-list") == 0) + processAccessList(line, nipper); + + // Line... + else if (strcmp(command.part[tempInt], "line") == 0) + processLine(line, nipper); + + // VTP... + else if (strcmp(command.part[tempInt], "vtp") == 0) + processVTP(line, nipper); + + // Key chain... + else if ((strcmp(command.part[tempInt], "key") == 0) && (strcmp(command.part[tempInt+1], "chain") == 0)) + processKeyChain(line, nipper); + + // Routing... + else if (strcmp(command.part[tempInt], "router") == 0) + processRouter(line, nipper); + + // Route Map... + else if (strcmp(command.part[tempInt], "route-map") == 0) + processRouteMap(line, nipper); + + // TACACS... + else if (strcmp(command.part[tempInt], "tacacs-server") == 0) + processTacacs(line, nipper); + + // AAA... + else if (strcmp(command.part[tempInt], "aaa") == 0) + processAaa(line, nipper); + + // NTP... + else if (strcmp(command.part[tempInt], "ntp") == 0) + processNtp(line, nipper); + + // Privilage Levels... + else if ((strcmp(command.part[tempInt], "privilage") == 0) && (strcmp(command.part[tempInt+1], "exec") == 0) && (strcmp(command.part[tempInt+2], "level") == 0)) + processPrivilage(line, nipper); + + // SNMP... + else if (strcmp(command.part[tempInt], "snmp-server") == 0) + processSnmp(line, nipper); + + // Logging... + else if (strcmp(command.part[tempInt], "logging") == 0) + processLogging(line, nipper); + + // Clock... + else if (strcmp(command.part[tempInt], "clock") == 0) + processClock(line, nipper); + + // Boot Network + else if ((strcmp(command.part[tempInt], "boot") == 0) && (strcmp(command.part[tempInt+1], "network") == 0)) + processBootNetwork(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} diff --git a/0.11.10/IOS/process-aaa.c b/0.11.10/IOS/process-aaa.c new file mode 100644 index 0000000..c255dfc --- /dev/null +++ b/0.11.10/IOS/process-aaa.c @@ -0,0 +1,243 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +#define aaa_radius 0 +#define aaa_tacacs 1 +#define aaa_kerberos 2 + + +// AAA Server +struct aaaServer +{ + char server[32]; + int authPort; + int acctPort; + char key[128]; + char keyEncrypted[128]; + int encryption; + int weak; + int dictionary; + struct aaaServer *next; +}; + + +// AAA Group Server +struct aaaGroupServer +{ + int type; // aaa_radius, aaa_tacacs or aaa_kerberos + char username[64]; + struct aaaServer *server; + struct aaaGroupServer *next; +}; + + +// AAA +struct aaaConfig +{ + struct aaaGroupServer *groupServer; +}; + + +// Process AAA +void processAaa(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + struct aaaGroupServer *groupServerPointer = 0; + struct aaaServer *serverPointer = 0; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("AAA Line: %s\n", line); + } + + // If there is no aaa config, create one + if (nipper->ios->aaa == 0) + { + // Create + nipper->ios->aaa = malloc(sizeof(struct aaaConfig)); + + // Init + memset(nipper->ios->aaa, 0, sizeof(struct aaaConfig)); + } + + // Init + command = splitLine(line); + + // If group server line + if (strncmp("aaa group server ", line, 17) == 0) + { + // Create + groupServerPointer = malloc(sizeof(struct aaaGroupServer)); + memset(groupServerPointer, 0, sizeof(struct aaaGroupServer)); + + // Sort out pointers + groupServerPointer->next = nipper->ios->aaa->groupServer; + nipper->ios->aaa->groupServer = groupServerPointer; + + // Init + groupServerPointer->server = 0; + + // Type of group server + if (strncmp(command.part[3], "radius", 6) == 0) + groupServerPointer->type = aaa_radius; + else if (strncmp(command.part[3], "tacacs", 6) == 0) + groupServerPointer->type = aaa_tacacs; + else if (strncmp(command.part[3], "kerberos", 8) == 0) + groupServerPointer->type = aaa_kerberos; + + // Username + strncpy(groupServerPointer->username, command.part[command.parts - 1], sizeof(groupServerPointer->username)); + + // Loop through aaa group server lines + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + { + printf("AAA Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Get server-private line + if (strncmp(command.part[0], "server-private", 14) == 0) + { + // Create structure + serverPointer = malloc(sizeof(struct aaaServer)); + memset(serverPointer, 0, sizeof(struct aaaServer)); + + // Sort out pointers + serverPointer->next = groupServerPointer->server; + groupServerPointer->server = serverPointer; + + // Init + strcpy(serverPointer->server, ""); + serverPointer->authPort = -1; + serverPointer->acctPort = -1; + strcpy(serverPointer->key, ""); + strcpy(serverPointer->keyEncrypted, ""); + serverPointer->weak = false; + serverPointer->dictionary = false; + serverPointer->encryption = -1; + + // Get server + strncpy(serverPointer->server, command.part[1], sizeof(serverPointer->server)); + tempInt = 2; + + // Get parameters + while (tempInt < command.parts) + { + // Auth port + if (strncmp(command.part[tempInt], "auth-port", 9) == 0) + { + tempInt++; + serverPointer->authPort = atoi(command.part[tempInt]); + } + + // Acct Port + else if ((strncmp(command.part[tempInt], "acct-port", 9) == 0) && (command.parts > tempInt)) + { + tempInt++; + serverPointer->acctPort = atoi(command.part[tempInt]); + } + + // Key + else if ((strncmp(command.part[tempInt], "key", 3) == 0) && (command.parts > tempInt)) + { + tempInt++; + // Password type + switch (command.part[tempInt][0]) + { + case '7': + serverPointer->encryption = encrypt_type7; + if (password7(command.part[tempInt + 1], serverPointer->key, sizeof(serverPointer->key), nipper->debugMode) != 0) + strcpy(serverPointer->key, ""); + strncpy(serverPointer->keyEncrypted, command.part[tempInt + 1], sizeof(serverPointer->keyEncrypted)); + break; + + case '5': + serverPointer->encryption = encrypt_md5; + strcpy(serverPointer->key, ""); + strncpy(serverPointer->keyEncrypted, command.part[tempInt + 1], sizeof(serverPointer->keyEncrypted)); + addJohnPassword(nipper, serverPointer->server , serverPointer->keyEncrypted); + break; + + case '0': + serverPointer->encryption = encrypt_none; + strncpy(serverPointer->key, command.part[tempInt + 1], sizeof(serverPointer->key)); + strcpy(serverPointer->keyEncrypted, ""); + break; + + default: + if (command.parts == tempInt + 2) + { + serverPointer->encryption = encrypt_none; + strncpy(serverPointer->key, command.part[command.parts - 1], sizeof(serverPointer->key)); + strcpy(serverPointer->keyEncrypted, ""); + } + else + { + serverPointer->encryption = encrypt_unknown; + strcpy(serverPointer->key, ""); + strncpy(serverPointer->keyEncrypted, command.part[command.parts - 1], sizeof(serverPointer->keyEncrypted)); + } + break; + } + if ((strcmp(serverPointer->key, "") != 0) && strlen(serverPointer->key) != 0) + { + if (simplePassword(serverPointer->key, nipper) == true) + { + nipper->simplePasswords++; + serverPointer->dictionary = true; + } + if (passwordStrength(serverPointer->key, nipper) == false) + { + nipper->passwordStrengths++; + serverPointer->weak = true; + } + } + } + + // Increment + tempInt++; + } + } + + // Read next line + readLine(nipper->input, line, nipper->maxSize); + } + } +} diff --git a/0.11.10/IOS/process-access-list.c b/0.11.10/IOS/process-access-list.c new file mode 100644 index 0000000..354cf6e --- /dev/null +++ b/0.11.10/IOS/process-access-list.c @@ -0,0 +1,632 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Access List +void processAccessList(char *line, struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + int loop = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + struct filterConfig *filterPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + struct filterListConfig *filterListPointer = 0; + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("Access-List Line: %s\n", line); + } + + // Init + command = splitLine(line); + tempString[0] = 0; + if (command.parts < 4) + return; + + // Get / create access list + filterListPointer = getFilterList(nipper, command.part[1], "", false); + + // Set ACL type, if not already set... + if (filterListPointer->type == access_none) + { + if (atoi(command.part[1]) < 100) + filterListPointer->type = access_std; + else + filterListPointer->type = access_ext; + } + + // Is the line a remark? + if ((strcmp(command.part[2], "remark") == 0) && (command.parts > 3)) + { + strcpy(tempString, command.part[3]); + if (command.parts > 4) + { + for (loop = 4; loop < command.parts; loop++) + { + sprintf(tempString2, "%s %s",tempString, command.part[loop]); + strcpy(tempString, tempString2); + } + } + insertFilterRemark(filterListPointer, 0, false, tempString); + } + else + { + tempInt = 2; + + // Is the line a permit / deny line? + if ((strcmp(command.part[tempInt], "permit") == 0) || (strcmp(command.part[tempInt], "deny") == 0)) + { + // Is this the first permission + if (filterListPointer->filter == 0) + { + // Create a new permission storage structure + filterPointer = malloc(sizeof(struct filterConfig)); + // sort out pointer + filterListPointer->filter = filterPointer; + } + else + { + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + // Create a new permission storage structure + filterPointer->next = malloc(sizeof(struct filterConfig)); + // Sort out pointer + filterPointer = filterPointer->next; + } + + // Init... + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->enabled = true; + filterPointer->established = false; + filterPointer->fragments = false; + filterPointer->log = false; + + // Was it a permit line? + if (strcmp(command.part[tempInt], "permit") == 0) + filterPointer->action = filter_action_accept; + else + filterPointer->action = filter_action_drop; + tempInt++; + + // Is it an extended access-list? + if (filterListPointer->type == access_ext) + { + strncpy(filterPointer->protocol, command.part[tempInt], sizeof(filterPointer->protocol) -1); + tempInt++; + } + + // Get source + if (strcmp(command.part[tempInt], "host") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + filterObjectPointer->type = object_type_host; + tempInt++; + } + else if (strcasecmp(command.part[tempInt], "any") == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_source); + filterObjectPointer->type = object_type_any; + tempInt++; + } + else + { + // Standard access-list? + if (filterListPointer->type == access_std) + { + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + filterObjectPointer->type = object_type_host; + tempInt++; + if ((tempInt < command.parts) && (strncmp(command.part[tempInt], "log", 3) != 0)) + { + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + if (strcmp(filterObjectPointer->netMask, "255.255.255.255") != 0) + filterObjectPointer->type = object_type_network; + tempInt++; + } + } + else + { + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + if (strcmp(filterObjectPointer->netMask, "255.255.255.255") == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_network; + tempInt++; + } + } + + // Standard access-list? + if (filterListPointer->type == access_std) + { + if ((tempInt < command.parts) && (strcmp(command.part[tempInt], "log") == 0)) + filterPointer->log = true; + return; + } + + // Is operator used with source? + if (strncmp(command.part[tempInt], "lt", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_lt; + tempInt++; + } + else if (strncmp(command.part[tempInt], "gt", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_gt; + tempInt++; + } + else if (strncmp(command.part[tempInt], "eq", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_eq; + tempInt++; + } + else if (strncmp(command.part[tempInt], "neq", 3) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_neq; + tempInt++; + } + else if (strncmp(command.part[tempInt], "range", 5) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_range; + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + tempInt++; + } + + // Get destination + if (strncmp(command.part[tempInt], "host", 4) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + filterObjectPointer->type = object_type_host; + tempInt++; + } + else if (strcasecmp(command.part[tempInt], "any") == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_destination); + filterObjectPointer->type = object_type_any; + tempInt++; + } + else + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + if (strcmp(filterObjectPointer->netMask, "255.255.255.255") == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_network; + tempInt++; + } + + // If no more, then exit + if (tempInt == command.parts) + return; + + // Is operator used with destination? + if (strncmp(command.part[tempInt], "lt", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_lt; + tempInt++; + } + else if (strncmp(command.part[tempInt], "gt", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_gt; + tempInt++; + } + else if (strncmp(command.part[tempInt], "eq", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_eq; + tempInt++; + } + else if (strncmp(command.part[tempInt], "neq", 3) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_neq; + tempInt++; + } + else if (strncmp(command.part[tempInt], "range", 5) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_range; + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + tempInt++; + } + + // If no more, then exit + if (tempInt == command.parts) + return; + + // established? + if (strncmp(command.part[tempInt], "established", 11) == 0) + { + filterPointer->established = true; + tempInt++; + } + + // fragments? + if (strncmp(command.part[tempInt], "fragments", 9) == 0) + { + filterPointer->fragments = true; + tempInt++; + } + + // If no more, then exit + if (tempInt == command.parts) + return; + + // Log? + if ((strncmp(command.part[tempInt], "log", 3) == 0) || (strncmp(command.part[tempInt], "log-input", 9) == 0)) + { + filterPointer->log = true; + tempInt++; + } + } + } +} + + +// Process IP Access List +void processIPAccessList(char *line, struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + int loop; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + fpos_t filePosition; + struct filterConfig *filterPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + struct filterListConfig *filterListPointer = 0; + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("IP Access-List Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Get / Create ACL... + filterListPointer = getFilterList(nipper, command.part[3], "", false); + + // Set type... + if (filterListPointer->type == access_none) + { + if (strcmp(command.part[2], "standard") == 0) + filterListPointer->type = access_std; + else + filterListPointer->type = access_ext; + } + + // Loop through the interface lines + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + { + printf("IP Access-List Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Permit or deny + if ((strcmp(command.part[0], "permit") == 0) || (strcmp(command.part[0], "deny") == 0)) + { + // If first permission + if (filterListPointer->filter == 0) + { + // Create a new permission storage structure + filterPointer = malloc(sizeof(struct filterConfig)); + // sort out pointer + filterListPointer->filter = filterPointer; + } + else + { + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + // Create a new permission storage structure + filterPointer->next = malloc(sizeof(struct filterConfig)); + // Sort out pointer + filterPointer = filterPointer->next; + } + + // Init... + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->enabled = true; + filterPointer->established = false; + filterPointer->fragments = false; + filterPointer->log = false; + + // Permit or Deny + if (strcmp(command.part[0], "permit") == 0) + filterPointer->action = filter_action_accept; + else + filterPointer->action = filter_action_drop; + + // Protocol + if (filterListPointer->type == access_ext) + { + strncpy(filterPointer->protocol, command.part[1], sizeof(filterPointer->protocol) -1); + tempInt = 2; + } + else + tempInt = 1; + + // Source + if (strncmp(command.part[tempInt], "host", 4) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + filterObjectPointer->type = object_type_host; + tempInt++; + } + else if (strncmp(command.part[tempInt], "any", 3) == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_source); + filterObjectPointer->type = object_type_any; + tempInt++; + } + else + { + // Standard access-list? + if (filterListPointer->type == access_std) + { + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + tempInt++; + if ((tempInt < command.parts) && (strncmp(command.part[tempInt], "log", 3) != 0)) + { + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) -1); + if (strcmp(filterObjectPointer->netMask, "255.255.255.255") == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_network; + tempInt++; + } + } + else + { + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) -1); + if (strcmp(filterObjectPointer->netMask, "255.255.255.255") == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_network; + tempInt++; + } + } + + // Standard ACL only... + if (filterListPointer->type == access_std) + { + // Log? + if ((strncmp(command.part[tempInt], "log", 3) == 0)) + { + filterPointer->log = true; + tempInt++; + } + } + + // Extended ACL only... + if (filterListPointer->type == access_ext) + { + // Is operator used with source? + if (strncmp(command.part[tempInt], "lt", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_lt; + tempInt++; + } + else if (strncmp(command.part[tempInt], "gt", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_gt; + tempInt++; + } + else if (strncmp(command.part[tempInt], "eq", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_eq; + tempInt++; + } + else if (strncmp(command.part[tempInt], "neq", 3) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_neq; + tempInt++; + } + else if (strncmp(command.part[tempInt], "range", 5) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_range; + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) -1); + tempInt++; + } + + // Get destination + if (strncmp(command.part[tempInt], "host", 4) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + filterObjectPointer->type = object_type_host; + tempInt++; + } + else if (strncmp(command.part[tempInt], "any", 3) == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_destination); + filterObjectPointer->type = object_type_any; + tempInt++; + } + else + { + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) -1); + if (strcmp(filterObjectPointer->netMask, "255.255.255.255") == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_network; + tempInt++; + } + + // Get all the rest... + while (tempInt < command.parts) + { + // Is operator used with destination? + if (strncmp(command.part[tempInt], "lt", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_lt; + } + else if (strncmp(command.part[tempInt], "gt", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_gt; + } + else if (strncmp(command.part[tempInt], "eq", 2) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_eq; + } + else if (strncmp(command.part[tempInt], "neq", 3) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_neq; + } + else if (strncmp(command.part[tempInt], "range", 5) == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_range; + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) -1); + } + + // established? + else if (strncmp(command.part[tempInt], "established", 11) == 0) + filterPointer->established = true; + + // fragments? + else if (strncmp(command.part[tempInt], "fragments", 9) == 0) + filterPointer->fragments = true; + + // Log? + else if ((strncmp(command.part[tempInt], "log", 3) == 0) || (strncmp(command.part[tempInt], "log-input", 9) == 0)) + filterPointer->log = true; + + // Others... + else if ((strcmp(command.part[tempInt], "precendence") == 0) || (strcmp(command.part[tempInt], "tos") == 0) || (strcmp(command.part[tempInt], "reflect") == 0) || (strcmp(command.part[tempInt], "time-range") == 0) || (strcmp(command.part[tempInt], "option") == 0)) + tempInt++; + else if ((strcmp(command.part[tempInt], "match-any") == 0) || (strcmp(command.part[tempInt], "match-all") == 0)) + tempInt+=2; + + // Else ICMP options... + else if (strcmp(filterPointer->protocol, "icmp") == 0) + { + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_eq; + } + + tempInt++; + } + } + } + + // Remark... + else if (strcmp(command.part[0], "remark") == 0) + { + strcpy(tempString, command.part[1]); + if (command.parts > 2) + { + for (loop = 2; loop < command.parts; loop++) + { + sprintf(tempString2, "%s %s",tempString, command.part[loop]); + strcpy(tempString, tempString2); + } + } + insertFilterRemark(filterListPointer, 0, false, tempString); + } + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + + // Get next line... + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + + // Set to previous position... + fsetpos(nipper->input, &filePosition); +} diff --git a/0.11.10/IOS/process-banner.c b/0.11.10/IOS/process-banner.c new file mode 100644 index 0000000..01404a0 --- /dev/null +++ b/0.11.10/IOS/process-banner.c @@ -0,0 +1,121 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Banner +struct bannerConfig +{ + char *line; + struct bannerConfig *next; +}; + + +// Process Banner +void processBanner(char *line, struct nipperConfig *nipper) +{ + // Variables + struct bannerConfig *bannerPointer = 0; + struct ciscoCommand command; + char bannerTerminator[3]; + + // Debug + if (nipper->debugMode == true) + { + printf("Banner Line: %s\n", line); + } + + // Only process if banner has not already been set and banner line is made up of 3 parts... + command = splitLine(line); + if ((nipper->ios->banner == 0) && (command.parts > 2)) + { + // init + if (command.part[2][0] != '^') + { + bannerTerminator[0] = command.part[2][0]; + bannerTerminator[1] = 0; + } + else + { + bannerTerminator[0] = command.part[2][0]; + bannerTerminator[1] = command.part[2][1]; + bannerTerminator[2] = 0; + } + + // If banner starts on the banner line... + if ((command.parts > 3) || (strlen(command.part[2]) > 2)) + { + nipper->ios->banner = malloc(sizeof(struct bannerConfig)); + bannerPointer = nipper->ios->banner; + memset(bannerPointer, 0, sizeof(struct bannerConfig)); + bannerPointer->line = malloc(strlen(strstr(line, bannerTerminator) - strlen(bannerTerminator))); + strcpy(bannerPointer->line, strstr(line, bannerTerminator) + strlen(bannerTerminator)); + bannerPointer->next = 0; + } + + // Read next line + readLine(nipper->input, line, nipper->maxSize); + + // Get all parts of the banner message... + while ((strstr(line, bannerTerminator) == 0) && (feof(nipper->input) == 0)) + { + if (nipper->debugMode == true) + { + printf("Banner: %s\n", line); + } + + // Is this the first line of text... + if (nipper->ios->banner == 0) + { + // create struct + nipper->ios->banner = malloc(sizeof(struct bannerConfig)); + bannerPointer = nipper->ios->banner; + } + + // or Add another line... + else + { + // Create structure + bannerPointer->next = malloc(sizeof(struct bannerConfig)); + bannerPointer = bannerPointer->next; + } + + // Init structure... + memset(bannerPointer, 0, sizeof(struct bannerConfig)); + bannerPointer->line = malloc(strlen(line) + 1); + strcpy(bannerPointer->line, line); + bannerPointer->next = 0; + + // Read next line + readLine(nipper->input, line, nipper->maxSize); + } + } +} + + diff --git a/0.11.10/IOS/process-cef.c b/0.11.10/IOS/process-cef.c new file mode 100644 index 0000000..1fd8aee --- /dev/null +++ b/0.11.10/IOS/process-cef.c @@ -0,0 +1,71 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process CEF +void processCEF(char *line, struct nipperConfig *nipper) +{ + // Variables + int tempInt = 0; + int setting = 0; + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("Cisco Express Forwarding Line: %s\n", line); + } + + // Init + command = splitLine(line); + if (strcmp(command.part[0], "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Just "ip cef" / "no ip cef" + if (command.parts == tempInt + 2) + nipper->ios->cef = setting; + + // Distributed CEF + else if (strcmp(command.part[tempInt+2], "distributed") == 0) + nipper->ios->cef = setting; + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} + diff --git a/0.11.10/IOS/process-clock.c b/0.11.10/IOS/process-clock.c new file mode 100644 index 0000000..77db9d6 --- /dev/null +++ b/0.11.10/IOS/process-clock.c @@ -0,0 +1,103 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Clock +void processClock(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + int tempInt = 0; + int setting = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Clock Line: %s\n", line); + } + + //init + command = splitLine(line); + + // Setting + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 2; + } + else + { + setting = true; + tempInt = 1; + } + + // Timezone + if (strcmp(command.part[tempInt], "timezone") == 0) + { + if (setting == false) + { + strcpy(nipper->ios->timeZone, "UTC"); + nipper->ios->timeOffsetHours = 0; + nipper->ios->timeOffsetMins = 0; + } + else + { + tempInt++; + strncpy(nipper->ios->timeZone, command.part[tempInt], sizeof(nipper->ios->timeZone) -1); + tempInt++; + nipper->ios->timeOffsetHours = atoi(command.part[tempInt]); + tempInt++; + if (tempInt < command.parts) + nipper->ios->timeOffsetMins = atoi(command.part[tempInt]); + } + } + + // Sumertime Zone + else if (strcmp(command.part[tempInt], "summer-time") == 0) + { + if (setting == false) + strcpy(nipper->ios->summerTimeZone, ""); + else + { + tempInt++; + strncpy(nipper->ios->summerTimeZone, command.part[tempInt], sizeof(nipper->ios->summerTimeZone) -1); + } + } + + // Calendar Valid + else if (strcmp(command.part[tempInt], "calendar-valid") == 0) + nipper->ios->calendarValid = setting; + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} + + diff --git a/0.11.10/IOS/process-dns.c b/0.11.10/IOS/process-dns.c new file mode 100644 index 0000000..f9fe4ce --- /dev/null +++ b/0.11.10/IOS/process-dns.c @@ -0,0 +1,70 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Domain Name +void processNameServer(char *line, struct nipperConfig *nipper) +{ + // Variables + struct host *dnsPointer = 0; + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("Name Server Line: %s\n", line); + } + + // Create DNS Server struct + if (nipper->ios->dns == 0) + { + // create struct + nipper->ios->dns = malloc(sizeof(struct host)); + dnsPointer = nipper->ios->dns; + } + else + { + dnsPointer = nipper->ios->dns; + while (dnsPointer->next != 0) + dnsPointer = dnsPointer->next; + // create struct + dnsPointer->next = malloc(sizeof(struct host)); + dnsPointer = dnsPointer->next; + } + + // Init + command = splitLine(line); + memset(dnsPointer, 0, sizeof(struct host)); + + // Copy DNS server + strncpy(dnsPointer->server, command.part[2], sizeof(dnsPointer->server) - 1); +} + + diff --git a/0.11.10/IOS/process-enable.c b/0.11.10/IOS/process-enable.c new file mode 100644 index 0000000..84db5dd --- /dev/null +++ b/0.11.10/IOS/process-enable.c @@ -0,0 +1,149 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Enable password(s) +struct enablePassword +{ + char password[128]; + char passwordEncrypted[128]; + int secret; // true or false + int level; + int encryption; // encrypt_type7, encrypt_md5... + int weak; // true or false + int dictionary; // true or false + struct enablePassword *next; +}; + + +// Process enable +void processEnable(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct enablePassword *enablePointer = 0; + struct ciscoCommand command; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Enable Line: %s\n", line); + } + + // Create storage for enable... + enablePointer = malloc(sizeof(struct enablePassword)); + memset(enablePointer, 0, sizeof(struct enablePassword)); + + // Sort out pointers... + enablePointer->next = nipper->ios->enable; + nipper->ios->enable = enablePointer; + + // Init + command = splitLine(line); + tempInt = 1; + enablePointer->weak = false; + enablePointer->dictionary = false; + enablePointer->secret = false; + enablePointer->level = 15; + + // secret + if (strncmp(command.part[tempInt], "secret", 6) == 0) + { + enablePointer->secret = true; + tempInt++; + } + + // password + if (strncmp(command.part[tempInt], "password", 8) == 0) + tempInt++; + + if (strncmp(command.part[tempInt], "level ", 6) == 0) + { + tempInt++; + enablePointer->level = atoi(command.part[tempInt]); + tempInt++; + } + + // Password type + switch (command.part[tempInt][0]) + { + case '7': + enablePointer->encryption = encrypt_type7; + if (password7(command.part[tempInt + 1], enablePointer->password, sizeof(enablePointer->password), nipper->debugMode) != 0) + strcpy(enablePointer->password, ""); + strncpy(enablePointer->passwordEncrypted, command.part[tempInt + 1], sizeof(enablePointer->passwordEncrypted)); + break; + + case '5': + enablePointer->encryption = encrypt_md5; + strcpy(enablePointer->password, ""); + strncpy(enablePointer->passwordEncrypted, command.part[tempInt + 1], sizeof(enablePointer->passwordEncrypted)); + addJohnPassword(nipper, "enable" , enablePointer->passwordEncrypted); + break; + + case '0': + enablePointer->encryption = encrypt_none; + strncpy(enablePointer->password, command.part[tempInt + 1], sizeof(enablePointer->password)); + strcpy(enablePointer->passwordEncrypted, ""); + break; + + default: + if (command.parts == tempInt + 1) + { + enablePointer->encryption = encrypt_none; + strncpy(enablePointer->password, command.part[command.parts - 1], sizeof(enablePointer->password)); + strcpy(enablePointer->passwordEncrypted, ""); + } + else + { + enablePointer->encryption = encrypt_unknown; + strcpy(enablePointer->password, ""); + strncpy(enablePointer->passwordEncrypted, command.part[command.parts - 1], sizeof(enablePointer->passwordEncrypted)); + } + break; + } + + // Check Passwords... + if ((strcmp(enablePointer->password, "") != 0) && (strlen(enablePointer->password) != 0)) + { + if (simplePassword(enablePointer->password, nipper) == true) + { + nipper->simplePasswords++; + enablePointer->dictionary = true; + } + if (passwordStrength(enablePointer->password, nipper) == false) + { + nipper->passwordStrengths++; + enablePointer->weak = true; + } + } +} + + diff --git a/0.11.10/IOS/process-ftp.c b/0.11.10/IOS/process-ftp.c new file mode 100644 index 0000000..9b9a381 --- /dev/null +++ b/0.11.10/IOS/process-ftp.c @@ -0,0 +1,138 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// FTP +struct ftpConfig +{ + char username[128]; + char password[128]; + char passwordEncrypted[128]; + int encryption; + int weak; + int dictionary; + struct netInterface *interface; +}; + + +// Process FTP +void processFtp(char *line, struct nipperConfig *nipper) +{ + // Variables + struct netInterface *interfacePointer = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("FTP Line: %s\n", line); + } + + // Check to see if FTP already exists + if (nipper->ios->ftp == 0) + { + // Create struct + nipper->ios->ftp = malloc(sizeof(struct ftpConfig)); + memset(nipper->ios->ftp, 0, sizeof(struct ftpConfig)); + + // Init + nipper->ios->ftp->encryption = -1; + nipper->ios->ftp->weak = false; + nipper->ios->ftp->dictionary = false; + } + + // Check for username + if (strncmp(line, "ip ftp username ", 16) == 0) + { + strncpy(nipper->ios->ftp->username, line + 16, sizeof(nipper->ios->ftp->username)); + } + + // Check for interface + if (strncmp(line, "ip ftp source-interface ", 24) == 0) + { + // Allocate struct + interfacePointer = malloc(sizeof(struct netInterface)); + memset(interfacePointer, 0, sizeof(struct netInterface)); + + // Pointers + interfacePointer->next = nipper->ios->ftp->interface; + nipper->ios->ftp->interface = interfacePointer; + + // Copy interface + strncpy(interfacePointer->interface, line + 24, sizeof(interfacePointer->interface)); + } + + // Check for password + else if (strncmp("ip ftp password ", line, 16) == 0) + { + switch (line[16]) + { + case '7': + nipper->ios->ftp->encryption = encrypt_type7; + if (password7(line+18, nipper->ios->ftp->password, sizeof(nipper->ios->ftp->password), nipper->debugMode) != 0) + strcpy(nipper->ios->ftp->password, ""); + strncpy(nipper->ios->ftp->passwordEncrypted, line+18, sizeof(nipper->ios->ftp->passwordEncrypted)); + break; + + case '5': + nipper->ios->ftp->encryption = encrypt_md5; + strcpy(nipper->ios->ftp->password, ""); + strncpy(nipper->ios->ftp->passwordEncrypted, line+18, sizeof(nipper->ios->ftp->passwordEncrypted)); + addJohnPassword(nipper, nipper->ios->ftp->username, nipper->ios->ftp->passwordEncrypted); + break; + + case '0': + nipper->ios->ftp->encryption = encrypt_none; + strncpy(nipper->ios->ftp->password, line+18, sizeof(nipper->ios->ftp->password)); + strcpy(nipper->ios->enable->passwordEncrypted, ""); + break; + + default: + nipper->ios->ftp->encryption = encrypt_unknown; + strcpy(nipper->ios->ftp->password, ""); + strncpy(nipper->ios->ftp->passwordEncrypted, line+18, sizeof(nipper->ios->ftp->passwordEncrypted)); + break; + } + if ((strcmp(nipper->ios->ftp->password, "") != 0) && (strlen(nipper->ios->ftp->password) != 0)) + { + if (simplePassword(nipper->ios->ftp->password, nipper) == true) + { + nipper->simplePasswords++; + nipper->ios->ftp->dictionary = true; + } + if (passwordStrength(nipper->ios->ftp->password, nipper) == false) + { + nipper->passwordStrengths++; + nipper->ios->ftp->weak = true; + } + } + } +} + + diff --git a/0.11.10/IOS/process-general.c b/0.11.10/IOS/process-general.c new file mode 100644 index 0000000..06620f1 --- /dev/null +++ b/0.11.10/IOS/process-general.c @@ -0,0 +1,194 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Small Servers +void processSmallServers(char *line, struct nipperConfig *nipper) +{ + // Debug output + if (nipper->debugMode == true) + printf("Small Servers Line: %s\n", line); + + // Get setting + if (strncmp("service tcp-small-servers", line, 25) == 0) + nipper->ios->tcpSmallServers = true; + + else if (strncmp("service udp-small-servers", line, 25) == 0) + nipper->ios->udpSmallServers = true; + + else if (strncmp("no service tcp-small-servers", line, 28) == 0) + nipper->ios->tcpSmallServers = false; + + else if (strncmp("no service udp-small-servers", line, 28) == 0) + nipper->ios->udpSmallServers = false; +} + + +// Process Bootp +void processBootp(char *line, struct nipperConfig *nipper) +{ + // Debug output + if (nipper->debugMode == true) + printf("Bootp Line: %s\n", line); + + // Get setting + if (strncmp("no ip bootp server", line, 18) == 0) + nipper->ios->bootp = false; + + else if (strncmp("ip bootp server", line, 15) == 0) + nipper->ios->bootp = true; +} + + +// Process Domain Loopup +void processDomainLookup(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + + // Split the command line up + command = splitLine(line); + + // Debug output + if (nipper->debugMode == true) + printf("Domain Lookup Line: %s\n", line); + + // Get setting + if (strcmp(command.part[0], "no") == 0) + nipper->ios->domainLookup = false; + else + nipper->ios->domainLookup = true; +} + + +// Process Boot Network +void processBootNetwork(char *line, struct nipperConfig *nipper) +{ + // Debug + if (nipper->debugMode == true) + { + printf("Boot Network Line: %s\n", line); + } + + // Enabled + if (strncmp(line, "boot network", 12) == 0) + nipper->ios->bootNetwork = true; + + // Disabled + if (strncmp(line, "no boot network", 15) == 0) + nipper->ios->bootNetwork = false; +} + + +// Process Service Config +void processServiceConfig(char *line, struct nipperConfig *nipper) +{ + // Debug + if (nipper->debugMode == true) + { + printf("Service Config Line: %s\n", line); + } + + // Enabled + if (strncmp(line, "service config", 14) == 0) + nipper->ios->serviceConfig = true; + + // Disabled + if (strncmp(line, "no service config", 17) == 0) + nipper->ios->serviceConfig = false; +} + + +// Privilage Levels +struct privilageLevels +{ + char command[64]; + int level; + struct privilageLevels *next; +}; + + +// Process privilage +void processPrivilage(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct privilageLevels *privilagePointer = 0; + struct ciscoCommand command; + char tempString[sizeof(line)]; + + // Debug + if (nipper->debugMode == true) + { + printf("Privilage Line: %s\n", line); + } + + // Is this the first privilage + if (nipper->ios->privilage == 0) + { + // Create storage for enable... + privilagePointer = malloc(sizeof(struct privilageLevels)); + memset(privilagePointer, 0, sizeof(struct privilageLevels)); + + // Sort out pointers... + privilagePointer->next = nipper->ios->privilage; + nipper->ios->privilage = privilagePointer; + } + else + { + // Get last privilage + privilagePointer = nipper->ios->privilage; + while (privilagePointer->next != 0) + privilagePointer = privilagePointer->next; + + // Create structure + privilagePointer->next = malloc(sizeof(struct privilageLevels)); + memset(privilagePointer->next, 0, sizeof(struct privilageLevels)); + privilagePointer = privilagePointer->next; + + // Init + privilagePointer->next = 0; + } + + // Init + command = splitLine(line); + strcpy(tempString, ""); + + // Privilage Level + privilagePointer->level = atoi(command.part[3]); + + // Command Access + int loop; + for (loop = 4; loop < command.parts; loop++) + { + sprintf(tempString, "%s %s", tempString, command.part[loop]); + } + strncpy(privilagePointer->command, tempString, sizeof(privilagePointer->command)); +} + diff --git a/0.11.10/IOS/process-http.c b/0.11.10/IOS/process-http.c new file mode 100644 index 0000000..4bd5e7d --- /dev/null +++ b/0.11.10/IOS/process-http.c @@ -0,0 +1,109 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#define http_auth_enable 0 +#define http_auth_local 1 +#define http_auth_tacacs 2 +#define http_auth_aaa 3 + + +// HTTP +struct httpConfig +{ + int enabled; // true, false + int authentication; // http_auth_enable... + char accessClass[65]; +}; + + +// Process HTTP +void processHttp(char *line, struct nipperConfig *nipper) +{ + // Debug + if (nipper->debugMode == true) + { + printf("HTTP Line: %s\n", line); + } + + // Create struct? + if (nipper->ios->http == 0) + { + nipper->ios->http = malloc(sizeof(struct httpConfig)); + memset(nipper->ios->http, 0, sizeof(struct httpConfig)); + nipper->ios->http->enabled = true; + nipper->ios->http->authentication = http_auth_enable; // default auth method + } + + // HTTP server enabled + if (strncmp(line, "ip http server", 14) == 0) + nipper->ios->http->enabled = true; + + // HTTP server disabled + if (strncmp(line, "no ip http server", 17) == 0) + nipper->ios->http->enabled = false; + + // HTTP Access Class (Access List) + if (strncmp(line, "ip http access-class", 20) == 0) + strncpy(nipper->ios->http->accessClass, line + 21, sizeof(nipper->ios->http->accessClass) -1); + + // HTTP Authentication method + if (strncmp(line, "ip http authentication", 22) == 0) + { + if (strncmp(line + 23, "aaa", 3) == 0) + nipper->ios->http->authentication = http_auth_aaa; + + else if (strncmp(line + 23, "local", 5) == 0) + nipper->ios->http->authentication = http_auth_local; + + else if (strncmp(line + 23, "tacacs", 6) == 0) + nipper->ios->http->authentication = http_auth_tacacs; + + else if (strncmp(line + 23, "enable", 6) == 0) + nipper->ios->http->authentication = http_auth_enable; + } + + // HTTP Authentication method 2 + if (strncmp(line, "ip http auth", 12) == 0) + { + if (strncmp(line + 13, "aaa", 3) == 0) + nipper->ios->http->authentication = http_auth_aaa; + + else if (strncmp(line + 13, "local", 5) == 0) + nipper->ios->http->authentication = http_auth_local; + + else if (strncmp(line + 13, "tacacs", 6) == 0) + nipper->ios->http->authentication = http_auth_tacacs; + + else if (strncmp(line + 13, "enable", 6) == 0) + nipper->ios->http->authentication = http_auth_enable; + } +} + + diff --git a/0.11.10/IOS/process-interface.c b/0.11.10/IOS/process-interface.c new file mode 100644 index 0000000..b773103 --- /dev/null +++ b/0.11.10/IOS/process-interface.c @@ -0,0 +1,887 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +#define rip_auth_default 0 +#define rip_auth_text 1 +#define rip_auth_md5 2 +#define rip_auth_none 3 +#define rip_auth_unknown 4 + +#define rip_version_default 0 +#define rip_version1 1 +#define rip_version2 2 +#define rip_version1and2 3 +#define rip_version_global 4 + +#define sp_mode_access 0 +#define sp_mode_trunk 1 +#define sp_mode_dynamic 2 +#define sp_mode_dot1qtunnel 3 +#define sp_mode_pvlan_host 4 +#define sp_mode_pvlan_promiscuous 5 + +#define sp_violation_shutdown 0 +#define sp_violation_restrict 1 +#define sp_violation_protect 2 + +#define ospf_default 0 +#define ospf_broadcast 1 +#define ospf_nonbroadcast 2 +#define ospf_p2p 3 +#define ospf_p2multi 4 +#define ospf_p2multinon 5 + +struct eigrpAutonStruct +{ + int autonomousNo; + char keyChain[32]; + int md5Auth; // true or false (default) + int bandwidth; // default is 50% + int passive; // true, false or unconfigured (default) + struct eigrpAutonStruct *next; +}; + +struct bgpInterStruct +{ + int autonomousNo; + int passive; // true, false or unconfigured (default) + struct bgpInterStruct *next; +}; + +struct ospfInterStruct +{ + int processID; + int passive; // true, false or unconfigured (default) + struct ospfInterStruct *next; +}; + +#define vrrp_auth_none 0 +#define vrrp_auth_text 1 +#define vrrp_auth_md5 2 + +struct vrrpStruct +{ + int group; + char description[81]; + int authentication; // vrrp_auth_none (default) + int keyChain; // false (default) or true + char authString[65]; + char authStringEnc[65]; + int weak; // true or false (default) + int dictionary; // true or false (default) + char ipAddress[32]; + char ipAddress2[32]; + int priorityLevel; // 100 (default) + int shutdown; // true (default), false when ip address is configured. + struct vrrpStruct *next; +}; + + +struct interfaceConfig +{ + // Standard... + char name[48]; + char description[128]; + char ipAddress[32]; + int shutdown; // true, false + + // Interface Options... + int proxyArp; // true, false + int ntp; // true, false + int mop; // true, false + int ipUnreachables; // true, false + int ipRedirects; // true, false + int ipMaskReply; // true, false + int ipDirectBroadcast; // true, false, unconfigured + int cdp; // true, false + int uRPF; // true, false + + // Access Control Lists + char accessGroupIn[65]; + char accessGroupOut[65]; + + // Switchport + int switchportMode; // sp_mode_access... + int switchportModePVLAN; // sp_mode_pvlan_host... + int switchportVLAN; // VLAN number + int switchportSecurity; // true or false + int switchportViolation; // sp_violation_shutdown... + + // Routing Protocols... + struct eigrpAutonStruct *eigrp; // EIGRP + struct vrrpStruct *vrrp; // VRRP + struct bgpInterStruct *bgp; // BGP + struct ospfInterStruct *ospf; // OSPF + + // RIP Configuration... + int ripAuthMode; // rip_auth_default, rip_auth_text... + char ripKeyChain[32]; + int ripSendVersion; // rip_version1... + int ripReceiveVersion; // rip_version1... + int ripTriggered; // true or false (default) + int ripV2Broadcast; // true or false (default) + int ripPassive; // true, false, unconfigured (default) + + // OSPF Configuration... + int ospfAuthentication; // auth_none... + char ospfKey[128]; + int ospfKeyEncryption; + char ospfKeyEncrypted[128]; + int ospfDictionary; // true, false + int ospfWeak; // true, false + int ospfFloodReduction; // true, false + int ospfNetwork; // ospf_broadcast... + + struct interfaceConfig *next; +}; + + +// Returns pointer to vrrp struct +struct vrrpStruct *getVRRPPointer(struct interfaceConfig *interfacePointer, int groupId) +{ + // Variables + struct vrrpStruct *vrrpPointer = 0; + + // No VRRP struct + if (interfacePointer->vrrp == 0) + { + // create struct + interfacePointer->vrrp = malloc(sizeof(struct vrrpStruct)); + // Pointers + vrrpPointer = interfacePointer->vrrp; + + // Init VRRP config + memset(vrrpPointer, 0, sizeof(struct vrrpStruct)); + vrrpPointer->group = groupId; + vrrpPointer->authentication = vrrp_auth_none; + vrrpPointer->keyChain = false; + vrrpPointer->priorityLevel = 100; + vrrpPointer->shutdown = true; + vrrpPointer->weak = false; + vrrpPointer->dictionary = false; + } + else + { + // Find + vrrpPointer = interfacePointer->vrrp; + while ((vrrpPointer->next != 0) && (vrrpPointer->group != groupId)) + vrrpPointer = vrrpPointer->next; + if (vrrpPointer->group != groupId) + { + // Create struct + vrrpPointer->next = malloc(sizeof(struct vrrpStruct)); + // Pointers + vrrpPointer = vrrpPointer->next; + + // Init VRRP config + memset(vrrpPointer, 0, sizeof(struct vrrpStruct)); + vrrpPointer->group = groupId; + vrrpPointer->authentication = vrrp_auth_none; + vrrpPointer->keyChain = false; + vrrpPointer->priorityLevel = 100; + vrrpPointer->shutdown = true; + vrrpPointer->weak = false; + vrrpPointer->dictionary = false; + } + } + return vrrpPointer; +} + + +// Returns BGP Interface Config (creates a new one if it doesn't exist) +struct bgpInterStruct *bgpInterfaceConfig(struct interfaceConfig *interfacePointer, int autonomousNo) +{ + // Variables... + struct bgpInterStruct *bgpInterPointer = 0; + + // If this is the first auth mode + if (interfacePointer->bgp == 0) + { + interfacePointer->bgp = malloc(sizeof(struct bgpInterStruct)); + bgpInterPointer = interfacePointer->bgp; + memset(bgpInterPointer, 0, sizeof(struct bgpInterStruct)); + bgpInterPointer->autonomousNo = autonomousNo; + bgpInterPointer->passive = unconfigured; + } + + // If this is not the first + else + { + bgpInterPointer = interfacePointer->bgp; + while ((bgpInterPointer->next != 0) && (autonomousNo != bgpInterPointer->autonomousNo)) + bgpInterPointer = bgpInterPointer->next; + if (autonomousNo != bgpInterPointer->autonomousNo) + { + bgpInterPointer->next = malloc(sizeof(struct bgpInterStruct)); + bgpInterPointer = bgpInterPointer->next; + memset(bgpInterPointer, 0, sizeof(struct bgpInterStruct)); + bgpInterPointer->autonomousNo = autonomousNo; + bgpInterPointer->passive = unconfigured; + } + } + + return bgpInterPointer; +} + + +// Returns OSPF Interface Config (creates a new one if it doesn't exist) +struct ospfInterStruct *ospfInterfaceConfig(struct interfaceConfig *interfacePointer, int processID) +{ + // Variables... + struct ospfInterStruct *ospfInterPointer = 0; + + // If this is the first auth mode + if (interfacePointer->ospf == 0) + { + interfacePointer->ospf = malloc(sizeof(struct ospfInterStruct)); + ospfInterPointer = interfacePointer->ospf; + memset(ospfInterPointer, 0, sizeof(struct ospfInterStruct)); + ospfInterPointer->processID = processID; + ospfInterPointer->passive = unconfigured; + } + + // If this is not the first + else + { + ospfInterPointer = interfacePointer->ospf; + while ((ospfInterPointer->next != 0) && (processID != ospfInterPointer->processID)) + ospfInterPointer = ospfInterPointer->next; + if (processID != ospfInterPointer->processID) + { + ospfInterPointer->next = malloc(sizeof(struct ospfInterStruct)); + ospfInterPointer = ospfInterPointer->next; + memset(ospfInterPointer, 0, sizeof(struct ospfInterStruct)); + ospfInterPointer->processID = processID; + ospfInterPointer->passive = unconfigured; + } + } + + return ospfInterPointer; +} + + +// Returns EIGRP Interface Config (creates a new one if it doesn't exist) +struct eigrpAutonStruct *eigrpInterfaceConfig(struct interfaceConfig *interfacePointer, int autonomousNo) +{ + // Variables... + struct eigrpAutonStruct *eigrpAutonPointer = 0; + + // If this is the first auth mode + if (interfacePointer->eigrp == 0) + { + interfacePointer->eigrp = malloc(sizeof(struct eigrpAutonStruct)); + eigrpAutonPointer = interfacePointer->eigrp; + memset(eigrpAutonPointer, 0, sizeof(struct eigrpAutonStruct)); + eigrpAutonPointer->autonomousNo = autonomousNo; + eigrpAutonPointer->md5Auth = false; + eigrpAutonPointer->passive = unconfigured; + eigrpAutonPointer->bandwidth = 50; + } + + // If this is not the first + else + { + eigrpAutonPointer = interfacePointer->eigrp; + while ((eigrpAutonPointer->next != 0) && (autonomousNo != eigrpAutonPointer->autonomousNo)) + eigrpAutonPointer = eigrpAutonPointer->next; + if (autonomousNo != eigrpAutonPointer->autonomousNo) + { + eigrpAutonPointer->next = malloc(sizeof(struct eigrpAutonStruct)); + eigrpAutonPointer = eigrpAutonPointer->next; + memset(eigrpAutonPointer, 0, sizeof(struct eigrpAutonStruct)); + eigrpAutonPointer->autonomousNo = autonomousNo; + eigrpAutonPointer->md5Auth = false; + eigrpAutonPointer->passive = unconfigured; + eigrpAutonPointer->bandwidth = 50; + } + } + + return eigrpAutonPointer; +} + + +// Process Interface +void processInterface(char *line, struct nipperConfig *nipper) +{ + // Variables + struct interfaceConfig *interfacePointer = 0; + struct eigrpAutonStruct *eigrpAutonPointer = 0; + struct vrrpStruct *vrrpPointer = 0; + struct ciscoCommand command; + char tempString[nipper->maxSize]; + int setting = 0; + int tempInt = 0; + int partPointer = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Interface Line: %s\n", line); + } + + // First interface + if (nipper->ios->interface == 0) + { + // create struct + nipper->ios->interface = malloc(sizeof(struct interfaceConfig)); + + // Pointers + interfacePointer = nipper->ios->interface; + } + else + { + // Find last interface + interfacePointer = nipper->ios->interface; + while (interfacePointer->next != 0) + interfacePointer = interfacePointer->next; + + // Create struct + interfacePointer->next = malloc(sizeof(struct interfaceConfig)); + + // Pointers + interfacePointer = interfacePointer->next; + } + + // Init + command = splitLine(line); + memset(interfacePointer, 0, sizeof(struct interfaceConfig)); + if (command.parts == 2) + strncpy(interfacePointer->name, command.part[1], sizeof(interfacePointer->name)); + else + { + if ((strcmp(command.part[2], "point-to-point") == 0) || (strcmp(command.part[2], "multipoint") == 0)) + sprintf(tempString, "%s %s", command.part[1], command.part[2]); + else + sprintf(tempString, "%s%s", command.part[1], command.part[2]); + strncpy(interfacePointer->name, tempString, sizeof(interfacePointer->name) - 1); + } + strcpy(interfacePointer->ipAddress, "None"); + interfacePointer->proxyArp = true; + interfacePointer->ntp = true; + if ((strncmp(interfacePointer->name, "GigabitEthernet", 15) == 0) || (strncmp(interfacePointer->name, "FastEthernet", 12)) || (strncmp(interfacePointer->name, "Ethernet", 8) == 0)) + interfacePointer->mop = true; + else + interfacePointer->mop = false; + interfacePointer->ipUnreachables = true; + interfacePointer->ipRedirects = true; + interfacePointer->ipMaskReply = false; + if ((nipper->versionMajor < 11) || ((nipper->versionMajor == 11) && (nipper->versionMinor < 4))) + interfacePointer->ipDirectBroadcast = true; + else + interfacePointer->ipDirectBroadcast = false; + interfacePointer->cdp = true; + interfacePointer->uRPF = false; + interfacePointer->shutdown = false; + interfacePointer->ripAuthMode = rip_auth_none; + interfacePointer->ripSendVersion = rip_version_global; + interfacePointer->ripReceiveVersion = rip_version_global; + interfacePointer->ripTriggered = false; + interfacePointer->ripV2Broadcast = false; + interfacePointer->ripPassive = unconfigured; + if (nipper->deviceType == type_ios_catalyst) + interfacePointer->switchportMode = sp_mode_dynamic; + else + interfacePointer->switchportMode = sp_mode_access; + interfacePointer->switchportVLAN = 1; + interfacePointer->switchportSecurity = false; + interfacePointer->switchportViolation = sp_violation_shutdown; + interfacePointer->ospfAuthentication = auth_none; + interfacePointer->ospfKeyEncryption = encrypt_none; + interfacePointer->ospfDictionary = false; + interfacePointer->ospfWeak = false; + if ((nipper->versionMajor < 12) || ((nipper->versionMajor == 12) && (nipper->versionMinor < 1))) + interfacePointer->ospfFloodReduction = false; + else + interfacePointer->ospfFloodReduction = unconfigured; + interfacePointer->ospfNetwork = ospf_default; + + // Loop through the interface lines + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + { + printf("Interface Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // If no + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + partPointer = 1; + } + else + { + setting = true; + partPointer = 0; + } + + // Description + if ((strcmp(command.part[0], "description") == 0) && (command.parts > 1)) + { + int loop; + strncpy(interfacePointer->description, command.part[1], sizeof(interfacePointer->description) - 1); + tempString[0] = 0; + for (loop = 2; loop < command.parts; loop++) + { + sprintf(tempString, "%s %s", interfacePointer->description, command.part[loop]); + strncpy(interfacePointer->description, tempString, sizeof(interfacePointer->description) - 1); + } + } + + // IP + else if (strcmp(command.part[partPointer], "ip") == 0) + { + partPointer++; + + // IP Address + if ((strcmp(command.part[partPointer], "address") == 0) && (setting == true) && (command.parts > 2)) + { + int loop; + strncpy(interfacePointer->ipAddress, command.part[2], sizeof(interfacePointer->ipAddress) - 1); + tempString[0] = 0; + for (loop = 3; loop < command.parts; loop++) + { + sprintf(tempString, "%s %s", interfacePointer->ipAddress, command.part[loop]); + strncpy(interfacePointer->ipAddress, tempString, sizeof(interfacePointer->ipAddress) - 1); + } + } + + // Access Group + else if (strcmp(command.part[partPointer], "access-group") == 0) + { + // In + if (strcmp(command.part[partPointer + 2], "in") == 0) + strncpy(interfacePointer->accessGroupIn, command.part[partPointer + 1], sizeof(interfacePointer->accessGroupIn) -1); + else if (strcmp(command.part[partPointer + 2], "out") == 0) + strncpy(interfacePointer->accessGroupOut, command.part[partPointer + 1], sizeof(interfacePointer->accessGroupOut) -1); + } + + // uRPF verification + else if ((strcmp(command.part[partPointer], "verify") == 0) && (strcmp(command.part[partPointer+1], "unicast") == 0) && (strcmp(command.part[partPointer+2], "reverse-path") == 0)) + interfacePointer->uRPF = setting; + + // ARP Proxy + else if (strcmp(command.part[partPointer], "proxy-arp") == 0) + interfacePointer->proxyArp = setting; + + // IP Unreachables + else if (strcmp(command.part[partPointer], "unreachables") == 0) + interfacePointer->ipUnreachables = setting; + + // IP Redirects + else if (strcmp(command.part[partPointer], "redirects") == 0) + interfacePointer->ipRedirects = setting; + + // IP Mask-reply + else if (strcmp(command.part[partPointer], "mask-reply") == 0) + interfacePointer->ipMaskReply = setting; + + // IP Direct Broadcast + else if (strcmp(command.part[partPointer], "directed-broadcast") == 0) + interfacePointer->ipDirectBroadcast = setting; + + // EIGRP Key Chain + else if ((strcmp(command.part[partPointer], "authentication") == 0) && (strcmp(command.part[partPointer+1], "key-chain") == 0) && (strcmp(command.part[partPointer+2], "eigrp") == 0)) + { + // Get Pointer... + eigrpAutonPointer = eigrpInterfaceConfig(interfacePointer, atoi(command.part[partPointer+3])); + + // Key Chain + strncpy(eigrpAutonPointer->keyChain, command.part[partPointer+4], sizeof(eigrpAutonPointer->keyChain) - 1); + } + + // EIGRP Authentication Mode + else if ((strcmp(command.part[partPointer], "authentication") == 0) && (strcmp(command.part[partPointer+1], "mode") == 0) && (strcmp(command.part[partPointer+2], "eigrp") == 0)) + { + // Get Pointer... + eigrpAutonPointer = eigrpInterfaceConfig(interfacePointer, atoi(command.part[partPointer+3])); + + // Set MD5 Auth + eigrpAutonPointer->md5Auth = true; + } + + // EIGRP Bandwidth Percentage + else if ((strcmp(command.part[partPointer], "bandwidth-percent") == 0) && (strcmp(command.part[partPointer+1], "eigrp") == 0)) + { + // Get Pointer... + eigrpAutonPointer = eigrpInterfaceConfig(interfacePointer, atoi(command.part[partPointer+2])); + + // Set Bandwidth + eigrpAutonPointer->bandwidth = atoi(command.part[partPointer+3]); + } + + // RIP Authentication + else if (strcmp(command.part[partPointer], "rip") == 0) + { + partPointer++; + + // Authentication... + if (strcmp(command.part[partPointer], "authentication") == 0) + { + partPointer++; + + // Mode + if (strcmp(command.part[partPointer], "mode") == 0) + { + partPointer++; + if (setting == false) + interfacePointer->ripAuthMode = rip_auth_none; + else if (strcmp(command.part[partPointer], "md5") == 0) + interfacePointer->ripAuthMode = rip_auth_md5; + else if (strcmp(command.part[partPointer], "text") == 0) + interfacePointer->ripAuthMode = rip_auth_text; + else + interfacePointer->ripAuthMode = rip_auth_unknown; + } + + // Key Chain + else if (strcmp(command.part[partPointer], "key-chain") == 0) + { + strncpy(interfacePointer->ripKeyChain, command.part[partPointer + 1], sizeof(interfacePointer->ripAuthMode) - 1); + if (interfacePointer->ripAuthMode == rip_auth_none) + interfacePointer->ripAuthMode = rip_auth_text; + } + } + + // Triggered + else if (strcmp(command.part[partPointer], "triggered") == 0) + interfacePointer->ripTriggered = setting; + + // V2 Broadcast + else if (strcmp(command.part[partPointer], "v2-broadcast") == 0) + interfacePointer->ripV2Broadcast = setting; + + // Version... + else if (strcmp(command.part[partPointer + 1], "version") == 0) + { + // Receive... + if (strcmp(command.part[partPointer], "receive") == 0) + { + if (setting == true) + { + interfacePointer->ripReceiveVersion = rip_version_global; + if (command.parts == 5) + { + if (strcmp(command.part[4], "1") == 0) + interfacePointer->ripReceiveVersion = rip_version1; + else + interfacePointer->ripReceiveVersion = rip_version2; + } + else if (command.parts == 6) + interfacePointer->ripReceiveVersion = rip_version1and2; + } + else + interfacePointer->ripReceiveVersion = rip_version_default; + } + + // Send + else if (strcmp(command.part[partPointer], "send") == 0) + { + if (setting == true) + { + interfacePointer->ripSendVersion = rip_version_global; + if (command.parts == 5) + { + if (strcmp(command.part[4], "1") == 0) + interfacePointer->ripSendVersion = rip_version1; + else + interfacePointer->ripSendVersion = rip_version2; + } + else if (command.parts == 6) + interfacePointer->ripSendVersion = rip_version1and2; + } + else + interfacePointer->ripSendVersion = rip_version_default; + } + } + } + + else if (strcmp(command.part[partPointer], "ospf") == 0) + { + // OSPF Clear-text Authentication + if (strcmp(command.part[partPointer + 1], "authentication-key") == 0) + { + interfacePointer->ospfAuthentication = auth_clear; + if (strcmp(command.part[partPointer + 2], "7") == 0) + { + strncpy(interfacePointer->ospfKeyEncrypted, command.part[partPointer + 3], sizeof(interfacePointer->ospfKeyEncrypted) - 1); + interfacePointer->ospfKeyEncryption = encrypt_type7; + if (password7(command.part[partPointer + 3], interfacePointer->ospfKey, sizeof(interfacePointer->ospfKey), nipper->debugMode) != 0) + strcpy(interfacePointer->ospfKey, ""); + if (simplePassword(interfacePointer->ospfKey, nipper) == true) + { + nipper->simplePasswords++; + interfacePointer->ospfDictionary = true; + } + if (passwordStrength(interfacePointer->ospfKey, nipper) == false) + { + nipper->passwordStrengths++; + interfacePointer->ospfWeak = true; + } + } + else if (strcmp(command.part[partPointer + 2], "5") == 0) + { + strncpy(interfacePointer->ospfKeyEncrypted, command.part[partPointer + 3], sizeof(interfacePointer->ospfKeyEncrypted) - 1); + interfacePointer->ospfKeyEncryption = encrypt_md5; + strcpy(interfacePointer->ospfKey, "unknown"); + } + else if (strcmp(command.part[partPointer + 2], "0") == 0) + { + strncpy(interfacePointer->ospfKey, command.part[partPointer + 3], sizeof(interfacePointer->ospfKey) - 1); + if (simplePassword(interfacePointer->ospfKey, nipper) == true) + { + nipper->simplePasswords++; + interfacePointer->ospfDictionary = true; + } + if (passwordStrength(interfacePointer->ospfKey, nipper) == false) + { + nipper->passwordStrengths++; + interfacePointer->ospfWeak = true; + } + } + else + { + strncpy(interfacePointer->ospfKey, command.part[partPointer + 2], sizeof(interfacePointer->ospfKey) - 1); + if (simplePassword(interfacePointer->ospfKey, nipper) == true) + { + nipper->simplePasswords++; + interfacePointer->ospfDictionary = true; + } + if (passwordStrength(interfacePointer->ospfKey, nipper) == false) + { + nipper->passwordStrengths++; + interfacePointer->ospfWeak = true; + } + } + } + + // OSPF MD5 Authentication + else if (strcmp(command.part[partPointer + 1], "message-digest-key") == 0) + { + interfacePointer->ospfAuthentication = auth_md5; + strncpy(interfacePointer->ospfKey, command.part[command.parts - 1], sizeof(interfacePointer->ospfKey) - 1); + sprintf(tempString, "ospf-int-%s", interfacePointer->name); + addJohnPassword(nipper, tempString, interfacePointer->ospfKey); + } + + // OSPF Flood reduction + else if (strcmp(command.part[partPointer + 1], "flood-reduction") == 0) + interfacePointer->ospfFloodReduction = setting; + + // OSPF Network + else if (strcmp(command.part[partPointer + 1], "network") == 0) + { + if (strcmp(command.part[partPointer + 2], "broadcast") == 0) + interfacePointer->ospfNetwork = ospf_broadcast; + else if (strcmp(command.part[partPointer + 2], "non-broadcast") == 0) + interfacePointer->ospfNetwork = ospf_nonbroadcast; + else if (strcmp(command.part[partPointer + 2], "point-to-point") == 0) + interfacePointer->ospfNetwork = ospf_p2p; + else if (strcmp(command.part[partPointer + 2], "point-to-multipoint") == 0) + { + interfacePointer->ospfNetwork = ospf_p2multi; + if (command.parts > partPointer + 3) + { + if (strcmp(command.part[partPointer + 3], "non-broadcast") == 0) + interfacePointer->ospfNetwork = ospf_p2multinon; + } + } + if (setting == false) + interfacePointer->ospfNetwork = ospf_default; + } + } + } + + // MOP + else if ((strcmp(command.part[partPointer], "mop") == 0) && (strncmp(command.part[partPointer + 1], "enable", 6) == 0)) + interfacePointer->mop = setting; + + // CDP + else if ((strcmp(command.part[partPointer], "cdp") == 0) && (strcmp(command.part[partPointer + 1], "enable") == 0)) + interfacePointer->cdp = setting; + + // NTP + else if ((strcmp(command.part[0], "ntp") == 0) && (strcmp(command.part[1], "disable") == 0)) + interfacePointer->ntp = false; + + // Switchport Security Violation + else if ((strcmp(command.part[0], "switchport") == 0) && (strcmp(command.part[1], "port-security") == 0) && (strcmp(command.part[2], "violation") == 0)) + { + if (strcmp(command.part[3], "shutdown") == 0) + interfacePointer->switchportViolation = sp_violation_shutdown; + else if (strcmp(command.part[3], "restrict") == 0) + interfacePointer->switchportViolation = sp_violation_restrict; + else if (strcmp(command.part[3], "protect") == 0) + interfacePointer->switchportViolation = sp_violation_protect; + } + + // Switchport Security + else if ((strcmp(command.part[partPointer], "switchport") == 0) && (strcmp(command.part[partPointer + 1], "port-security") == 0) && (command.parts == partPointer + 2)) + interfacePointer->switchportSecurity = setting; + + // Switchport Mode + else if ((strcmp(command.part[0], "switchport") == 0) && (strcmp(command.part[1], "mode") == 0)) + { + if (strcmp(command.part[2], "access") == 0) + interfacePointer->switchportMode = sp_mode_access; + else if (strcmp(command.part[2], "trunk") == 0) + interfacePointer->switchportMode = sp_mode_trunk; + else if (strcmp(command.part[2], "dynamic") == 0) + interfacePointer->switchportMode = sp_mode_dynamic; + else if (strcmp(command.part[2], "dot1q-tunnel") == 0) + interfacePointer->switchportMode = sp_mode_dot1qtunnel; + else if ((strcmp(command.part[2], "private-vlan") == 0) && (strcmp(command.part[3], "host") == 0)) + interfacePointer->switchportModePVLAN = sp_mode_pvlan_host; + else if (strcmp(command.part[2], "private-vlan") == 0) + interfacePointer->switchportModePVLAN = sp_mode_pvlan_promiscuous; + } + + // Switchport VLAN + else if ((strcmp(command.part[0], "switchport") == 0) && (strcmp(command.part[1], "access") == 0) && (strcmp(command.part[2], "vlan") == 0)) + interfacePointer->switchportVLAN = atoi(command.part[3]); + + // VRRP + else if (strcmp(command.part[0], "vrrp") == 0) + { + // Get / Create VRRP Struct + vrrpPointer = getVRRPPointer(interfacePointer, atoi(command.part[1])); + + // Authentication + if (strcmp(command.part[2], "authentication") == 0) + { + // Text + if (strcmp(command.part[3], "text") == 0) + { + vrrpPointer->authentication = vrrp_auth_text; + strncpy(vrrpPointer->authString, command.part[4], sizeof(vrrpPointer->authString) -1); + } + + // MD5 + else if (strcmp(command.part[3], "md5") == 0) + { + vrrpPointer->authentication = vrrp_auth_md5; + if (strcmp(command.part[4], "key-chain") == 0) + { + vrrpPointer->keyChain = true; + strncpy(vrrpPointer->authString, command.part[5], sizeof(vrrpPointer->authString) -1); + } + else if (strcmp(command.part[4], "key-string") == 0) + { + tempInt = 5; + if (strcmp(command.part[5], "0") == 0) + strncpy(vrrpPointer->authString, command.part[6], sizeof(vrrpPointer->authString) -1); + else if (strcmp(command.part[5], "7") == 0) + { + strncpy(vrrpPointer->authStringEnc, command.part[5], sizeof(vrrpPointer->authStringEnc) -1); + if (password7(vrrpPointer->authStringEnc, vrrpPointer->authString, sizeof(vrrpPointer->authString) - 1, nipper->debugMode) != 0) + { + strcpy(vrrpPointer->authString, ""); + addJohnPassword(nipper, "VRRP", vrrpPointer->authStringEnc); + } + } + else + strncpy(vrrpPointer->authString, command.part[5], sizeof(vrrpPointer->authString) -1); + } + } + + // Text + { + vrrpPointer->authentication = vrrp_auth_text; + strncpy(vrrpPointer->authString, command.part[3], sizeof(vrrpPointer->authString) -1); + } + + // Check Passwords... + if ((strcmp(vrrpPointer->authString, "") != 0) && (strlen(vrrpPointer->authString) != 0) && (vrrpPointer->keyChain != true)) + { + if (simplePassword(vrrpPointer->authString, nipper) == true) + { + nipper->simplePasswords++; + vrrpPointer->dictionary = true; + } + if (passwordStrength(vrrpPointer->authString, nipper) == false) + { + nipper->passwordStrengths++; + vrrpPointer->weak = true; + } + } + } + + // Description + else if (strcmp(command.part[2], "description") == 0) + { + if (command.parts == 4) + strncpy(vrrpPointer->description, command.part[3], sizeof(vrrpPointer->description) -1); + else + { + strcpy(tempString, command.part[3]); + tempInt = 4; + while (tempInt < command.parts) + { + sprintf(tempString, "%s %s", tempString, command.part[tempInt]); + tempInt++; + } + strncpy(vrrpPointer->description, tempString, sizeof(vrrpPointer->description) -1); + } + } + + // IP + else if (strcmp(command.part[2], "ip") == 0) + { + vrrpPointer->shutdown = false; + if (command.parts == 5) + strncpy(vrrpPointer->ipAddress2, command.part[3], sizeof(vrrpPointer->ipAddress2) -1); + else + strncpy(vrrpPointer->ipAddress, command.part[3], sizeof(vrrpPointer->ipAddress) -1); + } + + // Priority Level + else if (strcmp(command.part[2], "priority") == 0) + vrrpPointer->priorityLevel = atoi(command.part[3]); + + // shutdown + else if (strcmp(command.part[2], "shutdown") == 0) + vrrpPointer->shutdown = true; + } + + // Shutdown + else if (strcmp(command.part[0], "shutdown") == 0) + interfacePointer->shutdown = true; + + // Read next line + readLine(nipper->input, line, nipper->maxSize); + } +} + diff --git a/0.11.10/IOS/process-keychain.c b/0.11.10/IOS/process-keychain.c new file mode 100644 index 0000000..f135103 --- /dev/null +++ b/0.11.10/IOS/process-keychain.c @@ -0,0 +1,169 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +struct keyConfig +{ + int keyNumber; + char key[64]; + int weak; + int dictionary; + struct keyConfig *next; +}; + + +struct keyChain +{ + char name[32]; + struct keyConfig *key; + struct keyChain *next; +}; + + +// Process Key Chain +void processKeyChain(char *line, struct nipperConfig *nipper) +{ + // Variables + struct keyChain *keyChainPointer = 0; + struct keyConfig *keyPointer = 0; + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("Key Chain Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Is this the first key chain? + if (nipper->ios->chain == 0) + { + keyChainPointer = malloc(sizeof(struct keyChain)); + memset(keyChainPointer, 0, sizeof(struct keyChain)); + + // Pointers + nipper->ios->chain = keyChainPointer; + keyChainPointer->next = 0; + + // Init + strncpy(keyChainPointer->name, command.part[2], sizeof(keyChainPointer->name)); + keyChainPointer->key = 0; + } + + // other key chains already exist + else + { + // Find last key chain + keyChainPointer = nipper->ios->chain; + while (keyChainPointer->next != 0) + keyChainPointer = keyChainPointer->next; + + // create new + keyChainPointer->next = malloc(sizeof(struct keyChain)); + memset(keyChainPointer->next, 0, sizeof(struct keyChain)); + + // Pointers + keyChainPointer = keyChainPointer->next; + keyChainPointer->next = 0; + + // Init + strncpy(keyChainPointer->name, command.part[2], sizeof(keyChainPointer->name)); + keyChainPointer->key = 0; + } + + // Get keys + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + { + printf("Key Chain Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Key + if (strcmp(command.part[0], "key") == 0) + { + // Is it the first key? + if (keyChainPointer->key == 0) + { + keyPointer = malloc(sizeof(struct keyConfig)); + + // Pointers + keyChainPointer->key = keyPointer; + } + + // Other keys exist + else + { + keyPointer = keyChainPointer->key; + while (keyPointer->next != 0) + keyPointer = keyPointer->next; + keyPointer->next = malloc(sizeof(struct keyConfig)); + + // Pointers + keyPointer = keyPointer->next; + } + + // Init + memset(keyPointer, 0, sizeof(struct keyConfig)); + keyPointer->keyNumber = atoi(command.part[1]); + strcpy(keyPointer->key, ""); + keyPointer->weak = false; + keyPointer->dictionary = false; + } + + // Key String + else if (strcmp(command.part[0], "key-string") == 0) + { + strncpy(keyPointer->key, command.part[1], sizeof(keyPointer->key)); + if (simplePassword(keyPointer->key, nipper) == true) + { + nipper->simplePasswords++; + keyPointer->dictionary = true; + } + if (passwordStrength(keyPointer->key, nipper) == false) + { + nipper->passwordStrengths++; + keyPointer->weak = true; + } + } + + // Get next line + readLine(nipper->input, line, nipper->maxSize); + } +} + + diff --git a/0.11.10/IOS/process-line.c b/0.11.10/IOS/process-line.c new file mode 100644 index 0000000..b6df2fa --- /dev/null +++ b/0.11.10/IOS/process-line.c @@ -0,0 +1,338 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#define line_console 0 +#define line_vty 1 +#define line_aux 2 +#define line_tty 3 + +#define login_allowed 0 +#define login_disabled 1 +#define login_local 2 +#define login_authentication 3 + +// Line +struct lineConfig +{ + // Basics... + int lineType; // line_console... + int lineNumberStart; + int lineNumberEnd; + + // Security... + int login; // login_disabled... + int exec; // true (default) or false + int authorization; // true or false (default) + int callback; // true or false (default) + char password[81]; + char passwordEncrypted[128]; + int encryption; // encrypt_type7, encrypt_md5... + char aclIn[65]; + char aclOut[65]; + + // Accounting / Logging... + int accounting; // true or false (default) + + // Access Types... + int ssh; // true or false (default) + int telnet; // true (default) or false + + // Timeouts... + int execTimeout; // Exec timeout in seconds, 0 = no timeout (default) + int absoluteTimeout; + int sessionTimeout; + int timeout; + + // Flags... + int weak; + int dictionary; + + struct lineConfig *next; +}; + + +// Process Line +void processLine(char *line, struct nipperConfig *nipper) +{ + // Variables + struct lineConfig *linePointer = 0; + struct ciscoCommand command; + fpos_t filePosition; + int tempInt = 0; + + while ((line[0] != '!') && (feof(nipper->input) == 0)) + { + // Debug + if (nipper->debugMode == true) + { + printf("Line Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // If it is a new line + if (strcmp(command.part[0], "line") == 0) + { + // If this is the first line... + if (nipper->ios->line == 0) + { + nipper->ios->line = malloc(sizeof(struct lineConfig)); + linePointer = nipper->ios->line; + } + + // Else find last line... + else + { + linePointer = nipper->ios->line; + while (linePointer->next != 0) + linePointer = linePointer->next; + linePointer->next = malloc(sizeof(struct lineConfig)); + linePointer = linePointer->next; + } + + // Init the new line structure + memset(linePointer, 0, sizeof(struct lineConfig)); + + // Set the new line to the default settings + linePointer->login = login_allowed; + linePointer->exec = true; + linePointer->authorization = false; + linePointer->callback = false; + linePointer->encryption = encrypt_none; + linePointer->accounting = false; + linePointer->ssh = false; + linePointer->telnet = true; + + // Set line type + if (strcmp(command.part[1], "tty") == 0) + linePointer->lineType = line_tty; + else if (strcmp(command.part[1], "vty") == 0) + linePointer->lineType = line_vty; + else if ((strcmp(command.part[1], "aux") == 0) || (strcmp(command.part[1], "auxiliary") == 0)) + linePointer->lineType = line_aux; + else if ((strcmp(command.part[1], "con") == 0) || (strcmp(command.part[1], "console") == 0)) + linePointer->lineType = line_console; + + // Set line start + linePointer->lineNumberStart = atoi(command.part[2]); + if (command.parts == 4) + linePointer->lineNumberEnd = atoi(command.part[3]); + } + + // Exec + else if (strcmp(command.part[0], "exec") == 0) + linePointer->exec = true; + + // No Exec + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "exec") == 0)) + linePointer->exec = false; + + // Local Login + else if ((strcmp(command.part[0], "login") == 0) && (strcmp(command.part[1], "local") == 0)) + linePointer->login = login_local; + + // Authentication Login + else if ((strcmp(command.part[0], "login") == 0) && (strcmp(command.part[1], "authentication") == 0)) + linePointer->login = login_authentication; + + // Login + else if (strcmp(command.part[0], "login") == 0) + linePointer->login = login_allowed; + + // No Login + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "login") == 0)) + { + linePointer->login = login_allowed; + memset(linePointer->password, 0, sizeof(linePointer->password)); + memset(linePointer->passwordEncrypted, 0, sizeof(linePointer->passwordEncrypted)); + linePointer->encryption = encrypt_none; + } + + // Password + else if (strcmp(command.part[0], "password") == 0) + { + switch(command.part[1][0]) + { + case '7': + linePointer->encryption = encrypt_type7; + if (password7(command.part[command.parts - 1], linePointer->password, sizeof(linePointer->password), nipper->debugMode) != 0) + strcpy(linePointer->password, ""); + strncpy(linePointer->passwordEncrypted, command.part[command.parts - 1], sizeof(linePointer->passwordEncrypted)); + break; + case '5': + linePointer->encryption = encrypt_md5; + strcpy(linePointer->password, ""); + strncpy(linePointer->passwordEncrypted, command.part[command.parts - 1], sizeof(linePointer->passwordEncrypted)); + addJohnPassword(nipper, "line", linePointer->passwordEncrypted); + break; + case '0': + linePointer->encryption = encrypt_none; + strncpy(linePointer->password, command.part[command.parts - 1], sizeof(linePointer->password)); + strcpy(linePointer->passwordEncrypted, ""); + break; + default: + if (command.parts == 2) + { + linePointer->encryption = encrypt_none; + strncpy(linePointer->password, command.part[command.parts - 1], sizeof(linePointer->password)); + strcpy(linePointer->passwordEncrypted, ""); + } + else + { + linePointer->encryption = encrypt_unknown; + strcpy(linePointer->password, ""); + strncpy(linePointer->passwordEncrypted, command.part[command.parts - 1], sizeof(linePointer->passwordEncrypted)); + } + break; + } + if ((strcmp(linePointer->password, "") != 0) && (strlen(linePointer->password) != 0)) + { + if (simplePassword(linePointer->password, nipper) == true) + { + nipper->simplePasswords++; + linePointer->dictionary = true; + } + if (passwordStrength(linePointer->password, nipper) == false) + { + nipper->passwordStrengths++; + linePointer->weak = true; + } + } + } + + // No Password + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "password") == 0)) + { + linePointer->login = login_disabled; + memset(linePointer->password, 0, sizeof(linePointer->password)); + memset(linePointer->passwordEncrypted, 0, sizeof(linePointer->passwordEncrypted)); + linePointer->encryption = encrypt_none; + } + + // Access-Class In + else if ((strcmp(command.part[0], "access-class") == 0) && (strcmp(command.part[2], "in") == 0)) + strncpy(linePointer->aclIn, command.part[1], sizeof(linePointer->aclIn) -1); + + // Access-Class Out + else if ((strcmp(command.part[0], "access-class") == 0) && (strcmp(command.part[2], "out") == 0)) + strncpy(linePointer->aclOut, command.part[1], sizeof(linePointer->aclOut) -1); + + // Callback + else if (strcmp(command.part[0], "callback") == 0) + linePointer->callback = true; + + // No Callback + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "callback") == 0)) + linePointer->callback = false; + + // Transport input + else if ((strcmp(command.part[0], "transport") == 0) && (strcmp(command.part[1], "input") == 0)) + { + tempInt = 2; + linePointer->telnet = false; + linePointer->ssh = false; + while (tempInt < command.parts) + { + if (strcmp(command.part[tempInt], "all") == 0) + { + linePointer->telnet = true; + linePointer->ssh = true; + } + else if (strcmp(command.part[tempInt], "ssh") == 0) + linePointer->ssh = true; + else if (strcmp(command.part[tempInt], "telnet") == 0) + linePointer->telnet = true; + tempInt++; + } + } + + // timeout + else if (strcmp(command.part[0], "timeout") == 0) + { + linePointer->timeout = atoi(command.part[1]) * 60; + if (command.parts == 3) + linePointer->timeout = linePointer->timeout + atoi(command.part[2]); + } + + // No Timeout + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "timeout") == 0)) + linePointer->timeout = 0; + + // Exec-timeout + else if (strcmp(command.part[0], "exec-timeout") == 0) + { + linePointer->execTimeout = atoi(command.part[1]) * 60; + if (command.parts == 3) + linePointer->execTimeout = linePointer->execTimeout + atoi(command.part[2]); + } + + // No Exec Timeout + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "exec-timeout") == 0)) + linePointer->execTimeout = 0; + + // session-timeout + else if (strcmp(command.part[0], "session-timeout") == 0) + { + linePointer->sessionTimeout = atoi(command.part[1]) * 60; + if (command.parts == 3) + linePointer->sessionTimeout = linePointer->sessionTimeout + atoi(command.part[2]); + } + + // No session Timeout + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "session-timeout") == 0)) + linePointer->sessionTimeout = 0; + + // Absolute-timeout + else if (strcmp(command.part[0], "absolute-timeout") == 0) + { + linePointer->absoluteTimeout = atoi(command.part[1]) * 60; + if (command.parts == 3) + linePointer->absoluteTimeout = linePointer->absoluteTimeout + atoi(command.part[2]); + } + + // No Absolute Timeout + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "absolute-timeout") == 0)) + linePointer->absoluteTimeout = 0; + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + + // Get next line... + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + + // Set to previous position... + fsetpos(nipper->input, &filePosition); +} + + diff --git a/0.11.10/IOS/process-logging.c b/0.11.10/IOS/process-logging.c new file mode 100644 index 0000000..6793707 --- /dev/null +++ b/0.11.10/IOS/process-logging.c @@ -0,0 +1,328 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Logging config +struct loggingConfig +{ + int logging; // true (default), false + // Logging to Console + int consoleLogging; // true, false, unconfigured (default) + int consoleLevel; // -1 (default) + // Logging to Terminal Lines + int monitorLogging; // true (default) or false + int monitorLevel; // 7 (default) + // Buffer Logging + int bufferedLogging; // true, false, unconfigured (default) + int bufferSize; // -1 (default) + int bufferLevel; // Buffer Severity level (-1 default) + // Syslog + int loggingTrap; // 6 (default) + char facility[8]; // Syslog facility (default is local7) + char originId[64]; // Syslog Origin ID + char sourceInterface[32]; // Source Interface + int logCount; // true or false (default) + // Logging Options + int logEnable; // true or false (default) + struct host *logServer; // Logging hosts (command is "logging" or "logging host" +}; + + +// Process Logging +void processLogging(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct host *logServerPointer = 0; + struct ciscoCommand command; + char tempString[nipper->maxSize]; + int tempInt = 0; + int setting = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Logging Line: %s\n", line); + } + + // Create logging structure + if (nipper->ios->logging == 0) + { + nipper->ios->logging = malloc(sizeof(struct loggingConfig)); + memset(nipper->ios->logging, 0, sizeof(struct loggingConfig)); + + // init + nipper->loggingLevels = true; + nipper->ios->logging->logging = true; + nipper->ios->logging->consoleLogging = unconfigured; + nipper->ios->logging->consoleLevel = -1; + nipper->ios->logging->bufferedLogging = unconfigured; + nipper->ios->logging->bufferSize = -1; + nipper->ios->logging->bufferLevel = 7; + nipper->ios->logging->logCount = false; + nipper->ios->logging->logEnable = false; + nipper->ios->logging->monitorLogging = true; + nipper->ios->logging->monitorLevel = 7; + nipper->ios->logging->loggingTrap = 6; + strcpy(nipper->ios->logging->facility, "local7"); + } + + // Init... + command = splitLine(line); + + // Setting + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 2; + } + else + { + setting = true; + tempInt = 1; + } + + // Buffered + if (strcmp(command.part[tempInt], "buffered") == 0) + { + nipper->ios->logging->bufferedLogging = setting; + + // Buffered options + if (tempInt < command.parts) + { + tempInt++; + // Levels + if ((strcmp(command.part[tempInt], "0") == 0) || (strcmp(command.part[tempInt], "emergencies") == 0)) + nipper->ios->logging->bufferLevel = 0; + else if ((strcmp(command.part[tempInt], "1") == 0) || (strcmp(command.part[tempInt], "alerts") == 0)) + nipper->ios->logging->bufferLevel = 1; + else if ((strcmp(command.part[tempInt], "2") == 0) || (strcmp(command.part[tempInt], "critical") == 0)) + nipper->ios->logging->bufferLevel = 2; + else if ((strcmp(command.part[tempInt], "3") == 0) || (strcmp(command.part[tempInt], "errors") == 0)) + nipper->ios->logging->bufferLevel = 3; + else if ((strcmp(command.part[tempInt], "4") == 0) || (strcmp(command.part[tempInt], "warnings") == 0)) + nipper->ios->logging->bufferLevel = 4; + else if ((strcmp(command.part[tempInt], "5") == 0) || (strcmp(command.part[tempInt], "notifications") == 0)) + nipper->ios->logging->bufferLevel = 5; + else if ((strcmp(command.part[tempInt], "6") == 0) || (strcmp(command.part[tempInt], "informational") == 0)) + nipper->ios->logging->bufferLevel = 6; + else if ((strcmp(command.part[tempInt], "7") == 0) || (strcmp(command.part[tempInt], "debugging") == 0)) + nipper->ios->logging->bufferLevel = 7; + + // Buffer Size + else + nipper->ios->logging->bufferSize = atoi(command.part[tempInt]); + tempInt++; + } + if (tempInt < command.parts) + { + // Levels + if ((strcmp(command.part[tempInt], "0") == 0) || (strcmp(command.part[tempInt], "emergencies") == 0)) + nipper->ios->logging->bufferLevel = 0; + else if ((strcmp(command.part[tempInt], "1") == 0) || (strcmp(command.part[tempInt], "alerts") == 0)) + nipper->ios->logging->bufferLevel = 1; + else if ((strcmp(command.part[tempInt], "2") == 0) || (strcmp(command.part[tempInt], "critical") == 0)) + nipper->ios->logging->bufferLevel = 2; + else if ((strcmp(command.part[tempInt], "3") == 0) || (strcmp(command.part[tempInt], "errors") == 0)) + nipper->ios->logging->bufferLevel = 3; + else if ((strcmp(command.part[tempInt], "4") == 0) || (strcmp(command.part[tempInt], "warnings") == 0)) + nipper->ios->logging->bufferLevel = 4; + else if ((strcmp(command.part[tempInt], "5") == 0) || (strcmp(command.part[tempInt], "notifications") == 0)) + nipper->ios->logging->bufferLevel = 5; + else if ((strcmp(command.part[tempInt], "6") == 0) || (strcmp(command.part[tempInt], "informational") == 0)) + nipper->ios->logging->bufferLevel = 6; + else if ((strcmp(command.part[tempInt], "7") == 0) || (strcmp(command.part[tempInt], "debugging") == 0)) + nipper->ios->logging->bufferLevel = 7; + } + } + + // Console + else if (strcmp(command.part[tempInt], "console") == 0) + { + nipper->ios->logging->consoleLogging = setting; + + // Options + if (tempInt < command.parts) + { + tempInt++; + // Levels + if ((strcmp(command.part[tempInt], "0") == 0) || (strcmp(command.part[tempInt], "emergencies") == 0)) + nipper->ios->logging->consoleLevel = 0; + else if ((strcmp(command.part[tempInt], "1") == 0) || (strcmp(command.part[tempInt], "alerts") == 0)) + nipper->ios->logging->consoleLevel = 1; + else if ((strcmp(command.part[tempInt], "2") == 0) || (strcmp(command.part[tempInt], "critical") == 0)) + nipper->ios->logging->consoleLevel = 2; + else if ((strcmp(command.part[tempInt], "3") == 0) || (strcmp(command.part[tempInt], "errors") == 0)) + nipper->ios->logging->consoleLevel = 3; + else if ((strcmp(command.part[tempInt], "4") == 0) || (strcmp(command.part[tempInt], "warnings") == 0)) + nipper->ios->logging->consoleLevel = 4; + else if ((strcmp(command.part[tempInt], "5") == 0) || (strcmp(command.part[tempInt], "notifications") == 0)) + nipper->ios->logging->consoleLevel = 5; + else if ((strcmp(command.part[tempInt], "6") == 0) || (strcmp(command.part[tempInt], "informational") == 0)) + nipper->ios->logging->consoleLevel = 6; + else if ((strcmp(command.part[tempInt], "7") == 0) || (strcmp(command.part[tempInt], "debugging") == 0)) + nipper->ios->logging->consoleLevel = 7; + } + } + + // Trap + else if (strcmp(command.part[tempInt], "trap") == 0) + { + if (setting == false) + nipper->ios->logging->loggingTrap = 6; + + // Levels + else + { + tempInt++; + // Levels + if ((strcmp(command.part[tempInt], "0") == 0) || (strcmp(command.part[tempInt], "emergencies") == 0)) + nipper->ios->logging->loggingTrap = 0; + else if ((strcmp(command.part[tempInt], "1") == 0) || (strcmp(command.part[tempInt], "alerts") == 0)) + nipper->ios->logging->loggingTrap = 1; + else if ((strcmp(command.part[tempInt], "2") == 0) || (strcmp(command.part[tempInt], "critical") == 0)) + nipper->ios->logging->loggingTrap = 2; + else if ((strcmp(command.part[tempInt], "3") == 0) || (strcmp(command.part[tempInt], "errors") == 0)) + nipper->ios->logging->loggingTrap = 3; + else if ((strcmp(command.part[tempInt], "4") == 0) || (strcmp(command.part[tempInt], "warnings") == 0)) + nipper->ios->logging->loggingTrap = 4; + else if ((strcmp(command.part[tempInt], "5") == 0) || (strcmp(command.part[tempInt], "notifications") == 0)) + nipper->ios->logging->loggingTrap = 5; + else if ((strcmp(command.part[tempInt], "6") == 0) || (strcmp(command.part[tempInt], "informational") == 0)) + nipper->ios->logging->loggingTrap = 6; + else if ((strcmp(command.part[tempInt], "7") == 0) || (strcmp(command.part[tempInt], "debugging") == 0)) + nipper->ios->logging->loggingTrap = 7; + } + } + + // Monitor + else if (strcmp(command.part[tempInt], "monitor") == 0) + { + nipper->ios->logging->monitorLogging = setting; + + // Options + if (tempInt < command.parts) + { + tempInt++; + // Levels + if ((strcmp(command.part[tempInt], "0") == 0) || (strcmp(command.part[tempInt], "emergencies") == 0)) + nipper->ios->logging->monitorLevel = 0; + else if ((strcmp(command.part[tempInt], "1") == 0) || (strcmp(command.part[tempInt], "alerts") == 0)) + nipper->ios->logging->monitorLevel = 1; + else if ((strcmp(command.part[tempInt], "2") == 0) || (strcmp(command.part[tempInt], "critical") == 0)) + nipper->ios->logging->monitorLevel = 2; + else if ((strcmp(command.part[tempInt], "3") == 0) || (strcmp(command.part[tempInt], "errors") == 0)) + nipper->ios->logging->monitorLevel = 3; + else if ((strcmp(command.part[tempInt], "4") == 0) || (strcmp(command.part[tempInt], "warnings") == 0)) + nipper->ios->logging->monitorLevel = 4; + else if ((strcmp(command.part[tempInt], "5") == 0) || (strcmp(command.part[tempInt], "notifications") == 0)) + nipper->ios->logging->monitorLevel = 5; + else if ((strcmp(command.part[tempInt], "6") == 0) || (strcmp(command.part[tempInt], "informational") == 0)) + nipper->ios->logging->monitorLevel = 6; + else if ((strcmp(command.part[tempInt], "7") == 0) || (strcmp(command.part[tempInt], "debugging") == 0)) + nipper->ios->logging->monitorLevel = 7; + } + } + + // Origin ID + else if (strcmp(command.part[tempInt], "origin-id") == 0) + { + tempInt++; + if (strcmp(command.part[tempInt], "string") == 0) + tempInt++; + strncpy(nipper->ios->logging->originId, command.part[tempInt], sizeof(nipper->ios->logging->originId) - 1); + } + + // Source Interface + else if (strcmp(command.part[tempInt], "source-interface") == 0) + { + tempInt++; + if (setting == true) + { + if (tempInt + 1 == command.parts) + strncpy(nipper->ios->logging->sourceInterface, command.part[tempInt], sizeof(nipper->ios->logging->sourceInterface) -1); + else + { + sprintf(tempString, "%s%s", command.part[tempInt], command.part[tempInt+1]); + strncpy(nipper->ios->logging->sourceInterface, tempString, sizeof(nipper->ios->logging->sourceInterface) -1); + } + } + } + + // Count + else if (strcmp(command.part[tempInt], "count") == 0) + nipper->ios->logging->logCount = setting; + + // Enable + else if (strcmp(command.part[tempInt], "enable") == 0) + nipper->ios->logging->logEnable = setting; + + // On + else if (strcmp(command.part[tempInt], "on") == 0) + nipper->ios->logging->logging = setting; + + // Facility + else if (strcmp(command.part[tempInt], "facility") == 0) + strncpy(nipper->ios->logging->facility, command.part[tempInt+1], sizeof(nipper->ios->logging->facility) - 1); + + // Unsupported logging lines.. + else if ((strcmp(command.part[tempInt], "userinfo") == 0) || (strcmp(command.part[tempInt], "synchronous") == 0) || (strcmp(command.part[tempInt], "size") == 0) || (strcmp(command.part[tempInt], "rate-limit") == 0) || (strcmp(command.part[tempInt], "monitor") == 0) || (strcmp(command.part[tempInt], "linecard") == 0) || (strcmp(command.part[tempInt], "history") == 0) || (strcmp(command.part[tempInt], "filter") == 0) || (strcmp(command.part[tempInt], "buffered") == 0) || (strcmp(command.part[tempInt], "console") == 0)) + { + // Debug (lines not processed) + if (nipper->linesnotprocessed == true) + printf("%s\n", line); + } + + // Logging Host + else + { + if (strcmp(command.part[tempInt], "host") == 0) + tempInt++; + // If first logging host + if (nipper->ios->logging->logServer == 0) + { + // create structure + nipper->ios->logging->logServer = malloc(sizeof(struct host)); + logServerPointer = nipper->ios->logging->logServer; + } + else + { + logServerPointer = nipper->ios->logging->logServer; + while (logServerPointer->next != 0) + logServerPointer = logServerPointer->next; + logServerPointer->next = malloc(sizeof(struct host)); + logServerPointer = logServerPointer->next; + } + memset(logServerPointer, 0, sizeof(struct host)); + // add server + strncpy(logServerPointer->server, command.part[tempInt], sizeof(logServerPointer->server) -1); + } +} + + diff --git a/0.11.10/IOS/process-nat.c b/0.11.10/IOS/process-nat.c new file mode 100644 index 0000000..8202a23 --- /dev/null +++ b/0.11.10/IOS/process-nat.c @@ -0,0 +1,193 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#define nat_static 0 +#define nat_dynamic_acl 1 +#define nat_dynamic_route 2 +#define nat_port 3 +#define nat_network 4 + +// NAT +struct natConfig +{ + int inside; // true or false - if false then it is outside) + int type; // nat_static + char local[64]; // local + int localPort; + char global[64]; // global + int globalPort; + char mask[16]; // Mask + int interNumber; // global number / interface number + int pool; // true or false (default) + int ipSecESP; // true or false (default) + int routeMap; // true or false (default) + int tcp; // true (default) or false + int inter; // true or false (default) + struct natConfig *next; +}; + + +// Process NAT +void processNAT(char *line, struct nipperConfig *nipper) +{ + // Variables + struct natConfig *natPointer = 0; + struct ciscoCommand command; + int tempInt = 0; + + // Init + command = splitLine(line); + + // if it is a source or nat line + if (((strcmp(command.part[2], "inside") == 0) || (strcmp(command.part[2], "outside") == 0)) && (command.parts > 3) && (strcmp(command.part[3], "source") == 0)) + { + // Debug + if (nipper->debugMode == true) + { + printf("NAT inside/outside source Line: %s\n", line); + } + + // Is this the first nat line? + if (nipper->ios->nat == 0) + { + nipper->ios->nat = malloc(sizeof(struct natConfig)); + natPointer = nipper->ios->nat; + } + + // Else find last line... + else + { + natPointer = nipper->ios->nat; + while (natPointer->next != 0) + natPointer = natPointer->next; + natPointer->next = malloc(sizeof(struct natConfig)); + natPointer = natPointer->next; + } + + // Init the new line structure + memset(natPointer, 0, sizeof(struct natConfig)); + + // Defaults... + natPointer->ipSecESP = false; + natPointer->routeMap = false; + natPointer->pool = false; + natPointer->tcp = true; + natPointer->inter = false; + + // Set inside / outside + if (strcmp(command.part[2], "inside") == 0) + natPointer->inside = true; + else + natPointer->inside = false; + + // Set type + if ((strcmp(command.part[4], "static") == 0) && (strcmp(command.part[5], "network") == 0)) + natPointer->type = nat_network; + else if ((strcmp(command.part[4], "static") == 0) && ((strcmp(command.part[5], "tcp") == 0) || (strcmp(command.part[5], "udp") == 0))) + natPointer->type = nat_port; + else if (strcmp(command.part[4], "list") == 0) + natPointer->type = nat_dynamic_acl; + else if (strcmp(command.part[4], "route-map") == 0) + natPointer->type = nat_dynamic_route; + else if (strcmp(command.part[4], "static") == 0) + natPointer->type = nat_static; + + // Process the different nat types... + switch (natPointer->type) + { + // Static NAT + case nat_static: + if (strcmp(command.part[5], "esp") == 0) + { + natPointer->ipSecESP = true; + strncpy(natPointer->local, command.part[6], sizeof(natPointer->local) - 1); + strncpy(natPointer->global, command.part[8], sizeof(natPointer->global) - 1); + natPointer->interNumber = atoi(command.part[9]); + tempInt = 10; + } + else + { + strncpy(natPointer->local, command.part[5], sizeof(natPointer->local) - 1); + strncpy(natPointer->global, command.part[6], sizeof(natPointer->global) - 1); + tempInt = 7; + } + break; + + // Dynamic NAT (ACL / Route Map) + case nat_dynamic_route: + case nat_dynamic_acl: + strncpy(natPointer->local, command.part[5], sizeof(natPointer->local) - 1); + if (strcmp(command.part[6], "pool") == 0) + { + natPointer->pool = true; + strncpy(natPointer->global, command.part[7], sizeof(natPointer->global) - 1); + } + else + { + strncpy(natPointer->global, command.part[7], sizeof(natPointer->global) - 1); + natPointer->interNumber = atoi(command.part[8]); + } + break; + + // Port Static NAT + case nat_port: + if (strcmp(command.part[5], "tcp") == 0) + natPointer->tcp = true; + else + natPointer->tcp = false; + if (strcmp(command.part[6], "interface") == 0) + { + natPointer->inter = true; + natPointer->globalPort = atoi(command.part[7]); + } + else + { + strncpy(natPointer->local, command.part[6], sizeof(natPointer->local) - 1); + natPointer->localPort = atoi(command.part[7]); + strncpy(natPointer->global, command.part[8], sizeof(natPointer->global) - 1); + natPointer->globalPort = atoi(command.part[9]); + } + break; + + // Network NAT + case nat_network: + strncpy(natPointer->local, command.part[6], sizeof(natPointer->local) - 1); + strncpy(natPointer->global, command.part[7], sizeof(natPointer->global) - 1); + strncpy(natPointer->mask, command.part[8], sizeof(natPointer->mask) - 1); + break; + } + } + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} + + diff --git a/0.11.10/IOS/process-ntp.c b/0.11.10/IOS/process-ntp.c new file mode 100644 index 0000000..d4e2d42 --- /dev/null +++ b/0.11.10/IOS/process-ntp.c @@ -0,0 +1,234 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +#define ntp_peer 0 +#define ntp_serve 1 +#define ntp_serve_only 2 +#define ntp_query_only 3 + + +// NTP Server / Peer +struct ntpHost +{ + char ntpHost[32]; + int keyNum; + struct ntpHost *next; +}; + +// NTP Authentication Key +struct ntpKey +{ + int keyNum; + int trusted; // true or false + char key[128]; + int weak; + int dictionary; + struct ntpKey *next; +}; + +// NTP Access Group +struct ntpAccessGroup +{ + int accessType; // ntp_peer, ntp_serve... + char accessList[65]; + struct ntpAccessGroup *next; +}; + +// NTP +struct ntpConfig +{ + int enabled; // true or false + int master; // true or false + int authentication; // true or false + struct ntpAccessGroup *access; + struct ntpKey *key; + struct ntpHost *server; + struct ntpHost *peer; +}; + + +// Process NTP +void processNtp(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ntpKey *ntpKeyPointer = 0; + struct ntpHost *ntpHostPointer = 0; + struct ntpAccessGroup *ntpAccessPointer = 0; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("NTP Line: %s\n", line); + } + + // Check to see if NTP already exists + if (nipper->ios->ntp == 0) + { + nipper->ios->ntp = malloc(sizeof(struct ntpConfig)); + memset(nipper->ios->ntp, 0, sizeof(struct ntpConfig)); + + // Init + nipper->ios->ntp->enabled = true; + nipper->ios->ntp->master = false; + nipper->ios->ntp->authentication = false; + } + + // ntp disable? + if (strncmp(line, "ntp disable", 11) == 0) + nipper->ios->ntp->enabled = false; + + // ntp master? + else if (strncmp(line, "ntp master", 10) == 0) + nipper->ios->ntp->master = true; + + // ntp server / peer? + else if ((strncmp(line, "ntp server ", 11) == 0) || (strncmp(line, "ntp peer ", 9) == 0)) + { + // create ntp host struct + ntpHostPointer = malloc(sizeof(struct ntpHost)); + memset(ntpHostPointer, 0, sizeof(struct ntpHost)); + + // Sort out Pointers + if (strncmp(line, "ntp server ", 11) == 0) + { + ntpHostPointer->next = nipper->ios->ntp->server; + nipper->ios->ntp->server = ntpHostPointer; + } + else + { + ntpHostPointer->next = nipper->ios->ntp->peer; + nipper->ios->ntp->peer = ntpHostPointer; + } + + // Init + ntpHostPointer->keyNum = -1; + + // Get info + tempInt = nextSpace(line + 11); + if (line[11 + tempInt] == 0) + { + strncpy(ntpHostPointer->ntpHost, line + 11, sizeof(ntpHostPointer->ntpHost)); + } + else + { + line[11 + tempInt] = 0; + strncpy(ntpHostPointer->ntpHost, line + 11, sizeof(ntpHostPointer->ntpHost)); + + // If key exists + if (strncmp(line + 11 + tempInt, "key ", 4) == 0) + { + ntpHostPointer->keyNum = atoi(line + 15 + tempInt); + } + } + } + + // ntp authentication? + else if (strncmp(line, "ntp authenticate", 16) == 0) + nipper->ios->ntp->authentication = true; + + // ntp authentication key? + else if (strncmp(line, "ntp authentication-key ", 23) == 0) + { + // create ntp key struct + ntpKeyPointer = malloc(sizeof(struct ntpKey)); + memset(ntpKeyPointer, 0, sizeof(struct ntpKey)); + + // Sort out Pointers + ntpKeyPointer->next = nipper->ios->ntp->key; + nipper->ios->ntp->key = ntpKeyPointer; + + // Init + ntpKeyPointer->trusted = false; + ntpKeyPointer->weak = false; + ntpKeyPointer->dictionary = false; + + tempInt = nextSpace(line + 23); + line[23 + tempInt] = 0; + ntpKeyPointer->keyNum = atoi(line + 23); + strncpy(ntpKeyPointer->key, line + 27 + tempInt, sizeof(ntpKeyPointer->key)); + if (simplePassword(ntpKeyPointer->key, nipper) == true) + { + nipper->simplePasswords++; + ntpKeyPointer->dictionary = true; + } + if (passwordStrength(ntpKeyPointer->key, nipper) == false) + { + nipper->passwordStrengths++; + ntpKeyPointer->weak = true; + } + } + + // ntp authentication key trusted? + else if (strncmp(line, "ntp trusted-key ", 16) == 0) + { + // Init + ntpKeyPointer = nipper->ios->ntp->key; + tempInt = atoi(line + 16); + + // Find key + while ((ntpKeyPointer != 0) && (ntpKeyPointer->keyNum != tempInt)) + { + ntpKeyPointer = ntpKeyPointer->next; + } + + // Set trusted if found + if (ntpKeyPointer->keyNum == tempInt) + ntpKeyPointer->trusted = true; + } + + // ntp access-group? + else if (strncmp(line, "ntp access-group ", 17) == 0) + { + // create ntp access-group struct + ntpAccessPointer = malloc(sizeof(struct ntpAccessGroup)); + memset(ntpAccessPointer, 0, sizeof(struct ntpAccessGroup)); + + // Sort out Pointers + ntpAccessPointer->next = nipper->ios->ntp->access; + nipper->ios->ntp->access = ntpAccessPointer; + + // Get access type + if (strncmp(line + 17, "peer ", 5) == 0) + ntpAccessPointer->accessType = ntp_peer; + else if (strncmp(line + 17, "serve ", 6) == 0) + ntpAccessPointer->accessType = ntp_serve; + else if (strncmp(line + 17, "serve-only ", 11) == 0) + ntpAccessPointer->accessType = ntp_serve_only; + else + ntpAccessPointer->accessType = ntp_query_only; + + // Get access-list num + tempInt = nextSpace(line + 17); + strncpy(ntpAccessPointer->accessList, line + 18 + tempInt, sizeof(ntpAccessPointer->accessList) - 1); + } +} + diff --git a/0.11.10/IOS/process-route-map.c b/0.11.10/IOS/process-route-map.c new file mode 100644 index 0000000..99fa0fa --- /dev/null +++ b/0.11.10/IOS/process-route-map.c @@ -0,0 +1,121 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Route Map +struct routeMapConfig +{ + char mapTag[64]; + int sequenceNo; + int permission; // perm_allow (default) or perm_deny + struct routeMapConfig *next; +}; + + +// Process Route Map +void processRouteMap(char *line, struct nipperConfig *nipper) +{ + // Variables + struct routeMapConfig *routeMapPointer = 0; + fpos_t filePosition; + int tempInt = 0; + struct ciscoCommand command; + + while ((line[0] != '!') && (feof(nipper->input) == 0)) + { + // Debug + if (nipper->debugMode == true) + { + printf("Route Map Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // If it is a new route map + if (strcmp(command.part[0], "route-map") == 0) + { + // If this is the first route map... + if (nipper->ios->routeMap == 0) + { + nipper->ios->routeMap = malloc(sizeof(struct routeMapConfig)); + routeMapPointer = nipper->ios->routeMap; + } + + // Else find last route map... + else + { + routeMapPointer = nipper->ios->routeMap; + while (routeMapPointer->next != 0) + routeMapPointer = routeMapPointer->next; + routeMapPointer->next = malloc(sizeof(struct routeMapConfig)); + routeMapPointer = routeMapPointer->next; + } + + // Init the new line structure + memset(routeMapPointer, 0, sizeof(struct routeMapConfig)); + + // Set the new route map to the default settings + routeMapPointer->permission = perm_permit; + + // Set map tag... + strncpy(routeMapPointer->mapTag, command.part[1], sizeof(routeMapPointer->mapTag) - 1); + + // Set optional parameters + for (tempInt = 2; tempInt < command.parts; tempInt++) + { + // Permit + if (strcmp(command.part[tempInt], "permit") == 0) + routeMapPointer->permission = perm_permit; + + // Deny + else if (strcmp(command.part[tempInt], "deny") == 0) + routeMapPointer->permission = perm_deny; + + // Sequence no + else + routeMapPointer->sequenceNo = atoi(command.part[tempInt]); + } + } + + // Debug (route map lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + + // Get next line... + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + + // Set to previous position... + fsetpos(nipper->input, &filePosition); +} + + diff --git a/0.11.10/IOS/process-router.c b/0.11.10/IOS/process-router.c new file mode 100644 index 0000000..6372e5c --- /dev/null +++ b/0.11.10/IOS/process-router.c @@ -0,0 +1,1111 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +struct passiveStruct +{ + char interface[32]; + int passive; + struct passiveStruct *next; +}; + +struct ripConfig +{ + int version; + int autoSummary; + int defaultRoute; + char defaultRouteMap[57]; + int defaultMetric; + int inputQueue; + int outputDelay; + int validateUpdateSource; + int defaultPassive; + struct host *neighbor; + struct host *network; + struct passiveStruct *passive; +}; + +struct ospfNetworkConfig +{ + char network[16]; + char networkMask[16]; + char areaID[16]; + struct ospfNetworkConfig *next; +}; + +struct ospfAreaConfig +{ + char areaID[16]; + int areaAuth; + int defaultCost; + struct ospfAreaConfig *next; +}; + +struct ospfNeighbor +{ + char host[16]; + int priority; + int pollInterval; + int costNumber; + int databaseFilter; + struct ospfNeighbor *next; +}; + +struct ospfConfig +{ + int processID; + int defaultPassive; + struct passiveStruct *passive; + struct ospfNetworkConfig *ospfNetwork; + struct ospfAreaConfig *ospfArea; + struct ospfNeighbor *neighbor; + struct ospfConfig *next; +}; + +struct isisConfig +{ +}; + +#define eigrp_stub_disabled 0 +#define eigrp_stub_enabled 1 +#define eigrp_stub_receive 2 +#define eigrp_stub_connected 3 +#define eigrp_stub_static 4 +#define eigrp_stub_summary 5 +#define eigrp_stub_redist 6 + +struct eigrpNeighbor +{ + char ipAddress[32]; + char interface[32]; + struct eigrpNeighbor *next; +}; + +struct eigrpNetwork +{ + char ipAddress[32]; + char netMask[32]; + struct eigrpNetwork *next; +}; + +struct eigrpConfig +{ + int process; // EIGRP Autonomous No. + char routerId[32]; // If not set, it is automatic + int maximumHops; // default is 100 + int stub; // default is eigrp_stub_disabled + int autoSummary; // true or false (default) + int internalDistance; // default 90 + int externalDistance; // default 170 + int logNeighborChanges; // true (default) or false + int logNeighborWarnings; // true (default) or false + int defaultPassive; // false (default) + struct passiveStruct *passive; + struct eigrpNetwork *network; + struct eigrpNeighbor *neighbor; + struct eigrpConfig *next; +}; + +struct bgpNeighbor +{ + char host[32]; + int encryption; // encrypt_type7, encrypt_md5... + char password[128]; + char passwordEncrypted[128]; + int dictionary; + int weak; + char description[128]; + int autonomousNo; + int ttlHops; + struct bgpNeighbor *next; +}; + +struct bgpConfig +{ + int autonomousNo; + int logNeighborChanges; + int dampening; + int defaultPassive; + struct passiveStruct *passive; + struct bgpNeighbor *neighbor; + struct bgpConfig *next; +}; + +struct staticRoute +{ + char ipAddress[20]; + char netMask[16]; + char gateway[20]; + struct staticRoute *next; +}; + + +// Process Static Route +void processRoute(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + struct staticRoute *routePointer = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Static Route Line: %s\n", line); + } + + // If first? + if (nipper->ios->route == 0) + { + nipper->ios->route = malloc(sizeof(struct staticRoute)); + routePointer = nipper->ios->route; + } + else + { + routePointer = nipper->ios->route; + while (routePointer->next != 0) + routePointer = routePointer->next; + routePointer->next = malloc(sizeof(struct staticRoute)); + routePointer = routePointer->next; + } + + //init + command = splitLine(line); + memset(routePointer, 0, sizeof(struct staticRoute)); + + // IP Address + strncpy(routePointer->ipAddress, command.part[2], sizeof(routePointer->ipAddress) - 1); + + // Net Mask + strncpy(routePointer->netMask, command.part[3], sizeof(routePointer->netMask) - 1); + + // Gateway + strncpy(routePointer->gateway, command.part[4], sizeof(routePointer->gateway) - 1); +} + + +// Process Router +void processRouter(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + struct bgpNeighbor *neighborPointer = 0; + struct ospfNetworkConfig *ospfNetworkPointer = 0; + struct ospfAreaConfig *ospfAreaPointer = 0; + struct ospfNeighbor *ospfNeighborPointer = 0; + struct ospfConfig *ospfPointer = 0; + struct host *hostPointer = 0; + struct passiveStruct *passivePointer = 0; + struct eigrpConfig *eigrpPointer = 0; + struct eigrpNetwork *eigrpNetworkPointer = 0; + struct eigrpNeighbor *eigrpNeighborPointer = 0; + struct bgpConfig *bgpPointer = 0; + fpos_t filePosition; + char tempString[nipper->maxSize]; + int tempInt = 0; + int setting = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Router Line: %s\n", line); + } + + //init + command = splitLine(line); + + // What type of routing protocol was it? + // ISIS + if (strncmp(line+7, "isis", 4) == 0) + { + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + { + printf("ISIS Router Line: %s\n", line); + } + + // Get next + readLine(nipper->input, line, nipper->maxSize); + } + } + + // EIGRP + else if (strcmp(command.part[1], "eigrp") == 0) + { + // if struct doesn't exist + if (nipper->ios->eigrp == 0) + { + nipper->ios->eigrp = malloc(sizeof(struct eigrpConfig)); + eigrpPointer = nipper->ios->eigrp; + } + else + { + eigrpPointer = nipper->ios->eigrp; + while (eigrpPointer->next != 0) + eigrpPointer = eigrpPointer->next; + eigrpPointer->next = malloc(sizeof(struct eigrpConfig)); + eigrpPointer = eigrpPointer->next; + } + + // Init + memset(nipper->ios->eigrp, 0, sizeof(struct eigrpConfig)); + strcpy(eigrpPointer->routerId, "Automatic"); + eigrpPointer->maximumHops = 100; + eigrpPointer->stub = eigrp_stub_disabled; + eigrpPointer->autoSummary = false; + eigrpPointer->internalDistance = 90; + eigrpPointer->externalDistance = 170; + eigrpPointer->logNeighborChanges = true; + eigrpPointer->logNeighborWarnings = true; + eigrpPointer->defaultPassive = false; + + // Process ID + if (command.parts == 3) + eigrpPointer->process = atoi(command.part[2]); + + // Get Routing options... + readLine(nipper->input, line, nipper->maxSize); + while ((line[0] != '!') && (feof(nipper->input) == 0)) + { + // Debug... + if (nipper->debugMode == true) + printf("EIGRP Router Line: %s\n", line); + + // Init... + command = splitLine(line); + + // Setting + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 1; + } + else + { + setting = true; + tempInt = 0; + } + + // Auto Summary + if (strcmp(command.part[tempInt], "auto-summary") == 0) + eigrpPointer->autoSummary = setting; + + // Default Passive Interface + else if ((strcmp(command.part[0], "passive-interface") == 0) && (strcmp(command.part[1], "default") == 0)) + eigrpPointer->defaultPassive = true; + + // Passive + else if (strcmp(command.part[tempInt], "passive-interface") == 0) + { + tempInt++; + // If first passive interface... + if (eigrpPointer->passive == 0) + { + eigrpPointer->passive = malloc(sizeof(struct passiveStruct)); + memset(eigrpPointer->passive, 0, sizeof(struct passiveStruct)); + passivePointer = eigrpPointer->passive; + } + else + { + passivePointer = eigrpPointer->passive; + while (passivePointer->next != 0) + passivePointer = passivePointer->next; + passivePointer->next = malloc(sizeof(struct passiveStruct)); + memset(passivePointer->next, 0, sizeof(struct passiveStruct)); + passivePointer = passivePointer->next; + } + passivePointer->passive = setting; + if (tempInt + 1 == command.parts) + strncpy(passivePointer->interface, command.part[tempInt], sizeof(passivePointer->interface) - 1); + else + { + sprintf(tempString, "%s%s", command.part[tempInt], command.part[tempInt+1]); + strncpy(passivePointer->interface, tempString, sizeof(passivePointer->interface) - 1); + } + } + + // Administrative Distances + else if ((strcmp(command.part[tempInt], "distance") == 0) && (strcmp(command.part[tempInt+1], "eigrp") == 0)) + { + if (setting == false) + { + eigrpPointer->internalDistance = atoi(command.part[tempInt+2]); + eigrpPointer->externalDistance = atoi(command.part[tempInt+3]); + } + else + { + eigrpPointer->internalDistance = 90; + eigrpPointer->externalDistance = 170; + } + } + + // Log Neighbor Changes + else if ((strcmp(command.part[tempInt], "eigrp") == 0) && (strcmp(command.part[tempInt+1], "log-neighbor-changes") == 0)) + eigrpPointer->logNeighborChanges = setting; + + // Log Neighbor Warnings + else if ((strcmp(command.part[tempInt], "eigrp") == 0) && (strcmp(command.part[tempInt+1], "log-neighbor-warnings") == 0)) + eigrpPointer->logNeighborWarnings = setting; + + // Router ID + else if ((strcmp(command.part[tempInt], "eigrp") == 0) && (strcmp(command.part[tempInt+1], "router-id") == 0)) + strncpy(eigrpPointer->routerId, command.part[tempInt+2], sizeof(eigrpPointer->routerId) - 1); + + // Stub + else if ((strcmp(command.part[tempInt], "eigrp") == 0) && (strcmp(command.part[tempInt+1], "router-id") == 0)) + { + if (setting == false) + eigrpPointer->stub = eigrp_stub_disabled; + else + { + eigrpPointer->stub = eigrp_stub_enabled; + if (command.parts > 2) + { + if (strcmp(command.part[tempInt+2], "receive-only") == 0) + eigrpPointer->stub = eigrp_stub_receive; + else if (strcmp(command.part[tempInt+2], "connected") == 0) + eigrpPointer->stub = eigrp_stub_connected; + else if (strcmp(command.part[tempInt+2], "static") == 0) + eigrpPointer->stub = eigrp_stub_static; + else if (strcmp(command.part[tempInt+2], "summary") == 0) + eigrpPointer->stub = eigrp_stub_summary; + else if (strcmp(command.part[tempInt+2], "redistribted") == 0) + eigrpPointer->stub = eigrp_stub_redist; + } + } + } + + // Maximum Hops + else if ((strcmp(command.part[tempInt], "metric") == 0) && (strcmp(command.part[tempInt+1], "maximum-hops") == 0)) + { + if (setting == false) + eigrpPointer->maximumHops = 100; + else + eigrpPointer->maximumHops = atoi(command.part[tempInt+2]); + } + + // Neighbor + else if (strcmp(command.part[tempInt], "neighbor") == 0) + { + tempInt++; + + // Create struct + if (eigrpPointer->neighbor == 0) + { + eigrpPointer->neighbor = malloc(sizeof(struct eigrpNeighbor)); + eigrpNeighborPointer = eigrpPointer->neighbor; + } + else + { + eigrpNeighborPointer = eigrpPointer->neighbor; + while (eigrpNeighborPointer->next != 0) + eigrpNeighborPointer = eigrpNeighborPointer->next; + eigrpNeighborPointer->next = malloc(sizeof(struct eigrpNeighbor)); + eigrpNeighborPointer = eigrpNeighborPointer->next; + } + + // Init + memset(eigrpNeighborPointer, 0, sizeof(struct eigrpNeighbor)); + + // IP Address + strncpy(eigrpNeighborPointer->ipAddress, command.part[tempInt], sizeof(eigrpNeighborPointer->ipAddress) - 1); + tempInt++; + + // Interface + if (command.parts == tempInt + 1) + strncpy(eigrpNeighborPointer->interface, command.part[tempInt], sizeof(eigrpNeighborPointer->interface) - 1); + else if (command.parts == tempInt + 2) + { + sprintf(tempString, "%s%s", command.part[tempInt], command.part[tempInt+1]); + strncpy(eigrpNeighborPointer->interface, tempString, sizeof(eigrpNeighborPointer->interface) - 1); + } + } + + // Network + else if (strcmp(command.part[tempInt], "network") == 0) + { + tempInt++; + + // Create struct + if (eigrpPointer->network == 0) + { + eigrpPointer->network = malloc(sizeof(struct eigrpNetwork)); + eigrpNetworkPointer = eigrpPointer->network; + } + else + { + eigrpNetworkPointer = eigrpPointer->network; + while (eigrpNetworkPointer->next != 0) + eigrpNetworkPointer = eigrpNetworkPointer->next; + eigrpNetworkPointer->next = malloc(sizeof(struct eigrpNetwork)); + eigrpNetworkPointer = eigrpNetworkPointer->next; + } + + // Init + memset(eigrpNetworkPointer, 0, sizeof(struct eigrpNetwork)); + + // IP Address + strncpy(eigrpNetworkPointer->ipAddress, command.part[tempInt], sizeof(eigrpNetworkPointer->ipAddress) - 1); + tempInt++; + + // Netmask + if (tempInt < command.parts) + strncpy(eigrpNetworkPointer->netMask, command.part[tempInt], sizeof(eigrpNetworkPointer->netMask) - 1); + } + + // Get next line... + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + + // Set to previous position... + fsetpos(nipper->input, &filePosition); + } + + // BGP + else if (strncmp(line+7, "bgp", 3) == 0) + { + // If struct doesn't exist + if (nipper->ios->bgp == 0) + { + nipper->ios->bgp = malloc(sizeof(struct bgpConfig)); + memset(nipper->ios->bgp, 0, sizeof(struct bgpConfig)); + bgpPointer = nipper->ios->bgp; + } + else + { + bgpPointer = nipper->ios->bgp; + while (bgpPointer->next != 0) + bgpPointer = bgpPointer->next; + bgpPointer->next = malloc(sizeof(struct bgpConfig)); + memset(bgpPointer->next, 0, sizeof(struct bgpConfig)); + bgpPointer = bgpPointer->next; + } + + // Init + bgpPointer->autonomousNo = atoi(command.part[2]); + bgpPointer->logNeighborChanges = false; + bgpPointer->dampening = false; + bgpPointer->defaultPassive = false; + + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + printf("BGP Router Line: %s\n", line); + + // Init + command = splitLine(line); + + // Setting + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 1; + } + else + { + setting = true; + tempInt = 0; + } + + if (strcmp(command.part[0], "neighbor") == 0) + { + // If this is the first neighbor + if (bgpPointer->neighbor == 0) + { + neighborPointer = malloc(sizeof(struct bgpNeighbor)); + memset(neighborPointer, 0, sizeof(struct bgpNeighbor)); + + // Init + bgpPointer->neighbor = neighborPointer; + strncpy(neighborPointer->host, command.part[1], sizeof(neighborPointer->host)); + neighborPointer->encryption = encrypt_none; + neighborPointer->autonomousNo = -1; + neighborPointer->ttlHops = -1; + neighborPointer->weak = false; + neighborPointer->dictionary = false; + } + + // neighbors already exist + else + { + // Search + neighborPointer = bgpPointer->neighbor; + while ((neighborPointer->next != 0) && (strcmp(command.part[1], neighborPointer->host) != 0)) + neighborPointer = neighborPointer->next; + + // If not found + if (strcmp(command.part[1], neighborPointer->host) != 0) + { + neighborPointer->next = malloc(sizeof(struct bgpNeighbor)); + memset(neighborPointer->next, 0, sizeof(struct bgpNeighbor)); + + // Sort out pointers + neighborPointer = neighborPointer->next; + + // Init + strncpy(neighborPointer->host, command.part[1], sizeof(neighborPointer->host)); + neighborPointer->encryption = encrypt_none; + neighborPointer->autonomousNo = -1; + neighborPointer->ttlHops = -1; + neighborPointer->weak = false; + neighborPointer->dictionary = false; + } + } + + if (command.parts > 2) + { + // Description? + if (strncmp(command.part[2], "description", 11) == 0) + { + int loop; + strncpy(neighborPointer->description, command.part[3], sizeof(neighborPointer->description)); + tempString[0] = 0; + for (loop = 4; loop < command.parts; loop++) + { + sprintf(tempString, "%s %s", neighborPointer->description, command.part[loop]); + strncpy(neighborPointer->description, tempString, sizeof(neighborPointer->description)); + } + } + + // Password? + else if (strncmp(command.part[2], "password", 8) == 0) + { + switch(command.part[3][0]) + { + case '7': + neighborPointer->encryption = encrypt_type7; + if (password7(command.part[4], neighborPointer->password, sizeof(neighborPointer->password), nipper->debugMode) != 0) + strcpy(neighborPointer->password, ""); + strncpy(neighborPointer->passwordEncrypted, command.part[4], sizeof(neighborPointer->passwordEncrypted)); + break; + case '5': + neighborPointer->encryption = encrypt_md5; + strcpy(neighborPointer->password, ""); + strncpy(neighborPointer->passwordEncrypted, command.part[4], sizeof(neighborPointer->passwordEncrypted)); + addJohnPassword(nipper, "bgp", neighborPointer->passwordEncrypted); + break; + case '0': + neighborPointer->encryption = encrypt_none; + strncpy(neighborPointer->password, command.part[4], sizeof(neighborPointer->password)); + strcpy(neighborPointer->passwordEncrypted, ""); + break; + default: + if (command.parts == 3) + { + neighborPointer->encryption = encrypt_none; + strncpy(neighborPointer->password, command.part[3], sizeof(neighborPointer->password)); + strcpy(neighborPointer->passwordEncrypted, ""); + } + else + { + neighborPointer->encryption = encrypt_unknown; + strcpy(neighborPointer->password, ""); + strncpy(neighborPointer->passwordEncrypted, command.part[command.parts - 1], sizeof(neighborPointer->passwordEncrypted)); + } + break; + } + if ((strcmp(neighborPointer->password, "") != 0) && (strlen(neighborPointer->password) != 0)) + { + if (simplePassword(neighborPointer->password, nipper) == true) + { + nipper->simplePasswords++; + neighborPointer->dictionary = true; + } + if (passwordStrength(neighborPointer->password, nipper) == false) + { + nipper->passwordStrengths++; + neighborPointer->weak = true; + } + } + } + + // Autonomous No? + else if (strncmp(command.part[2], "remote-as", 9) == 0) + neighborPointer->autonomousNo = atoi(command.part[3]); + + // TTL Hops? + else if ((strncmp(command.part[2], "ttl-security", 12) == 0) && (strncmp(command.part[3], "hops", 4) == 0)) + neighborPointer->ttlHops = atoi(command.part[4]); + } + } + + // Default Passive Interface + else if ((strcmp(command.part[0], "passive-interface") == 0) && (strcmp(command.part[1], "default") == 0)) + bgpPointer->defaultPassive = true; + + // Passive + else if (strcmp(command.part[tempInt], "passive-interface") == 0) + { + tempInt++; + // If first passive interface... + if (bgpPointer->passive == 0) + { + bgpPointer->passive = malloc(sizeof(struct passiveStruct)); + memset(bgpPointer->passive, 0, sizeof(struct passiveStruct)); + passivePointer = bgpPointer->passive; + } + else + { + passivePointer = bgpPointer->passive; + while (passivePointer->next != 0) + passivePointer = passivePointer->next; + passivePointer->next = malloc(sizeof(struct passiveStruct)); + memset(passivePointer->next, 0, sizeof(struct passiveStruct)); + passivePointer = passivePointer->next; + } + passivePointer->passive = setting; + if (tempInt + 1 == command.parts) + strncpy(passivePointer->interface, command.part[tempInt], sizeof(passivePointer->interface) - 1); + else + { + sprintf(tempString, "%s%s", command.part[tempInt], command.part[tempInt+1]); + strncpy(passivePointer->interface, tempString, sizeof(passivePointer->interface) - 1); + } + } + + else if ((strcmp(command.part[0], "bgp") == 0) && (strcmp(command.part[1], "log-neighbor-changes") == 0)) + bgpPointer->logNeighborChanges = true; + + else if ((strcmp(command.part[0], "bgp") == 0) && (strcmp(command.part[1], "dampening") == 0)) + bgpPointer->dampening = true; + + // Get next + readLine(nipper->input, line, nipper->maxSize); + } + } + + // RIP + else if (strcmp(command.part[1], "rip") == 0) + { + + // If rip config doesn't exist... + if (nipper->ios->rip == 0) + { + // Create... + nipper->ios->rip = malloc(sizeof(struct ripConfig)); + + // Init... + memset(nipper->ios->rip, 0, sizeof(struct ripConfig)); + nipper->ios->rip->version = rip_version_default; + nipper->ios->rip->autoSummary = true; + nipper->ios->rip->defaultRoute = false; + nipper->ios->rip->defaultMetric = -1; + nipper->ios->rip->inputQueue = 50; + nipper->ios->rip->defaultPassive = false; + } + + // Get Routing options... + readLine(nipper->input, line, nipper->maxSize); + while ((line[0] != '!') && (feof(nipper->input) == 0)) + { + // Debug... + if (nipper->debugMode == true) + printf("RIP Router Line: %s\n", line); + + // Init... + command = splitLine(line); + + // Setting + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 1; + } + else + { + setting = true; + tempInt = 0; + } + + // Auto Summary + if (strcmp(command.part[tempInt], "auto-summary") == 0) + nipper->ios->rip->autoSummary = setting; + + // Default Passive Interface + else if ((strcmp(command.part[0], "passive-interface") == 0) && (strcmp(command.part[1], "default") == 0)) + nipper->ios->rip->defaultPassive = true; + + // Passive + else if (strcmp(command.part[tempInt], "passive-interface") == 0) + { + tempInt++; + // If first passive interface... + if (nipper->ios->rip->passive == 0) + { + nipper->ios->rip->passive = malloc(sizeof(struct passiveStruct)); + memset(nipper->ios->rip->passive, 0, sizeof(struct passiveStruct)); + passivePointer = nipper->ios->rip->passive; + } + else + { + passivePointer = nipper->ios->rip->passive; + while (passivePointer->next != 0) + passivePointer = passivePointer->next; + passivePointer->next = malloc(sizeof(struct passiveStruct)); + memset(passivePointer->next, 0, sizeof(struct passiveStruct)); + passivePointer = passivePointer->next; + } + passivePointer->passive = setting; + if (tempInt + 1 == command.parts) + strncpy(passivePointer->interface, command.part[tempInt], sizeof(passivePointer->interface) - 1); + else + { + sprintf(tempString, "%s%s", command.part[tempInt], command.part[tempInt+1]); + strncpy(passivePointer->interface, tempString, sizeof(passivePointer->interface) - 1); + } + } + + // Default Information Originate + else if ((strcmp(command.part[0], "default-information") == 0) && (strcmp(command.part[1], "originate") == 0)) + { + nipper->ios->rip->defaultRoute = true; + if (command.parts > 2) + { + if (strcmp(command.part[2], "route-map") == 0) + strncpy(nipper->ios->rip->defaultRouteMap, command.part[2], sizeof(nipper->ios->rip->defaultRouteMap) - 1); + } + } + + // Default Metric... + else if (strcmp(command.part[tempInt], "default-metric") == 0) + { + if (setting == false) + nipper->ios->rip->defaultMetric = -1; + else + nipper->ios->rip->defaultMetric = atoi(command.part[tempInt+1]); + } + + // Input Queue... + else if (strcmp(command.part[tempInt], "input-queue") == 0) + { + if (setting == false) + nipper->ios->rip->inputQueue = -1; + else + nipper->ios->rip->inputQueue = atoi(command.part[tempInt+1]); + } + + // Output Delay... + else if (strcmp(command.part[tempInt], "output-delay") == 0) + { + if (setting == false) + nipper->ios->rip->outputDelay = 0; + else + nipper->ios->rip->outputDelay = atoi(command.part[tempInt+1]); + } + + // Validate Update Source + else if (strcmp(command.part[tempInt], "validate-update-source") == 0) + nipper->ios->rip->validateUpdateSource = setting; + + // Version + else if (strcmp(command.part[tempInt], "version") == 0) + { + if (setting == false) + nipper->ios->rip->version = rip_version_default; + else if (strcmp(command.part[tempInt + 1], "1") == 0) + nipper->ios->rip->version = rip_version1; + else + nipper->ios->rip->version = rip_version2; + } + + // Neighbor + else if (strcmp(command.part[tempInt], "neighbor") == 0) + { + tempInt++; + if (nipper->ios->rip->neighbor == 0) + { + nipper->ios->rip->neighbor = malloc(sizeof(struct host)); + memset(nipper->ios->rip->neighbor, 0, sizeof(struct host)); + hostPointer = nipper->ios->rip->neighbor; + } + else + { + hostPointer = nipper->ios->rip->neighbor; + while (hostPointer->next != 0) + hostPointer = hostPointer->next; + hostPointer->next = malloc(sizeof(struct host)); + memset(hostPointer->next, 0, sizeof(struct host)); + hostPointer = hostPointer->next; + } + strncpy(hostPointer->server, command.part[tempInt], sizeof(hostPointer->server) - 1); + } + + // Network + else if (strcmp(command.part[tempInt], "network") == 0) + { + tempInt++; + if (nipper->ios->rip->network == 0) + { + nipper->ios->rip->network = malloc(sizeof(struct host)); + memset(nipper->ios->rip->network, 0, sizeof(struct host)); + hostPointer = nipper->ios->rip->network; + } + else + { + hostPointer = nipper->ios->rip->network; + while (hostPointer->next != 0) + hostPointer = hostPointer->next; + hostPointer->next = malloc(sizeof(struct host)); + memset(hostPointer->next, 0, sizeof(struct host)); + hostPointer = hostPointer->next; + } + strncpy(hostPointer->server, command.part[tempInt], sizeof(hostPointer->server) - 1); + } + + // Get next line... + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + + // Set to previous position... + fsetpos(nipper->input, &filePosition); + } + + // OSPF + else if (strcmp(command.part[1], "ospf") == 0) + { + // Is first OSPF struct? + if (nipper->ios->ospf == 0) + { + nipper->ios->ospf = malloc(sizeof(struct ospfConfig)); + ospfPointer = nipper->ios->ospf; + } + else + { + ospfPointer = nipper->ios->ospf; + while (ospfPointer->next != 0) + ospfPointer = ospfPointer->next; + ospfPointer->next = malloc(sizeof(struct ospfConfig)); + ospfPointer = ospfPointer->next; + } + + // Init... + memset(ospfPointer, 0, sizeof(struct ospfConfig)); + ospfPointer->defaultPassive = false; + ospfPointer->processID = atoi(command.part[2]); + + // Get Configuration... + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + { + printf("OSPF Router Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Setting + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 1; + } + else + { + setting = true; + tempInt = 0; + } + + // Area + if (strncmp(command.part[0], "area", 4) == 0) + { + // No area config exists... + if (ospfPointer->ospfArea == 0) + { + ospfPointer->ospfArea = malloc(sizeof(struct ospfAreaConfig)); + ospfAreaPointer = ospfPointer->ospfArea; + + // Init + memset(ospfAreaPointer, 0, sizeof(struct ospfAreaConfig)); + strncpy(ospfAreaPointer->areaID, command.part[1], sizeof(ospfAreaPointer->areaID)); + ospfAreaPointer->areaAuth = auth_none; + ospfAreaPointer->defaultCost = 1; + } + else + { + // Search for the area... + ospfAreaPointer = ospfPointer->ospfArea; + while ((ospfAreaPointer->next != 0) && (strcmp(command.part[1], ospfAreaPointer->areaID) != 0)) + ospfAreaPointer = ospfAreaPointer->next; + + // If area doesn't exists, create... + if (strcmp(command.part[1], ospfAreaPointer->areaID) != 0) + { + ospfAreaPointer->next = malloc(sizeof(struct ospfAreaConfig)); + ospfAreaPointer = ospfAreaPointer->next; + + // Init + memset(ospfAreaPointer, 0, sizeof(struct ospfAreaConfig)); + strncpy(ospfAreaPointer->areaID, command.part[1], sizeof(ospfAreaPointer->areaID)); + ospfAreaPointer->areaAuth = auth_none; + ospfAreaPointer->defaultCost = 1; + } + } + + // Is authentication? + if (strcmp(command.part[2], "authentication") == 0) + { + ospfAreaPointer->areaAuth = auth_clear; + + // Is message digest used? + if (command.parts > 3) + { + if (strcmp(command.part[3], "message-digest") == 0) + ospfAreaPointer->areaAuth = auth_md5; + } + } + + // Is default cost? + else if (strcmp(command.part[2], "default-cost") == 0) + ospfAreaPointer->defaultCost = atoi(command.part[3]); + } + + // Network + else if (strncmp(command.part[0], "network", 7) == 0) + { + // Reserve memory + if (ospfPointer->ospfNetwork == 0) + { + ospfPointer->ospfNetwork = malloc(sizeof(struct ospfNetworkConfig)); + ospfNetworkPointer = ospfPointer->ospfNetwork; + } + else + { + ospfNetworkPointer = ospfPointer->ospfNetwork; + while (ospfNetworkPointer->next != 0) + ospfNetworkPointer = ospfNetworkPointer->next; + ospfNetworkPointer->next = malloc(sizeof(struct ospfNetworkConfig)); + ospfNetworkPointer = ospfNetworkPointer->next; + } + + // Init + memset(ospfNetworkPointer, 0, sizeof(struct ospfNetworkConfig)); + ospfNetworkPointer->next = 0; + strncpy(ospfNetworkPointer->network, command.part[1], sizeof(ospfNetworkPointer->network)); + strncpy(ospfNetworkPointer->networkMask, command.part[2], sizeof(ospfNetworkPointer->networkMask)); + strncpy(ospfNetworkPointer->areaID, command.part[4], sizeof(ospfNetworkPointer->areaID)); + } + + // Neighbor + else if (strncmp(command.part[0], "neighbor", 8) == 0) + { + // Reserve memory + if (ospfPointer->neighbor == 0) + { + ospfPointer->neighbor = malloc(sizeof(struct ospfNeighbor)); + ospfNeighborPointer = ospfPointer->neighbor; + } + else + { + ospfNeighborPointer = ospfPointer->neighbor; + while (ospfNeighborPointer->next != 0) + ospfNeighborPointer = ospfNeighborPointer->next; + ospfNeighborPointer->next = malloc(sizeof(struct ospfNeighbor)); + ospfNeighborPointer = ospfNeighborPointer->next; + } + + // Init + memset(ospfNeighborPointer, 0, sizeof(struct ospfNeighbor)); + ospfNeighborPointer->next = 0; + strncpy(ospfNeighborPointer->host, command.part[1], sizeof(ospfNeighborPointer->host)); + ospfNeighborPointer->priority = 0; + ospfNeighborPointer->pollInterval = 120; + ospfNeighborPointer->costNumber = 0; + ospfNeighborPointer->databaseFilter = false; + + for (tempInt = 2; tempInt < command.parts; tempInt = tempInt + 2) + { + if (strncmp(command.part[tempInt], "cost", 4) == 0) + ospfNeighborPointer->costNumber = atoi(command.part[tempInt + 1]); + + else if (strncmp(command.part[tempInt], "priority", 8) == 0) + ospfNeighborPointer->priority = atoi(command.part[tempInt + 1]); + + else if (strncmp(command.part[tempInt], "poll-interval", 13) == 0) + ospfNeighborPointer->pollInterval = atoi(command.part[tempInt + 1]); + + else if ((strncmp(command.part[tempInt], "database-filter", 15) == 0) && (strncmp(command.part[tempInt + 1], "all", 3) == 0)) + ospfNeighborPointer->databaseFilter = true; + } + } + + // Default Passive Interface + else if ((strcmp(command.part[0], "passive-interface") == 0) && (strcmp(command.part[1], "default") == 0)) + ospfPointer->defaultPassive = true; + + // Passive + else if (strcmp(command.part[tempInt], "passive-interface") == 0) + { + tempInt++; + // If first passive interface... + if (ospfPointer->passive == 0) + { + ospfPointer->passive = malloc(sizeof(struct passiveStruct)); + memset(ospfPointer->passive, 0, sizeof(struct passiveStruct)); + passivePointer = ospfPointer->passive; + } + else + { + passivePointer = ospfPointer->passive; + while (passivePointer->next != 0) + passivePointer = passivePointer->next; + passivePointer->next = malloc(sizeof(struct passiveStruct)); + memset(passivePointer->next, 0, sizeof(struct passiveStruct)); + passivePointer = passivePointer->next; + } + passivePointer->passive = setting; + if (tempInt + 1 == command.parts) + strncpy(passivePointer->interface, command.part[tempInt], sizeof(passivePointer->interface) - 1); + else + { + sprintf(tempString, "%s%s", command.part[tempInt], command.part[tempInt+1]); + strncpy(passivePointer->interface, tempString, sizeof(passivePointer->interface) - 1); + } + } + + // Get next line... + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + + // Set to previous position... + fsetpos(nipper->input, &filePosition); + } +} + + diff --git a/0.11.10/IOS/process-snmp.c b/0.11.10/IOS/process-snmp.c new file mode 100644 index 0000000..3dca2ce --- /dev/null +++ b/0.11.10/IOS/process-snmp.c @@ -0,0 +1,715 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// SNMP Community +struct snmpCommunity +{ + char community[64]; + int weak; + int dictionary; + int readonly; // true (default) or false + int enabled; // true (default) or false + char accessList[65]; + char viewName[65]; + struct snmpCommunity *next; +}; + +// SNMP View Item +struct snmpViewItem +{ + char mibId[128]; + int include; // true or false + struct snmpViewItem *next; +}; + +// SNMP View +struct snmpView +{ + char viewName[65]; + struct snmpViewItem *viewItem; + struct snmpView *next; +}; + +#define snmp3_none 0 +#define snmp3_des 1 +#define snmp3_3des 2 +#define snmp3_aes128 3 +#define snmp3_aes192 4 +#define snmp3_aes256 5 +#define snmp3_md5 6 +#define snmp3_sha 7 +#define snmp3_des56 8 + +// SNMP User +struct snmpUser +{ + char groupName[65]; + char userName[65]; + int version; + int encryption; // true of false + int snmp3auth; // snmp3_none, snmp3_md5 or snmp3_sha + char authPass[128]; + int snmp3priv; // snmp3_none, snmp3_des, snmp3_3des, snmp3_aes123(192 or 256) + char privPass[128]; + char acl[65]; + int group; + struct snmpUser *next; +}; + +// SNMP Group +struct snmpGroup +{ + char groupName[65]; + int version; // snmp1, snmp2c... + char readView[65]; + char writeView[65]; + char notifyView[65]; + char context[65]; + char acl[65]; + struct snmpGroup *next; +}; + + +// SNMP Host +struct snmpHost +{ + char host[32]; + char community[64]; + int version; // snmp1, snmp2c... + int weak; + int dictionary; + struct snmpHost *next; +}; + +// SNMP +struct snmpConfig +{ + int enabled; // true or false + char tftpServerList[32]; + char contact[64]; + char location[64]; + int trapTimeout; + char trapSource[32]; + struct snmpCommunity *community; + struct snmpGroup *group; + struct snmpUser *user; + struct snmpView *view; + struct snmpTrap *trap; + struct snmpHost *host; +}; + + +// Process SNMP +void processSnmp(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct snmpCommunity *communityPointer = 0; + struct snmpViewItem *snmpViewItemPointer = 0; + struct snmpView *snmpViewPointer = 0; + struct snmpGroup *snmpGroupPointer = 0; + struct snmpUser *snmpUserPointer = 0; + struct snmpTrap *snmpTrapPointer = 0; + struct snmpHost *snmpHostPointer = 0; + struct ciscoCommand command; + char tempString[nipper->maxSize]; + int tempInt = 0; + int setting = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("SNMP Line: %s\n", line); + } + + // Init + command = splitLine(line); + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 2; + } + else + { + setting = true; + tempInt = 1; + } + + // Check to see if SNMP already exists + if (nipper->ios->snmp == 0) + { + nipper->ios->snmp = malloc(sizeof(struct snmpConfig)); + memset(nipper->ios->snmp, 0, sizeof(struct snmpConfig)); + + // Init + nipper->ios->snmp->enabled = true; + nipper->ios->snmp->trapTimeout = 30; + } + + // Is SNMP disabled / enabled? + if (command.parts == tempInt) + nipper->ios->snmp->enabled = setting; + + // snmp contact info? + else if (strcmp(command.part[tempInt], "contact") == 0) + strncpy(nipper->ios->snmp->contact, line + 20, sizeof(nipper->ios->snmp->contact)); + + // snmp location info? + else if (strcmp(command.part[tempInt], "location") == 0) + strncpy(nipper->ios->snmp->location, line + 21, sizeof(nipper->ios->snmp->location)); + + // Trap Timeout + else if (strcmp(command.part[tempInt], "trap-timeout") == 0) + nipper->ios->snmp->trapTimeout = atoi(command.part[tempInt+1]); + + // Trap Interface + else if (strcmp(command.part[tempInt], "trap-source") == 0) + strncpy(nipper->ios->snmp->trapSource, command.part[tempInt+1], sizeof(nipper->ios->snmp->trapSource) - 1); + + // tftp server access list? + else if (strcmp(command.part[tempInt], "tftp-server-list") == 0) + strncpy(nipper->ios->snmp->tftpServerList, command.part[tempInt+1], sizeof(nipper->ios->snmp->tftpServerList) - 1); + + // snmp view? + else if (strcmp(command.part[tempInt], "view") == 0) + { + tempInt++; + + // Is this the first view? + if (nipper->ios->snmp->view == 0) + { + // create structure... + nipper->ios->snmp->view = malloc(sizeof(struct snmpView)); + memset(nipper->ios->snmp->view, 0, sizeof(struct snmpView)); + snmpViewPointer = nipper->ios->snmp->view; + + // init + snmpViewPointer->viewItem = 0; + strncpy(snmpViewPointer->viewName, command.part[tempInt], sizeof(snmpViewPointer->viewName) - 1); + } + + else + { + // Search for existing view name + snmpViewPointer = nipper->ios->snmp->view; + while ((snmpViewPointer->next != 0) && (strcmp(snmpViewPointer->viewName, command.part[tempInt]) != 0)) + snmpViewPointer = snmpViewPointer->next; + + // Do we need to create a new view? + if (strcmp(snmpViewPointer->viewName, command.part[tempInt]) != 0) + { + // create structure... + snmpViewPointer->next = malloc(sizeof(struct snmpView)); + memset(snmpViewPointer->next, 0, sizeof(struct snmpView)); + + // Sort out pointers + snmpViewPointer = snmpViewPointer->next; + + // init + snmpViewPointer->viewItem = 0; + strncpy(snmpViewPointer->viewName, command.part[tempInt], sizeof(snmpViewPointer->viewName) - 1); + } + } + tempInt++; + + // Is it the first view item? + if (snmpViewPointer->viewItem == 0) + { + snmpViewPointer->viewItem = malloc(sizeof(struct snmpViewItem)); + memset(snmpViewPointer->viewItem, 0, sizeof(struct snmpViewItem)); + snmpViewItemPointer = snmpViewPointer->viewItem; + } + else + { + // Find last view item + snmpViewItemPointer = snmpViewPointer->viewItem; + while (snmpViewItemPointer->next != 0) + snmpViewItemPointer = snmpViewItemPointer->next; + + // create view item structure & sort pointers + snmpViewItemPointer->next = malloc(sizeof(struct snmpViewItem)); + memset(snmpViewItemPointer->next, 0, sizeof(struct snmpViewItem)); + snmpViewItemPointer = snmpViewItemPointer->next; + } + + // Set view item + strncpy(snmpViewItemPointer->mibId, command.part[tempInt], sizeof(snmpViewItemPointer->mibId) - 1); + tempInt++; + + // Include? + if ((strcmp(command.part[tempInt], "include") == 0) || (strcmp(command.part[tempInt], "included") == 0)) + snmpViewItemPointer->include = true; + else + snmpViewItemPointer->include = false; + } + + // snmp community? + else if (strcmp(command.part[tempInt], "community") == 0) + { + tempInt++; + + // If first community... + if (nipper->ios->snmp->community == 0) + { + // Reserve memory... + nipper->ios->snmp->community = malloc(sizeof(struct snmpCommunity)); + communityPointer = nipper->ios->snmp->community; + } + else + { + // Find last... + communityPointer = nipper->ios->snmp->community; + while (communityPointer->next != 0) + communityPointer = communityPointer->next; + + // Reserve memory... + communityPointer->next = malloc(sizeof(struct snmpCommunity)); + communityPointer = communityPointer->next; + } + + // Init community struct... + memset(communityPointer, 0, sizeof(struct snmpCommunity)); + communityPointer->readonly = true; + communityPointer->enabled = setting; + communityPointer->weak = false; + communityPointer->dictionary = false; + + // Set community string... + strncpy(communityPointer->community, command.part[tempInt], sizeof(communityPointer->community) - 1); + tempInt++; + + // Check strength / dictionary... + if (simplePassword(communityPointer->community, nipper) == true) + { + nipper->simplePasswords++; + communityPointer->dictionary = true; + } + if (passwordStrength(communityPointer->community, nipper) == false) + { + nipper->passwordStrengths++; + communityPointer->weak = true; + } + + // Get options... + while (tempInt < command.parts) + { + + // If view exists, get it... + if (strcmp(command.part[tempInt], "view") == 0) + { + tempInt++; + // Get view name... + strncpy(communityPointer->viewName, command.part[tempInt], sizeof(communityPointer->viewName) - 1); + } + + // RO + else if (strcasecmp(command.part[tempInt], "ro") == 0) + communityPointer->readonly = true; + + // RW + else if (strcasecmp(command.part[tempInt], "rw") == 0) + communityPointer->readonly = false; + + // IPV6 + else if (strcmp(command.part[tempInt], "ipv6") == 0) + tempInt++; + + // ACL + else + strncpy(communityPointer->accessList, command.part[tempInt], sizeof(communityPointer->accessList) - 1); + + // Increment part pointer... + tempInt++; + } + } + + // snmp trap? + else if ((strcmp(command.part[tempInt], "enable") == 0) && (strcmp(command.part[tempInt+1], "traps") == 0)) + { + tempInt += 2; + + // Is the first trap + if (nipper->ios->snmp->trap == 0) + { + // Create... + nipper->ios->snmp->trap = malloc(sizeof(struct snmpTrap)); + snmpTrapPointer = nipper->ios->snmp->trap; + } + else + { + // Find last trap + snmpTrapPointer = nipper->ios->snmp->trap; + while (snmpTrapPointer->next != 0) + snmpTrapPointer = snmpTrapPointer->next; + + // Create... + snmpTrapPointer->next = malloc(sizeof(struct snmpTrap)); + snmpTrapPointer = snmpTrapPointer->next; + } + + // Init... + memset(snmpTrapPointer, 0, sizeof(struct snmpTrap)); + + // Get traps... + sprintf(tempString, "%s", command.part[tempInt]); + tempInt++; + while (tempInt < command.parts) + { + if (strcmp(command.part[tempInt], "vrrp") != 0) + sprintf(tempString, "%s %s", tempString, command.part[tempInt]); + tempInt++; + } + strncpy(snmpTrapPointer->trap, tempString, sizeof(snmpTrapPointer->trap) - 1); + snmpTrapPointer->enabled = setting; + } + + // snmp host? + else if (strcmp(command.part[tempInt], "host") == 0) + { + tempInt++; + + // First host... + if (nipper->ios->snmp->host == 0) + { + // Create... + nipper->ios->snmp->host = malloc(sizeof(struct snmpHost)); + snmpHostPointer = nipper->ios->snmp->host; + } + else + { + // Find last host... + snmpHostPointer = nipper->ios->snmp->host; + while (snmpHostPointer->next != 0) + snmpHostPointer = snmpHostPointer->next; + + // Create... + snmpHostPointer->next = malloc(sizeof(struct snmpHost)); + snmpHostPointer = snmpHostPointer->next; + } + + // Init... + memset(snmpHostPointer, 0, sizeof(struct snmpHost)); + snmpHostPointer->version = snmp1; + snmpHostPointer->dictionary = false; + snmpHostPointer->weak = false; + + // Host / IP + strncpy(snmpHostPointer->host, command.part[tempInt], sizeof(snmpHostPointer->host) - 1); + tempInt++; + + // Get remaining options and community string + setting = false; + while ((tempInt < command.parts) && (setting == false)) + { + + // VRF... + if (strcmp(command.part[tempInt], "vrf") == 0) + tempInt++; + + // TRAPS / INFORMS... + else if ((strcmp(command.part[tempInt], "traps") == 0) || (strcmp(command.part[tempInt], "informs") == 0)) + { } + + // SNMP version... + else if (strcmp(command.part[tempInt], "version") == 0) + { + tempInt++; + + // Version 1 + if (strcmp(command.part[tempInt], "1") == 0) + snmpHostPointer->version = snmp1; + + // Version 2c + else if (strcmp(command.part[tempInt], "2c") == 0) + snmpHostPointer->version = snmp2c; + + // Version 3 + else if (strcmp(command.part[tempInt], "3") == 0) + { + snmpHostPointer->version = snmp3_no_auth; + + // SNMP auth option + if (strcmp(command.part[tempInt+1], "auth") == 0) + { + snmpHostPointer->version = snmp3_auth; + tempInt++; + } + else if (strcmp(command.part[tempInt+1], "noauth") == 0) + { + snmpHostPointer->version = snmp3_no_auth; + tempInt++; + } + else if (strcmp(command.part[tempInt+1], "priv") == 0) + { + snmpHostPointer->version = snmp3_priv; + tempInt++; + } + } + } + + else + { + setting = true; + strncpy(snmpHostPointer->community, command.part[tempInt], sizeof(snmpHostPointer->host) - 1); + } + + // Increment part pointer + tempInt++; + } + + // Check strength / dictionary + if (simplePassword(snmpHostPointer->community, nipper) == true) + { + nipper->simplePasswords++; + snmpHostPointer->dictionary = true; + } + if (passwordStrength(snmpHostPointer->community, nipper) == false) + { + nipper->passwordStrengths++; + snmpHostPointer->weak = true; + } + } + + // SNMP Group... + else if (strcmp(command.part[tempInt], "group") == 0) + { + tempInt++; + + // If this is the first... + if (nipper->ios->snmp->group == 0) + { + // Create... + nipper->ios->snmp->group = malloc(sizeof(struct snmpGroup)); + snmpGroupPointer = nipper->ios->snmp->group; + } + else + { + // Find last group... + snmpGroupPointer = nipper->ios->snmp->group; + while (snmpGroupPointer->next != 0) + snmpGroupPointer = snmpGroupPointer->next; + + // Create... + snmpGroupPointer->next = malloc(sizeof(struct snmpGroup)); + snmpGroupPointer = snmpGroupPointer->next; + } + + // Init... + memset(snmpGroupPointer, 0, sizeof(struct snmpGroup)); + strcpy(snmpGroupPointer->readView, "MIB OID 1.3.6.1"); + + // Group Name... + strncpy(snmpGroupPointer->groupName, command.part[tempInt], sizeof(snmpGroupPointer->groupName) - 1); + tempInt++; + + // Version... + if (strcmp(command.part[tempInt], "v1") == 0) + snmpGroupPointer->version = snmp1; + else if (strcmp(command.part[tempInt], "v2c") == 0) + snmpGroupPointer->version = snmp2c; + else if (strcmp(command.part[tempInt], "v3") == 0) + { + tempInt++; + if (strcmp(command.part[tempInt], "auth") == 0) + snmpGroupPointer->version = snmp3_auth; + else if (strcmp(command.part[tempInt], "noauth") == 0) + snmpGroupPointer->version = snmp3_no_auth; + else if (strcmp(command.part[tempInt], "priv") == 0) + snmpGroupPointer->version = snmp3_priv; + } + tempInt++; + + // Get Options + while (tempInt < command.parts) + { + // Read + if (strcmp(command.part[tempInt], "read") == 0) + { + tempInt++; + strncpy(snmpGroupPointer->readView, command.part[tempInt], sizeof(snmpGroupPointer->readView) - 1); + } + + // Write + else if (strcmp(command.part[tempInt], "write") == 0) + { + tempInt++; + strncpy(snmpGroupPointer->writeView, command.part[tempInt], sizeof(snmpGroupPointer->writeView) - 1); + } + + // Notify + else if (strcmp(command.part[tempInt], "notify") == 0) + { + tempInt++; + strncpy(snmpGroupPointer->notifyView, command.part[tempInt], sizeof(snmpGroupPointer->notifyView) - 1); + } + + // Context + else if (strcmp(command.part[tempInt], "context") == 0) + { + tempInt++; + strncpy(snmpGroupPointer->context, command.part[tempInt], sizeof(snmpGroupPointer->context) - 1); + } + + // ACL + else if (strcmp(command.part[tempInt], "access") == 0) + { + tempInt++; + if (strcmp(command.part[tempInt], "ipv6") == 0) + tempInt += 2; + strncpy(snmpGroupPointer->acl, command.part[tempInt], sizeof(snmpGroupPointer->acl) - 1); + } + + // Increment part pointer + tempInt++; + } + } + + // SNMP User... + else if (strcmp(command.part[tempInt], "user") == 0) + { + tempInt++; + + // If this is the first user in the group + if (nipper->ios->snmp->user == 0) + { + // Create... + nipper->ios->snmp->user = malloc(sizeof(struct snmpUser)); + snmpUserPointer = nipper->ios->snmp->user; + } + else + { + // Find last group... + snmpUserPointer = nipper->ios->snmp->user; + while (snmpUserPointer->next != 0) + snmpUserPointer = snmpUserPointer->next; + + // Create... + snmpUserPointer->next = malloc(sizeof(struct snmpUser)); + snmpUserPointer = snmpUserPointer->next; + } + + // Init... + memset(snmpUserPointer, 0, sizeof(struct snmpUser)); + snmpUserPointer->encryption = false; + snmpUserPointer->snmp3priv = snmp3_none; + snmpUserPointer->snmp3auth = snmp3_none; + + // User + strncpy(snmpUserPointer->userName, command.part[tempInt], sizeof(snmpUserPointer->userName) - 1); + tempInt++; + + // Group + strncpy(snmpUserPointer->groupName, command.part[tempInt], sizeof(snmpUserPointer->groupName) - 1); + tempInt++; + + // Skip some options + while ((tempInt < command.parts) && (strcmp(command.part[tempInt], "v1") != 0) && (strcmp(command.part[tempInt], "v2c") != 0) && (strcmp(command.part[tempInt], "v3") != 0)) + tempInt++; + + // SNMP version + if (strcmp(command.part[tempInt], "v1") == 0) + snmpUserPointer->version = snmp1; + else if (strcmp(command.part[tempInt], "v2c") == 0) + snmpUserPointer->version = snmp2c; + else if (strcmp(command.part[tempInt], "v3") == 0) + snmpUserPointer->version = snmp3_no_auth; + tempInt++; + + while (tempInt < command.parts) + { + // Encrypted? + if (strcmp(command.part[tempInt], "encrypted") == 0) + snmpUserPointer->encryption = true; + + // Auth? + else if (strcmp(command.part[tempInt], "auth") == 0) + { + snmpUserPointer->version = snmp3_auth; + tempInt++; + + // Algo... + if (strcmp(command.part[tempInt], "md5") == 0) + snmpUserPointer->snmp3auth = snmp3_md5; + else if (strcmp(command.part[tempInt], "sha") == 0) + snmpUserPointer->snmp3auth = snmp3_sha; + tempInt++; + + // Auth Password + strncpy(snmpUserPointer->authPass, command.part[tempInt], sizeof(snmpUserPointer->authPass) - 1); + } + + // Access? + else if (strcmp(command.part[tempInt], "access") == 0) + { + tempInt++; + + // Check for ipv6 + if (strcmp(command.part[tempInt], "ipv6") == 0) + tempInt +=2; + + // Check for Priv + if (strcmp(command.part[tempInt], "priv") == 0) + { + snmpUserPointer->version = snmp3_priv; + tempInt++; + + // Enc... + if (strcmp(command.part[tempInt], "des") == 0) + snmpUserPointer->snmp3priv = snmp3_des; + else if (strcmp(command.part[tempInt], "3des") == 0) + snmpUserPointer->snmp3priv = snmp3_3des; + else if (strcmp(command.part[tempInt], "des56") == 0) + snmpUserPointer->snmp3priv = snmp3_des56; + else if (strcmp(command.part[tempInt], "aes") == 0) + { + tempInt++; + if (strcmp(command.part[tempInt], "128") == 0) + snmpUserPointer->snmp3priv = snmp3_aes128; + else if (strcmp(command.part[tempInt], "192") == 0) + snmpUserPointer->snmp3priv = snmp3_aes192; + else if (strcmp(command.part[tempInt], "256") == 0) + snmpUserPointer->snmp3priv = snmp3_aes256; + } + tempInt++; + + // Priv Password + strncpy(snmpUserPointer->privPass, command.part[tempInt], sizeof(snmpUserPointer->privPass) - 1); + tempInt++; + } + + // ACL + strncpy(snmpUserPointer->acl, command.part[tempInt], sizeof(snmpUserPointer->acl) - 1); + } + + // Increment part pointer + tempInt++; + } + } +} diff --git a/0.11.10/IOS/process-ssh.c b/0.11.10/IOS/process-ssh.c new file mode 100644 index 0000000..c3cf3cb --- /dev/null +++ b/0.11.10/IOS/process-ssh.c @@ -0,0 +1,120 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +#define ssh_ver_unconfigured 0 +#define ssh_ver_1 1 +#define ssh_ver_2 2 + + +// SSH +struct sshConfig +{ + int enabled; // true, false + int protocolVersion; // ssh_ver_unconfigured, ssh_ver_1, ssh_ver_2 + int timeout; + int retries; + struct netInterface *interface; +}; + + +// Process SSH +void processSsh(char *line, struct nipperConfig *nipper) +{ + // Variables + struct netInterface *interfacePointer = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("SSH Line: %s\n", line); + } + + // Check to see if SSH already exists + if (nipper->ios->ssh == 0) + { + nipper->ios->ssh = malloc(sizeof(struct sshConfig)); + memset(nipper->ios->ssh, 0, sizeof(struct sshConfig)); + + // Init + nipper->ios->ssh->enabled = true; + nipper->ios->ssh->protocolVersion = ssh_ver_unconfigured; + nipper->ios->ssh->timeout = -1; + nipper->ios->ssh->retries = -1; + nipper->ios->ssh->interface = 0; + } + + // No SSH :-( + if (strncmp(line, "no ip ssh", 9) == 0) + nipper->ios->ssh->enabled = false; + + // Retries + else if (strncmp(line, "ip ssh authentication-retries ", 30) == 0) + nipper->ios->ssh->retries = atoi(line + 30); + + // Timeout + else if (strncmp(line, "ip ssh time-out ", 16) == 0) + nipper->ios->ssh->timeout = atoi(line + 16); + + // Protocol Version + else if (strncmp(line, "ip ssh version ", 15) == 0) + { + switch (atoi(line + 15)) + { + case 1: + nipper->ios->ssh->protocolVersion = ssh_ver_1; + break; + + case 2: + nipper->ios->ssh->protocolVersion = ssh_ver_2; + break; + + default: + nipper->ios->ssh->protocolVersion = ssh_ver_unconfigured; + break; + } + } + + // Check for interface + else if (strncmp(line, "ip ssh source-interface ", 24) == 0) + { + // Allocate struct + interfacePointer = malloc(sizeof(struct netInterface)); + memset(interfacePointer, 0, sizeof(struct netInterface)); + + // Pointers + interfacePointer->next = nipper->ios->ssh->interface; + nipper->ios->ssh->interface = interfacePointer; + + // Copy interface + strncpy(interfacePointer->interface, line + 24, sizeof(interfacePointer->interface)); + } +} + diff --git a/0.11.10/IOS/process-tacacs.c b/0.11.10/IOS/process-tacacs.c new file mode 100644 index 0000000..bf68d7c --- /dev/null +++ b/0.11.10/IOS/process-tacacs.c @@ -0,0 +1,129 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// TACACS config +struct tacacsConfig +{ + char key[128]; + char keyEncrypted[128]; + int encryption; + int weak; + int dictionary; + struct host *host; +}; + + +// Process TACACS +void processTacacs(char *line, struct nipperConfig *nipper) +{ + // Variables + struct host *tacacsHostPointer = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("TACACS Line: %s\n", line); + } + + // Create logging structure + if (nipper->ios->tacacs == 0) + { + nipper->ios->tacacs = malloc(sizeof(struct tacacsConfig)); + memset(nipper->ios->tacacs, 0, sizeof(struct tacacsConfig)); + + // init + strcpy(nipper->ios->tacacs->key, ""); + nipper->ios->tacacs->host = 0; + nipper->ios->tacacs->dictionary = false; + nipper->ios->tacacs->weak = false; + } + + // Key... + if (strncmp("tacacs-server key ", line, 18) == 0) + { + switch (line[18]) + { + case '7': + nipper->ios->tacacs->encryption = encrypt_type7; + if (password7(line+20, nipper->ios->tacacs->key, sizeof(nipper->ios->tacacs->key), nipper->debugMode) != 0) + strcpy(nipper->ios->tacacs->key, ""); + strncpy(nipper->ios->tacacs->keyEncrypted, line + 20, sizeof(nipper->ios->tacacs->keyEncrypted)); + break; + + case '5': + nipper->ios->tacacs->encryption = encrypt_md5; + strcpy(nipper->ios->tacacs->key, ""); + strncpy(nipper->ios->tacacs->keyEncrypted, line + 20, sizeof(nipper->ios->tacacs->keyEncrypted)); + addJohnPassword(nipper, "tacacs", nipper->ios->tacacs->keyEncrypted); + break; + + case '0': + nipper->ios->tacacs->encryption = encrypt_none; + strncpy(nipper->ios->tacacs->key, line + 20, sizeof(nipper->ios->tacacs->key)); + strcpy(nipper->ios->tacacs->keyEncrypted, ""); + break; + + default: + nipper->ios->tacacs->encryption = encrypt_none; + strncpy(nipper->ios->tacacs->key, line + 18, sizeof(nipper->ios->tacacs->key)); + strcpy(nipper->ios->tacacs->keyEncrypted, ""); + break; + } + if ((strcmp(nipper->ios->tacacs->key, "") != 0) && (strlen(nipper->ios->tacacs->key) != 0)) + { + if (simplePassword(nipper->ios->tacacs->key, nipper) == true) + { + nipper->simplePasswords++; + nipper->ios->tacacs->dictionary = true; + } + if (passwordStrength(nipper->ios->tacacs->key, nipper) == false) + { + nipper->passwordStrengths++; + nipper->ios->tacacs->weak = true; + } + } + } + + // Host... + else if (strncmp("tacacs-server host ", line, 19) == 0) + { + // Create struct + tacacsHostPointer = malloc(sizeof(struct host)); + memset(tacacsHostPointer, 0, sizeof(struct host)); + + // Pointers + tacacsHostPointer->next = nipper->ios->tacacs->host; + nipper->ios->tacacs->host = tacacsHostPointer; + + // Copy host + strncpy(tacacsHostPointer->server, line + 19, sizeof(tacacsHostPointer->server)); + } +} diff --git a/0.11.10/IOS/process-username.c b/0.11.10/IOS/process-username.c new file mode 100644 index 0000000..555c6f4 --- /dev/null +++ b/0.11.10/IOS/process-username.c @@ -0,0 +1,146 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Username +struct usernameList +{ + char username[128]; + char password[128]; + char passwordEncrypted[128]; + int secret; // true or false + int privilage; + int encryption; // encrypt_type7, encrypt_md5... + int weak; + int dictionary; + struct usernameList *next; +}; + + +// Process Username +void processUsername(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + struct usernameList *usernamePointer = 0; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Username Line: %s\n", line); + } + + // Create structure + usernamePointer = malloc(sizeof(struct usernameList)); + memset(usernamePointer, 0, sizeof(struct usernameList)); + + // Sort out pointers + usernamePointer->next = nipper->ios->username; + nipper->ios->username = usernamePointer; + + // Init + command = splitLine(line); + tempInt = 1; + usernamePointer->weak = false; + usernamePointer->dictionary = false; + + // username + strncpy(usernamePointer->username, command.part[tempInt], sizeof(usernamePointer->username)); + tempInt++; + + // privilage + if (strncmp(command.part[tempInt], "privilege", 9) == 0) + { + tempInt++; + usernamePointer->privilage = atoi(command.part[tempInt]); + tempInt++; + } + else + usernamePointer->privilage = 1; + + // secret + if (strncmp(command.part[tempInt], "secret", 6) == 0) + usernamePointer->secret = true; + + else + usernamePointer->secret = false; + tempInt++; + + switch(command.part[tempInt][0]) + { + case '7': + usernamePointer->encryption = encrypt_type7; + if (password7(command.part[command.parts - 1], usernamePointer->password, sizeof(usernamePointer->password), nipper->debugMode) != 0) + strcpy(usernamePointer->password, ""); + strncpy(usernamePointer->passwordEncrypted, command.part[command.parts - 1], sizeof(usernamePointer->passwordEncrypted)); + break; + case '5': + usernamePointer->encryption = encrypt_md5; + strcpy(usernamePointer->password, ""); + strncpy(usernamePointer->passwordEncrypted, command.part[command.parts - 1], sizeof(usernamePointer->passwordEncrypted)); + addJohnPassword(nipper, usernamePointer->username , usernamePointer->passwordEncrypted); + break; + case '0': + usernamePointer->encryption = encrypt_none; + strncpy(usernamePointer->password, command.part[command.parts - 1], sizeof(usernamePointer->password)); + strcpy(usernamePointer->passwordEncrypted, ""); + break; + default: + if (command.parts == 4) + { + usernamePointer->encryption = encrypt_none; + strncpy(usernamePointer->password, command.part[command.parts - 1], sizeof(usernamePointer->password)); + strcpy(usernamePointer->passwordEncrypted, ""); + } + else + { + usernamePointer->encryption = encrypt_unknown; + strcpy(usernamePointer->password, ""); + strncpy(usernamePointer->passwordEncrypted, command.part[command.parts - 1], sizeof(usernamePointer->passwordEncrypted)); + } + break; + } + if ((strcmp(usernamePointer->password, "") != 0) && (strlen(usernamePointer->password) != 0)) + { + if (simplePassword(usernamePointer->password, nipper) == true) + { + nipper->simplePasswords++; + usernamePointer->dictionary = true; + } + if (passwordStrength(usernamePointer->password, nipper) == false) + { + nipper->passwordStrengths++; + usernamePointer->weak = true; + } + } +} + + diff --git a/0.11.10/IOS/process-vtp.c b/0.11.10/IOS/process-vtp.c new file mode 100644 index 0000000..ab12d39 --- /dev/null +++ b/0.11.10/IOS/process-vtp.c @@ -0,0 +1,71 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process VTP +void processVTP(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("VTP Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // VTP server + if ((strcmp(command.part[1], "server") == 0) || ((strcmp(command.part[1], "mode") == 0) && (strcmp(command.part[2], "server") == 0))) + nipper->ios->vtpMode = vtp_mode_server; + + // VTP client + else if ((strcmp(command.part[1], "client") == 0) || ((strcmp(command.part[1], "mode") == 0) && (strcmp(command.part[2], "client") == 0))) + nipper->ios->vtpMode = vtp_mode_client; + + // VTP transparent + else if ((strcmp(command.part[1], "transparent") == 0) || ((strcmp(command.part[1], "mode") == 0) && (strcmp(command.part[2], "transparent") == 0))) + nipper->ios->vtpMode = vtp_mode_transparent; + + // No VTP Mode + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "vtp") == 0) && (strcmp(command.part[2], "mode") == 0)) + nipper->ios->vtpMode = vtp_mode_none; + + // VTP Domain + else if (strcmp(command.part[1], "domain") == 0) + strncpy(nipper->ios->vtpDomain, command.part[2], sizeof(nipper->ios->vtpDomain) -1); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} + diff --git a/0.11.10/IOS/report-aaa.c b/0.11.10/IOS/report-aaa.c new file mode 100644 index 0000000..6ec34d5 --- /dev/null +++ b/0.11.10/IOS/report-aaa.c @@ -0,0 +1,92 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosAAAConfig(struct nipperConfig *nipper) +{ + // Variables... + struct aaaGroupServer *aaaGroupPointer = 0; + struct aaaServer *aaaServerPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + aaaGroupPointer = nipper->ios->aaa->groupServer; + while (aaaGroupPointer != 0) + { + switch (aaaGroupPointer->type) + { + case aaa_radius: + sprintf(tempString, "%s %s %s", settings_aaa_table1, aaaGroupPointer->username, settings_aaa_table2); + addAbbreviation("RADIUS", false); + break; + case aaa_tacacs: + sprintf(tempString, "%s %s %s", settings_aaa_table1, aaaGroupPointer->username, settings_aaa_table3); + addAbbreviation("TACACS", false); + break; + case aaa_kerberos: + sprintf(tempString, "%s %s %s", settings_aaa_table1, aaaGroupPointer->username, settings_aaa_table4); + break; + } + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_aaa_heading); + aaaServerPointer = aaaGroupPointer->server; + while (aaaServerPointer != 0) + { + outputFriendly(aaaServerPointer->server, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s%d%s%d%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, aaaServerPointer->authPort, nipper->tablerow_mid, aaaServerPointer->acctPort, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(aaaServerPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_mid); + } + switch(aaaServerPointer->encryption) + { + case encrypt_type7: + fprintf(nipper->reportFile, "Type-7%s", nipper->tablerow_end); + break; + case encrypt_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_end); + addAbbreviation("MD5", false); + break; + case encrypt_none: + fprintf(nipper->reportFile, "None%s", nipper->tablerow_end); + break; + case encrypt_unknown: + fprintf(nipper->reportFile, "Unknown%s", nipper->tablerow_end); + break; + } + aaaServerPointer = aaaServerPointer->next; + } + output_table(nipper, false, tempString2, &settings_aaa_heading); + aaaGroupPointer = aaaGroupPointer->next; + } + addAbbreviation("AAA", false); +} diff --git a/0.11.10/IOS/report-access-list.c b/0.11.10/IOS/report-access-list.c new file mode 100644 index 0000000..3b46321 --- /dev/null +++ b/0.11.10/IOS/report-access-list.c @@ -0,0 +1,178 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + + +void iosACLConfig(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + struct interfaceConfig *interfaceConfigPointer = 0; + struct lineConfig *linePointer = 0; + + output_parseText(settings_accesslists1, nipper, section_none, rate_none, 0, 0); + output_parseText(settings_accesslists2, nipper, section_none, rate_none, 0, 0); + + // Interfaces with ACL applied + tempInt = 0; + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->accessGroupIn[0] != 0) || (interfaceConfigPointer->accessGroupOut[0] != 0)) + tempInt++; + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (tempInt > 0) + { + output_table(nipper, true, settings_acl_int_table, &settings_aclinter_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->accessGroupIn[0] != 0) || (interfaceConfigPointer->accessGroupOut[0] != 0)) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, interfaceConfigPointer->name, nipper->tablerow_mid); + if (interfaceConfigPointer->shutdown == true) + fprintf(nipper->reportFile, "No%s%s%s", nipper->tablerow_mid, interfaceConfigPointer->ipAddress, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Yes%s%s%s", nipper->tablerow_mid, interfaceConfigPointer->ipAddress, nipper->tablerow_mid); + if (interfaceConfigPointer->accessGroupIn[0] != 0) + fprintf(nipper->reportFile, "%s%s", interfaceConfigPointer->accessGroupIn, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + if (interfaceConfigPointer->accessGroupOut[0] != 0) + fprintf(nipper->reportFile, "%s%s", interfaceConfigPointer->accessGroupOut, nipper->tablerow_end); + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, settings_acl_int_table, &settings_aclinter_heading); + } + + // Lines with ACL applied + tempInt = 0; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if ((linePointer->aclIn[0] != 0) || (linePointer->aclOut[0] != 0)) + tempInt++; + linePointer = linePointer->next; + } + if (tempInt > 0) + { + output_table(nipper, true, settings_acl_line_table, &settings_aclline_heading); + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if ((linePointer->aclIn[0] != 0) || (linePointer->aclOut[0] != 0)) + { + switch (linePointer->lineType) + { + case line_console: + fprintf(nipper->reportFile, "%sConsole%s", nipper->tablerow_start, nipper->tablerow_mid); + break; + case line_aux: + fprintf(nipper->reportFile, "%sAuxiliary%s", nipper->tablerow_start, nipper->tablerow_mid); + break; + case line_vty: + fprintf(nipper->reportFile, "%sVTY%s", nipper->tablerow_start, nipper->tablerow_mid); + addAbbreviation("VTY", false); + break; + case line_tty: + fprintf(nipper->reportFile, "%sTTY%s", nipper->tablerow_start, nipper->tablerow_mid); + addAbbreviation("TTY", false); + break; + } + fprintf(nipper->reportFile, "%d%s", linePointer->lineNumberStart, nipper->tablerow_mid); + if (linePointer->lineNumberEnd == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", linePointer->lineNumberEnd, nipper->tablerow_mid); + switch (linePointer->login) + { + case login_allowed: + fprintf(nipper->reportFile, "Allowed%s", nipper->tablerow_mid); + break; + case login_disabled: + fprintf(nipper->reportFile, "Denied%s", nipper->tablerow_mid); + break; + case login_local: + fprintf(nipper->reportFile, "Local%s", nipper->tablerow_mid); + break; + case login_authentication: + fprintf(nipper->reportFile, "AAA%s", nipper->tablerow_mid); + break; + } + switch (linePointer->exec) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + switch (linePointer->telnet) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + switch (linePointer->ssh) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + if (linePointer->aclIn[0] != 0) + fprintf(nipper->reportFile, "%s%s", linePointer->aclIn, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + if (linePointer->aclOut[0] != 0) + fprintf(nipper->reportFile, "%s%s", linePointer->aclOut, nipper->tablerow_end); + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + } + linePointer = linePointer->next; + } + output_table(nipper, false, settings_acl_line_table, &settings_aclline_heading); + } + + // ACL + reportRules(nipper); +} + diff --git a/0.11.10/IOS/report-clock.c b/0.11.10/IOS/report-clock.c new file mode 100644 index 0000000..f4ad5d4 --- /dev/null +++ b/0.11.10/IOS/report-clock.c @@ -0,0 +1,70 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosTimeZoneConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_timezone_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sTime Zone%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->timeZone, nipper->tablerow_end); + if ((nipper->ios->timeOffsetHours != 0) || (nipper->ios->timeOffsetMins != 0)) + { + fprintf(nipper->reportFile, "%sUTC Offset%s", nipper->tablerow_start, nipper->tablerow_mid); + if (nipper->ios->timeOffsetHours != 0) + { + if (nipper->ios->timeOffsetHours > 0) + fprintf(nipper->reportFile, "+"); + fprintf(nipper->reportFile, "%d hour", nipper->ios->timeOffsetHours); + if ((nipper->ios->timeOffsetHours > 1) || (nipper->ios->timeOffsetHours < -1)) + fprintf(nipper->reportFile, "s"); + if (nipper->ios->timeOffsetMins != 0) + fprintf(nipper->reportFile, " "); + } + if (nipper->ios->timeOffsetMins != 0) + { + fprintf(nipper->reportFile, "%d min", nipper->ios->timeOffsetMins); + if ((nipper->ios->timeOffsetMins > 1) || (nipper->ios->timeOffsetMins < -1)) + fprintf(nipper->reportFile, "s"); + } + fprintf(nipper->reportFile,"%s", nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%sUTC Offset%sNone%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->summerTimeZone[0] != 0) + fprintf(nipper->reportFile, "%sSummer Time Zone%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->timeZone, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSummer Time Zone%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->calendarValid == true) + fprintf(nipper->reportFile, "%sAuthorative Time Source%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sAuthorative Time Source%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_timezone_table, &settings_general_heading); +} + diff --git a/0.11.10/IOS/report-debug.c b/0.11.10/IOS/report-debug.c new file mode 100644 index 0000000..f94536f --- /dev/null +++ b/0.11.10/IOS/report-debug.c @@ -0,0 +1,700 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void reportIOSDebug(struct nipperConfig *nipper) +{ + // Variables + struct enablePassword *enablePointer = 0; + struct ntpKey *ntpKeyPointer = 0; + struct ntpHost *ntpHostPointer = 0; + struct ntpAccessGroup *ntpAccessPointer = 0; + struct snmpCommunity *communityPointer = 0; + struct snmpViewItem *snmpViewItemPointer = 0; + struct snmpView *snmpViewPointer = 0; + struct snmpGroup *snmpGroupPointer = 0; + struct snmpUser *snmpUserPointer = 0; + struct snmpTrap *snmpTrapPointer = 0; + struct snmpHost *snmpHostPointer = 0; + struct johnPassword *johnPointer = 0; + struct usernameList *usernamePointer = 0; + struct privilageLevels *privilagePointer = 0; + struct host *logServerPointer = 0; + struct host *tacacsHostPointer = 0; + struct aaaGroupServer *aaaGroupServerPointer = 0; + struct aaaServer *aaaServerPointer = 0; + struct netInterface *interfacePointer = 0; + struct interfaceConfig *interfaceConfigPointer = 0; + struct bgpNeighbor *neighborPointer = 0; + struct keyChain *keyChainPointer = 0; + struct keyConfig *keyPointer = 0; + struct lineConfig *linePointer = 0; + struct bannerConfig *bannerPointer = 0; + struct ospfNetworkConfig *ospfNetworkPointer = 0; + struct ospfAreaConfig *ospfAreaPointer = 0; + struct ospfNeighbor *ospfNeighborPointer = 0; + struct ospfConfig *ospfPointer = 0; + struct ospfInterStruct *ospfInterPointer = 0; + struct staticRoute *routePointer = 0; + struct host *dnsPointer = 0; + struct routeMapConfig *routeMapPointer = 0; + struct natConfig *natPointer = 0; + struct host *hostPointer = 0; + struct passiveStruct *passivePointer = 0; + struct eigrpConfig *eigrpPointer = 0; + struct eigrpAutonStruct *eigrpAutonPointer = 0; + struct eigrpNetwork *eigrpNetworkPointer = 0; + struct eigrpNeighbor *eigrpNeighborPointer = 0; + struct bgpConfig *bgpPointer = 0; + struct bgpInterStruct *bgpInterPointer = 0; + struct vrrpStruct *vrrpPointer = 0; + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf("True or Enabled = %d\n", true); + printf("False or Disabled = %d\n", false); + printf("Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + printf("Hostname: %s\n", nipper->hostname); + printf("Domain Name: %s\n", nipper->domainName); + printf("IOS Version: %s\n", nipper->version); + printf("IOS Version: %d.%d\n", nipper->versionMajor, nipper->versionMinor); + printf("IP Source Routing: %d\n", nipper->ios->sourceRouting); + printf("Service Password Encryption: %d\n", nipper->ios->servicePasswordEncryption); + printf("TCP Small Servers: %d\n", nipper->ios->tcpSmallServers); + printf("UDP Small Servers: %d\n", nipper->ios->udpSmallServers); + printf("Finger: %d\n", nipper->ios->finger); + printf("CDP: %d\n", nipper->ios->cdp); + printf("PAD: %d\n", nipper->ios->pad); + printf("CEF: %d\n", nipper->ios->cef); + printf("Bootp: %d\n", nipper->ios->bootp); + printf("Network Boot: %d\n", nipper->ios->bootNetwork); + printf("Service Config: %d\n", nipper->ios->serviceConfig); + printf("IP Classless Routing: %d\n", nipper->ios->classlessRouting); + printf("TCP Keep Alives In: %d\n", nipper->ios->keepAlivesIn); + printf("TCP Keep Alives Out: %d\n", nipper->ios->keepAlivesOut); + printf("Domain Lookup: %d\n", nipper->ios->domainLookup); + printf("Gratuitous ARPs: %d\n", nipper->ios->gratuitousArps); + printf("Clock Authorative: %d\n", nipper->ios->calendarValid); + printf("Summer Time Zone: %s\n", nipper->ios->summerTimeZone); + printf("Time Zone: %s\n", nipper->ios->timeZone); + printf("UTC Offset (Hours): %d\n", nipper->ios->timeOffsetHours); + printf("UTC Offset (Mins): %d\n", nipper->ios->timeOffsetMins); + printf("Minimum Password Length: %d\n", nipper->ios->passwordMinLength); + printf("VTP Mode: %d\n", nipper->ios->vtpMode); + printf("VTP Domain: %s\n", nipper->ios->vtpDomain); + printf("Number of weak passwords / keys: %d\n", nipper->passwordStrengths); + printf("Number of dictionary-based passwords / keys: %d\n", nipper->simplePasswords); + + // DNS Servers + dnsPointer = nipper->ios->dns; + while (dnsPointer != 0) + { + printf("DNS Server: %s\n", dnsPointer->server); + dnsPointer = dnsPointer->next; + } + + // SSH + if (nipper->ios->ssh != 0) + { + printf("SSH Enabled: %d\n", nipper->ios->ssh->enabled); + printf(" SSH Protocol Version: %d\n", nipper->ios->ssh->protocolVersion); + printf(" SSH Login Timeout: %d\n", nipper->ios->ssh->timeout); + printf(" SSH Login Retries: %d\n", nipper->ios->ssh->retries); + interfacePointer = nipper->ios->ssh->interface; + while (interfacePointer != 0) + { + printf(" SSH Server Interface: %s\n", interfacePointer->interface); + interfacePointer = interfacePointer->next; + } + } + + // NAT + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + printf("NAT Inside: %d\n", natPointer->inside); + printf(" NAT Type: %d\n", natPointer->type); + printf(" NAT From: %s\n", natPointer->local); + printf(" NAT From Port: %d\n", natPointer->localPort); + printf(" NAT To: %s\n", natPointer->global); + printf(" NAT To Port: %d\n", natPointer->globalPort); + printf(" NAT Mask: %s\n", natPointer->mask); + printf(" NAT Interface No.: %d\n", natPointer->interNumber); + printf(" NAT Pool: %d\n", natPointer->pool); + printf(" NAT IPSec-ESP: %d\n", natPointer->ipSecESP); + printf(" NAT Route Map: %d\n", natPointer->routeMap); + printf(" NAT TCP: %d\n", natPointer->tcp); + printf(" NAT Interface: %d\n", natPointer->inter); + natPointer = natPointer->next; + } + + // HTTP + if (nipper->ios->http != 0) + { + printf("HTTP Enabled: %d\n", nipper->ios->http->enabled); + printf(" HTTP Authentication: %d\n", nipper->ios->http->authentication); + printf(" HTTP Access-Class: %s\n", nipper->ios->http->accessClass); + } + + // Enable + enablePointer = nipper->ios->enable; + while (enablePointer != 0) + { + printf("Enable Level: %d\n", enablePointer->level); + printf(" Encryption Type: %d\n", enablePointer->encryption); + printf(" Secret?: %d\n", enablePointer->secret); + printf(" Password: %s\n", enablePointer->password); + printf(" Password Encrypted: %s\n", enablePointer->passwordEncrypted); + printf(" Weak Password: %d\n", enablePointer->weak); + printf(" Dictionary Password: %d\n", enablePointer->dictionary); + enablePointer = enablePointer->next; + } + + // Username + usernamePointer = nipper->ios->username; + while (usernamePointer != 0) + { + printf("Username: %s\n", usernamePointer->username); + printf(" Encryption Type: %d\n", usernamePointer->encryption); + printf(" Secret?: %d\n", usernamePointer->secret); + printf(" Privilage Level: %d\n", usernamePointer->privilage); + printf(" Password: %s\n", usernamePointer->password); + printf(" Password Encrypted: %s\n", usernamePointer->passwordEncrypted); + printf(" Weak Password: %d\n", usernamePointer->weak); + printf(" Dictionary Password: %d\n", usernamePointer->dictionary); + usernamePointer = usernamePointer->next; + } + + // Privilage + privilagePointer = nipper->ios->privilage; + while (privilagePointer != 0) + { + printf("Privilage Level: %d\n", privilagePointer->level); + printf(" Privilage Command: %s\n", privilagePointer->command); + privilagePointer = privilagePointer->next; + } + + // Banner + bannerPointer = nipper->ios->banner; + while (bannerPointer != 0) + { + printf("Banner: %s\n", bannerPointer->line); + bannerPointer = bannerPointer->next; + } + + // Logging + if (nipper->ios->logging != 0) + { + printf("Logging: %d\n", nipper->ios->logging->logging); + printf(" Log Enable: %d\n", nipper->ios->logging->logEnable); + printf(" Console Logging: %d\n", nipper->ios->logging->consoleLogging); + printf(" Console Level: %d\n", nipper->ios->logging->consoleLevel); + printf(" Monitor Logging: %d\n", nipper->ios->logging->monitorLogging); + printf(" Monitor Level: %d\n", nipper->ios->logging->monitorLevel); + printf(" Buffered Logging: %d\n", nipper->ios->logging->bufferedLogging); + printf(" Buffered Level: %d\n", nipper->ios->logging->bufferLevel); + printf(" Buffered Size: %d\n", nipper->ios->logging->bufferSize); + printf(" Syslog Level: %d\n", nipper->ios->logging->loggingTrap); + printf(" Syslog Facility: %s\n", nipper->ios->logging->facility); + printf(" Syslog Count: %d\n", nipper->ios->logging->logCount); + printf(" Syslog Origin ID: %s\n", nipper->ios->logging->originId); + printf(" Syslog Source Interface: %s\n", nipper->ios->logging->sourceInterface); + logServerPointer = nipper->ios->logging->logServer; + while (logServerPointer != 0) + { + printf(" Syslog Logging Server: %s\n", logServerPointer->server); + logServerPointer = logServerPointer->next; + } + } + + // Routing + if (nipper->ios->route != 0) + { + routePointer = nipper->ios->route; + while (routePointer != 0) + { + printf("Static Route\n"); + printf(" IP Address: %s\n", routePointer->ipAddress); + printf(" Net Mask: %s\n", routePointer->netMask); + printf(" Gateway: %s\n", routePointer->gateway); + routePointer = routePointer->next; + } + } + routeMapPointer = nipper->ios->routeMap; + while (routeMapPointer != 0) + { + printf("Route Map: %s\n", routeMapPointer->mapTag); + printf(" Sequence No.: %d\n", routeMapPointer->sequenceNo); + printf(" Permission: %d\n", routeMapPointer->permission); + routeMapPointer = routeMapPointer->next; + } + eigrpPointer = nipper->ios->eigrp; + while (eigrpPointer != 0) + { + printf("EIGRP Autonomous No: %d\n", eigrpPointer->process); + printf(" EIGRP Router ID: %s\n", eigrpPointer->routerId); + printf(" EIGRP Maximum Hops: %d\n", eigrpPointer->maximumHops); + printf(" EIGRP Stub: %d\n", eigrpPointer->stub); + printf(" EIGRP Auto Summary: %d\n", eigrpPointer->autoSummary); + printf(" EIGRP Internal Distance: %d\n", eigrpPointer->internalDistance); + printf(" EIGRP External Distance: %d\n", eigrpPointer->externalDistance); + printf(" EIGRP Log Neighbor Changes: %d\n", eigrpPointer->logNeighborChanges); + printf(" EIGRP Log Neighbor Warnings: %d\n", eigrpPointer->logNeighborWarnings); + eigrpNetworkPointer = eigrpPointer->network; + while (eigrpNetworkPointer != 0) + { + printf(" EIGRP Network IP Address: %s\n", eigrpNetworkPointer->ipAddress); + printf(" EIGRP NetMask: %s\n", eigrpNetworkPointer->netMask); + eigrpNetworkPointer = eigrpNetworkPointer->next; + } + eigrpNeighborPointer = eigrpPointer->neighbor; + while (eigrpNeighborPointer != 0) + { + printf(" EIGRP Neighbor IP Address: %s\n", eigrpNeighborPointer->ipAddress); + printf(" EIGRP NetMask: %s\n", eigrpNeighborPointer->interface); + eigrpNeighborPointer = eigrpNeighborPointer->next; + } + passivePointer = eigrpPointer->passive; + while (passivePointer != 0) + { + printf(" EIGRP Passive Interface: %s\n", passivePointer->interface); + printf(" Passive: %d\n", passivePointer->passive); + passivePointer = passivePointer->next; + } + eigrpPointer = eigrpPointer->next; + } + bgpPointer = nipper->ios->bgp; + while (bgpPointer != 0) + { + printf("BGP Autonomous No: %d\n", bgpPointer->autonomousNo); + printf(" BGP Log Changes: %d\n", bgpPointer->logNeighborChanges); + printf(" BGP Dampening: %d\n", bgpPointer->dampening); + printf(" BGP Default Passive: %d\n", bgpPointer->defaultPassive); + passivePointer = bgpPointer->passive; + while (passivePointer != 0) + { + printf(" BGP Passive Interface: %s\n", passivePointer->interface); + printf(" Passive: %d\n", passivePointer->passive); + passivePointer = passivePointer->next; + } + neighborPointer = bgpPointer->neighbor; + while (neighborPointer != 0) + { + printf(" BGP Neighbor: %s\n", neighborPointer->host); + printf(" BGP Neighbor Description: %s\n", neighborPointer->description); + printf(" BGP Password Encryption Type: %d\n", neighborPointer->encryption); + printf(" BGP Password: %s\n", neighborPointer->password); + printf(" BGP Password Encrypted: %s\n", neighborPointer->passwordEncrypted); + printf(" BGP Neighbor Password: %s\n", neighborPointer->password); + printf(" BGP Weak Password: %d\n", neighborPointer->weak); + printf(" BGP Dictionary Password: %d\n", neighborPointer->dictionary); + printf(" BGP Neighbor Autonomous No: %d\n", neighborPointer->autonomousNo); + printf(" BGP Neighbor TTL Hops: %d\n", neighborPointer->ttlHops); + neighborPointer = neighborPointer->next; + } + bgpPointer = bgpPointer->next; + } + if (nipper->ios->rip != 0) + { + printf("RIP Version: %d\n", nipper->ios->rip->version); + printf("RIP Auto Summary: %d\n", nipper->ios->rip->autoSummary); + printf("RIP Default Route: %d\n", nipper->ios->rip->defaultRoute); + printf("RIP Default Route Map: %s\n", nipper->ios->rip->defaultRouteMap); + printf("RIP Default Metric: %d\n", nipper->ios->rip->defaultMetric); + printf("RIP Input Queue: %d\n", nipper->ios->rip->inputQueue); + printf("RIP Output Delay: %d\n", nipper->ios->rip->outputDelay); + printf("RIP Validate Update Source: %d\n", nipper->ios->rip->validateUpdateSource); + printf("RIP Default Passive: %d\n", nipper->ios->rip->defaultPassive); + hostPointer = nipper->ios->rip->neighbor; + while (hostPointer != 0) + { + printf("RIP Neighbor: %s\n", hostPointer->server); + hostPointer = hostPointer->next; + } + hostPointer = nipper->ios->rip->network; + while (hostPointer != 0) + { + printf("RIP Network: %s\n", hostPointer->server); + hostPointer = hostPointer->next; + } + passivePointer = nipper->ios->rip->passive; + while (passivePointer != 0) + { + printf("RIP Passive Interface: %s\n", passivePointer->interface); + printf(" Passive: %d\n", passivePointer->passive); + passivePointer = passivePointer->next; + } + } + ospfPointer = nipper->ios->ospf; + while (ospfPointer != 0) + { + printf("OSPF Process ID: %d\n", ospfPointer->processID); + ospfNetworkPointer = nipper->ios->ospf->ospfNetwork; + while (ospfNetworkPointer != 0) + { + printf(" OSPF Network: %s\n", ospfNetworkPointer->network); + printf(" OSPF Network Mask: %s\n", ospfNetworkPointer->networkMask); + printf(" OSPF Area ID: %s\n", ospfNetworkPointer->areaID); + ospfNetworkPointer = ospfNetworkPointer->next; + } + ospfAreaPointer = nipper->ios->ospf->ospfArea; + while (ospfNetworkPointer != 0) + { + printf(" OSPF Area ID: %s\n", ospfAreaPointer->areaID); + printf(" OSPF Area Authentication: %d\n", ospfAreaPointer->areaAuth); + printf(" OSPF Area Default Cost: %d\n", ospfAreaPointer->defaultCost); + ospfAreaPointer = ospfAreaPointer->next; + } + ospfNeighborPointer = nipper->ios->ospf->neighbor; + while (ospfNeighborPointer != 0) + { + printf(" OSPF Neighbor: %s\n", ospfNeighborPointer->host); + printf(" OSPF Neighbor Priority: %d\n", ospfNeighborPointer->priority); + printf(" OSPF Neighbor Poll Interval: %d\n", ospfNeighborPointer->pollInterval); + printf(" OSPF Neighbor Cost: %d\n", ospfNeighborPointer->costNumber); + printf(" OSPF Neighbor Database Filter: %d\n", ospfNeighborPointer->databaseFilter); + ospfNeighborPointer = ospfNeighborPointer->next; + } + ospfPointer = ospfPointer->next; + } + + // TACACS + if (nipper->ios->tacacs != 0) + { + printf("TACACS Key: %s\n", nipper->ios->tacacs->key); + printf(" TACACS Encrypted Key: %s\n", nipper->ios->tacacs->keyEncrypted); + printf(" TACACS Encryption Type: %d\n", nipper->ios->tacacs->encryption); + printf(" TACACS Weak Password: %d\n", nipper->ios->tacacs->weak); + printf(" TACACS Dictionary Password: %d\n", nipper->ios->tacacs->dictionary); + tacacsHostPointer = nipper->ios->tacacs->host; + while (tacacsHostPointer != 0) + { + printf("TACACS Server: %s\n", tacacsHostPointer->server); + tacacsHostPointer = tacacsHostPointer->next; + } + } + + // AAA + if (nipper->ios->aaa != 0) + { + aaaGroupServerPointer = nipper->ios->aaa->groupServer; + while (aaaGroupServerPointer != 0) + { + printf("AAA Group Server Type: %d\n", aaaGroupServerPointer->type); + printf("AAA Group Server Username: %s\n", aaaGroupServerPointer->username); + aaaServerPointer = aaaGroupServerPointer->server; + while (aaaServerPointer != 0) + { + printf(" AAA Server: %s\n", aaaServerPointer->server); + printf(" AAA Auth Port: %d\n", aaaServerPointer->authPort); + printf(" AAA Acct Port: %d\n", aaaServerPointer->acctPort); + printf(" AAA Key: %s\n", aaaServerPointer->key); + printf(" AAA Encrypted Key: %s\n", aaaServerPointer->keyEncrypted); + printf(" AAA Encryption: %d\n", aaaServerPointer->encryption); + printf(" AAA Weak Password: %d\n", aaaServerPointer->weak); + printf(" AAA Dictionary Password: %d\n", aaaServerPointer->dictionary); + aaaServerPointer = aaaServerPointer->next; + } + aaaGroupServerPointer = aaaGroupServerPointer->next; + } + } + + // NTP + if (nipper->ios->ntp != 0) + { + printf("NTP Enabled: %d\n", nipper->ios->ntp->enabled); + printf(" NTP Master: %d\n", nipper->ios->ntp->master); + ntpHostPointer = nipper->ios->ntp->server; + while (ntpHostPointer != 0) + { + printf(" NTP Server: %s\n", ntpHostPointer->ntpHost); + printf(" NTP Server Key Num: %d\n", ntpHostPointer->keyNum); + ntpHostPointer = ntpHostPointer->next; + } + ntpHostPointer = nipper->ios->ntp->peer; + while (ntpHostPointer != 0) + { + printf(" NTP Peer: %s\n", ntpHostPointer->ntpHost); + printf(" NTP Peer Key Num: %d\n", ntpHostPointer->keyNum); + ntpHostPointer = ntpHostPointer->next; + } + ntpAccessPointer = nipper->ios->ntp->access; + while (ntpAccessPointer != 0) + { + printf(" Access Type: %d\n", ntpAccessPointer->accessType); + printf(" Access List: %s\n", ntpAccessPointer->accessList); + ntpAccessPointer = ntpAccessPointer->next; + } + ntpKeyPointer = nipper->ios->ntp->key; + while (ntpKeyPointer != 0) + { + printf("NTP Key Num: %d\n", ntpKeyPointer->keyNum); + printf(" NTP Key: %s\n", ntpKeyPointer->key); + printf(" NTP Key Trusted: %d\n", ntpKeyPointer->trusted); + printf(" NTP Weak Password: %d\n", ntpKeyPointer->weak); + printf(" NTP Dictionary Password: %d\n", ntpKeyPointer->dictionary); + ntpKeyPointer = ntpKeyPointer->next; + } + } + + // SNMP + if (nipper->ios->snmp != 0) + { + printf("SNMP Enabled: %d\n", nipper->ios->snmp->enabled); + printf("SNMP TFTP Server Access List: %s\n", nipper->ios->snmp->tftpServerList); + printf("SNMP Contact: %s\n", nipper->ios->snmp->contact); + printf("SNMP Location: %s\n", nipper->ios->snmp->location); + printf("SNMP Trap Timeout: %d\n", nipper->ios->snmp->trapTimeout); + printf("SNMP Trap Source: %s\n", nipper->ios->snmp->trapSource); + communityPointer = nipper->ios->snmp->community; + while (communityPointer != 0) + { + printf("SNMP Community String: %s\n", communityPointer->community); + printf(" SNMP Weak Password: %d\n", communityPointer->weak); + printf(" SNMP Dictionary Password: %d\n", communityPointer->dictionary); + printf(" SNMP Read-Only: %d\n", communityPointer->readonly); + printf(" SNMP Community Enabled: %d\n", communityPointer->enabled); + printf(" SNMP Access List: %s\n", communityPointer->accessList); + communityPointer = communityPointer->next; + } + snmpGroupPointer = nipper->ios->snmp->group; + while (snmpGroupPointer != 0) + { + printf("SNMP Group: %s\n", snmpGroupPointer->groupName); + printf(" SNMP Version: %d\n", snmpGroupPointer->version); + printf(" SNMP Read View: %s\n", snmpGroupPointer->readView); + printf(" SNMP Write View: %s\n", snmpGroupPointer->writeView); + printf(" SNMP Notify View: %s\n", snmpGroupPointer->writeView); + printf(" SNMP Context: %s\n", snmpGroupPointer->context); + printf(" SNMP ACL: %s\n", snmpGroupPointer->acl); + snmpGroupPointer = snmpGroupPointer->next; + } + snmpUserPointer = nipper->ios->snmp->user; + while (snmpUserPointer != 0) + { + printf("SNMP User: %s\n", snmpUserPointer->userName); + printf(" SNMP User Auth Pass: %s\n", snmpUserPointer->authPass); + printf(" SNMP User Priv Pass: %s\n", snmpUserPointer->privPass); + printf(" SNMP Group Name: %s\n", snmpUserPointer->groupName); + printf(" In Group: %d\n", snmpUserPointer->group); + snmpUserPointer = snmpUserPointer->next; + } + snmpViewPointer = nipper->ios->snmp->view; + while (snmpViewPointer != 0) + { + printf("SNMP View: %s\n", snmpViewPointer->viewName); + snmpViewItemPointer = snmpViewPointer->viewItem; + while (snmpViewItemPointer != 0) + { + printf(" SNMP View MIB Item: %s\n", snmpViewItemPointer->mibId); + printf(" SNMP View Item Include: %d\n", snmpViewItemPointer->include); + snmpViewItemPointer = snmpViewItemPointer->next; + } + snmpViewPointer = snmpViewPointer->next; + } + snmpTrapPointer = nipper->ios->snmp->trap; + while (snmpTrapPointer != 0) + { + printf("SNMP Trap: %s\n", snmpTrapPointer->trap); + snmpTrapPointer = snmpTrapPointer->next; + } + snmpHostPointer = nipper->ios->snmp->host; + while (snmpHostPointer != 0) + { + printf("SNMP Host: %s\n", snmpHostPointer->host); + printf(" SNMP Host Community: %s\n", snmpHostPointer->community); + printf(" SNMP Host Version: %d\n", snmpHostPointer->version); + printf(" SNMP Weak Password: %d\n", snmpHostPointer->weak); + printf(" SNMP Dictionary Password: %d\n", snmpHostPointer->dictionary); + snmpHostPointer = snmpHostPointer->next; + } + } + + // Key Chains and Keys + keyChainPointer = nipper->ios->chain; + while (keyChainPointer != 0) + { + printf("KEY CHAIN: %s\n", keyChainPointer->name); + keyPointer = keyChainPointer->key; + while (keyPointer != 0) + { + printf(" KEY NUMBER: %d\n", keyPointer->keyNumber); + printf(" KEY: %s\n", keyPointer->key); + printf(" KEY Weak Password: %d\n", keyPointer->weak); + printf(" KEY Dictionary Password: %d\n", keyPointer->dictionary); + keyPointer = keyPointer->next; + } + keyChainPointer = keyChainPointer->next; + } + + // FTP + if (nipper->ios->ftp != 0) + { + printf("FTP Username: %s\n", nipper->ios->ftp->username); + printf(" FTP Password: %s\n", nipper->ios->ftp->password); + printf(" FTP Password Encrypted: %s\n", nipper->ios->ftp->passwordEncrypted); + printf(" FTP Encryption: %d\n", nipper->ios->ftp->encryption); + printf(" FTP Weak Password: %d\n", nipper->ios->ftp->weak); + printf(" FTP Dictionary Password: %d\n", nipper->ios->ftp->dictionary); + interfacePointer = nipper->ios->ftp->interface; + while (interfacePointer != 0) + { + printf("FTP Server Interface: %s\n", interfacePointer->interface); + interfacePointer = interfacePointer->next; + } + } + + // Line + linePointer = nipper->ios->line; + while (linePointer != 0) + { + printf("Line Start: %d\n", linePointer->lineNumberStart); + printf("Line End: %d\n", linePointer->lineNumberEnd); + printf(" Line Type: %d\n", linePointer->lineType); + printf(" Line Login: %d\n", linePointer->login); + printf(" Line Authorization: %d\n", linePointer->authorization); + printf(" Line Accounting: %d\n", linePointer->accounting); + printf(" Line ACL In: %s\n", linePointer->aclIn); + printf(" Line ACL Out: %s\n", linePointer->aclOut); + printf(" Line Timeout: %d\n", linePointer->timeout); + printf(" Line Exec Timeout: %d\n", linePointer->execTimeout); + printf(" Line Session Timeout: %d\n", linePointer->sessionTimeout); + printf(" Line Absolute Timeout: %d\n", linePointer->absoluteTimeout); + printf(" Line Exec: %d\n", linePointer->exec); + printf(" Line Callback: %d\n", linePointer->callback); + printf(" Line Password: %s\n", linePointer->password); + printf(" Line Password Encrypted: %s\n", linePointer->passwordEncrypted); + printf(" Line Password Encryption: %d\n", linePointer->encryption); + printf(" Line Weak Password: %d\n", linePointer->weak); + printf(" Line Dictionary Password: %d\n", linePointer->dictionary); + printf(" Line Transport SSH: %d\n", linePointer->ssh); + printf(" Line Transport Telnet: %d\n", linePointer->telnet); + linePointer = linePointer->next; + } + + // Interfaces + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + printf("Interface: %s\n", interfaceConfigPointer->name); + printf(" Description: %s\n", interfaceConfigPointer->description); + printf(" IP Address: %s\n", interfaceConfigPointer->ipAddress); + printf(" Access Group (In): %s\n", interfaceConfigPointer->accessGroupIn); + printf(" Access Group (Out): %s\n", interfaceConfigPointer->accessGroupOut); + printf(" Proxy ARP: %d\n", interfaceConfigPointer->proxyArp); + printf(" NTP: %d\n", interfaceConfigPointer->ntp); + printf(" MOP: %d\n", interfaceConfigPointer->mop); + printf(" IP Unreachables: %d\n", interfaceConfigPointer->ipUnreachables); + printf(" IP Redirects: %d\n", interfaceConfigPointer->ipRedirects); + printf(" IP Mask Reply: %d\n", interfaceConfigPointer->ipMaskReply); + printf(" IP Direct Broadcast: %d\n", interfaceConfigPointer->ipDirectBroadcast); + printf(" CDP: %d\n", interfaceConfigPointer->cdp); + printf(" uRPF: %d\n", interfaceConfigPointer->uRPF); + printf(" Shutdown: %d\n", interfaceConfigPointer->shutdown); + printf(" RIP Auth Mode: %d\n", interfaceConfigPointer->ripAuthMode); + printf(" RIP Key Chain: %s\n", interfaceConfigPointer->ripKeyChain); + printf(" RIP Send Version: %d\n", interfaceConfigPointer->ripSendVersion); + printf(" RIP Receive Version: %d\n", interfaceConfigPointer->ripReceiveVersion); + printf(" RIP Triggered: %d\n", interfaceConfigPointer->ripTriggered); + printf(" RIP v2 Broadcast: %d\n", interfaceConfigPointer->ripV2Broadcast); + printf(" RIP Passive: %d\n", interfaceConfigPointer->ripPassive); + eigrpAutonPointer = interfaceConfigPointer->eigrp; + while (eigrpAutonPointer != 0) + { + printf(" EIGRP Auto No: %d\n", eigrpAutonPointer->autonomousNo); + printf(" Key Chain: %s\n", eigrpAutonPointer->keyChain); + printf(" MD5 Auth: %d\n", eigrpAutonPointer->md5Auth); + printf(" Bandwidth: %d\n", eigrpAutonPointer->bandwidth); + printf(" Passive: %d\n", eigrpAutonPointer->passive); + eigrpAutonPointer = eigrpAutonPointer->next; + } + bgpInterPointer = interfaceConfigPointer->bgp; + while (bgpInterPointer != 0) + { + printf(" BGP Auto No: %d\n", bgpInterPointer->autonomousNo); + printf(" Passive: %d\n", bgpInterPointer->passive); + bgpInterPointer = bgpInterPointer->next; + } + ospfInterPointer = interfaceConfigPointer->ospf; + while (ospfInterPointer != 0) + { + printf(" OSPF Process ID: %d\n", ospfInterPointer->processID); + printf(" Passive: %d\n", ospfInterPointer->passive); + ospfInterPointer = ospfInterPointer->next; + } + vrrpPointer = interfaceConfigPointer->vrrp; + while (vrrpPointer != 0) + { + printf(" VRRP Group: %d\n", vrrpPointer->group); + printf(" Description: %s\n", vrrpPointer->description); + printf(" Authentication: %d\n", vrrpPointer->authentication); + printf(" Key Chain: %d\n", vrrpPointer->keyChain); + printf(" Auth String: %s\n", vrrpPointer->authString); + printf(" Encrypted Auth String: %s\n", vrrpPointer->authStringEnc); + printf(" Weak Password: %d\n", vrrpPointer->weak); + printf(" Dictionay Password: %d\n", vrrpPointer->dictionary); + printf(" IP Address: %s\n", vrrpPointer->ipAddress); + printf(" IP Address (Secondary): %s\n", vrrpPointer->ipAddress2); + printf(" Priority Level: %d\n", vrrpPointer->priorityLevel); + printf(" Shutdown: %d\n", vrrpPointer->shutdown); + vrrpPointer = vrrpPointer->next; + } + printf(" Switchport Mode: %d\n", interfaceConfigPointer->switchportMode); + printf(" Switchport VLAN: %d\n", interfaceConfigPointer->switchportVLAN); + printf(" Switchport Port Security: %d\n", interfaceConfigPointer->switchportSecurity); + printf(" Switchport Port Security Violation: %d\n", interfaceConfigPointer->switchportViolation); + printf(" OSPF Auth: %d\n", interfaceConfigPointer->ospfAuthentication); + printf(" OSPF Auth Key: %s\n", interfaceConfigPointer->ospfKey); + printf(" OSPF Flood Reduction: %d\n", interfaceConfigPointer->ospfFloodReduction); + printf(" OSPF Network: %d\n", interfaceConfigPointer->ospfNetwork); + interfaceConfigPointer = interfaceConfigPointer->next; + } + + // Filter Rules... + reportRulesDebug(nipper); + + // John-the-ripper + if (nipper->john != 0) + { + printf("\n%sJohn-the-ripper Output\n======================%s\n", COL_BLUE, RESET); + johnPointer = nipper->john; + while (johnPointer != 0) + { + printf("Username: %s\n", johnPointer->username); + printf(" Password: %s\n", johnPointer->password); + johnPointer = johnPointer->next; + } + } +} + + diff --git a/0.11.10/IOS/report-dns.c b/0.11.10/IOS/report-dns.c new file mode 100644 index 0000000..c4fb924 --- /dev/null +++ b/0.11.10/IOS/report-dns.c @@ -0,0 +1,79 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosDNSConfig(struct nipperConfig *nipper) +{ + // Variables... + struct host *dnsPointer = 0; + char tempString[nipper->maxSize]; + int tempInt = 0; + + output_table(nipper, true, settings_dns_table, &settings_general_heading); + if (nipper->domainName[0] != 0) + { + outputFriendly(nipper->domainName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sDomain Name%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if (nipper->ios->domainLookup == false) + fprintf(nipper->reportFile, "%sDomain Lookup%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sDomain Lookup%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + tempInt = 1; + dnsPointer = nipper->ios->dns; + while (dnsPointer != 0) + { + fprintf(nipper->reportFile, "%sDNS Server %d%s%s%s", nipper->tablerow_start, tempInt, nipper->tablerow_mid, dnsPointer->server, nipper->tablerow_end); + tempInt++; + dnsPointer = dnsPointer->next; + } + output_table(nipper, false, settings_dns_table, &settings_general_heading); +} + + +void iosDomainLookupIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + if (nipper->ios->dns == 0) + tempInt = 1; + else + tempInt = 2; + output_parseText(report_lookup_obs, nipper, section_obs, rate_none, tempInt, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_lookup_impact, nipper, section_imp, rate_low, tempInt, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_lookup_ease, nipper, section_ease, rate_trivial, tempInt, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_lookup_rec, nipper, section_rec, rate_none, tempInt, nipper->tableNum); + output_endsection(nipper, section_rec); +} diff --git a/0.11.10/IOS/report-ftp.c b/0.11.10/IOS/report-ftp.c new file mode 100644 index 0000000..77c3b0a --- /dev/null +++ b/0.11.10/IOS/report-ftp.c @@ -0,0 +1,81 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosFTPConfig(struct nipperConfig *nipper) +{ + // Variables... + struct netInterface *interfacePointer = 0; + char tempString[nipper->maxSize]; + + if (nipper->ios->ftp->username[0] != 0) + { + output_table(nipper, true, settings_ftp_table, &settings_general_heading); + outputFriendly(nipper->ios->ftp->username, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sFTP Username%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + if (nipper->passwords == true) + { + outputFriendly(nipper->ios->ftp->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sFTP Password%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + switch(nipper->ios->ftp->encryption) + { + case encrypt_type7: + fprintf(nipper->reportFile, "%sPassword Encryption Type%sType-7%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case encrypt_md5: + fprintf(nipper->reportFile, "%sPassword Encryption Type%sMD5%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case encrypt_none: + fprintf(nipper->reportFile, "%sPassword Encryption Type%sNone%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case encrypt_unknown: + fprintf(nipper->reportFile, "%sPassword Encryption Type%sUnknown%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + output_table(nipper, false, settings_ftp_table, &settings_general_heading); + } + addAbbreviation("FTP", false); + + // Show FTP interfaces + if (nipper->ios->ftp->interface != 0) + { + output_table(nipper, true, settings_ftpint_table, &settings_sshint_heading); + interfacePointer = nipper->ios->ftp->interface; + while (interfacePointer != 0) + { + outputFriendly(interfacePointer->interface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_end); + interfacePointer = interfacePointer->next; + } + output_table(nipper, false, settings_ftpint_table, &settings_sshint_heading); + } +} diff --git a/0.11.10/IOS/report-general.c b/0.11.10/IOS/report-general.c new file mode 100644 index 0000000..38808f7 --- /dev/null +++ b/0.11.10/IOS/report-general.c @@ -0,0 +1,427 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + + +void iosGeneralConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_general_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sHostname%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->friendlyHostname, nipper->tablerow_end); + if (nipper->version[0] != 0) + fprintf(nipper->reportFile, "%sIOS Version%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->version, nipper->tablerow_end); + if (nipper->ios->servicePasswordEncryption == false) + fprintf(nipper->reportFile, "%sService Password Encryption%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sService Password Encryption%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if ((nipper->versionMajor == 12) && (nipper->versionMinor > 2)) + { + if (nipper->ios->passwordMinLength == 0) + fprintf(nipper->reportFile, "%sMinimum Password Length%sNone%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sMinimum Password Length%s%d characters%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->passwordMinLength, nipper->tablerow_end); + } + if (nipper->deviceType == type_ios_router) + { + if (nipper->ios->sourceRouting == false) + fprintf(nipper->reportFile, "%sIP Source Routing%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sIP Source Routing%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + } + if (nipper->ios->bootp == unconfigured) + fprintf(nipper->reportFile, "%sBOOTP%sUnconfigured%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->ios->bootp == false) + fprintf(nipper->reportFile, "%sBOOTP%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sBOOTP%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->serviceConfig == unconfigured) + fprintf(nipper->reportFile, "%sService Config%sUnconfigured%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->ios->serviceConfig == false) + fprintf(nipper->reportFile, "%sService Config%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sService Config%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->keepAlivesIn == false) + fprintf(nipper->reportFile, "%sTCP Keep Alives (In)%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sTCP Keep Alives (In)%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->keepAlivesOut == false) + fprintf(nipper->reportFile, "%sTCP Keep Alives (Out)%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sTCP Keep Alives (Out)%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->deviceType == type_ios_router) + { + if (nipper->ios->cef == false) + fprintf(nipper->reportFile, "%sCisco Express Forwarding%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sCisco Express Forwarding%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + addAbbreviation("CEF", false); + } + if ((nipper->versionMajor > 11) || ((nipper->versionMajor == 11) && (nipper->versionMinor > 2))) + { + if (nipper->ios->gratuitousArps == false) + fprintf(nipper->reportFile, "%sGratuitous ARPs%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sGratuitous ARPs%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + addAbbreviation("ARP", false); + } + if (nipper->deviceType == type_ios_router) + { + if (nipper->ios->classlessRouting == false) + fprintf(nipper->reportFile, "%sClassless Routing%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sClassless Routing%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + } + output_table(nipper, false, settings_general_table, &settings_general_heading); + addAbbreviation("IOS", false); + addAbbreviation("IP", false); + addAbbreviation("BOOTP", false); + addAbbreviation("UTC", false); +} + + +void iosServicesConfig(struct nipperConfig *nipper) +{ + // Variables... + struct lineConfig *linePointer = 0; + int tempInt = 0; + + output_table(nipper, true, settings_services_table, &report_services_heading); + tempInt = 0; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if (linePointer->telnet == true) + tempInt++; + linePointer = linePointer->next; + } + switch (tempInt) + { + case 0: + fprintf(nipper->reportFile, "%sTelnet%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + default: + fprintf(nipper->reportFile, "%sTelnet%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + if (nipper->versionMajor >= 12) + { + if (nipper->ios->line != 0) + { + tempInt = 0; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if (linePointer->ssh == true) + tempInt++; + linePointer = linePointer->next; + } + } + switch (tempInt) + { + case 0: + fprintf(nipper->reportFile, "%sSSH%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + default: + fprintf(nipper->reportFile, "%sSSH%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + addAbbreviation("SSH", false); + } + if (nipper->ios->http != 0) + { + switch (nipper->ios->http->enabled) + { + case true: + fprintf(nipper->reportFile, "%sHTTP%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case false: + fprintf(nipper->reportFile, "%sHTTP%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + } + else + fprintf(nipper->reportFile, "%sHTTP%sUnconfigured%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + switch (nipper->ios->finger) + { + case unconfigured: + fprintf(nipper->reportFile, "%sFinger%sUnconfigured%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case false: + fprintf(nipper->reportFile, "%sFinger%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case true: + fprintf(nipper->reportFile, "%sFinger%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + switch (nipper->ios->tcpSmallServers) + { + case false: + fprintf(nipper->reportFile, "%sTCP Small Services%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case true: + fprintf(nipper->reportFile, "%sTCP Small Services%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + switch (nipper->ios->udpSmallServers) + { + case false: + fprintf(nipper->reportFile, "%sUDP Small Services%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case true: + fprintf(nipper->reportFile, "%sUDP Small Services%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + if (nipper->ios->ntp != 0) + { + if (nipper->ios->ntp->enabled == true) + fprintf(nipper->reportFile, "%sNTP%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sNTP%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + } + if (nipper->ios->snmp != 0) + { + if (nipper->ios->snmp->enabled == true) + fprintf(nipper->reportFile, "%sSNMP%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSNMP%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + } + if (nipper->ios->cdp == false) + fprintf(nipper->reportFile, "%sCDP%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sCDP%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->pad == true) + fprintf(nipper->reportFile, "%sPAD%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sPAD%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_services_table, &report_services_heading); + addAbbreviation("CDP", false); + addAbbreviation("PAD", false); + addAbbreviation("NTP", false); + addAbbreviation("SNMP", false); + addAbbreviation("UDP", false); + addAbbreviation("TCP", false); + addAbbreviation("HTTP", false); +} + + +void iosVulnIssue(struct nipperConfig *nipper) +{ + // Variables... + struct vulnerability *vulnPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_osver_obs1, nipper, section_obs, rate_none, nipper->vulnIssues, nipper->tableNum); + if (nipper->vulnIssues > 1) + { + output_table(nipper, true, report_osver_table, &report_osver_heading); + vulnPointer = &report_vuln_ios; + while (vulnPointer->next != 0) + { + if (vulnPointer->include == true) + { + outputFriendly(vulnPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s%s%s", vulnPointer->cve, nipper->tablerow_mid, vulnPointer->bid, nipper->tablerow_end); + } + vulnPointer = vulnPointer->next; + } + output_table(nipper, false, report_osver_table, &report_osver_heading); + output_parseText(report_osver_obs2, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + } + else if (nipper->vulnIssues > 0) + { + output_parseText(report_osver_obs3, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + vulnPointer = &report_vuln_ios; + while (vulnPointer->next != 0) + { + if (vulnPointer->include == true) + { + outputFriendly(vulnPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "\"%s\" (", tempString); + if (vulnPointer->cve[0] != 0) + fprintf(nipper->reportFile, "CVE reference %s", vulnPointer->cve); + if ((vulnPointer->cve[0] != 0) && (vulnPointer->bid[0] != 0)) + fprintf(nipper->reportFile, " and "); + if (vulnPointer->bid[0] != 0) + fprintf(nipper->reportFile, " Bugtraq ID %s", vulnPointer->bid); + fprintf(nipper->reportFile, ")."); + } + vulnPointer = vulnPointer->next; + } + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_parseText(report_osver_obs2, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + } + output_endsection(nipper, section_obs); + if (nipper->vulnIssues > 0) + { + output_parseText(report_osver_impact1, nipper, section_imp, rate_high, nipper->vulnIssues, nipper->tableNum -1); + if ((nipper->vulnIssueDos == true) && (nipper->vulnIssueRemote == true)) + output_parseText(report_osver_impact2, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + else if (nipper->vulnIssueDos == true) + output_parseText(report_osver_impact3, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + else if (nipper->vulnIssueRemote == true) + output_parseText(report_osver_impact4, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + addAbbreviation("CVE", false); + addAbbreviation("BID", false); + } + else + output_parseText(report_osver_impact5, nipper, section_imp, rate_high, nipper->vulnIssues, nipper->tableNum -1); + output_endsection(nipper, section_imp); + output_parseText(report_osver_ease, nipper, section_ease, rate_trivial, nipper->vulnIssues, nipper->tableNum -1); + output_endsection(nipper, section_ease); + output_parseText(report_osver_rec, nipper, section_rec, rate_none, nipper->vulnIssues, nipper->tableNum -1); + output_endsection(nipper, section_rec); +} + + +void iosAutoConfigIssue(struct nipperConfig *nipper) +{ + output_parseText(report_configauto_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_configauto_impact, nipper, section_imp, rate_high, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_configauto_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_configauto_rec, nipper, section_rec, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosKeepAlivesIssue(struct nipperConfig *nipper) +{ + output_parseText(report_keepalive_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_keepalive_impact, nipper, section_imp, rate_high, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_keepalive_ease, nipper, section_ease, rate_moderate, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_keepalive_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosFingerIssue(struct nipperConfig *nipper) +{ + output_parseText(report_finger_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_finger_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_finger_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_finger_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosPasswordLengthIssue(struct nipperConfig *nipper) +{ + if (nipper->ios->passwordMinLength == 0) + output_parseText(report_passlength_obs, nipper, section_obs, rate_none, -1, nipper->tableNum); + else + output_parseText(report_passlength_obs, nipper, section_obs, rate_none, nipper->ios->passwordMinLength, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_passlength_impact, nipper, section_imp, rate_low, nipper->ios->passwordMinLength, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_passlength_ease, nipper, section_ease, rate_trivial, nipper->ios->passwordMinLength, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_passlength_rec, nipper, section_rec, rate_none, nipper->passwordLength, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosBootPIssue(struct nipperConfig *nipper) +{ + output_parseText(report_bootp_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_bootp_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_bootp_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_bootp_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosSmallServersIssue(struct nipperConfig *nipper) +{ + // Check for IOS version... + int olderIOS = false; + if ((nipper->versionMajor < 11) || ((nipper->versionMajor == 11) && (nipper->versionMinor < 3))) + olderIOS = true; + // Report... + output_parseText(report_small_obs1, nipper, section_obs, rate_none, 0, nipper->tableNum); + if (olderIOS == true) + output_parseText(report_small_obs2, nipper, section_none, rate_none, 0, nipper->tableNum); + else if ((nipper->ios->udpSmallServers == true) && (nipper->ios->tcpSmallServers == true)) + output_parseText(report_small_obs3, nipper, section_none, rate_none, 0, nipper->tableNum); + else if (nipper->ios->tcpSmallServers == true) + output_parseText(report_small_obs4, nipper, section_none, rate_none, 0, nipper->tableNum); + else if (nipper->ios->udpSmallServers == true) + output_parseText(report_small_obs5, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_small_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_small_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_small_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + if ((olderIOS == true) || (nipper->ios->tcpSmallServers == true)) + output_parseText(report_small_rec_tcp, nipper, section_none, rate_none, 0, nipper->tableNum); + if ((olderIOS == true) || (nipper->ios->udpSmallServers == true)) + output_parseText(report_small_rec_udp, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosBannerIssue(struct nipperConfig *nipper) +{ + output_parseText(report_banner_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_banner_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_banner_ease, nipper, section_ease, rate_noease, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_banner_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosPADIssue(struct nipperConfig *nipper) +{ + output_parseText(report_pad_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_pad_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_pad_ease, nipper, section_ease, rate_noease, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_pad_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/IOS/report-http.c b/0.11.10/IOS/report-http.c new file mode 100644 index 0000000..78959ed --- /dev/null +++ b/0.11.10/IOS/report-http.c @@ -0,0 +1,135 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosHTTPConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_http_table, &settings_general_heading); + if (nipper->ios->http->enabled == true) + fprintf(nipper->reportFile, "%sHTTP Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sHTTP Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + switch(nipper->ios->http->authentication) + { + case http_auth_enable: + fprintf(nipper->reportFile, "%sAuthentication Type%sEnable Password%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case http_auth_aaa: + fprintf(nipper->reportFile, "%sAuthentication Type%sAAA%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + addAbbreviation("AAA", false); + break; + case http_auth_tacacs: + fprintf(nipper->reportFile, "%sAuthentication Type%sTACACS%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + addAbbreviation("TACACS", false); + break; + case http_auth_local: + fprintf(nipper->reportFile, "%sAuthentication Type%sLocal Users%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + if (nipper->ios->http->accessClass[0] == 0) + fprintf(nipper->reportFile, "%sAccess Class (Access List Number)%sUnconfigured%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sAccess Class (Access List Number)%s%s%sn", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->http->accessClass, nipper->tablerow_end); + output_table(nipper, false, settings_http_table, &settings_general_heading); + addAbbreviation("HTTP", false); +} + + +void iosHTTPIssue(struct nipperConfig *nipper) +{ + output_parseText(report_http_obs1, nipper, section_obs, rate_none, 0, nipper->tableNum); + if (nipper->ios->http == 0) + output_parseText(report_http_obs2, nipper, section_none, rate_none, 0, nipper->tableNum); + else if ((nipper->ios->http->authentication == http_auth_enable) && (nipper->ios->http->accessClass == 0)) + output_parseText(report_http_obs3, nipper, section_none, rate_none, 0, nipper->tableNum); + else if (nipper->ios->http->accessClass == 0) + output_parseText(report_http_obs4, nipper, section_none, rate_none, 0, nipper->tableNum); + else if (nipper->ios->http->authentication != http_auth_enable) + output_parseText(report_http_obs5, nipper, section_none, rate_none, 0, nipper->tableNum); + else + output_parseText(report_http_obs6, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_http_impact1, nipper, section_imp, rate_med, 0, nipper->tableNum); + if (nipper->ios->http != 0) + { + if (nipper->ios->http->authentication == http_auth_enable) + output_parseText(report_http_impact2, nipper, section_none, rate_med, 0, nipper->tableNum); + } + else + { + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + } + if (nipper->ios->http != 0) + { + if (nipper->ios->http->accessClass[0] != 0) + output_parseText(report_http_impact3, nipper, section_none, rate_med, 0, nipper->tableNum); + else + { + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + } + } + output_newPara(nipper); + output_endsection(nipper, section_imp); + output_parseText(report_http_ease1, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + if (nipper->ios->http != 0) + { + if (nipper->ios->http->accessClass[0] != 0) + output_parseText(report_http_ease2, nipper, section_none, rate_none, 0, nipper->tableNum); + else + { + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + } + } + else + { + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + } + output_endsection(nipper, section_ease); + output_newPara(nipper); + output_parseText(report_http_rec1, nipper, section_rec, rate_none, 0, nipper->tableNum); + if (nipper->ios->http == 0) + output_parseText(report_http_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + else if (nipper->ios->http->accessClass[0] != 0) + output_parseText(report_http_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + else if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + if (nipper->ios->http == 0) + output_parseText(report_http_rec3, nipper, section_none, rate_none, 0, nipper->tableNum); + else if (nipper->ios->http->authentication == http_auth_enable) + output_parseText(report_http_rec3, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + diff --git a/0.11.10/IOS/report-interface.c b/0.11.10/IOS/report-interface.c new file mode 100644 index 0000000..358d41f --- /dev/null +++ b/0.11.10/IOS/report-interface.c @@ -0,0 +1,510 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosSwitchportConfig(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + + output_table(nipper, true, settings_switchport_table, &settings_switchport_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((strncasecmp(interfaceConfigPointer->name, "Vlan", 4) != 0) && (strncasecmp(interfaceConfigPointer->name, "Loop", 4) != 0)) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, interfaceConfigPointer->name, nipper->tablerow_mid); + if (interfaceConfigPointer->shutdown == true) + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", interfaceConfigPointer->description, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", interfaceConfigPointer->switchportVLAN, nipper->tablerow_mid); + switch (interfaceConfigPointer->switchportMode) + { + case sp_mode_access: + fprintf(nipper->reportFile, "Access%s", nipper->tablerow_mid); + break; + case sp_mode_trunk: + fprintf(nipper->reportFile, "Trunk%s", nipper->tablerow_mid); + break; + case sp_mode_dynamic: + fprintf(nipper->reportFile, "Dynamic%s", nipper->tablerow_mid); + break; + case sp_mode_dot1qtunnel: + fprintf(nipper->reportFile, "802.1q Tunnel%s", nipper->tablerow_mid); + break; + case sp_mode_pvlan_host: + fprintf(nipper->reportFile, "Host%s", nipper->tablerow_mid); + break; + case sp_mode_pvlan_promiscuous: + fprintf(nipper->reportFile, "Promiscuous%s", nipper->tablerow_mid); + break; + } + if (interfaceConfigPointer->switchportSecurity == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + switch (interfaceConfigPointer->switchportViolation) + { + case sp_violation_shutdown: + fprintf(nipper->reportFile, "Shutdown%s", nipper->tablerow_end); + break; + case sp_violation_restrict: + fprintf(nipper->reportFile, "Restrict%s", nipper->tablerow_end); + break; + case sp_violation_protect: + fprintf(nipper->reportFile, "Protect%s", nipper->tablerow_end); + break; + } + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, settings_switchport_table, &settings_switchport_heading); + addAbbreviation("PVLAN", false); + addAbbreviation("VLAN", false); +} + + +void iosInterfacesConfig(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + + if (nipper->deviceType == type_ios_router) + output_table(nipper, true, settings_inter_table, &settings_interIOS_heading); + else + output_table(nipper, true, settings_inter_table, &settings_interIOSswitch_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, interfaceConfigPointer->name, nipper->tablerow_mid); + if (interfaceConfigPointer->shutdown == true) + fprintf(nipper->reportFile, "No%s%s%s", nipper->tablerow_mid, interfaceConfigPointer->ipAddress, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Yes%s%s%s", nipper->tablerow_mid, interfaceConfigPointer->ipAddress, nipper->tablerow_mid); + if (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) + { + if (interfaceConfigPointer->proxyArp == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + if (interfaceConfigPointer->ipUnreachables == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + if (interfaceConfigPointer->ipRedirects == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + if (interfaceConfigPointer->ipMaskReply == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + if (interfaceConfigPointer->ipDirectBroadcast == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceConfigPointer->ipDirectBroadcast == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Default%s", nipper->tablerow_mid); + if (interfaceConfigPointer->ntp == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + if ((strncmp(interfaceConfigPointer->name,"Loopback", 8) == 0) || (strncmp(interfaceConfigPointer->name, "Vlan", 4) == 0)) + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + else if (interfaceConfigPointer->cdp == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + } + else + { + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + } + if (nipper->deviceType == type_ios_router) + { + if (interfaceConfigPointer->uRPF == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + } + if (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) + { + if ((strncmp(interfaceConfigPointer->name, "Loopback", 8) == 0) || (strchr(interfaceConfigPointer->name, '.') != 0)) + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_end); + else if (interfaceConfigPointer->mop == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_end); + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->deviceType == type_ios_router) + output_table(nipper, false, settings_inter_table, &settings_interIOS_heading); + else + output_table(nipper, false, settings_inter_table, &settings_interIOSswitch_heading); + addAbbreviation("ARP", false); + addAbbreviation("NTP", false); + addAbbreviation("CDP", false); + addAbbreviation("MOP", false); + addAbbreviation("uRPF", false); +} + + +void iosIPDirectedIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_ipdirected_obs, nipper, section_obs, rate_none, nipper->ipDirectedIssues, nipper->tableNum); + if (nipper->ipDirectedIssues == 1) + { + + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipDirectBroadcast == true) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + fprintf(nipper->reportFile, "%s", interfaceConfigPointer->name); + interfaceConfigPointer = interfaceConfigPointer->next; + } + fprintf(nipper->reportFile, "."); + output_newPara(nipper); + } + else + { + output_table(nipper, true, report_ipdirected_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipDirectBroadcast == true) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_ipdirected_table, &report_interface_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_ipdirected_impact, nipper, section_imp, rate_high, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_ipdirected_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_ipdirected_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosTrunkingIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_trunking_obs1, nipper, section_obs, rate_none, nipper->switchportModeIssues, nipper->tableNum); + if (nipper->switchportModeIssues == 1) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->switchportMode != sp_mode_access) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (strncmp(interfaceConfigPointer->name, "Vlan", 4) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s", tempString); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_parseText(report_trunking_obs2, nipper, section_none, rate_none, nipper->switchportModeIssues, nipper->tableNum); + } + else + { + output_table(nipper, true, report_trunking_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->switchportMode != sp_mode_access) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (strncmp(interfaceConfigPointer->name, "Vlan", 4) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_trunking_table, &report_interface_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_trunking_impact, nipper, section_imp, rate_medhigh, nipper->switchportModeIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_trunking_ease, nipper, section_ease, rate_moderate, nipper->switchportModeIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_trunking_rec, nipper, section_rec, rate_none, nipper->switchportModeIssues, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosPortSecurityIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_portsecurity_obs1, nipper, section_obs, rate_none, nipper->switchportIssues, nipper->tableNum); + if (nipper->switchportIssues == 1) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->switchportSecurity == false) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (strncmp(interfaceConfigPointer->name, "Vlan", 4) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s", tempString); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_parseText(report_portsecurity_obs2, nipper, section_none, rate_none, nipper->switchportIssues, nipper->tableNum); + } + else + { + output_table(nipper, true, report_portsecurity_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->switchportSecurity == false) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (strncmp(interfaceConfigPointer->name, "Vlan", 4) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_portsecurity_table, &report_interface_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_portsecurity_impact, nipper, section_imp, rate_medhigh, nipper->switchportIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_portsecurity_ease, nipper, section_ease, rate_moderate, nipper->switchportIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_portsecurity_rec, nipper, section_rec, rate_none, nipper->switchportIssues, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosProxyARPIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_proxyarp_obs, nipper, section_obs, rate_none, nipper->proxyArpIssues, nipper->tableNum); + if (nipper->proxyArpIssues > 1) + { + output_table(nipper, true, report_proxyarp_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->proxyArp == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_proxyarp_table, &report_interface_heading); + } + else + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->proxyArp == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + fprintf(nipper->reportFile, "%s.", interfaceConfigPointer->name); + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_newPara(nipper); + } + output_endsection(nipper, section_obs); + output_parseText(report_proxyarp_impact, nipper, section_imp, rate_lowmed, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_proxyarp_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_proxyarp_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosCDPIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + + // Look to see if CDP has been disabled on the network interfaces + int cdpDisabled = true; + interfaceConfigPointer = nipper->ios->interface; + while ((interfaceConfigPointer != 0) && (cdpDisabled == true)) + { + if ((interfaceConfigPointer->cdp == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0)) + cdpDisabled = false; + interfaceConfigPointer = interfaceConfigPointer->next; + } + // If CDP has been disabled on all interfaces... + if (cdpDisabled == true) + output_parseText(report_cdp_obs, nipper, section_obs, rate_none, 1, nipper->tableNum); + else + output_parseText(report_cdp_obs, nipper, section_obs, rate_none, 2, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_cdp_impact, nipper, section_imp, rate_lowmed, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_cdp_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_cdp_rec1, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosIPUnreachablesIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_icmpunreach_obs, nipper, section_obs, rate_none, nipper->unreachIssues, nipper->tableNum); + if (nipper->unreachIssues == 1) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipUnreachables == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + fprintf(nipper->reportFile, "%s", interfaceConfigPointer->name); + interfaceConfigPointer = interfaceConfigPointer->next; + } + fprintf(nipper->reportFile, "."); + output_newPara(nipper); + } + else + { + output_table(nipper, true, report_icmpunreach_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipUnreachables == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_icmpunreach_table, &report_interface_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_icmpunreach_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_icmpunreach_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_icmpunreach_rec1, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosMaskReplyIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_maskreply_obs, nipper, section_obs, rate_none, nipper->maskReplyIssues, nipper->tableNum); + if (nipper->maskReplyIssues == 1) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipMaskReply == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + fprintf(nipper->reportFile, "%s", interfaceConfigPointer->name); + interfaceConfigPointer = interfaceConfigPointer->next; + } + fprintf(nipper->reportFile, "."); + output_newPara(nipper); + } + else + { + output_table(nipper, true, report_maskreply_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipMaskReply == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_icmpunreach_table, &report_interface_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_maskreply_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_maskreply_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_maskreply_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosMOPIssue(struct nipperConfig *nipper) +{ + output_parseText(report_mop_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_mop_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_mop_ease, nipper, section_ease, rate_noease, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_mop_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} diff --git a/0.11.10/IOS/report-keychain.c b/0.11.10/IOS/report-keychain.c new file mode 100644 index 0000000..b7c2f9a --- /dev/null +++ b/0.11.10/IOS/report-keychain.c @@ -0,0 +1,59 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosKeysConfig(struct nipperConfig *nipper) +{ + // Variables... + struct keyChain *keyChainPointer = 0; + struct keyConfig *keyPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_keys_table, &settings_keys_heading); + keyChainPointer = nipper->ios->chain; + while (keyChainPointer != 0) + { + keyPointer = keyChainPointer->key; + while (keyPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s%d", nipper->tablerow_start, keyChainPointer->name, nipper->tablerow_mid, keyPointer->keyNumber); + if (nipper->passwords == true) + { + outputFriendly(keyPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, tempString); + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + keyPointer = keyPointer->next; + } + keyChainPointer = keyChainPointer->next; + } + output_table(nipper, false, settings_keys_table, &settings_keys_heading); +} diff --git a/0.11.10/IOS/report-line.c b/0.11.10/IOS/report-line.c new file mode 100644 index 0000000..1cd446b --- /dev/null +++ b/0.11.10/IOS/report-line.c @@ -0,0 +1,189 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosLinesConfig(struct nipperConfig *nipper) +{ + // Variables... + struct lineConfig *linePointer = 0; + + output_parseText(settings_lines_text, nipper, section_none, rate_none, 0, 0); + output_table(nipper, true, settings_lines_table, &settings_lines_heading); + linePointer = nipper->ios->line; + while (linePointer != 0) + { + switch (linePointer->lineType) + { + case line_console: + fprintf(nipper->reportFile, "%sConsole%s", nipper->tablerow_start, nipper->tablerow_mid); + break; + case line_aux: + fprintf(nipper->reportFile, "%sAuxiliary%s", nipper->tablerow_start, nipper->tablerow_mid); + break; + case line_vty: + fprintf(nipper->reportFile, "%sVTY%s", nipper->tablerow_start, nipper->tablerow_mid); + addAbbreviation("VTY", false); + break; + case line_tty: + fprintf(nipper->reportFile, "%sTTY%s", nipper->tablerow_start, nipper->tablerow_mid); + addAbbreviation("TTY", false); + break; + } + fprintf(nipper->reportFile, "%d%s", linePointer->lineNumberStart, nipper->tablerow_mid); + if (linePointer->lineNumberEnd == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", linePointer->lineNumberEnd, nipper->tablerow_mid); + switch (linePointer->login) + { + case login_allowed: + fprintf(nipper->reportFile, "Allowed%s", nipper->tablerow_mid); + break; + case login_disabled: + fprintf(nipper->reportFile, "Denied%s", nipper->tablerow_mid); + break; + case login_local: + fprintf(nipper->reportFile, "Local%s", nipper->tablerow_mid); + break; + case login_authentication: + fprintf(nipper->reportFile, "AAA%s", nipper->tablerow_mid); + break; + } + switch (linePointer->exec) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + switch (linePointer->authorization) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + switch (linePointer->accounting) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + switch (linePointer->telnet) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + switch (linePointer->ssh) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + fprintf(nipper->reportFile, "%ds%s%ds%s%ds%s%ds%s", linePointer->timeout, nipper->tablerow_mid, linePointer->execTimeout, nipper->tablerow_mid, linePointer->sessionTimeout, nipper->tablerow_mid, linePointer->absoluteTimeout, nipper->tablerow_mid); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s%s", linePointer->password, nipper->tablerow_mid); + if (linePointer->encryption == encrypt_type7) + fprintf(nipper->reportFile, "Type-7%s", nipper->tablerow_end); + else if (linePointer->encryption == encrypt_md5) + { + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_end); + addAbbreviation("MD5", false); + } + else if (linePointer->encryption == encrypt_unknown) + fprintf(nipper->reportFile, "Unknown%s", nipper->tablerow_end); + else + { + if (linePointer->password[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "None%s", nipper->tablerow_end); + } + linePointer = linePointer->next; + } + output_table(nipper, false, settings_lines_table, &settings_lines_heading); +} + + +void iosAUXPortIssue(struct nipperConfig *nipper) +{ + output_parseText(report_aux_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_aux_impact, nipper, section_imp, rate_high, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_aux_ease, nipper, section_ease, rate_difficult, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_aux_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosTelnetIssue(struct nipperConfig *nipper) +{ + // Variables... + struct lineConfig *linePointer = 0; + int tempInt = 0; + + output_parseText(report_telnet_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_telnet_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_telnet_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_telnet_rec1, nipper, section_rec, rate_none, 0, nipper->tableNum); + tempInt = 0; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if ((linePointer->telnet == true) && (linePointer->exec == true) && (linePointer->login != login_disabled) && (linePointer->aclIn == 0)) + tempInt++; + linePointer = linePointer->next; + } + if (tempInt > 0) + output_parseText(report_telnet_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + diff --git a/0.11.10/IOS/report-logging.c b/0.11.10/IOS/report-logging.c new file mode 100644 index 0000000..ac4b416 --- /dev/null +++ b/0.11.10/IOS/report-logging.c @@ -0,0 +1,273 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + + +void iosLoggingConfig(struct nipperConfig *nipper) +{ + // Variables... + struct host *hostPointer = 0; + char tempString[nipper->maxSize]; + + if (nipper->loggingLevels == unconfigured) + nipper->loggingLevels = true; + output_table(nipper, true, settings_logging_table, &settings_general_heading); + if (nipper->ios->logging->logging == true) + fprintf(nipper->reportFile, "%sLogging%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sLogging%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->logging->logEnable == true) + fprintf(nipper->reportFile, "%sLog Configuration Changes%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sLog Configuration Changes%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + + // Logging to console + if (nipper->ios->logging->consoleLogging != false) + { + if (nipper->ios->logging->consoleLogging == true) + fprintf(nipper->reportFile, "%sConsole Logging%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sConsole Logging%sSystem Default%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->logging->consoleLevel == -1) + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + { + switch (nipper->ios->logging->consoleLevel) + { + case 0: + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sEmergencies (0)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 1: + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sAlerts (1)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 2: + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sCritical (2)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 3: + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sErrors (3)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 4: + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sWarnings (4)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 5: + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sNotifications (5)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 6: + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sInformational (6)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 7: + fprintf(nipper->reportFile, "%sConsole Logging Severity Level%sDebugging (7)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + } + } + else + fprintf(nipper->reportFile, "%sConsole Logging%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + + // Syslog stuff (only works if a host is configured) + if (nipper->ios->logging->logServer != 0) + { + fprintf(nipper->reportFile, "%sSyslog Logging%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + switch (nipper->ios->logging->loggingTrap) + { + case 0: + fprintf(nipper->reportFile, "%sSyslog Logging Severity Level%sEmergencies (0)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 1: + fprintf(nipper->reportFile, "%sSyslog Logging Severity Level%sAlerts (1)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 2: + fprintf(nipper->reportFile, "%sSyslog Logging Severity Level%sCritical (2)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 3: + fprintf(nipper->reportFile, "%sSyslog Logging Severity Level%sErrors (3)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 4: + fprintf(nipper->reportFile, "%sSyslog Logging Severity Level%sWarnings (4)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 5: + fprintf(nipper->reportFile, "%sSyslog Logging Severity Level%sNotifications (5)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 6: + fprintf(nipper->reportFile, "%sSyslog Logging Severity Level%sInformational (6)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 7: + fprintf(nipper->reportFile, "%sSyslog Logging Severity Level%sDebugging (7)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + outputFriendly(nipper->ios->logging->facility, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sSyslog Logging Facility%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + if (nipper->ios->logging->logCount == true) + fprintf(nipper->reportFile, "%sSyslog Message Counting%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSyslog Message Counting%sSystem Default%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->logging->originId[0] != 0) + { + outputFriendly(nipper->ios->logging->originId, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sSyslog Origin ID%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if (nipper->ios->logging->sourceInterface[0] != 0) + { + outputFriendly(nipper->ios->logging->sourceInterface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sSyslog Source Interface%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + hostPointer = nipper->ios->logging->logServer; + while (hostPointer != 0) + { + outputFriendly(hostPointer->server, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sSyslog Logging Server%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + hostPointer = hostPointer->next; + } + } + else + fprintf(nipper->reportFile, "%sSyslog Logging%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + + // Logging to buffer + if (nipper->ios->logging->bufferedLogging != false) + { + if (nipper->ios->logging->bufferedLogging == true) + fprintf(nipper->reportFile, "%sBuffer Logging%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sBuffer Logging%sSystem Default%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->logging->bufferSize == -1) + fprintf(nipper->reportFile, "%sBuffer Size%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sBuffer Size%s%d bytes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->logging->bufferSize, nipper->tablerow_end); + if (nipper->ios->logging->bufferLevel == -1) + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + { + switch (nipper->ios->logging->bufferLevel) + { + case 0: + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sEmergencies (0)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 1: + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sAlerts (1)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 2: + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sCritical (2)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 3: + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sErrors (3)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 4: + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sWarnings (4)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 5: + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sNotifications (5)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 6: + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sInformational (6)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 7: + fprintf(nipper->reportFile, "%sBuffer Logging Severity Level%sDebugging (7)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + } + } + else + fprintf(nipper->reportFile, "%sBuffer Logging%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + + // Logging to terminal lines + if (nipper->ios->logging->monitorLogging == true) + { + fprintf(nipper->reportFile, "%sTerminal Line Logging%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + switch (nipper->ios->logging->monitorLevel) + { + case 0: + fprintf(nipper->reportFile, "%sTerminal Line Logging Severity Level%sEmergencies (0)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 1: + fprintf(nipper->reportFile, "%sTerminal Line Logging Severity Level%sAlerts (1)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 2: + fprintf(nipper->reportFile, "%sTerminal Line Logging Severity Level%sCritical (2)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 3: + fprintf(nipper->reportFile, "%sTerminal Line Logging Severity Level%sErrors (3)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 4: + fprintf(nipper->reportFile, "%sTerminal Line Logging Severity Level%sWarnings (4)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 5: + fprintf(nipper->reportFile, "%sTerminal Line Logging Severity Level%sNotifications (5)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 6: + fprintf(nipper->reportFile, "%sTerminal Line Logging Severity Level%sInformational (6)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case 7: + fprintf(nipper->reportFile, "%sTerminal Line Logging Severity Level%sDebugging (7)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + } + else + fprintf(nipper->reportFile, "%sTerminal Line Logging%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_logging_table, &settings_general_heading); +} + + +void iosLoggingIssue(struct nipperConfig *nipper) +{ + output_parseText(report_logging_obs1, nipper, section_obs, rate_none, nipper->loggingIssue, nipper->tableNum); + switch (nipper->loggingIssue) + { + case -1: + output_parseText(report_logging_obs2, nipper, section_none, rate_none, nipper->loggingIssue, nipper->tableNum); + break; + case 1: + output_parseText(report_logging_obs3, nipper, section_none, rate_none, nipper->loggingIssue, nipper->tableNum); + break; + case 2: + output_parseText(report_logging_obs4, nipper, section_none, rate_none, nipper->loggingIssue, nipper->tableNum); + break; + case 3: + output_parseText(report_logging_obs5, nipper, section_none, rate_none, nipper->loggingIssue, nipper->tableNum); + break; + case 4: + output_parseText(report_logging_obs6, nipper, section_none, rate_none, nipper->loggingIssue, nipper->tableNum); + break; + } + output_endsection(nipper, section_obs); + output_parseText(report_logging_impact, nipper, section_imp, rate_med, nipper->loggingIssue, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_logging_ease, nipper, section_ease, rate_noease, nipper->loggingIssue, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_logging_rec1, nipper, section_rec, rate_none, nipper->loggingIssue, nipper->tableNum); + if (nipper->loggingIssue != 4) + output_parseText(report_logging_rec2, nipper, section_none, rate_none, nipper->loggingIssue, nipper->tableNum); + if ((nipper->versionMajor < 12) || ((nipper->versionMajor == 12) && (nipper->versionMinor < 1))) + output_parseText(report_logging_rec3, nipper, section_none, rate_none, nipper->loggingIssue, nipper->tableNum); + if (nipper->loggingIssue != 3) + output_parseText(report_logging_rec4, nipper, section_none, rate_none, nipper->loggingIssue, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/IOS/report-nat.c b/0.11.10/IOS/report-nat.c new file mode 100644 index 0000000..b5dac94 --- /dev/null +++ b/0.11.10/IOS/report-nat.c @@ -0,0 +1,195 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosNATConfig(struct nipperConfig *nipper) +{ + // Variables... + struct natConfig *natPointer = 0; + int tempInt = 0; + char tempString[nipper->maxSize]; + + output_parseText(settings_natpat_desc, nipper, section_none, rate_none, 2, 0); + + // Static NAT + tempInt = 0; + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + if (natPointer->type == nat_static) + tempInt++; + natPointer = natPointer->next; + } + if (tempInt > 0) + { + output_table(nipper, true, settings_nat_static_table, &settings_natstatic_heading); + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + if (natPointer->type == nat_static) + { + if (natPointer->inside == true) + fprintf(nipper->reportFile, "%sInside Interface%s", nipper->tablerow_start, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%sOutside Interface%s", nipper->tablerow_start, nipper->tablerow_mid); + if (natPointer->ipSecESP == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + outputFriendly(natPointer->local, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(natPointer->global, tempString, nipper->maxSize, nipper->outputFormat); + if (natPointer->ipSecESP == true) + fprintf(nipper->reportFile, "%s%d%s", tempString, natPointer->interNumber, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + natPointer = natPointer->next; + } + output_table(nipper, false, settings_nat_static_table, &settings_natstatic_heading); + } + + // Dynamic NAT + tempInt = 0; + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + if ((natPointer->type == nat_dynamic_acl) || (natPointer->type == nat_dynamic_route)) + tempInt++; + natPointer = natPointer->next; + } + if (tempInt > 0) + { + output_table(nipper, true, settings_nat_dynamic_table, &settings_natdynamic_heading); + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + if ((natPointer->type == nat_dynamic_acl) || (natPointer->type == nat_dynamic_route)) + { + if (natPointer->inside == true) + fprintf(nipper->reportFile, "%sInside Interface%s", nipper->tablerow_start, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%sOutside Interface%s", nipper->tablerow_start, nipper->tablerow_mid); + if (natPointer->type == nat_dynamic_acl) + fprintf(nipper->reportFile, "ACL%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Route Map%s", nipper->tablerow_mid); + outputFriendly(natPointer->local, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(natPointer->global, tempString, nipper->maxSize, nipper->outputFormat); + if (natPointer->pool == true) + { + fprintf(nipper->reportFile, "Pool%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + else + { + fprintf(nipper->reportFile, "Interface%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%d%s", tempString, natPointer->interNumber, nipper->tablerow_end); + } + } + natPointer = natPointer->next; + } + output_table(nipper, false, settings_nat_dynamic_table, &settings_natdynamic_heading); + } + + // Port Static NAT + tempInt = 0; + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + if (natPointer->type == nat_port) + tempInt++; + natPointer = natPointer->next; + } + if (tempInt > 0) + { + output_table(nipper, true, settings_nat_portstatic_table, &settings_natportstat_heading); + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + if (natPointer->type == nat_port) + { + if (natPointer->inside == true) + fprintf(nipper->reportFile, "%sInside Interface%s", nipper->tablerow_start, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%sOutside Interface%s", nipper->tablerow_start, nipper->tablerow_mid); + if (natPointer->inter == true) + { + fprintf(nipper->reportFile, "%s %s %s %s%d%s", nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, natPointer->globalPort, nipper->tablerow_end); + } + else + { + outputFriendly(natPointer->local, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", natPointer->localPort, nipper->tablerow_mid); + outputFriendly(natPointer->global, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%d%s", tempString, nipper->tablerow_mid, natPointer->globalPort, nipper->tablerow_end); + } + } + natPointer = natPointer->next; + } + output_table(nipper, false, settings_nat_portstatic_table, &settings_natportstat_heading); + } + + // Network Static NAT + tempInt = 0; + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + if (natPointer->type == nat_network) + tempInt++; + natPointer = natPointer->next; + } + if (tempInt > 0) + { + output_table(nipper, true, settings_nat_netstatic_table, &settings_natnetstatic_heading); + natPointer = nipper->ios->nat; + while (natPointer != 0) + { + if (natPointer->type == nat_network) + { + if (natPointer->inside == true) + fprintf(nipper->reportFile, "%sInside Interface%s", nipper->tablerow_start, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%sOutside Interface%s", nipper->tablerow_start, nipper->tablerow_mid); + outputFriendly(natPointer->local, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(natPointer->global, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(natPointer->mask, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + natPointer = natPointer->next; + } + output_table(nipper, false, settings_nat_netstatic_table, &settings_natnetstatic_heading); + } +} diff --git a/0.11.10/IOS/report-ntp.c b/0.11.10/IOS/report-ntp.c new file mode 100644 index 0000000..ee00a9a --- /dev/null +++ b/0.11.10/IOS/report-ntp.c @@ -0,0 +1,135 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosNTPConfig(struct nipperConfig *nipper) +{ + // Variables... + struct ntpHost *ntpHostPointer = 0; + struct ntpKey *ntpKeyPointer = 0; + struct ntpAccessGroup *ntpGroupPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_ntp_table, &settings_general_heading); + if (nipper->ios->ntp->enabled == true) + fprintf(nipper->reportFile, "%sNTP Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sNTP Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->ntp->master == true) + fprintf(nipper->reportFile, "%sNTP Master%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sNTP Master%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->ntp->authentication == true) + fprintf(nipper->reportFile, "%sNTP Authentication%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sNTP Authentication%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_ntp_table, &settings_general_heading); + addAbbreviation("NTP", false); + + if (nipper->ios->ntp->server != 0) + { + output_table(nipper, true, settings_ntpserv_table, &settings_ntpserv_heading); + ntpHostPointer = nipper->ios->ntp->server; + while (ntpHostPointer != 0) + { + outputFriendly(ntpHostPointer->ntpHost, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (ntpHostPointer->keyNum == -1) + fprintf(nipper->reportFile, "None%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%d%s", ntpHostPointer->keyNum, nipper->tablerow_end); + ntpHostPointer = ntpHostPointer->next; + } + output_table(nipper, false, settings_ntpserv_table, &settings_ntpserv_heading); + } + + if (nipper->ios->ntp->peer != 0) + { + output_table(nipper, true, settings_ntppeer_table, &settings_ntppeer_heading); + ntpHostPointer = nipper->ios->ntp->peer; + while (ntpHostPointer != 0) + { + outputFriendly(ntpHostPointer->ntpHost, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s%d%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, ntpHostPointer->keyNum, nipper->tablerow_end); + ntpHostPointer = ntpHostPointer->next; + } + output_table(nipper, false, settings_ntppeer_table, &settings_ntppeer_heading); + } + + if ((nipper->ios->ntp->key != 0) && (nipper->passwords == true)) + { + output_table(nipper, true, settings_ntpkeys_table, &settings_ntpkeys_heading); + ntpKeyPointer = nipper->ios->ntp->key; + while (ntpKeyPointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, ntpKeyPointer->keyNum, nipper->tablerow_mid); + if (ntpKeyPointer->trusted == false) + fprintf(nipper->reportFile, "No"); + else + fprintf(nipper->reportFile, "Yes"); + if (nipper->passwords == true) + { + outputFriendly(ntpKeyPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, tempString); + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + ntpKeyPointer = ntpKeyPointer->next; + } + output_table(nipper, false, settings_ntpkeys_table, &settings_ntpkeys_heading); + } + + if (nipper->ios->ntp->access != 0) + { + output_table(nipper, true, settings_ntpaccess_table, &settings_ntpaccess_heading); + ntpGroupPointer = nipper->ios->ntp->access; + while (ntpGroupPointer != 0) + { + switch (ntpGroupPointer->accessType) + { + case ntp_peer: + fprintf(nipper->reportFile, "%sPeer%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, ntpGroupPointer->accessList, nipper->tablerow_end); + break; + case ntp_serve: + fprintf(nipper->reportFile, "%sServe%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, ntpGroupPointer->accessList, nipper->tablerow_end); + break; + case ntp_serve_only: + fprintf(nipper->reportFile, "%sServe-Only%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, ntpGroupPointer->accessList, nipper->tablerow_end); + break; + case ntp_query_only: + fprintf(nipper->reportFile, "%sQuery-Only%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, ntpGroupPointer->accessList, nipper->tablerow_end); + break; + } + ntpGroupPointer = ntpGroupPointer->next; + } + output_table(nipper, false, settings_ntpaccess_table, &settings_ntpaccess_heading); + } +} + diff --git a/0.11.10/IOS/report-passwords.c b/0.11.10/IOS/report-passwords.c new file mode 100644 index 0000000..826c481 --- /dev/null +++ b/0.11.10/IOS/report-passwords.c @@ -0,0 +1,910 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void output_IOSTablePasswords(struct nipperConfig *nipper, int dictPassword) +{ + // Variables + struct ntpKey *ntpKeyPointer = 0; + struct enablePassword *enablePointer = 0; + struct usernameList *usernamePointer = 0; + struct snmpCommunity *communityPointer = 0; + struct snmpHost *snmpHostPointer = 0; + struct aaaGroupServer *aaaGroupPointer = 0; + struct aaaServer *aaaServerPointer = 0; + struct interfaceConfig *interfaceConfigPointer = 0; + struct bgpNeighbor *neighborPointer = 0; + struct keyChain *keyChainPointer = 0; + struct keyConfig *keyPointer = 0; + struct lineConfig *linePointer = 0; + struct vrrpStruct *vrrpPointer = 0; + char tempString[nipper->maxSize]; + + // Enable passwords + enablePointer = nipper->ios->enable; + while (enablePointer != 0) + { + if (((enablePointer->dictionary == true) && (dictPassword == true)) || ((enablePointer->weak == true) && (dictPassword == false))) + { + outputFriendly(enablePointer->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sPassword%sEnable%sLevel %d", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, enablePointer->level); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + enablePointer = enablePointer->next; + } + + // Usernames + usernamePointer = nipper->ios->username; + while (usernamePointer != 0) + { + if (((usernamePointer->dictionary == true) && (dictPassword == true)) || ((usernamePointer->weak == true) && (dictPassword == false))) + { + outputFriendly(usernamePointer->username, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sPassword%sUsers%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, tempString); + if (nipper->passwords == true) + { + outputFriendly(usernamePointer->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + usernamePointer = usernamePointer->next; + } + + // OSPF + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if (((interfaceConfigPointer->ospfDictionary == true) && (dictPassword == true)) || ((interfaceConfigPointer->ospfWeak == true) && (dictPassword == false))) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sKey%sOSPF%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, tempString); + if (nipper->passwords == true) + { + outputFriendly(interfaceConfigPointer->ospfKey, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + + // BGP + if (nipper->ios->bgp != 0) + { + neighborPointer = nipper->ios->bgp->neighbor; + while (neighborPointer != 0) + { + if (((neighborPointer->dictionary == true) && (dictPassword == true)) || ((neighborPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(neighborPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sPassword%sBGP%sHost %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, tempString); + if (nipper->passwords == true) + { + outputFriendly(neighborPointer->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + neighborPointer = neighborPointer->next; + } + } + + // TACACS + if (nipper->ios->tacacs != 0) + { + if (((nipper->ios->tacacs->dictionary == true) && (dictPassword == true)) || ((nipper->ios->tacacs->weak == true) && (dictPassword == false))) + { + outputFriendly(nipper->ios->tacacs->key, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sKey%sTACACS%sN/A", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + if (nipper->passwords == true) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + } + + // AAA + if (nipper->ios->aaa != 0) + { + aaaGroupPointer = nipper->ios->aaa->groupServer; + while (aaaGroupPointer != 0) + { + aaaServerPointer = aaaGroupPointer->server; + while (aaaServerPointer != 0) + { + if (((aaaServerPointer->dictionary == true) && (dictPassword == true)) || ((aaaServerPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(aaaGroupPointer->username, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sKey%sAAA%s%s (Host: ", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, tempString); + outputFriendly(aaaServerPointer->server, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s)", tempString); + if (nipper->passwords == true) + { + outputFriendly(aaaServerPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + aaaServerPointer = aaaServerPointer->next; + } + aaaGroupPointer = aaaGroupPointer->next; + } + } + + // NTP + if (nipper->ios->ntp != 0) + { + ntpKeyPointer = nipper->ios->ntp->key; + while (ntpKeyPointer != 0) + { + if (((ntpKeyPointer->dictionary == true) && (dictPassword == true)) || ((ntpKeyPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(ntpKeyPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sKey%sNTP%sN/A", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + ntpKeyPointer = ntpKeyPointer->next; + } + } + + // SNMP + if (nipper->ios->snmp != 0) + { + communityPointer = nipper->ios->snmp->community; + while (communityPointer != 0) + { + if (((communityPointer->dictionary == true) && (dictPassword == true)) || ((communityPointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sCommunity%sSNMP%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + if (communityPointer->readonly == true) + fprintf(nipper->reportFile, "read-only"); + else + fprintf(nipper->reportFile, "read/write"); + if (nipper->passwords == true) + { + outputFriendly(communityPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + communityPointer = communityPointer->next; + } + snmpHostPointer = nipper->ios->snmp->host; + while (snmpHostPointer != 0) + { + if (((snmpHostPointer->dictionary == true) && (dictPassword == true)) || ((snmpHostPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(snmpHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sCommunity%sSNMP%sHost: %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, tempString); + if (nipper->passwords == true) + { + outputFriendly(snmpHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + snmpHostPointer = snmpHostPointer->next; + } + } + + // Keys + keyChainPointer = nipper->ios->chain; + while (keyChainPointer != 0) + { + keyPointer = keyChainPointer->key; + while (keyPointer != 0) + { + if (((keyPointer->dictionary == true) && (dictPassword == true)) || ((keyPointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sKey%sKey Chain%sKey No.: %d", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, keyPointer->keyNumber); + if (nipper->passwords == true) + { + outputFriendly(keyPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + keyPointer = keyPointer->next; + } + keyChainPointer = keyChainPointer->next; + } + + // FTP + if (nipper->ios->ftp != 0) + { + if (((nipper->ios->ftp->dictionary == true) && (dictPassword == true)) || ((nipper->ios->ftp->weak == true) && (dictPassword == false))) + { + outputFriendly(nipper->ios->ftp->username, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sPassword%sFTP%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, tempString); + if (nipper->passwords == true) + { + outputFriendly(nipper->ios->ftp->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + } + + // Line + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if (((linePointer->dictionary == true) && (dictPassword == true)) || ((linePointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sPassword%sLine%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + switch (linePointer->lineType) + { + case line_console: + fprintf(nipper->reportFile, "Console "); + break; + case line_vty: + fprintf(nipper->reportFile, "VTY "); + break; + case line_aux: + fprintf(nipper->reportFile, "AUX "); + break; + case line_tty: + fprintf(nipper->reportFile, "TTY "); + break; + } + if (linePointer->lineNumberEnd > 0) + fprintf(nipper->reportFile, "lines %d - %d", linePointer->lineNumberStart, linePointer->lineNumberEnd); + else + fprintf(nipper->reportFile, "line %d", linePointer->lineNumberStart); + if (nipper->passwords == true) + { + outputFriendly(linePointer->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + linePointer = linePointer->next; + } + + // VRRP Authentication + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + vrrpPointer = interfaceConfigPointer->vrrp; + while (vrrpPointer != 0) + { + if (((vrrpPointer->dictionary == true) && (dictPassword == true)) || ((vrrpPointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sPassword%sVRRP%sGroup ID %d on interface %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, vrrpPointer->group, interfaceConfigPointer->name); + if (nipper->passwords == true) + { + outputFriendly(vrrpPointer->authString, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + vrrpPointer = vrrpPointer->next; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } +} + + +void output_IOSLinePasswords(struct nipperConfig *nipper, int dictPassword) +{ + // Variables + struct ntpKey *ntpKeyPointer = 0; + struct enablePassword *enablePointer = 0; + struct usernameList *usernamePointer = 0; + struct snmpCommunity *communityPointer = 0; + struct snmpHost *snmpHostPointer = 0; + struct aaaGroupServer *aaaGroupPointer = 0; + struct aaaServer *aaaServerPointer = 0; + struct interfaceConfig *interfaceConfigPointer = 0; + struct bgpNeighbor *neighborPointer = 0; + struct keyChain *keyChainPointer = 0; + struct keyConfig *keyPointer = 0; + struct lineConfig *linePointer = 0; + struct vrrpStruct *vrrpPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + char tempString3[nipper->maxSize]; + + // Enable + enablePointer = nipper->ios->enable; + while (enablePointer != 0) + { + if (((enablePointer->dictionary == true) && (dictPassword == true)) || ((enablePointer->weak == true) && (dictPassword == false))) + { + outputFriendly(enablePointer->password, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString3, "*NOTEXTSTART*The enable password (level %d) was ", enablePointer->level); + if (nipper->passwords == true) + sprintf(tempString2, "%s%s.", tempString3, tempString); + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + enablePointer = enablePointer->next; + } + + // Username + usernamePointer = nipper->ios->username; + while (usernamePointer != 0) + { + if (((usernamePointer->dictionary == true) && (dictPassword == true)) || ((usernamePointer->weak == true) && (dictPassword == false))) + { + outputFriendly(usernamePointer->username, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString3, "*NOTEXTSTART*The user %s had a ", tempString); + if (nipper->passwords == true) + { + outputFriendly(usernamePointer->password, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%spassword %s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based password.", tempString3); + else + sprintf(tempString2, "%sweak password.", tempString3); + } + } + usernamePointer = usernamePointer->next; + } + + // OSPF + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if (((interfaceConfigPointer->ospfDictionary == true) && (dictPassword == true)) || ((interfaceConfigPointer->ospfWeak == true) && (dictPassword == false))) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString3, "*NOTEXTSTART*The network interface %s was configured with ", tempString); + if (nipper->passwords == true) + { + outputFriendly(interfaceConfigPointer->ospfKey, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%sthe *ABBREV*OSPF*-ABBREV* key %s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sa dictionary-based *ABBREV*OSPF*-ABBREV* key.", tempString3); + else + sprintf(tempString2, "%sa weak *ABBREV*OSPF*-ABBREV* key.", tempString3); + } + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + + // BGP + if (nipper->ios->bgp != 0) + { + neighborPointer = nipper->ios->bgp->neighbor; + while (neighborPointer != 0) + { + if (((neighborPointer->dictionary == true) && (dictPassword == true)) || ((neighborPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(neighborPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString3, "*NOTEXTSTART*The *ABBREV*BGP*-ABBREV* password for host %s was ", tempString); + if (nipper->passwords == true) + { + outputFriendly(neighborPointer->password, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + neighborPointer = neighborPointer->next; + } + } + + // TACACS + if (nipper->ios->tacacs != 0) + { + if (((nipper->ios->tacacs->dictionary == true) && (dictPassword == true)) || ((nipper->ios->tacacs->weak == true) && (dictPassword == false))) + { + sprintf(tempString3, "*NOTEXTSTART*The *ABBREV*TACACS*-ABBREV* key was "); + if (nipper->passwords == true) + { + outputFriendly(nipper->ios->tacacs->key, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + } + + // AAA + if (nipper->ios->aaa != 0) + { + aaaGroupPointer = nipper->ios->aaa->groupServer; + while (aaaGroupPointer != 0) + { + aaaServerPointer = aaaGroupPointer->server; + while (aaaServerPointer != 0) + { + if (((aaaServerPointer->dictionary == true) && (dictPassword == true)) || ((aaaServerPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(aaaGroupPointer->username, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "*NOTEXTSTART*The *ABBREV*AAA*-ABBREV* key for user %s on host ", tempString); + outputFriendly(aaaServerPointer->server, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString3, "%s%s was ", tempString2, tempString); + if (nipper->passwords == true) + { + outputFriendly(aaaServerPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + aaaServerPointer = aaaServerPointer->next; + } + aaaGroupPointer = aaaGroupPointer->next; + } + } + + // NTP + if (nipper->ios->ntp != 0) + { + ntpKeyPointer = nipper->ios->ntp->key; + while (ntpKeyPointer != 0) + { + if (((ntpKeyPointer->dictionary == true) && (dictPassword == true)) || ((ntpKeyPointer->weak == true) && (dictPassword == false))) + { + sprintf(tempString3, "*NOTEXTSTART*The *ABBREV*NTP*-ABBREV* key was "); + if (nipper->passwords == true) + { + outputFriendly(ntpKeyPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + ntpKeyPointer = ntpKeyPointer->next; + } + } + + // SNMP + if (nipper->ios->snmp != 0) + { + communityPointer = nipper->ios->snmp->community; + while (communityPointer != 0) + { + if (((communityPointer->dictionary == true) && (dictPassword == true)) || ((communityPointer->weak == true) && (dictPassword == false))) + { + sprintf(tempString3, "*NOTEXTSTART*The "); + if (communityPointer->readonly == true) + sprintf(tempString2, "%sread-only", tempString3); + else + sprintf(tempString2, "%sread/write", tempString3); + sprintf(tempString3, "%s *ABBREV*SNMP*-ABBREV* community string was ", tempString2); + if (nipper->passwords == true) + { + outputFriendly(communityPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + communityPointer = communityPointer->next; + } + snmpHostPointer = nipper->ios->snmp->host; + while (snmpHostPointer != 0) + { + if (((snmpHostPointer->dictionary == true) && (dictPassword == true)) || ((snmpHostPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(snmpHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString3, "*NOTEXTSTART*The *ABBREV*SNMP*-ABBREV* community string for the host %s was ", tempString); + if (nipper->passwords == true) + { + outputFriendly(snmpHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + snmpHostPointer = snmpHostPointer->next; + } + } + + // Keys + keyChainPointer = nipper->ios->chain; + while (keyChainPointer != 0) + { + keyPointer = keyChainPointer->key; + while (keyPointer != 0) + { + if (((keyPointer->dictionary == true) && (dictPassword == true)) || ((keyPointer->weak == true) && (dictPassword == false))) + { + sprintf(tempString3, "*NOTEXTSTART*The key chain key number %d was ", keyPointer->keyNumber); + if (nipper->passwords == true) + { + outputFriendly(keyPointer->key, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + keyPointer = keyPointer->next; + } + keyChainPointer = keyChainPointer->next; + } + + // FTP + if (nipper->ios->ftp != 0) + { + if (((nipper->ios->ftp->dictionary == true) && (dictPassword == true)) || ((nipper->ios->ftp->weak == true) && (dictPassword == false))) + { + outputFriendly(nipper->ios->ftp->username, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString3, "*NOTEXTSTART*The *ABBREV*FTP*-ABBREV* password for user %s was ", tempString); + if (nipper->passwords == true) + { + outputFriendly(nipper->ios->ftp->password, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + } + + // Line + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if (((linePointer->dictionary == true) && (dictPassword == true)) || ((linePointer->weak == true) && (dictPassword == false))) + { + switch (linePointer->lineType) + { + case line_console: + sprintf(tempString2, "*NOTEXTSTART*Console "); + break; + case line_vty: + sprintf(tempString2, "*NOTEXTSTART**ABBREV*VTY*-ABBREV* "); + break; + case line_aux: + sprintf(tempString2, "*NOTEXTSTART**ABBREV*AUX*-ABBREV* "); + break; + case line_tty: + sprintf(tempString2, "*NOTEXTSTART**ABBREV*TTY*-ABBREV* "); + break; + } + if (linePointer->lineNumberEnd > 0) + sprintf(tempString3, "%slines %d to %d", tempString2, linePointer->lineNumberStart, linePointer->lineNumberEnd); + else + sprintf(tempString3, "%sline %d", tempString2, linePointer->lineNumberStart); + if (nipper->passwords == true) + { + outputFriendly(linePointer->password, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s had a password of %s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%s was dictionary-based.", tempString3); + else + sprintf(tempString2, "%s was weak.", tempString3); + } + } + linePointer = linePointer->next; + } + + // VRRP Authentication + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + vrrpPointer = interfaceConfigPointer->vrrp; + while (vrrpPointer != 0) + { + if (((vrrpPointer->dictionary == true) && (dictPassword == true)) || ((vrrpPointer->weak == true) && (dictPassword == false))) + { + sprintf(tempString3, "*NOTEXTSTART**ABBREV*VRRP*-ABBREV* group ID %d on interface %s", vrrpPointer->group, interfaceConfigPointer->name); + if (nipper->passwords == true) + { + outputFriendly(vrrpPointer->authString, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s had a password of %s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%s was dictionary-based.", tempString3); + else + sprintf(tempString2, "%s was weak.", tempString3); + } + } + vrrpPointer = vrrpPointer->next; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + + output_parseText(tempString2, nipper, section_none, rate_none, 0, 0); +} + + +void iosDictionaryIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + output_parseText(report_dict_obs, nipper, section_obs, rate_none, nipper->simplePasswords, nipper->tableNum); + if (nipper->simplePasswords > 1) + { + output_table(nipper, true, report_dict_table, &report_dict_heading); + output_IOSTablePasswords(nipper, true); + output_table(nipper, false, report_dict_table, &report_dict_heading); + } + else + output_IOSLinePasswords(nipper, true); + output_endsection(nipper, section_obs); + output_parseText(report_dict_impact, nipper, section_imp, rate_high, nipper->simplePasswords, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_dict_ease, nipper, section_ease, rate_trivial, nipper->simplePasswords, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_dict_rec, nipper, section_rec, rate_none, nipper->simplePasswords, nipper->tableNum); + numToWord(nipper->reportFile, nipper->passwordLength); + fprintf(nipper->reportFile, " characters in length and contain"); + if (nipper->passwordUppers == true) + tempInt = 1; + else + tempInt = 0; + if (nipper->passwordLowers == true) + tempInt++; + if (nipper->passwordEither == true) + tempInt++; + if (nipper->passwordNumbers == true) + tempInt++; + if (nipper->passwordSpecials == true) + tempInt++; + if (nipper->passwordUppers == true) + { + fprintf(nipper->reportFile, " uppercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordLowers == true) + { + fprintf(nipper->reportFile, " lowercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordEither == true) + { + fprintf(nipper->reportFile, " either uppercase or lowercase characters"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordNumbers == true) + { + fprintf(nipper->reportFile, " numbers"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordSpecials == true) + { + fprintf(nipper->reportFile, " special"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (((nipper->passwordNumbers == true) && (nipper->passwordSpecials == false)) || ((nipper->passwordEither == false) && (nipper->passwordNumbers == false) && (nipper->passwordSpecials == false))) + fprintf(nipper->reportFile, "."); + else + fprintf(nipper->reportFile, " characters."); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_endsection(nipper, section_rec); +} + + +void iosStrengthIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + output_parseText(report_strength_obs, nipper, section_obs, rate_none, nipper->passwordStrengths, nipper->tableNum); + if (nipper->passwordStrengths > 1) + { + output_table(nipper, true, report_strength_table, &report_dict_heading); + output_IOSTablePasswords(nipper, false); + output_table(nipper, false, report_strength_table, &report_dict_heading); + } + else + output_IOSLinePasswords(nipper, false); + output_endsection(nipper, section_obs); + output_parseText(report_strength_impact, nipper, section_imp, rate_high, nipper->passwordStrengths, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_strength_ease, nipper, section_ease, rate_trivial, nipper->passwordStrengths, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_strength_rec, nipper, section_rec, rate_trivial, nipper->passwordStrengths, nipper->tableNum); + numToWord(nipper->reportFile, nipper->passwordLength); + fprintf(nipper->reportFile, " characters in length and contain"); + if (nipper->passwordUppers == true) + tempInt = 1; + else + tempInt = 0; + if (nipper->passwordLowers == true) + tempInt++; + if (nipper->passwordEither == true) + tempInt++; + if (nipper->passwordNumbers == true) + tempInt++; + if (nipper->passwordSpecials == true) + tempInt++; + if (nipper->passwordUppers == true) + { + fprintf(nipper->reportFile, " uppercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordLowers == true) + { + fprintf(nipper->reportFile, " lowercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordEither == true) + { + fprintf(nipper->reportFile, " either uppercase or lowercase characters"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordNumbers == true) + { + fprintf(nipper->reportFile, " numbers"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordSpecials == true) + { + fprintf(nipper->reportFile, " special"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (((nipper->passwordNumbers == true) && (nipper->passwordSpecials == false)) || ((nipper->passwordEither == false) && (nipper->passwordNumbers == false) && (nipper->passwordSpecials == false))) + fprintf(nipper->reportFile, "."); + else + fprintf(nipper->reportFile, "characters."); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_endsection(nipper, section_rec); +} + + +void iosEnableSecretIssue(struct nipperConfig *nipper) +{ + output_parseText(report_enablesec_obs, nipper, section_obs, rate_none, nipper->enableIssues, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_enablesec_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_enablesec_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_enablesec_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosPasswordEncryptionIssue(struct nipperConfig *nipper) +{ + output_parseText(report_passenc_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_passenc_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_passenc_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_passenc_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} diff --git a/0.11.10/IOS/report-router.c b/0.11.10/IOS/report-router.c new file mode 100644 index 0000000..f7cf421 --- /dev/null +++ b/0.11.10/IOS/report-router.c @@ -0,0 +1,1047 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosRoutingConfig(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + struct bgpNeighbor *neighborPointer = 0; + struct ospfNetworkConfig *ospfNetworkPointer = 0; + struct ospfAreaConfig *ospfAreaPointer = 0; + struct ospfNeighbor *ospfNeighborPointer = 0; + struct ospfConfig *ospfPointer = 0; + struct ospfInterStruct *ospfInterPointer = 0; + struct bgpConfig *bgpPointer = 0; + struct bgpInterStruct *bgpInterPointer = 0; + struct eigrpConfig *eigrpPointer = 0; + struct eigrpAutonStruct *eigrpAutonPointer = 0; + struct eigrpNetwork *eigrpNetworkPointer = 0; + struct eigrpNeighbor *eigrpNeighborPointer = 0; + struct staticRoute *routePointer = 0; + struct routeMapConfig *routeMapPointer = 0; + struct vrrpStruct *vrrpPointer = 0; + struct host *hostPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + output_parseText(settings_routing_desc, nipper, section_none, rate_none, 0, 0); + + // Static Routes + if (nipper->ios->route != 0) + { + output_table(nipper, true, settings_static_route_table, &settings_routeIOS_heading); + routePointer = nipper->ios->route; + while (routePointer != 0) + { + outputFriendly(routePointer->ipAddress, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(routePointer->netMask, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(routePointer->gateway, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + routePointer = routePointer->next; + } + output_table(nipper, false, settings_static_route_table, &settings_routeIOS_heading); + } + + // Route Maps + if (nipper->ios->routeMap != 0) + { + output_parseText(settings_routemap_desc, nipper, section_none, rate_none, 0, 0); + output_table(nipper, true, settings_routemap_table, &settings_routeMap_heading); + routeMapPointer = nipper->ios->routeMap; + while (routeMapPointer != 0) + { + outputFriendly(routeMapPointer->mapTag, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (routeMapPointer->sequenceNo == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", routeMapPointer->sequenceNo, nipper->tablerow_mid); + if (routeMapPointer->permission == perm_permit) + fprintf(nipper->reportFile, "Permit%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Deny%s", nipper->tablerow_end); + routeMapPointer = routeMapPointer->next; + } + output_table(nipper, false, settings_routemap_table, &settings_routeMap_heading); + } + + // VRRP + if (nipper->vrrpIssues != 0) + { + output_parseText(settings_vrrp_desc, nipper, section_none, rate_none, 0, 0); + output_table(nipper, true, settings_vrrp_table, &settings_vrrp_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + vrrpPointer = interfaceConfigPointer->vrrp; + while (vrrpPointer != 0) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s%d%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, vrrpPointer->group, nipper->tablerow_mid); + if (vrrpPointer->shutdown == false) + fprintf(nipper->reportFile, "Active%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + outputFriendly(vrrpPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", vrrpPointer->ipAddress, nipper->tablerow_mid); + if (vrrpPointer->ipAddress2[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s", vrrpPointer->ipAddress2, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", vrrpPointer->priorityLevel, nipper->tablerow_mid); + switch (vrrpPointer->authentication) + { + case vrrp_auth_none: + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + break; + case vrrp_auth_text: + fprintf(nipper->reportFile, "Clear Text%s", nipper->tablerow_mid); + break; + case vrrp_auth_md5: + if (vrrpPointer->keyChain == false) + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "MD5 Key%s", nipper->tablerow_mid); + break; + } + if (nipper->passwords == true) + { + if (vrrpPointer->authString[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + { + outputFriendly(vrrpPointer->authString, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + } + if (interfaceConfigPointer->shutdown == true) + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + vrrpPointer = vrrpPointer->next; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, settings_vrrp_table, &settings_vrrp_interface_heading); + } + + // RIP + if (nipper->ios->rip != 0) + { + output_parseText(settings_rip_desc, nipper, section_none, rate_none, 0, 0); + output_table(nipper, true, settings_rip_table, &settings_general_heading); + if (nipper->ios->rip->version == rip_version1) + fprintf(nipper->reportFile, "%sRIP Version%s1%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->ios->rip->version == rip_version2) + fprintf(nipper->reportFile, "%sRIP Version%s2%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->ios->rip->version == rip_version1and2) + fprintf(nipper->reportFile, "%sRIP Version%s1 and 2%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->rip->autoSummary == true) + fprintf(nipper->reportFile, "%sRoute Auto Summarisation%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sRoute Auto Summarisation%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->rip->defaultRoute == true) + fprintf(nipper->reportFile, "%sDefault Route Generation%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sDefault Route Generation%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->rip->defaultRouteMap[0] != 0) + { + outputFriendly(nipper->ios->rip->defaultRouteMap, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sDefault Route Route-Map%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if (nipper->ios->rip->defaultMetric == -1) + fprintf(nipper->reportFile, "%sDefault Metric%sAutomatic%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sDefault Metric%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->rip->defaultMetric, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sInput Queue Depth%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->rip->inputQueue, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sRIP Update Delay%s%d milliseconds%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->rip->outputDelay, nipper->tablerow_end); + if (nipper->ios->rip->validateUpdateSource == true) + fprintf(nipper->reportFile, "%sValidate Update Source%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sValidate Update Source%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_rip_table, &settings_general_heading); + + // RIP Interfaces + if (nipper->ios->interface !=0) + { + output_table(nipper, true, settings_rip_interface_table, &settings_rip_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + // Check interface is valid for OSPF + if ((interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (interfaceConfigPointer->ripPassive == false)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->ipAddress, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + switch (interfaceConfigPointer->ripAuthMode) + { + case rip_auth_none: + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + break; + case rip_auth_text: + fprintf(nipper->reportFile, "Clear Text%s", nipper->tablerow_mid); + break; + case rip_auth_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_mid); + break; + default: + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + break; + } + if (interfaceConfigPointer->ripKeyChain[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + { + outputFriendly(interfaceConfigPointer->ripKeyChain, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + switch (interfaceConfigPointer->ripSendVersion) + { + case rip_version1: + fprintf(nipper->reportFile, "1%s", nipper->tablerow_mid); + break; + case rip_version2: + fprintf(nipper->reportFile, "2%s", nipper->tablerow_mid); + break; + case rip_version1and2: + fprintf(nipper->reportFile, "1 and 2%s", nipper->tablerow_mid); + break; + case rip_version_global: + switch (nipper->ios->rip->version) + { + case rip_version1: + fprintf(nipper->reportFile, "1%s", nipper->tablerow_mid); + break; + case rip_version2: + fprintf(nipper->reportFile, "2%s", nipper->tablerow_mid); + break; + case rip_version1and2: + fprintf(nipper->reportFile, "1 and 2%s", nipper->tablerow_mid); + break; + } + break; + } + switch (interfaceConfigPointer->ripReceiveVersion) + { + case rip_version1: + fprintf(nipper->reportFile, "1%s", nipper->tablerow_mid); + break; + case rip_version2: + fprintf(nipper->reportFile, "2%s", nipper->tablerow_mid); + break; + case rip_version1and2: + fprintf(nipper->reportFile, "1 and 2%s", nipper->tablerow_mid); + break; + case rip_version_global: + switch (nipper->ios->rip->version) + { + case rip_version1: + fprintf(nipper->reportFile, "1%s", nipper->tablerow_mid); + break; + case rip_version2: + fprintf(nipper->reportFile, "2%s", nipper->tablerow_mid); + break; + case rip_version1and2: + fprintf(nipper->reportFile, "1 and 2%s", nipper->tablerow_mid); + break; + } + break; + } + switch (interfaceConfigPointer->ripV2Broadcast) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + } + switch (interfaceConfigPointer->ripTriggered) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_end); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_end); + break; + } + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, settings_rip_interface_table, &settings_rip_interface_heading); + } + + if (nipper->ios->rip->neighbor != 0) + { + hostPointer = nipper->ios->rip->neighbor; + output_table(nipper, true, settings_rip_neightbor_table, &settings_rip_neightbor_heading); + while (hostPointer != 0) + { + outputFriendly(hostPointer->server, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_end); + hostPointer = hostPointer->next; + } + output_table(nipper, false, settings_rip_neightbor_table, &settings_rip_neightbor_heading); + } + + if (nipper->ios->rip->network != 0) + { + hostPointer = nipper->ios->rip->network; + output_table(nipper, true, settings_rip_networks_table, &settings_rip_networks_heading); + while (hostPointer != 0) + { + outputFriendly(hostPointer->server, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_end); + hostPointer = hostPointer->next; + } + output_table(nipper, false, settings_rip_networks_table, &settings_rip_networks_heading); + } + addAbbreviation("RIP", false); + } + + // EIGRP + if (nipper->ios->eigrp != 0) + { + output_parseText(settings_eigrp_desc, nipper, section_none, rate_none, 0, 0); + + // EIGRP Configuration + eigrpPointer = nipper->ios->eigrp; + while (eigrpPointer != 0) + { + sprintf(tempString, "EIGRP autonomous number %d configuration", eigrpPointer->process); + output_table(nipper, true, tempString, &settings_general_heading); + fprintf(nipper->reportFile, "%sRouter ID%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, eigrpPointer->routerId, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sMaximum Hops%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, eigrpPointer->maximumHops, nipper->tablerow_end); + switch (eigrpPointer->stub) + { + case eigrp_stub_disabled: + fprintf(nipper->reportFile, "%sEIGRP Stub Router%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case eigrp_stub_enabled: + fprintf(nipper->reportFile, "%sEIGRP Stub Router%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case eigrp_stub_receive: + fprintf(nipper->reportFile, "%sEIGRP Stub Router%sReceive Only%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case eigrp_stub_connected: + fprintf(nipper->reportFile, "%sEIGRP Stub Router%sAdvertise Connected Routes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case eigrp_stub_static: + fprintf(nipper->reportFile, "%sEIGRP Stub Router%sAdvertise Static Routes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case eigrp_stub_summary: + fprintf(nipper->reportFile, "%sEIGRP Stub Router%sAdvertise Summary Routes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case eigrp_stub_redist: + fprintf(nipper->reportFile, "%sEIGRP Stub Router%sAdvertise Redistributed Routes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + if (eigrpPointer->autoSummary == true) + fprintf(nipper->reportFile, "%sAuto Summary%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sAuto Summary%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sInternal Administrative Distance%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, eigrpPointer->internalDistance, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sExternal Administrative Distance%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, eigrpPointer->externalDistance, nipper->tablerow_end); + if (eigrpPointer->logNeighborChanges == true) + fprintf(nipper->reportFile, "%sLog Neighbor Changes%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sLog Neighbor Changes%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (eigrpPointer->logNeighborWarnings == true) + fprintf(nipper->reportFile, "%sLog Neighbor Warnings%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sLog Neighbor Warnings%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + eigrpNetworkPointer = eigrpPointer->network; + while (eigrpNetworkPointer != 0) + { + fprintf(nipper->reportFile, "%sNetwork IP Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, eigrpNetworkPointer->ipAddress, nipper->tablerow_end); + if (eigrpNetworkPointer->netMask[0] != 0) + fprintf(nipper->reportFile, "%sNetwork Netmask%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, eigrpNetworkPointer->netMask, nipper->tablerow_end); + eigrpNetworkPointer = eigrpNetworkPointer->next; + } + eigrpNeighborPointer = eigrpPointer->neighbor; + while (eigrpNeighborPointer != 0) + { + fprintf(nipper->reportFile, "%sNetwork IP Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, eigrpNeighborPointer->ipAddress, nipper->tablerow_end); + if (eigrpNeighborPointer->interface[0] != 0) + fprintf(nipper->reportFile, "%sNetwork Interface%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, eigrpNeighborPointer->interface, nipper->tablerow_end); + eigrpNeighborPointer = eigrpNeighborPointer->next; + } + output_table(nipper, false, tempString, &settings_general_heading); + + // Interfaces + sprintf(tempString2, "EIGRP autonomous number %d interface configuration", eigrpPointer->process); + output_table(nipper, true, tempString2, &settings_eigrp_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + eigrpAutonPointer = eigrpInterfaceConfig(interfaceConfigPointer, eigrpPointer->process); + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->ipAddress, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (interfaceConfigPointer->shutdown == true) + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + if (eigrpAutonPointer->passive == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (eigrpAutonPointer->md5Auth == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (eigrpAutonPointer->keyChain[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s", eigrpAutonPointer->keyChain, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%%%s", eigrpAutonPointer->bandwidth, nipper->tablerow_end); + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, tempString2, &settings_eigrp_interface_heading); + + // Increment EIGRP Autonomous No. + eigrpPointer = eigrpPointer->next; + } + } + + // BGP + if (nipper->ios->bgp != 0) + { + output_parseText(settings_bgp_desc, nipper, section_none, rate_none, 0, 0); + bgpPointer = nipper->ios->bgp; + while (bgpPointer != 0) + { + sprintf(tempString, "BGP autonomous number %d configuration", bgpPointer->autonomousNo); + output_table(nipper, true, tempString, &settings_general_heading); + fprintf(nipper->reportFile, "%sAutonomous Number%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->bgp->autonomousNo, nipper->tablerow_end); + if (bgpPointer->logNeighborChanges == true) + fprintf(nipper->reportFile, "%sLog Neighbor Changes%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sLog Neighbor Changes%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (bgpPointer->dampening == true) + fprintf(nipper->reportFile, "%sRoute Flap Dampening%sOn%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sRoute Flap Dampening%sOff%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, tempString, &settings_general_heading); + + if (bgpPointer->neighbor != 0) + { + sprintf(tempString2, "BGP autonomous number %d neighbors", bgpPointer->autonomousNo); + output_table(nipper, true, tempString2, &settings_bgp_heading); + neighborPointer = bgpPointer->neighbor; + while (neighborPointer != 0) + { + outputFriendly(neighborPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(neighborPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(neighborPointer->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_mid); + } + switch (neighborPointer->encryption) + { + case encrypt_type7: + fprintf(nipper->reportFile, "Type-7%s", nipper->tablerow_mid); + break; + case encrypt_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_mid); + addAbbreviation("MD5", false); + break; + case encrypt_none: + if (neighborPointer->password[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + break; + case encrypt_unknown: + fprintf(nipper->reportFile, "Unknown%s", nipper->tablerow_mid); + break; + } + if (neighborPointer->autonomousNo != -1) + fprintf(nipper->reportFile, "%d%s", neighborPointer->autonomousNo, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + if (neighborPointer->ttlHops == -1) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%d%s", neighborPointer->ttlHops, nipper->tablerow_end); + neighborPointer = neighborPointer->next; + } + output_table(nipper, false, tempString2, &settings_bgp_heading); + } + + // Interfaces + sprintf(tempString2, "BGP autonomous number %d interface configuration", bgpPointer->autonomousNo); + output_table(nipper, true, tempString2, &settings_bgp_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + bgpInterPointer = bgpInterfaceConfig(interfaceConfigPointer, bgpPointer->autonomousNo); + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->ipAddress, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (interfaceConfigPointer->shutdown == true) + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + if (bgpInterPointer->passive == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, tempString2, &settings_bgp_interface_heading); + + bgpPointer = bgpPointer->next; + } + addAbbreviation("BGP", false); + addAbbreviation("TTL", false); + } + + // OSPF + if (nipper->ios->ospf != 0) + { + output_parseText(settings_ospf_desc, nipper, section_none, rate_none, 0, 0); + + ospfPointer = nipper->ios->ospf; + while (ospfPointer != 0) + { + // OSPF Network + if (nipper->ios->ospf->ospfNetwork != 0) + { + sprintf(tempString2, "OSPF process ID %d network areas", ospfPointer->processID); + output_table(nipper, true, tempString2, &settings_ospf_network_heading); + ospfNetworkPointer = nipper->ios->ospf->ospfNetwork; + while (ospfNetworkPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s%s%s%s%s", nipper->tablerow_start, ospfNetworkPointer->network, nipper->tablerow_mid, ospfNetworkPointer->networkMask, nipper->tablerow_mid, ospfNetworkPointer->areaID, nipper->tablerow_end); + ospfNetworkPointer = ospfNetworkPointer->next; + } + output_table(nipper, false, tempString2, &settings_ospf_network_heading); + } + + // OSPF Areas + if (nipper->ios->ospf->ospfArea != 0) + { + sprintf(tempString2, "OSPF process ID %d area configuration", ospfPointer->processID); + output_table(nipper, true, tempString2, &settings_ospf_area_heading); + ospfAreaPointer = nipper->ios->ospf->ospfArea; + while (ospfAreaPointer != 0) + { + switch (ospfAreaPointer->areaAuth) + { + case auth_none: + fprintf(nipper->reportFile, "%s%s%s%d%sNone%s", nipper->tablerow_start, ospfAreaPointer->areaID, nipper->tablerow_mid, ospfAreaPointer->defaultCost, nipper->tablerow_mid, nipper->tablerow_end); + break; + case auth_clear: + fprintf(nipper->reportFile, "%s%s%s%d%sClear-text%s", nipper->tablerow_start, ospfAreaPointer->areaID, nipper->tablerow_mid, ospfAreaPointer->defaultCost, nipper->tablerow_mid, nipper->tablerow_end); + break; + case auth_md5: + fprintf(nipper->reportFile, "%s%s%s%d%sMD5%s", nipper->tablerow_start, ospfAreaPointer->areaID, nipper->tablerow_mid, ospfAreaPointer->defaultCost, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + ospfAreaPointer = ospfAreaPointer->next; + } + output_table(nipper, false, tempString2, &settings_ospf_area_heading); + } + + // OSPF Interfaces + if (nipper->ios->interface !=0) + { + sprintf(tempString2, "OSPF process ID %d interface configuration", ospfPointer->processID); + output_table(nipper, true, tempString2, &settings_ospf_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + // Check interface is valid for OSPF + ospfInterPointer = ospfInterfaceConfig(interfaceConfigPointer, ospfPointer->processID); + if ((interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (ospfInterPointer->passive == false) && (ospfInterPointer->processID == ospfPointer->processID)) + { + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s%s%s%s%s", nipper->tablerow_start, interfaceConfigPointer->name, nipper->tablerow_mid, tempString, nipper->tablerow_mid, interfaceConfigPointer->ipAddress, nipper->tablerow_mid); + switch (interfaceConfigPointer->ospfAuthentication) + { + case auth_none: + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + break; + case auth_clear: + fprintf(nipper->reportFile, "Clear-Text%s", nipper->tablerow_mid); + break; + case auth_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_mid); + addAbbreviation("MD5", false); + break; + } + if (nipper->passwords == true) + { + outputFriendly(interfaceConfigPointer->ospfKey, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_mid); + } + switch (interfaceConfigPointer->ospfKeyEncryption) + { + case encrypt_type7: + fprintf(nipper->reportFile, "Type-7%s", nipper->tablerow_mid); + break; + case encrypt_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_mid); + addAbbreviation("MD5", false); + break; + case encrypt_none: + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + break; + case encrypt_unknown: + fprintf(nipper->reportFile, "Unknown%s", nipper->tablerow_mid); + break; + } + switch (interfaceConfigPointer->ospfFloodReduction) + { + case true: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case false: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + case unconfigured: + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_mid); + break; + } + switch (interfaceConfigPointer->ospfNetwork) + { + case ospf_default: + fprintf(nipper->reportFile, "Default"); + break; + case ospf_broadcast: + fprintf(nipper->reportFile, "Broadcast"); + break; + case ospf_nonbroadcast: + fprintf(nipper->reportFile, "Non-Broadcast"); + break; + case ospf_p2p: + fprintf(nipper->reportFile, "Point to Point"); + addAbbreviation("PPP", false); + break; + case ospf_p2multi: + fprintf(nipper->reportFile, "Point to Multipoint"); + break; + case ospf_p2multinon: + fprintf(nipper->reportFile, "Point to Multipoint (Non-Broadcast)"); + break; + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, tempString2, &settings_ospf_interface_heading); + } + + // OSPF Neighbors + if (nipper->ios->ospf->neighbor != 0) + { + sprintf(tempString2, "OSPF process ID %d neighbor configuration", ospfPointer->processID); + output_table(nipper, true, tempString2, &settings_ospf_neighbor_heading); + ospfNeighborPointer = nipper->ios->ospf->neighbor; + while (ospfNeighborPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s%d%s%d%s%d%s", nipper->tablerow_start, ospfNeighborPointer->host, nipper->tablerow_mid, ospfNeighborPointer->priority, nipper->tablerow_mid, ospfNeighborPointer->pollInterval, nipper->tablerow_mid, ospfNeighborPointer->costNumber, nipper->tablerow_mid); + if (ospfNeighborPointer->databaseFilter == false) + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + ospfNeighborPointer = ospfNeighborPointer->next; + } + output_table(nipper, false, tempString2, &settings_ospf_neighbor_heading); + } + + ospfPointer = ospfPointer->next; + } + } +} + + +void iosBGPDampeningIssue(struct nipperConfig *nipper) +{ + output_parseText(report_bgpdamp_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_bgpdamp_impact, nipper, section_imp, rate_high, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_bgpdamp_ease, nipper, section_ease, rate_moderate, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_bgpdamp_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosOSPFAuthenticationIssue(struct nipperConfig *nipper) +{ + // Variables... + struct ospfAreaConfig *ospfAreaPointer = 0; + struct ospfConfig *ospfPointer = 0; + + output_parseText(report_ospfauth_obs1, nipper, section_obs, rate_none, 0, nipper->tableNum); + if (nipper->ospfAuthMD5 > 0) + output_parseText(report_ospfauth_obs2, nipper, section_none, rate_none, nipper->ospfAuthNoneIssues, nipper->tableNum); + if ((nipper->ospfAuthNoneIssues > 0) && (nipper->ospfAuthClearIssues > 0)) + output_parseText(report_ospfauth_obs3, nipper, section_none, rate_none, nipper->ospfAuthNoneIssues + nipper->ospfAuthClearIssues, nipper->tableNum); + else if (nipper->ospfAuthNoneIssues > 0) + output_parseText(report_ospfauth_obs4, nipper, section_none, rate_none, nipper->ospfAuthNoneIssues, nipper->tableNum); + else + output_parseText(report_ospfauth_obs5, nipper, section_none, rate_none, nipper->ospfAuthClearIssues, nipper->tableNum); + if (nipper->ospfAuthNoneIssues + nipper->ospfAuthClearIssues > 1) + { + output_table(nipper, true, report_ospfauth_table, &report_ospfauth_heading); + ospfPointer = nipper->ios->ospf; + while (ospfPointer != 0) + { + ospfAreaPointer = ospfPointer->ospfArea; + if (ospfAreaPointer == 0) + fprintf(nipper->reportFile, "%s%d%sN/A%sNo Authentication%s", nipper->tablerow_start, ospfPointer->processID, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + while (ospfAreaPointer != 0) + { + if (ospfAreaPointer->areaAuth == auth_none) + fprintf(nipper->reportFile, "%s%d%s%s%sNo Authentication%s", nipper->tablerow_start, ospfPointer->processID, nipper->tablerow_mid, ospfAreaPointer->areaID, nipper->tablerow_mid, nipper->tablerow_end); + else if (ospfAreaPointer->areaAuth == auth_clear) + fprintf(nipper->reportFile, "%s%d%s%s%sClear-text Authentication%s", nipper->tablerow_start, ospfPointer->processID, nipper->tablerow_mid, ospfAreaPointer->areaID, nipper->tablerow_mid, nipper->tablerow_end); + ospfAreaPointer = ospfAreaPointer->next; + } + ospfPointer = ospfPointer->next; + } + output_table(nipper, false, report_ospfauth_table, &report_ospfauth_heading); + } + else + { + ospfPointer = nipper->ios->ospf; + while (ospfPointer != 0) + { + ospfAreaPointer = ospfPointer->ospfArea; + if (ospfAreaPointer == 0) + fprintf(nipper->reportFile, "%d.", ospfPointer->processID); + while (ospfAreaPointer != 0) + { + if (ospfAreaPointer->areaAuth == auth_none) + fprintf(nipper->reportFile, "%d area %s.", ospfPointer->processID, ospfAreaPointer->areaID); + else if (ospfAreaPointer->areaAuth == auth_clear) + fprintf(nipper->reportFile, "%d area %s.", ospfPointer->processID, ospfAreaPointer->areaID); + ospfAreaPointer = ospfAreaPointer->next; + } + ospfPointer = ospfPointer->next; + } + output_parseText(endottext, nipper, section_none, rate_none, nipper->ospfAuthNoneIssues, nipper->tableNum); + } + output_endsection(nipper, section_obs); + output_parseText(report_ospfauth_impact, nipper, section_imp, rate_high, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_ospfauth_ease, nipper, section_ease, rate_moderate, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_ospfauth_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosEIGRPIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + struct eigrpAutonStruct *eigrpAutonPointer = 0; + //struct eigrpConfig *eigrpPointer = 0; + int tempInt = 0; + int tempInt2 = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_eigrpauth_obs1, nipper, section_obs, rate_none, nipper->eigrpIssues, nipper->tableNum); + tempInt2 = 0; + //eigrpPointer = nipper->ios->eigrp; + //while (eigrpPointer != 0) + //{ + // tempInt2++; + // eigrpPointer = eigrpPointer->next; + //} + if (nipper->eigrpIssues > 1) + { + output_table(nipper, true, report_eigrpauth_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + tempInt = tempInt2; + eigrpAutonPointer = interfaceConfigPointer->eigrp; + while (eigrpAutonPointer != 0) + { + if ((eigrpAutonPointer->md5Auth == false) && (eigrpAutonPointer->passive != true)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + eigrpAutonPointer = eigrpAutonPointer->next; + } + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_eigrpauth_table, &report_interface_heading); + } + else + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + tempInt = tempInt2; + eigrpAutonPointer = interfaceConfigPointer->eigrp; + while (eigrpAutonPointer != 0) + { + if ((eigrpAutonPointer->md5Auth == false) && (eigrpAutonPointer->passive != true)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s", tempString); + output_parseText(report_eigrpauth_obs2, nipper, section_none, rate_none, nipper->eigrpIssues, 0); + } + eigrpAutonPointer = eigrpAutonPointer->next; + } + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + } + output_endsection(nipper, section_obs); + output_parseText(report_eigrpauth_impact, nipper, section_imp, rate_high, nipper->eigrpIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_eigrpauth_ease, nipper, section_ease, rate_moderate, nipper->eigrpIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_eigrpauth_rec, nipper, section_rec, rate_none, nipper->eigrpIssues, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosRIPIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_rip_obs, nipper, section_obs, rate_none, nipper->ripIssues, nipper->tableNum); + if (nipper->ripIssues == 1) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if (((interfaceConfigPointer->ripKeyChain[0] == 0) || (interfaceConfigPointer->ripAuthMode != rip_auth_md5) || (interfaceConfigPointer->ripSendVersion != rip_version2) || (interfaceConfigPointer->ripReceiveVersion != rip_version2)) && (interfaceConfigPointer->ripPassive == false) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + fprintf(nipper->reportFile, "%s.", interfaceConfigPointer->name); + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_newPara(nipper); + } + else + { + output_table(nipper, true, report_rip_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if (((interfaceConfigPointer->ripKeyChain[0] == 0) || (interfaceConfigPointer->ripAuthMode != rip_auth_md5) || (interfaceConfigPointer->ripSendVersion != rip_version2) || (interfaceConfigPointer->ripReceiveVersion != rip_version2)) && (interfaceConfigPointer->ripPassive == false) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if ((interfaceConfigPointer->ripKeyChain[0] == 0) && (interfaceConfigPointer->ripAuthMode != rip_auth_md5)) + fprintf(nipper->reportFile, "%s%s", report_rip_tab_desc1, nipper->tablerow_end); + else if (interfaceConfigPointer->ripKeyChain[0] == 0) + fprintf(nipper->reportFile, "%s%s", report_rip_tab_desc2, nipper->tablerow_end); + else if (interfaceConfigPointer->ripAuthMode != rip_auth_md5) + fprintf(nipper->reportFile, "%s%s", report_rip_tab_desc3, nipper->tablerow_end); + else if ((interfaceConfigPointer->ripSendVersion != rip_version2) && (interfaceConfigPointer->ripReceiveVersion != rip_version2)) + fprintf(nipper->reportFile, "%s %s", report_rip_tab_desc4, nipper->tablerow_end); + else if (interfaceConfigPointer->ripSendVersion != rip_version2) + fprintf(nipper->reportFile, "%s %s", report_rip_tab_desc5, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s %s", report_rip_tab_desc6, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_rip_table, &report_interface_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_rip_impact, nipper, section_imp, rate_high, nipper->ripIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_rip_ease, nipper, section_ease, rate_moderate, nipper->ripIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_rip_rec, nipper, section_rec, rate_none, nipper->ripIssues, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosVRRPIssue(struct nipperConfig *nipper) +{ + output_parseText(report_vrrp_obs, nipper, section_obs, rate_none, nipper->vrrpIssues, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_vrrp_impact, nipper, section_imp, rate_high, nipper->vrrpIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_vrrp_ease, nipper, section_ease, rate_moderate, nipper->vrrpIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_vrrp_rec, nipper, section_rec, rate_none, nipper->vrrpIssues, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosSourceRoutingIssue(struct nipperConfig *nipper) +{ + output_parseText(report_source_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_source_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_source_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_source_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosRedirectsIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_redirects_obs, nipper, section_obs, rate_none, nipper->redirectsIssues, nipper->tableNum); + if (nipper->redirectsIssues == 1) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipRedirects == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + fprintf(nipper->reportFile, "%s.", interfaceConfigPointer->name); + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_newPara(nipper); + } + else + { + output_table(nipper, true, report_redirects_table, &report_interface_heading); + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipRedirects == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_redirects_table, &report_interface_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_redirects_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_redirects_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_redirects_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosURPFIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceConfig *interfaceConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_urpf_obs, nipper, section_obs, rate_none, nipper->uRPFIssues, nipper->tableNum); + if (nipper->uRPFIssues > 1) + { + interfaceConfigPointer = nipper->ios->interface; + output_table(nipper, true, report_urpf_table, &report_interface_heading); + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->uRPF == false) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(interfaceConfigPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_end); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_table(nipper, false, report_urpf_table, &report_interface_heading); + } + else if (nipper->uRPFIssues > 0) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->uRPF == false) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + outputFriendly(interfaceConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s.", tempString); + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + output_newPara(nipper); + } + output_endsection(nipper, section_obs); + output_parseText(report_urpf_impact, nipper, section_imp, rate_med, nipper->uRPFIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_urpf_ease, nipper, section_ease, rate_noease, nipper->uRPFIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_urpf_rec, nipper, section_rec, rate_none, nipper->uRPFIssues, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void iosClasslessRoutingIssue(struct nipperConfig *nipper) +{ + output_parseText(report_classless_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_classless_impact, nipper, section_imp, rate_low, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_classless_ease, nipper, section_ease, rate_noease, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_classless_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + diff --git a/0.11.10/IOS/report-snmp.c b/0.11.10/IOS/report-snmp.c new file mode 100644 index 0000000..7cfd469 --- /dev/null +++ b/0.11.10/IOS/report-snmp.c @@ -0,0 +1,473 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosSNMPConfig(struct nipperConfig *nipper) +{ + // Variables... + struct snmpCommunity *communityPointer = 0; + struct snmpView *snmpViewPointer = 0; + struct snmpViewItem *snmpViewItemPointer = 0; + struct snmpGroup *snmpGroupPointer = 0; + struct snmpUser *snmpUserPointer = 0; + struct snmpTrap *snmpTrapPointer = 0; + struct snmpHost *snmpHostPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + int found = false; + + output_parseText(settings_snmp_desc, nipper, section_none, rate_none, 0, 0); + output_table(nipper, true, settings_snmp_table, &settings_general_heading); + if (nipper->ios->snmp->enabled == true) + fprintf(nipper->reportFile, "%sService enabled%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sService enabled%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->snmp->contact[0] != 0) + { + outputFriendly(nipper->ios->snmp->contact, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sContact%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if (nipper->ios->snmp->location[0] != 0) + { + outputFriendly(nipper->ios->snmp->location, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sLocation%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + fprintf(nipper->reportFile, "%sTrap Timeout%s%d seconds%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->snmp->trapTimeout, nipper->tablerow_end); + if (nipper->ios->snmp->trapSource[0] != 0) + { + outputFriendly(nipper->ios->snmp->trapSource, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sTrap Source Interface%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if (nipper->ios->snmp->tftpServerList[0] == 0) + fprintf(nipper->reportFile, "%sTFTP Server List%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + { + outputFriendly(nipper->ios->snmp->tftpServerList, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sTFTP Server List%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + output_table(nipper, false, settings_snmp_table, &settings_general_heading); + addAbbreviation("SNMP", false); + addAbbreviation("TFTP", false); + + if (nipper->ios->snmp->community != 0) + { + output_table(nipper, true, settings_snmpstring_table, &settings_snmpstring_heading); + communityPointer = nipper->ios->snmp->community; + while (communityPointer != 0) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_start); + if (nipper->passwords == true) + { + outputFriendly(communityPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_mid); + } + if (communityPointer->readonly == true) + fprintf(nipper->reportFile, "Read-Only%s%s%s%s%s", nipper->tablerow_mid, communityPointer->viewName, nipper->tablerow_mid, communityPointer->accessList, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Read/Write%s%s%s%s%s", nipper->tablerow_mid, communityPointer->viewName, nipper->tablerow_mid, communityPointer->accessList, nipper->tablerow_mid); + if (communityPointer->enabled == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + communityPointer = communityPointer->next; + } + output_table(nipper, false, settings_snmpstring_table, &settings_snmpstring_heading); + } + + if (nipper->ios->snmp->group != 0) + { + // Groups + snmpGroupPointer = nipper->ios->snmp->group; + output_table(nipper, true, settings_snmpgroups_table, &settings_snmpgroups_heading); + while (snmpGroupPointer != 0) + { + outputFriendly(snmpGroupPointer->groupName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + switch(snmpGroupPointer->version) + { + case snmp1: + fprintf(nipper->reportFile, "1"); + break; + case snmp2c: + fprintf(nipper->reportFile, "2c"); + break; + case snmp3_no_auth: + fprintf(nipper->reportFile, "3 (No Auth)"); + break; + case snmp3_auth: + fprintf(nipper->reportFile, "3 (Auth)"); + break; + case snmp3_priv: + fprintf(nipper->reportFile, "3 (Auth and Priv)"); + break; + } + outputFriendly(snmpGroupPointer->readView, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_mid); + if (snmpGroupPointer->writeView[0] != 0) + { + outputFriendly(snmpGroupPointer->writeView, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + if (snmpGroupPointer->notifyView[0] != 0) + { + outputFriendly(snmpGroupPointer->notifyView, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + if (snmpGroupPointer->context[0] != 0) + { + outputFriendly(snmpGroupPointer->context, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + if (snmpGroupPointer->acl[0] != 0) + { + outputFriendly(snmpGroupPointer->acl, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + snmpGroupPointer = snmpGroupPointer->next; + } + output_table(nipper, false, settings_snmpgroups_table, &settings_snmpgroups_heading); + addAbbreviation("OID", false); + addAbbreviation("MIB", false); + } + + // Users + if (nipper->ios->snmp->user != 0) + { + // Group Users + snmpGroupPointer = nipper->ios->snmp->group; + while (snmpGroupPointer != 0) + { + if (nipper->ios->snmp->user != 0) + { + switch (snmpGroupPointer->version) + { + case snmp1: + case snmp2c: + case snmp3_no_auth: + if (snmpGroupPointer->version == snmp1) + sprintf(tempString, "%s%s", settings_snmpgroup_table1, snmpGroupPointer->groupName); + else if (snmpGroupPointer->version == snmp2c) + sprintf(tempString, "%s%s", settings_snmpgroup_table2, snmpGroupPointer->groupName); + else if (snmpGroupPointer->version == snmp3_no_auth) + sprintf(tempString, "%s%s", settings_snmpgroup_table3, snmpGroupPointer->groupName); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_snmpnoauth_heading); + found = false; + snmpUserPointer = nipper->ios->snmp->user; + while ((snmpUserPointer != 0) && (found == false)) + { + if (strcmp(snmpUserPointer->groupName, snmpGroupPointer->groupName) == 0) + found = true; + else + snmpUserPointer = snmpUserPointer->next; + } + while (snmpUserPointer != 0) + { + if (strcmp(snmpUserPointer->groupName, snmpGroupPointer->groupName) == 0) + { + snmpUserPointer->group++; + outputFriendly(snmpUserPointer->userName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (snmpUserPointer->acl[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + else + { + outputFriendly(snmpUserPointer->acl, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + } + snmpUserPointer = snmpUserPointer->next; + } + output_table(nipper, false, tempString2, &settings_snmpnoauth_heading); + break; + case snmp3_auth: + sprintf(tempString, "%s%s", settings_snmpgroup_table4, snmpGroupPointer->groupName); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_snmpauth_heading); + found = false; + snmpUserPointer = nipper->ios->snmp->user; + while ((snmpUserPointer != 0) && (found == false)) + { + if (strcmp(snmpUserPointer->groupName, snmpGroupPointer->groupName) == 0) + found = true; + else + snmpUserPointer = snmpUserPointer->next; + } + while (snmpUserPointer != 0) + { + if (strcmp(snmpUserPointer->groupName, snmpGroupPointer->groupName) == 0) + { + snmpUserPointer->group++; + outputFriendly(snmpUserPointer->userName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(snmpUserPointer->authPass, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + switch (snmpUserPointer->snmp3auth) + { + case snmp3_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_mid); + addAbbreviation("MD5", false); + break; + case snmp3_sha: + fprintf(nipper->reportFile, "SHA%s", nipper->tablerow_mid); + addAbbreviation("SHA", false); + break; + } + if (snmpUserPointer->acl[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + else + { + outputFriendly(snmpUserPointer->acl, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + } + snmpUserPointer = snmpUserPointer->next; + } + output_table(nipper, false, tempString2, &settings_snmpauth_heading); + break; + case snmp3_priv: + sprintf(tempString, "%s%s", settings_snmpgroup_table4, snmpGroupPointer->groupName); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_snmpauth_heading); + found = false; + snmpUserPointer = nipper->ios->snmp->user; + while ((snmpUserPointer != 0) && (found == false)) + { + if (strcmp(snmpUserPointer->groupName, snmpGroupPointer->groupName) == 0) + found = true; + else + snmpUserPointer = snmpUserPointer->next; + } + while (snmpUserPointer != 0) + { + if (strcmp(snmpUserPointer->groupName, snmpGroupPointer->groupName) == 0) + { + snmpUserPointer->group++; + outputFriendly(snmpUserPointer->userName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(snmpUserPointer->authPass, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + switch (snmpUserPointer->snmp3auth) + { + case snmp3_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_mid); + addAbbreviation("MD5", false); + break; + case snmp3_sha: + fprintf(nipper->reportFile, "SHA%s", nipper->tablerow_mid); + addAbbreviation("SHA", false); + break; + } + if (nipper->passwords == true) + { + outputFriendly(snmpUserPointer->privPass, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + switch (snmpUserPointer->snmp3priv) + { + case snmp3_des: + fprintf(nipper->reportFile, "DES%s", nipper->tablerow_mid); + addAbbreviation("DES", false); + break; + case snmp3_3des: + fprintf(nipper->reportFile, "3DES%s", nipper->tablerow_mid); + addAbbreviation("3DES", false); + break; + case snmp3_des56: + fprintf(nipper->reportFile, "DES 56%s", nipper->tablerow_mid); + addAbbreviation("DES", false); + break; + case snmp3_aes128: + fprintf(nipper->reportFile, "AES 128%s", nipper->tablerow_mid); + addAbbreviation("AES", false); + break; + case snmp3_aes192: + fprintf(nipper->reportFile, "AES 192%s", nipper->tablerow_mid); + addAbbreviation("AES", false); + break; + case snmp3_aes256: + fprintf(nipper->reportFile, "AES 256%s", nipper->tablerow_mid); + addAbbreviation("AES", false); + break; + } + if (snmpUserPointer->acl[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + else + { + outputFriendly(snmpUserPointer->acl, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + } + snmpUserPointer = snmpUserPointer->next; + } + output_table(nipper, false, tempString2, &settings_snmpauth_heading); + break; + } + } + snmpGroupPointer = snmpGroupPointer->next; + } + + found = false; + snmpUserPointer = nipper->ios->snmp->user; + while ((snmpUserPointer != 0) && (found == false)) + { + if (snmpUserPointer->group == 0) + found = true; + else + snmpUserPointer = snmpUserPointer->next; + } + if (snmpUserPointer != 0) + { + output_table(nipper, true, settings_snmpgroup_table6, &settings_snmpnoauth_heading); + while (snmpUserPointer != 0) + { + if (snmpUserPointer->group == 0) + { + outputFriendly(snmpUserPointer->userName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (snmpUserPointer->acl[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + else + { + outputFriendly(snmpUserPointer->acl, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + } + snmpUserPointer = snmpUserPointer->next; + } + output_table(nipper, false, settings_snmpgroup_table6, &settings_snmpnoauth_heading); + } + } + + // Views + if (nipper->ios->snmp->view != 0) + { + snmpViewPointer = nipper->ios->snmp->view; + while (snmpViewPointer != 0) + { + sprintf(tempString, "%s %s", settings_snmpview_table, snmpViewPointer->viewName); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_snmpview_heading); + snmpViewItemPointer = snmpViewPointer->viewItem; + while (snmpViewItemPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, snmpViewItemPointer->mibId, nipper->tablerow_mid); + if (snmpViewItemPointer->include == true) + fprintf(nipper->reportFile, "Include%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Exclude%s", nipper->tablerow_end); + snmpViewItemPointer = snmpViewItemPointer->next; + } + output_table(nipper, false, tempString2, &settings_snmpview_heading); + snmpViewPointer = snmpViewPointer->next; + } + addAbbreviation("MIB", false); + } + + if (nipper->ios->snmp->host != 0) + { + output_table(nipper, true, settings_snmphost_table, &settings_snmphost_heading); + snmpHostPointer = nipper->ios->snmp->host; + while (snmpHostPointer != 0) + { + outputFriendly(snmpHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + switch(snmpHostPointer->version) + { + case snmp1: + fprintf(nipper->reportFile, "1"); + break; + case snmp2c: + fprintf(nipper->reportFile, "2c"); + break; + case snmp3_no_auth: + fprintf(nipper->reportFile, "3 (No Auth)"); + break; + case snmp3_auth: + fprintf(nipper->reportFile, "3 (Auth)"); + break; + case snmp3_priv: + fprintf(nipper->reportFile, "3 (Auth and Priv)"); + break; + } + if (nipper->passwords == true) + { + outputFriendly(snmpHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s ", nipper->tablerow_mid, tempString); + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + snmpHostPointer = snmpHostPointer->next; + } + output_table(nipper, false, settings_snmphost_table, &settings_snmphost_heading); + } + + if (nipper->ios->snmp->trap != 0) + { + output_table(nipper, true, settings_snmptrap_table, &settings_snmptrap_heading); + snmpTrapPointer = nipper->ios->snmp->trap; + while (snmpTrapPointer != 0) + { + outputFriendly(snmpTrapPointer->trap, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_end); + snmpTrapPointer = snmpTrapPointer->next; + } + output_table(nipper, false, settings_snmptrap_table, &settings_snmptrap_heading); + } +} + + +void iosSNMPIssue(struct nipperConfig *nipper) +{ + output_parseText(settings_snmp_desc, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_parseText(report_snmp_obs, nipper, section_none, rate_none, nipper->snmpIssue, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_snmp_impact, nipper, section_imp, rate_med, nipper->snmpIssue, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_snmp_ease, nipper, section_ease, rate_trivial, nipper->snmpIssue, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_snmp_rec, nipper, section_rec, rate_none, nipper->snmpIssue, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/IOS/report-ssh.c b/0.11.10/IOS/report-ssh.c new file mode 100644 index 0000000..9b5caac --- /dev/null +++ b/0.11.10/IOS/report-ssh.c @@ -0,0 +1,113 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosSSHConfig(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + char tempString[nipper->maxSize]; + struct lineConfig *linePointer = 0; + struct netInterface *interfacePointer = 0; + + output_table(nipper, true, settings_ssh_table, &settings_general_heading); + if (nipper->ios->line != 0) + { + tempInt = 0; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if (linePointer->ssh == true) + tempInt++; + linePointer = linePointer->next; + } + } + switch (tempInt) + { + case 0: + fprintf(nipper->reportFile, "%sSSH%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + default: + fprintf(nipper->reportFile, "%sSSH%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + switch (nipper->ios->ssh->protocolVersion) + { + case ssh_ver_1: + fprintf(nipper->reportFile, "%sProtocol version%s1%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case ssh_ver_2: + fprintf(nipper->reportFile, "%sProtocol version%s2%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + default: + fprintf(nipper->reportFile, "%sProtocol version%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + if (nipper->ios->ssh->timeout > -1) + fprintf(nipper->reportFile, "%sLogin time-out%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->ssh->timeout, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sLogin time-out%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->ios->ssh->retries > -1) + fprintf(nipper->reportFile, "%sLogin retries%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->ios->ssh->retries, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sLogin retries%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_ssh_table, &settings_general_heading); + addAbbreviation("SSH", false); + + // Show SSH interfaces + if (nipper->ios->ssh->interface != 0) + { + output_table(nipper, true, settings_sshint_table, &settings_sshint_heading); + fprintf(nipper->reportFile, "
Table %d: %s.
Network Interface
\n\n", nipper->tableNum, settings_sshint_table); + interfacePointer = nipper->ios->ssh->interface; + while (interfacePointer != 0) + { + outputFriendly(interfacePointer->interface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_end); + interfacePointer = interfacePointer->next; + } + output_table(nipper, false, settings_sshint_table, &settings_sshint_heading); + } +} + + +void iosSSHProtocolIssue(struct nipperConfig *nipper) +{ + output_parseText(report_sshproto_obs, nipper, section_obs, rate_none, nipper->sshIssue, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_sshproto_impact, nipper, section_imp, rate_med, nipper->sshIssue, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_sshproto_ease, nipper, section_ease, rate_difficult, nipper->sshIssue, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_sshproto_rec2, nipper, section_rec, rate_none, nipper->sshIssue, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/IOS/report-tacacs.c b/0.11.10/IOS/report-tacacs.c new file mode 100644 index 0000000..452389e --- /dev/null +++ b/0.11.10/IOS/report-tacacs.c @@ -0,0 +1,76 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosTACACSConfig(struct nipperConfig *nipper) +{ + // Variables... + struct host *hostPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_tacacs_table, &settings_general_heading); + if (nipper->passwords == true) + { + outputFriendly(nipper->ios->tacacs->key, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sTACACS Key%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + switch(nipper->ios->tacacs->encryption) + { + case encrypt_type7: + fprintf(nipper->reportFile, "%sKey Encryption Type%sType-7%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case encrypt_md5: + fprintf(nipper->reportFile, "%sKey Encryption Type%sMD5%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + addAbbreviation("MD5", false); + break; + case encrypt_none: + fprintf(nipper->reportFile, "%sKey Encryption Type%sNone%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case encrypt_unknown: + fprintf(nipper->reportFile, "%sKey Encryption Type%sUnknown%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + output_table(nipper, false, settings_tacacs_table, &settings_general_heading); + addAbbreviation("TACACS", false); + + if (nipper->ios->tacacs->host != 0) + { + output_table(nipper, true, settings_tacacsserv_table, &settings_tacacsserv_heading); + hostPointer = nipper->ios->tacacs->host; + while (hostPointer != 0) + { + outputFriendly(hostPointer->server, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_end); + hostPointer = hostPointer->next; + } + output_table(nipper, false, settings_tacacsserv_table, &settings_tacacsserv_heading); + } +} diff --git a/0.11.10/IOS/report-timeout.c b/0.11.10/IOS/report-timeout.c new file mode 100644 index 0000000..c509d7d --- /dev/null +++ b/0.11.10/IOS/report-timeout.c @@ -0,0 +1,225 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +void iosTimeoutIssue(struct nipperConfig *nipper) +{ + // Variables... + struct lineConfig *linePointer = 0; + int tempInt = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_timeout_obs1, nipper, section_obs, rate_none, nipper->insecureTimeouts, nipper->tableNum); + if ((nipper->connectionTimeout % 60) == 0) + { + numToWord(nipper->reportFile, (nipper->connectionTimeout / 60)); + fprintf(nipper->reportFile, " minutes"); + } + else + { + numToWord(nipper->reportFile, nipper->connectionTimeout / 60); + fprintf(nipper->reportFile, " minutes and "); + numToWord(nipper->reportFile, nipper->connectionTimeout % 60); + fprintf(nipper->reportFile, " seconds"); + } + output_parseText(report_timeout_obs2, nipper, section_none, rate_none, nipper->insecureTimeouts, nipper->tableNum); + linePointer = nipper->ios->line; + if (nipper->insecureTimeouts > 1) + { + output_table(nipper, true, report_timeout_table, &report_timeout_heading); + while (linePointer != 0) + { + if ((linePointer->login != login_disabled) && ((linePointer->timeout == 0) || (linePointer->timeout > nipper->connectionTimeout)) && ((linePointer->absoluteTimeout == 0) || (linePointer->absoluteTimeout > nipper->connectionTimeout)) && ((linePointer->sessionTimeout == 0) || (linePointer->sessionTimeout > nipper->connectionTimeout)) && ((linePointer->execTimeout == 0) || (linePointer->execTimeout > nipper->connectionTimeout))) + { + switch (linePointer->lineType) + { + case line_console: + fprintf(nipper->reportFile, "%sConsole line", nipper->tablerow_start); + break; + case line_vty: + fprintf(nipper->reportFile, "%sVTY line", nipper->tablerow_start); + break; + case line_tty: + fprintf(nipper->reportFile, "%sTTY line", nipper->tablerow_start); + break; + case line_aux: + fprintf(nipper->reportFile, "%sAuxiliary line", nipper->tablerow_start); + break; + } + if (linePointer->lineNumberEnd == 0) + fprintf(nipper->reportFile, " %d%s", linePointer->lineNumberStart, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "s %d to %d%s", linePointer->lineNumberStart, linePointer->lineNumberEnd, nipper->tablerow_mid); + if ((linePointer->timeout == 0) && (linePointer->sessionTimeout == 0) && (linePointer->absoluteTimeout == 0) && (linePointer->execTimeout == 0)) + fprintf(nipper->reportFile, "No Timeout%s", nipper->tablerow_end); + else + { + tempInt = 0; + if (linePointer->timeout != 0) + { + if ((linePointer->timeout % 60) == 0) + fprintf(nipper->reportFile, "Timeout: %d minutes", (linePointer->timeout / 60)); + else + fprintf(nipper->reportFile, "Timeout: %d minutes and %d seconds", linePointer->timeout / 60, linePointer->timeout % 60); + tempInt++; + } + if (linePointer->absoluteTimeout != 0) + { + if (tempInt > 0) + fprintf(nipper->reportFile, ", "); + if ((linePointer->absoluteTimeout % 60) == 0) + fprintf(nipper->reportFile, "Absolute Timeout: %d minutes", (linePointer->absoluteTimeout / 60)); + else + fprintf(nipper->reportFile, "Absolute Timeout: %d minutes and %d seconds", linePointer->absoluteTimeout / 60, linePointer->absoluteTimeout % 60); + tempInt++; + } + if (linePointer->sessionTimeout != 0) + { + if (tempInt > 0) + fprintf(nipper->reportFile, ", "); + if ((linePointer->sessionTimeout % 60) == 0) + fprintf(nipper->reportFile, "Session Timeout: %d minutes", (linePointer->sessionTimeout / 60)); + else + fprintf(nipper->reportFile, "Session Timeout: %d minutes and %d seconds", linePointer->sessionTimeout / 60, linePointer->sessionTimeout % 60); + tempInt++; + } + if (linePointer->execTimeout != 0) + { + if (tempInt > 0) + fprintf(nipper->reportFile, ", "); + if ((linePointer->execTimeout % 60) == 0) + fprintf(nipper->reportFile, "Exec Timeout: %d minutes", (linePointer->execTimeout / 60)); + else + fprintf(nipper->reportFile, "Exec Timeout: %d minutes and %d seconds", linePointer->execTimeout / 60, linePointer->execTimeout % 60); + tempInt++; + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + } + linePointer = linePointer->next; + } + output_table(nipper, false, report_timeout_table, &report_timeout_heading); + } + else + { + while (linePointer != 0) + { + if ((linePointer->login != login_disabled) && ((linePointer->timeout == 0) || (linePointer->timeout > nipper->connectionTimeout)) && ((linePointer->absoluteTimeout == 0) || (linePointer->absoluteTimeout > nipper->connectionTimeout)) && ((linePointer->sessionTimeout == 0) || (linePointer->sessionTimeout > nipper->connectionTimeout)) && ((linePointer->execTimeout == 0) || (linePointer->execTimeout > nipper->connectionTimeout))) + { + switch (linePointer->lineType) + { + case line_console: + sprintf(tempString, "*NOTEXTSTART*The console line"); + break; + case line_vty: + sprintf(tempString, "*NOTEXTSTART*The *ABBREV*VTY*-ABBREV* line"); + break; + case line_tty: + sprintf(tempString, "*NOTEXTSTART*The *ABBREV*TTY*-ABBVREV* line"); + break; + case line_aux: + sprintf(tempString, "*NOTEXTSTART*The auxiliary ine"); + break; + } + if (linePointer->lineNumberEnd == 0) + sprintf(tempString, "%s %d", tempString, linePointer->lineNumberStart); + else + sprintf(tempString, "%ss %d to %d", tempString, linePointer->lineNumberStart, linePointer->lineNumberEnd); + if ((linePointer->timeout == 0) && (linePointer->sessionTimeout == 0) && (linePointer->absoluteTimeout == 0) && (linePointer->execTimeout == 0)) + sprintf(tempString, "%s had no timeout.", tempString); + else + { + sprintf(tempString, "%s ", tempString); + tempInt = 0; + if (linePointer->timeout != 0) + { + if ((linePointer->timeout % 60) == 0) + sprintf(tempString, "%stimeout was %d minutes", tempString, (linePointer->timeout / 60)); + else + sprintf(tempString, "%stimeout was %d minutes and %d seconds", tempString, linePointer->timeout / 60, linePointer->timeout % 60); + tempInt++; + } + if (linePointer->absoluteTimeout != 0) + { + if (tempInt > 0) + sprintf(tempString, "%s, ", tempString); + if ((linePointer->absoluteTimeout % 60) == 0) + sprintf(tempString, "%sabsolute timeout was %d minutes", tempString, (linePointer->absoluteTimeout / 60)); + else + sprintf(tempString, "%sabsolute timeout was %d minutes and %d seconds", tempString, linePointer->absoluteTimeout / 60, linePointer->absoluteTimeout % 60); + tempInt++; + } + if (linePointer->sessionTimeout != 0) + { + if (tempInt > 0) + sprintf(tempString, "%s, ", tempString); + if ((linePointer->sessionTimeout % 60) == 0) + sprintf(tempString, "%ssession timeout was %d minutes", tempString, (linePointer->sessionTimeout / 60)); + else + sprintf(tempString, "%ssession timeout was %d minutes and %d seconds", tempString, linePointer->sessionTimeout / 60, linePointer->sessionTimeout % 60); + tempInt++; + } + if (linePointer->execTimeout != 0) + { + if (tempInt > 0) + sprintf(tempString, "%s, ", tempString); + if ((linePointer->execTimeout % 60) == 0) + sprintf(tempString, "%sExec timeout was %d minutes", tempString, (linePointer->execTimeout / 60)); + else + sprintf(tempString, "%sExec timeout was %d minutes and %d seconds", tempString, linePointer->execTimeout / 60, linePointer->execTimeout % 60); + tempInt++; + } + } + } + linePointer = linePointer->next; + } + output_parseText(tempString, nipper, section_none, rate_none, 0, 0); + } + output_endsection(nipper, section_obs); + output_parseText(report_timeout_impact, nipper, section_imp, rate_high, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_timeout_ease, nipper, section_ease, rate_difficult, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_timeout_rec1, nipper, section_rec, rate_none, 0, 0); + if ((nipper->connectionTimeout % 60) == 0) + { + numToWord(nipper->reportFile, (nipper->connectionTimeout / 60)); + fprintf(nipper->reportFile, " minutes"); + } + else + { + numToWord(nipper->reportFile, nipper->connectionTimeout / 60); + fprintf(nipper->reportFile, " minutes and "); + numToWord(nipper->reportFile, (nipper->connectionTimeout % 60)); + fprintf(nipper->reportFile, " seconds"); + } + output_parseText(report_timeout_rec2, nipper, section_none, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/IOS/report-username.c b/0.11.10/IOS/report-username.c new file mode 100644 index 0000000..a84b6ed --- /dev/null +++ b/0.11.10/IOS/report-username.c @@ -0,0 +1,165 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosUsersConfig(struct nipperConfig *nipper) +{ + // Variables... + struct enablePassword *enablePointer = 0; + struct usernameList *usernamePointer = 0; + struct privilageLevels *privilagePointer = 0; + struct bannerConfig *bannerPointer = 0; + char tempString[nipper->maxSize]; + + // Enable Password + if (nipper->ios->enable != 0) + { + output_table(nipper, true, settings_enable_table, &report_enable_heading); + enablePointer = nipper->ios->enable; + while (enablePointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, enablePointer->level, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(enablePointer->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_mid); + } + switch (enablePointer->encryption) + { + case encrypt_type7: + fprintf(nipper->reportFile, "Type-7%s", nipper->tablerow_end); + break; + case encrypt_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_end); + addAbbreviation("MD5", false); + break; + case encrypt_none: + fprintf(nipper->reportFile, "None%s", nipper->tablerow_end); + break; + case encrypt_unknown: + fprintf(nipper->reportFile, "Unknown%s", nipper->tablerow_end); + break; + } + enablePointer = enablePointer->next; + } + output_table(nipper, false, settings_enable_table, &report_enable_heading); + } + + // Usernames + if (nipper->ios->username != 0) + { + output_table(nipper, true, settings_users_table, &report_users_heading); + usernamePointer = nipper->ios->username; + while (usernamePointer != 0) + { + outputFriendly(usernamePointer->username, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s%d%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, usernamePointer->privilage, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(usernamePointer->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s %s", tempString, nipper->tablerow_mid); + } + switch (usernamePointer->encryption) + { + case encrypt_type7: + fprintf(nipper->reportFile, "Type-7%s", nipper->tablerow_end); + break; + case encrypt_md5: + fprintf(nipper->reportFile, "MD5%s", nipper->tablerow_end); + addAbbreviation("MD5", false); + break; + case encrypt_none: + fprintf(nipper->reportFile, "None%s", nipper->tablerow_end); + break; + case encrypt_unknown: + fprintf(nipper->reportFile, "Unknown%s", nipper->tablerow_end); + break; + } + usernamePointer = usernamePointer->next; + } + output_table(nipper, false, settings_users_table, &report_users_heading); + } + + // Privilage + if (nipper->ios->privilage != 0) + { + output_parseText(settings_privs_desc, nipper, section_none, rate_none, 0, 0); + output_table(nipper, true, settings_privs_table, &report_privs_heading); + privilagePointer = nipper->ios->privilage; + while (privilagePointer != 0) + { + printf("%s%d%s%s%s", nipper->tablerow_start, privilagePointer->level, nipper->tablerow_mid, privilagePointer->command, nipper->tablerow_end); + privilagePointer = privilagePointer->next; + } + output_table(nipper, false, settings_privs_table, &report_privs_heading); + } + + // Banner + if (nipper->ios->banner != 0) + { + output_parseText(settings_banner_desc, nipper, section_none, rate_none, 0, 0); + bannerPointer = nipper->ios->banner; + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "\n"); + break; + case output_xml: + fprintf(nipper->reportFile, " "); + break; + } + while (bannerPointer != 0) + { + fprintf(nipper->reportFile, "%s", bannerPointer->line); + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
\n"); + break; + default: + fprintf(nipper->reportFile, "\n"); + break; + } + bannerPointer = bannerPointer->next; + } + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, ""); + break; + case output_xml: + fprintf(nipper->reportFile, "\n"); + break; + } + output_newPara(nipper); + } +} + diff --git a/0.11.10/IOS/report-vtp.c b/0.11.10/IOS/report-vtp.c new file mode 100644 index 0000000..d9648f7 --- /dev/null +++ b/0.11.10/IOS/report-vtp.c @@ -0,0 +1,62 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +void iosVTPConfig(struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_vtp_table, &settings_general_heading); + switch (nipper->ios->vtpMode) + { + case vtp_mode_server: + fprintf(nipper->reportFile, "%sVTP Mode%sServer%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case vtp_mode_client: + fprintf(nipper->reportFile, "%sVTP Mode%sClient%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case vtp_mode_transparent: + fprintf(nipper->reportFile, "%sVTP Mode%sTransparent%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + case vtp_mode_none: + fprintf(nipper->reportFile, "%sVTP Mode%sNone%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + break; + } + if (nipper->ios->vtpDomain[0] != 0) + { + outputFriendly(nipper->ios->vtpDomain, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sVTP Domain%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + output_table(nipper, false, settings_vtp_table, &settings_general_heading); + addAbbreviation("VTP", false); +} + diff --git a/0.11.10/IOS/report.c b/0.11.10/IOS/report.c new file mode 100644 index 0000000..a52bff4 --- /dev/null +++ b/0.11.10/IOS/report.c @@ -0,0 +1,555 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for IOS reporting + +// Report IOS includes... +#include "report-aaa.c" +#include "report-access-list.c" +#include "report-clock.c" +#include "report-debug.c" +#include "report-dns.c" +#include "report-ftp.c" +#include "report-general.c" +#include "report-http.c" +#include "report-interface.c" +#include "report-keychain.c" +#include "report-line.c" +#include "report-logging.c" +#include "report-nat.c" +#include "report-ntp.c" +#include "report-passwords.c" +#include "report-router.c" +#include "report-snmp.c" +#include "report-ssh.c" +#include "report-tacacs.c" +#include "report-timeout.c" +#include "report-username.c" +#include "report-vtp.c" + + +void generateIOSReport(struct nipperConfig *nipper) +{ + // Variables + struct enablePassword *enablePointer = 0; + struct snmpGroup *snmpGroupPointer = 0; + struct interfaceConfig *interfaceConfigPointer = 0; + struct ospfAreaConfig *ospfAreaPointer = 0; + struct ospfConfig *ospfPointer = 0; + //struct eigrpConfig *eigrpPointer = 0; + struct eigrpAutonStruct *eigrpAutonPointer = 0; + struct lineConfig *linePointer = 0; + struct vulnerability *vulnPointer = 0; + struct vrrpStruct *vrrpPointer = 0; + int tempInt = 0; + //int tempInt2 = 0; + + // Security Report section + if (nipper->fullReport == true) + { + + // Software Version + if ((nipper->versionMajor < 12) || ((nipper->versionMajor == 12) && (((nipper->deviceType != type_ios_catalyst) && (nipper->versionMinor < 4)) || ((nipper->deviceType == type_ios_catalyst) && (nipper->versionMinor < 2))))) + { + nipper->vulnIssues = 0; + nipper->vulnIssueDos = false; + nipper->vulnIssueRemote = false; + vulnPointer = &report_vuln_ios; + while (vulnPointer->next != 0) + { + checkVulnVersion(nipper, vulnPointer); + vulnPointer = vulnPointer->next; + } + if (nipper->vulnIssues > 0) + addReportSection(nipper, section_security, report_osver_title, report_osver_context, report_osver_rectext, 10, 8, 5, 3, iosVulnIssue); + } + + // Simple Passwords + if (nipper->simplePasswords > 1) + addReportSection(nipper, section_security, report_dict_title1, report_dict_context, report_dict_rectext, 10, 8, 5, 3, iosDictionaryIssue); + else if (nipper->simplePasswords > 0) + addReportSection(nipper, section_security, report_dict_title2, report_dict_context, report_dict_rectext, 10, 8, 5, 3, iosDictionaryIssue); + + // Password Strength + if (nipper->passwordStrengths > 1) + addReportSection(nipper, section_security, report_strength_title1, report_strength_context, report_strength_rectext, 10, 8, 5, 3, iosStrengthIssue); + else if (nipper->passwordStrengths > 0) + addReportSection(nipper, section_security, report_strength_title2, report_strength_context, report_strength_rectext, 10, 8, 5, 3, iosStrengthIssue); + + // Auto configuration + if ((nipper->ios->bootNetwork == true) || (nipper->ios->serviceConfig == true)) + addReportSection(nipper, section_security, report_configauto_title, report_configauto_context, report_configauto_rectext, 10, 8, 5, 3, iosAutoConfigIssue); + + // IP directed broadcasts + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipDirectBroadcast == true) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + nipper->ipDirectedIssues++; + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->ipDirectedIssues > 0) + addReportSection(nipper, section_security, report_ipdirected_title, report_ipdirected_context, report_ipdirected_rectext, 10, 8, 5, 3, iosIPDirectedIssue); + + // BGP Route Dampening + if (nipper->ios->bgp != 0) + { + if (nipper->ios->bgp->dampening != true) + addReportSection(nipper, section_security, report_bgpdamp_title, report_bgpdamp_context, report_bgpdamp_rectext, 10, 8, 5, 3, iosBGPDampeningIssue); + } + + // OSPF Authentication + ospfPointer = nipper->ios->ospf; + while (ospfPointer !=0) + { + ospfAreaPointer = nipper->ios->ospf->ospfArea; + if (ospfAreaPointer == 0) + nipper->ospfAuthNoneIssues++; + while (ospfAreaPointer != 0) + { + if (ospfAreaPointer->areaAuth == auth_none) + nipper->ospfAuthNoneIssues++; + else if (ospfAreaPointer->areaAuth == auth_clear) + nipper->ospfAuthClearIssues++; + else + nipper->ospfAuthMD5++; + ospfAreaPointer = ospfAreaPointer->next; + } + ospfPointer = ospfPointer->next; + } + if ((nipper->ospfAuthNoneIssues > 0) || (nipper->ospfAuthClearIssues > 0)) + addReportSection(nipper, section_security, report_ospfauth_title, report_ospfauth_context, report_ospfauth_rectext, 10, 8, 5, 3, iosOSPFAuthenticationIssue); + + // EIGRP + if (nipper->ios->eigrp != 0) + { + //tempInt2 = 0; + //eigrpPointer = nipper->ios->eigrp; + //while (eigrpPointer != 0) + //{ + // tempInt2++; + // eigrpPointer = eigrpPointer->next; + //} + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + //tempInt = tempInt2; + eigrpAutonPointer = interfaceConfigPointer->eigrp; + while (eigrpAutonPointer != 0) + { + if ((eigrpAutonPointer->md5Auth == false) && (eigrpAutonPointer->passive != true)) + nipper->eigrpIssues++; + eigrpAutonPointer = eigrpAutonPointer->next; + } + //if (tempInt > 0) + // nipper->eigrpIssues++; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->eigrpIssues > 0) + addReportSection(nipper, section_security, report_eigrpauth_title, report_eigrpauth_context, report_eigrpauth_rectext, 10, 8, 5, 3, iosEIGRPIssue); + } + + // RIP + if (nipper->ios->rip != 0) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if (((interfaceConfigPointer->ripKeyChain[0] == 0) || (interfaceConfigPointer->ripAuthMode != rip_auth_md5) || (interfaceConfigPointer->ripSendVersion != rip_version2) || (interfaceConfigPointer->ripReceiveVersion != rip_version2)) && (interfaceConfigPointer->ripPassive == false) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + nipper->ripIssues++; + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->ripIssues > 0) + addReportSection(nipper, section_security, report_rip_title, report_rip_context, report_rip_rectext, 10, 8, 5, 3, iosRIPIssue); + } + + // VRRP + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + vrrpPointer = interfaceConfigPointer->vrrp; + while (vrrpPointer != 0) + { + if ((interfaceConfigPointer->shutdown == false) && (vrrpPointer->shutdown == false) && (vrrpPointer->authentication != vrrp_auth_md5)) + nipper->vrrpIssues++; + vrrpPointer = vrrpPointer->next; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->vrrpIssues > 0) + addReportSection(nipper, section_security, report_vrrp_title, report_vrrp_context, report_vrrp_rectext, 10, 8, 5, 3, iosVRRPIssue); + + // TCP Keep Alives + if (nipper->ios->keepAlivesIn == false) + addReportSection(nipper, section_security, report_keepalive_title, report_keepalive_context, report_keepalive_rectext, 10, 8, 5, 3, iosKeepAlivesIssue); + + // Connection Timeout + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if ((linePointer->login != login_disabled) && ((linePointer->timeout == 0) || (linePointer->timeout > nipper->connectionTimeout)) && ((linePointer->absoluteTimeout == 0) || (linePointer->absoluteTimeout > nipper->connectionTimeout)) && ((linePointer->sessionTimeout == 0) || (linePointer->sessionTimeout > nipper->connectionTimeout)) && ((linePointer->execTimeout == 0) || (linePointer->execTimeout > nipper->connectionTimeout))) + nipper->insecureTimeouts++; + linePointer = linePointer->next; + } + if (nipper->insecureTimeouts > 0) + addReportSection(nipper, section_security, report_timeout_title, report_timeout_context, report_timeout_rectext, 10, 8, 5, 3, iosTimeoutIssue); + + // Aux port + tempInt = 0; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if ((linePointer->callback == false) && (linePointer->login != login_disabled) && (linePointer->exec == true) && (linePointer->lineType == line_aux)) + tempInt++; + linePointer = linePointer->next; + } + if (tempInt > 0) + addReportSection(nipper, section_security, report_aux_title, report_aux_context, report_aux_rectext, 10, 8, 5, 3, iosAUXPortIssue); + + // Source Routing + if ((nipper->ios->sourceRouting != false) && (nipper->deviceType == type_ios_router)) + addReportSection(nipper, section_security, report_source_title, report_source_context, report_source_rectext, 10, 8, 5, 3, iosSourceRoutingIssue); + + // Finger + if (nipper->ios->finger != false) + addReportSection(nipper, section_security, report_finger_title, report_finger_context, report_finger_rectext, 10, 8, 5, 3, iosFingerIssue); + + // HTTP + tempInt = false; + if (nipper->ios->http == 0) + tempInt = true; + else if (nipper->ios->http->enabled == true) + tempInt = true; + if (tempInt == true) + addReportSection(nipper, section_security, report_http_title, report_http_context, report_http_rectext, 10, 8, 5, 3, iosHTTPIssue); + + // SNMP + if (nipper->ios->snmp != 0) + { + if (nipper->ios->snmp->enabled == true) + { + if (nipper->ios->snmp->community != 0) + nipper->snmpIssue = 1; + snmpGroupPointer = nipper->ios->snmp->group; + while (snmpGroupPointer != 0) + { + if (snmpGroupPointer->version == snmp1) + nipper->snmpIssue = 1; + else if ((snmpGroupPointer->version == snmp2c) && (nipper->snmpIssue != 1)) + nipper->snmpIssue = 2; + else if (((snmpGroupPointer->version == snmp3_no_auth) || (snmpGroupPointer->version == snmp3_auth)) && (nipper->snmpIssue == 0)) + nipper->snmpIssue = -1; + snmpGroupPointer = snmpGroupPointer->next; + } + } + } + if (nipper->snmpIssue != 0) + addReportSection(nipper, section_security, report_snmp_title, report_snmp_context, report_snmp_rectext, 10, 8, 5, 3, iosSNMPIssue); + + // Telnet + tempInt = false; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if ((linePointer->telnet == true) && (linePointer->exec == true) && (linePointer->login != login_disabled)) + tempInt = true; + linePointer = linePointer->next; + } + if (tempInt == true) + addReportSection(nipper, section_security, report_telnet_title, report_telnet_context, report_telnet_rectext, 10, 8, 5, 3, iosTelnetIssue); + + // Redirects + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipRedirects == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + nipper->redirectsIssues++; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->redirectsIssues > 0) + addReportSection(nipper, section_security, report_redirects_title, report_redirects_context, report_redirects_rectext, 10, 8, 5, 3, iosRedirectsIssue); + + // Access Lists + rulesAudit(nipper); + if (nipper->aclIssues > 0) + addReportSection(nipper, section_security, report_accesslist_title, report_accesslist_context, report_accesslist_rectext, 10, 8, 5, 3, ciscoACLIssue); + + // uRPF verification + if ((nipper->versionMajor > 11) && (nipper->deviceType == type_ios_router) && (nipper->deviceUse == use_edge)) + { + // If cef hasn't been enabled... + if (nipper->ios->cef == false) + nipper->uRPFIssues = -1; + + // Look for interfaces without uRPF on... + else + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->uRPF == false) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + nipper->uRPFIssues++; + interfaceConfigPointer = interfaceConfigPointer->next; + } + } + } + if (nipper->uRPFIssues != 0) + addReportSection(nipper, section_security, report_urpf_title, report_urpf_context, report_urpf_rectext, 10, 8, 5, 3, iosURPFIssue); + + // Switch Port Mode + if (nipper->deviceType != type_ios_router) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->switchportMode != sp_mode_access) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (strncmp(interfaceConfigPointer->name, "Vlan", 4) != 0)) + nipper->switchportModeIssues++; + interfaceConfigPointer = interfaceConfigPointer->next; + } + } + if (nipper->switchportModeIssues > 0) + addReportSection(nipper, section_security, report_trunking_title, report_trunking_context, report_trunking_rectext, 10, 8, 5, 3, iosTrunkingIssue); + + // Switch Port Security + if (nipper->deviceType != type_ios_router) + { + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->switchportSecurity == false) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (strncmp(interfaceConfigPointer->name, "Vlan", 4) != 0)) + nipper->switchportIssues++; + interfaceConfigPointer = interfaceConfigPointer->next; + } + } + if (nipper->switchportIssues > 0) + addReportSection(nipper, section_security, report_portsecurity_title, report_portsecurity_context, report_portsecurity_rectext, 10, 8, 5, 3, iosPortSecurityIssue); + + // Logging + if (nipper->ios->logging == 0) + nipper->loggingIssue = -1; + else + { + if (nipper->ios->logging->logging == false) + nipper->loggingIssue = 1; + else if ((nipper->ios->logging->logServer == 0) && (nipper->ios->logging->bufferedLogging == 0)) + nipper->loggingIssue = 2; + else if (nipper->ios->logging->logServer == 0) + nipper->loggingIssue = 3; + else if (nipper->ios->logging->bufferedLogging == 0) + nipper->loggingIssue = 4; + } + if (nipper->loggingIssue != 0) + addReportSection(nipper, section_security, report_logging_title, report_logging_context, report_logging_rectext, 10, 8, 5, 3, iosLoggingIssue); + + // Proxy ARP + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->proxyArp == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + nipper->proxyArpIssues++; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->proxyArpIssues > 0) + addReportSection(nipper, section_security, report_proxyarp_title, report_proxyarp_context, report_proxyarp_rectext, 10, 8, 5, 3, iosProxyARPIssue); + + // SSH Protocol Version + tempInt = 0; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if ((linePointer->ssh == true) && (linePointer->exec == true) && (linePointer->login != login_disabled)) + tempInt++; + linePointer = linePointer->next; + } + if (tempInt > 0) + { + if (nipper->ios->ssh != 0) + { + if (nipper->ios->ssh->protocolVersion != ssh_ver_2) + nipper->sshIssue = 2; + } + else + nipper->sshIssue = 2; + if ((nipper->versionMajor == 12) && (nipper->versionMinor < 2)) + nipper->sshIssue = 1; + } + if (nipper->sshIssue != 0) + addReportSection(nipper, section_security, report_sshproto_title, report_sshproto_context, report_sshproto_rectext, 10, 8, 5, 3, iosSSHProtocolIssue); + + // CDP + if (nipper->ios->cdp != false) + addReportSection(nipper, section_security, report_cdp_title, report_cdp_context, report_cdp_rectext, 10, 8, 5, 3, iosCDPIssue); + + // IP Classless Routing + if ((nipper->ios->classlessRouting == true) && (nipper->deviceType == type_ios_router)) + addReportSection(nipper, section_security, report_classless_title, report_classless_context, report_classless_rectext, 10, 8, 5, 3, iosClasslessRoutingIssue); + + // Minimum Password Length + if ((nipper->versionMajor == 12) && (nipper->versionMinor > 2) && (nipper->ios->passwordMinLength < 0)) + addReportSection(nipper, section_security, report_passlength_title, report_passlength2_context, report_passlength_rectext, 10, 8, 5, 3, iosPasswordLengthIssue); + else if ((nipper->versionMajor == 12) && (nipper->versionMinor > 2) && (nipper->ios->passwordMinLength < nipper->passwordLength)) + addReportSection(nipper, section_security, report_passlength_title, report_passlength_context, report_passlength_rectext, 10, 8, 5, 3, iosPasswordLengthIssue); + + // Bootp + if (nipper->ios->bootp == true) + addReportSection(nipper, section_security, report_bootp_title, report_bootp_context, report_bootp_rectext, 10, 8, 5, 3, iosBootPIssue); + + // Small Servers + if ((nipper->ios->udpSmallServers != false) || (nipper->ios->tcpSmallServers != false)) + addReportSection(nipper, section_security, report_small_title, report_small_context, report_small_rectext, 10, 8, 5, 3, iosSmallServersIssue); + + // IP unreachables + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipUnreachables == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + nipper->unreachIssues++; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->unreachIssues > 0) + addReportSection(nipper, section_security, report_icmpunreach_title, report_icmpunreach_context, report_icmpunreach_rectext, 10, 8, 5, 3, iosIPUnreachablesIssue); + + // IP Mask Reply + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->ipMaskReply == true) && (interfaceConfigPointer->shutdown == false) && (strncmp(interfaceConfigPointer->ipAddress, "None", 8) != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0)) + { + nipper->maskReplyIssues++; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (nipper->maskReplyIssues > 0) + addReportSection(nipper, section_security, report_maskreply_title, report_maskreply_context, report_maskreply_rectext, 10, 8, 5, 3, iosMaskReplyIssue); + + // Enable Secret Passwords + enablePointer = nipper->ios->enable; + while (enablePointer != 0) + { + if (enablePointer->secret == false) + nipper->enableIssues++; + enablePointer = enablePointer->next; + } + if (nipper->enableIssues > 0) + addReportSection(nipper, section_security, report_enablesec_title, report_enablesec_context, report_enablesec_rectext, 10, 8, 5, 3, iosEnableSecretIssue); + + // Password Encryption Service + if (nipper->ios->servicePasswordEncryption == false) + addReportSection(nipper, section_security, report_passenc_title, report_passenc_context, report_passenc_rectext, 10, 8, 5, 3, iosPasswordEncryptionIssue); + + // Banners + if (nipper->ios->banner == 0) + addReportSection(nipper, section_security, report_banner_title, report_banner_context, report_banner_rectext, 10, 8, 5, 3, iosBannerIssue); + + // Domain Lookup + if (nipper->ios->domainLookup == true) + addReportSection(nipper, section_security, report_lookup_title, report_lookup_context, report_lookup_rectext, 10, 8, 5, 3, iosDomainLookupIssue); + + // PAD + if (nipper->ios->pad == true) + addReportSection(nipper, section_security, report_pad_title, report_pad_context, report_pad_rectext, 10, 8, 5, 3, iosPADIssue); + + // MOP + tempInt = 0; + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if ((interfaceConfigPointer->mop == true) && (interfaceConfigPointer->shutdown == false) && (strcmp(interfaceConfigPointer->ipAddress, "None") != 0) && (strncmp(interfaceConfigPointer->name, "Loopback", 8) != 0) && (strchr(interfaceConfigPointer->name, '.') == 0)) + { + tempInt++; + } + interfaceConfigPointer = interfaceConfigPointer->next; + } + if (tempInt > 0) + addReportSection(nipper, section_security, report_mop_title, report_mop_context, report_mop_rectext, 10, 8, 5, 3, iosMOPIssue); + } + + + // In Configuration Index + addReportSection(nipper, section_config, settings_general_title, 0, 0, 0, 0, 0, 0, iosGeneralConfig); + addReportSection(nipper, section_config, settings_services_title, 0, 0, 0, 0, 0, 0, iosServicesConfig); + addReportSection(nipper, section_config, settings_dns_title, 0, 0, 0, 0, 0, 0, iosDNSConfig); + addReportSection(nipper, section_config, settings_timezone_title, 0, 0, 0, 0, 0, 0, iosTimeZoneConfig); + if ((nipper->ios->enable != 0) || (nipper->ios->username != 0) || (nipper->ios->banner != 0)) + addReportSection(nipper, section_config, settings_users_title, 0, 0, 0, 0, 0, 0, iosUsersConfig); + if (nipper->ios->logging != 0) + addReportSection(nipper, section_config, settings_logging_title, 0, 0, 0, 0, 0, 0, iosLoggingConfig); + if (nipper->ios->snmp != 0) + addReportSection(nipper, section_config, settings_snmp_title, 0, 0, 0, 0, 0, 0, iosSNMPConfig); + if (nipper->ios->ssh != 0) + addReportSection(nipper, section_config, settings_ssh_title, 0, 0, 0, 0, 0, 0, iosSSHConfig); + if (nipper->ios->ntp != 0) + addReportSection(nipper, section_config, settings_ntp_title, 0, 0, 0, 0, 0, 0, iosNTPConfig); + if (nipper->ios->ftp != 0) + addReportSection(nipper, section_config, settings_ftp_title, 0, 0, 0, 0, 0, 0, iosFTPConfig); + if (nipper->ios->http != 0) + addReportSection(nipper, section_config, settings_http_title, 0, 0, 0, 0, 0, 0, iosHTTPConfig); + if (nipper->ios->tacacs != 0) + addReportSection(nipper, section_config, settings_tacacs_title, 0, 0, 0, 0, 0, 0, iosTACACSConfig); + if ((nipper->ios->aaa !=0) && (nipper->ios->aaa->groupServer !=0)) + addReportSection(nipper, section_config, settings_aaa_title, 0, 0, 0, 0, 0, 0, iosAAAConfig); + nipper->vrrpIssues = 0; + interfaceConfigPointer = nipper->ios->interface; + while (interfaceConfigPointer != 0) + { + if (interfaceConfigPointer->vrrp != 0) + nipper->vrrpIssues++; + interfaceConfigPointer = interfaceConfigPointer->next; + } + if ((nipper->ios->bgp != 0) || (nipper->vrrpIssues != 0) || (nipper->ios->eigrp != 0) || (nipper->ios->isis != 0) || (nipper->ios->rip != 0) || (nipper->ios->ospf != 0) || (nipper->ios->route != 0) || (nipper->ios->routeMap != 0)) + addReportSection(nipper, section_config, settings_routing_title, 0, 0, 0, 0, 0, 0, iosRoutingConfig); + if ((nipper->passwords == true) && (nipper->ios->chain != 0)) + addReportSection(nipper, section_config, settings_keys_title, 0, 0, 0, 0, 0, 0, iosKeysConfig); + if (nipper->ios->line != 0) + addReportSection(nipper, section_config, settings_lines_title, 0, 0, 0, 0, 0, 0, iosLinesConfig); + if (nipper->ios->interface != 0) + addReportSection(nipper, section_config, settings_inter_title, 0, 0, 0, 0, 0, 0, iosInterfacesConfig); + if (nipper->deviceType != type_ios_router) + addReportSection(nipper, section_config, settings_vtp_title, 0, 0, 0, 0, 0, 0, iosVTPConfig); + if ((nipper->ios->interface !=0) && (nipper->deviceType != type_ios_router)) + addReportSection(nipper, section_config, settings_switchport_title, 0, 0, 0, 0, 0, 0, iosSwitchportConfig); + if (nipper->ios->nat !=0) + addReportSection(nipper, section_config, settings_nat_title, 0, 0, 0, 0, 0, 0, iosNATConfig); + if (nipper->filterList !=0) + addReportSection(nipper, section_config, settings_accesslists_title, 0, 0, 0, 0, 0, 0, iosACLConfig); + + // Generate Report... + generateReport(nipper); +} + diff --git a/0.11.10/LICENSE b/0.11.10/LICENSE new file mode 100644 index 0000000..c700d03 --- /dev/null +++ b/0.11.10/LICENSE @@ -0,0 +1,653 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + diff --git a/0.11.10/Makefile b/0.11.10/Makefile new file mode 100644 index 0000000..90e5c56 --- /dev/null +++ b/0.11.10/Makefile @@ -0,0 +1,22 @@ +SRCS = nipper.c +BINPATH = /usr/bin/ +CONFPATH = /etc/ +MANPATH = /usr/share/man/ + +all: + gcc -o nipper $(SRCS) $(LDFLAGS) $(CFLAGS) + +install: + cp nipper $(BINPATH) + cp nipper.conf $(CONFPATH) + cp man/nipper.1 $(MANPATH)man1 + cp man/nipper.conf.5 $(MANPATH)man5 + +uninstall: + rm -f $(BINPATH)nipper + rm -f $(CONFPATH)nipper.conf + rm -f $(MANPATH)man1/nipper.1 + rm -f $(MANPATH)man5/nipper.conf.5 + +clean: + rm -f nipper diff --git a/0.11.10/NMP/.svn/all-wcprops b/0.11.10/NMP/.svn/all-wcprops new file mode 100644 index 0000000..79d8118 --- /dev/null +++ b/0.11.10/NMP/.svn/all-wcprops @@ -0,0 +1,107 @@ +K 25 +svn:wc:ra_dav:version-url +V 33 +/svn/!svn/ver/3/trunk/0.11.10/NMP +END +process-cdp.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/NMP/process-cdp.c +END +report-general.c +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/0.11.10/NMP/report-general.c +END +report-snmp.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/NMP/report-snmp.c +END +cleanup.c +K 25 +svn:wc:ra_dav:version-url +V 43 +/svn/!svn/ver/3/trunk/0.11.10/NMP/cleanup.c +END +process-general.c +K 25 +svn:wc:ra_dav:version-url +V 51 +/svn/!svn/ver/3/trunk/0.11.10/NMP/process-general.c +END +process-snmp.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/NMP/process-snmp.c +END +report-port.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/NMP/report-port.c +END +process-spantree.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/NMP/process-spantree.c +END +report-passwords.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/NMP/report-passwords.c +END +input.c +K 25 +svn:wc:ra_dav:version-url +V 41 +/svn/!svn/ver/3/trunk/0.11.10/NMP/input.c +END +report-debug.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/NMP/report-debug.c +END +process-port.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/NMP/process-port.c +END +report-permit.c +K 25 +svn:wc:ra_dav:version-url +V 49 +/svn/!svn/ver/3/trunk/0.11.10/NMP/report-permit.c +END +report-vlan.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/NMP/report-vlan.c +END +report.c +K 25 +svn:wc:ra_dav:version-url +V 42 +/svn/!svn/ver/3/trunk/0.11.10/NMP/report.c +END +process-vlan.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/NMP/process-vlan.c +END +process-permit.c +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/0.11.10/NMP/process-permit.c +END diff --git a/0.11.10/NMP/.svn/entries b/0.11.10/NMP/.svn/entries new file mode 100644 index 0000000..f4a0d66 --- /dev/null +++ b/0.11.10/NMP/.svn/entries @@ -0,0 +1,606 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/0.11.10/NMP +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +process-cdp.c +file + + + + +2016-02-13T06:47:11.704155Z +edd9667889141dae0841519afbdc81f6 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4828 + +report-general.c +file + + + + +2016-02-13T06:47:11.704155Z +bce99c22342ac19ddfd1f9d1819d3e94 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +8643 + +report-snmp.c +file + + + + +2016-02-13T06:47:11.704155Z +0551ae7a798f0fffa5fcce362a0ae5c0 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5311 + +cleanup.c +file + + + + +2016-02-13T06:47:11.704155Z +b7c5bbd378c3f82774f89f00fca21a44 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4632 + +process-general.c +file + + + + +2016-02-13T06:47:11.704155Z +5e853c0b1b24d551a868ad0df9354069 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5544 + +process-snmp.c +file + + + + +2016-02-13T06:47:11.704155Z +56aeba2d133de87decb2bf7b49c7caf4 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7793 + +report-port.c +file + + + + +2016-02-13T06:47:11.704155Z +fad87df4024a0889b4013e4fe4513b99 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +9872 + +process-spantree.c +file + + + + +2016-02-13T06:47:11.704155Z +bc4a1683551e6098ad23f18a1441f74a +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4349 + +report-passwords.c +file + + + + +2016-02-13T06:47:11.704155Z +3b442785e841cd86ca3bb8f46efab1b0 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +13143 + +input.c +file + + + + +2016-02-13T06:47:11.704155Z +82ab7bd30182118de08313d8628f1f84 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7256 + +report-debug.c +file + + + + +2016-02-13T06:47:11.704155Z +478df7e75a0648f1d18553cf832d711b +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +8444 + +process-port.c +file + + + + +2016-02-13T06:47:11.704155Z +cdd4f22f9a3591abfafdc43c617127fb +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +19642 + +report-permit.c +file + + + + +2016-02-13T06:47:11.704155Z +831af474d9e184687500560e251fa844 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5846 + +report-vlan.c +file + + + + +2016-02-13T06:47:11.704155Z +f73b023f50203cb3739a73cc0026b9e9 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3759 + +report.c +file + + + + +2016-02-13T06:47:11.704155Z +b54c498f8334a8cbabf7c422750b647b +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5594 + +process-vlan.c +file + + + + +2016-02-13T06:47:11.704155Z +3ca1cbac0096c0a496d86b9835052a26 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +8110 + +process-permit.c +file + + + + +2016-02-13T06:47:11.704155Z +df2367a16e5329a44a647febceab3464 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5913 + diff --git a/0.11.10/NMP/.svn/text-base/cleanup.c.svn-base b/0.11.10/NMP/.svn/text-base/cleanup.c.svn-base new file mode 100644 index 0000000..64ea7a7 --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/cleanup.c.svn-base @@ -0,0 +1,120 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void cleanupNMP(struct nipperConfig *nipper) +{ + // Pointers + struct snmpNMPCommunity *communityNMPPointer = 0; + struct snmpNMPHost *snmpNMPHostPointer = 0; + struct snmpTrap *snmpTrapPointer = 0; + struct hostNMP *hostNMPPointer = 0; + struct vlanConfig *vlanNMPPointer = 0; + struct moduleConfig *moduleNMPPointer = 0; + struct portConfig *portNMPPointer = 0; + + // Cleanup SNMP + if (nipper->nmp->snmp != 0) + { + while (nipper->nmp->snmp->community != 0) + { + communityNMPPointer = nipper->nmp->snmp->community->next; + free(nipper->nmp->snmp->community); + nipper->nmp->snmp->community = communityNMPPointer; + } + while (nipper->nmp->snmp->trap != 0) + { + snmpTrapPointer = nipper->nmp->snmp->trap->next; + free(nipper->nmp->snmp->trap); + nipper->nmp->snmp->trap = snmpTrapPointer; + } + while (nipper->nmp->snmp->host != 0) + { + snmpNMPHostPointer = nipper->nmp->snmp->host->next; + free(nipper->nmp->snmp->host); + nipper->nmp->snmp->host = snmpNMPHostPointer; + } + free(nipper->nmp->snmp); + } + + // Cleanup Modules & Ports + while (nipper->nmp->module != 0) + { + while (nipper->nmp->module->ports != 0) + { + portNMPPointer = nipper->nmp->module->ports->next; + free(nipper->nmp->module->ports); + nipper->nmp->module->ports = portNMPPointer; + } + moduleNMPPointer = nipper->nmp->module->next; + free(nipper->nmp->module); + nipper->nmp->module = moduleNMPPointer; + } + + // Cleanup VLANS + while (nipper->nmp->vlan != 0) + { + vlanNMPPointer = nipper->nmp->vlan->next; + free(nipper->nmp->vlan); + nipper->nmp->vlan = vlanNMPPointer; + } + + // Cleanup Permit Lists + if (nipper->nmp->permit != 0) + { + while (nipper->nmp->permit->telnetHost != 0) + { + hostNMPPointer = nipper->nmp->permit->telnetHost->next; + free(nipper->nmp->permit->telnetHost); + nipper->nmp->permit->telnetHost = hostNMPPointer; + } + while (nipper->nmp->permit->sshHost != 0) + { + hostNMPPointer = nipper->nmp->permit->sshHost->next; + free(nipper->nmp->permit->sshHost); + nipper->nmp->permit->sshHost = hostNMPPointer; + } + while (nipper->nmp->permit->snmpHost != 0) + { + hostNMPPointer = nipper->nmp->permit->snmpHost->next; + free(nipper->nmp->permit->snmpHost); + nipper->nmp->permit->snmpHost = hostNMPPointer; + } + free(nipper->nmp->permit); + } + + // Cleanup switch config + if (nipper->nmp->switchConfig != 0) + free (nipper->nmp->switchConfig); + + // Cleanup NMP config + free(nipper->nmp); +} + diff --git a/0.11.10/NMP/.svn/text-base/input.c.svn-base b/0.11.10/NMP/.svn/text-base/input.c.svn-base new file mode 100644 index 0000000..666f543 --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/input.c.svn-base @@ -0,0 +1,231 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct ciscoNMPConfig // Cisco NMP Configuration +{ + // Configuration settings... + char location[64]; + char contact[64]; + int timeout; + char coreFile[32]; + char syslogFile[32]; + char password[32]; + char enablePassword[32]; + int cdp; + int cdpInterval; + int cdpHoldtime; + int cdpVersion; + int portSecurityAuto; + struct switchNMPConfig *switchConfig; + struct snmpNMP *snmp; + struct moduleConfig *module; + struct permitConfig *permit; + struct vlanConfig *vlan; +}; + + +struct hostNMP // NMP Host Struct +{ + char host[32]; + char netMask[16]; + struct hostNMP *next; +}; + + +// Processing NMP includes... +#include "process-general.c" +#include "process-permit.c" +#include "process-port.c" +#include "process-snmp.c" +#include "process-spantree.c" +#include "process-vlan.c" +#include "process-cdp.c" + + +void processNMPInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + int setting = 0; + int tempInt = 0; + + // Split the command line up + command = splitLine(line); + + // Init + if (strcmp(command.part[0], "clear") == 0) + { + tempInt = 1; + setting = false; + } + else if (strcmp(command.part[0], "set") == 0) + { + tempInt = 1; + setting = true; + } + else + tempInt = 0; + + // System lines... + if (strcmp(command.part[tempInt], "system") == 0) + { + tempInt++; + + // Hostname + if (strcmp(command.part[tempInt], "name") == 0) + { + if (nipper->debugMode == true) + printf("Hostname Line: %s\n", line); + strncpy(nipper->hostname, command.part[tempInt+1], sizeof(nipper->hostname) - 1); + } + + // Location... + else if (strcmp(command.part[tempInt], "location") == 0) + { + if (nipper->debugMode == true) + printf("Location Line: %s\n", line); + tempInt = 20; + while (line[tempInt] == ' ') + tempInt++; + strncpy(nipper->nmp->location, line + tempInt, sizeof(nipper->nmp->location) - 1); + } + + // Contact... + else if (strcmp(command.part[tempInt], "contact") == 0) + { + if (nipper->debugMode == true) + printf("Contact Line: %s\n", line); + tempInt = 19; + while (line[tempInt] == ' ') + tempInt++; + strncpy(nipper->nmp->contact, line + tempInt, sizeof(nipper->nmp->contact) - 1); + } + + // Corefile... + else if (strcmp(command.part[tempInt], "core-file") == 0) + { + if (nipper->debugMode == true) + printf("Core-file Line: %s\n", line); + strncpy(nipper->nmp->coreFile, command.part[tempInt+1], sizeof(nipper->nmp->coreFile) - 1); + } + + // Syslog file... + else if (strcmp(command.part[tempInt], "syslog-file") == 0) + { + if (nipper->debugMode == true) + printf("Syslog-file Line: %s\n", line); + strncpy(nipper->nmp->syslogFile, command.part[tempInt+1], sizeof(nipper->nmp->syslogFile) - 1); + } + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + } + + // IP lines... + else if (strcmp(command.part[tempInt], "ip") == 0) + { + tempInt++; + + // Permit List + if (strcmp(command.part[tempInt], "permit") == 0) + processNMPPermit(line, nipper); + + // ICMP IP Unreachables + else if (strcmp(command.part[tempInt], "unreachable") == 0) + processNMPUnreachable(line, nipper); + + // IP Redirects + else if (strcmp(command.part[tempInt], "redirect") == 0) + processNMPRedirect(line, nipper); + + // IP Fragmentation + else if (strcmp(command.part[tempInt], "fragmentation") == 0) + processNMPFragmentation(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + } + + // Version + else if (strcmp(command.part[tempInt], "#version") == 0) + { + if (nipper->debugMode == true) + printf("Version Line: %s\n", line); + strncpy(nipper->version, command.part[tempInt+1], sizeof(nipper->version) - 1); + nipper->versionMajor = atoi(nipper->version); + nipper->versionMinor = atoi(strchr(nipper->version, '.') + 1); + nipper->versionRevision = atoi(strchr(nipper->version, '(') + 1); + } + + // Logout Timeout... + else if (strcmp(command.part[tempInt], "logout") == 0) + { + if (nipper->debugMode == true) + printf("Logout Line: %s\n", line); + nipper->nmp->timeout = atoi(command.part[tempInt+1]); + } + + // Enable Passwords + else if ((strcmp(command.part[tempInt], "password") == 0) || (strcmp(command.part[tempInt], "enablepass") == 0)) + processEnablePass(line, nipper); + + // CDP... + else if (strcmp(command.part[tempInt], "cdp") == 0) + processNMPCDP(line, nipper); + + // SNMP... + else if (strcmp(command.part[tempInt], "snmp") == 0) + processNMPSnmp(line, nipper); + + // Ports + else if (strcmp(command.part[tempInt], "port") == 0) + processNMPPort(line, nipper); + + // Trunk + else if (strcmp(command.part[tempInt], "trunk") == 0) + processNMPTrunk(line, nipper); + + // Spanning Tree + else if (strcmp(command.part[tempInt], "spantree") == 0) + processNMPSpantree(line, nipper); + + // VLAN + else if (strcmp(command.part[tempInt], "vlan") == 0) + processNMPVlan(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} diff --git a/0.11.10/NMP/.svn/text-base/process-cdp.c.svn-base b/0.11.10/NMP/.svn/text-base/process-cdp.c.svn-base new file mode 100644 index 0000000..1016a00 --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/process-cdp.c.svn-base @@ -0,0 +1,140 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// CDP +void processNMPCDP(char *line, struct nipperConfig *nipper) +{ + // Variables + int offset = 0; + int offsetStart = 0; + int range = 0; + int module = 0; + int port = 0; + int tempInt = 0; + struct portConfig *portNMPPointer = 0; + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("CDP Line: %s\n", line); + + // Init + offset = 0; + command = splitLine(line); + + + // Global Enable / Disable + if (((strcmp(command.part[2], "enable") == 0) || (strcmp(command.part[2], "disable") == 0)) && (command.parts == 3)) + { + if (strcmp(command.part[2], "enable") == 0) + nipper->nmp->cdp = true; + else + nipper->nmp->cdp = false; + } + + // Interval + else if (strcmp(command.part[2], "interval") == 0) + nipper->nmp->cdpInterval = atoi(command.part[3]); + + // Holdtime + else if (strcmp(command.part[2], "holdtime") == 0) + nipper->nmp->cdpHoldtime = atoi(command.part[3]); + + // Version + else if (strcmp(command.part[2], "version") == 0) + { + if (strcmp(command.part[3], "v1") == 0) + nipper->nmp->cdpVersion = 1; + else + nipper->nmp->cdpVersion = 2; + } + + // Individual Port Enable / Disable + else if (((strcmp(command.part[2], "enable") == 0) || (strcmp(command.part[2], "disable") == 0)) && (command.parts == 4)) + { + if (strcmp(command.part[2], "enable") == 0) + tempInt = true; + else + tempInt = false; + + while (command.part[3][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '/')) + offset++; + command.part[3][offset] = 0; + module = atoi(command.part[3] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '-') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '-') + range = true; + else + range = false; + command.part[3][offset] = 0; + port = atoi(command.part[3] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set CDP + portNMPPointer->cdp = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != ',')) + offset++; + command.part[3][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[3] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set CDP + portNMPPointer->cdp = tempInt; + } + } + + // Move offset + offset++; + } + } +} diff --git a/0.11.10/NMP/.svn/text-base/process-general.c.svn-base b/0.11.10/NMP/.svn/text-base/process-general.c.svn-base new file mode 100644 index 0000000..2667e7a --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/process-general.c.svn-base @@ -0,0 +1,156 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process EnablePass / Password +void processEnablePass(char *line, struct nipperConfig *nipper) +{ + // Enable Password? + if (strncmp("set enablepass ", line, 15) == 0) + { + // Debug output + if (nipper->debugMode == true) + printf("Enable Password Line: %s\n", line); + + strncpy(nipper->nmp->enablePassword, line + 15, sizeof(nipper->nmp->enablePassword) - 1); + addJohnPassword(nipper, "Enable", nipper->nmp->enablePassword); + } + + // Password + else if (strncmp("set password ", line, 13) == 0) + { + // Debug output + if (nipper->debugMode == true) + printf("Login Password Line: %s\n", line); + + strncpy(nipper->nmp->password, line + 13, sizeof(nipper->nmp->password) - 1); + addJohnPassword(nipper, "LoginPassword", nipper->nmp->password); + } +} + + +struct switchNMPConfig +{ + int ipRedirect; // true or false + int ipUnreachable; // true or false + int ipFragmentation; // true or false +}; + + +// ICMP IP Unreachable +void processNMPUnreachable(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("ICMP IP Unrachable Line: %s\n", line); + + // Is switch configuration is not set + if (nipper->nmp->switchConfig == 0) + { + nipper->nmp->switchConfig = malloc(sizeof(struct switchNMPConfig)); + memset(nipper->nmp->switchConfig, 0 , sizeof(struct switchNMPConfig)); + nipper->nmp->switchConfig->ipRedirect = true; + nipper->nmp->switchConfig->ipUnreachable = true; + nipper->nmp->switchConfig->ipFragmentation = true; + } + + // Init + command = splitLine(line); + + if (strcmp(command.part[3], "enable") == 0) + nipper->nmp->switchConfig->ipUnreachable = true; + else + nipper->nmp->switchConfig->ipUnreachable = false; +} + + +// IP Redirects +void processNMPRedirect(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("IP Redirect Line: %s\n", line); + + // Is switch configuration is not set + if (nipper->nmp->switchConfig == 0) + { + nipper->nmp->switchConfig = malloc(sizeof(struct switchNMPConfig)); + memset(nipper->nmp->switchConfig, 0 , sizeof(struct switchNMPConfig)); + nipper->nmp->switchConfig->ipRedirect = true; + nipper->nmp->switchConfig->ipUnreachable = true; + nipper->nmp->switchConfig->ipFragmentation = true; + } + + // Init + command = splitLine(line); + + if (strcmp(command.part[3], "enable") == 0) + nipper->nmp->switchConfig->ipRedirect = true; + else + nipper->nmp->switchConfig->ipRedirect = false; +} + + +// Fragmentation +void processNMPFragmentation(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("IP Fragmentation Line: %s\n", line); + + // Is switch configuration is not set + if (nipper->nmp->switchConfig == 0) + { + nipper->nmp->switchConfig = malloc(sizeof(struct switchNMPConfig)); + memset(nipper->nmp->switchConfig, 0 , sizeof(struct switchNMPConfig)); + nipper->nmp->switchConfig->ipRedirect = true; + nipper->nmp->switchConfig->ipUnreachable = true; + nipper->nmp->switchConfig->ipFragmentation = true; + } + + // Init + command = splitLine(line); + + if (strcmp(command.part[3], "enable") == 0) + nipper->nmp->switchConfig->ipFragmentation = true; + else + nipper->nmp->switchConfig->ipFragmentation = false; +} + + diff --git a/0.11.10/NMP/.svn/text-base/process-permit.c.svn-base b/0.11.10/NMP/.svn/text-base/process-permit.c.svn-base new file mode 100644 index 0000000..5e40906 --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/process-permit.c.svn-base @@ -0,0 +1,166 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +struct permitConfig +{ + int telnet; // true, false or unconfigured + struct hostNMP *telnetHost; + int snmp; // true, false or unconfigured + struct hostNMP *snmpHost; + int ssh; // true, false or unconfigured + struct hostNMP *sshHost; + struct portConfig *next; +}; + + +// Permit +void processNMPPermit(char *line, struct nipperConfig *nipper) +{ + // Variables + int tempInt = 0; + struct ciscoCommand command; + struct hostNMP *hostNMPPointer = 0; + + // Debug output + if (nipper->debugMode == true) + printf("Permit Line: %s\n", line); + + // Init + command = splitLine(line); + + // If permit doesn't exist... + if (nipper->nmp->permit == 0) + { + // Create + nipper->nmp->permit = malloc(sizeof(struct permitConfig)); + memset(nipper->nmp->permit, 0 , sizeof(struct permitConfig)); + // Init + nipper->nmp->permit->telnet = unconfigured; + nipper->nmp->permit->snmp = unconfigured; + nipper->nmp->permit->ssh = unconfigured; + } + + // Enable / Disable permit lists + if ((strcmp(command.part[3], "enable") == 0) || (strcmp(command.part[3], "disable") == 0)) + { + // Is it enable + if (strcmp(command.part[3], "enable") == 0) + tempInt = true; + else + tempInt = false; + + // If all are enabled / disabled + if (command.parts == 4) + { + nipper->nmp->permit->telnet = tempInt; + nipper->nmp->permit->snmp = tempInt; + nipper->nmp->permit->ssh = tempInt; + } + + // If it is telnet + else if (strcmp(command.part[4], "telnet") == 0) + nipper->nmp->permit->telnet = tempInt; + + // If it is snmp + else if (strcmp(command.part[4], "snmp") == 0) + nipper->nmp->permit->snmp = tempInt; + + // If it is ssh + else if (strcmp(command.part[4], "ssh") == 0) + nipper->nmp->permit->ssh = tempInt; + } + + // If a permit host + else + { + + // Is it a telnet host + if ((strcmp(command.part[command.parts - 1], "telnet") == 0) || (strcmp(command.part[command.parts - 1], "all") == 0)) + { + // Create structure + hostNMPPointer = malloc(sizeof(struct hostNMP)); + memset(hostNMPPointer, 0 , sizeof(struct hostNMP)); + + // IP / Hostname + strncpy(hostNMPPointer->host, command.part[3], sizeof(hostNMPPointer->host) - 1); + + // Net Mask? + if (command.parts == 6) + strncpy(hostNMPPointer->netMask, command.part[4], sizeof(hostNMPPointer->netMask) - 1); + + // Pointers + hostNMPPointer->next = nipper->nmp->permit->telnetHost; + nipper->nmp->permit->telnetHost = hostNMPPointer; + } + + // Is it a ssh host + if ((strcmp(command.part[command.parts - 1], "ssh") == 0) || (strcmp(command.part[command.parts - 1], "all") == 0)) + { + // Create structure + hostNMPPointer = malloc(sizeof(struct hostNMP)); + memset(hostNMPPointer, 0 , sizeof(struct hostNMP)); + + // IP / Hostname + strncpy(hostNMPPointer->host, command.part[3], sizeof(hostNMPPointer->host) - 1); + + // Net Mask? + if (command.parts == 6) + strncpy(hostNMPPointer->netMask, command.part[4], sizeof(hostNMPPointer->netMask) - 1); + + // Pointers + hostNMPPointer->next = nipper->nmp->permit->sshHost; + nipper->nmp->permit->sshHost = hostNMPPointer; + } + + // Is it a snmp host + if ((strcmp(command.part[command.parts - 1], "snmp") == 0) || (strcmp(command.part[command.parts - 1], "all") == 0)) + { + // Create structure + hostNMPPointer = malloc(sizeof(struct hostNMP)); + memset(hostNMPPointer, 0 , sizeof(struct hostNMP)); + + // IP / Hostname + strncpy(hostNMPPointer->host, command.part[3], sizeof(hostNMPPointer->host) - 1); + + // Net Mask? + if (command.parts == 6) + strncpy(hostNMPPointer->netMask, command.part[4], sizeof(hostNMPPointer->netMask) - 1); + + // Pointers + hostNMPPointer->next = nipper->nmp->permit->snmpHost; + nipper->nmp->permit->snmpHost = hostNMPPointer; + } + } +} + + + + diff --git a/0.11.10/NMP/.svn/text-base/process-port.c.svn-base b/0.11.10/NMP/.svn/text-base/process-port.c.svn-base new file mode 100644 index 0000000..1b89a49 --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/process-port.c.svn-base @@ -0,0 +1,745 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +struct moduleConfig +{ + int module; + char name[32]; + int portSecurity; + struct portConfig *ports; + struct moduleConfig *next; +}; + + +#define port_speed_auto 0 +#define port_speed_10 1 +#define port_speed_100 2 +#define port_speed_1000 3 +#define port_speed_auto_10_100 4 +#define port_duplex_auto 0 +#define port_duplex_half 1 +#define port_duplex_full 2 +#define port_trunk_auto 0 +#define port_trunk_nonegotiate 1 +#define port_trunk_on 2 +#define port_trunk_off 3 +#define port_trunk_desirable 4 +#define port_guard_none 0 +#define port_guard_default 1 +#define port_guard_loop 2 +#define port_guard_root 3 + +struct portConfig +{ + int port; + char name[32]; + int speed; + int duplex; + int vlan; + int enabled; + int spantreeGuard; + int trunk; + int vtp; + int portSecurity; + int cdp; + struct portConfig *next; +}; + + +// Init Port +void initNMPPort(struct portConfig *portNMPPointer) +{ + portNMPPointer->enabled = true; + portNMPPointer->vlan = 1; + portNMPPointer->speed = port_speed_auto; + portNMPPointer->duplex = port_duplex_auto; + portNMPPointer->trunk = port_trunk_auto; + portNMPPointer->vtp = true; + portNMPPointer->cdp = true; + portNMPPointer->portSecurity = false; + portNMPPointer->spantreeGuard = port_guard_none; +} + + +// Add port / module +struct portConfig *createNMPPort(int module, int port, struct ciscoNMPConfig *configNMP) +{ + // Variables + struct moduleConfig *moduleNMPPointer = 0; + struct moduleConfig *previousModuleNMPPointer = 0; + struct portConfig *portNMPPointer = 0; + struct portConfig *previousPortNMPPointer = 0; + + // If first module + if (configNMP->module == 0) + { + // Create + configNMP->module = malloc(sizeof(struct moduleConfig)); + memset(configNMP->module, 0 , sizeof(struct moduleConfig)); + // Pointers + moduleNMPPointer = configNMP->module; + // Init + moduleNMPPointer->portSecurity = false; + } + else + { + // Search for module + previousModuleNMPPointer = 0; + moduleNMPPointer = configNMP->module; + while ((moduleNMPPointer->module < module) && (moduleNMPPointer->next != 0)) + { + previousModuleNMPPointer = moduleNMPPointer; + moduleNMPPointer = moduleNMPPointer->next; + } + + // If should be before + if (moduleNMPPointer->module > module) + { + // If it should be first + if (previousModuleNMPPointer == 0) + { + // Create + configNMP->module = malloc(sizeof(struct moduleConfig)); + memset(configNMP->module, 0 , sizeof(struct moduleConfig)); + // Pointers + configNMP->module->next = moduleNMPPointer; + moduleNMPPointer = configNMP->module; + // Init + moduleNMPPointer->portSecurity = false; + } + else + { + // Create + previousModuleNMPPointer->next = malloc(sizeof(struct moduleConfig)); + memset(previousModuleNMPPointer->next, 0 , sizeof(struct moduleConfig)); + // Pointers + previousModuleNMPPointer->next->next = moduleNMPPointer; + moduleNMPPointer = previousModuleNMPPointer->next; + // Init + moduleNMPPointer->portSecurity = false; + } + } + // Should be after + else if (moduleNMPPointer->module < module) + { + // Create + moduleNMPPointer->next = malloc(sizeof(struct moduleConfig)); + memset(moduleNMPPointer->next, 0 , sizeof(struct moduleConfig)); + // Pointers + moduleNMPPointer = moduleNMPPointer->next; + // Init + moduleNMPPointer->portSecurity = false; + } + } + + // Set module number + moduleNMPPointer->module = module; + + // If first port + if (moduleNMPPointer->ports == 0) + { + // Create + moduleNMPPointer->ports = malloc(sizeof(struct portConfig)); + memset(moduleNMPPointer->ports, 0 , sizeof(struct portConfig)); + // Pointers + portNMPPointer = moduleNMPPointer->ports; + // Init + initNMPPort(portNMPPointer); + } + else + { + // Search for port + previousPortNMPPointer = 0; + portNMPPointer = moduleNMPPointer->ports; + while ((portNMPPointer->port < port) && (portNMPPointer->next != 0)) + { + previousPortNMPPointer = portNMPPointer; + portNMPPointer = portNMPPointer->next; + } + + // If port should be before + if (portNMPPointer->port > port) + { + // If it should be first + if (previousPortNMPPointer == 0) + { + // Create + moduleNMPPointer->ports = malloc(sizeof(struct portConfig)); + memset(moduleNMPPointer->ports, 0 , sizeof(struct portConfig)); + // Pointers + moduleNMPPointer->ports->next = portNMPPointer; + portNMPPointer = moduleNMPPointer->ports; + // Init + initNMPPort(portNMPPointer); + } + else + { + // Create + previousPortNMPPointer->next = malloc(sizeof(struct portConfig)); + memset(previousPortNMPPointer->next, 0 , sizeof(struct portConfig)); + // Pointers + previousPortNMPPointer->next->next = portNMPPointer; + portNMPPointer = previousPortNMPPointer->next; + // Init + initNMPPort(portNMPPointer); + } + } + // Should be after + else if (portNMPPointer->port < port) + { + // Create + portNMPPointer->next = malloc(sizeof(struct portConfig)); + memset(portNMPPointer->next, 0 , sizeof(struct portConfig)); + // Pointers + portNMPPointer = portNMPPointer->next; + // Init + initNMPPort(portNMPPointer); + } + } + + // Set port number + portNMPPointer->port = port; + + // Return port pointer + return portNMPPointer; +} + + +// Ports +void processNMPPort(char *line, struct nipperConfig *nipper) +{ + // Variables + int offset; + int offsetStart; + int range; + int module; + int port; + int tempInt; + struct portConfig *portNMPPointer; + struct moduleConfig *moduleNMPPointer; + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("Port Line: %s\n", line); + + // Init + offset = 0; + command = splitLine(line); + + // Name + if (strcmp(command.part[2], "name") == 0) + { + while (command.part[3][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '/')) + offset++; + command.part[3][offset] = 0; + module = atoi(command.part[3] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '-') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '-') + range = true; + else + range = false; + command.part[3][offset] = 0; + port = atoi(command.part[3] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Name + strncpy(portNMPPointer->name, command.part[4], sizeof(portNMPPointer->name) - 1); + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != ',')) + offset++; + command.part[3][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[3] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Name + strncpy(portNMPPointer->name, command.part[4], sizeof(portNMPPointer->name) - 1); + } + } + + // Move offset + offset++; + } + } + + // Port Security Auto-Configure + else if ((strcmp(command.part[2], "security") == 0) && (strcmp(command.part[3], "auto-configure") == 0)) + { + if (strcmp(command.part[4], "enable") == 0) + nipper->nmp->portSecurityAuto = true; + else + nipper->nmp->portSecurityAuto = false; + } + + // Port Security + else if ((strcmp(command.part[2], "security") == 0) && ((strcmp(command.part[4], "enable") == 0) || (strcmp(command.part[4], "disable") == 0))) + { + if (strcmp(command.part[4], "enable") == 0) + tempInt = true; + else + tempInt = false; + + while (command.part[3][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '/') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '/') + range = false; + else + range = true; + command.part[3][offset] = 0; + module = atoi(command.part[3] + offsetStart); + offset++; + + // Module Port Security + if (range == true) + { + if (nipper->nmp->module != 0) + { + moduleNMPPointer = nipper->nmp->module; + while ((moduleNMPPointer != 0) && (moduleNMPPointer->module != module)) + moduleNMPPointer = moduleNMPPointer->next; + if (moduleNMPPointer != 0) + moduleNMPPointer->portSecurity = tempInt; + } + } + + else + { + // Get Port number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '-') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '-') + range = true; + else + range = false; + command.part[3][offset] = 0; + port = atoi(command.part[3] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Port Security + portNMPPointer->portSecurity = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != ',')) + offset++; + command.part[3][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[3] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Port Security + portNMPPointer->portSecurity = tempInt; + } + } + } + + // Move offset + offset++; + } + } + + // Enable / Disable + else if ((strcmp(command.part[2], "enable") == 0) || ((strcmp(command.part[2], "disable") == 0))) + { + if (strcmp(command.part[2], "enable") == 0) + tempInt = true; + else + tempInt = false; + + while (command.part[3][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '/')) + offset++; + command.part[3][offset] = 0; + module = atoi(command.part[3] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '-') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '-') + range = true; + else + range = false; + command.part[3][offset] = 0; + port = atoi(command.part[3] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Enabled + portNMPPointer->enabled = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != ',')) + offset++; + command.part[3][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[3] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Enabled + portNMPPointer->enabled = tempInt; + } + } + + // Move offset + offset++; + } + } + + // VTP + else if (strcmp(command.part[2], "vtp") == 0) + { + if (strcmp(command.part[4], "enable") == 0) + tempInt = true; + else + tempInt = false; + + while (command.part[3][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '/')) + offset++; + command.part[3][offset] = 0; + module = atoi(command.part[3] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '-') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '-') + range = true; + else + range = false; + command.part[3][offset] = 0; + port = atoi(command.part[3] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set VTP + portNMPPointer->vtp = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != ',')) + offset++; + command.part[3][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[3] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set VTP + portNMPPointer->vtp = tempInt; + } + } + + // Move offset + offset++; + } + } + + // Speed + else if (strcmp(command.part[2], "speed") == 0) + { + // Set Speed + if (strcmp(command.part[4], "10") == 0) + tempInt = port_speed_10; + else if (strcmp(command.part[4], "100") == 0) + tempInt = port_speed_100; + else if (strcmp(command.part[4], "1000") == 0) + tempInt = port_speed_1000; + else if (strcmp(command.part[4], "auto-10-100") == 0) + tempInt = port_speed_auto_10_100; + else + tempInt = port_speed_auto; + + while (command.part[3][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '/')) + offset++; + command.part[3][offset] = 0; + module = atoi(command.part[3] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '-') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '-') + range = true; + else + range = false; + command.part[3][offset] = 0; + port = atoi(command.part[3] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Speed + portNMPPointer->speed = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != ',')) + offset++; + command.part[3][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[3] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Speed + portNMPPointer->speed = tempInt; + } + } + + // Move offset + offset++; + } + } + + // Duplex + else if (strcmp(command.part[2], "duplex") == 0) + { + // Set Speed + if (strcmp(command.part[4], "full") == 0) + tempInt = port_duplex_full; + else if (strcmp(command.part[4], "half") == 0) + tempInt = port_duplex_half; + else + tempInt = port_duplex_auto; + + while (command.part[3][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '/')) + offset++; + command.part[3][offset] = 0; + module = atoi(command.part[3] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '-') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '-') + range = true; + else + range = false; + command.part[3][offset] = 0; + port = atoi(command.part[3] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Duplex + portNMPPointer->duplex = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != ',')) + offset++; + command.part[3][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[3] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Duplex + portNMPPointer->duplex = tempInt; + } + } + + // Move offset + offset++; + } + } +} + + +// Trunk +void processNMPTrunk(char *line, struct nipperConfig *nipper) +{ + // Variables + int offset; + int offsetStart; + int range; + int module; + int port; + int tempInt; + struct portConfig *portNMPPointer; + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("Trunk Line: %s\n", line); + + // Init + offset = 0; + command = splitLine(line); + + // Get Trunk mode + if (strcmp(command.part[3], "nonegotiate") == 0) + tempInt = port_trunk_nonegotiate; + else if (strcmp(command.part[3], "on") == 0) + tempInt = port_trunk_on; + else if (strcmp(command.part[3], "off") == 0) + tempInt = port_trunk_off; + else if (strcmp(command.part[3], "desirable") == 0) + tempInt = port_trunk_desirable; + else + tempInt = port_trunk_auto; + + // Get Port Pointer + while (command.part[2][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[2][offset] != 0) && (command.part[2][offset] != '/')) + offset++; + command.part[2][offset] = 0; + module = atoi(command.part[2] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[2][offset] != 0) && (command.part[2][offset] != '-') && (command.part[2][offset] != ',')) + offset++; + if (command.part[2][offset] == '-') + range = true; + else + range = false; + command.part[2][offset] = 0; + port = atoi(command.part[2] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Trunk + portNMPPointer->trunk = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[2][offset] != 0) && (command.part[2][offset] != ',')) + offset++; + command.part[2][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[2] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Trunk + portNMPPointer->trunk = tempInt; + } + } + + // Move offset + offset++; + } +} + diff --git a/0.11.10/NMP/.svn/text-base/process-snmp.c.svn-base b/0.11.10/NMP/.svn/text-base/process-snmp.c.svn-base new file mode 100644 index 0000000..809424c --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/process-snmp.c.svn-base @@ -0,0 +1,253 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +#define snmp_nmp_readonly 0 +#define snmp_nmp_readwrite 1 +#define snmp_nmp_readwrite_all 2 + +#define snmp_nmp_standard 0 +#define snmp_nmp_extended 1 + + +// SNMP Community +struct snmpNMPCommunity +{ + int type; // snmp_nmp_standard... + char community[64]; + int weak; + int dictionary; + int access; // snmp_nmp_readonly... + struct snmpNMPCommunity *next; +}; + + +// SNMP Host +struct snmpNMPHost +{ + char host[32]; + char community[64]; + int weak; + int dictionary; + int version; + int port; + char owner[32]; + int index; + struct snmpNMPHost *next; +}; + + +// SNMP +struct snmpNMP +{ + struct snmpNMPCommunity *community; + struct snmpNMPHost *host; + struct snmpTrap *trap; +}; + + +// Process SNMP +void processNMPSnmp(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct snmpNMPCommunity *communityPointer = 0; + struct snmpTrap *snmpTrapPointer = 0; + struct snmpNMPHost *snmpHostPointer = 0; + struct ciscoCommand command; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("SNMP Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Check to see if SNMP already exists + if (nipper->nmp->snmp == 0) + { + nipper->nmp->snmp = malloc(sizeof(struct snmpNMP)); + memset(nipper->nmp->snmp, 0 , sizeof(struct snmpNMP)); + } + + // SNMP Community + if (strncmp(line, "set snmp community ", 19) == 0) + { + // Is first community... + if (nipper->nmp->snmp->community == 0) + { + nipper->nmp->snmp->community = malloc(sizeof(struct snmpNMPCommunity)); + communityPointer = nipper->nmp->snmp->community; + } + else + { + communityPointer = nipper->nmp->snmp->community; + while (communityPointer->next != 0) + communityPointer = communityPointer->next; + communityPointer->next = malloc(sizeof(struct snmpNMPCommunity)); + communityPointer = communityPointer->next; + } + + // Init + memset(communityPointer, 0, sizeof(struct snmpNMPCommunity)); + communityPointer->type = snmp_nmp_standard; + + // Access + if (strcmp(command.part[3], "read-only") == 0) + communityPointer->access = snmp_nmp_readonly; + else if (strcmp(command.part[3], "read-write") == 0) + communityPointer->access = snmp_nmp_readwrite; + else if (strcmp(command.part[3], "read-write-all") == 0) + communityPointer->access = snmp_nmp_readwrite_all; + + // Community + strncpy(communityPointer->community, command.part[4], sizeof(communityPointer->community) - 1); + + // Password Strength + if (passwordStrength(communityPointer->community, nipper) == false) + { + communityPointer->weak = true; + nipper->passwordStrengths++; + } + else + communityPointer->weak = false; + + // Password Dictionary + communityPointer->dictionary = simplePassword(communityPointer->community, nipper); + if (communityPointer->dictionary == true) + nipper->simplePasswords++; + } + + // SNMP Trap + else if ((strncmp(line, "set snmp trap enable ", 21) == 0) || (strncmp(line, "set snmp trap disable ", 22) == 0)) + { + // Is first trap... + if (nipper->nmp->snmp->trap == 0) + { + nipper->nmp->snmp->trap = malloc(sizeof(struct snmpTrap)); + snmpTrapPointer = nipper->nmp->snmp->trap; + } + else + { + snmpTrapPointer = nipper->nmp->snmp->trap; + while (snmpTrapPointer->next != 0) + snmpTrapPointer = snmpTrapPointer->next; + snmpTrapPointer->next = malloc(sizeof(struct snmpTrap)); + snmpTrapPointer = snmpTrapPointer->next; + } + + // Init + memset(snmpTrapPointer, 0, sizeof(struct snmpTrap)); + + // Is enable? + if (strcmp(command.part[3], "enable") == 0) + { + snmpTrapPointer->enabled = true; + tempInt = 21; + } + else + { + snmpTrapPointer->enabled = false; + tempInt = 22; + } + + // Traps + while (line[tempInt] == ' ') + tempInt++; + strncpy(snmpTrapPointer->trap, line + tempInt, sizeof(snmpTrapPointer->trap) - 1); + } + + // SNMP Host + else if (strncmp(line, "set snmp trap ", 14) == 0) + { + // Is first host... + if (nipper->nmp->snmp->host == 0) + { + nipper->nmp->snmp->host = malloc(sizeof(struct snmpNMPHost)); + snmpHostPointer = nipper->nmp->snmp->host; + } + else + { + snmpHostPointer = nipper->nmp->snmp->host; + while (snmpHostPointer->next != 0) + snmpHostPointer = snmpHostPointer->next; + snmpHostPointer->next = malloc(sizeof(struct snmpNMPHost)); + snmpHostPointer = snmpHostPointer->next; + } + + // Init + memset(snmpHostPointer, 0, sizeof(struct snmpNMPHost)); + + // Host + strncpy(snmpHostPointer->host, command.part[3], sizeof(snmpHostPointer->host) - 1); + + // Community + strncpy(snmpHostPointer->community, command.part[4], sizeof(snmpHostPointer->community) - 1); + + // Password Strength + if (passwordStrength(snmpHostPointer->community, nipper) == false) + { + nipper->passwordStrengths++; + snmpHostPointer->weak = true; + } + else + snmpHostPointer->weak = false; + + // Password Dictionary + snmpHostPointer->dictionary = simplePassword(snmpHostPointer->community, nipper); + if (snmpHostPointer->dictionary == true) + nipper->simplePasswords++; + + // Get other options... + tempInt = 5; + while (tempInt < command.parts) + { + // Version + if (strcmp(command.part[tempInt], "version") == 0) + snmpHostPointer->version = atoi(command.part[tempInt + 1]); + + // Port + else if (strcmp(command.part[tempInt], "port") == 0) + snmpHostPointer->port = atoi(command.part[tempInt + 1]); + + // Owner + else if (strcmp(command.part[tempInt], "owner") == 0) + strncpy(snmpHostPointer->owner, command.part[tempInt + 1], sizeof(snmpHostPointer->owner) - 1); + + // Index + else if (strcmp(command.part[tempInt], "index") == 0) + snmpHostPointer->index = atoi(command.part[tempInt + 1]); + + tempInt = tempInt + 2; + } + } +} diff --git a/0.11.10/NMP/.svn/text-base/process-spantree.c.svn-base b/0.11.10/NMP/.svn/text-base/process-spantree.c.svn-base new file mode 100644 index 0000000..deee0f4 --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/process-spantree.c.svn-base @@ -0,0 +1,121 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Spanning Tree +void processNMPSpantree(char *line, struct nipperConfig *nipper) +{ + // Variables + int offset = 0; + int offsetStart = 0; + int range = 0; + int module = 0; + int port = 0; + int tempInt = 0; + struct portConfig *portNMPPointer = 0; + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("Spanning Tree Line: %s\n", line); + + // Init + offset = 0; + command = splitLine(line); + + // Spanning tree Guard + if (strcmp(command.part[2], "guard") == 0) + { + + // Get Guard mode + if (strcmp(command.part[3], "default") == 0) + tempInt = port_guard_default; + else if (strcmp(command.part[3], "root") == 0) + tempInt = port_guard_root; + else if (strcmp(command.part[3], "loop") == 0) + tempInt = port_guard_loop; + else + tempInt = port_guard_none; + + // Get Port Pointer + while (command.part[2][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[4][offset] != 0) && (command.part[4][offset] != '/')) + offset++; + command.part[4][offset] = 0; + module = atoi(command.part[4] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[4][offset] != 0) && (command.part[4][offset] != '-') && (command.part[4][offset] != ',')) + offset++; + if (command.part[4][offset] == '-') + range = true; + else + range = false; + command.part[4][offset] = 0; + port = atoi(command.part[4] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Spanning Tree Guard + portNMPPointer->spantreeGuard = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[4][offset] != 0) && (command.part[4][offset] != ',')) + offset++; + command.part[4][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[4] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Spanning Tree Guard + portNMPPointer->spantreeGuard = tempInt; + } + } + + // Move offset + offset++; + } + } +} + diff --git a/0.11.10/NMP/.svn/text-base/process-vlan.c.svn-base b/0.11.10/NMP/.svn/text-base/process-vlan.c.svn-base new file mode 100644 index 0000000..04617b1 --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/process-vlan.c.svn-base @@ -0,0 +1,287 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +struct vlanConfig +{ + int vlan; + char name[32]; + char type[16]; + int active; + int firewall; + int mtu; + int spanTreeMaxHops; + int allRoutesMaxHops; + int said; + struct vlanConfig *next; +}; + + +void initNMPVLAN(struct vlanConfig *vlanNMPPointer) +{ + vlanNMPPointer->active = true; + strcpy(vlanNMPPointer->type, "ethernet"); + vlanNMPPointer->firewall = -1; + vlanNMPPointer->mtu = 1500; + vlanNMPPointer->spanTreeMaxHops = 7; + vlanNMPPointer->allRoutesMaxHops = 7; + vlanNMPPointer->said = vlanNMPPointer->vlan + 100000; +} + + +// VLAN +void processNMPVlan(char *line, struct nipperConfig *nipper) +{ + // Variables + int vlan = 0; + int tempInt = 0; + int offset = 0; + int offsetStart = 0; + int module = 0; + int port = 0; + int range = 0; + struct vlanConfig *vlanNMPPointer = 0; + struct vlanConfig *vlanNMPPreviousPointer = 0; + struct portConfig *portNMPPointer = 0; + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("VLAN Line: %s\n", line); + + // Init + command = splitLine(line); + + // Set VLAN + vlan = atoi(command.part[2]); + + // Now for the VLAN options + + // If it is not vlan ports + if ((command.parts != 4) || (strcmp(command.part[3], "rspan") == 0)) + { + + // Is this the first VLAN + if (nipper->nmp->vlan == 0) + { + // Create + vlanNMPPointer = malloc(sizeof(struct vlanConfig)); + memset(vlanNMPPointer, 0 , sizeof(struct vlanConfig)); + // Set Pointer + nipper->nmp->vlan = vlanNMPPointer; + //init + initNMPVLAN(vlanNMPPointer); + } + else + { + // Search for VLAN + vlanNMPPointer = nipper->nmp->vlan; + vlanNMPPreviousPointer = 0; + while ((vlanNMPPointer->next != 0) && (vlanNMPPointer->vlan < vlan)) + { + vlanNMPPreviousPointer = vlanNMPPointer; + vlanNMPPointer = vlanNMPPointer->next; + } + + // If it comes before + if (vlanNMPPointer->vlan > vlan) + { + // If there is no previous + if (vlanNMPPreviousPointer == 0) + { + // Create + nipper->nmp->vlan = malloc(sizeof(struct vlanConfig)); + memset(nipper->nmp->vlan, 0 , sizeof(struct vlanConfig)); + // Pointers + nipper->nmp->vlan->next = vlanNMPPointer; + vlanNMPPointer = nipper->nmp->vlan; + //init + initNMPVLAN(vlanNMPPointer); + } + else + { + // Create + vlanNMPPreviousPointer->next = malloc(sizeof(struct vlanConfig)); + memset(vlanNMPPreviousPointer->next, 0 , sizeof(struct vlanConfig)); + // Pointers + vlanNMPPreviousPointer = vlanNMPPreviousPointer->next; + vlanNMPPreviousPointer->next = vlanNMPPointer; + vlanNMPPointer = vlanNMPPreviousPointer; + //init + initNMPVLAN(vlanNMPPointer); + } + } + // It is greater + else if (vlanNMPPointer->vlan < vlan) + { + // Create + vlanNMPPointer->next = malloc(sizeof(struct vlanConfig)); + memset(vlanNMPPointer->next, 0 , sizeof(struct vlanConfig)); + // Pointers + vlanNMPPointer = vlanNMPPointer->next; + //init + initNMPVLAN(vlanNMPPointer); + } + } + + // Set VLAN number + vlanNMPPointer->vlan = vlan; + + // Loop through options + tempInt = 3; + while (tempInt < command.parts) + { + + // Name + if (strcmp(command.part[tempInt], "name") == 0) + { + tempInt++; + strncpy(vlanNMPPointer->name, command.part[tempInt], sizeof(vlanNMPPointer->name) - 1); + } + + // Type + else if (strcmp(command.part[tempInt], "type") == 0) + { + tempInt++; + strncpy(vlanNMPPointer->type, command.part[tempInt], sizeof(vlanNMPPointer->type) - 1); + } + + // State + else if (strcmp(command.part[tempInt], "state") == 0) + { + tempInt++; + if (strcmp(command.part[tempInt], "active") == 0) + vlanNMPPointer->active = true; + else + vlanNMPPointer->active = false; + } + + // Firewall VLAN? + else if (strcmp(command.part[tempInt], "firewall-vlan") == 0) + { + tempInt++; + vlanNMPPointer->firewall = atoi(command.part[tempInt]); + } + + // MTU + else if (strcmp(command.part[tempInt], "mtu") == 0) + { + tempInt++; + vlanNMPPointer->mtu = atoi(command.part[tempInt]); + } + + // MTU + else if (strcmp(command.part[tempInt], "said") == 0) + { + tempInt++; + vlanNMPPointer->said = atoi(command.part[tempInt]); + } + + // Spanning Tree Maximum Hops + else if (strcmp(command.part[tempInt], "stemaxhop") == 0) + { + tempInt++; + vlanNMPPointer->spanTreeMaxHops = atoi(command.part[tempInt]); + } + + // Spanning Tree Maximum Hops + else if (strcmp(command.part[tempInt], "aremaxhop") == 0) + { + tempInt++; + vlanNMPPointer->allRoutesMaxHops = atoi(command.part[tempInt]); + } + + // Increment loop + tempInt++; + } + } + + // Set Port VLAN + else + { + + // Get VLAN + tempInt = atoi(command.part[2]); + + offset = 0; + while (command.part[3][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '/')) + offset++; + command.part[3][offset] = 0; + module = atoi(command.part[3] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '-') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '-') + range = true; + else + range = false; + command.part[3][offset] = 0; + port = atoi(command.part[3] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set VLAN + portNMPPointer->vlan = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != ',')) + offset++; + command.part[3][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[3] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set VLAN + portNMPPointer->vlan = tempInt; + } + } + + // Move offset + offset++; + } + + } +} + diff --git a/0.11.10/NMP/.svn/text-base/report-debug.c.svn-base b/0.11.10/NMP/.svn/text-base/report-debug.c.svn-base new file mode 100644 index 0000000..57b1707 --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/report-debug.c.svn-base @@ -0,0 +1,197 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void reportNMPDebug(struct nipperConfig *nipper) +{ + // Variables + struct johnPassword *johnPointer = 0; + struct snmpNMPCommunity *communityNMPPointer = 0; + struct snmpNMPHost *snmpNMPHostPointer = 0; + struct snmpTrap *snmpTrapPointer = 0; + struct hostNMP *hostNMPPointer = 0; + struct vlanConfig *vlanNMPPointer = 0; + struct moduleConfig *moduleNMPPointer = 0; + struct portConfig *portNMPPointer = 0; + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf(" True or Enabled = %d\n", true); + printf(" False or Disabled = %d\n", false); + printf(" Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + printf("Hostname: %s\n", nipper->hostname); + printf("NMP Version: %s\n", nipper->version); + printf("NMP Version: %d.%d(%d)\n", nipper->versionMajor, nipper->versionMinor, nipper->versionRevision); + printf("Location: %s\n", nipper->nmp->location); + printf("Contact: %s\n", nipper->nmp->contact); + printf("Idle Session Timeout: %d\n", nipper->nmp->timeout); + printf("Core File: %s\n", nipper->nmp->coreFile); + printf("Syslog File: %s\n", nipper->nmp->syslogFile); + printf("CDP: %d\n", nipper->nmp->cdp); + printf("CDP Interval %d\n", nipper->nmp->cdpInterval); + printf("CDP Holdtime %d\n", nipper->nmp->cdpHoldtime); + printf("CDP Version %d\n", nipper->nmp->cdpVersion); + printf("Port Security Auto: %d\n", nipper->nmp->portSecurityAuto); + + // Switch configuration + if (nipper->nmp->switchConfig != 0) + { + printf("ICMP Unreachable: %d\n", nipper->nmp->switchConfig->ipUnreachable); + printf("ICMP Redirects: %d\n", nipper->nmp->switchConfig->ipRedirect); + printf("IP Fragmentation: %d\n", nipper->nmp->switchConfig->ipFragmentation); + } + + // Authentication + printf("Enable Password: %s\n", nipper->nmp->enablePassword); + printf("Password: %s\n", nipper->nmp->password); + + if (nipper->nmp->permit != 0) + { + printf("Permit Telnet: %d\n", nipper->nmp->permit->telnet); + hostNMPPointer = nipper->nmp->permit->telnetHost; + while (hostNMPPointer != 0) + { + printf(" Host: %s\n", hostNMPPointer->host); + printf(" Net Mask: %s\n", hostNMPPointer->netMask); + hostNMPPointer = hostNMPPointer->next; + } + printf("Permit SSH: %d\n", nipper->nmp->permit->ssh); + hostNMPPointer = nipper->nmp->permit->sshHost; + while (hostNMPPointer != 0) + { + printf(" Host: %s\n", hostNMPPointer->host); + printf(" Net Mask: %s\n", hostNMPPointer->netMask); + hostNMPPointer = hostNMPPointer->next; + } + printf("Permit SNMP: %d\n", nipper->nmp->permit->snmp); + hostNMPPointer = nipper->nmp->permit->snmpHost; + while (hostNMPPointer != 0) + { + printf(" Host: %s\n", hostNMPPointer->host); + printf(" Net Mask: %s\n", hostNMPPointer->netMask); + hostNMPPointer = hostNMPPointer->next; + } + } + + // SNMP + if (nipper->nmp->snmp != 0) + { + communityNMPPointer = nipper->nmp->snmp->community; + while (communityNMPPointer != 0) + { + printf("SNMP Type: %d\n", communityNMPPointer->type); + printf(" SNMP Community: %s\n", communityNMPPointer->community); + printf(" SNMP Weak: %d\n", communityNMPPointer->weak); + printf(" SNMP Simple: %d\n", communityNMPPointer->dictionary); + printf(" SNMP Access: %d\n", communityNMPPointer->access); + communityNMPPointer = communityNMPPointer->next; + } + snmpTrapPointer = nipper->nmp->snmp->trap; + while (snmpTrapPointer != 0) + { + printf("SNMP Trap: %s\n", snmpTrapPointer->trap); + printf(" Enabled: %d\n", snmpTrapPointer->enabled); + snmpTrapPointer = snmpTrapPointer->next; + } + snmpNMPHostPointer = nipper->nmp->snmp->host; + while (snmpNMPHostPointer != 0) + { + printf("SNMP Host: %s\n", snmpNMPHostPointer->host); + printf("SNMP Community: %s\n", snmpNMPHostPointer->community); + printf(" SNMP Weak: %d\n", snmpNMPHostPointer->weak); + printf(" SNMP Simple: %d\n", snmpNMPHostPointer->dictionary); + printf(" SNMP Version: %d\n", snmpNMPHostPointer->version); + printf(" SNMP Port: %d\n", snmpNMPHostPointer->port); + printf(" SNMP Owner: %s\n", snmpNMPHostPointer->owner); + printf(" SNMP Index: %d\n", snmpNMPHostPointer->index); + snmpNMPHostPointer = snmpNMPHostPointer->next; + } + } + + // VLANS + vlanNMPPointer = nipper->nmp->vlan; + while(vlanNMPPointer != 0) + { + printf("VLAN: %d\n", vlanNMPPointer->vlan); + printf(" Name: %s\n", vlanNMPPointer->name); + printf(" Active: %d\n", vlanNMPPointer->active); + printf(" Type: %s\n", vlanNMPPointer->type); + printf(" Firewall: %d\n", vlanNMPPointer->firewall); + printf(" MTU: %d\n", vlanNMPPointer->mtu); + printf(" Spanning Tree Max Hops: %d\n", vlanNMPPointer->spanTreeMaxHops); + printf(" All Routes Max Hops: %d\n", vlanNMPPointer->allRoutesMaxHops); + printf(" Security Association ID: %d\n", vlanNMPPointer->said); + vlanNMPPointer = vlanNMPPointer->next; + } + + // Modules / Ports + moduleNMPPointer = nipper->nmp->module; + while (moduleNMPPointer != 0) + { + printf("Module: %d\n", moduleNMPPointer->module); + printf(" Name: %s\n", moduleNMPPointer->name); + printf(" Port Security: %d\n", moduleNMPPointer->portSecurity); + portNMPPointer = moduleNMPPointer->ports; + while (portNMPPointer != 0) + { + printf(" Port: %d\n", portNMPPointer->port); + printf(" Name: %s\n", portNMPPointer->name); + printf(" VLAN: %d\n", portNMPPointer->vlan); + printf(" Enabled: %d\n", portNMPPointer->enabled); + printf(" Speed: %d\n", portNMPPointer->speed); + printf(" Duplex: %d\n", portNMPPointer->duplex); + printf(" Spanning Tree Guard: %d\n", portNMPPointer->spantreeGuard); + printf(" Trunk: %d\n", portNMPPointer->trunk); + printf(" VLAN Trunking: %d\n", portNMPPointer->vtp); + printf(" Port Security: %d\n", portNMPPointer->portSecurity); + printf(" CDP: %d\n", portNMPPointer->cdp); + portNMPPointer = portNMPPointer->next; + } + moduleNMPPointer = moduleNMPPointer->next; + } + + // John-the-ripper + if (nipper->john != 0) + { + printf("\n%sJohn-the-ripper Output\n======================%s\n", COL_BLUE, RESET); + johnPointer = nipper->john; + while (johnPointer != 0) + { + printf("Username: %s\n", johnPointer->username); + printf(" Password: %s\n", johnPointer->password); + johnPointer = johnPointer->next; + } + } +} + + diff --git a/0.11.10/NMP/.svn/text-base/report-general.c.svn-base b/0.11.10/NMP/.svn/text-base/report-general.c.svn-base new file mode 100644 index 0000000..a037fef --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/report-general.c.svn-base @@ -0,0 +1,162 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for NMP / CatOS reporting + +void nmpGeneralConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_general_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sHostname%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->friendlyHostname, nipper->tablerow_end); + if (nipper->version[0] != 0) + fprintf(nipper->reportFile, "%sNMP Version%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->version, nipper->tablerow_end); + if (nipper->nmp->location[0] != 0) + fprintf(nipper->reportFile, "%sLocation%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->nmp->location, nipper->tablerow_end); + if (nipper->nmp->contact[0] != 0) + fprintf(nipper->reportFile, "%sContact%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->nmp->contact, nipper->tablerow_end); + if (nipper->nmp->coreFile[0] != 0) + fprintf(nipper->reportFile, "%sCore File%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->nmp->coreFile, nipper->tablerow_end); + if (nipper->nmp->syslogFile[0] != 0) + fprintf(nipper->reportFile, "%sSyslog File%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->nmp->syslogFile, nipper->tablerow_end); + if (nipper->nmp->timeout == 0) + fprintf(nipper->reportFile, "%sIdle Session Timeout%sNone%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + { + fprintf(nipper->reportFile, "%sIdle Session Timeout%s", nipper->tablerow_start, nipper->tablerow_mid); + numToWord(nipper->reportFile, nipper->nmp->timeout); + fprintf(nipper->reportFile, " minutes%s", nipper->tablerow_end); + } + if (nipper->nmp->portSecurityAuto == true) + fprintf(nipper->reportFile, "%sPort Security Auto Configure%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sPort Security Auto Configure%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_general_table, &settings_general_heading); + addAbbreviation("NMP", false); + addAbbreviation("CDP", false); +} + + +void nmpSwitchConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_switch_table, &settings_general_heading); + if (nipper->nmp->switchConfig->ipRedirect == true) + fprintf(nipper->reportFile, "%sICMP Redirects%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sICMP Redirects%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->nmp->switchConfig->ipUnreachable == true) + fprintf(nipper->reportFile, "%sICMP Unreachables%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sICMP Unreachables%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->nmp->switchConfig->ipFragmentation == true) + fprintf(nipper->reportFile, "%sIP Fragmentation%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sIP Fragmentation%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_switch_table, &settings_general_heading); + addAbbreviation("IP", false); + addAbbreviation("ICMP", false); +} + + +void nmpCDPIssue(struct nipperConfig *nipper) +{ + output_parseText(report_cdp_obs, nipper, section_none, rate_none, -1, 0); + output_endsection(nipper, section_obs); + output_parseText(report_cdp_impact, nipper, section_imp, rate_low, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_cdp_ease, nipper, section_ease, rate_trivial, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_cdp_rec2, nipper, section_rec, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} + + +void nmpTimeoutIssue(struct nipperConfig *nipper) +{ + output_parseText(report_timeout_obs1, nipper, section_obs, rate_none, nipper->insecureTimeouts, nipper->tableNum); + if ((nipper->connectionTimeout % 60) == 0) + { + numToWord(nipper->reportFile, (nipper->connectionTimeout / 60)); + fprintf(nipper->reportFile, " minutes"); + } + else + { + numToWord(nipper->reportFile, nipper->connectionTimeout / 60); + fprintf(nipper->reportFile, " minutes and "); + numToWord(nipper->reportFile, nipper->connectionTimeout % 60); + fprintf(nipper->reportFile, " seconds"); + } + output_parseText(report_timeout_obs2, nipper, section_none, rate_none, nipper->insecureTimeouts, nipper->tableNum); + if (nipper->insecureTimeouts > 1) + { + output_table(nipper, true, report_timeout_table, &report_timeout_heading); + if (nipper->nmp->timeout * 60 > nipper->connectionTimeout) + { + fprintf(nipper->reportFile, "%sSession Timeout%s", nipper->tablerow_start, nipper->tablerow_mid); + numToWord(nipper->reportFile, nipper->nmp->timeout); + if (nipper->nmp->timeout > 1) + fprintf(nipper->reportFile, " minutes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, " minute%s", nipper->tablerow_end); + } + output_table(nipper, false, report_timeout_table, &report_timeout_heading); + } + else + { + if (nipper->nmp->timeout * 60 > nipper->connectionTimeout) + { + fprintf(nipper->reportFile, "The session timeout was "); + numToWord(nipper->reportFile, nipper->nmp->timeout); + if (nipper->nmp->timeout > 1) + fprintf(nipper->reportFile, " minutes."); + else + fprintf(nipper->reportFile, " minute."); + } + output_newPara(nipper); + } + output_endsection(nipper, section_obs); + output_parseText(report_timeout_impact, nipper, section_imp, rate_high, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_timeout_ease, nipper, section_ease, rate_difficult, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_timeout_rec1, nipper, section_rec, rate_none, 0, 0); + if ((nipper->connectionTimeout % 60) == 0) + { + numToWord(nipper->reportFile, (nipper->connectionTimeout / 60)); + fprintf(nipper->reportFile, " minutes"); + } + else + { + numToWord(nipper->reportFile, nipper->connectionTimeout / 60); + fprintf(nipper->reportFile, " minutes and "); + numToWord(nipper->reportFile, (nipper->connectionTimeout % 60)); + fprintf(nipper->reportFile, " seconds"); + } + output_parseText(report_timeout_rec2, nipper, section_none, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} diff --git a/0.11.10/NMP/.svn/text-base/report-passwords.c.svn-base b/0.11.10/NMP/.svn/text-base/report-passwords.c.svn-base new file mode 100644 index 0000000..4813595 --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/report-passwords.c.svn-base @@ -0,0 +1,350 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void output_NMPTablePasswords(struct nipperConfig *nipper, int dictPassword) +{ + // Variables + struct snmpNMPCommunity *communityNMPPointer = 0; + struct snmpNMPHost *snmpNMPHostPointer = 0; + char tempString[nipper->maxSize]; + + // SNMP + if (nipper->nmp->snmp != 0) + { + communityNMPPointer = nipper->nmp->snmp->community; + while (communityNMPPointer != 0) + { + if (((communityNMPPointer->dictionary == true) && (dictPassword == true)) || ((communityNMPPointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sCommunity%sSNMP%s(", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + if (communityNMPPointer->access == snmp_nmp_readonly) + fprintf(nipper->reportFile, "read-only"); + else if (communityNMPPointer->access == snmp_nmp_readwrite) + fprintf(nipper->reportFile, "read-write"); + else + fprintf(nipper->reportFile, "read-write all"); + if (nipper->passwords == true) + { + outputFriendly(communityNMPPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, ")%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, ")%s", nipper->tablerow_end); + } + communityNMPPointer = communityNMPPointer->next; + } + snmpNMPHostPointer = nipper->nmp->snmp->host; + while (snmpNMPHostPointer != 0) + { + if (((snmpNMPHostPointer->dictionary == true) && (dictPassword == true)) || ((snmpNMPHostPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(snmpNMPHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sCommunity%sSNMP%sHost: %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, tempString); + if (nipper->passwords == true) + { + outputFriendly(snmpNMPHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + snmpNMPHostPointer = snmpNMPHostPointer->next; + } + } +} + + +void output_NMPLinePasswords(struct nipperConfig *nipper, int dictPassword) +{ + // Variables + struct snmpNMPCommunity *communityNMPPointer = 0; + struct snmpNMPHost *snmpNMPHostPointer = 0; + char tempString[nipper->maxSize]; + + if (nipper->nmp->snmp != 0) + { + communityNMPPointer = nipper->nmp->snmp->community; + while (communityNMPPointer != 0) + { + if (((communityNMPPointer->dictionary == true) && (dictPassword == true)) || ((communityNMPPointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "The "); + if (communityNMPPointer->access == snmp_nmp_readonly) + fprintf(nipper->reportFile, "read-only"); + else if (communityNMPPointer->access == snmp_nmp_readwrite) + fprintf(nipper->reportFile, "read-write"); + else + fprintf(nipper->reportFile, "read-write all"); + fprintf(nipper->reportFile, " SNMP community string was "); + if (nipper->passwords == true) + { + outputFriendly(communityNMPPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s.", tempString); + } + else + { + if (dictPassword == true) + fprintf(nipper->reportFile, "dictionary-based."); + else + fprintf(nipper->reportFile, "weak."); + } + } + communityNMPPointer = communityNMPPointer->next; + } + snmpNMPHostPointer = nipper->nmp->snmp->host; + while (snmpNMPHostPointer != 0) + { + if (snmpNMPHostPointer->dictionary == true) + { + outputFriendly(snmpNMPHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "The SNMP community string for the host %s was ", tempString); + if (nipper->passwords == true) + { + outputFriendly(snmpNMPHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s.", tempString); + } + else + { + if (dictPassword == true) + fprintf(nipper->reportFile, "dictionary-based."); + else + fprintf(nipper->reportFile, "weak."); + } + } + snmpNMPHostPointer = snmpNMPHostPointer->next; + } + } + output_newPara(nipper); +} + + +void nmpPasswordsConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_passwords_title, &settings_passwords_heading); + if (nipper->nmp->enablePassword[0] != 0) + { + fprintf(nipper->reportFile, "%sEnable Password", nipper->tablerow_start); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s%s %s", nipper->tablerow_mid, nipper->nmp->enablePassword, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + if (nipper->nmp->password[0] != 0) + { + fprintf(nipper->reportFile, "%sLogin Password", nipper->tablerow_start); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s%s %s", nipper->tablerow_mid, nipper->nmp->password, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + output_table(nipper, false, settings_passwords_title, &settings_passwords_heading); +} + + +void nmpDictionaryIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + output_parseText(report_dict_obs, nipper, section_obs, rate_none, nipper->simplePasswords, nipper->tableNum); + if (nipper->passwordStrengths > 1) + { + output_table(nipper, true, report_dict_table, &report_dict_heading); + output_NMPTablePasswords(nipper, true); + output_table(nipper, false, report_dict_table, &report_dict_heading); + } + else + output_NMPLinePasswords(nipper, true); + output_endsection(nipper, section_obs); + output_parseText(report_dict_impact, nipper, section_imp, rate_high, nipper->simplePasswords, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_dict_ease, nipper, section_ease, rate_trivial, nipper->simplePasswords, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_dict_rec, nipper, section_rec, rate_none, nipper->simplePasswords, nipper->tableNum); + numToWord(nipper->reportFile, nipper->passwordLength); + fprintf(nipper->reportFile, " characters in length and contain"); + if (nipper->passwordUppers == true) + tempInt = 1; + else + tempInt = 0; + if (nipper->passwordLowers == true) + tempInt++; + if (nipper->passwordEither == true) + tempInt++; + if (nipper->passwordNumbers == true) + tempInt++; + if (nipper->passwordSpecials == true) + tempInt++; + if (nipper->passwordUppers == true) + { + fprintf(nipper->reportFile, " uppercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordLowers == true) + { + fprintf(nipper->reportFile, " lowercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordEither == true) + { + fprintf(nipper->reportFile, " either uppercase or lowercase characters"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordNumbers == true) + { + fprintf(nipper->reportFile, " numbers"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordSpecials == true) + { + fprintf(nipper->reportFile, " special"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (((nipper->passwordNumbers == true) && (nipper->passwordSpecials == false)) || ((nipper->passwordEither == false) && (nipper->passwordNumbers == false) && (nipper->passwordSpecials == false))) + fprintf(nipper->reportFile, "."); + else + fprintf(nipper->reportFile, " characters."); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_endsection(nipper, section_rec); +} + + +void nmpStrengthIssue(struct nipperConfig *nipper) +{ + // Variables + int tempInt = 0; + + output_parseText(report_strength_obs, nipper, section_obs, rate_none, nipper->passwordStrengths, nipper->tableNum); + if (nipper->passwordStrengths > 1) + { + output_table(nipper, true, report_strength_table, &report_dict_heading); + output_NMPTablePasswords(nipper, false); + output_table(nipper, false, report_strength_table, &report_dict_heading); + } + else + output_NMPLinePasswords(nipper, false); + output_endsection(nipper, section_obs); + output_parseText(report_strength_impact, nipper, section_imp, rate_high, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_strength_ease, nipper, section_ease, rate_trivial, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_strength_rec, nipper, section_rec, rate_trivial, 0, 0); + numToWord(nipper->reportFile, nipper->passwordLength); + fprintf(nipper->reportFile, " characters in length and contain"); + if (nipper->passwordUppers == true) + tempInt = 1; + else + tempInt = 0; + if (nipper->passwordLowers == true) + tempInt++; + if (nipper->passwordEither == true) + tempInt++; + if (nipper->passwordNumbers == true) + tempInt++; + if (nipper->passwordSpecials == true) + tempInt++; + if (nipper->passwordUppers == true) + { + fprintf(nipper->reportFile, " uppercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordLowers == true) + { + fprintf(nipper->reportFile, " lowercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordEither == true) + { + fprintf(nipper->reportFile, " either uppercase or lowercase characters"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordNumbers == true) + { + fprintf(nipper->reportFile, " numbers"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordSpecials == true) + { + fprintf(nipper->reportFile, " special"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (((nipper->passwordNumbers == true) && (nipper->passwordSpecials == false)) || ((nipper->passwordEither == false) && (nipper->passwordNumbers == false) && (nipper->passwordSpecials == false))) + fprintf(nipper->reportFile, "."); + else + fprintf(nipper->reportFile, "characters."); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/NMP/.svn/text-base/report-permit.c.svn-base b/0.11.10/NMP/.svn/text-base/report-permit.c.svn-base new file mode 100644 index 0000000..4fe94e5 --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/report-permit.c.svn-base @@ -0,0 +1,103 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for NMP / CatOS reporting + +void nmpPermitConfig(struct nipperConfig *nipper) +{ + // Variables... + struct hostNMP *hostNMPPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_permit_table, &settings_permit_heading); + if (nipper->nmp->permit->telnet == true) + fprintf(nipper->reportFile, "%sTelnet%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->nmp->permit->telnet == false) + fprintf(nipper->reportFile, "%sTelnet%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sTelnet%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->nmp->permit->ssh == true) + fprintf(nipper->reportFile, "%sSSH%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->nmp->permit->ssh == false) + fprintf(nipper->reportFile, "%sSSH%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSSH%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->nmp->permit->snmp == true) + fprintf(nipper->reportFile, "%sSNMP%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->nmp->permit->snmp == false) + fprintf(nipper->reportFile, "%sSNMP%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSNMP%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_permit_table, &settings_permit_heading); + addAbbreviation("SNMP", false); + addAbbreviation("SSH", false); + + // Telnet Permission List + if (nipper->nmp->permit->telnet == true) + { + output_table(nipper, true, "Telnet permit list", &settings_permitlist_heading); + hostNMPPointer = nipper->nmp->permit->telnetHost; + while (hostNMPPointer != 0) + { + outputFriendly(hostNMPPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, hostNMPPointer->netMask, nipper->tablerow_end); + hostNMPPointer = hostNMPPointer->next; + } + output_table(nipper, false, "Telnet permit list", &settings_permitlist_heading); + } + + // SSH Permission List + if (nipper->nmp->permit->ssh == true) + { + output_table(nipper, true, "SSH permit list", &settings_permitlist_heading); + hostNMPPointer = nipper->nmp->permit->sshHost; + while (hostNMPPointer != 0) + { + outputFriendly(hostNMPPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, hostNMPPointer->netMask, nipper->tablerow_end); + hostNMPPointer = hostNMPPointer->next; + } + output_table(nipper, false, "SSH permit list", &settings_permitlist_heading); + } + + // SNMP Permission List + if (nipper->nmp->permit->snmp == true) + { + output_table(nipper, true, "SNMP permit list", &settings_permitlist_heading); + hostNMPPointer = nipper->nmp->permit->snmpHost; + while (hostNMPPointer != 0) + { + outputFriendly(hostNMPPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, hostNMPPointer->netMask, nipper->tablerow_end); + hostNMPPointer = hostNMPPointer->next; + } + output_table(nipper, false, "SNMP permit list", &settings_permitlist_heading); + } +} diff --git a/0.11.10/NMP/.svn/text-base/report-port.c.svn-base b/0.11.10/NMP/.svn/text-base/report-port.c.svn-base new file mode 100644 index 0000000..cdcf2d1 --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/report-port.c.svn-base @@ -0,0 +1,227 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for NMP / CatOS reporting + +void nmpPortsConfig(struct nipperConfig *nipper) +{ + // Variables... + struct moduleConfig *moduleNMPPointer = 0; + struct portConfig *portNMPPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + // Modules / Ports + moduleNMPPointer = nipper->nmp->module; + while (moduleNMPPointer != 0) + { + if (moduleNMPPointer->name[0] == 0) + sprintf(tempString, "Module %d port configuration", moduleNMPPointer->module); + else + sprintf(tempString, "Module %d (%s) port configuration", moduleNMPPointer->module, moduleNMPPointer->name); + output_table(nipper, true, tempString, &settings_ports_heading); + portNMPPointer = moduleNMPPointer->ports; + while (portNMPPointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, portNMPPointer->port, nipper->tablerow_mid); + outputFriendly(portNMPPointer->name, tempString2, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString2, nipper->tablerow_mid); + if (portNMPPointer->enabled == true) + fprintf(nipper->reportFile, "Enabled%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Disabled%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", portNMPPointer->vlan, nipper->tablerow_mid); + switch (portNMPPointer->speed) + { + case port_speed_auto: + fprintf(nipper->reportFile, "Auto%s", nipper->tablerow_mid); + break; + case port_speed_10: + fprintf(nipper->reportFile, "10Mb%s", nipper->tablerow_mid); + break; + case port_speed_100: + fprintf(nipper->reportFile, "100Mb%s", nipper->tablerow_mid); + break; + case port_speed_1000: + fprintf(nipper->reportFile, "1000Mb%s", nipper->tablerow_mid); + break; + case port_speed_auto_10_100: + fprintf(nipper->reportFile, "10/100Mb%s", nipper->tablerow_mid); + break; + } + switch (portNMPPointer->duplex) + { + case port_duplex_auto: + fprintf(nipper->reportFile, "Auto%s", nipper->tablerow_mid); + break; + case port_duplex_half: + fprintf(nipper->reportFile, "Half%s", nipper->tablerow_mid); + break; + case port_duplex_full: + fprintf(nipper->reportFile, "Full%s", nipper->tablerow_mid); + break; + } + if (portNMPPointer->portSecurity == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + if (portNMPPointer->cdp == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + switch (portNMPPointer->trunk) + { + case port_trunk_auto: + fprintf(nipper->reportFile, "Auto%s", nipper->tablerow_mid); + break; + case port_trunk_nonegotiate: + fprintf(nipper->reportFile, "No Negotiate%s", nipper->tablerow_mid); + break; + case port_trunk_on: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case port_trunk_off: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + case port_trunk_desirable: + fprintf(nipper->reportFile, "Desirable%s", nipper->tablerow_mid); + break; + } + if (portNMPPointer->vtp == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + switch (portNMPPointer->spantreeGuard) + { + case port_guard_none: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_end); + break; + case port_guard_default: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_end); + break; + case port_guard_loop: + fprintf(nipper->reportFile, "On (loop)%s", nipper->tablerow_end); + break; + case port_guard_root: + fprintf(nipper->reportFile, "On (root)%s", nipper->tablerow_end); + break; + } + portNMPPointer = portNMPPointer->next; + } + output_table(nipper, false, tempString, &settings_ports_heading); + moduleNMPPointer = moduleNMPPointer->next; + } + addAbbreviation("VLAN", false); + addAbbreviation("STP", false); +} + + +void nmpCDPConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_cdp_table, &settings_general_heading); + if (nipper->nmp->cdp == true) + fprintf(nipper->reportFile, "%sCisco Discovery Protocol%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sCisco Discovery Protocol%sGlobally Disabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sCDP Version%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->nmp->cdpVersion, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sCDP Message Interval%s", nipper->tablerow_start, nipper->tablerow_mid); + if (nipper->nmp->cdpInterval % 60 == 0) + { + numToWord(nipper->reportFile, nipper->nmp->cdpInterval / 60); + if (nipper->nmp->cdpInterval / 60 > 1) + fprintf(nipper->reportFile, " minutes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, " minute%s", nipper->tablerow_end); + } + else + { + numToWord(nipper->reportFile, nipper->nmp->cdpInterval / 60); + if (nipper->nmp->cdpInterval / 60 > 1) + fprintf(nipper->reportFile, " minutes "); + else + fprintf(nipper->reportFile, " minute "); + numToWord(nipper->reportFile, nipper->nmp->cdpInterval % 60); + if (nipper->nmp->cdpInterval % 60 > 1) + fprintf(nipper->reportFile, " seconds%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, " second%s", nipper->tablerow_end); + } + fprintf(nipper->reportFile, "%sCDP TTL%s", nipper->tablerow_start, nipper->tablerow_mid); + if (nipper->nmp->cdpHoldtime % 60 == 0) + { + numToWord(nipper->reportFile, nipper->nmp->cdpHoldtime / 60); + if (nipper->nmp->cdpHoldtime / 60 > 1) + fprintf(nipper->reportFile, " minutes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, " minute%s", nipper->tablerow_end); + } + else + { + numToWord(nipper->reportFile, nipper->nmp->cdpHoldtime / 60); + if (nipper->nmp->cdpHoldtime / 60 > 1) + fprintf(nipper->reportFile, " minutes "); + else + fprintf(nipper->reportFile, " minute "); + numToWord(nipper->reportFile, nipper->nmp->cdpHoldtime % 60); + if (nipper->nmp->cdpHoldtime % 60 > 1) + fprintf(nipper->reportFile, " seconds%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, " second%s", nipper->tablerow_end); + } + output_table(nipper, false, settings_cdp_table, &settings_general_heading); + addAbbreviation("CDP", false); + addAbbreviation("TTL", false); +} + + +void nmpRedirectsIssue(struct nipperConfig *nipper) +{ + output_parseText(report_redirects_obs, nipper, section_obs, rate_none, -1, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_redirects_impact, nipper, section_imp, rate_med, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_redirects_ease, nipper, section_ease, rate_trivial, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_redirects_rec2, nipper, section_rec, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} + + +void nmpUnreachablesIssue(struct nipperConfig *nipper) +{ + output_parseText(report_icmpunreach_obs, nipper, section_obs, rate_none, -1, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_icmpunreach_impact, nipper, section_imp, rate_low, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_icmpunreach_ease, nipper, section_ease, rate_trivial, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_icmpunreach_rec2, nipper, section_rec, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} diff --git a/0.11.10/NMP/.svn/text-base/report-snmp.c.svn-base b/0.11.10/NMP/.svn/text-base/report-snmp.c.svn-base new file mode 100644 index 0000000..ecc5be9 --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/report-snmp.c.svn-base @@ -0,0 +1,102 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for NMP / CatOS reporting + +void nmpSNMPConfig(struct nipperConfig *nipper) +{ + // Variables... + struct snmpNMPCommunity *communityNMPPointer = 0; + struct snmpNMPHost *snmpNMPHostPointer = 0; + struct snmpTrap *snmpTrapPointer = 0; + + if (nipper->nmp->snmp->community != 0) + { + output_table(nipper, true, settings_snmpstring_table, &settings_snmpcomm_heading); + communityNMPPointer = nipper->nmp->snmp->community; + while (communityNMPPointer != 0) + { + if (communityNMPPointer->type == snmp_nmp_standard) + fprintf(nipper->reportFile, "%sStandard%s", nipper->tablerow_start, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%sExtended%s", nipper->tablerow_start, nipper->tablerow_mid); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s %s", communityNMPPointer->community, nipper->tablerow_mid); + switch (communityNMPPointer->access) + { + case snmp_nmp_readonly: + fprintf(nipper->reportFile, "Read-Only%s", nipper->tablerow_end); + break; + case snmp_nmp_readwrite: + fprintf(nipper->reportFile, "Read-Write%s", nipper->tablerow_end); + break; + case snmp_nmp_readwrite_all: + fprintf(nipper->reportFile, "Read-Write-All%s", nipper->tablerow_end); + break; + } + communityNMPPointer = communityNMPPointer->next; + } + output_table(nipper, false, settings_snmpstring_table, &settings_snmpcomm_heading); + } + if (nipper->nmp->snmp->trap != 0) + { + output_table(nipper, true, settings_snmptrap_table, &settings_snmptraps_heading); + snmpTrapPointer = nipper->nmp->snmp->trap; + while (snmpTrapPointer != 0) + { + if (snmpTrapPointer->enabled == true) + fprintf(nipper->reportFile, "%sEnabled", nipper->tablerow_start); + else + fprintf(nipper->reportFile, "%sDisabled", nipper->tablerow_start); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, snmpTrapPointer->trap, nipper->tablerow_end); + addAbbreviation(snmpTrapPointer->trap, false); + snmpTrapPointer = snmpTrapPointer->next; + } + output_table(nipper, false, settings_snmptrap_table, &settings_snmptraps_heading); + } + if (nipper->nmp->snmp->host != 0) + { + output_table(nipper, true, settings_snmphost_table, &settings_snmphosts_heading); + snmpNMPHostPointer = nipper->nmp->snmp->host; + while (snmpNMPHostPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, snmpNMPHostPointer->host, nipper->tablerow_mid); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s%s", snmpNMPHostPointer->community, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", snmpNMPHostPointer->version, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", snmpNMPHostPointer->port, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", snmpNMPHostPointer->owner, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", snmpNMPHostPointer->index, nipper->tablerow_end); + snmpNMPHostPointer = snmpNMPHostPointer->next; + } + output_table(nipper, false, settings_snmphost_table, &settings_snmphosts_heading); + } + addAbbreviation("SNMP", false); +} diff --git a/0.11.10/NMP/.svn/text-base/report-vlan.c.svn-base b/0.11.10/NMP/.svn/text-base/report-vlan.c.svn-base new file mode 100644 index 0000000..7931f8d --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/report-vlan.c.svn-base @@ -0,0 +1,64 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for NMP / CatOS reporting + +void nmpVLANConfig(struct nipperConfig *nipper) +{ + // Variables... + struct vlanConfig *vlanNMPPointer = 0; + + output_table(nipper, true, settings_vlan_table, &settings_vlan_heading); + vlanNMPPointer = nipper->nmp->vlan; + while(vlanNMPPointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, vlanNMPPointer->vlan, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", vlanNMPPointer->name, nipper->tablerow_mid); + if (vlanNMPPointer->active == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", vlanNMPPointer->type, nipper->tablerow_mid); + if (vlanNMPPointer->firewall == -1) + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", vlanNMPPointer->firewall, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", vlanNMPPointer->said, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", vlanNMPPointer->mtu, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", vlanNMPPointer->spanTreeMaxHops, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", vlanNMPPointer->allRoutesMaxHops, nipper->tablerow_end); + vlanNMPPointer = vlanNMPPointer->next; + } + output_table(nipper, false, settings_vlan_table, &settings_vlan_heading); + addAbbreviation("SAID", false); + addAbbreviation("VLAN", false); + addAbbreviation("MTU", false); +} + diff --git a/0.11.10/NMP/.svn/text-base/report.c.svn-base b/0.11.10/NMP/.svn/text-base/report.c.svn-base new file mode 100644 index 0000000..a5e2d6c --- /dev/null +++ b/0.11.10/NMP/.svn/text-base/report.c.svn-base @@ -0,0 +1,105 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for NMP / CatOS reporting + +// Report NMP includes... +#include "report-debug.c" +#include "report-general.c" +#include "report-passwords.c" +#include "report-permit.c" +#include "report-port.c" +#include "report-snmp.c" +#include "report-vlan.c" + + +void generateNMPReport(struct nipperConfig *nipper) +{ + // Security Issues section + if (nipper->fullReport == true) + { + // Simple Passwords + if (nipper->simplePasswords > 1) + addReportSection(nipper, section_security, report_dict_title1, report_dict_context, report_dict_rectext, 10, 8, 5, 3, nmpDictionaryIssue); + else if (nipper->simplePasswords > 0) + addReportSection(nipper, section_security, report_dict_title2, report_dict_context, report_dict_rectext, 10, 8, 5, 3, nmpDictionaryIssue); + + // Password Strength + if (nipper->passwordStrengths > 1) + addReportSection(nipper, section_security, report_strength_title1, report_strength_context, report_strength_rectext, 10, 8, 5, 3, nmpStrengthIssue); + else if (nipper->passwordStrengths > 0) + addReportSection(nipper, section_security, report_strength_title2, report_strength_context, report_strength_rectext, 10, 8, 5, 3, nmpStrengthIssue); + + // Timeout + if (nipper->nmp->timeout * 60 > nipper->connectionTimeout) + nipper->insecureTimeouts++; + if (nipper->insecureTimeouts > 0) + addReportSection(nipper, section_security, report_timeout_title, report_timeout_context, report_timeout_rectext, 10, 8, 5, 3, nmpTimeoutIssue); + + // IP Redirects + if (nipper->nmp->switchConfig != 0) + { + if (nipper->nmp->switchConfig->ipRedirect == true) + addReportSection(nipper, section_security, report_redirects_title, report_redirects_context, report_redirects_rectext, 10, 8, 5, 3, nmpRedirectsIssue); + } + + // CDP + if (nipper->nmp->cdp == true) + addReportSection(nipper, section_security, report_cdp_title, report_cdp_context, report_cdp_rectext, 10, 8, 5, 3, nmpCDPIssue); + + // IP Unreachables + if (nipper->nmp->switchConfig != 0) + { + if (nipper->nmp->switchConfig->ipUnreachable == true) + addReportSection(nipper, section_security, report_icmpunreach_title, report_icmpunreach_context, report_icmpunreach_rectext, 10, 8, 5, 3, nmpUnreachablesIssue); + } + } + + + // In Configuration Index + addReportSection(nipper, section_config, settings_general_title, 0, 0, 0, 0, 0, 0, nmpGeneralConfig); + if (nipper->nmp->switchConfig != 0) + addReportSection(nipper, section_config, settings_switch_title, 0, 0, 0, 0, 0, 0, nmpSwitchConfig); + if (nipper->nmp->permit != 0) + addReportSection(nipper, section_config, settings_permit_title, 0, 0, 0, 0, 0, 0, nmpPermitConfig); + if (((nipper->nmp->enablePassword != 0) || (nipper->nmp->password != 0)) && (nipper->passwords == true)) + addReportSection(nipper, section_config, settings_passwords_title, 0, 0, 0, 0, 0, 0, nmpPasswordsConfig); + addReportSection(nipper, section_config, settings_cdp_title, 0, 0, 0, 0, 0, 0, nmpCDPConfig); + if (nipper->nmp->snmp != 0) + addReportSection(nipper, section_config, settings_snmp_title, 0, 0, 0, 0, 0, 0, nmpSNMPConfig); + if (nipper->nmp->vlan != 0) + addReportSection(nipper, section_config, settings_vlan_title, 0, 0, 0, 0, 0, 0, nmpVLANConfig); + if (nipper->nmp->module != 0) + addReportSection(nipper, section_config, settings_ports_title, 0, 0, 0, 0, 0, 0, nmpPortsConfig); + + // Generate Report... + generateReport(nipper); +} + diff --git a/0.11.10/NMP/cleanup.c b/0.11.10/NMP/cleanup.c new file mode 100644 index 0000000..64ea7a7 --- /dev/null +++ b/0.11.10/NMP/cleanup.c @@ -0,0 +1,120 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void cleanupNMP(struct nipperConfig *nipper) +{ + // Pointers + struct snmpNMPCommunity *communityNMPPointer = 0; + struct snmpNMPHost *snmpNMPHostPointer = 0; + struct snmpTrap *snmpTrapPointer = 0; + struct hostNMP *hostNMPPointer = 0; + struct vlanConfig *vlanNMPPointer = 0; + struct moduleConfig *moduleNMPPointer = 0; + struct portConfig *portNMPPointer = 0; + + // Cleanup SNMP + if (nipper->nmp->snmp != 0) + { + while (nipper->nmp->snmp->community != 0) + { + communityNMPPointer = nipper->nmp->snmp->community->next; + free(nipper->nmp->snmp->community); + nipper->nmp->snmp->community = communityNMPPointer; + } + while (nipper->nmp->snmp->trap != 0) + { + snmpTrapPointer = nipper->nmp->snmp->trap->next; + free(nipper->nmp->snmp->trap); + nipper->nmp->snmp->trap = snmpTrapPointer; + } + while (nipper->nmp->snmp->host != 0) + { + snmpNMPHostPointer = nipper->nmp->snmp->host->next; + free(nipper->nmp->snmp->host); + nipper->nmp->snmp->host = snmpNMPHostPointer; + } + free(nipper->nmp->snmp); + } + + // Cleanup Modules & Ports + while (nipper->nmp->module != 0) + { + while (nipper->nmp->module->ports != 0) + { + portNMPPointer = nipper->nmp->module->ports->next; + free(nipper->nmp->module->ports); + nipper->nmp->module->ports = portNMPPointer; + } + moduleNMPPointer = nipper->nmp->module->next; + free(nipper->nmp->module); + nipper->nmp->module = moduleNMPPointer; + } + + // Cleanup VLANS + while (nipper->nmp->vlan != 0) + { + vlanNMPPointer = nipper->nmp->vlan->next; + free(nipper->nmp->vlan); + nipper->nmp->vlan = vlanNMPPointer; + } + + // Cleanup Permit Lists + if (nipper->nmp->permit != 0) + { + while (nipper->nmp->permit->telnetHost != 0) + { + hostNMPPointer = nipper->nmp->permit->telnetHost->next; + free(nipper->nmp->permit->telnetHost); + nipper->nmp->permit->telnetHost = hostNMPPointer; + } + while (nipper->nmp->permit->sshHost != 0) + { + hostNMPPointer = nipper->nmp->permit->sshHost->next; + free(nipper->nmp->permit->sshHost); + nipper->nmp->permit->sshHost = hostNMPPointer; + } + while (nipper->nmp->permit->snmpHost != 0) + { + hostNMPPointer = nipper->nmp->permit->snmpHost->next; + free(nipper->nmp->permit->snmpHost); + nipper->nmp->permit->snmpHost = hostNMPPointer; + } + free(nipper->nmp->permit); + } + + // Cleanup switch config + if (nipper->nmp->switchConfig != 0) + free (nipper->nmp->switchConfig); + + // Cleanup NMP config + free(nipper->nmp); +} + diff --git a/0.11.10/NMP/input.c b/0.11.10/NMP/input.c new file mode 100644 index 0000000..666f543 --- /dev/null +++ b/0.11.10/NMP/input.c @@ -0,0 +1,231 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct ciscoNMPConfig // Cisco NMP Configuration +{ + // Configuration settings... + char location[64]; + char contact[64]; + int timeout; + char coreFile[32]; + char syslogFile[32]; + char password[32]; + char enablePassword[32]; + int cdp; + int cdpInterval; + int cdpHoldtime; + int cdpVersion; + int portSecurityAuto; + struct switchNMPConfig *switchConfig; + struct snmpNMP *snmp; + struct moduleConfig *module; + struct permitConfig *permit; + struct vlanConfig *vlan; +}; + + +struct hostNMP // NMP Host Struct +{ + char host[32]; + char netMask[16]; + struct hostNMP *next; +}; + + +// Processing NMP includes... +#include "process-general.c" +#include "process-permit.c" +#include "process-port.c" +#include "process-snmp.c" +#include "process-spantree.c" +#include "process-vlan.c" +#include "process-cdp.c" + + +void processNMPInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + int setting = 0; + int tempInt = 0; + + // Split the command line up + command = splitLine(line); + + // Init + if (strcmp(command.part[0], "clear") == 0) + { + tempInt = 1; + setting = false; + } + else if (strcmp(command.part[0], "set") == 0) + { + tempInt = 1; + setting = true; + } + else + tempInt = 0; + + // System lines... + if (strcmp(command.part[tempInt], "system") == 0) + { + tempInt++; + + // Hostname + if (strcmp(command.part[tempInt], "name") == 0) + { + if (nipper->debugMode == true) + printf("Hostname Line: %s\n", line); + strncpy(nipper->hostname, command.part[tempInt+1], sizeof(nipper->hostname) - 1); + } + + // Location... + else if (strcmp(command.part[tempInt], "location") == 0) + { + if (nipper->debugMode == true) + printf("Location Line: %s\n", line); + tempInt = 20; + while (line[tempInt] == ' ') + tempInt++; + strncpy(nipper->nmp->location, line + tempInt, sizeof(nipper->nmp->location) - 1); + } + + // Contact... + else if (strcmp(command.part[tempInt], "contact") == 0) + { + if (nipper->debugMode == true) + printf("Contact Line: %s\n", line); + tempInt = 19; + while (line[tempInt] == ' ') + tempInt++; + strncpy(nipper->nmp->contact, line + tempInt, sizeof(nipper->nmp->contact) - 1); + } + + // Corefile... + else if (strcmp(command.part[tempInt], "core-file") == 0) + { + if (nipper->debugMode == true) + printf("Core-file Line: %s\n", line); + strncpy(nipper->nmp->coreFile, command.part[tempInt+1], sizeof(nipper->nmp->coreFile) - 1); + } + + // Syslog file... + else if (strcmp(command.part[tempInt], "syslog-file") == 0) + { + if (nipper->debugMode == true) + printf("Syslog-file Line: %s\n", line); + strncpy(nipper->nmp->syslogFile, command.part[tempInt+1], sizeof(nipper->nmp->syslogFile) - 1); + } + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + } + + // IP lines... + else if (strcmp(command.part[tempInt], "ip") == 0) + { + tempInt++; + + // Permit List + if (strcmp(command.part[tempInt], "permit") == 0) + processNMPPermit(line, nipper); + + // ICMP IP Unreachables + else if (strcmp(command.part[tempInt], "unreachable") == 0) + processNMPUnreachable(line, nipper); + + // IP Redirects + else if (strcmp(command.part[tempInt], "redirect") == 0) + processNMPRedirect(line, nipper); + + // IP Fragmentation + else if (strcmp(command.part[tempInt], "fragmentation") == 0) + processNMPFragmentation(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + } + + // Version + else if (strcmp(command.part[tempInt], "#version") == 0) + { + if (nipper->debugMode == true) + printf("Version Line: %s\n", line); + strncpy(nipper->version, command.part[tempInt+1], sizeof(nipper->version) - 1); + nipper->versionMajor = atoi(nipper->version); + nipper->versionMinor = atoi(strchr(nipper->version, '.') + 1); + nipper->versionRevision = atoi(strchr(nipper->version, '(') + 1); + } + + // Logout Timeout... + else if (strcmp(command.part[tempInt], "logout") == 0) + { + if (nipper->debugMode == true) + printf("Logout Line: %s\n", line); + nipper->nmp->timeout = atoi(command.part[tempInt+1]); + } + + // Enable Passwords + else if ((strcmp(command.part[tempInt], "password") == 0) || (strcmp(command.part[tempInt], "enablepass") == 0)) + processEnablePass(line, nipper); + + // CDP... + else if (strcmp(command.part[tempInt], "cdp") == 0) + processNMPCDP(line, nipper); + + // SNMP... + else if (strcmp(command.part[tempInt], "snmp") == 0) + processNMPSnmp(line, nipper); + + // Ports + else if (strcmp(command.part[tempInt], "port") == 0) + processNMPPort(line, nipper); + + // Trunk + else if (strcmp(command.part[tempInt], "trunk") == 0) + processNMPTrunk(line, nipper); + + // Spanning Tree + else if (strcmp(command.part[tempInt], "spantree") == 0) + processNMPSpantree(line, nipper); + + // VLAN + else if (strcmp(command.part[tempInt], "vlan") == 0) + processNMPVlan(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} diff --git a/0.11.10/NMP/process-cdp.c b/0.11.10/NMP/process-cdp.c new file mode 100644 index 0000000..1016a00 --- /dev/null +++ b/0.11.10/NMP/process-cdp.c @@ -0,0 +1,140 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// CDP +void processNMPCDP(char *line, struct nipperConfig *nipper) +{ + // Variables + int offset = 0; + int offsetStart = 0; + int range = 0; + int module = 0; + int port = 0; + int tempInt = 0; + struct portConfig *portNMPPointer = 0; + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("CDP Line: %s\n", line); + + // Init + offset = 0; + command = splitLine(line); + + + // Global Enable / Disable + if (((strcmp(command.part[2], "enable") == 0) || (strcmp(command.part[2], "disable") == 0)) && (command.parts == 3)) + { + if (strcmp(command.part[2], "enable") == 0) + nipper->nmp->cdp = true; + else + nipper->nmp->cdp = false; + } + + // Interval + else if (strcmp(command.part[2], "interval") == 0) + nipper->nmp->cdpInterval = atoi(command.part[3]); + + // Holdtime + else if (strcmp(command.part[2], "holdtime") == 0) + nipper->nmp->cdpHoldtime = atoi(command.part[3]); + + // Version + else if (strcmp(command.part[2], "version") == 0) + { + if (strcmp(command.part[3], "v1") == 0) + nipper->nmp->cdpVersion = 1; + else + nipper->nmp->cdpVersion = 2; + } + + // Individual Port Enable / Disable + else if (((strcmp(command.part[2], "enable") == 0) || (strcmp(command.part[2], "disable") == 0)) && (command.parts == 4)) + { + if (strcmp(command.part[2], "enable") == 0) + tempInt = true; + else + tempInt = false; + + while (command.part[3][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '/')) + offset++; + command.part[3][offset] = 0; + module = atoi(command.part[3] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '-') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '-') + range = true; + else + range = false; + command.part[3][offset] = 0; + port = atoi(command.part[3] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set CDP + portNMPPointer->cdp = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != ',')) + offset++; + command.part[3][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[3] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set CDP + portNMPPointer->cdp = tempInt; + } + } + + // Move offset + offset++; + } + } +} diff --git a/0.11.10/NMP/process-general.c b/0.11.10/NMP/process-general.c new file mode 100644 index 0000000..2667e7a --- /dev/null +++ b/0.11.10/NMP/process-general.c @@ -0,0 +1,156 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process EnablePass / Password +void processEnablePass(char *line, struct nipperConfig *nipper) +{ + // Enable Password? + if (strncmp("set enablepass ", line, 15) == 0) + { + // Debug output + if (nipper->debugMode == true) + printf("Enable Password Line: %s\n", line); + + strncpy(nipper->nmp->enablePassword, line + 15, sizeof(nipper->nmp->enablePassword) - 1); + addJohnPassword(nipper, "Enable", nipper->nmp->enablePassword); + } + + // Password + else if (strncmp("set password ", line, 13) == 0) + { + // Debug output + if (nipper->debugMode == true) + printf("Login Password Line: %s\n", line); + + strncpy(nipper->nmp->password, line + 13, sizeof(nipper->nmp->password) - 1); + addJohnPassword(nipper, "LoginPassword", nipper->nmp->password); + } +} + + +struct switchNMPConfig +{ + int ipRedirect; // true or false + int ipUnreachable; // true or false + int ipFragmentation; // true or false +}; + + +// ICMP IP Unreachable +void processNMPUnreachable(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("ICMP IP Unrachable Line: %s\n", line); + + // Is switch configuration is not set + if (nipper->nmp->switchConfig == 0) + { + nipper->nmp->switchConfig = malloc(sizeof(struct switchNMPConfig)); + memset(nipper->nmp->switchConfig, 0 , sizeof(struct switchNMPConfig)); + nipper->nmp->switchConfig->ipRedirect = true; + nipper->nmp->switchConfig->ipUnreachable = true; + nipper->nmp->switchConfig->ipFragmentation = true; + } + + // Init + command = splitLine(line); + + if (strcmp(command.part[3], "enable") == 0) + nipper->nmp->switchConfig->ipUnreachable = true; + else + nipper->nmp->switchConfig->ipUnreachable = false; +} + + +// IP Redirects +void processNMPRedirect(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("IP Redirect Line: %s\n", line); + + // Is switch configuration is not set + if (nipper->nmp->switchConfig == 0) + { + nipper->nmp->switchConfig = malloc(sizeof(struct switchNMPConfig)); + memset(nipper->nmp->switchConfig, 0 , sizeof(struct switchNMPConfig)); + nipper->nmp->switchConfig->ipRedirect = true; + nipper->nmp->switchConfig->ipUnreachable = true; + nipper->nmp->switchConfig->ipFragmentation = true; + } + + // Init + command = splitLine(line); + + if (strcmp(command.part[3], "enable") == 0) + nipper->nmp->switchConfig->ipRedirect = true; + else + nipper->nmp->switchConfig->ipRedirect = false; +} + + +// Fragmentation +void processNMPFragmentation(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("IP Fragmentation Line: %s\n", line); + + // Is switch configuration is not set + if (nipper->nmp->switchConfig == 0) + { + nipper->nmp->switchConfig = malloc(sizeof(struct switchNMPConfig)); + memset(nipper->nmp->switchConfig, 0 , sizeof(struct switchNMPConfig)); + nipper->nmp->switchConfig->ipRedirect = true; + nipper->nmp->switchConfig->ipUnreachable = true; + nipper->nmp->switchConfig->ipFragmentation = true; + } + + // Init + command = splitLine(line); + + if (strcmp(command.part[3], "enable") == 0) + nipper->nmp->switchConfig->ipFragmentation = true; + else + nipper->nmp->switchConfig->ipFragmentation = false; +} + + diff --git a/0.11.10/NMP/process-permit.c b/0.11.10/NMP/process-permit.c new file mode 100644 index 0000000..5e40906 --- /dev/null +++ b/0.11.10/NMP/process-permit.c @@ -0,0 +1,166 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +struct permitConfig +{ + int telnet; // true, false or unconfigured + struct hostNMP *telnetHost; + int snmp; // true, false or unconfigured + struct hostNMP *snmpHost; + int ssh; // true, false or unconfigured + struct hostNMP *sshHost; + struct portConfig *next; +}; + + +// Permit +void processNMPPermit(char *line, struct nipperConfig *nipper) +{ + // Variables + int tempInt = 0; + struct ciscoCommand command; + struct hostNMP *hostNMPPointer = 0; + + // Debug output + if (nipper->debugMode == true) + printf("Permit Line: %s\n", line); + + // Init + command = splitLine(line); + + // If permit doesn't exist... + if (nipper->nmp->permit == 0) + { + // Create + nipper->nmp->permit = malloc(sizeof(struct permitConfig)); + memset(nipper->nmp->permit, 0 , sizeof(struct permitConfig)); + // Init + nipper->nmp->permit->telnet = unconfigured; + nipper->nmp->permit->snmp = unconfigured; + nipper->nmp->permit->ssh = unconfigured; + } + + // Enable / Disable permit lists + if ((strcmp(command.part[3], "enable") == 0) || (strcmp(command.part[3], "disable") == 0)) + { + // Is it enable + if (strcmp(command.part[3], "enable") == 0) + tempInt = true; + else + tempInt = false; + + // If all are enabled / disabled + if (command.parts == 4) + { + nipper->nmp->permit->telnet = tempInt; + nipper->nmp->permit->snmp = tempInt; + nipper->nmp->permit->ssh = tempInt; + } + + // If it is telnet + else if (strcmp(command.part[4], "telnet") == 0) + nipper->nmp->permit->telnet = tempInt; + + // If it is snmp + else if (strcmp(command.part[4], "snmp") == 0) + nipper->nmp->permit->snmp = tempInt; + + // If it is ssh + else if (strcmp(command.part[4], "ssh") == 0) + nipper->nmp->permit->ssh = tempInt; + } + + // If a permit host + else + { + + // Is it a telnet host + if ((strcmp(command.part[command.parts - 1], "telnet") == 0) || (strcmp(command.part[command.parts - 1], "all") == 0)) + { + // Create structure + hostNMPPointer = malloc(sizeof(struct hostNMP)); + memset(hostNMPPointer, 0 , sizeof(struct hostNMP)); + + // IP / Hostname + strncpy(hostNMPPointer->host, command.part[3], sizeof(hostNMPPointer->host) - 1); + + // Net Mask? + if (command.parts == 6) + strncpy(hostNMPPointer->netMask, command.part[4], sizeof(hostNMPPointer->netMask) - 1); + + // Pointers + hostNMPPointer->next = nipper->nmp->permit->telnetHost; + nipper->nmp->permit->telnetHost = hostNMPPointer; + } + + // Is it a ssh host + if ((strcmp(command.part[command.parts - 1], "ssh") == 0) || (strcmp(command.part[command.parts - 1], "all") == 0)) + { + // Create structure + hostNMPPointer = malloc(sizeof(struct hostNMP)); + memset(hostNMPPointer, 0 , sizeof(struct hostNMP)); + + // IP / Hostname + strncpy(hostNMPPointer->host, command.part[3], sizeof(hostNMPPointer->host) - 1); + + // Net Mask? + if (command.parts == 6) + strncpy(hostNMPPointer->netMask, command.part[4], sizeof(hostNMPPointer->netMask) - 1); + + // Pointers + hostNMPPointer->next = nipper->nmp->permit->sshHost; + nipper->nmp->permit->sshHost = hostNMPPointer; + } + + // Is it a snmp host + if ((strcmp(command.part[command.parts - 1], "snmp") == 0) || (strcmp(command.part[command.parts - 1], "all") == 0)) + { + // Create structure + hostNMPPointer = malloc(sizeof(struct hostNMP)); + memset(hostNMPPointer, 0 , sizeof(struct hostNMP)); + + // IP / Hostname + strncpy(hostNMPPointer->host, command.part[3], sizeof(hostNMPPointer->host) - 1); + + // Net Mask? + if (command.parts == 6) + strncpy(hostNMPPointer->netMask, command.part[4], sizeof(hostNMPPointer->netMask) - 1); + + // Pointers + hostNMPPointer->next = nipper->nmp->permit->snmpHost; + nipper->nmp->permit->snmpHost = hostNMPPointer; + } + } +} + + + + diff --git a/0.11.10/NMP/process-port.c b/0.11.10/NMP/process-port.c new file mode 100644 index 0000000..1b89a49 --- /dev/null +++ b/0.11.10/NMP/process-port.c @@ -0,0 +1,745 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +struct moduleConfig +{ + int module; + char name[32]; + int portSecurity; + struct portConfig *ports; + struct moduleConfig *next; +}; + + +#define port_speed_auto 0 +#define port_speed_10 1 +#define port_speed_100 2 +#define port_speed_1000 3 +#define port_speed_auto_10_100 4 +#define port_duplex_auto 0 +#define port_duplex_half 1 +#define port_duplex_full 2 +#define port_trunk_auto 0 +#define port_trunk_nonegotiate 1 +#define port_trunk_on 2 +#define port_trunk_off 3 +#define port_trunk_desirable 4 +#define port_guard_none 0 +#define port_guard_default 1 +#define port_guard_loop 2 +#define port_guard_root 3 + +struct portConfig +{ + int port; + char name[32]; + int speed; + int duplex; + int vlan; + int enabled; + int spantreeGuard; + int trunk; + int vtp; + int portSecurity; + int cdp; + struct portConfig *next; +}; + + +// Init Port +void initNMPPort(struct portConfig *portNMPPointer) +{ + portNMPPointer->enabled = true; + portNMPPointer->vlan = 1; + portNMPPointer->speed = port_speed_auto; + portNMPPointer->duplex = port_duplex_auto; + portNMPPointer->trunk = port_trunk_auto; + portNMPPointer->vtp = true; + portNMPPointer->cdp = true; + portNMPPointer->portSecurity = false; + portNMPPointer->spantreeGuard = port_guard_none; +} + + +// Add port / module +struct portConfig *createNMPPort(int module, int port, struct ciscoNMPConfig *configNMP) +{ + // Variables + struct moduleConfig *moduleNMPPointer = 0; + struct moduleConfig *previousModuleNMPPointer = 0; + struct portConfig *portNMPPointer = 0; + struct portConfig *previousPortNMPPointer = 0; + + // If first module + if (configNMP->module == 0) + { + // Create + configNMP->module = malloc(sizeof(struct moduleConfig)); + memset(configNMP->module, 0 , sizeof(struct moduleConfig)); + // Pointers + moduleNMPPointer = configNMP->module; + // Init + moduleNMPPointer->portSecurity = false; + } + else + { + // Search for module + previousModuleNMPPointer = 0; + moduleNMPPointer = configNMP->module; + while ((moduleNMPPointer->module < module) && (moduleNMPPointer->next != 0)) + { + previousModuleNMPPointer = moduleNMPPointer; + moduleNMPPointer = moduleNMPPointer->next; + } + + // If should be before + if (moduleNMPPointer->module > module) + { + // If it should be first + if (previousModuleNMPPointer == 0) + { + // Create + configNMP->module = malloc(sizeof(struct moduleConfig)); + memset(configNMP->module, 0 , sizeof(struct moduleConfig)); + // Pointers + configNMP->module->next = moduleNMPPointer; + moduleNMPPointer = configNMP->module; + // Init + moduleNMPPointer->portSecurity = false; + } + else + { + // Create + previousModuleNMPPointer->next = malloc(sizeof(struct moduleConfig)); + memset(previousModuleNMPPointer->next, 0 , sizeof(struct moduleConfig)); + // Pointers + previousModuleNMPPointer->next->next = moduleNMPPointer; + moduleNMPPointer = previousModuleNMPPointer->next; + // Init + moduleNMPPointer->portSecurity = false; + } + } + // Should be after + else if (moduleNMPPointer->module < module) + { + // Create + moduleNMPPointer->next = malloc(sizeof(struct moduleConfig)); + memset(moduleNMPPointer->next, 0 , sizeof(struct moduleConfig)); + // Pointers + moduleNMPPointer = moduleNMPPointer->next; + // Init + moduleNMPPointer->portSecurity = false; + } + } + + // Set module number + moduleNMPPointer->module = module; + + // If first port + if (moduleNMPPointer->ports == 0) + { + // Create + moduleNMPPointer->ports = malloc(sizeof(struct portConfig)); + memset(moduleNMPPointer->ports, 0 , sizeof(struct portConfig)); + // Pointers + portNMPPointer = moduleNMPPointer->ports; + // Init + initNMPPort(portNMPPointer); + } + else + { + // Search for port + previousPortNMPPointer = 0; + portNMPPointer = moduleNMPPointer->ports; + while ((portNMPPointer->port < port) && (portNMPPointer->next != 0)) + { + previousPortNMPPointer = portNMPPointer; + portNMPPointer = portNMPPointer->next; + } + + // If port should be before + if (portNMPPointer->port > port) + { + // If it should be first + if (previousPortNMPPointer == 0) + { + // Create + moduleNMPPointer->ports = malloc(sizeof(struct portConfig)); + memset(moduleNMPPointer->ports, 0 , sizeof(struct portConfig)); + // Pointers + moduleNMPPointer->ports->next = portNMPPointer; + portNMPPointer = moduleNMPPointer->ports; + // Init + initNMPPort(portNMPPointer); + } + else + { + // Create + previousPortNMPPointer->next = malloc(sizeof(struct portConfig)); + memset(previousPortNMPPointer->next, 0 , sizeof(struct portConfig)); + // Pointers + previousPortNMPPointer->next->next = portNMPPointer; + portNMPPointer = previousPortNMPPointer->next; + // Init + initNMPPort(portNMPPointer); + } + } + // Should be after + else if (portNMPPointer->port < port) + { + // Create + portNMPPointer->next = malloc(sizeof(struct portConfig)); + memset(portNMPPointer->next, 0 , sizeof(struct portConfig)); + // Pointers + portNMPPointer = portNMPPointer->next; + // Init + initNMPPort(portNMPPointer); + } + } + + // Set port number + portNMPPointer->port = port; + + // Return port pointer + return portNMPPointer; +} + + +// Ports +void processNMPPort(char *line, struct nipperConfig *nipper) +{ + // Variables + int offset; + int offsetStart; + int range; + int module; + int port; + int tempInt; + struct portConfig *portNMPPointer; + struct moduleConfig *moduleNMPPointer; + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("Port Line: %s\n", line); + + // Init + offset = 0; + command = splitLine(line); + + // Name + if (strcmp(command.part[2], "name") == 0) + { + while (command.part[3][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '/')) + offset++; + command.part[3][offset] = 0; + module = atoi(command.part[3] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '-') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '-') + range = true; + else + range = false; + command.part[3][offset] = 0; + port = atoi(command.part[3] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Name + strncpy(portNMPPointer->name, command.part[4], sizeof(portNMPPointer->name) - 1); + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != ',')) + offset++; + command.part[3][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[3] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Name + strncpy(portNMPPointer->name, command.part[4], sizeof(portNMPPointer->name) - 1); + } + } + + // Move offset + offset++; + } + } + + // Port Security Auto-Configure + else if ((strcmp(command.part[2], "security") == 0) && (strcmp(command.part[3], "auto-configure") == 0)) + { + if (strcmp(command.part[4], "enable") == 0) + nipper->nmp->portSecurityAuto = true; + else + nipper->nmp->portSecurityAuto = false; + } + + // Port Security + else if ((strcmp(command.part[2], "security") == 0) && ((strcmp(command.part[4], "enable") == 0) || (strcmp(command.part[4], "disable") == 0))) + { + if (strcmp(command.part[4], "enable") == 0) + tempInt = true; + else + tempInt = false; + + while (command.part[3][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '/') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '/') + range = false; + else + range = true; + command.part[3][offset] = 0; + module = atoi(command.part[3] + offsetStart); + offset++; + + // Module Port Security + if (range == true) + { + if (nipper->nmp->module != 0) + { + moduleNMPPointer = nipper->nmp->module; + while ((moduleNMPPointer != 0) && (moduleNMPPointer->module != module)) + moduleNMPPointer = moduleNMPPointer->next; + if (moduleNMPPointer != 0) + moduleNMPPointer->portSecurity = tempInt; + } + } + + else + { + // Get Port number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '-') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '-') + range = true; + else + range = false; + command.part[3][offset] = 0; + port = atoi(command.part[3] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Port Security + portNMPPointer->portSecurity = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != ',')) + offset++; + command.part[3][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[3] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Port Security + portNMPPointer->portSecurity = tempInt; + } + } + } + + // Move offset + offset++; + } + } + + // Enable / Disable + else if ((strcmp(command.part[2], "enable") == 0) || ((strcmp(command.part[2], "disable") == 0))) + { + if (strcmp(command.part[2], "enable") == 0) + tempInt = true; + else + tempInt = false; + + while (command.part[3][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '/')) + offset++; + command.part[3][offset] = 0; + module = atoi(command.part[3] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '-') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '-') + range = true; + else + range = false; + command.part[3][offset] = 0; + port = atoi(command.part[3] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Enabled + portNMPPointer->enabled = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != ',')) + offset++; + command.part[3][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[3] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Enabled + portNMPPointer->enabled = tempInt; + } + } + + // Move offset + offset++; + } + } + + // VTP + else if (strcmp(command.part[2], "vtp") == 0) + { + if (strcmp(command.part[4], "enable") == 0) + tempInt = true; + else + tempInt = false; + + while (command.part[3][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '/')) + offset++; + command.part[3][offset] = 0; + module = atoi(command.part[3] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '-') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '-') + range = true; + else + range = false; + command.part[3][offset] = 0; + port = atoi(command.part[3] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set VTP + portNMPPointer->vtp = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != ',')) + offset++; + command.part[3][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[3] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set VTP + portNMPPointer->vtp = tempInt; + } + } + + // Move offset + offset++; + } + } + + // Speed + else if (strcmp(command.part[2], "speed") == 0) + { + // Set Speed + if (strcmp(command.part[4], "10") == 0) + tempInt = port_speed_10; + else if (strcmp(command.part[4], "100") == 0) + tempInt = port_speed_100; + else if (strcmp(command.part[4], "1000") == 0) + tempInt = port_speed_1000; + else if (strcmp(command.part[4], "auto-10-100") == 0) + tempInt = port_speed_auto_10_100; + else + tempInt = port_speed_auto; + + while (command.part[3][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '/')) + offset++; + command.part[3][offset] = 0; + module = atoi(command.part[3] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '-') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '-') + range = true; + else + range = false; + command.part[3][offset] = 0; + port = atoi(command.part[3] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Speed + portNMPPointer->speed = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != ',')) + offset++; + command.part[3][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[3] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Speed + portNMPPointer->speed = tempInt; + } + } + + // Move offset + offset++; + } + } + + // Duplex + else if (strcmp(command.part[2], "duplex") == 0) + { + // Set Speed + if (strcmp(command.part[4], "full") == 0) + tempInt = port_duplex_full; + else if (strcmp(command.part[4], "half") == 0) + tempInt = port_duplex_half; + else + tempInt = port_duplex_auto; + + while (command.part[3][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '/')) + offset++; + command.part[3][offset] = 0; + module = atoi(command.part[3] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '-') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '-') + range = true; + else + range = false; + command.part[3][offset] = 0; + port = atoi(command.part[3] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Duplex + portNMPPointer->duplex = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != ',')) + offset++; + command.part[3][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[3] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set Duplex + portNMPPointer->duplex = tempInt; + } + } + + // Move offset + offset++; + } + } +} + + +// Trunk +void processNMPTrunk(char *line, struct nipperConfig *nipper) +{ + // Variables + int offset; + int offsetStart; + int range; + int module; + int port; + int tempInt; + struct portConfig *portNMPPointer; + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("Trunk Line: %s\n", line); + + // Init + offset = 0; + command = splitLine(line); + + // Get Trunk mode + if (strcmp(command.part[3], "nonegotiate") == 0) + tempInt = port_trunk_nonegotiate; + else if (strcmp(command.part[3], "on") == 0) + tempInt = port_trunk_on; + else if (strcmp(command.part[3], "off") == 0) + tempInt = port_trunk_off; + else if (strcmp(command.part[3], "desirable") == 0) + tempInt = port_trunk_desirable; + else + tempInt = port_trunk_auto; + + // Get Port Pointer + while (command.part[2][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[2][offset] != 0) && (command.part[2][offset] != '/')) + offset++; + command.part[2][offset] = 0; + module = atoi(command.part[2] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[2][offset] != 0) && (command.part[2][offset] != '-') && (command.part[2][offset] != ',')) + offset++; + if (command.part[2][offset] == '-') + range = true; + else + range = false; + command.part[2][offset] = 0; + port = atoi(command.part[2] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Trunk + portNMPPointer->trunk = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[2][offset] != 0) && (command.part[2][offset] != ',')) + offset++; + command.part[2][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[2] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Trunk + portNMPPointer->trunk = tempInt; + } + } + + // Move offset + offset++; + } +} + diff --git a/0.11.10/NMP/process-snmp.c b/0.11.10/NMP/process-snmp.c new file mode 100644 index 0000000..809424c --- /dev/null +++ b/0.11.10/NMP/process-snmp.c @@ -0,0 +1,253 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +#define snmp_nmp_readonly 0 +#define snmp_nmp_readwrite 1 +#define snmp_nmp_readwrite_all 2 + +#define snmp_nmp_standard 0 +#define snmp_nmp_extended 1 + + +// SNMP Community +struct snmpNMPCommunity +{ + int type; // snmp_nmp_standard... + char community[64]; + int weak; + int dictionary; + int access; // snmp_nmp_readonly... + struct snmpNMPCommunity *next; +}; + + +// SNMP Host +struct snmpNMPHost +{ + char host[32]; + char community[64]; + int weak; + int dictionary; + int version; + int port; + char owner[32]; + int index; + struct snmpNMPHost *next; +}; + + +// SNMP +struct snmpNMP +{ + struct snmpNMPCommunity *community; + struct snmpNMPHost *host; + struct snmpTrap *trap; +}; + + +// Process SNMP +void processNMPSnmp(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct snmpNMPCommunity *communityPointer = 0; + struct snmpTrap *snmpTrapPointer = 0; + struct snmpNMPHost *snmpHostPointer = 0; + struct ciscoCommand command; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("SNMP Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Check to see if SNMP already exists + if (nipper->nmp->snmp == 0) + { + nipper->nmp->snmp = malloc(sizeof(struct snmpNMP)); + memset(nipper->nmp->snmp, 0 , sizeof(struct snmpNMP)); + } + + // SNMP Community + if (strncmp(line, "set snmp community ", 19) == 0) + { + // Is first community... + if (nipper->nmp->snmp->community == 0) + { + nipper->nmp->snmp->community = malloc(sizeof(struct snmpNMPCommunity)); + communityPointer = nipper->nmp->snmp->community; + } + else + { + communityPointer = nipper->nmp->snmp->community; + while (communityPointer->next != 0) + communityPointer = communityPointer->next; + communityPointer->next = malloc(sizeof(struct snmpNMPCommunity)); + communityPointer = communityPointer->next; + } + + // Init + memset(communityPointer, 0, sizeof(struct snmpNMPCommunity)); + communityPointer->type = snmp_nmp_standard; + + // Access + if (strcmp(command.part[3], "read-only") == 0) + communityPointer->access = snmp_nmp_readonly; + else if (strcmp(command.part[3], "read-write") == 0) + communityPointer->access = snmp_nmp_readwrite; + else if (strcmp(command.part[3], "read-write-all") == 0) + communityPointer->access = snmp_nmp_readwrite_all; + + // Community + strncpy(communityPointer->community, command.part[4], sizeof(communityPointer->community) - 1); + + // Password Strength + if (passwordStrength(communityPointer->community, nipper) == false) + { + communityPointer->weak = true; + nipper->passwordStrengths++; + } + else + communityPointer->weak = false; + + // Password Dictionary + communityPointer->dictionary = simplePassword(communityPointer->community, nipper); + if (communityPointer->dictionary == true) + nipper->simplePasswords++; + } + + // SNMP Trap + else if ((strncmp(line, "set snmp trap enable ", 21) == 0) || (strncmp(line, "set snmp trap disable ", 22) == 0)) + { + // Is first trap... + if (nipper->nmp->snmp->trap == 0) + { + nipper->nmp->snmp->trap = malloc(sizeof(struct snmpTrap)); + snmpTrapPointer = nipper->nmp->snmp->trap; + } + else + { + snmpTrapPointer = nipper->nmp->snmp->trap; + while (snmpTrapPointer->next != 0) + snmpTrapPointer = snmpTrapPointer->next; + snmpTrapPointer->next = malloc(sizeof(struct snmpTrap)); + snmpTrapPointer = snmpTrapPointer->next; + } + + // Init + memset(snmpTrapPointer, 0, sizeof(struct snmpTrap)); + + // Is enable? + if (strcmp(command.part[3], "enable") == 0) + { + snmpTrapPointer->enabled = true; + tempInt = 21; + } + else + { + snmpTrapPointer->enabled = false; + tempInt = 22; + } + + // Traps + while (line[tempInt] == ' ') + tempInt++; + strncpy(snmpTrapPointer->trap, line + tempInt, sizeof(snmpTrapPointer->trap) - 1); + } + + // SNMP Host + else if (strncmp(line, "set snmp trap ", 14) == 0) + { + // Is first host... + if (nipper->nmp->snmp->host == 0) + { + nipper->nmp->snmp->host = malloc(sizeof(struct snmpNMPHost)); + snmpHostPointer = nipper->nmp->snmp->host; + } + else + { + snmpHostPointer = nipper->nmp->snmp->host; + while (snmpHostPointer->next != 0) + snmpHostPointer = snmpHostPointer->next; + snmpHostPointer->next = malloc(sizeof(struct snmpNMPHost)); + snmpHostPointer = snmpHostPointer->next; + } + + // Init + memset(snmpHostPointer, 0, sizeof(struct snmpNMPHost)); + + // Host + strncpy(snmpHostPointer->host, command.part[3], sizeof(snmpHostPointer->host) - 1); + + // Community + strncpy(snmpHostPointer->community, command.part[4], sizeof(snmpHostPointer->community) - 1); + + // Password Strength + if (passwordStrength(snmpHostPointer->community, nipper) == false) + { + nipper->passwordStrengths++; + snmpHostPointer->weak = true; + } + else + snmpHostPointer->weak = false; + + // Password Dictionary + snmpHostPointer->dictionary = simplePassword(snmpHostPointer->community, nipper); + if (snmpHostPointer->dictionary == true) + nipper->simplePasswords++; + + // Get other options... + tempInt = 5; + while (tempInt < command.parts) + { + // Version + if (strcmp(command.part[tempInt], "version") == 0) + snmpHostPointer->version = atoi(command.part[tempInt + 1]); + + // Port + else if (strcmp(command.part[tempInt], "port") == 0) + snmpHostPointer->port = atoi(command.part[tempInt + 1]); + + // Owner + else if (strcmp(command.part[tempInt], "owner") == 0) + strncpy(snmpHostPointer->owner, command.part[tempInt + 1], sizeof(snmpHostPointer->owner) - 1); + + // Index + else if (strcmp(command.part[tempInt], "index") == 0) + snmpHostPointer->index = atoi(command.part[tempInt + 1]); + + tempInt = tempInt + 2; + } + } +} diff --git a/0.11.10/NMP/process-spantree.c b/0.11.10/NMP/process-spantree.c new file mode 100644 index 0000000..deee0f4 --- /dev/null +++ b/0.11.10/NMP/process-spantree.c @@ -0,0 +1,121 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Spanning Tree +void processNMPSpantree(char *line, struct nipperConfig *nipper) +{ + // Variables + int offset = 0; + int offsetStart = 0; + int range = 0; + int module = 0; + int port = 0; + int tempInt = 0; + struct portConfig *portNMPPointer = 0; + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("Spanning Tree Line: %s\n", line); + + // Init + offset = 0; + command = splitLine(line); + + // Spanning tree Guard + if (strcmp(command.part[2], "guard") == 0) + { + + // Get Guard mode + if (strcmp(command.part[3], "default") == 0) + tempInt = port_guard_default; + else if (strcmp(command.part[3], "root") == 0) + tempInt = port_guard_root; + else if (strcmp(command.part[3], "loop") == 0) + tempInt = port_guard_loop; + else + tempInt = port_guard_none; + + // Get Port Pointer + while (command.part[2][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[4][offset] != 0) && (command.part[4][offset] != '/')) + offset++; + command.part[4][offset] = 0; + module = atoi(command.part[4] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[4][offset] != 0) && (command.part[4][offset] != '-') && (command.part[4][offset] != ',')) + offset++; + if (command.part[4][offset] == '-') + range = true; + else + range = false; + command.part[4][offset] = 0; + port = atoi(command.part[4] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Spanning Tree Guard + portNMPPointer->spantreeGuard = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[4][offset] != 0) && (command.part[4][offset] != ',')) + offset++; + command.part[4][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[4] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Spanning Tree Guard + portNMPPointer->spantreeGuard = tempInt; + } + } + + // Move offset + offset++; + } + } +} + diff --git a/0.11.10/NMP/process-vlan.c b/0.11.10/NMP/process-vlan.c new file mode 100644 index 0000000..04617b1 --- /dev/null +++ b/0.11.10/NMP/process-vlan.c @@ -0,0 +1,287 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +struct vlanConfig +{ + int vlan; + char name[32]; + char type[16]; + int active; + int firewall; + int mtu; + int spanTreeMaxHops; + int allRoutesMaxHops; + int said; + struct vlanConfig *next; +}; + + +void initNMPVLAN(struct vlanConfig *vlanNMPPointer) +{ + vlanNMPPointer->active = true; + strcpy(vlanNMPPointer->type, "ethernet"); + vlanNMPPointer->firewall = -1; + vlanNMPPointer->mtu = 1500; + vlanNMPPointer->spanTreeMaxHops = 7; + vlanNMPPointer->allRoutesMaxHops = 7; + vlanNMPPointer->said = vlanNMPPointer->vlan + 100000; +} + + +// VLAN +void processNMPVlan(char *line, struct nipperConfig *nipper) +{ + // Variables + int vlan = 0; + int tempInt = 0; + int offset = 0; + int offsetStart = 0; + int module = 0; + int port = 0; + int range = 0; + struct vlanConfig *vlanNMPPointer = 0; + struct vlanConfig *vlanNMPPreviousPointer = 0; + struct portConfig *portNMPPointer = 0; + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("VLAN Line: %s\n", line); + + // Init + command = splitLine(line); + + // Set VLAN + vlan = atoi(command.part[2]); + + // Now for the VLAN options + + // If it is not vlan ports + if ((command.parts != 4) || (strcmp(command.part[3], "rspan") == 0)) + { + + // Is this the first VLAN + if (nipper->nmp->vlan == 0) + { + // Create + vlanNMPPointer = malloc(sizeof(struct vlanConfig)); + memset(vlanNMPPointer, 0 , sizeof(struct vlanConfig)); + // Set Pointer + nipper->nmp->vlan = vlanNMPPointer; + //init + initNMPVLAN(vlanNMPPointer); + } + else + { + // Search for VLAN + vlanNMPPointer = nipper->nmp->vlan; + vlanNMPPreviousPointer = 0; + while ((vlanNMPPointer->next != 0) && (vlanNMPPointer->vlan < vlan)) + { + vlanNMPPreviousPointer = vlanNMPPointer; + vlanNMPPointer = vlanNMPPointer->next; + } + + // If it comes before + if (vlanNMPPointer->vlan > vlan) + { + // If there is no previous + if (vlanNMPPreviousPointer == 0) + { + // Create + nipper->nmp->vlan = malloc(sizeof(struct vlanConfig)); + memset(nipper->nmp->vlan, 0 , sizeof(struct vlanConfig)); + // Pointers + nipper->nmp->vlan->next = vlanNMPPointer; + vlanNMPPointer = nipper->nmp->vlan; + //init + initNMPVLAN(vlanNMPPointer); + } + else + { + // Create + vlanNMPPreviousPointer->next = malloc(sizeof(struct vlanConfig)); + memset(vlanNMPPreviousPointer->next, 0 , sizeof(struct vlanConfig)); + // Pointers + vlanNMPPreviousPointer = vlanNMPPreviousPointer->next; + vlanNMPPreviousPointer->next = vlanNMPPointer; + vlanNMPPointer = vlanNMPPreviousPointer; + //init + initNMPVLAN(vlanNMPPointer); + } + } + // It is greater + else if (vlanNMPPointer->vlan < vlan) + { + // Create + vlanNMPPointer->next = malloc(sizeof(struct vlanConfig)); + memset(vlanNMPPointer->next, 0 , sizeof(struct vlanConfig)); + // Pointers + vlanNMPPointer = vlanNMPPointer->next; + //init + initNMPVLAN(vlanNMPPointer); + } + } + + // Set VLAN number + vlanNMPPointer->vlan = vlan; + + // Loop through options + tempInt = 3; + while (tempInt < command.parts) + { + + // Name + if (strcmp(command.part[tempInt], "name") == 0) + { + tempInt++; + strncpy(vlanNMPPointer->name, command.part[tempInt], sizeof(vlanNMPPointer->name) - 1); + } + + // Type + else if (strcmp(command.part[tempInt], "type") == 0) + { + tempInt++; + strncpy(vlanNMPPointer->type, command.part[tempInt], sizeof(vlanNMPPointer->type) - 1); + } + + // State + else if (strcmp(command.part[tempInt], "state") == 0) + { + tempInt++; + if (strcmp(command.part[tempInt], "active") == 0) + vlanNMPPointer->active = true; + else + vlanNMPPointer->active = false; + } + + // Firewall VLAN? + else if (strcmp(command.part[tempInt], "firewall-vlan") == 0) + { + tempInt++; + vlanNMPPointer->firewall = atoi(command.part[tempInt]); + } + + // MTU + else if (strcmp(command.part[tempInt], "mtu") == 0) + { + tempInt++; + vlanNMPPointer->mtu = atoi(command.part[tempInt]); + } + + // MTU + else if (strcmp(command.part[tempInt], "said") == 0) + { + tempInt++; + vlanNMPPointer->said = atoi(command.part[tempInt]); + } + + // Spanning Tree Maximum Hops + else if (strcmp(command.part[tempInt], "stemaxhop") == 0) + { + tempInt++; + vlanNMPPointer->spanTreeMaxHops = atoi(command.part[tempInt]); + } + + // Spanning Tree Maximum Hops + else if (strcmp(command.part[tempInt], "aremaxhop") == 0) + { + tempInt++; + vlanNMPPointer->allRoutesMaxHops = atoi(command.part[tempInt]); + } + + // Increment loop + tempInt++; + } + } + + // Set Port VLAN + else + { + + // Get VLAN + tempInt = atoi(command.part[2]); + + offset = 0; + while (command.part[3][offset] != 0) + { + // Get Module number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '/')) + offset++; + command.part[3][offset] = 0; + module = atoi(command.part[3] + offsetStart); + offset++; + + // Get Port number + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != '-') && (command.part[3][offset] != ',')) + offset++; + if (command.part[3][offset] == '-') + range = true; + else + range = false; + command.part[3][offset] = 0; + port = atoi(command.part[3] + offsetStart); + + // Create Port + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set VLAN + portNMPPointer->vlan = tempInt; + + // If it is a range + if (range == true) + { + // Set End Port + offset++; + offsetStart = offset; + while ((command.part[3][offset] != 0) && (command.part[3][offset] != ',')) + offset++; + command.part[3][offset] = 0; + + // Add each port in range + while (port < atoi(command.part[3] + offsetStart)) + { + port++; + portNMPPointer = createNMPPort(module, port, nipper->nmp); + + // Set VLAN + portNMPPointer->vlan = tempInt; + } + } + + // Move offset + offset++; + } + + } +} + diff --git a/0.11.10/NMP/report-debug.c b/0.11.10/NMP/report-debug.c new file mode 100644 index 0000000..57b1707 --- /dev/null +++ b/0.11.10/NMP/report-debug.c @@ -0,0 +1,197 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void reportNMPDebug(struct nipperConfig *nipper) +{ + // Variables + struct johnPassword *johnPointer = 0; + struct snmpNMPCommunity *communityNMPPointer = 0; + struct snmpNMPHost *snmpNMPHostPointer = 0; + struct snmpTrap *snmpTrapPointer = 0; + struct hostNMP *hostNMPPointer = 0; + struct vlanConfig *vlanNMPPointer = 0; + struct moduleConfig *moduleNMPPointer = 0; + struct portConfig *portNMPPointer = 0; + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf(" True or Enabled = %d\n", true); + printf(" False or Disabled = %d\n", false); + printf(" Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + printf("Hostname: %s\n", nipper->hostname); + printf("NMP Version: %s\n", nipper->version); + printf("NMP Version: %d.%d(%d)\n", nipper->versionMajor, nipper->versionMinor, nipper->versionRevision); + printf("Location: %s\n", nipper->nmp->location); + printf("Contact: %s\n", nipper->nmp->contact); + printf("Idle Session Timeout: %d\n", nipper->nmp->timeout); + printf("Core File: %s\n", nipper->nmp->coreFile); + printf("Syslog File: %s\n", nipper->nmp->syslogFile); + printf("CDP: %d\n", nipper->nmp->cdp); + printf("CDP Interval %d\n", nipper->nmp->cdpInterval); + printf("CDP Holdtime %d\n", nipper->nmp->cdpHoldtime); + printf("CDP Version %d\n", nipper->nmp->cdpVersion); + printf("Port Security Auto: %d\n", nipper->nmp->portSecurityAuto); + + // Switch configuration + if (nipper->nmp->switchConfig != 0) + { + printf("ICMP Unreachable: %d\n", nipper->nmp->switchConfig->ipUnreachable); + printf("ICMP Redirects: %d\n", nipper->nmp->switchConfig->ipRedirect); + printf("IP Fragmentation: %d\n", nipper->nmp->switchConfig->ipFragmentation); + } + + // Authentication + printf("Enable Password: %s\n", nipper->nmp->enablePassword); + printf("Password: %s\n", nipper->nmp->password); + + if (nipper->nmp->permit != 0) + { + printf("Permit Telnet: %d\n", nipper->nmp->permit->telnet); + hostNMPPointer = nipper->nmp->permit->telnetHost; + while (hostNMPPointer != 0) + { + printf(" Host: %s\n", hostNMPPointer->host); + printf(" Net Mask: %s\n", hostNMPPointer->netMask); + hostNMPPointer = hostNMPPointer->next; + } + printf("Permit SSH: %d\n", nipper->nmp->permit->ssh); + hostNMPPointer = nipper->nmp->permit->sshHost; + while (hostNMPPointer != 0) + { + printf(" Host: %s\n", hostNMPPointer->host); + printf(" Net Mask: %s\n", hostNMPPointer->netMask); + hostNMPPointer = hostNMPPointer->next; + } + printf("Permit SNMP: %d\n", nipper->nmp->permit->snmp); + hostNMPPointer = nipper->nmp->permit->snmpHost; + while (hostNMPPointer != 0) + { + printf(" Host: %s\n", hostNMPPointer->host); + printf(" Net Mask: %s\n", hostNMPPointer->netMask); + hostNMPPointer = hostNMPPointer->next; + } + } + + // SNMP + if (nipper->nmp->snmp != 0) + { + communityNMPPointer = nipper->nmp->snmp->community; + while (communityNMPPointer != 0) + { + printf("SNMP Type: %d\n", communityNMPPointer->type); + printf(" SNMP Community: %s\n", communityNMPPointer->community); + printf(" SNMP Weak: %d\n", communityNMPPointer->weak); + printf(" SNMP Simple: %d\n", communityNMPPointer->dictionary); + printf(" SNMP Access: %d\n", communityNMPPointer->access); + communityNMPPointer = communityNMPPointer->next; + } + snmpTrapPointer = nipper->nmp->snmp->trap; + while (snmpTrapPointer != 0) + { + printf("SNMP Trap: %s\n", snmpTrapPointer->trap); + printf(" Enabled: %d\n", snmpTrapPointer->enabled); + snmpTrapPointer = snmpTrapPointer->next; + } + snmpNMPHostPointer = nipper->nmp->snmp->host; + while (snmpNMPHostPointer != 0) + { + printf("SNMP Host: %s\n", snmpNMPHostPointer->host); + printf("SNMP Community: %s\n", snmpNMPHostPointer->community); + printf(" SNMP Weak: %d\n", snmpNMPHostPointer->weak); + printf(" SNMP Simple: %d\n", snmpNMPHostPointer->dictionary); + printf(" SNMP Version: %d\n", snmpNMPHostPointer->version); + printf(" SNMP Port: %d\n", snmpNMPHostPointer->port); + printf(" SNMP Owner: %s\n", snmpNMPHostPointer->owner); + printf(" SNMP Index: %d\n", snmpNMPHostPointer->index); + snmpNMPHostPointer = snmpNMPHostPointer->next; + } + } + + // VLANS + vlanNMPPointer = nipper->nmp->vlan; + while(vlanNMPPointer != 0) + { + printf("VLAN: %d\n", vlanNMPPointer->vlan); + printf(" Name: %s\n", vlanNMPPointer->name); + printf(" Active: %d\n", vlanNMPPointer->active); + printf(" Type: %s\n", vlanNMPPointer->type); + printf(" Firewall: %d\n", vlanNMPPointer->firewall); + printf(" MTU: %d\n", vlanNMPPointer->mtu); + printf(" Spanning Tree Max Hops: %d\n", vlanNMPPointer->spanTreeMaxHops); + printf(" All Routes Max Hops: %d\n", vlanNMPPointer->allRoutesMaxHops); + printf(" Security Association ID: %d\n", vlanNMPPointer->said); + vlanNMPPointer = vlanNMPPointer->next; + } + + // Modules / Ports + moduleNMPPointer = nipper->nmp->module; + while (moduleNMPPointer != 0) + { + printf("Module: %d\n", moduleNMPPointer->module); + printf(" Name: %s\n", moduleNMPPointer->name); + printf(" Port Security: %d\n", moduleNMPPointer->portSecurity); + portNMPPointer = moduleNMPPointer->ports; + while (portNMPPointer != 0) + { + printf(" Port: %d\n", portNMPPointer->port); + printf(" Name: %s\n", portNMPPointer->name); + printf(" VLAN: %d\n", portNMPPointer->vlan); + printf(" Enabled: %d\n", portNMPPointer->enabled); + printf(" Speed: %d\n", portNMPPointer->speed); + printf(" Duplex: %d\n", portNMPPointer->duplex); + printf(" Spanning Tree Guard: %d\n", portNMPPointer->spantreeGuard); + printf(" Trunk: %d\n", portNMPPointer->trunk); + printf(" VLAN Trunking: %d\n", portNMPPointer->vtp); + printf(" Port Security: %d\n", portNMPPointer->portSecurity); + printf(" CDP: %d\n", portNMPPointer->cdp); + portNMPPointer = portNMPPointer->next; + } + moduleNMPPointer = moduleNMPPointer->next; + } + + // John-the-ripper + if (nipper->john != 0) + { + printf("\n%sJohn-the-ripper Output\n======================%s\n", COL_BLUE, RESET); + johnPointer = nipper->john; + while (johnPointer != 0) + { + printf("Username: %s\n", johnPointer->username); + printf(" Password: %s\n", johnPointer->password); + johnPointer = johnPointer->next; + } + } +} + + diff --git a/0.11.10/NMP/report-general.c b/0.11.10/NMP/report-general.c new file mode 100644 index 0000000..a037fef --- /dev/null +++ b/0.11.10/NMP/report-general.c @@ -0,0 +1,162 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for NMP / CatOS reporting + +void nmpGeneralConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_general_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sHostname%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->friendlyHostname, nipper->tablerow_end); + if (nipper->version[0] != 0) + fprintf(nipper->reportFile, "%sNMP Version%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->version, nipper->tablerow_end); + if (nipper->nmp->location[0] != 0) + fprintf(nipper->reportFile, "%sLocation%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->nmp->location, nipper->tablerow_end); + if (nipper->nmp->contact[0] != 0) + fprintf(nipper->reportFile, "%sContact%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->nmp->contact, nipper->tablerow_end); + if (nipper->nmp->coreFile[0] != 0) + fprintf(nipper->reportFile, "%sCore File%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->nmp->coreFile, nipper->tablerow_end); + if (nipper->nmp->syslogFile[0] != 0) + fprintf(nipper->reportFile, "%sSyslog File%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->nmp->syslogFile, nipper->tablerow_end); + if (nipper->nmp->timeout == 0) + fprintf(nipper->reportFile, "%sIdle Session Timeout%sNone%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + { + fprintf(nipper->reportFile, "%sIdle Session Timeout%s", nipper->tablerow_start, nipper->tablerow_mid); + numToWord(nipper->reportFile, nipper->nmp->timeout); + fprintf(nipper->reportFile, " minutes%s", nipper->tablerow_end); + } + if (nipper->nmp->portSecurityAuto == true) + fprintf(nipper->reportFile, "%sPort Security Auto Configure%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sPort Security Auto Configure%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_general_table, &settings_general_heading); + addAbbreviation("NMP", false); + addAbbreviation("CDP", false); +} + + +void nmpSwitchConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_switch_table, &settings_general_heading); + if (nipper->nmp->switchConfig->ipRedirect == true) + fprintf(nipper->reportFile, "%sICMP Redirects%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sICMP Redirects%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->nmp->switchConfig->ipUnreachable == true) + fprintf(nipper->reportFile, "%sICMP Unreachables%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sICMP Unreachables%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->nmp->switchConfig->ipFragmentation == true) + fprintf(nipper->reportFile, "%sIP Fragmentation%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sIP Fragmentation%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_switch_table, &settings_general_heading); + addAbbreviation("IP", false); + addAbbreviation("ICMP", false); +} + + +void nmpCDPIssue(struct nipperConfig *nipper) +{ + output_parseText(report_cdp_obs, nipper, section_none, rate_none, -1, 0); + output_endsection(nipper, section_obs); + output_parseText(report_cdp_impact, nipper, section_imp, rate_low, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_cdp_ease, nipper, section_ease, rate_trivial, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_cdp_rec2, nipper, section_rec, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} + + +void nmpTimeoutIssue(struct nipperConfig *nipper) +{ + output_parseText(report_timeout_obs1, nipper, section_obs, rate_none, nipper->insecureTimeouts, nipper->tableNum); + if ((nipper->connectionTimeout % 60) == 0) + { + numToWord(nipper->reportFile, (nipper->connectionTimeout / 60)); + fprintf(nipper->reportFile, " minutes"); + } + else + { + numToWord(nipper->reportFile, nipper->connectionTimeout / 60); + fprintf(nipper->reportFile, " minutes and "); + numToWord(nipper->reportFile, nipper->connectionTimeout % 60); + fprintf(nipper->reportFile, " seconds"); + } + output_parseText(report_timeout_obs2, nipper, section_none, rate_none, nipper->insecureTimeouts, nipper->tableNum); + if (nipper->insecureTimeouts > 1) + { + output_table(nipper, true, report_timeout_table, &report_timeout_heading); + if (nipper->nmp->timeout * 60 > nipper->connectionTimeout) + { + fprintf(nipper->reportFile, "%sSession Timeout%s", nipper->tablerow_start, nipper->tablerow_mid); + numToWord(nipper->reportFile, nipper->nmp->timeout); + if (nipper->nmp->timeout > 1) + fprintf(nipper->reportFile, " minutes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, " minute%s", nipper->tablerow_end); + } + output_table(nipper, false, report_timeout_table, &report_timeout_heading); + } + else + { + if (nipper->nmp->timeout * 60 > nipper->connectionTimeout) + { + fprintf(nipper->reportFile, "The session timeout was "); + numToWord(nipper->reportFile, nipper->nmp->timeout); + if (nipper->nmp->timeout > 1) + fprintf(nipper->reportFile, " minutes."); + else + fprintf(nipper->reportFile, " minute."); + } + output_newPara(nipper); + } + output_endsection(nipper, section_obs); + output_parseText(report_timeout_impact, nipper, section_imp, rate_high, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_timeout_ease, nipper, section_ease, rate_difficult, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_timeout_rec1, nipper, section_rec, rate_none, 0, 0); + if ((nipper->connectionTimeout % 60) == 0) + { + numToWord(nipper->reportFile, (nipper->connectionTimeout / 60)); + fprintf(nipper->reportFile, " minutes"); + } + else + { + numToWord(nipper->reportFile, nipper->connectionTimeout / 60); + fprintf(nipper->reportFile, " minutes and "); + numToWord(nipper->reportFile, (nipper->connectionTimeout % 60)); + fprintf(nipper->reportFile, " seconds"); + } + output_parseText(report_timeout_rec2, nipper, section_none, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} diff --git a/0.11.10/NMP/report-passwords.c b/0.11.10/NMP/report-passwords.c new file mode 100644 index 0000000..4813595 --- /dev/null +++ b/0.11.10/NMP/report-passwords.c @@ -0,0 +1,350 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void output_NMPTablePasswords(struct nipperConfig *nipper, int dictPassword) +{ + // Variables + struct snmpNMPCommunity *communityNMPPointer = 0; + struct snmpNMPHost *snmpNMPHostPointer = 0; + char tempString[nipper->maxSize]; + + // SNMP + if (nipper->nmp->snmp != 0) + { + communityNMPPointer = nipper->nmp->snmp->community; + while (communityNMPPointer != 0) + { + if (((communityNMPPointer->dictionary == true) && (dictPassword == true)) || ((communityNMPPointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sCommunity%sSNMP%s(", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + if (communityNMPPointer->access == snmp_nmp_readonly) + fprintf(nipper->reportFile, "read-only"); + else if (communityNMPPointer->access == snmp_nmp_readwrite) + fprintf(nipper->reportFile, "read-write"); + else + fprintf(nipper->reportFile, "read-write all"); + if (nipper->passwords == true) + { + outputFriendly(communityNMPPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, ")%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, ")%s", nipper->tablerow_end); + } + communityNMPPointer = communityNMPPointer->next; + } + snmpNMPHostPointer = nipper->nmp->snmp->host; + while (snmpNMPHostPointer != 0) + { + if (((snmpNMPHostPointer->dictionary == true) && (dictPassword == true)) || ((snmpNMPHostPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(snmpNMPHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sCommunity%sSNMP%sHost: %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, tempString); + if (nipper->passwords == true) + { + outputFriendly(snmpNMPHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + snmpNMPHostPointer = snmpNMPHostPointer->next; + } + } +} + + +void output_NMPLinePasswords(struct nipperConfig *nipper, int dictPassword) +{ + // Variables + struct snmpNMPCommunity *communityNMPPointer = 0; + struct snmpNMPHost *snmpNMPHostPointer = 0; + char tempString[nipper->maxSize]; + + if (nipper->nmp->snmp != 0) + { + communityNMPPointer = nipper->nmp->snmp->community; + while (communityNMPPointer != 0) + { + if (((communityNMPPointer->dictionary == true) && (dictPassword == true)) || ((communityNMPPointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "The "); + if (communityNMPPointer->access == snmp_nmp_readonly) + fprintf(nipper->reportFile, "read-only"); + else if (communityNMPPointer->access == snmp_nmp_readwrite) + fprintf(nipper->reportFile, "read-write"); + else + fprintf(nipper->reportFile, "read-write all"); + fprintf(nipper->reportFile, " SNMP community string was "); + if (nipper->passwords == true) + { + outputFriendly(communityNMPPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s.", tempString); + } + else + { + if (dictPassword == true) + fprintf(nipper->reportFile, "dictionary-based."); + else + fprintf(nipper->reportFile, "weak."); + } + } + communityNMPPointer = communityNMPPointer->next; + } + snmpNMPHostPointer = nipper->nmp->snmp->host; + while (snmpNMPHostPointer != 0) + { + if (snmpNMPHostPointer->dictionary == true) + { + outputFriendly(snmpNMPHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "The SNMP community string for the host %s was ", tempString); + if (nipper->passwords == true) + { + outputFriendly(snmpNMPHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s.", tempString); + } + else + { + if (dictPassword == true) + fprintf(nipper->reportFile, "dictionary-based."); + else + fprintf(nipper->reportFile, "weak."); + } + } + snmpNMPHostPointer = snmpNMPHostPointer->next; + } + } + output_newPara(nipper); +} + + +void nmpPasswordsConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_passwords_title, &settings_passwords_heading); + if (nipper->nmp->enablePassword[0] != 0) + { + fprintf(nipper->reportFile, "%sEnable Password", nipper->tablerow_start); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s%s %s", nipper->tablerow_mid, nipper->nmp->enablePassword, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + if (nipper->nmp->password[0] != 0) + { + fprintf(nipper->reportFile, "%sLogin Password", nipper->tablerow_start); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s%s %s", nipper->tablerow_mid, nipper->nmp->password, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + output_table(nipper, false, settings_passwords_title, &settings_passwords_heading); +} + + +void nmpDictionaryIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + output_parseText(report_dict_obs, nipper, section_obs, rate_none, nipper->simplePasswords, nipper->tableNum); + if (nipper->passwordStrengths > 1) + { + output_table(nipper, true, report_dict_table, &report_dict_heading); + output_NMPTablePasswords(nipper, true); + output_table(nipper, false, report_dict_table, &report_dict_heading); + } + else + output_NMPLinePasswords(nipper, true); + output_endsection(nipper, section_obs); + output_parseText(report_dict_impact, nipper, section_imp, rate_high, nipper->simplePasswords, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_dict_ease, nipper, section_ease, rate_trivial, nipper->simplePasswords, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_dict_rec, nipper, section_rec, rate_none, nipper->simplePasswords, nipper->tableNum); + numToWord(nipper->reportFile, nipper->passwordLength); + fprintf(nipper->reportFile, " characters in length and contain"); + if (nipper->passwordUppers == true) + tempInt = 1; + else + tempInt = 0; + if (nipper->passwordLowers == true) + tempInt++; + if (nipper->passwordEither == true) + tempInt++; + if (nipper->passwordNumbers == true) + tempInt++; + if (nipper->passwordSpecials == true) + tempInt++; + if (nipper->passwordUppers == true) + { + fprintf(nipper->reportFile, " uppercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordLowers == true) + { + fprintf(nipper->reportFile, " lowercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordEither == true) + { + fprintf(nipper->reportFile, " either uppercase or lowercase characters"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordNumbers == true) + { + fprintf(nipper->reportFile, " numbers"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordSpecials == true) + { + fprintf(nipper->reportFile, " special"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (((nipper->passwordNumbers == true) && (nipper->passwordSpecials == false)) || ((nipper->passwordEither == false) && (nipper->passwordNumbers == false) && (nipper->passwordSpecials == false))) + fprintf(nipper->reportFile, "."); + else + fprintf(nipper->reportFile, " characters."); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_endsection(nipper, section_rec); +} + + +void nmpStrengthIssue(struct nipperConfig *nipper) +{ + // Variables + int tempInt = 0; + + output_parseText(report_strength_obs, nipper, section_obs, rate_none, nipper->passwordStrengths, nipper->tableNum); + if (nipper->passwordStrengths > 1) + { + output_table(nipper, true, report_strength_table, &report_dict_heading); + output_NMPTablePasswords(nipper, false); + output_table(nipper, false, report_strength_table, &report_dict_heading); + } + else + output_NMPLinePasswords(nipper, false); + output_endsection(nipper, section_obs); + output_parseText(report_strength_impact, nipper, section_imp, rate_high, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_strength_ease, nipper, section_ease, rate_trivial, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_strength_rec, nipper, section_rec, rate_trivial, 0, 0); + numToWord(nipper->reportFile, nipper->passwordLength); + fprintf(nipper->reportFile, " characters in length and contain"); + if (nipper->passwordUppers == true) + tempInt = 1; + else + tempInt = 0; + if (nipper->passwordLowers == true) + tempInt++; + if (nipper->passwordEither == true) + tempInt++; + if (nipper->passwordNumbers == true) + tempInt++; + if (nipper->passwordSpecials == true) + tempInt++; + if (nipper->passwordUppers == true) + { + fprintf(nipper->reportFile, " uppercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordLowers == true) + { + fprintf(nipper->reportFile, " lowercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordEither == true) + { + fprintf(nipper->reportFile, " either uppercase or lowercase characters"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordNumbers == true) + { + fprintf(nipper->reportFile, " numbers"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordSpecials == true) + { + fprintf(nipper->reportFile, " special"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (((nipper->passwordNumbers == true) && (nipper->passwordSpecials == false)) || ((nipper->passwordEither == false) && (nipper->passwordNumbers == false) && (nipper->passwordSpecials == false))) + fprintf(nipper->reportFile, "."); + else + fprintf(nipper->reportFile, "characters."); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/NMP/report-permit.c b/0.11.10/NMP/report-permit.c new file mode 100644 index 0000000..4fe94e5 --- /dev/null +++ b/0.11.10/NMP/report-permit.c @@ -0,0 +1,103 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for NMP / CatOS reporting + +void nmpPermitConfig(struct nipperConfig *nipper) +{ + // Variables... + struct hostNMP *hostNMPPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_permit_table, &settings_permit_heading); + if (nipper->nmp->permit->telnet == true) + fprintf(nipper->reportFile, "%sTelnet%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->nmp->permit->telnet == false) + fprintf(nipper->reportFile, "%sTelnet%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sTelnet%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->nmp->permit->ssh == true) + fprintf(nipper->reportFile, "%sSSH%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->nmp->permit->ssh == false) + fprintf(nipper->reportFile, "%sSSH%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSSH%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->nmp->permit->snmp == true) + fprintf(nipper->reportFile, "%sSNMP%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->nmp->permit->snmp == false) + fprintf(nipper->reportFile, "%sSNMP%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSNMP%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_permit_table, &settings_permit_heading); + addAbbreviation("SNMP", false); + addAbbreviation("SSH", false); + + // Telnet Permission List + if (nipper->nmp->permit->telnet == true) + { + output_table(nipper, true, "Telnet permit list", &settings_permitlist_heading); + hostNMPPointer = nipper->nmp->permit->telnetHost; + while (hostNMPPointer != 0) + { + outputFriendly(hostNMPPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, hostNMPPointer->netMask, nipper->tablerow_end); + hostNMPPointer = hostNMPPointer->next; + } + output_table(nipper, false, "Telnet permit list", &settings_permitlist_heading); + } + + // SSH Permission List + if (nipper->nmp->permit->ssh == true) + { + output_table(nipper, true, "SSH permit list", &settings_permitlist_heading); + hostNMPPointer = nipper->nmp->permit->sshHost; + while (hostNMPPointer != 0) + { + outputFriendly(hostNMPPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, hostNMPPointer->netMask, nipper->tablerow_end); + hostNMPPointer = hostNMPPointer->next; + } + output_table(nipper, false, "SSH permit list", &settings_permitlist_heading); + } + + // SNMP Permission List + if (nipper->nmp->permit->snmp == true) + { + output_table(nipper, true, "SNMP permit list", &settings_permitlist_heading); + hostNMPPointer = nipper->nmp->permit->snmpHost; + while (hostNMPPointer != 0) + { + outputFriendly(hostNMPPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, hostNMPPointer->netMask, nipper->tablerow_end); + hostNMPPointer = hostNMPPointer->next; + } + output_table(nipper, false, "SNMP permit list", &settings_permitlist_heading); + } +} diff --git a/0.11.10/NMP/report-port.c b/0.11.10/NMP/report-port.c new file mode 100644 index 0000000..cdcf2d1 --- /dev/null +++ b/0.11.10/NMP/report-port.c @@ -0,0 +1,227 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for NMP / CatOS reporting + +void nmpPortsConfig(struct nipperConfig *nipper) +{ + // Variables... + struct moduleConfig *moduleNMPPointer = 0; + struct portConfig *portNMPPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + // Modules / Ports + moduleNMPPointer = nipper->nmp->module; + while (moduleNMPPointer != 0) + { + if (moduleNMPPointer->name[0] == 0) + sprintf(tempString, "Module %d port configuration", moduleNMPPointer->module); + else + sprintf(tempString, "Module %d (%s) port configuration", moduleNMPPointer->module, moduleNMPPointer->name); + output_table(nipper, true, tempString, &settings_ports_heading); + portNMPPointer = moduleNMPPointer->ports; + while (portNMPPointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, portNMPPointer->port, nipper->tablerow_mid); + outputFriendly(portNMPPointer->name, tempString2, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString2, nipper->tablerow_mid); + if (portNMPPointer->enabled == true) + fprintf(nipper->reportFile, "Enabled%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Disabled%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", portNMPPointer->vlan, nipper->tablerow_mid); + switch (portNMPPointer->speed) + { + case port_speed_auto: + fprintf(nipper->reportFile, "Auto%s", nipper->tablerow_mid); + break; + case port_speed_10: + fprintf(nipper->reportFile, "10Mb%s", nipper->tablerow_mid); + break; + case port_speed_100: + fprintf(nipper->reportFile, "100Mb%s", nipper->tablerow_mid); + break; + case port_speed_1000: + fprintf(nipper->reportFile, "1000Mb%s", nipper->tablerow_mid); + break; + case port_speed_auto_10_100: + fprintf(nipper->reportFile, "10/100Mb%s", nipper->tablerow_mid); + break; + } + switch (portNMPPointer->duplex) + { + case port_duplex_auto: + fprintf(nipper->reportFile, "Auto%s", nipper->tablerow_mid); + break; + case port_duplex_half: + fprintf(nipper->reportFile, "Half%s", nipper->tablerow_mid); + break; + case port_duplex_full: + fprintf(nipper->reportFile, "Full%s", nipper->tablerow_mid); + break; + } + if (portNMPPointer->portSecurity == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + if (portNMPPointer->cdp == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + switch (portNMPPointer->trunk) + { + case port_trunk_auto: + fprintf(nipper->reportFile, "Auto%s", nipper->tablerow_mid); + break; + case port_trunk_nonegotiate: + fprintf(nipper->reportFile, "No Negotiate%s", nipper->tablerow_mid); + break; + case port_trunk_on: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + break; + case port_trunk_off: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + break; + case port_trunk_desirable: + fprintf(nipper->reportFile, "Desirable%s", nipper->tablerow_mid); + break; + } + if (portNMPPointer->vtp == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + switch (portNMPPointer->spantreeGuard) + { + case port_guard_none: + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_end); + break; + case port_guard_default: + fprintf(nipper->reportFile, "On%s", nipper->tablerow_end); + break; + case port_guard_loop: + fprintf(nipper->reportFile, "On (loop)%s", nipper->tablerow_end); + break; + case port_guard_root: + fprintf(nipper->reportFile, "On (root)%s", nipper->tablerow_end); + break; + } + portNMPPointer = portNMPPointer->next; + } + output_table(nipper, false, tempString, &settings_ports_heading); + moduleNMPPointer = moduleNMPPointer->next; + } + addAbbreviation("VLAN", false); + addAbbreviation("STP", false); +} + + +void nmpCDPConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_cdp_table, &settings_general_heading); + if (nipper->nmp->cdp == true) + fprintf(nipper->reportFile, "%sCisco Discovery Protocol%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sCisco Discovery Protocol%sGlobally Disabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sCDP Version%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->nmp->cdpVersion, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sCDP Message Interval%s", nipper->tablerow_start, nipper->tablerow_mid); + if (nipper->nmp->cdpInterval % 60 == 0) + { + numToWord(nipper->reportFile, nipper->nmp->cdpInterval / 60); + if (nipper->nmp->cdpInterval / 60 > 1) + fprintf(nipper->reportFile, " minutes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, " minute%s", nipper->tablerow_end); + } + else + { + numToWord(nipper->reportFile, nipper->nmp->cdpInterval / 60); + if (nipper->nmp->cdpInterval / 60 > 1) + fprintf(nipper->reportFile, " minutes "); + else + fprintf(nipper->reportFile, " minute "); + numToWord(nipper->reportFile, nipper->nmp->cdpInterval % 60); + if (nipper->nmp->cdpInterval % 60 > 1) + fprintf(nipper->reportFile, " seconds%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, " second%s", nipper->tablerow_end); + } + fprintf(nipper->reportFile, "%sCDP TTL%s", nipper->tablerow_start, nipper->tablerow_mid); + if (nipper->nmp->cdpHoldtime % 60 == 0) + { + numToWord(nipper->reportFile, nipper->nmp->cdpHoldtime / 60); + if (nipper->nmp->cdpHoldtime / 60 > 1) + fprintf(nipper->reportFile, " minutes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, " minute%s", nipper->tablerow_end); + } + else + { + numToWord(nipper->reportFile, nipper->nmp->cdpHoldtime / 60); + if (nipper->nmp->cdpHoldtime / 60 > 1) + fprintf(nipper->reportFile, " minutes "); + else + fprintf(nipper->reportFile, " minute "); + numToWord(nipper->reportFile, nipper->nmp->cdpHoldtime % 60); + if (nipper->nmp->cdpHoldtime % 60 > 1) + fprintf(nipper->reportFile, " seconds%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, " second%s", nipper->tablerow_end); + } + output_table(nipper, false, settings_cdp_table, &settings_general_heading); + addAbbreviation("CDP", false); + addAbbreviation("TTL", false); +} + + +void nmpRedirectsIssue(struct nipperConfig *nipper) +{ + output_parseText(report_redirects_obs, nipper, section_obs, rate_none, -1, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_redirects_impact, nipper, section_imp, rate_med, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_redirects_ease, nipper, section_ease, rate_trivial, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_redirects_rec2, nipper, section_rec, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} + + +void nmpUnreachablesIssue(struct nipperConfig *nipper) +{ + output_parseText(report_icmpunreach_obs, nipper, section_obs, rate_none, -1, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_icmpunreach_impact, nipper, section_imp, rate_low, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_icmpunreach_ease, nipper, section_ease, rate_trivial, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_icmpunreach_rec2, nipper, section_rec, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} diff --git a/0.11.10/NMP/report-snmp.c b/0.11.10/NMP/report-snmp.c new file mode 100644 index 0000000..ecc5be9 --- /dev/null +++ b/0.11.10/NMP/report-snmp.c @@ -0,0 +1,102 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for NMP / CatOS reporting + +void nmpSNMPConfig(struct nipperConfig *nipper) +{ + // Variables... + struct snmpNMPCommunity *communityNMPPointer = 0; + struct snmpNMPHost *snmpNMPHostPointer = 0; + struct snmpTrap *snmpTrapPointer = 0; + + if (nipper->nmp->snmp->community != 0) + { + output_table(nipper, true, settings_snmpstring_table, &settings_snmpcomm_heading); + communityNMPPointer = nipper->nmp->snmp->community; + while (communityNMPPointer != 0) + { + if (communityNMPPointer->type == snmp_nmp_standard) + fprintf(nipper->reportFile, "%sStandard%s", nipper->tablerow_start, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%sExtended%s", nipper->tablerow_start, nipper->tablerow_mid); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s %s", communityNMPPointer->community, nipper->tablerow_mid); + switch (communityNMPPointer->access) + { + case snmp_nmp_readonly: + fprintf(nipper->reportFile, "Read-Only%s", nipper->tablerow_end); + break; + case snmp_nmp_readwrite: + fprintf(nipper->reportFile, "Read-Write%s", nipper->tablerow_end); + break; + case snmp_nmp_readwrite_all: + fprintf(nipper->reportFile, "Read-Write-All%s", nipper->tablerow_end); + break; + } + communityNMPPointer = communityNMPPointer->next; + } + output_table(nipper, false, settings_snmpstring_table, &settings_snmpcomm_heading); + } + if (nipper->nmp->snmp->trap != 0) + { + output_table(nipper, true, settings_snmptrap_table, &settings_snmptraps_heading); + snmpTrapPointer = nipper->nmp->snmp->trap; + while (snmpTrapPointer != 0) + { + if (snmpTrapPointer->enabled == true) + fprintf(nipper->reportFile, "%sEnabled", nipper->tablerow_start); + else + fprintf(nipper->reportFile, "%sDisabled", nipper->tablerow_start); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, snmpTrapPointer->trap, nipper->tablerow_end); + addAbbreviation(snmpTrapPointer->trap, false); + snmpTrapPointer = snmpTrapPointer->next; + } + output_table(nipper, false, settings_snmptrap_table, &settings_snmptraps_heading); + } + if (nipper->nmp->snmp->host != 0) + { + output_table(nipper, true, settings_snmphost_table, &settings_snmphosts_heading); + snmpNMPHostPointer = nipper->nmp->snmp->host; + while (snmpNMPHostPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, snmpNMPHostPointer->host, nipper->tablerow_mid); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s%s", snmpNMPHostPointer->community, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", snmpNMPHostPointer->version, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", snmpNMPHostPointer->port, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", snmpNMPHostPointer->owner, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", snmpNMPHostPointer->index, nipper->tablerow_end); + snmpNMPHostPointer = snmpNMPHostPointer->next; + } + output_table(nipper, false, settings_snmphost_table, &settings_snmphosts_heading); + } + addAbbreviation("SNMP", false); +} diff --git a/0.11.10/NMP/report-vlan.c b/0.11.10/NMP/report-vlan.c new file mode 100644 index 0000000..7931f8d --- /dev/null +++ b/0.11.10/NMP/report-vlan.c @@ -0,0 +1,64 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for NMP / CatOS reporting + +void nmpVLANConfig(struct nipperConfig *nipper) +{ + // Variables... + struct vlanConfig *vlanNMPPointer = 0; + + output_table(nipper, true, settings_vlan_table, &settings_vlan_heading); + vlanNMPPointer = nipper->nmp->vlan; + while(vlanNMPPointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, vlanNMPPointer->vlan, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", vlanNMPPointer->name, nipper->tablerow_mid); + if (vlanNMPPointer->active == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", vlanNMPPointer->type, nipper->tablerow_mid); + if (vlanNMPPointer->firewall == -1) + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", vlanNMPPointer->firewall, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", vlanNMPPointer->said, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", vlanNMPPointer->mtu, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", vlanNMPPointer->spanTreeMaxHops, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", vlanNMPPointer->allRoutesMaxHops, nipper->tablerow_end); + vlanNMPPointer = vlanNMPPointer->next; + } + output_table(nipper, false, settings_vlan_table, &settings_vlan_heading); + addAbbreviation("SAID", false); + addAbbreviation("VLAN", false); + addAbbreviation("MTU", false); +} + diff --git a/0.11.10/NMP/report.c b/0.11.10/NMP/report.c new file mode 100644 index 0000000..a5e2d6c --- /dev/null +++ b/0.11.10/NMP/report.c @@ -0,0 +1,105 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code for NMP / CatOS reporting + +// Report NMP includes... +#include "report-debug.c" +#include "report-general.c" +#include "report-passwords.c" +#include "report-permit.c" +#include "report-port.c" +#include "report-snmp.c" +#include "report-vlan.c" + + +void generateNMPReport(struct nipperConfig *nipper) +{ + // Security Issues section + if (nipper->fullReport == true) + { + // Simple Passwords + if (nipper->simplePasswords > 1) + addReportSection(nipper, section_security, report_dict_title1, report_dict_context, report_dict_rectext, 10, 8, 5, 3, nmpDictionaryIssue); + else if (nipper->simplePasswords > 0) + addReportSection(nipper, section_security, report_dict_title2, report_dict_context, report_dict_rectext, 10, 8, 5, 3, nmpDictionaryIssue); + + // Password Strength + if (nipper->passwordStrengths > 1) + addReportSection(nipper, section_security, report_strength_title1, report_strength_context, report_strength_rectext, 10, 8, 5, 3, nmpStrengthIssue); + else if (nipper->passwordStrengths > 0) + addReportSection(nipper, section_security, report_strength_title2, report_strength_context, report_strength_rectext, 10, 8, 5, 3, nmpStrengthIssue); + + // Timeout + if (nipper->nmp->timeout * 60 > nipper->connectionTimeout) + nipper->insecureTimeouts++; + if (nipper->insecureTimeouts > 0) + addReportSection(nipper, section_security, report_timeout_title, report_timeout_context, report_timeout_rectext, 10, 8, 5, 3, nmpTimeoutIssue); + + // IP Redirects + if (nipper->nmp->switchConfig != 0) + { + if (nipper->nmp->switchConfig->ipRedirect == true) + addReportSection(nipper, section_security, report_redirects_title, report_redirects_context, report_redirects_rectext, 10, 8, 5, 3, nmpRedirectsIssue); + } + + // CDP + if (nipper->nmp->cdp == true) + addReportSection(nipper, section_security, report_cdp_title, report_cdp_context, report_cdp_rectext, 10, 8, 5, 3, nmpCDPIssue); + + // IP Unreachables + if (nipper->nmp->switchConfig != 0) + { + if (nipper->nmp->switchConfig->ipUnreachable == true) + addReportSection(nipper, section_security, report_icmpunreach_title, report_icmpunreach_context, report_icmpunreach_rectext, 10, 8, 5, 3, nmpUnreachablesIssue); + } + } + + + // In Configuration Index + addReportSection(nipper, section_config, settings_general_title, 0, 0, 0, 0, 0, 0, nmpGeneralConfig); + if (nipper->nmp->switchConfig != 0) + addReportSection(nipper, section_config, settings_switch_title, 0, 0, 0, 0, 0, 0, nmpSwitchConfig); + if (nipper->nmp->permit != 0) + addReportSection(nipper, section_config, settings_permit_title, 0, 0, 0, 0, 0, 0, nmpPermitConfig); + if (((nipper->nmp->enablePassword != 0) || (nipper->nmp->password != 0)) && (nipper->passwords == true)) + addReportSection(nipper, section_config, settings_passwords_title, 0, 0, 0, 0, 0, 0, nmpPasswordsConfig); + addReportSection(nipper, section_config, settings_cdp_title, 0, 0, 0, 0, 0, 0, nmpCDPConfig); + if (nipper->nmp->snmp != 0) + addReportSection(nipper, section_config, settings_snmp_title, 0, 0, 0, 0, 0, 0, nmpSNMPConfig); + if (nipper->nmp->vlan != 0) + addReportSection(nipper, section_config, settings_vlan_title, 0, 0, 0, 0, 0, 0, nmpVLANConfig); + if (nipper->nmp->module != 0) + addReportSection(nipper, section_config, settings_ports_title, 0, 0, 0, 0, 0, 0, nmpPortsConfig); + + // Generate Report... + generateReport(nipper); +} + diff --git a/0.11.10/PIX/.svn/all-wcprops b/0.11.10/PIX/.svn/all-wcprops new file mode 100644 index 0000000..f274f8d --- /dev/null +++ b/0.11.10/PIX/.svn/all-wcprops @@ -0,0 +1,173 @@ +K 25 +svn:wc:ra_dav:version-url +V 33 +/svn/!svn/ver/3/trunk/0.11.10/PIX +END +report.c +K 25 +svn:wc:ra_dav:version-url +V 42 +/svn/!svn/ver/3/trunk/0.11.10/PIX/report.c +END +process-interface.c +K 25 +svn:wc:ra_dav:version-url +V 53 +/svn/!svn/ver/3/trunk/0.11.10/PIX/process-interface.c +END +report-access-list.c +K 25 +svn:wc:ra_dav:version-url +V 54 +/svn/!svn/ver/3/trunk/0.11.10/PIX/report-access-list.c +END +process-access-list.c +K 25 +svn:wc:ra_dav:version-url +V 55 +/svn/!svn/ver/3/trunk/0.11.10/PIX/process-access-list.c +END +report-general.c +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/0.11.10/PIX/report-general.c +END +report-snmp.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/PIX/report-snmp.c +END +cleanup.c +K 25 +svn:wc:ra_dav:version-url +V 43 +/svn/!svn/ver/3/trunk/0.11.10/PIX/cleanup.c +END +report-http.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/PIX/report-http.c +END +process-snmp.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/PIX/process-snmp.c +END +process-general.c +K 25 +svn:wc:ra_dav:version-url +V 51 +/svn/!svn/ver/3/trunk/0.11.10/PIX/process-general.c +END +report-nat.c +K 25 +svn:wc:ra_dav:version-url +V 46 +/svn/!svn/ver/3/trunk/0.11.10/PIX/report-nat.c +END +process-http.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/PIX/process-http.c +END +report-protocols.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/PIX/report-protocols.c +END +process-nat.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/PIX/process-nat.c +END +report-passwords.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/PIX/report-passwords.c +END +report-debug.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/PIX/report-debug.c +END +input.c +K 25 +svn:wc:ra_dav:version-url +V 41 +/svn/!svn/ver/3/trunk/0.11.10/PIX/input.c +END +report-enable.c +K 25 +svn:wc:ra_dav:version-url +V 49 +/svn/!svn/ver/3/trunk/0.11.10/PIX/report-enable.c +END +process-protocols.c +K 25 +svn:wc:ra_dav:version-url +V 53 +/svn/!svn/ver/3/trunk/0.11.10/PIX/process-protocols.c +END +report-icmp.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/PIX/report-icmp.c +END +process-enable.c +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/0.11.10/PIX/process-enable.c +END +process-icmp.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/PIX/process-icmp.c +END +process-objects.c +K 25 +svn:wc:ra_dav:version-url +V 51 +/svn/!svn/ver/3/trunk/0.11.10/PIX/process-objects.c +END +report-ssh.c +K 25 +svn:wc:ra_dav:version-url +V 46 +/svn/!svn/ver/3/trunk/0.11.10/PIX/report-ssh.c +END +report-route.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/PIX/report-route.c +END +process-ssh.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/PIX/process-ssh.c +END +report-interface.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/PIX/report-interface.c +END +process-route.c +K 25 +svn:wc:ra_dav:version-url +V 49 +/svn/!svn/ver/3/trunk/0.11.10/PIX/process-route.c +END diff --git a/0.11.10/PIX/.svn/entries b/0.11.10/PIX/.svn/entries new file mode 100644 index 0000000..0d28ea9 --- /dev/null +++ b/0.11.10/PIX/.svn/entries @@ -0,0 +1,980 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/0.11.10/PIX +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +report.c +file + + + + +2016-02-13T06:47:11.936154Z +2ed18d49afb5374ad7c564cdf0893423 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +9329 + +process-interface.c +file + + + + +2016-02-13T06:47:11.936154Z +59e23c63436f264a87479f361edd02e0 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +12350 + +report-access-list.c +file + + + + +2016-02-13T06:47:11.936154Z +25dfaa1bb0cad84a6b069588ff826398 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7452 + +process-access-list.c +file + + + + +2016-02-13T06:47:11.936154Z +8d9b8ac10bfd345551bbb86688647a87 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +15022 + +report-general.c +file + + + + +2016-02-13T06:47:11.936154Z +5651179db1a892dfec3538186d346fe2 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +14179 + +report-snmp.c +file + + + + +2016-02-13T06:47:11.936154Z +40616eebbc7f13eb59615a781fef5236 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6418 + +cleanup.c +file + + + + +2016-02-13T06:47:11.936154Z +4419c4989f228402defa337d0827ce88 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5226 + +report-http.c +file + + + + +2016-02-13T06:47:11.936154Z +1a3ca3a5a34e550b3561c8aa2eae7a8a +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4884 + +process-snmp.c +file + + + + +2016-02-13T06:47:11.936154Z +914e9354f9e9594d409ae2ff681f75cd +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +9787 + +process-general.c +file + + + + +2016-02-13T06:47:11.936154Z +6523aa67fa6e985e8c581153d8b0458c +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2983 + +report-nat.c +file + + + + +2016-02-13T06:47:11.936154Z +58d831a35df2943af7c7b621ca8720e7 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +8193 + +process-http.c +file + + + + +2016-02-13T06:47:11.936154Z +2844f5fce66a04573c18a5d744216683 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5617 + +report-protocols.c +file + + + + +2016-02-13T06:47:11.936154Z +5744dcca9abb1aaad0fd77d40877dfd5 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3198 + +process-nat.c +file + + + + +2016-02-13T06:47:11.932154Z +135ad735f03a9ba36cd21be06d926ca4 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +10100 + +report-passwords.c +file + + + + +2016-02-13T06:47:11.932154Z +f4e85311fc95f51932430a8e0c034783 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +9824 + +report-debug.c +file + + + + +2016-02-13T06:47:11.936154Z +f9fbc7cbf893fc98925dfba842009488 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +11421 + +input.c +file + + + + +2016-02-13T06:47:11.932154Z +2dcd0ae94209d04e07bf8f63268872ac +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +8140 + +report-enable.c +file + + + + +2016-02-13T06:47:11.932154Z +e213b91530cd04ea9d0bb2320ab5f1b6 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4751 + +process-protocols.c +file + + + + +2016-02-13T06:47:11.936154Z +1a35e8eca84b5ac76997097a3210116c +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3744 + +report-icmp.c +file + + + + +2016-02-13T06:47:11.936154Z +8d37855553272bdb14d0e03b4ff17b99 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3553 + +process-enable.c +file + + + + +2016-02-13T06:47:11.936154Z +4222b4dbd4683b0b20dbfa7f5c295957 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6221 + +process-icmp.c +file + + + + +2016-02-13T06:47:11.936154Z +fff5beceb0cce026687861fdab7de162 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4267 + +process-objects.c +file + + + + +2016-02-13T06:47:11.936154Z +418d41cc6b0d00c66d4296c4b0efd941 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7072 + +report-ssh.c +file + + + + +2016-02-13T06:47:11.936154Z +171a36f5c0fd5a3a5884dc1558470b57 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4954 + +report-route.c +file + + + + +2016-02-13T06:47:11.936154Z +d7b45d5c75795d66af806df1959a0455 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3899 + +process-ssh.c +file + + + + +2016-02-13T06:47:11.936154Z +1a15552b4f8d84e2f6febc4ced86d07c +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4035 + +report-interface.c +file + + + + +2016-02-13T06:47:11.936154Z +06369acfaf91dcb61236b53163f407e0 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4359 + +process-route.c +file + + + + +2016-02-13T06:47:11.936154Z +6f1cd1e01a2327c497fe737b9e26585d +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4174 + diff --git a/0.11.10/PIX/.svn/text-base/cleanup.c.svn-base b/0.11.10/PIX/.svn/text-base/cleanup.c.svn-base new file mode 100644 index 0000000..93750ff --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/cleanup.c.svn-base @@ -0,0 +1,154 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void cleanupPIX(struct nipperConfig *nipper) +{ + // Pointers + struct interfacePIXConfig *interfacePIXPointer = 0; + struct enablePIXPassword *enablePIXPointer = 0; + struct usernamePIX *usernamePIXPointer = 0; + struct fixupList *fixupPIXPointer = 0; + struct icmpAccess *icmpPIXPointer = 0; + struct staticPIX *staticPIXPointer = 0; + struct routePIX *routePIXPointer = 0; + struct snmpPIXHost *snmpHostPIXPointer = 0; + struct snmpTrapPIX *trapPIXPointer = 0; + struct mgmtHostsPIX *mgmtHostsPointer = 0; + struct sshAccessConfig *sshPointer = 0; + + // Cleanup Interfaces + while (nipper->pix->interface != 0) + { + interfacePIXPointer = nipper->pix->interface->next; + free(nipper->pix->interface); + nipper->pix->interface = interfacePIXPointer; + } + + // Cleanup HTTP + if (nipper->pix->http != 0) + { + while (nipper->pix->http->host != 0) + { + mgmtHostsPointer = nipper->pix->http->host->next; + free(nipper->pix->http->host); + nipper->pix->http->host = mgmtHostsPointer; + } + free(nipper->pix->http); + } + + // Cleanup Static NAT / PAT + while (nipper->pix->staticNAT != 0) + { + staticPIXPointer = nipper->pix->staticNAT->next; + free(nipper->pix->staticNAT); + nipper->pix->staticNAT = staticPIXPointer; + } + while (nipper->pix->staticPAT != 0) + { + staticPIXPointer = nipper->pix->staticPAT->next; + free(nipper->pix->staticPAT); + nipper->pix->staticPAT = staticPIXPointer; + } + + // Cleanup SNMP + if (nipper->pix->snmp != 0) + { + while (nipper->pix->snmp->host != 0) + { + snmpHostPIXPointer = nipper->pix->snmp->host->next; + free(nipper->pix->snmp->host); + nipper->pix->snmp->host = snmpHostPIXPointer; + } + while (nipper->pix->snmp->trap != 0) + { + trapPIXPointer = nipper->pix->snmp->trap->next; + free(nipper->pix->snmp->trap); + nipper->pix->snmp->trap = trapPIXPointer; + } + free(nipper->pix->snmp); + } + + // Cleanup SSH + if (nipper->pix->ssh != 0) + { + while (nipper->pix->ssh->access != 0) + { + sshPointer = nipper->pix->ssh->access->next; + free(nipper->pix->ssh->access); + nipper->pix->ssh->access = sshPointer; + } + free(nipper->pix->ssh); + } + + // Free route + while (nipper->pix->route != 0) + { + routePIXPointer = nipper->pix->route->next; + free (nipper->pix->route); + nipper->pix->route = routePIXPointer; + } + + // Free Enable Passwords + while (nipper->pix->enable != 0) + { + enablePIXPointer = nipper->pix->enable->next; + free (nipper->pix->enable); + nipper->pix->enable = enablePIXPointer; + } + + // Free Usernames + while (nipper->pix->username != 0) + { + usernamePIXPointer = nipper->pix->username->next; + free (nipper->pix->username); + nipper->pix->username = usernamePIXPointer; + } + + // Fixup + while (nipper->pix->fixup != 0) + { + fixupPIXPointer = nipper->pix->fixup->next; + free (nipper->pix->fixup); + nipper->pix->fixup = fixupPIXPointer; + } + + // ICMP Access + while (nipper->pix->icmp != 0) + { + icmpPIXPointer = nipper->pix->icmp->next; + free (nipper->pix->icmp); + nipper->pix->icmp = icmpPIXPointer; + } + + // Cleanup PIX config + free(nipper->pix); +} + diff --git a/0.11.10/PIX/.svn/text-base/input.c.svn-base b/0.11.10/PIX/.svn/text-base/input.c.svn-base new file mode 100644 index 0000000..74bf944 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/input.c.svn-base @@ -0,0 +1,220 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct ciscoPIXConfig // Cisco PIX configuration +{ + // Counters + int oldAccessList; + int standardAccessList; + int extendedAccessList; + int interfaceAccessList; + + // Configuration settings... + char password[32]; + int transparent; // Transparent Firewall (true or false) + int accessListAlertInterval; + int accessListDenyFlowMax; + int floodguard; + + // Configuration structures... + struct enablePIXPassword *enable; // Enable Passwords + struct httpPIXConfig *http; // HTTP + struct interfacePIXConfig *interface; // Interfaces + struct sshPIXConfig *ssh; // SSH Configuration + struct usernamePIX *username; // Users + struct fixupList *fixup; // Protocol Analysis + struct icmpAccess *icmp; // ICMP to interfaces + struct staticPIX *staticNAT; // Static NAT + struct staticPIX *staticPAT; // Static PAT + struct routePIX *route; // Static Routes + struct snmpPIXConfig *snmp; // SNMP +}; + + +// Processing PIX includes... +#include "process-access-list.c" +#include "process-enable.c" +#include "process-general.c" +#include "process-http.c" +#include "process-icmp.c" +#include "process-interface.c" +#include "process-nat.c" +#include "process-objects.c" +#include "process-protocols.c" +#include "process-route.c" +#include "process-snmp.c" +#include "process-ssh.c" + + +void processPIXInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + int tempInt = 0; + int setting = 0; + + // Split the command line up + command = splitLine(line); + + // No? + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 1; + } + else + { + setting = true; + tempInt = 0; + } + + // Hostname + if (strcmp(command.part[0], "hostname") == 0) + { + if (nipper->debugMode == true) + printf("Hostname Line: %s\n", line); + strncpy(nipper->hostname, command.part[1], sizeof(nipper->hostname) - 1); + } + + // Version + else if (((strcmp(command.part[0], "PIX") == 0) || (strcmp(command.part[0], "ASA") == 0) || (strcmp(command.part[0], "FWSM") == 0)) && (strcmp(command.part[1], "Version") == 0)) + { + if (nipper->debugMode == true) + printf("Version Line: %s\n", line); + strncpy(nipper->version, command.part[2], sizeof(nipper->version) - 1); + nipper->versionMajor = atoi(nipper->version); + if (strchr(nipper->version, '.') != 0) + nipper->versionMinor = atoi(strchr(nipper->version, '.') + 1); + if (strchr(nipper->version, '(') != 0) + nipper->versionRevision = atoi(strchr(nipper->version, '(') + 1); + if (strcmp(command.part[0], "PIX") == 0) + nipper->deviceType = type_pix_firewall; + else if (strcmp(command.part[0], "ASA") == 0) + nipper->deviceType = type_asa_firewall; + else if (strcmp(command.part[0], "FWSM") == 0) + nipper->deviceType = type_fwsm_firewall; + } + + // Flood Guard + else if (strcmp(command.part[tempInt], "floodguard") == 0) + { + if (strcmp(command.part[1], "enable") == 0) + nipper->pix->floodguard = true; + else if (strcmp(command.part[1], "disable") == 0) + nipper->pix->floodguard = false; + else if (strcmp(command.part[tempInt + 1], "enable") == 0) + nipper->pix->floodguard = setting; + } + + // IP + else if (strcmp(command.part[tempInt], "ip") == 0) + { + tempInt++; + + // Address + if (strcmp(command.part[tempInt], "address") == 0) + processPIXInterface(line, nipper); + + // uRFP + else if ((strcmp(command.part[tempInt], "verify") == 0) && (strcmp(command.part[tempInt + 1], "reverse-path") == 0) && (strcmp(command.part[tempInt + 2], "interface") == 0)) + processPIXuRPF(line, nipper); + } + + // Transparent Firewall? + else if ((strcmp(command.part[0], "firewall") == 0) && (strcmp(command.part[1], "transparent") == 0)) + { + if (nipper->debugMode == true) + printf("Transparent Line: %s\n", line); + nipper->pix->transparent = true; + } + + // ICMP Access... + else if (strcmp(command.part[tempInt], "icmp") == 0) + processICMPPIX(line, nipper); + + // Enable Password + else if (((strcmp(command.part[tempInt], "enable") == 0) && (strcmp(command.part[tempInt + 1], "password") == 0)) || (strcmp(command.part[tempInt], "passwd") == 0)) + processEnablePIX(line, nipper); + + // Usernames... + else if ((strcmp(command.part[tempInt], "username") == 0) && (strcmp(command.part[tempInt+2], "password") == 0)) + processPIXUsername(line, nipper); + + // Route... + else if (strcmp(command.part[tempInt], "route") == 0) + processRoutePIX(line, nipper); + + // Interfaces... + else if ((strcmp(command.part[tempInt], "interface") == 0) || (strcmp(command.part[tempInt], "nameif") == 0) || (strcmp(command.part[tempInt], "access-group") == 0)) + processPIXInterface(line, nipper); + + // Object Group... + else if (strcmp(command.part[tempInt], "object-group") == 0) + processObjectGroup(line, nipper); + + // Protocol Inspection... + else if ((strcmp(command.part[tempInt], "fixup") == 0) && (strcmp(command.part[tempInt + 1], "protocol") == 0)) + processFixupPIX(line, nipper); + + // Name... + else if (strcmp(command.part[tempInt], "name") == 0) + processPIXName(line, nipper); + + // Domain Name + else if (strcmp(command.part[tempInt], "domain-name") == 0) + strncpy(nipper->domainName, line + 12, sizeof(nipper->domainName) - 1); + + // Access Lists... + else if (strcmp(command.part[tempInt], "access-list") == 0) + processPIXAccessList(line, nipper); + + // Static NAT / PAT + else if (strcmp(command.part[tempInt], "static") == 0) + processStaticPIX(line, nipper); + + // SNMP + else if (strcmp(command.part[tempInt], "snmp-server") == 0) + processSnmpPIX(line, nipper); + + // SSH + else if (strcmp(command.part[tempInt], "ssh") == 0) + processPIXSSH(line, nipper); + + // HTTP + else if ((strcmp(command.part[tempInt], "http") == 0) && (strcmp(command.part[tempInt + 1], "server") == 0) && (strcmp(command.part[tempInt + 2], "enable") == 0)) + processPIXHTTP(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} diff --git a/0.11.10/PIX/.svn/text-base/process-access-list.c.svn-base b/0.11.10/PIX/.svn/text-base/process-access-list.c.svn-base new file mode 100644 index 0000000..fb3b695 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/process-access-list.c.svn-base @@ -0,0 +1,429 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Access List +void processPIXAccessList(char *line, struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + struct filterConfig *filterPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + struct filterListConfig *filterListPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct ciscoCommand command; + int tempInt = 0; + + // Init + command = splitLine(line); + memset(tempString, 0, nipper->maxSize); + + // Access Lists standard, extended, remark, ethertype + if (command.parts > 3) + { + + // If old, standard or extended access list... + if ((strcmp(command.part[2], "permit") == 0) || (strcmp(command.part[2], "deny") == 0) || (strcmp(command.part[2], "standard") == 0) || (strcmp(command.part[2], "extended") == 0)) + { + // Debug + if (nipper->debugMode == true) + { + printf("Access-List Line: %s\n", line); + } + + // Get / Create pointer to access list... + filterListPointer = getFilterList(nipper, command.part[1], "", 0); + + // Establish what type of access list it is + if (strcmp(command.part[2], "standard") == 0) + { + filterListPointer->type = access_std; + nipper->pix->standardAccessList++; + tempInt = 3; + } + else if (strcmp(command.part[2], "extended") == 0) + { + filterListPointer->type = access_ext; + nipper->pix->extendedAccessList++; + tempInt = 3; + } + else + { + filterListPointer->type = access_old; + nipper->pix->oldAccessList++; + tempInt = 2; + } + + // Does a permission already exist? + if (filterListPointer->filter == 0) + { + // Create Permission structure + filterListPointer->filter = malloc(sizeof(struct filterConfig)); + filterPointer = filterListPointer->filter; + } + else + { + // Search + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + + // Create Permission structure + filterPointer->next = malloc(sizeof(struct filterConfig)); + filterPointer = filterPointer->next; + } + + // Init Permission struct + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->protocolType = object_type_protocol; + filterPointer->enabled = true; + + // Permit or Deny? + if (strcmp(command.part[tempInt], "permit") == 0) + { + filterPointer->log = false; + filterPointer->action = filter_action_accept; + } + else + { + filterPointer->log = true; + filterPointer->action = filter_action_drop; + } + tempInt++; + + // If access list is old type or extended... + if (filterListPointer->type != access_std) + { + // Protocol + if (strcmp(command.part[tempInt], "object-group") == 0) + { + filterPointer->protocolType = object_type_object; + tempInt++; + } + strncpy(filterPointer->protocol, command.part[tempInt], sizeof(filterPointer->protocol) - 1); + tempInt++; + } + + // Source + if (strcmp(command.part[tempInt], "interface") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + filterObjectPointer->type = object_type_interface; + } + else if (strcmp(command.part[tempInt], "object-group") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + filterObjectPointer->type = object_type_object; + } + else if (strcmp(command.part[tempInt], "any") == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_source); + filterObjectPointer->type = object_type_any; + } + else if (strcmp(command.part[tempInt], "host") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + filterObjectPointer->type = object_type_host; + } + else + { + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + filterObjectPointer->type = object_type_network; + } + tempInt++; + + // Is there more + if ((command.parts > tempInt) && (filterListPointer->type != access_std)) + { + // Source Service + if (strcmp(command.part[tempInt], "object-group") == 0) + { + // Check to make sure this is a service and not the destination + if (nipper->objectList != 0) + { + objectListPointer = nipper->objectList; + while ((objectListPointer->next != 0) && (strcmp(objectListPointer->name, "OBJECTLIST") != 0)) + objectListPointer = objectListPointer->next; + if (strcmp(objectListPointer->name, "OBJECTLIST") == 0) + { + objectPointer = objectListPointer->object; + while ((objectPointer->next != 0) && (strcmp(objectPointer->name, command.part[tempInt + 1]) != 0)) + objectPointer = objectPointer->next; + + if ((strcmp(objectPointer->name, command.part[tempInt + 1]) == 0) && (objectPointer->type == object_type_service)) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_object; + tempInt++; + } + } + } + } + else if (strcmp(command.part[tempInt], "range") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_range; + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + tempInt++; + } + else if (strcmp(command.part[tempInt], "eq") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_eq; + tempInt++; + } + else if (strcmp(command.part[tempInt], "neq") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_neq; + tempInt++; + } + else if (strcmp(command.part[tempInt], "lt") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_lt; + tempInt++; + } + else if (strcmp(command.part[tempInt], "gt") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_gt; + tempInt++; + } + + // Destination + if (strcmp(command.part[tempInt], "interface") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + filterObjectPointer->type = object_type_interface; + } + else if (strcmp(command.part[tempInt], "object-group") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + filterObjectPointer->type = object_type_object; + } + else if (strcmp(command.part[tempInt], "any") == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_destination); + filterObjectPointer->type = object_type_any; + } + else if (strcmp(command.part[tempInt], "host") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + filterObjectPointer->type = object_type_host; + } + else + { + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + filterObjectPointer->type = object_type_network; + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + } + tempInt++; + + // Destination Service + if (command.parts > tempInt) + { + if (strcmp(command.part[tempInt], "object-group") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_object; + tempInt++; + } + else if (strcmp(command.part[tempInt], "range") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_range; + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + tempInt++; + } + else if (strcmp(command.part[tempInt], "eq") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_eq; + tempInt++; + } + else if (strcmp(command.part[tempInt], "neq") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_neq; + tempInt++; + } + else if (strcmp(command.part[tempInt], "lt") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_lt; + tempInt++; + } + else if (strcmp(command.part[tempInt], "gt") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_gt; + tempInt++; + } + } + + // Options... + while (command.parts > tempInt) + { + if (filterListPointer->type == access_old) + { + filterListPointer->type = access_ext; + nipper->pix->oldAccessList--; + nipper->pix->extendedAccessList++; + } + + // Inactive + if (strcmp(command.part[tempInt], "inactive") == 0) + filterPointer->enabled = false; + + // Active Time Range + else if (strcmp(command.part[tempInt], "time-range") == 0) + tempInt++; + + // Log + else if (strcmp(command.part[tempInt], "log") == 0) + { + filterPointer->log = true; + if (command.parts > tempInt + 1) + { + tempInt++; + while (((strcmp(command.part[tempInt], "inactive") != 0) || (strcmp(command.part[tempInt], "time-range") != 0)) && (command.parts > tempInt)) + { + if (strcmp(command.part[tempInt], "disable") == 0) + filterPointer->log = false; + tempInt++; + } + tempInt--; + } + } + + tempInt++; + } + } + } + + // Access List Remark + else if (strcmp(command.part[2], "remark") == 0) + { + // Debug + if (nipper->debugMode == true) + { + printf("Access-List Remark Line: %s\n", line); + } + + // Get / Create pointer to access list... + filterListPointer = getFilterList(nipper, command.part[1], "", 0); + + // Does a permission already exist? + if (filterListPointer->filter == 0) + { + // Create Permission structure + filterListPointer->filter = malloc(sizeof(struct filterConfig)); + filterPointer = filterListPointer->filter; + } + else + { + // Search + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + + // Create Permission structure + filterPointer->next = malloc(sizeof(struct filterConfig)); + filterPointer = filterPointer->next; + } + + // Init Permission struct + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->action = filter_action_remark; + + // Set Remark... + for (tempInt = 3; tempInt < command.parts; tempInt++) + { + sprintf(tempString2, "%s%s ",tempString, command.part[tempInt]); + strcpy(tempString, tempString2); + } + tempString[strlen(tempString) - 1] = 0; + strncpy(filterPointer->remark, tempString, sizeof(filterPointer->remark) - 1); + } + + // Access List Ethertype + else if (strcmp(command.part[2], "ethertype") == 0) + { } + } + + // Alert Interval + else if (strcmp(command.part[1], "alert-interval") == 0) + { + // Debug + if (nipper->debugMode == true) + { + printf("Access-List Alert Interval Line: %s\n", line); + } + nipper->pix->accessListAlertInterval = atoi(command.part[2]); + } + + // Deny Flow Max + else if (strcmp(command.part[1], "alert-interval") == 0) + { + // Debug + if (nipper->debugMode == true) + { + printf("Access-List Deny-Flow-Max Line: %s\n", line); + } + nipper->pix->accessListDenyFlowMax = atoi(command.part[2]); + } +} + diff --git a/0.11.10/PIX/.svn/text-base/process-enable.c.svn-base b/0.11.10/PIX/.svn/text-base/process-enable.c.svn-base new file mode 100644 index 0000000..03ebe72 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/process-enable.c.svn-base @@ -0,0 +1,193 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Enable password(s) +struct enablePIXPassword +{ + char passwordEncrypted[64]; + int level; + struct enablePIXPassword *next; +}; + + +struct usernamePIX +{ + char username[16]; + char passwordEncrypted[64]; + int encryption; + int level; + struct usernamePIX *next; +}; + + +// Process enable +void processEnablePIX(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct enablePIXPassword *enablePIXPointer = 0; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Enable Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Is it an enable password? + if (strncmp(line, "enable password ", 16) == 0) + { + // Is this the first enable password? + if (nipper->pix->enable == 0) + { + nipper->pix->enable = malloc(sizeof(struct enablePIXPassword)); + enablePIXPointer = nipper->pix->enable; + } + else + { + enablePIXPointer = nipper->pix->enable; + while (enablePIXPointer->next != 0) + enablePIXPointer = enablePIXPointer->next; + enablePIXPointer->next = malloc(sizeof(struct enablePIXPassword)); + enablePIXPointer = enablePIXPointer->next; + } + + // Init + memset(enablePIXPointer, 0, sizeof(struct enablePIXPassword)); + enablePIXPointer->level = 15; + + // Password + strncpy(enablePIXPointer->passwordEncrypted, command.part[2], sizeof(enablePIXPointer->passwordEncrypted) - 1); + addJohnPassword(nipper, "Enable", enablePIXPointer->passwordEncrypted); + + // Get options + tempInt = 3; + if (tempInt < command.parts) + { + // Level + if (strcmp(command.part[tempInt], "level") == 0) + { + tempInt++; + enablePIXPointer->level = atoi(command.part[tempInt]); + } + + tempInt++; + } + } + + // If it is a passwd + else if (strncmp("passwd ", line, 7) == 0) + { + strncpy(nipper->pix->password, command.part[1], sizeof(nipper->pix->password) - 1); + addJohnPassword(nipper, "LoginPassword", nipper->pix->password); + } +} + + +// Process Username +void processPIXUsername(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct usernamePIX *usernamePIXPointer = 0; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Username Line: %s\n", line); + } + + // Is it the first? + if (nipper->pix->username == 0) + { + nipper->pix->username = malloc(sizeof(struct usernamePIX)); + usernamePIXPointer = nipper->pix->username; + } + else + { + usernamePIXPointer = nipper->pix->username; + while (usernamePIXPointer->next != 0) + usernamePIXPointer = usernamePIXPointer->next; + usernamePIXPointer->next = malloc(sizeof(struct usernamePIX)); + usernamePIXPointer = usernamePIXPointer->next; + } + + // Init + memset(usernamePIXPointer, 0, sizeof(struct usernamePIX)); + command = splitLine(line); + usernamePIXPointer->level = 2; + + // Username + strncpy(usernamePIXPointer->username, command.part[1], sizeof(usernamePIXPointer->username) - 1); + + // Other options... + tempInt = 2; + while (tempInt < command.parts) + { + // No password + if (strcmp(command.part[tempInt], "nopassword") == 0) + usernamePIXPointer->encryption = encrypt_none; + + // Password + else if (strcmp(command.part[tempInt], "password") == 0) + { + strncpy(usernamePIXPointer->passwordEncrypted, command.part[tempInt +1], sizeof(usernamePIXPointer->passwordEncrypted) - 1); + tempInt++; + } + + // Encrypted + else if (strcmp(command.part[tempInt], "encrypted") == 0) + usernamePIXPointer->encryption = encrypt_pix; + + // MSChap + else if (strcmp(command.part[tempInt], "mschap") == 0) + usernamePIXPointer->encryption = encrypt_mschap; + + // NT Encrypted + else if (strcmp(command.part[tempInt], "nt-encrypted") == 0) + usernamePIXPointer->encryption = encrypt_ntenc; + + // Level + else if (strcmp(command.part[tempInt], "privilege") == 0) + usernamePIXPointer->level = atoi(command.part[tempInt +1]); + + tempInt++; + } + + // If password is encrypted + if (usernamePIXPointer->encryption == encrypt_pix) + addJohnPassword(nipper, usernamePIXPointer->username, usernamePIXPointer->passwordEncrypted); +} + diff --git a/0.11.10/PIX/.svn/text-base/process-general.c.svn-base b/0.11.10/PIX/.svn/text-base/process-general.c.svn-base new file mode 100644 index 0000000..51ee90c --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/process-general.c.svn-base @@ -0,0 +1,55 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Domain Loopup +void processPIXName(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("Name Line: %s\n", line); + + // Init + command = splitLine(line); + + // Create + objectListPointer = getObjectListPointer(nipper, "NAMELIST"); + objectPointer = getObjectPointer(objectListPointer, command.part[2]); + strncpy(objectPointer->address, command.part[1], sizeof(objectPointer->address) - 1); + if (strcmp(command.part[1] + strlen(command.part[1]) - 2, ".0") == 0) + objectPointer->type = object_type_network; + else + objectPointer->type = object_type_host; +} diff --git a/0.11.10/PIX/.svn/text-base/process-http.c.svn-base b/0.11.10/PIX/.svn/text-base/process-http.c.svn-base new file mode 100644 index 0000000..d9acaf4 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/process-http.c.svn-base @@ -0,0 +1,152 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code to process PIX HTTP + +struct httpPIXConfig +{ + int httpServer; // HTTPS server (true or false) + int httpServerPort; // HTTPS server Port + int requireCert; // Require Certificate + int httpRedirect; // Redirect HTTP to HTTPS + int httpRedirectPort; // The HTTP redirect port + struct mgmtHostsPIX *host; // Hosts that can access the HTTP server +}; + +struct mgmtHostsPIX +{ + char interface[32]; + char ipAddress[32]; + char netMask[32]; + struct mgmtHostsPIX *next; +}; + + +// Process HTTP... +void processPIXHTTP(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct mgmtHostsPIX *mgmtHostsPointer = 0; + int tempInt = 0; + int setting = 0; + + // Init + command = splitLine(line); + + // No? + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 1; + } + else + { + setting = true; + tempInt = 0; + } + + // Debug + if (nipper->debugMode == true) + { + printf("HTTP Line: %s\n", line); + } + + // Init... + if (nipper->pix->http == 0) + { + nipper->pix->http = malloc(sizeof(struct httpPIXConfig)); + memset(nipper->pix->http, 0, sizeof(struct httpPIXConfig)); + nipper->pix->http->httpServerPort = 443; + nipper->pix->http->httpServer = false; + nipper->pix->http->requireCert = false; + nipper->pix->http->httpRedirectPort = 80; + } + + // Enable HTTP Server... + if ((strcmp(command.part[tempInt], "http") == 0) && (strcmp(command.part[tempInt + 1], "server") == 0) && (strcmp(command.part[tempInt + 2], "enable") == 0)) + { + nipper->pix->http->httpServer = setting; + // Check for port... + if (command.parts == tempInt + 4) + { + if (setting == false) + nipper->pix->http->httpServerPort = atoi(command.part[tempInt + 3]); + else + nipper->pix->http->httpServerPort = 443; + } + } + + // Require Cert... + else if ((strcmp(command.part[tempInt], "http") == 0) && (strcmp(command.part[tempInt + 1], "authentication-certificate") == 0)) + nipper->pix->http->requireCert = setting; + + // HTTP Redirect... + else if ((strcmp(command.part[tempInt], "http") == 0) && (strcmp(command.part[tempInt + 1], "redirect") == 0)) + { + nipper->pix->http->httpRedirect = setting; + if (command.parts == tempInt + 4) + nipper->pix->http->httpRedirectPort = atoi(command.part[tempInt + 3]); + } + + // HTTP Remote Access host... + else if ((strcmp(command.part[tempInt], "http") == 0) && (command.parts == tempInt + 4)) + { + // Create new mgmt host... + if (nipper->pix->http->host == 0) + { + nipper->pix->http->host = malloc(sizeof(struct mgmtHostsPIX)); + memset(nipper->pix->http->host, 0, sizeof(struct mgmtHostsPIX)); + mgmtHostsPointer = nipper->pix->http->host; + } + else + { + mgmtHostsPointer = nipper->pix->http->host; + while (mgmtHostsPointer->next != 0) + mgmtHostsPointer = mgmtHostsPointer->next; + mgmtHostsPointer->next = malloc(sizeof(struct mgmtHostsPIX)); + memset(mgmtHostsPointer->next, 0, sizeof(struct mgmtHostsPIX)); + mgmtHostsPointer = mgmtHostsPointer->next; + } + + // IP Address... + tempInt++; + strncpy(mgmtHostsPointer->ipAddress, command.part[tempInt], sizeof(mgmtHostsPointer->ipAddress) - 1); + + // Net Mask... + tempInt++; + strncpy(mgmtHostsPointer->netMask, command.part[tempInt], sizeof(mgmtHostsPointer->netMask) - 1); + + // Interface... + tempInt++; + strncpy(mgmtHostsPointer->interface, command.part[tempInt], sizeof(mgmtHostsPointer->interface) - 1); + } +} + diff --git a/0.11.10/PIX/.svn/text-base/process-icmp.c.svn-base b/0.11.10/PIX/.svn/text-base/process-icmp.c.svn-base new file mode 100644 index 0000000..af6acf7 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/process-icmp.c.svn-base @@ -0,0 +1,115 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// ICMP Access Structure +struct icmpAccess +{ + int permission; // perm_permit or perm_deny + char source[64]; + int sourceType; // access_type_host... + char icmpType[16]; + char interface[32]; + struct icmpAccess *next; +}; + + +// Process ICMP +void processICMPPIX(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct icmpAccess *icmpPIXPointer = 0; + char tempString[nipper->maxSize]; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("ICMP Line: %s\n", line); + } + + // if first + if (nipper->pix->icmp == 0) + { + nipper->pix->icmp = malloc(sizeof(struct icmpAccess)); + icmpPIXPointer = nipper->pix->icmp; + } + else + { + icmpPIXPointer = nipper->pix->icmp; + while (icmpPIXPointer->next != 0) + icmpPIXPointer = icmpPIXPointer->next; + icmpPIXPointer->next = malloc(sizeof(struct icmpAccess)); + icmpPIXPointer = icmpPIXPointer->next; + } + + // Init + command = splitLine(line); + memset(icmpPIXPointer, 0, sizeof(struct icmpAccess)); + + // Permission + if (strcmp(command.part[1], "permit") == 0) + icmpPIXPointer->permission = perm_permit; + else + icmpPIXPointer->permission = perm_deny; + + // Source + if (strcmp(command.part[2], "host") == 0) + { + icmpPIXPointer->sourceType = object_type_host; + tempInt = 4; + strncpy(icmpPIXPointer->source, command.part[3], sizeof(icmpPIXPointer->source) - 1); + } + else if (strcmp(command.part[2], "any") == 0) + { + icmpPIXPointer->sourceType = object_type_any; + tempInt = 3; + strcpy(icmpPIXPointer->source, "any"); + } + else + { + icmpPIXPointer->sourceType = object_type_network; + tempInt = 4; + sprintf(tempString, "%s %s", command.part[2], command.part[3]); + strncpy(icmpPIXPointer->source, tempString, sizeof(icmpPIXPointer->source) - 1); + } + + // ICMP Type? + if (command.parts == tempInt + 2) + { + strncpy(icmpPIXPointer->icmpType, command.part[tempInt], sizeof(icmpPIXPointer->icmpType) - 1); + tempInt++; + } + + // Interface + strncpy(icmpPIXPointer->interface, command.part[tempInt], sizeof(icmpPIXPointer->interface) - 1); +} + diff --git a/0.11.10/PIX/.svn/text-base/process-interface.c.svn-base b/0.11.10/PIX/.svn/text-base/process-interface.c.svn-base new file mode 100644 index 0000000..1096295 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/process-interface.c.svn-base @@ -0,0 +1,357 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +struct interfacePIXConfig +{ + // Standard... + char interface[32]; + char name[32]; + char ipAddress[64]; + char netMask[32]; + + // Options + int security; + int uRPF; + int shutdown; // true or false + + // Access Lists + char in[32]; + int inOverride; // true or false + char out[32]; + int outOverride; // true or false + + struct interfacePIXConfig *next; +}; + + +// Init interface... +void initPIXInterface(struct interfacePIXConfig *interfacePIXPointer) +{ + memset(interfacePIXPointer, 0, sizeof(struct interfacePIXConfig)); + interfacePIXPointer->inOverride = false; + interfacePIXPointer->outOverride = false; + interfacePIXPointer->shutdown = false; + interfacePIXPointer->uRPF = false; +} + + +// Process Interface +void processPIXInterface(char *line, struct nipperConfig *nipper) +{ + // Variables + struct interfacePIXConfig *interfacePIXPointer = 0; + struct ciscoCommand command; + fpos_t filePosition; + + // Debug + if (nipper->debugMode == true) + { + printf("Interface Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Unsupported + if ((strcmp(command.part[0], "interface") == 0) && ((strcmp(command.part[1], "lbprivate") == 0) || (strcmp(command.part[1], "lbpublic") == 0))) + { + } + + // new interface line(s) (PIX7+) + else if ((strcmp(command.part[0], "interface") == 0) && (command.parts == 2)) + { + // If this is the first interface + if (nipper->pix->interface == 0) + { + // Create structure + nipper->pix->interface = malloc(sizeof(struct interfacePIXConfig)); + memset(nipper->pix->interface, 0 , sizeof(struct interfacePIXConfig)); + interfacePIXPointer = nipper->pix->interface; + initPIXInterface(interfacePIXPointer); + } + else + { + // Search for interface... + interfacePIXPointer = nipper->pix->interface; + while ((interfacePIXPointer->next != 0) && (strcmp(interfacePIXPointer->name, command.part[1]) != 0)) + interfacePIXPointer = interfacePIXPointer->next; + + // If it hasn't been found + if (strcmp(interfacePIXPointer->name, command.part[1]) != 0) + { + // Create structure + interfacePIXPointer->next = malloc(sizeof(struct interfacePIXConfig)); + memset(interfacePIXPointer->next, 0 , sizeof(struct interfacePIXConfig)); + interfacePIXPointer = interfacePIXPointer->next; + initPIXInterface(interfacePIXPointer); + } + } + + // Init + strncpy(interfacePIXPointer->interface, command.part[1], sizeof(interfacePIXPointer->interface) - 1); + + // Loop through the interface lines + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + { + printf("Line Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // nameif + if (strcmp(command.part[0], "nameif") == 0) + strncpy(interfacePIXPointer->name, command.part[1], sizeof(interfacePIXPointer->name) - 1); + + // IP Address + else if ((strcmp(command.part[0], "ip") == 0) && (strcmp(command.part[1], "address") == 0)) + { + if (strcmp(command.part[2], "dhcp") == 0) + { + strcpy(interfacePIXPointer->ipAddress, "dhcp"); + strcpy(interfacePIXPointer->netMask, "dhcp"); + } + else + { + strncpy(interfacePIXPointer->ipAddress, command.part[2], sizeof(interfacePIXPointer->ipAddress) - 1); + strncpy(interfacePIXPointer->netMask, command.part[3], sizeof(interfacePIXPointer->netMask) - 1); + } + } + + // No shutdown + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "shutdown") == 0)) + interfacePIXPointer->shutdown = false; + + // Shutdown + else if (strcmp(command.part[0], "shutdown") == 0) + interfacePIXPointer->shutdown = true; + + // Security Level + else if (strcmp(command.part[0], "security-level") == 0) + interfacePIXPointer->security = atoi(command.part[1]); + + // Read next line + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + fsetpos(nipper->input, &filePosition); + } + + // nameif... + else if (strcmp(command.part[0], "nameif") == 0) + { + if (nipper->pix->interface == 0) + { + // Create structure + nipper->pix->interface = malloc(sizeof(struct interfacePIXConfig)); + interfacePIXPointer = nipper->pix->interface; + initPIXInterface(interfacePIXPointer); + } + else + { + // Search for interface (just in case) + interfacePIXPointer = nipper->pix->interface; + while ((interfacePIXPointer->next != 0) && ((strcmp(interfacePIXPointer->name, command.part[2]) != 0) && (strcmp(interfacePIXPointer->interface, command.part[1]) != 0))) + interfacePIXPointer = interfacePIXPointer->next; + + // If it has not been found (probable), then create a new struct... + if ((strcmp(interfacePIXPointer->name, command.part[2]) != 0) && (strcmp(interfacePIXPointer->interface, command.part[1]) != 0)) + { + // Create structure + interfacePIXPointer->next = malloc(sizeof(struct interfacePIXConfig)); + interfacePIXPointer = interfacePIXPointer->next; + initPIXInterface(interfacePIXPointer); + } + } + + // Copy the info into the structure + strncpy(interfacePIXPointer->interface, command.part[1], sizeof(interfacePIXPointer->interface) - 1); + strncpy(interfacePIXPointer->name, command.part[2], sizeof(interfacePIXPointer->name) - 1); + interfacePIXPointer->security = atoi(command.part[3] + 8); + } + + // old interface line... + else if (strcmp(command.part[0], "interface") == 0) + { + // Check to see if an interface has already been created + if (nipper->pix->interface == 0) + { + // Create structure + nipper->pix->interface = malloc(sizeof(struct interfacePIXConfig)); + interfacePIXPointer = nipper->pix->interface; + initPIXInterface(interfacePIXPointer); + } + + else + { + // Search for interface... + interfacePIXPointer = nipper->pix->interface; + while ((interfacePIXPointer->next != 0) && (strcmp(interfacePIXPointer->interface, command.part[1]) != 0)) + interfacePIXPointer = interfacePIXPointer->next; + + // If it hasn't been found + if (strcmp(interfacePIXPointer->interface, command.part[1]) != 0) + { + // Create structure + interfacePIXPointer->next = malloc(sizeof(struct interfacePIXConfig)); + interfacePIXPointer = interfacePIXPointer->next; + initPIXInterface(interfacePIXPointer); + } + } + + // Copy the info into the structure + strncpy(interfacePIXPointer->interface, command.part[1], sizeof(interfacePIXPointer->interface) - 1); + + // Interface shutdown? + if (strcmp(command.part[command.parts - 1], "shutdown") == 0) + interfacePIXPointer->shutdown = true; + } + + // IP Address... + else if ((strcmp(command.part[0], "ip") == 0) && (strcmp(command.part[1], "address") == 0)) + { + // Check to see if an interface has already been created + if (nipper->pix->interface == 0) + { + // Create structure + nipper->pix->interface = malloc(sizeof(struct interfacePIXConfig)); + interfacePIXPointer = nipper->pix->interface; + initPIXInterface(interfacePIXPointer); + } + + else + { + // Search for interface... + interfacePIXPointer = nipper->pix->interface; + while ((interfacePIXPointer->next != 0) && (strcmp(interfacePIXPointer->name, command.part[2]) != 0)) + interfacePIXPointer = interfacePIXPointer->next; + + // If it hasn't been found + if (strcmp(interfacePIXPointer->name, command.part[2]) != 0) + { + // Create structure + interfacePIXPointer->next = malloc(sizeof(struct interfacePIXConfig)); + interfacePIXPointer = interfacePIXPointer->next; + initPIXInterface(interfacePIXPointer); + } + } + + // Copy the info into the structure + strncpy(interfacePIXPointer->name, command.part[2], sizeof(interfacePIXPointer->name) - 1); + strncpy(interfacePIXPointer->ipAddress, command.part[3], sizeof(interfacePIXPointer->ipAddress) - 1); + strncpy(interfacePIXPointer->netMask, command.part[4], sizeof(interfacePIXPointer->netMask) - 1); + } + + // Access Group... + else if (strcmp(command.part[0], "access-group") == 0) + { + // Increment counter + nipper->pix->interfaceAccessList++; + + // Check to see if an interface has already been created + if (nipper->pix->interface == 0) + { + // Create structure + nipper->pix->interface = malloc(sizeof(struct interfacePIXConfig)); + interfacePIXPointer = nipper->pix->interface; + initPIXInterface(interfacePIXPointer); + } + + else + { + // Search for interface... + interfacePIXPointer = nipper->pix->interface; + while ((interfacePIXPointer->next != 0) && (strcmp(interfacePIXPointer->name, command.part[4]) != 0)) + interfacePIXPointer = interfacePIXPointer->next; + + // If it hasn't been found + if (strcmp(interfacePIXPointer->name, command.part[4]) != 0) + { + // Create structure + interfacePIXPointer->next = malloc(sizeof(struct interfacePIXConfig)); + interfacePIXPointer = interfacePIXPointer->next; + initPIXInterface(interfacePIXPointer); + } + } + + // Interface Name + strncpy(interfacePIXPointer->name, command.part[4], sizeof(interfacePIXPointer->name) - 1); + + // In... + if (strcmp(command.part[2], "in") == 0) + strncpy(interfacePIXPointer->in, command.part[1], sizeof(interfacePIXPointer->in) - 1); + + // Out... + else + if (strcmp(command.part[2], "out") == 0) + strncpy(interfacePIXPointer->out, command.part[1], sizeof(interfacePIXPointer->out) - 1); + + // User Override + if (command.parts > 5) + { + if ((strcmp(command.part[2], "in") == 0) && (strcmp(command.part[5], "per-user-override") == 0)) + interfacePIXPointer->inOverride = true; + else if ((strcmp(command.part[2], "out") == 0) && (strcmp(command.part[5], "per-user-override") == 0)) + interfacePIXPointer->outOverride = true; + } + } +} + + +// Process uRPF +void processPIXuRPF(char *line, struct nipperConfig *nipper) +{ + // Variables.. + struct interfacePIXConfig *interfacePIXPointer = 0; + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("uRPF Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Set Interface... + interfacePIXPointer = nipper->pix->interface; + while (interfacePIXPointer != 0) + { + if (strcmp(interfacePIXPointer->name, command.part[4]) == 0) + interfacePIXPointer->uRPF = true; + interfacePIXPointer = interfacePIXPointer->next; + } +} diff --git a/0.11.10/PIX/.svn/text-base/process-nat.c.svn-base b/0.11.10/PIX/.svn/text-base/process-nat.c.svn-base new file mode 100644 index 0000000..ebf312e --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/process-nat.c.svn-base @@ -0,0 +1,324 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Static NAT/PAT Structure +struct staticPIX +{ + char interfaceReal[32]; // Real Interface + char interfaceMapped[32]; // Mapped Interface + int protocolTcp; // TCP = true, UDP = false (PAT ONLY) + char ipMapped[64]; // Mapped IP + char portMapped[10]; // Mapped Port (PAT ONLY) + char ipReal[64]; // NAT type: Real IP Address NAT + char portReal[10]; + char ipNetMaskReal[16]; // + char accessList[32]; // Access List NAT + int interface; // Interface NAT + int dns; // Rewrite DNS records + int nailed; // Nailed will allow incoming connections + int randomseq; // Random Sequence no.'s + int tcpMaxConnections; // Maximum TCP connections + int udpMaxConnections; // Maximum UDP connections + int embrionicConnections; // Limit Embionic Connections (DoS protection) + struct staticPIX *next; +}; + + +// Seperate out the mapped and real interfaces +void seperateMapped(char *joined, char *real, int realSize, char *mapped, int mappedSize) +{ + // Variables + int tempInt = 1; + int tempInt2 = 0; + + // Copy real + while ((joined[tempInt] != ',') && (tempInt < realSize)) + { + real[tempInt - 1] = joined[tempInt]; + tempInt++; + } + + tempInt++; + + // Copy Mapped + while ((joined[tempInt] != ')') && (tempInt2 < mappedSize - 1)) + { + mapped[tempInt2] = joined[tempInt]; + tempInt++; + tempInt2++; + } +} + + +// Process static NAT / PAT +void processStaticPIX(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct staticPIX *staticPIXPointer = 0; + int tempInt = 0; + + // Init + command = splitLine(line); + + // NAT + if ((strcmp(command.part[2], "tcp") != 0) && (strcmp(command.part[2], "udp") != 0)) + { + // Debug + if (nipper->debugMode == true) + { + printf("Static NAT Line: %s\n", line); + } + + // if first + if (nipper->pix->staticNAT == 0) + { + nipper->pix->staticNAT = malloc(sizeof(struct staticPIX)); + staticPIXPointer = nipper->pix->staticNAT; + } + else + { + staticPIXPointer = nipper->pix->staticNAT; + while (staticPIXPointer->next != 0) + staticPIXPointer = staticPIXPointer->next; + staticPIXPointer->next = malloc(sizeof(struct staticPIX)); + staticPIXPointer = staticPIXPointer->next; + } + + // Init + memset(staticPIXPointer, 0, sizeof(struct staticPIX)); + staticPIXPointer->interface = false; + staticPIXPointer->dns = false; + staticPIXPointer->nailed = false; + staticPIXPointer->randomseq = true; + + // Seperate Real and Mapped + seperateMapped(command.part[1], staticPIXPointer->interfaceReal, sizeof(staticPIXPointer->interfaceReal), staticPIXPointer->interfaceMapped, sizeof(staticPIXPointer->interfaceMapped)); + + // Mapped IP Address + strncpy(staticPIXPointer->ipMapped, command.part[2], sizeof(staticPIXPointer->ipMapped) - 1); + + // Is it Interface NAT? + if (strcmp(command.part[3], "interface") == 0) + { + staticPIXPointer->interface = true; + tempInt = 4; + } + + // Is it Access List NAT? + else if (strcmp(command.part[3], "access-list") == 0) + { + strncpy(staticPIXPointer->accessList, command.part[4], sizeof(staticPIXPointer->accessList) - 1); + tempInt = 5; + } + + // Or a IP address NAT? + else + { + strncpy(staticPIXPointer->ipReal, command.part[3], sizeof(staticPIXPointer->ipReal) - 1); + tempInt = 4; + + // Is there a netmask? + if (command.parts > 4) + { + if (strcmp(command.part[4], "netmask") == 0) + { + strncpy(staticPIXPointer->ipNetMaskReal, command.part[5], sizeof(staticPIXPointer->ipNetMaskReal) - 1); + tempInt = 6; + } + } + } + + // Get options + while (tempInt < command.parts) + { + // DNS A record update + if (strcmp(command.part[tempInt], "dns") == 0) + staticPIXPointer->dns = true; + + // Limit TCP Connections + else if (strcmp(command.part[tempInt], "tcp") == 0) + { + staticPIXPointer->tcpMaxConnections = atoi(command.part[tempInt + 1]); + tempInt++; + // Check for embrionic option + if ((strcmp(command.part[tempInt], "udp") != 0) && (strcmp(command.part[tempInt], "norandomseq") != 0)) + { + staticPIXPointer->tcpMaxConnections = atoi(command.part[tempInt + 1]); + tempInt++; + } + } + + // Limit UDP Connections + else if (strcmp(command.part[tempInt], "udp") == 0) + { + staticPIXPointer->embrionicConnections = atoi(command.part[tempInt + 1]); + tempInt++; + } + + // No Random Sequence Numbers + else if (strcmp(command.part[tempInt], "norandomseq") == 0) + { + staticPIXPointer->randomseq = false; + if (strcmp(command.part[tempInt+1], "nailed") == 0) + { + staticPIXPointer->nailed = true; + tempInt++; + } + } + + tempInt++; + } + } + + // Static PAT + else + { + // Debug + if (nipper->debugMode == true) + { + printf("Static PAT Line: %s\n", line); + } + + // if first + if (nipper->pix->staticPAT == 0) + { + nipper->pix->staticPAT = malloc(sizeof(struct staticPIX)); + staticPIXPointer = nipper->pix->staticPAT; + } + else + { + staticPIXPointer = nipper->pix->staticPAT; + while (staticPIXPointer->next != 0) + staticPIXPointer = staticPIXPointer->next; + staticPIXPointer->next = malloc(sizeof(struct staticPIX)); + staticPIXPointer = staticPIXPointer->next; + } + + // Init + memset(staticPIXPointer, 0, sizeof(struct staticPIX)); + staticPIXPointer->interface = false; + staticPIXPointer->dns = false; + staticPIXPointer->nailed = false; + staticPIXPointer->randomseq = true; + + // Seperate Real and Mapped + seperateMapped(command.part[1], staticPIXPointer->interfaceReal, sizeof(staticPIXPointer->interfaceReal), staticPIXPointer->interfaceMapped, sizeof(staticPIXPointer->interfaceMapped)); + + if (strcmp(command.part[2], "tcp") == 0) + staticPIXPointer->protocolTcp = true; + else + staticPIXPointer->protocolTcp = false; + + // Mapped IP Address + strncpy(staticPIXPointer->ipMapped, command.part[3], sizeof(staticPIXPointer->ipMapped) - 1); + + // Mapped Port + strncpy(staticPIXPointer->portMapped, command.part[4], sizeof(staticPIXPointer->portMapped) - 1); + + // Is it Interface NAT? + if (strcmp(command.part[5], "interface") == 0) + { + staticPIXPointer->interface = true; + tempInt = 6; + } + + // Is it Access List NAT? + else if (strcmp(command.part[5], "access-list") == 0) + { + strncpy(staticPIXPointer->accessList, command.part[6], sizeof(staticPIXPointer->accessList) - 1); + tempInt = 7; + } + + // Or a IP address NAT? + else + { + strncpy(staticPIXPointer->ipReal, command.part[5], sizeof(staticPIXPointer->ipReal) - 1); + tempInt = 7; + + // Real Port + strncpy(staticPIXPointer->portReal, command.part[6], sizeof(staticPIXPointer->portReal) - 1); + + // Is there a netmask? + if (command.parts > 7) + { + if (strcmp(command.part[7], "netmask") == 0) + { + strncpy(staticPIXPointer->ipNetMaskReal, command.part[8], sizeof(staticPIXPointer->ipNetMaskReal) - 1); + tempInt = 9; + } + } + } + + // Get options + while (tempInt < command.parts) + { + // DNS A record update + if (strcmp(command.part[tempInt], "dns") == 0) + staticPIXPointer->dns = true; + + // Limit TCP Connections + else if (strcmp(command.part[tempInt], "tcp") == 0) + { + staticPIXPointer->tcpMaxConnections = atoi(command.part[tempInt + 1]); + tempInt++; + // Check for embrionic option + if ((strcmp(command.part[tempInt], "udp") != 0) && (strcmp(command.part[tempInt], "norandomseq") != 0)) + { + staticPIXPointer->tcpMaxConnections = atoi(command.part[tempInt + 1]); + tempInt++; + } + } + + // Limit UDP Connections + else if (strcmp(command.part[tempInt], "udp") == 0) + { + staticPIXPointer->embrionicConnections = atoi(command.part[tempInt + 1]); + tempInt++; + } + + // No Random Sequence Numbers + else if (strcmp(command.part[tempInt], "norandomseq") == 0) + { + staticPIXPointer->randomseq = false; + if (strcmp(command.part[tempInt+1], "nailed") == 0) + { + staticPIXPointer->nailed = true; + tempInt++; + } + } + + tempInt++; + } + } + +} + diff --git a/0.11.10/PIX/.svn/text-base/process-objects.c.svn-base b/0.11.10/PIX/.svn/text-base/process-objects.c.svn-base new file mode 100644 index 0000000..81715bc --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/process-objects.c.svn-base @@ -0,0 +1,185 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Object Groups +void processObjectGroup(char *line, struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + fpos_t filePosition; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + struct ciscoCommand command; + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct objectMember *memberPointer = 0; + + // Debug output + if (nipper->debugMode == true) + printf("Object Group Line: %s\n", line); + + // Init Struct + command = splitLine(line); + + // Get pointer to object list... + objectListPointer = getObjectListPointer(nipper, "OBJECTLIST"); + + // Get pointer to object group... + objectPointer = getObjectPointer(objectListPointer, command.part[2]); + + // Object Type + if (strcmp(command.part[1], "network") == 0) + objectPointer->type = object_type_group; + else if (strcmp(command.part[1], "protocol") == 0) + objectPointer->type = object_type_protocol; + else if (strcmp(command.part[1], "service") == 0) + objectPointer->type = object_type_service; + else if (strcmp(command.part[1], "icmp-type") == 0) + objectPointer->type = object_type_icmp; + + // Service object group type... + if ((command.parts == 4) && (objectPointer->type == object_type_service)) + { + if (strcmp(command.part[3], "tcp") == 0) + objectPointer->serviceType = service_protocol_tcp; + else if (strcmp(command.part[3], "udp") == 0) + objectPointer->serviceType = service_protocol_udp; + else if (strcmp(command.part[3], "tcp-udp") == 0) + objectPointer->serviceType = service_protocol_both; + } + + // Loop through the object lines + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + { + printf("Object Group Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Description + if (strcmp(command.part[0], "description") == 0) + { + memset(tempString, 0, nipper->maxSize); + memset(tempString2, 0, nipper->maxSize); + for (tempInt = 1; tempInt < command.parts; tempInt++) + { + sprintf(tempString, "%s%s ", tempString2, command.part[tempInt]); + strncpy(tempString2, tempString, nipper->maxSize); + } + tempString2[strlen(tempString2) - 1] = 0; + strncpy(objectPointer->comment, tempString2, sizeof(objectPointer->comment) - 1); + } + else + { + + if (strcmp(command.part[0], "network-object") == 0) + { + if (strcmp(command.part[1], "host") == 0) + { + memberPointer = getObjectMember(objectPointer, command.part[2]); + memberPointer->type = object_type_host; + } + else + { + memberPointer = getObjectMember(objectPointer, command.part[1]); + if (command.parts > 2) + strncpy(memberPointer->netMask, command.part[2], sizeof(memberPointer->netMask) - 1); + if (strcmp(memberPointer->netMask, "255.255.255.255") != 0) + memberPointer->type = object_type_network; + else + memberPointer->type = object_type_host; + } + } + else if (strcmp(command.part[0], "group-object") == 0) + { + memberPointer = getObjectMember(objectPointer, command.part[1]); + memberPointer->type = object_type_group; + } + else if (strcmp(command.part[0], "port-object") == 0) + { + if (strcmp(command.part[1], "eq") == 0) + { + memberPointer = getObjectMember(objectPointer, command.part[2]); + memberPointer->type = object_type_port; + memberPointer->serviceOp = service_oper_eq; + } + else if (strcmp(command.part[1], "range") == 0) + { + memberPointer = getObjectMember(objectPointer, command.part[2]); + memberPointer->type = object_type_port; + memberPointer->serviceOp = service_oper_eq; + if (command.parts > 3) + { + strncpy(memberPointer->netMask, command.part[3], sizeof(memberPointer->netMask) - 1); + memberPointer->serviceOp = service_oper_range; + } + } + else + { + memberPointer = getObjectMember(objectPointer, command.part[1]); + memberPointer->type = object_type_port; + memberPointer->serviceOp = service_oper_eq; + if (command.parts > 2) + { + strncpy(memberPointer->netMask, command.part[2], sizeof(memberPointer->netMask) - 1); + memberPointer->serviceOp = service_oper_range; + } + } + memberPointer->type = object_type_port; + } + else if (strcmp(command.part[0], "icmp-object") == 0) + { + memberPointer = getObjectMember(objectPointer, command.part[1]); + memberPointer->type = object_type_icmp; + } + else if (strcmp(command.part[0], "protocol-object") == 0) + { + memberPointer = getObjectMember(objectPointer, command.part[1]); + memberPointer->type = object_type_protocol; + } + } + + // Get next line + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + + // Set file position back + fsetpos(nipper->input, &filePosition); +} + + diff --git a/0.11.10/PIX/.svn/text-base/process-protocols.c.svn-base b/0.11.10/PIX/.svn/text-base/process-protocols.c.svn-base new file mode 100644 index 0000000..a736d16 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/process-protocols.c.svn-base @@ -0,0 +1,98 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +struct fixupList +{ + char protocol[16]; + char options[32]; + int enabled; // true or false + struct fixupList *next; +}; + + +// Process fixup +void processFixupPIX(char *line, struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + char tempString[nipper->maxSize]; + struct ciscoCommand command; + struct fixupList *fixupPIXPointer = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Fixup Line: %s\n", line); + } + + // Is first structure + if (nipper->pix->fixup == 0) + { + nipper->pix->fixup = malloc(sizeof(struct fixupList)); + fixupPIXPointer = nipper->pix->fixup; + } + else + { + fixupPIXPointer = nipper->pix->fixup; + while (fixupPIXPointer->next != 0) + fixupPIXPointer = fixupPIXPointer->next; + fixupPIXPointer->next = malloc(sizeof(struct fixupList)); + fixupPIXPointer = fixupPIXPointer->next; + } + + // Init + command = splitLine(line); + memset(fixupPIXPointer, 0, sizeof(struct fixupList)); + memset(&tempString, 0, nipper->maxSize); + fixupPIXPointer->enabled = true; + tempInt = 0; + + // Enable Protocol Analysis... + if (strcmp(command.part[tempInt], "no") == 0) + { + fixupPIXPointer->enabled = false; + tempInt++; + } + + // Protocol + tempInt = tempInt + 2; + strncpy(fixupPIXPointer->protocol, command.part[tempInt], sizeof(fixupPIXPointer->protocol) - 1); + tempInt++; + + // Options + while (tempInt < command.parts) + { + sprintf(tempString, "%s %s", tempString, command.part[tempInt]); + tempInt++; + } + strncpy(fixupPIXPointer->options, tempString, sizeof(fixupPIXPointer->options) - 1); +} + diff --git a/0.11.10/PIX/.svn/text-base/process-route.c.svn-base b/0.11.10/PIX/.svn/text-base/process-route.c.svn-base new file mode 100644 index 0000000..bac3be9 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/process-route.c.svn-base @@ -0,0 +1,118 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +struct routePIX +{ + char interface[32]; + char ipAddress[64]; + char netMask[16]; + char gateway[64]; + int metric; + int track; + int tunneled; + struct routePIX *next; +}; + + +// Process enable +void processRoutePIX(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct routePIX *routePIXPointer = 0; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Route Line: %s\n", line); + } + + // Is this the first? + if (nipper->pix->route == 0) + { + nipper->pix->route = malloc(sizeof(struct routePIX)); + routePIXPointer = nipper->pix->route; + } + else + { + routePIXPointer = nipper->pix->route; + while (routePIXPointer->next != 0) + routePIXPointer = routePIXPointer->next; + routePIXPointer->next = malloc(sizeof(struct routePIX)); + routePIXPointer = routePIXPointer->next; + } + + // Init Structure + command = splitLine(line); + memset(routePIXPointer, 0, sizeof(struct routePIX)); + routePIXPointer->metric = 1; + routePIXPointer->track = 0; + routePIXPointer->tunneled = false; + + // Interface Name + strncpy(routePIXPointer->interface, command.part[1], sizeof(routePIXPointer->interface) - 1); + + // IP Address + strncpy(routePIXPointer->ipAddress, command.part[2], sizeof(routePIXPointer->ipAddress) - 1); + + // Net Mask + strncpy(routePIXPointer->netMask, command.part[3], sizeof(routePIXPointer->netMask) - 1); + + // Gateway + strncpy(routePIXPointer->gateway, command.part[4], sizeof(routePIXPointer->gateway) - 1); + + // Options + if (command.parts > 5) + { + + // Tunneled + if (strcmp(command.part[5], "tunneled") == 0) + routePIXPointer->tunneled = true; + + // Metric / Track + else + { + tempInt = 5; + + // Metric + if (strcmp(command.part[tempInt], "track") != 0) + { + routePIXPointer->metric = atoi(command.part[tempInt]); + tempInt++; + } + + // Track? + if (strcmp(command.part[tempInt], "track") == 0) + routePIXPointer->track = atoi(command.part[tempInt + 1]); + } + } +} diff --git a/0.11.10/PIX/.svn/text-base/process-snmp.c.svn-base b/0.11.10/PIX/.svn/text-base/process-snmp.c.svn-base new file mode 100644 index 0000000..47aadfb --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/process-snmp.c.svn-base @@ -0,0 +1,333 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code to process PIX SNMP + +struct snmpPIXConfig +{ + int enabled; + char community[64]; + int weak; + int dictionary; + char contact[128]; + char location[128]; + int port; + struct snmpTrapPIX *trap; + struct snmpPIXHost *host; +}; + +struct snmpPIXHost +{ + char interface[64]; + char address[64]; + char community[64]; + int mode; + int port; + int version; + struct snmpPIXHost *next; +}; + +struct snmpTrapPIX +{ + char section[16]; + char trap[32]; + struct snmpTrapPIX *next; +}; + +#define snmp_mode_both 0 +#define snmp_mode_poll 1 +#define snmp_mode_trap 2 + + +// Modify the traps... +void modifyPIXTraps(struct nipperConfig *nipper, char *trapSection, char *trapSubSection, int add) +{ + // Variables... + struct snmpTrapPIX *trapPIXPointer = 0; + struct snmpTrapPIX *trapPIXPointer2 = 0; + + // Is it an add? + if (add == true) + { + // Reserve memory... + if (nipper->pix->snmp->trap == 0) + { + nipper->pix->snmp->trap = malloc(sizeof(struct snmpTrapPIX)); + memset(nipper->pix->snmp->trap, 0, sizeof(struct snmpTrapPIX)); + trapPIXPointer = nipper->pix->snmp->trap; + } + else + { + trapPIXPointer = nipper->pix->snmp->trap; + while (trapPIXPointer->next != 0) + trapPIXPointer = trapPIXPointer->next; + trapPIXPointer->next = malloc(sizeof(struct snmpTrapPIX)); + memset(trapPIXPointer->next, 0, sizeof(struct snmpTrapPIX)); + trapPIXPointer = trapPIXPointer->next; + } + + // Copy data + strncpy(trapPIXPointer->section, trapSection, sizeof(trapPIXPointer->section) - 1); + strncpy(trapPIXPointer->trap, trapSubSection, sizeof(trapPIXPointer->trap) - 1); + } + + // Remove trap... + else + { + trapPIXPointer = nipper->pix->snmp->trap; + trapPIXPointer2 = 0; + while (trapPIXPointer != 0) + { + if (((strcmp(trapSection, trapPIXPointer->section) == 0) && (strcmp(trapSubSection, trapPIXPointer->trap) == 0)) || ((strcmp(trapSection, trapPIXPointer->section) == 0) && (strcmp(trapSubSection, "") == 0))) + { + if (trapPIXPointer2 == 0) + { + nipper->pix->snmp->trap = trapPIXPointer->next; + free(trapPIXPointer); + trapPIXPointer = nipper->pix->snmp->trap; + } + else + { + trapPIXPointer2->next = trapPIXPointer->next; + free(trapPIXPointer); + trapPIXPointer = trapPIXPointer2->next; + } + } + else + { + trapPIXPointer2 = trapPIXPointer; + trapPIXPointer = trapPIXPointer->next; + } + } + } +} + +// Process SNMP +void processSnmpPIX(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct snmpPIXHost *snmpHostPIXPointer = 0; + int tempInt; + int tempInt2; + int setting; + + // Debug + if (nipper->debugMode == true) + { + printf("SNMP Line: %s\n", line); + } + + // Init + command = splitLine(line); + if (nipper->pix->snmp == 0) + { + nipper->pix->snmp = malloc(sizeof(struct snmpPIXConfig)); + memset(nipper->pix->snmp, 0, sizeof(struct snmpPIXConfig)); + + // Defaults... + nipper->pix->snmp->enabled = true; + nipper->pix->snmp->port = 161; + strcpy(nipper->pix->snmp->community, "public"); + modifyPIXTraps(nipper, "snmp", "authentication", true); + modifyPIXTraps(nipper, "snmp", "linkup", true); + modifyPIXTraps(nipper, "snmp", "linkdown", true); + modifyPIXTraps(nipper, "snmp", "coldstart", true); + nipper->pix->snmp->weak = true; + nipper->pix->snmp->dictionary = true; + nipper->simplePasswords++; + nipper->passwordStrengths++; + } + if (strcmp("no", command.part[0]) == 0) + { + setting = false; + tempInt = 2; + } + else + { + setting = true; + tempInt = 1; + } + + // Community + if (strcmp("community", command.part[tempInt]) == 0) + { + tempInt++; + strncpy(nipper->pix->snmp->community, command.part[tempInt], sizeof(nipper->pix->snmp->community) - 1); + + // Check strength / dictionary... + if (simplePassword(nipper->pix->snmp->community, nipper) == true) + { + if (nipper->pix->snmp->dictionary == false) + { + nipper->simplePasswords++; + nipper->pix->snmp->dictionary = true; + } + } + else if (nipper->pix->snmp->dictionary == true) + { + nipper->simplePasswords--; + nipper->pix->snmp->dictionary = false; + } + if (passwordStrength(nipper->pix->snmp->community, nipper) == false) + { + if (nipper->pix->snmp->weak == false) + { + nipper->passwordStrengths++; + nipper->pix->snmp->weak = true; + } + } + else if (nipper->pix->snmp->weak == true) + { + nipper->passwordStrengths--; + nipper->pix->snmp->weak = false; + } + } + + // Contact + else if (strcmp("contact", command.part[tempInt]) == 0) + { + tempInt++; + strncpy(nipper->pix->snmp->contact, command.part[tempInt], sizeof(nipper->pix->snmp->contact) - 1); + } + + // Location + else if (strcmp("location", command.part[tempInt]) == 0) + { + tempInt++; + strncpy(nipper->pix->snmp->location, command.part[tempInt], sizeof(nipper->pix->snmp->location) - 1); + } + + // Traps... + else if ((strcmp("enable", command.part[tempInt]) == 0) && (strcmp("traps", command.part[tempInt + 1]) == 0)) + { + + // If no traps are specified... + if (command.parts == tempInt + 2) + modifyPIXTraps(nipper, "syslog", "", setting); + + // If only the trap catagory is specified... + else if (command.parts == tempInt + 3) + modifyPIXTraps(nipper, command.part[tempInt + 2], "", setting); + + // Do all the other traps... + else + { + tempInt2 = tempInt + 3; + while (tempInt2 < command.parts) + { + modifyPIXTraps(nipper, command.part[tempInt + 2], command.part[tempInt2], setting); + tempInt2++; + } + } + } + + // Listen Port + else if (strcmp("port", command.part[tempInt]) == 0) + { + tempInt++; + nipper->pix->snmp->port = atoi(command.part[tempInt]); + } + + // Server Enable + else if (strcmp("enable", command.part[tempInt]) == 0) + nipper->pix->snmp->enabled = setting; + + // SNMP Host + else if (strcmp("host", command.part[tempInt]) == 0) + { + // Reserve Memory... + if (nipper->pix->snmp->host == 0) + { + nipper->pix->snmp->host = malloc(sizeof(struct snmpPIXHost)); + memset(nipper->pix->snmp->host, 0, sizeof(struct snmpPIXHost)); + snmpHostPIXPointer = nipper->pix->snmp->host; + } + else + { + snmpHostPIXPointer = nipper->pix->snmp->host; + while (snmpHostPIXPointer->next != 0) + snmpHostPIXPointer = snmpHostPIXPointer->next; + snmpHostPIXPointer->next = malloc(sizeof(struct snmpPIXHost)); + memset(snmpHostPIXPointer->next, 0, sizeof(struct snmpPIXHost)); + snmpHostPIXPointer = snmpHostPIXPointer->next; + } + + // Init... + snmpHostPIXPointer->port = 161; + snmpHostPIXPointer->mode = snmp_mode_both; + + // Interface... + strncpy(snmpHostPIXPointer->interface, command.part[2], sizeof(snmpHostPIXPointer->interface) - 1); + + // Address... + strncpy(snmpHostPIXPointer->address, command.part[3], sizeof(snmpHostPIXPointer->address) - 1); + tempInt = 4; + + // Options... + while (tempInt < command.parts) + { + // Poll + if (strcmp("poll", command.part[tempInt]) == 0) + snmpHostPIXPointer->mode = snmp_mode_poll; + + // Trap + else if (strcmp("trap", command.part[tempInt]) == 0) + snmpHostPIXPointer->mode = snmp_mode_trap; + + // Community + else if (strcmp("community", command.part[tempInt]) == 0) + { + tempInt++; + strncpy(snmpHostPIXPointer->community, command.part[tempInt], sizeof(snmpHostPIXPointer->community) - 1); + } + + // Version + else if (strcmp("version", command.part[tempInt]) == 0) + { + tempInt++; + if ('1' == command.part[tempInt][0]) + snmpHostPIXPointer->version = 1; + else if ('2' == command.part[tempInt][0]) + snmpHostPIXPointer->version = 2; + } + + // UDP Port + else if (strcmp("udp-port", command.part[tempInt]) == 0) + { + tempInt++; + snmpHostPIXPointer->port = atoi(command.part[tempInt]); + } + + tempInt++; + } + } +} + diff --git a/0.11.10/PIX/.svn/text-base/process-ssh.c.svn-base b/0.11.10/PIX/.svn/text-base/process-ssh.c.svn-base new file mode 100644 index 0000000..74fb121 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/process-ssh.c.svn-base @@ -0,0 +1,107 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +struct sshAccessConfig +{ + char ipAddress[32]; + char netMask[32]; + char interface[32]; + struct sshAccessConfig *next; +}; + + +struct sshPIXConfig +{ + int version; + int timeout; + struct sshAccessConfig *access; +}; + + +// Process fixup +void processPIXSSH(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct sshAccessConfig *sshPointer = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("SSH Line: %s\n", line); + } + + // If structure doesn't exist + if (nipper->pix->ssh == 0) + { + nipper->pix->ssh = malloc(sizeof(struct sshPIXConfig)); + memset(nipper->pix->ssh, 0, sizeof(struct sshPIXConfig)); + nipper->pix->ssh->timeout = 5; + } + + // Init + command = splitLine(line); + + // Timeout + if (strcmp(command.part[1], "timeout") == 0) + nipper->pix->ssh->timeout = atoi(command.part[2]); + + // Version + else if (strcmp(command.part[1], "version") == 0) + nipper->pix->ssh->version = atoi(command.part[2]); + + // Management IP + else if (command.parts == 4) + { + // Init... + if (nipper->pix->ssh->access == 0) + { + nipper->pix->ssh->access = malloc(sizeof(struct sshAccessConfig)); + sshPointer = nipper->pix->ssh->access; + } + else + { + sshPointer = nipper->pix->ssh->access; + while (sshPointer->next != 0) + sshPointer = sshPointer->next; + sshPointer->next = malloc(sizeof(struct sshAccessConfig)); + sshPointer = sshPointer->next; + } + memset(sshPointer, 0, sizeof(struct sshAccessConfig)); + strcpy(sshPointer->interface, "Any except outside"); + + // Set... + strncpy(sshPointer->ipAddress, command.part[1], sizeof(sshPointer->ipAddress) - 1); + strncpy(sshPointer->netMask, command.part[2], sizeof(sshPointer->netMask) - 1); + if (command.parts == 4) + strncpy(sshPointer->interface, command.part[3], sizeof(sshPointer->interface) - 1); + } +} + diff --git a/0.11.10/PIX/.svn/text-base/report-access-list.c.svn-base b/0.11.10/PIX/.svn/text-base/report-access-list.c.svn-base new file mode 100644 index 0000000..c6a39f2 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/report-access-list.c.svn-base @@ -0,0 +1,154 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixACLConfig(struct nipperConfig *nipper) +{ + // Intro text + output_parseText(settings_accesslists1, nipper, section_none, rate_none, 0, 0); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_parseText(settings_accesslists3, nipper, section_none, rate_none, 0, 0); + + // General ACL Settings + output_table(nipper, true, settings_accesslist_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sAlert Interval%s%d seconds%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->accessListAlertInterval, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sMaximum Deny Flows%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->accessListDenyFlowMax, nipper->tablerow_end); + output_table(nipper, false, settings_accesslist_table, &settings_general_heading); + + // ACL + reportRules(nipper); +} + + +void pixObjectConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct objectMember *memberPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + // Intro + output_parseText(settings_objects_desc, nipper, section_none, rate_none, 0, 0); + output_list(nipper, &settings_objects_heading); + + // Get pointer to object list... + objectListPointer = getObjectListPointer(nipper, "OBJECTLIST"); + + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "", objectPointer->name); + + // Generate Table Heading... + if (objectPointer->type == object_type_group) + { + if (objectPointer->comment[0] == 0) + sprintf(tempString, "Network %s %s", settings_objects_table, objectPointer->name); + else + sprintf(tempString, "Network %s %s (%s)", settings_objects_table, objectPointer->name, objectPointer->comment); + } + else if (objectPointer->type == object_type_protocol) + { + if (objectPointer->comment[0] == 0) + sprintf(tempString, "Protocol %s %s", settings_objects_table, objectPointer->name); + else + sprintf(tempString, "Protocol %s %s (%s)", settings_objects_table, objectPointer->name, objectPointer->comment); + } + else if (objectPointer->type == object_type_service) + { + if (objectPointer->comment[0] == 0) + sprintf(tempString, "Service %s %s", settings_objects_table, objectPointer->name); + else + sprintf(tempString, "Service %s %s (%s)", settings_objects_table, objectPointer->name, objectPointer->comment); + } + else if (objectPointer->type == object_type_icmp) + { + if (objectPointer->comment[0] == 0) + sprintf(tempString, "ICMP %s %s", settings_objects_table, objectPointer->name); + else + sprintf(tempString, "ICMP %s %s (%s)", settings_objects_table, objectPointer->name, objectPointer->comment); + } + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_object_heading); + + // Output Table Contents... + memberPointer = objectPointer->members; + while (memberPointer != 0) + { + switch (memberPointer->type) + { + case object_type_group: + outputFriendly(memberPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sObject Group%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + break; + case object_type_port: + fprintf(nipper->reportFile, "%sPort%s", nipper->tablerow_start, nipper->tablerow_mid); + if (memberPointer->serviceOp == service_oper_eq) + fprintf(nipper->reportFile, "%s%s", memberPointer->name, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s - %s%s", memberPointer->name, memberPointer->netMask, nipper->tablerow_end); + addAbbreviation(objectPointer->name, false); + break; + case object_type_service: + fprintf(nipper->reportFile, "%sService%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, memberPointer->name, nipper->tablerow_end); + addAbbreviation(objectPointer->name, false); + break; + case object_type_network: + fprintf(nipper->reportFile, "%sNetwork%s%s / %s%s", nipper->tablerow_start, nipper->tablerow_mid, memberPointer->name, memberPointer->netMask, nipper->tablerow_end); + break; + case object_type_host: + fprintf(nipper->reportFile, "%sHost%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, memberPointer->name, nipper->tablerow_end); + break; + case object_type_protocol: + addAbbreviation(objectPointer->name, false); + fprintf(nipper->reportFile, "%sProtocol%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, memberPointer->name, nipper->tablerow_end); + break; + case object_type_icmp: + fprintf(nipper->reportFile, "%sICMP%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, memberPointer->name, nipper->tablerow_end); + addAbbreviation("ICMP", false); + break; + } + memberPointer = memberPointer->next; + } + output_table(nipper, false, tempString2, &settings_object_heading); + + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, ""); + + objectPointer = objectPointer->next; + } +} + diff --git a/0.11.10/PIX/.svn/text-base/report-debug.c.svn-base b/0.11.10/PIX/.svn/text-base/report-debug.c.svn-base new file mode 100644 index 0000000..ee530a1 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/report-debug.c.svn-base @@ -0,0 +1,267 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void reportPIXDebug(struct nipperConfig *nipper) +{ + // Variables + struct johnPassword *johnPointer = 0; + struct interfacePIXConfig *interfacePIXPointer = 0; + struct enablePIXPassword *enablePIXPointer = 0; + struct usernamePIX *usernamePIXPointer = 0; + struct fixupList *fixupPIXPointer = 0; + struct icmpAccess *icmpPIXPointer = 0; + struct staticPIX *staticPIXPointer = 0; + struct routePIX *routePIXPointer = 0; + struct snmpPIXHost *snmpHostPIXPointer = 0; + struct snmpTrapPIX *trapPIXPointer = 0; + struct mgmtHostsPIX *mgmtHostsPointer = 0; + struct sshAccessConfig *sshPointer = 0; + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf(" True or Enabled = %d\n", true); + printf(" False or Disabled = %d\n", false); + printf(" Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + printf("Hostname: %s\n", nipper->hostname); + printf("Domain Name: %s\n", nipper->domainName); + printf("Version: %s\n", nipper->version); + printf("Version: %d.%d(%d)\n", nipper->versionMajor, nipper->versionMinor, nipper->versionRevision); + printf("Type: %d\n", nipper->deviceType); + printf("Transparent: %d\n", nipper->pix->transparent); + printf("Floodguard: %d\n", nipper->pix->floodguard); + + // HTTP Server + if (nipper->pix->http != 0) + { + printf("HTTPS Server: %d\n", nipper->pix->http->httpServer); + printf("HTTPS Server Port: %d\n", nipper->pix->http->httpServerPort); + printf("Require Certificate: %d\n", nipper->pix->http->requireCert); + printf("HTTP Redirect: %d\n", nipper->pix->http->httpRedirect); + printf("HTTP Redirect Port: %d\n", nipper->pix->http->httpRedirectPort); + mgmtHostsPointer = nipper->pix->http->host; + while (mgmtHostsPointer != 0) + { + printf("HTTP Management Host:\n"); + printf(" IP Address: %s\n", mgmtHostsPointer->ipAddress); + printf(" Net Mask: %s\n", mgmtHostsPointer->netMask); + printf(" Interface: %s\n", mgmtHostsPointer->interface); + mgmtHostsPointer = mgmtHostsPointer->next; + } + } + + // Users and Passwords + printf("Password: %s\n", nipper->pix->password); + enablePIXPointer = nipper->pix->enable; + while (enablePIXPointer != 0) + { + printf("Enable Password: %s\n", enablePIXPointer->passwordEncrypted); + printf(" Enable Level: %d\n", enablePIXPointer->level); + enablePIXPointer = enablePIXPointer->next; + } + usernamePIXPointer = nipper->pix->username; + while (usernamePIXPointer != 0) + { + printf("Username: %s\n", usernamePIXPointer->username); + printf(" Encrypted Password: %s\n", usernamePIXPointer->passwordEncrypted); + printf(" Encryption: %d\n", usernamePIXPointer->encryption); + printf(" Level: %d\n", usernamePIXPointer->level); + usernamePIXPointer = usernamePIXPointer->next; + } + + // SSH + if (nipper->pix->ssh != 0) + { + printf("SSH Config:\n"); + printf(" SSH Version: %d\n", nipper->pix->ssh->version); + printf(" Timeout: %d\n", nipper->pix->ssh->timeout); + sshPointer = nipper->pix->ssh->access; + while (sshPointer != 0) + { + printf(" IP Address: %s\n", sshPointer->ipAddress); + printf(" Net Mask: %s\n", sshPointer->netMask); + printf(" Interface: %s\n", sshPointer->interface); + sshPointer = sshPointer->next; + } + } + + // SNMP + if (nipper->pix->snmp != 0) + { + printf("SNMP Config:\n"); + printf(" Enabled: %d\n", nipper->pix->snmp->enabled); + printf(" Community: %s\n", nipper->pix->snmp->community); + printf(" Contact: %s\n", nipper->pix->snmp->contact); + printf(" Location: %s\n", nipper->pix->snmp->location); + printf(" Port: %d\n", nipper->pix->snmp->port); + snmpHostPIXPointer = nipper->pix->snmp->host; + while (snmpHostPIXPointer != 0) + { + printf(" SNMP Host:\n"); + printf(" Interface: %s\n", snmpHostPIXPointer->interface); + printf(" Address: %s\n", snmpHostPIXPointer->address); + printf(" Community: %s\n", snmpHostPIXPointer->community); + printf(" Mode: %d\n", snmpHostPIXPointer->mode); + printf(" UDP Port: %d\n", snmpHostPIXPointer->port); + printf(" SNMP Version: %d\n", snmpHostPIXPointer->version); + snmpHostPIXPointer = snmpHostPIXPointer->next; + } + trapPIXPointer = nipper->pix->snmp->trap; + while (trapPIXPointer != 0) + { + printf(" SNMP Trap:\n"); + printf(" Trap Type: %s\n", trapPIXPointer->section); + printf(" Trap: %s\n", trapPIXPointer->trap); + trapPIXPointer = trapPIXPointer->next; + } + } + + // Interfaces + interfacePIXPointer = nipper->pix->interface; + while (interfacePIXPointer != 0) + { + printf("Interface: %s\n", interfacePIXPointer->interface); + printf(" Name: %s\n", interfacePIXPointer->name); + printf(" Shutdown: %d\n", interfacePIXPointer->shutdown); + printf(" IP Address: %s\n", interfacePIXPointer->ipAddress); + printf(" IP Mask: %s\n", interfacePIXPointer->netMask); + printf(" Security: %d\n", interfacePIXPointer->security); + printf(" uRPF: %d\n", interfacePIXPointer->uRPF); + printf(" In ACL: %s\n", interfacePIXPointer->in); + printf(" In Override: %d\n", interfacePIXPointer->inOverride); + printf(" Out ACL: %s\n", interfacePIXPointer->out); + printf(" Out Override: %d\n", interfacePIXPointer->outOverride); + interfacePIXPointer = interfacePIXPointer->next; + } + + // ICMP Access + icmpPIXPointer = nipper->pix->icmp; + while (icmpPIXPointer != 0) + { + printf("ICMP Access: %d\n", icmpPIXPointer->permission); + printf(" Source: %s\n", icmpPIXPointer->source); + printf(" Source Type: %d\n", icmpPIXPointer->sourceType); + printf(" ICMP Type: %s\n", icmpPIXPointer->icmpType); + printf(" Interface: %s\n", icmpPIXPointer->interface); + icmpPIXPointer = icmpPIXPointer->next; + } + + // Protocol Analysis + fixupPIXPointer = nipper->pix->fixup; + while (fixupPIXPointer != 0) + { + printf("Fixup Protocol: %s\n", fixupPIXPointer->protocol); + printf(" Fixup Options: %s\n", fixupPIXPointer->options); + printf(" Enabled: %d\n", fixupPIXPointer->enabled); + fixupPIXPointer = fixupPIXPointer->next; + } + + // Static NAT / PAT + staticPIXPointer = nipper->pix->staticNAT; + while (staticPIXPointer != 0) + { + printf("Static NAT Configuration\n"); + printf(" Real Interface: %s\n", staticPIXPointer->interfaceReal); + printf(" Mapped Interface: %s\n", staticPIXPointer->interfaceMapped); + printf(" Mapped IP: %s\n", staticPIXPointer->ipMapped); + printf(" Real IP: %s\n", staticPIXPointer->ipReal); + printf(" Real IP Mask: %s\n", staticPIXPointer->ipNetMaskReal); + printf(" Access List: %s\n", staticPIXPointer->accessList); + printf(" Interface: %d\n", staticPIXPointer->interface); + printf(" DNS: %d\n", staticPIXPointer->dns); + printf(" Nailed: %d\n", staticPIXPointer->nailed); + printf(" Random Sequence Numbers: %d\n", staticPIXPointer->randomseq); + printf(" Max TCP Connections: %d\n", staticPIXPointer->tcpMaxConnections); + printf(" Max UDP Connections: %d\n", staticPIXPointer->udpMaxConnections); + printf(" Max Embrionic Connections: %d\n", staticPIXPointer->embrionicConnections); + staticPIXPointer = staticPIXPointer->next; + } + staticPIXPointer = nipper->pix->staticPAT; + while (staticPIXPointer != 0) + { + printf("Static PAT Configuration\n"); + printf(" Real Interface: %s\n", staticPIXPointer->interfaceReal); + printf(" Mapped Interface: %s\n", staticPIXPointer->interfaceMapped); + printf(" TCP Protocol: %d\n", staticPIXPointer->protocolTcp); + printf(" Mapped IP: %s\n", staticPIXPointer->ipMapped); + printf(" Mapped Port: %s\n", staticPIXPointer->portMapped); + printf(" Real IP: %s\n", staticPIXPointer->ipReal); + printf(" Real Port: %s\n", staticPIXPointer->portReal); + printf(" Real IP Mask: %s\n", staticPIXPointer->ipNetMaskReal); + printf(" Access List: %s\n", staticPIXPointer->accessList); + printf(" Interface: %d\n", staticPIXPointer->interface); + printf(" DNS: %d\n", staticPIXPointer->dns); + printf(" Nailed: %d\n", staticPIXPointer->nailed); + printf(" Random Sequence Numbers: %d\n", staticPIXPointer->randomseq); + printf(" Max TCP Connections: %d\n", staticPIXPointer->tcpMaxConnections); + printf(" Max UDP Connections: %d\n", staticPIXPointer->udpMaxConnections); + printf(" Max Embrionic Connections: %d\n", staticPIXPointer->embrionicConnections); + staticPIXPointer = staticPIXPointer->next; + } + + // Static Route + routePIXPointer = nipper->pix->route; + while (routePIXPointer != 0) + { + printf("Static Route\n"); + printf(" Interface: %s\n", routePIXPointer->interface); + printf(" IP Address: %s\n", routePIXPointer->ipAddress); + printf(" Net Mask: %s\n", routePIXPointer->netMask); + printf(" Gateway: %s\n", routePIXPointer->gateway); + printf(" Metric: %d\n", routePIXPointer->metric); + printf(" Track: %d\n", routePIXPointer->track); + printf(" Tunneled: %d\n", routePIXPointer->tunneled); + routePIXPointer = routePIXPointer->next; + } + + // Filter Rules... + reportRulesDebug(nipper); + + // Name Mappings / Objects + reportObjectsDebug(nipper); + + // John-the-ripper + if (nipper->john != 0) + { + printf("\n%sJohn-the-ripper Output\n======================%s\n", COL_BLUE, RESET); + johnPointer = nipper->john; + while (johnPointer != 0) + { + printf("Username: %s\n", johnPointer->username); + printf(" Password: %s\n", johnPointer->password); + johnPointer = johnPointer->next; + } + } +} + + diff --git a/0.11.10/PIX/.svn/text-base/report-enable.c.svn-base b/0.11.10/PIX/.svn/text-base/report-enable.c.svn-base new file mode 100644 index 0000000..faf3ca2 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/report-enable.c.svn-base @@ -0,0 +1,105 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixUsersConfig(struct nipperConfig *nipper) +{ + // Variables... + struct enablePIXPassword *enablePIXPointer = 0; + struct usernamePIX *usernamePIXPointer = 0; + + // Login Password + if (nipper->pix->password[0] != 0) + { + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, " "); + fprintf(nipper->reportFile, "%s %s.", settings_logon_password, nipper->pix->password); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + } + + // Enable Password + if (nipper->pix->enable != 0) + { + output_table(nipper, true, settings_enable_table, &report_enablepix_heading); + enablePIXPointer = nipper->pix->enable; + while (enablePIXPointer != 0) + { + fprintf(nipper->reportFile, "%s%d", nipper->tablerow_start, enablePIXPointer->level); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, enablePIXPointer->passwordEncrypted); + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + enablePIXPointer = enablePIXPointer->next; + } + output_table(nipper, false, settings_enable_table, &report_enablepix_heading); + } + + // Usernames + if (nipper->pix->username != 0) + { + output_table(nipper, true, settings_users_table, &report_userspix_heading); + usernamePIXPointer = nipper->pix->username; + while (usernamePIXPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, usernamePIXPointer->username, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", usernamePIXPointer->level, nipper->tablerow_mid); + switch (usernamePIXPointer->encryption) + { + case encrypt_none: + fprintf(nipper->reportFile, "N/A"); + break; + case encrypt_pix: + fprintf(nipper->reportFile, "Standard"); + break; + case encrypt_mschap: + fprintf(nipper->reportFile, "MS-CHAP"); + addAbbreviation("MS-CHAP", false); + break; + case encrypt_ntenc: + fprintf(nipper->reportFile, "NT Encrypted"); + addAbbreviation("NT", false); + break; + } + if (nipper->passwords == true) + { + if (usernamePIXPointer->passwordEncrypted[0] == 0) + fprintf(nipper->reportFile, "%sNone%s", nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, usernamePIXPointer->passwordEncrypted, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + usernamePIXPointer = usernamePIXPointer->next; + } + output_table(nipper, false, settings_users_table, &report_userspix_heading); + } +} + + diff --git a/0.11.10/PIX/.svn/text-base/report-general.c.svn-base b/0.11.10/PIX/.svn/text-base/report-general.c.svn-base new file mode 100644 index 0000000..90a7162 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/report-general.c.svn-base @@ -0,0 +1,293 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixGeneralConfig(struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_general_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sHostname%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->friendlyHostname, nipper->tablerow_end); + if (nipper->domainName[0] != 0) + { + outputFriendly(nipper->domainName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sDomain Name%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if ((nipper->version[0] != 0) && (nipper->deviceType == type_pix_firewall)) + { + addAbbreviation("PIX", false); + fprintf(nipper->reportFile, "%sPIX Version%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->version, nipper->tablerow_end); + } + else if ((nipper->version[0] != 0) && (nipper->deviceType == type_asa_firewall)) + { + addAbbreviation("ASA", false); + fprintf(nipper->reportFile, "%sASA Version%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->version, nipper->tablerow_end); + } + else if ((nipper->version[0] != 0) && (nipper->deviceType == type_fwsm_firewall)) + { + addAbbreviation("FWSM", false); + fprintf(nipper->reportFile, "%sFWSM Version%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->version, nipper->tablerow_end); + } + if (nipper->pix->transparent == true) + fprintf(nipper->reportFile, "%sTransparent Firewall%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sTransparent Firewall%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->pix->floodguard == true) + fprintf(nipper->reportFile, "%sFlood Guard%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sFlood Guard%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_general_table, &settings_general_heading); +} + + +void pixServicesConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_services_table, &report_services_heading); + if (nipper->pix->snmp == 0) + fprintf(nipper->reportFile, "%sSNMP Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->pix->snmp->enabled == true) + fprintf(nipper->reportFile, "%sSNMP Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSNMP Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->pix->http == 0) + fprintf(nipper->reportFile, "%sHTTPS Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->pix->http->httpServer == false) + fprintf(nipper->reportFile, "%sHTTPS Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sHTTPS Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_services_table, &report_services_heading); + addAbbreviation("SNMP", false); + addAbbreviation("HTTPS", false); +} + + +void pixVulnerabilityIssue(struct nipperConfig *nipper) +{ + // Variables... + struct vulnerability *vulnPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_osver_obs1, nipper, section_obs, rate_none, nipper->vulnIssues, nipper->tableNum); + if (nipper->vulnIssues > 1) + { + output_table(nipper, true, report_osver_table, &report_osver_heading); + if (nipper->deviceType == type_fwsm_firewall) + vulnPointer = &report_vuln_fwsm; + else + vulnPointer = &report_vuln_pix; + while (vulnPointer->next != 0) + { + if (vulnPointer->include == true) + { + outputFriendly(vulnPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s%s%s", vulnPointer->cve, nipper->tablerow_mid, vulnPointer->bid, nipper->tablerow_end); + } + vulnPointer = vulnPointer->next; + } + output_table(nipper, false, report_osver_table, &report_osver_heading); + output_parseText(report_osver_obs2, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + } + else if (nipper->vulnIssues > 0) + { + output_parseText(report_osver_obs3, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + if (nipper->deviceType == type_fwsm_firewall) + vulnPointer = &report_vuln_fwsm; + else + vulnPointer = &report_vuln_pix; + while (vulnPointer->next != 0) + { + if (vulnPointer->include == true) + { + outputFriendly(vulnPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "\"%s\" (", tempString); + if (vulnPointer->cve[0] != 0) + fprintf(nipper->reportFile, "CVE reference %s", vulnPointer->cve); + if ((vulnPointer->cve[0] != 0) && (vulnPointer->bid[0] != 0)) + fprintf(nipper->reportFile, " and "); + if (vulnPointer->bid[0] != 0) + fprintf(nipper->reportFile, " Bugtraq ID %s", vulnPointer->bid); + fprintf(nipper->reportFile, ")."); + } + vulnPointer = vulnPointer->next; + } + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_parseText(report_osver_obs2, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + } + output_endsection(nipper, section_obs); + if (nipper->vulnIssues > 0) + { + output_parseText(report_osver_impact1, nipper, section_imp, rate_high, nipper->vulnIssues, nipper->tableNum -1); + if ((nipper->vulnIssueDos == true) && (nipper->vulnIssueRemote == true)) + output_parseText(report_osver_impact2, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + else if (nipper->vulnIssueDos == true) + output_parseText(report_osver_impact3, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + else if (nipper->vulnIssueRemote == true) + output_parseText(report_osver_impact4, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + addAbbreviation("CVE", false); + addAbbreviation("BID", false); + } + else + output_parseText(report_osver_impact5, nipper, section_imp, rate_high, nipper->vulnIssues, nipper->tableNum -1); + output_endsection(nipper, section_imp); + output_parseText(report_osver_ease, nipper, section_ease, rate_trivial, nipper->vulnIssues, nipper->tableNum -1); + output_endsection(nipper, section_ease); + output_parseText(report_osver_rec, nipper, section_rec, rate_none, nipper->vulnIssues, nipper->tableNum -1); + output_endsection(nipper, section_rec); +} + + +void pixTimeoutIssue(struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + + output_parseText(report_timeout_obs1, nipper, section_obs, rate_none, nipper->insecureTimeouts, nipper->tableNum); + if ((nipper->connectionTimeout % 60) == 0) + { + numToWord(nipper->reportFile, (nipper->connectionTimeout / 60)); + fprintf(nipper->reportFile, " minutes"); + } + else + { + numToWord(nipper->reportFile, nipper->connectionTimeout / 60); + fprintf(nipper->reportFile, " minutes and "); + numToWord(nipper->reportFile, nipper->connectionTimeout % 60); + fprintf(nipper->reportFile, " seconds"); + } + output_parseText(report_timeout_obs2, nipper, section_none, rate_none, nipper->insecureTimeouts, nipper->tableNum); + if (nipper->insecureTimeouts > 1) + { + output_table(nipper, true, report_timeout_table, &report_timeout_heading); + if (nipper->pix->ssh != 0) + { + if ((nipper->pix->ssh->timeout * 60) > nipper->connectionTimeout) + { + fprintf(nipper->reportFile, "%sSSH Session Timeout%s", nipper->tablerow_start, nipper->tablerow_mid); + numToWord(nipper->reportFile, nipper->pix->ssh->timeout); + fprintf(nipper->reportFile, " minutes%s", nipper->tablerow_end); + } + } + output_table(nipper, false, report_timeout_table, &report_timeout_heading); + } + else + { + if (nipper->pix->ssh != 0) + { + if ((nipper->pix->ssh->timeout * 60) > nipper->connectionTimeout) + { + sprintf(tempString, "*NOTEXTSTART*The SSH session timeout was *NUMBER* minutes."); + output_parseText(tempString, nipper, section_none, rate_none, nipper->pix->ssh->timeout, 0); + } + } + } + output_endsection(nipper, section_obs); + output_parseText(report_timeout_impact, nipper, section_imp, rate_high, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_timeout_ease, nipper, section_ease, rate_difficult, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_timeout_rec1, nipper, section_rec, rate_none, 0, 0); + if ((nipper->connectionTimeout % 60) == 0) + { + numToWord(nipper->reportFile, (nipper->connectionTimeout / 60)); + fprintf(nipper->reportFile, " minutes"); + } + else + { + numToWord(nipper->reportFile, nipper->connectionTimeout / 60); + fprintf(nipper->reportFile, " minutes and "); + numToWord(nipper->reportFile, (nipper->connectionTimeout % 60)); + fprintf(nipper->reportFile, " seconds"); + } + output_parseText(report_timeout_rec2, nipper, section_none, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} + + +void pixFloodGuardIssue(struct nipperConfig *nipper) +{ + output_parseText(report_floodguard_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_floodguard_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_floodguard_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_floodguard_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void pixURPFIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfacePIXConfig *interfacePIXConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_urpf_pix_obs, nipper, section_obs, rate_none, nipper->uRPFIssues, nipper->tableNum); + if (nipper->uRPFIssues > 1) + { + interfacePIXConfigPointer = nipper->pix->interface; + output_table(nipper, true, report_urpf_table, &report_interfacepix_heading); + while (interfacePIXConfigPointer != 0) + { + if ((interfacePIXConfigPointer->uRPF == false) && (interfacePIXConfigPointer->shutdown == false) && (strcmp(interfacePIXConfigPointer->ipAddress, "") != 0)) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, interfacePIXConfigPointer->interface, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", interfacePIXConfigPointer->name, nipper->tablerow_end); + } + interfacePIXConfigPointer = interfacePIXConfigPointer->next; + } + output_table(nipper, false, report_urpf_table, &report_interfacepix_heading); + } + else if (nipper->uRPFIssues > 0) + { + interfacePIXConfigPointer = nipper->pix->interface; + while (interfacePIXConfigPointer != 0) + { + if ((interfacePIXConfigPointer->uRPF == false) && (interfacePIXConfigPointer->shutdown == false) && (strcmp(interfacePIXConfigPointer->ipAddress, "") != 0)) + { + outputFriendly(interfacePIXConfigPointer->interface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s.", tempString); + } + interfacePIXConfigPointer = interfacePIXConfigPointer->next; + } + output_newPara(nipper); + } + output_endsection(nipper, section_obs); + output_parseText(report_urpf_impact, nipper, section_imp, rate_med, nipper->uRPFIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_urpf_ease, nipper, section_ease, rate_noease, nipper->uRPFIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_urpf_pix_rec, nipper, section_rec, rate_none, nipper->uRPFIssues, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/PIX/.svn/text-base/report-http.c.svn-base b/0.11.10/PIX/.svn/text-base/report-http.c.svn-base new file mode 100644 index 0000000..eac3b27 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/report-http.c.svn-base @@ -0,0 +1,77 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixHTTPConfig(struct nipperConfig *nipper) +{ + // Variables... + struct mgmtHostsPIX *mgmtHostsPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_http_table, &settings_general_heading); + if (nipper->pix->http->httpServer == false) + fprintf(nipper->reportFile, "%sHTTPS Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sHTTPS Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sHTTPS Server Port%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->http->httpServerPort, nipper->tablerow_end); + if (((nipper->versionMajor == 7) && (nipper->versionMinor == 0) && (nipper->versionRevision > 0)) || ((nipper->versionMajor >= 7) && (nipper->versionMinor > 0))) + { + if (nipper->pix->http->requireCert == false) + fprintf(nipper->reportFile, "%sClients Require Certificates%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sClients Require Certificates%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + } + if (nipper->pix->http->httpRedirect == true) + { + fprintf(nipper->reportFile, "%sHTTP Redirect%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sHTTP Redirect Port%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->http->httpRedirectPort, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%sHTTP Redirect%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_http_table, &settings_general_heading); + if (nipper->pix->http->host != 0) + { + output_table(nipper, true, settings_httphosts_table, &settings_httphosts_heading); + mgmtHostsPointer = nipper->pix->http->host; + while (mgmtHostsPointer != 0) + { + outputFriendly(mgmtHostsPointer->interface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(mgmtHostsPointer->ipAddress, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(mgmtHostsPointer->netMask, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + mgmtHostsPointer = mgmtHostsPointer->next; + } + output_table(nipper, false, settings_httphosts_table, &settings_httphosts_heading); + } +} + + diff --git a/0.11.10/PIX/.svn/text-base/report-icmp.c.svn-base b/0.11.10/PIX/.svn/text-base/report-icmp.c.svn-base new file mode 100644 index 0000000..3b39a83 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/report-icmp.c.svn-base @@ -0,0 +1,62 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixICMPConfig(struct nipperConfig *nipper) +{ + // Variables... + struct icmpAccess *icmpPIXPointer = 0; + char tempString[nipper->maxSize]; + + // Intro + output_parseText(settings_icmpaccess_desc, nipper, section_none, rate_none, 0, 0); + output_table(nipper, true, settings_icmpaccess_table, &settings_icmpaccess_heading); + icmpPIXPointer = nipper->pix->icmp; + while (icmpPIXPointer != 0) + { + if (icmpPIXPointer->permission == perm_permit) + fprintf(nipper->reportFile, "%sPermit%s", nipper->tablerow_start, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%sDeny%s", nipper->tablerow_start, nipper->tablerow_mid); + if (strcasecmp(icmpPIXPointer->source, "any") == 0) + fprintf(nipper->reportFile, "Any%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s", icmpPIXPointer->source, nipper->tablerow_mid); + if (icmpPIXPointer->icmpType[0] != 0) + fprintf(nipper->reportFile, "%s", icmpPIXPointer->icmpType); + else + fprintf(nipper->reportFile, "Any"); + outputFriendly(icmpPIXPointer->interface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + icmpPIXPointer = icmpPIXPointer->next; + } + output_table(nipper, false, settings_icmpaccess_table, &settings_icmpaccess_heading); +} + diff --git a/0.11.10/PIX/.svn/text-base/report-interface.c.svn-base b/0.11.10/PIX/.svn/text-base/report-interface.c.svn-base new file mode 100644 index 0000000..1fb104e --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/report-interface.c.svn-base @@ -0,0 +1,78 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixInterfaceConfig(struct nipperConfig *nipper) +{ + // Variables... + struct interfacePIXConfig *interfacePIXConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_inter_table, &settings_interpix_heading); + interfacePIXConfigPointer = nipper->pix->interface; + while (interfacePIXConfigPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, interfacePIXConfigPointer->interface, nipper->tablerow_mid); + outputFriendly(interfacePIXConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (interfacePIXConfigPointer->shutdown == true) + fprintf(nipper->reportFile, "Yes"); + else + fprintf(nipper->reportFile, "No"); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, interfacePIXConfigPointer->ipAddress, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", interfacePIXConfigPointer->netMask, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", interfacePIXConfigPointer->security, nipper->tablerow_mid); + if (interfacePIXConfigPointer->uRPF == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (interfacePIXConfigPointer->in[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + { + outputFriendly(interfacePIXConfigPointer->in, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + if (interfacePIXConfigPointer->out[0] == 0) + fprintf(nipper->reportFile, " "); + else + { + outputFriendly(interfacePIXConfigPointer->out, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s", tempString); + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + interfacePIXConfigPointer = interfacePIXConfigPointer->next; + } + output_table(nipper, false, settings_inter_table, &settings_interpix_heading); + addAbbreviation("ACL", false); + addAbbreviation("MTU", false); + addAbbreviation("IP", false); +} + diff --git a/0.11.10/PIX/.svn/text-base/report-nat.c.svn-base b/0.11.10/PIX/.svn/text-base/report-nat.c.svn-base new file mode 100644 index 0000000..c0705ea --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/report-nat.c.svn-base @@ -0,0 +1,151 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixNATPATConfig(struct nipperConfig *nipper) +{ + // Variables... + struct staticPIX *staticPIXPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(settings_natpat_desc, nipper, section_none, rate_none, 1, 0); + if (nipper->pix->staticNAT !=0) + { + output_table(nipper, true, settings_nat_static_table, &settings_nat_static_heading); + staticPIXPointer = nipper->pix->staticNAT; + while (staticPIXPointer != 0) + { + outputFriendly(staticPIXPointer->interfaceReal, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (staticPIXPointer->interface == true) + fprintf(nipper->reportFile, "Interface"); + else if (staticPIXPointer->accessList[0] != 0) + { + outputFriendly(staticPIXPointer->accessList, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "ACL: %s", tempString); + addAbbreviation("ACL", false); + } + else if (staticPIXPointer->ipNetMaskReal[0] != 0) + fprintf(nipper->reportFile, "%s %s", staticPIXPointer->ipReal, staticPIXPointer->ipNetMaskReal); + else + fprintf(nipper->reportFile, "%s", staticPIXPointer->ipReal); + outputFriendly(staticPIXPointer->interfaceMapped, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_mid); + outputFriendly(staticPIXPointer->ipMapped, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (staticPIXPointer->dns == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (staticPIXPointer->randomseq == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (staticPIXPointer->nailed == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (staticPIXPointer->tcpMaxConnections == 0) + fprintf(nipper->reportFile, "Unlimited%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", staticPIXPointer->tcpMaxConnections, nipper->tablerow_mid); + if (staticPIXPointer->embrionicConnections == 0) + fprintf(nipper->reportFile, "Unlimited%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", staticPIXPointer->embrionicConnections, nipper->tablerow_mid); + if (staticPIXPointer->udpMaxConnections == 0) + fprintf(nipper->reportFile, "Unlimited%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%d%s", staticPIXPointer->udpMaxConnections, nipper->tablerow_end); + + staticPIXPointer = staticPIXPointer->next; + } + output_table(nipper, false, settings_nat_static_table, &settings_nat_static_heading); + } + if (nipper->pix->staticPAT !=0) + { + output_table(nipper, true, settings_pat_static_table, &settings_pat_static_heading); + staticPIXPointer = nipper->pix->staticPAT; + while (staticPIXPointer != 0) + { + outputFriendly(staticPIXPointer->interfaceReal, tempString, nipper->maxSize, nipper->outputFormat); + if (staticPIXPointer->protocolTcp == true) + fprintf(nipper->reportFile, "%sTCP%s", nipper->tablerow_start, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%sUDP%s", nipper->tablerow_start, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (staticPIXPointer->interface == true) + fprintf(nipper->reportFile, "Interface"); + else if (staticPIXPointer->accessList[0] != 0) + { + outputFriendly(staticPIXPointer->accessList, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "ACL: %s", tempString); + addAbbreviation("ACL", false); + } + else if (staticPIXPointer->ipNetMaskReal[0] != 0) + fprintf(nipper->reportFile, "%s %s", staticPIXPointer->ipReal, staticPIXPointer->ipNetMaskReal); + else + fprintf(nipper->reportFile, "%s", staticPIXPointer->ipReal); + fprintf(nipper->reportFile, " (%s)", staticPIXPointer->portReal); + outputFriendly(staticPIXPointer->interfaceMapped, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_mid); + outputFriendly(staticPIXPointer->ipMapped, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s (%s)%s", tempString, staticPIXPointer->portMapped, nipper->tablerow_mid); + if (staticPIXPointer->dns == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (staticPIXPointer->randomseq == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (staticPIXPointer->nailed == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (staticPIXPointer->tcpMaxConnections == 0) + fprintf(nipper->reportFile, "Unlimited%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", staticPIXPointer->tcpMaxConnections, nipper->tablerow_mid); + if (staticPIXPointer->embrionicConnections == 0) + fprintf(nipper->reportFile, "Unlimited%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", staticPIXPointer->embrionicConnections, nipper->tablerow_mid); + if (staticPIXPointer->udpMaxConnections == 0) + fprintf(nipper->reportFile, "Unlimited%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%d%s", staticPIXPointer->udpMaxConnections, nipper->tablerow_end); + + staticPIXPointer = staticPIXPointer->next; + } + output_table(nipper, false, settings_pat_static_table, &settings_pat_static_heading); + } +} + diff --git a/0.11.10/PIX/.svn/text-base/report-passwords.c.svn-base b/0.11.10/PIX/.svn/text-base/report-passwords.c.svn-base new file mode 100644 index 0000000..870555d --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/report-passwords.c.svn-base @@ -0,0 +1,265 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void output_PIXTablePasswords(struct nipperConfig *nipper, int dictPassword) +{ + // Variables + char tempString[nipper->maxSize]; + + // SNMP + if (nipper->pix->snmp != 0) + { + if (((nipper->pix->snmp->dictionary == true) && (dictPassword == true)) || ((nipper->pix->snmp->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sCommunity%sSNMP%sread-only", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(nipper->pix->snmp->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + } +} + + +void output_PIXLinePasswords(struct nipperConfig *nipper, int dictPassword) +{ + // Variables + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + char tempString3[nipper->maxSize]; + + // SNMP + if (nipper->pix->snmp != 0) + { + if (((nipper->pix->snmp->dictionary == true) && (dictPassword == true)) || ((nipper->pix->snmp->weak == true) && (dictPassword == false))) + { + sprintf(tempString3, "*NOTEXTSTART*The read-only *ABBREV*SNMP*-ABBREV* community string was "); + if (nipper->passwords == true) + { + outputFriendly(nipper->pix->snmp->community, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + } + + output_parseText(tempString2, nipper, section_none, rate_none, 0, 0); +} + + +void pixDictionaryIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + output_parseText(report_dict_obs, nipper, section_obs, rate_none, nipper->simplePasswords, nipper->tableNum); + if (nipper->simplePasswords > 1) + { + output_table(nipper, true, report_dict_table, &report_dict_heading); + output_PIXTablePasswords(nipper, true); + output_table(nipper, false, report_dict_table, &report_dict_heading); + } + else + output_PIXLinePasswords(nipper, true); + output_endsection(nipper, section_obs); + output_parseText(report_dict_impact, nipper, section_imp, rate_high, nipper->simplePasswords, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_dict_ease, nipper, section_ease, rate_trivial, nipper->simplePasswords, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_dict_rec, nipper, section_rec, rate_none, nipper->simplePasswords, nipper->tableNum); + numToWord(nipper->reportFile, nipper->passwordLength); + fprintf(nipper->reportFile, " characters in length and contain"); + if (nipper->passwordUppers == true) + tempInt = 1; + else + tempInt = 0; + if (nipper->passwordLowers == true) + tempInt++; + if (nipper->passwordEither == true) + tempInt++; + if (nipper->passwordNumbers == true) + tempInt++; + if (nipper->passwordSpecials == true) + tempInt++; + if (nipper->passwordUppers == true) + { + fprintf(nipper->reportFile, " uppercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordLowers == true) + { + fprintf(nipper->reportFile, " lowercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordEither == true) + { + fprintf(nipper->reportFile, " either uppercase or lowercase characters"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordNumbers == true) + { + fprintf(nipper->reportFile, " numbers"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordSpecials == true) + { + fprintf(nipper->reportFile, " special"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (((nipper->passwordNumbers == true) && (nipper->passwordSpecials == false)) || ((nipper->passwordEither == false) && (nipper->passwordNumbers == false) && (nipper->passwordSpecials == false))) + fprintf(nipper->reportFile, "."); + else + fprintf(nipper->reportFile, "characters."); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_endsection(nipper, section_rec); +} + + +void pixStrengthIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + output_parseText(report_strength_obs, nipper, section_obs, rate_none, nipper->passwordStrengths, nipper->tableNum); + if (nipper->passwordStrengths > 1) + { + output_table(nipper, true, report_strength_table, &report_dict_heading); + output_PIXTablePasswords(nipper, false); + output_table(nipper, false, report_strength_table, &report_dict_heading); + } + else + output_PIXLinePasswords(nipper, false); + output_endsection(nipper, section_obs); + output_parseText(report_strength_impact, nipper, section_imp, rate_high, nipper->passwordStrengths, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_strength_ease, nipper, section_ease, rate_trivial, nipper->passwordStrengths, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_strength_rec, nipper, section_rec, rate_trivial, nipper->passwordStrengths, nipper->tableNum); + numToWord(nipper->reportFile, nipper->passwordLength); + fprintf(nipper->reportFile, " characters in length and contain"); + if (nipper->passwordUppers == true) + tempInt = 1; + else + tempInt = 0; + if (nipper->passwordLowers == true) + tempInt++; + if (nipper->passwordEither == true) + tempInt++; + if (nipper->passwordNumbers == true) + tempInt++; + if (nipper->passwordSpecials == true) + tempInt++; + if (nipper->passwordUppers == true) + { + fprintf(nipper->reportFile, " uppercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordLowers == true) + { + fprintf(nipper->reportFile, " lowercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordEither == true) + { + fprintf(nipper->reportFile, " either uppercase or lowercase characters"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordNumbers == true) + { + fprintf(nipper->reportFile, " numbers"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordSpecials == true) + { + fprintf(nipper->reportFile, " special"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (((nipper->passwordNumbers == true) && (nipper->passwordSpecials == false)) || ((nipper->passwordEither == false) && (nipper->passwordNumbers == false) && (nipper->passwordSpecials == false))) + fprintf(nipper->reportFile, "."); + else + fprintf(nipper->reportFile, " characters."); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/PIX/.svn/text-base/report-protocols.c.svn-base b/0.11.10/PIX/.svn/text-base/report-protocols.c.svn-base new file mode 100644 index 0000000..a5a0b20 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/report-protocols.c.svn-base @@ -0,0 +1,57 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixProtocolConfig(struct nipperConfig *nipper) +{ + // Variables... + struct fixupList *fixupPIXPointer = 0; + + // Intro + output_parseText(settings_protoinspect_desc, nipper, section_none, rate_none, 0, 0); + if (nipper->pix->fixup != 0) + { + output_table(nipper, true, settings_protoinspect_table, &settings_protoinspect_heading); + fixupPIXPointer = nipper->pix->fixup; + while (fixupPIXPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, fixupPIXPointer->protocol, nipper->tablerow_mid); + addAbbreviation(fixupPIXPointer->protocol, false); + if (fixupPIXPointer->enabled == true) + fprintf(nipper->reportFile, "Yes"); + else + fprintf(nipper->reportFile, "No"); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, fixupPIXPointer->options, nipper->tablerow_end); + fixupPIXPointer = fixupPIXPointer->next; + } + output_table(nipper, false, settings_protoinspect_table, &settings_protoinspect_heading); + } +} + diff --git a/0.11.10/PIX/.svn/text-base/report-route.c.svn-base b/0.11.10/PIX/.svn/text-base/report-route.c.svn-base new file mode 100644 index 0000000..f05689f --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/report-route.c.svn-base @@ -0,0 +1,64 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixRoutingConfig(struct nipperConfig *nipper) +{ + // Variables... + struct routePIX *routePIXPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(settings_routing_desc, nipper, section_none, rate_none, 0, 0); + output_table(nipper, true, settings_static_route_table, &settings_route_heading); + routePIXPointer = nipper->pix->route; + while (routePIXPointer != 0) + { + outputFriendly(routePIXPointer->interface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile,"%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(routePIXPointer->ipAddress, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(routePIXPointer->netMask, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(routePIXPointer->gateway, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", routePIXPointer->metric, nipper->tablerow_mid); + if (routePIXPointer->track == 0) + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", routePIXPointer->track, nipper->tablerow_mid); + if (routePIXPointer->tunneled == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + routePIXPointer = routePIXPointer->next; + } + output_table(nipper, false, settings_static_route_table, &settings_route_heading); +} + diff --git a/0.11.10/PIX/.svn/text-base/report-snmp.c.svn-base b/0.11.10/PIX/.svn/text-base/report-snmp.c.svn-base new file mode 100644 index 0000000..8b05cea --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/report-snmp.c.svn-base @@ -0,0 +1,109 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixSNMPConfig(struct nipperConfig *nipper) +{ + // Variables... + struct snmpPIXHost *snmpHostPIXPointer = 0; + struct snmpTrapPIX *trapPIXPointer = 0; + + output_parseText(settings_snmp_desc, nipper, section_none, rate_none, -1, 0); + output_table(nipper, true, settings_snmp_table, &settings_general_heading); + if (nipper->pix->snmp->enabled == true) + fprintf(nipper->reportFile, "%sSNMP Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSNMP Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUDP Port%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->snmp->port, nipper->tablerow_end); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%sCommunity String%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->snmp->community, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sContact%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->snmp->contact, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sLocation%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->snmp->location, nipper->tablerow_end); + output_table(nipper, false, settings_snmp_table, &settings_snmpPIXhosts_heading); + if (nipper->pix->snmp->host != 0) + { + output_table(nipper, true, settings_snmphost_table, &settings_snmpPIXhosts_heading); + snmpHostPIXPointer = nipper->pix->snmp->host; + while (snmpHostPIXPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, snmpHostPIXPointer->interface, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", snmpHostPIXPointer->address, nipper->tablerow_mid); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s%s", snmpHostPIXPointer->community, nipper->tablerow_mid); + if (snmpHostPIXPointer->version == 0) + fprintf(nipper->reportFile, "1 and 2c%s", nipper->tablerow_mid); + else if (snmpHostPIXPointer->version == 1) + fprintf(nipper->reportFile, "1%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "2c%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", snmpHostPIXPointer->port, nipper->tablerow_mid); + if (snmpHostPIXPointer->mode == snmp_mode_both) + fprintf(nipper->reportFile, "Poll and Trap%s", nipper->tablerow_end); + else if (snmpHostPIXPointer->mode == snmp_mode_poll) + fprintf(nipper->reportFile, "Poll%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Trap%s", nipper->tablerow_end); + snmpHostPIXPointer = snmpHostPIXPointer->next; + } + output_table(nipper, false, settings_snmphost_table, &settings_snmpPIXhosts_heading); + } + if (nipper->pix->snmp->trap != 0) + { + output_table(nipper, true, settings_snmptrap_table, &settings_snmpPIXtraps_heading); + trapPIXPointer = nipper->pix->snmp->trap; + while (trapPIXPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s%s %s", nipper->tablerow_start, trapPIXPointer->section, nipper->tablerow_mid, trapPIXPointer->trap, nipper->tablerow_end); + trapPIXPointer = trapPIXPointer->next; + } + output_table(nipper, false, settings_snmptrap_table, &settings_snmpPIXtraps_heading); + } +} + + +void pixSNMPIssue(struct nipperConfig *nipper) +{ + output_parseText(report_snmp_pix_obs, nipper, section_obs, rate_med, nipper->snmpIssue, 0); + output_endsection(nipper, section_obs); + output_parseText(report_snmp_impact, nipper, section_imp, rate_med, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_snmp_ease, nipper, section_ease, rate_difficult, 0, 0); + output_endsection(nipper, section_ease); + if (nipper->pix->snmp == 0) + output_parseText(report_snmp_pix_rec, nipper, section_obs, rate_none, 0, nipper->tableNum); + else if (nipper->pix->snmp->enabled == false) + output_parseText(report_snmp_pix2_rec, nipper, section_obs, rate_none, 0, nipper->tableNum); + else if (nipper->pix->snmp->host != 0) + output_parseText(report_snmp_pix_rec, nipper, section_obs, rate_none, -1, nipper->tableNum); + else + output_parseText(report_snmp_pix_rec, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/PIX/.svn/text-base/report-ssh.c.svn-base b/0.11.10/PIX/.svn/text-base/report-ssh.c.svn-base new file mode 100644 index 0000000..49a9169 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/report-ssh.c.svn-base @@ -0,0 +1,95 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixSSHConfig(struct nipperConfig *nipper) +{ + // Variables... + struct sshAccessConfig *sshPointer = 0; + + output_table(nipper, true, settings_ssh_table, &settings_general_heading); + if (nipper->pix->ssh->version == 0) + fprintf(nipper->reportFile, "%sProtocol Version%s1 and 2%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sProtocol Version%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->ssh->version, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sSession Timeout%s", nipper->tablerow_start, nipper->tablerow_mid); + numToWord(nipper->reportFile, nipper->pix->ssh->timeout); + fprintf(nipper->reportFile, " minutes%s", nipper->tablerow_end); + output_table(nipper, false, settings_ssh_table, &settings_general_heading); + + sshPointer = nipper->pix->ssh->access; + if (sshPointer != 0) + { + output_table(nipper, true, settings_sshman_table, &settings_sshman_heading); + while (sshPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, sshPointer->ipAddress, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", sshPointer->netMask, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", sshPointer->interface, nipper->tablerow_end); + sshPointer = sshPointer->next; + } + output_table(nipper, false, settings_sshman_table, &settings_sshman_heading); + } + addAbbreviation("SSH", false); +} + + +void pixSSHIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + if ((nipper->versionMajor < 7) || ((nipper->versionMajor == 7) && (nipper->versionMinor == 0) && (nipper->versionRevision == 0))) + tempInt = -1; + else + tempInt = 0; + output_parseText(report_sshproto_obs, nipper, section_obs, rate_none, tempInt, 0); + output_endsection(nipper, section_obs); + output_parseText(report_sshproto_impact, nipper, section_imp, rate_med, tempInt, 0); + output_endsection(nipper, section_imp); + output_parseText(report_sshproto_ease, nipper, section_ease, rate_difficult, tempInt, 0); + output_endsection(nipper, section_ease); + output_parseText(report_sshproto_rec1, nipper, section_rec, rate_none, tempInt, 0); + output_endsection(nipper, section_rec); +} + + +void sshManIssue(struct nipperConfig *nipper) +{ + output_parseText(report_sshman_obs, nipper, section_obs, rate_none, 0, 0); + output_endsection(nipper, section_obs); + output_parseText(report_sshman_impact, nipper, section_imp, rate_med, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_sshman_ease, nipper, section_ease, rate_noease, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_sshman_rec, nipper, section_rec, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/PIX/.svn/text-base/report.c.svn-base b/0.11.10/PIX/.svn/text-base/report.c.svn-base new file mode 100644 index 0000000..dec9719 --- /dev/null +++ b/0.11.10/PIX/.svn/text-base/report.c.svn-base @@ -0,0 +1,196 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for PIX/ASA reporting... + +// Report PIX includes... +#include "report-access-list.c" +#include "report-debug.c" +#include "report-enable.c" +#include "report-general.c" +#include "report-http.c" +#include "report-icmp.c" +#include "report-interface.c" +#include "report-nat.c" +#include "report-passwords.c" +#include "report-protocols.c" +#include "report-route.c" +#include "report-snmp.c" +#include "report-ssh.c" + + +void generatePIXReport(struct nipperConfig *nipper) +{ + // Variables + struct interfacePIXConfig *interfacePIXConfigPointer = 0; + struct vulnerability *vulnPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct sshAccessConfig *sshPointer = 0; + + // Security Section Issues + if (nipper->fullReport == true) + { + + // Software Version + nipper->vulnIssues = 0; + nipper->vulnIssueDos = false; + nipper->vulnIssueRemote = false; + if (nipper->deviceType == type_fwsm_firewall) + vulnPointer = &report_vuln_fwsm; + else + vulnPointer = &report_vuln_pix; + while (vulnPointer->next != 0) + { + checkVulnVersion(nipper, vulnPointer); + vulnPointer = vulnPointer->next; + } + if (nipper->vulnIssues > 0) + addReportSection(nipper, section_security, report_osver_title, report_osver_context, report_osver_rectext, 10, 8, 5, 3, pixVulnerabilityIssue); + + // Simple Passwords + if (nipper->simplePasswords > 1) + addReportSection(nipper, section_security, report_dict_title1, report_dict_context, report_dict_rectext, 10, 8, 5, 3, pixDictionaryIssue); + else if (nipper->simplePasswords > 0) + addReportSection(nipper, section_security, report_dict_title2, report_dict_context, report_dict_rectext, 10, 8, 5, 3, pixDictionaryIssue); + + // Password Strength + if (nipper->passwordStrengths > 1) + addReportSection(nipper, section_security, report_strength_title1, report_strength_context, report_strength_rectext, 10, 8, 5, 3, pixStrengthIssue); + else if (nipper->passwordStrengths > 0) + addReportSection(nipper, section_security, report_strength_title2, report_strength_context, report_strength_rectext, 10, 8, 5, 3, pixStrengthIssue); + + // Timeout + if (nipper->pix->ssh != 0) + { + if (nipper->pix->ssh->timeout * 60 > nipper->connectionTimeout) + nipper->insecureTimeouts++; + } + if (nipper->insecureTimeouts > 0) + addReportSection(nipper, section_security, report_timeout_title, report_timeout_context, report_timeout_rectext, 10, 8, 5, 3, pixTimeoutIssue); + + // SNMP + if (nipper->pix->snmp != 0) + { + if ((nipper->pix->snmp->enabled == true) && (nipper->pix->snmp->host != 0)) + nipper->snmpIssue = 2; + else if (nipper->pix->snmp->enabled == true) + nipper->snmpIssue = 1; + else if (nipper->pix->snmp->host != 0) + nipper->snmpIssue = -1; + } + if (nipper->snmpIssue != 0) + addReportSection(nipper, section_security, report_snmp_title, report_snmp_context, report_snmp_css_rectext, 10, 8, 5, 3, pixSNMPIssue); + + // Access Lists + rulesAudit(nipper); + if (nipper->aclIssues > 0) + addReportSection(nipper, section_security, report_accesslist_title, report_accesslist_context, report_accesslist_rectext, 10, 8, 5, 3, ciscoACLIssue); + + // SSH Remote Management Hosts + if (nipper->pix->ssh != 0) + { + sshPointer = nipper->pix->ssh->access; + while (sshPointer != 0) + { + if (strcmp(sshPointer->netMask, "255.255.255.255") != 0) + nipper->sshManIssues++; + sshPointer = sshPointer->next; + } + } + if (nipper->sshManIssues > 0) + addReportSection(nipper, section_security, report_sshman_title, report_sshman_context, report_sshman_rectext, 10, 8, 5, 3, sshManIssue); + + // FloodGuard + if (nipper->pix->floodguard == false) + addReportSection(nipper, section_security, report_floodguard_title, report_floodguard_context, report_floodguard_rectext, 10, 8, 5, 3, pixFloodGuardIssue); + + // uRPF verification + if ((nipper->deviceType != type_fwsm_firewall) && (nipper->deviceUse == use_edge)) + { + interfacePIXConfigPointer = nipper->pix->interface; + while (interfacePIXConfigPointer != 0) + { + if ((interfacePIXConfigPointer->uRPF == false) && (interfacePIXConfigPointer->shutdown == false) && (strcmp(interfacePIXConfigPointer->ipAddress, "") != 0)) + nipper->uRPFIssues++; + interfacePIXConfigPointer = interfacePIXConfigPointer->next; + } + } + if (nipper->uRPFIssues != 0) + addReportSection(nipper, section_security, report_urpf_title, report_urpf_context, report_urpf_rectext, 10, 8, 5, 3, pixURPFIssue); + + // SSH Protocol Version + if ((nipper->pix->ssh != 0) && (nipper->deviceType != type_fwsm_firewall)) + { + if (nipper->pix->ssh->version < 2) + addReportSection(nipper, section_security, report_sshproto_title, report_sshproto_context, report_sshproto_rectext, 10, 8, 5, 3, pixSSHIssue); + } + } + + // Configuration Reporting... + addReportSection(nipper, section_config, settings_general_title, 0, 0, 0, 0, 0, 0, pixGeneralConfig); + addReportSection(nipper, section_config, settings_services_title, 0, 0, 0, 0, 0, 0, pixServicesConfig); + if (((nipper->pix->enable != 0) || (nipper->pix->password[0] != 0)) && (nipper->passwords == true)) + addReportSection(nipper, section_config, settings_users_title, 0, 0, 0, 0, 0, 0, pixUsersConfig); + if (nipper->pix->snmp != 0) + addReportSection(nipper, section_config, settings_snmp_title, 0, 0, 0, 0, 0, 0, pixSNMPConfig); + if (nipper->pix->ssh != 0) + addReportSection(nipper, section_config, settings_ssh_title, 0, 0, 0, 0, 0, 0, pixSSHConfig); + if (nipper->pix->http != 0) + addReportSection(nipper, section_config, settings_http_title, 0, 0, 0, 0, 0, 0, pixHTTPConfig); + if (nipper->pix->interface != 0) + addReportSection(nipper, section_config, settings_inter_title, 0, 0, 0, 0, 0, 0, pixInterfaceConfig); + if ((nipper->pix->staticNAT !=0) || (nipper->pix->staticPAT !=0)) + addReportSection(nipper, section_config, settings_natpat_title, 0, 0, 0, 0, 0, 0, pixNATPATConfig); + if (nipper->pix->route !=0) + addReportSection(nipper, section_config, settings_routing_title, 0, 0, 0, 0, 0, 0, pixRoutingConfig); + if ((nipper->pix->standardAccessList > 0) || (nipper->pix->extendedAccessList > 0) || (nipper->pix->oldAccessList > 0)) + addReportSection(nipper, section_config, settings_accesslists_title, 0, 0, 0, 0, 0, 0, pixACLConfig); + if (nipper->pix->icmp != 0) + addReportSection(nipper, section_config, settings_icmpaccess_title, 0, 0, 0, 0, 0, 0, pixICMPConfig); + if (nipper->pix->fixup != 0) + addReportSection(nipper, section_config, settings_protoinspect_title, 0, 0, 0, 0, 0, 0, pixProtocolConfig); + objectListPointer = nipper->objectList; + while (objectListPointer != 0) + { + if (strcmp(objectListPointer->name, "OBJECTLIST") == 0) + addReportSection(nipper, section_config, settings_objects_title, 0, 0, 0, 0, 0, 0, pixObjectConfig); + objectListPointer = objectListPointer->next; + } + objectListPointer = nipper->objectList; + while (objectListPointer != 0) + { + if (strcmp(objectListPointer->name, "NAMELIST") == 0) + addReportSection(nipper, section_config, settings_namemap_title, 0, 0, 0, 0, 0, 0, nameMapConfig); + objectListPointer = objectListPointer->next; + } + + // Generate Report... + generateReport(nipper); +} diff --git a/0.11.10/PIX/cleanup.c b/0.11.10/PIX/cleanup.c new file mode 100644 index 0000000..93750ff --- /dev/null +++ b/0.11.10/PIX/cleanup.c @@ -0,0 +1,154 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void cleanupPIX(struct nipperConfig *nipper) +{ + // Pointers + struct interfacePIXConfig *interfacePIXPointer = 0; + struct enablePIXPassword *enablePIXPointer = 0; + struct usernamePIX *usernamePIXPointer = 0; + struct fixupList *fixupPIXPointer = 0; + struct icmpAccess *icmpPIXPointer = 0; + struct staticPIX *staticPIXPointer = 0; + struct routePIX *routePIXPointer = 0; + struct snmpPIXHost *snmpHostPIXPointer = 0; + struct snmpTrapPIX *trapPIXPointer = 0; + struct mgmtHostsPIX *mgmtHostsPointer = 0; + struct sshAccessConfig *sshPointer = 0; + + // Cleanup Interfaces + while (nipper->pix->interface != 0) + { + interfacePIXPointer = nipper->pix->interface->next; + free(nipper->pix->interface); + nipper->pix->interface = interfacePIXPointer; + } + + // Cleanup HTTP + if (nipper->pix->http != 0) + { + while (nipper->pix->http->host != 0) + { + mgmtHostsPointer = nipper->pix->http->host->next; + free(nipper->pix->http->host); + nipper->pix->http->host = mgmtHostsPointer; + } + free(nipper->pix->http); + } + + // Cleanup Static NAT / PAT + while (nipper->pix->staticNAT != 0) + { + staticPIXPointer = nipper->pix->staticNAT->next; + free(nipper->pix->staticNAT); + nipper->pix->staticNAT = staticPIXPointer; + } + while (nipper->pix->staticPAT != 0) + { + staticPIXPointer = nipper->pix->staticPAT->next; + free(nipper->pix->staticPAT); + nipper->pix->staticPAT = staticPIXPointer; + } + + // Cleanup SNMP + if (nipper->pix->snmp != 0) + { + while (nipper->pix->snmp->host != 0) + { + snmpHostPIXPointer = nipper->pix->snmp->host->next; + free(nipper->pix->snmp->host); + nipper->pix->snmp->host = snmpHostPIXPointer; + } + while (nipper->pix->snmp->trap != 0) + { + trapPIXPointer = nipper->pix->snmp->trap->next; + free(nipper->pix->snmp->trap); + nipper->pix->snmp->trap = trapPIXPointer; + } + free(nipper->pix->snmp); + } + + // Cleanup SSH + if (nipper->pix->ssh != 0) + { + while (nipper->pix->ssh->access != 0) + { + sshPointer = nipper->pix->ssh->access->next; + free(nipper->pix->ssh->access); + nipper->pix->ssh->access = sshPointer; + } + free(nipper->pix->ssh); + } + + // Free route + while (nipper->pix->route != 0) + { + routePIXPointer = nipper->pix->route->next; + free (nipper->pix->route); + nipper->pix->route = routePIXPointer; + } + + // Free Enable Passwords + while (nipper->pix->enable != 0) + { + enablePIXPointer = nipper->pix->enable->next; + free (nipper->pix->enable); + nipper->pix->enable = enablePIXPointer; + } + + // Free Usernames + while (nipper->pix->username != 0) + { + usernamePIXPointer = nipper->pix->username->next; + free (nipper->pix->username); + nipper->pix->username = usernamePIXPointer; + } + + // Fixup + while (nipper->pix->fixup != 0) + { + fixupPIXPointer = nipper->pix->fixup->next; + free (nipper->pix->fixup); + nipper->pix->fixup = fixupPIXPointer; + } + + // ICMP Access + while (nipper->pix->icmp != 0) + { + icmpPIXPointer = nipper->pix->icmp->next; + free (nipper->pix->icmp); + nipper->pix->icmp = icmpPIXPointer; + } + + // Cleanup PIX config + free(nipper->pix); +} + diff --git a/0.11.10/PIX/input.c b/0.11.10/PIX/input.c new file mode 100644 index 0000000..74bf944 --- /dev/null +++ b/0.11.10/PIX/input.c @@ -0,0 +1,220 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct ciscoPIXConfig // Cisco PIX configuration +{ + // Counters + int oldAccessList; + int standardAccessList; + int extendedAccessList; + int interfaceAccessList; + + // Configuration settings... + char password[32]; + int transparent; // Transparent Firewall (true or false) + int accessListAlertInterval; + int accessListDenyFlowMax; + int floodguard; + + // Configuration structures... + struct enablePIXPassword *enable; // Enable Passwords + struct httpPIXConfig *http; // HTTP + struct interfacePIXConfig *interface; // Interfaces + struct sshPIXConfig *ssh; // SSH Configuration + struct usernamePIX *username; // Users + struct fixupList *fixup; // Protocol Analysis + struct icmpAccess *icmp; // ICMP to interfaces + struct staticPIX *staticNAT; // Static NAT + struct staticPIX *staticPAT; // Static PAT + struct routePIX *route; // Static Routes + struct snmpPIXConfig *snmp; // SNMP +}; + + +// Processing PIX includes... +#include "process-access-list.c" +#include "process-enable.c" +#include "process-general.c" +#include "process-http.c" +#include "process-icmp.c" +#include "process-interface.c" +#include "process-nat.c" +#include "process-objects.c" +#include "process-protocols.c" +#include "process-route.c" +#include "process-snmp.c" +#include "process-ssh.c" + + +void processPIXInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + int tempInt = 0; + int setting = 0; + + // Split the command line up + command = splitLine(line); + + // No? + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 1; + } + else + { + setting = true; + tempInt = 0; + } + + // Hostname + if (strcmp(command.part[0], "hostname") == 0) + { + if (nipper->debugMode == true) + printf("Hostname Line: %s\n", line); + strncpy(nipper->hostname, command.part[1], sizeof(nipper->hostname) - 1); + } + + // Version + else if (((strcmp(command.part[0], "PIX") == 0) || (strcmp(command.part[0], "ASA") == 0) || (strcmp(command.part[0], "FWSM") == 0)) && (strcmp(command.part[1], "Version") == 0)) + { + if (nipper->debugMode == true) + printf("Version Line: %s\n", line); + strncpy(nipper->version, command.part[2], sizeof(nipper->version) - 1); + nipper->versionMajor = atoi(nipper->version); + if (strchr(nipper->version, '.') != 0) + nipper->versionMinor = atoi(strchr(nipper->version, '.') + 1); + if (strchr(nipper->version, '(') != 0) + nipper->versionRevision = atoi(strchr(nipper->version, '(') + 1); + if (strcmp(command.part[0], "PIX") == 0) + nipper->deviceType = type_pix_firewall; + else if (strcmp(command.part[0], "ASA") == 0) + nipper->deviceType = type_asa_firewall; + else if (strcmp(command.part[0], "FWSM") == 0) + nipper->deviceType = type_fwsm_firewall; + } + + // Flood Guard + else if (strcmp(command.part[tempInt], "floodguard") == 0) + { + if (strcmp(command.part[1], "enable") == 0) + nipper->pix->floodguard = true; + else if (strcmp(command.part[1], "disable") == 0) + nipper->pix->floodguard = false; + else if (strcmp(command.part[tempInt + 1], "enable") == 0) + nipper->pix->floodguard = setting; + } + + // IP + else if (strcmp(command.part[tempInt], "ip") == 0) + { + tempInt++; + + // Address + if (strcmp(command.part[tempInt], "address") == 0) + processPIXInterface(line, nipper); + + // uRFP + else if ((strcmp(command.part[tempInt], "verify") == 0) && (strcmp(command.part[tempInt + 1], "reverse-path") == 0) && (strcmp(command.part[tempInt + 2], "interface") == 0)) + processPIXuRPF(line, nipper); + } + + // Transparent Firewall? + else if ((strcmp(command.part[0], "firewall") == 0) && (strcmp(command.part[1], "transparent") == 0)) + { + if (nipper->debugMode == true) + printf("Transparent Line: %s\n", line); + nipper->pix->transparent = true; + } + + // ICMP Access... + else if (strcmp(command.part[tempInt], "icmp") == 0) + processICMPPIX(line, nipper); + + // Enable Password + else if (((strcmp(command.part[tempInt], "enable") == 0) && (strcmp(command.part[tempInt + 1], "password") == 0)) || (strcmp(command.part[tempInt], "passwd") == 0)) + processEnablePIX(line, nipper); + + // Usernames... + else if ((strcmp(command.part[tempInt], "username") == 0) && (strcmp(command.part[tempInt+2], "password") == 0)) + processPIXUsername(line, nipper); + + // Route... + else if (strcmp(command.part[tempInt], "route") == 0) + processRoutePIX(line, nipper); + + // Interfaces... + else if ((strcmp(command.part[tempInt], "interface") == 0) || (strcmp(command.part[tempInt], "nameif") == 0) || (strcmp(command.part[tempInt], "access-group") == 0)) + processPIXInterface(line, nipper); + + // Object Group... + else if (strcmp(command.part[tempInt], "object-group") == 0) + processObjectGroup(line, nipper); + + // Protocol Inspection... + else if ((strcmp(command.part[tempInt], "fixup") == 0) && (strcmp(command.part[tempInt + 1], "protocol") == 0)) + processFixupPIX(line, nipper); + + // Name... + else if (strcmp(command.part[tempInt], "name") == 0) + processPIXName(line, nipper); + + // Domain Name + else if (strcmp(command.part[tempInt], "domain-name") == 0) + strncpy(nipper->domainName, line + 12, sizeof(nipper->domainName) - 1); + + // Access Lists... + else if (strcmp(command.part[tempInt], "access-list") == 0) + processPIXAccessList(line, nipper); + + // Static NAT / PAT + else if (strcmp(command.part[tempInt], "static") == 0) + processStaticPIX(line, nipper); + + // SNMP + else if (strcmp(command.part[tempInt], "snmp-server") == 0) + processSnmpPIX(line, nipper); + + // SSH + else if (strcmp(command.part[tempInt], "ssh") == 0) + processPIXSSH(line, nipper); + + // HTTP + else if ((strcmp(command.part[tempInt], "http") == 0) && (strcmp(command.part[tempInt + 1], "server") == 0) && (strcmp(command.part[tempInt + 2], "enable") == 0)) + processPIXHTTP(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} diff --git a/0.11.10/PIX/process-access-list.c b/0.11.10/PIX/process-access-list.c new file mode 100644 index 0000000..fb3b695 --- /dev/null +++ b/0.11.10/PIX/process-access-list.c @@ -0,0 +1,429 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Access List +void processPIXAccessList(char *line, struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + struct filterConfig *filterPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + struct filterListConfig *filterListPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct ciscoCommand command; + int tempInt = 0; + + // Init + command = splitLine(line); + memset(tempString, 0, nipper->maxSize); + + // Access Lists standard, extended, remark, ethertype + if (command.parts > 3) + { + + // If old, standard or extended access list... + if ((strcmp(command.part[2], "permit") == 0) || (strcmp(command.part[2], "deny") == 0) || (strcmp(command.part[2], "standard") == 0) || (strcmp(command.part[2], "extended") == 0)) + { + // Debug + if (nipper->debugMode == true) + { + printf("Access-List Line: %s\n", line); + } + + // Get / Create pointer to access list... + filterListPointer = getFilterList(nipper, command.part[1], "", 0); + + // Establish what type of access list it is + if (strcmp(command.part[2], "standard") == 0) + { + filterListPointer->type = access_std; + nipper->pix->standardAccessList++; + tempInt = 3; + } + else if (strcmp(command.part[2], "extended") == 0) + { + filterListPointer->type = access_ext; + nipper->pix->extendedAccessList++; + tempInt = 3; + } + else + { + filterListPointer->type = access_old; + nipper->pix->oldAccessList++; + tempInt = 2; + } + + // Does a permission already exist? + if (filterListPointer->filter == 0) + { + // Create Permission structure + filterListPointer->filter = malloc(sizeof(struct filterConfig)); + filterPointer = filterListPointer->filter; + } + else + { + // Search + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + + // Create Permission structure + filterPointer->next = malloc(sizeof(struct filterConfig)); + filterPointer = filterPointer->next; + } + + // Init Permission struct + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->protocolType = object_type_protocol; + filterPointer->enabled = true; + + // Permit or Deny? + if (strcmp(command.part[tempInt], "permit") == 0) + { + filterPointer->log = false; + filterPointer->action = filter_action_accept; + } + else + { + filterPointer->log = true; + filterPointer->action = filter_action_drop; + } + tempInt++; + + // If access list is old type or extended... + if (filterListPointer->type != access_std) + { + // Protocol + if (strcmp(command.part[tempInt], "object-group") == 0) + { + filterPointer->protocolType = object_type_object; + tempInt++; + } + strncpy(filterPointer->protocol, command.part[tempInt], sizeof(filterPointer->protocol) - 1); + tempInt++; + } + + // Source + if (strcmp(command.part[tempInt], "interface") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + filterObjectPointer->type = object_type_interface; + } + else if (strcmp(command.part[tempInt], "object-group") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + filterObjectPointer->type = object_type_object; + } + else if (strcmp(command.part[tempInt], "any") == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_source); + filterObjectPointer->type = object_type_any; + } + else if (strcmp(command.part[tempInt], "host") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + filterObjectPointer->type = object_type_host; + } + else + { + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_source); + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + filterObjectPointer->type = object_type_network; + } + tempInt++; + + // Is there more + if ((command.parts > tempInt) && (filterListPointer->type != access_std)) + { + // Source Service + if (strcmp(command.part[tempInt], "object-group") == 0) + { + // Check to make sure this is a service and not the destination + if (nipper->objectList != 0) + { + objectListPointer = nipper->objectList; + while ((objectListPointer->next != 0) && (strcmp(objectListPointer->name, "OBJECTLIST") != 0)) + objectListPointer = objectListPointer->next; + if (strcmp(objectListPointer->name, "OBJECTLIST") == 0) + { + objectPointer = objectListPointer->object; + while ((objectPointer->next != 0) && (strcmp(objectPointer->name, command.part[tempInt + 1]) != 0)) + objectPointer = objectPointer->next; + + if ((strcmp(objectPointer->name, command.part[tempInt + 1]) == 0) && (objectPointer->type == object_type_service)) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_object; + tempInt++; + } + } + } + } + else if (strcmp(command.part[tempInt], "range") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_range; + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + tempInt++; + } + else if (strcmp(command.part[tempInt], "eq") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_eq; + tempInt++; + } + else if (strcmp(command.part[tempInt], "neq") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_neq; + tempInt++; + } + else if (strcmp(command.part[tempInt], "lt") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_lt; + tempInt++; + } + else if (strcmp(command.part[tempInt], "gt") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_sourceService); + filterObjectPointer->serviceOp = service_oper_gt; + tempInt++; + } + + // Destination + if (strcmp(command.part[tempInt], "interface") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + filterObjectPointer->type = object_type_interface; + } + else if (strcmp(command.part[tempInt], "object-group") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + filterObjectPointer->type = object_type_object; + } + else if (strcmp(command.part[tempInt], "any") == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_destination); + filterObjectPointer->type = object_type_any; + } + else if (strcmp(command.part[tempInt], "host") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + filterObjectPointer->type = object_type_host; + } + else + { + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_destination); + filterObjectPointer->type = object_type_network; + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + } + tempInt++; + + // Destination Service + if (command.parts > tempInt) + { + if (strcmp(command.part[tempInt], "object-group") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_object; + tempInt++; + } + else if (strcmp(command.part[tempInt], "range") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_range; + tempInt++; + strncpy(filterObjectPointer->netMask, command.part[tempInt], sizeof(filterObjectPointer->netMask) - 1); + tempInt++; + } + else if (strcmp(command.part[tempInt], "eq") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_eq; + tempInt++; + } + else if (strcmp(command.part[tempInt], "neq") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_neq; + tempInt++; + } + else if (strcmp(command.part[tempInt], "lt") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_lt; + tempInt++; + } + else if (strcmp(command.part[tempInt], "gt") == 0) + { + tempInt++; + filterObjectPointer = getFilterMember(filterPointer, command.part[tempInt], object_filter_service); + filterObjectPointer->serviceOp = service_oper_gt; + tempInt++; + } + } + + // Options... + while (command.parts > tempInt) + { + if (filterListPointer->type == access_old) + { + filterListPointer->type = access_ext; + nipper->pix->oldAccessList--; + nipper->pix->extendedAccessList++; + } + + // Inactive + if (strcmp(command.part[tempInt], "inactive") == 0) + filterPointer->enabled = false; + + // Active Time Range + else if (strcmp(command.part[tempInt], "time-range") == 0) + tempInt++; + + // Log + else if (strcmp(command.part[tempInt], "log") == 0) + { + filterPointer->log = true; + if (command.parts > tempInt + 1) + { + tempInt++; + while (((strcmp(command.part[tempInt], "inactive") != 0) || (strcmp(command.part[tempInt], "time-range") != 0)) && (command.parts > tempInt)) + { + if (strcmp(command.part[tempInt], "disable") == 0) + filterPointer->log = false; + tempInt++; + } + tempInt--; + } + } + + tempInt++; + } + } + } + + // Access List Remark + else if (strcmp(command.part[2], "remark") == 0) + { + // Debug + if (nipper->debugMode == true) + { + printf("Access-List Remark Line: %s\n", line); + } + + // Get / Create pointer to access list... + filterListPointer = getFilterList(nipper, command.part[1], "", 0); + + // Does a permission already exist? + if (filterListPointer->filter == 0) + { + // Create Permission structure + filterListPointer->filter = malloc(sizeof(struct filterConfig)); + filterPointer = filterListPointer->filter; + } + else + { + // Search + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + + // Create Permission structure + filterPointer->next = malloc(sizeof(struct filterConfig)); + filterPointer = filterPointer->next; + } + + // Init Permission struct + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->action = filter_action_remark; + + // Set Remark... + for (tempInt = 3; tempInt < command.parts; tempInt++) + { + sprintf(tempString2, "%s%s ",tempString, command.part[tempInt]); + strcpy(tempString, tempString2); + } + tempString[strlen(tempString) - 1] = 0; + strncpy(filterPointer->remark, tempString, sizeof(filterPointer->remark) - 1); + } + + // Access List Ethertype + else if (strcmp(command.part[2], "ethertype") == 0) + { } + } + + // Alert Interval + else if (strcmp(command.part[1], "alert-interval") == 0) + { + // Debug + if (nipper->debugMode == true) + { + printf("Access-List Alert Interval Line: %s\n", line); + } + nipper->pix->accessListAlertInterval = atoi(command.part[2]); + } + + // Deny Flow Max + else if (strcmp(command.part[1], "alert-interval") == 0) + { + // Debug + if (nipper->debugMode == true) + { + printf("Access-List Deny-Flow-Max Line: %s\n", line); + } + nipper->pix->accessListDenyFlowMax = atoi(command.part[2]); + } +} + diff --git a/0.11.10/PIX/process-enable.c b/0.11.10/PIX/process-enable.c new file mode 100644 index 0000000..03ebe72 --- /dev/null +++ b/0.11.10/PIX/process-enable.c @@ -0,0 +1,193 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Enable password(s) +struct enablePIXPassword +{ + char passwordEncrypted[64]; + int level; + struct enablePIXPassword *next; +}; + + +struct usernamePIX +{ + char username[16]; + char passwordEncrypted[64]; + int encryption; + int level; + struct usernamePIX *next; +}; + + +// Process enable +void processEnablePIX(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct enablePIXPassword *enablePIXPointer = 0; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Enable Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Is it an enable password? + if (strncmp(line, "enable password ", 16) == 0) + { + // Is this the first enable password? + if (nipper->pix->enable == 0) + { + nipper->pix->enable = malloc(sizeof(struct enablePIXPassword)); + enablePIXPointer = nipper->pix->enable; + } + else + { + enablePIXPointer = nipper->pix->enable; + while (enablePIXPointer->next != 0) + enablePIXPointer = enablePIXPointer->next; + enablePIXPointer->next = malloc(sizeof(struct enablePIXPassword)); + enablePIXPointer = enablePIXPointer->next; + } + + // Init + memset(enablePIXPointer, 0, sizeof(struct enablePIXPassword)); + enablePIXPointer->level = 15; + + // Password + strncpy(enablePIXPointer->passwordEncrypted, command.part[2], sizeof(enablePIXPointer->passwordEncrypted) - 1); + addJohnPassword(nipper, "Enable", enablePIXPointer->passwordEncrypted); + + // Get options + tempInt = 3; + if (tempInt < command.parts) + { + // Level + if (strcmp(command.part[tempInt], "level") == 0) + { + tempInt++; + enablePIXPointer->level = atoi(command.part[tempInt]); + } + + tempInt++; + } + } + + // If it is a passwd + else if (strncmp("passwd ", line, 7) == 0) + { + strncpy(nipper->pix->password, command.part[1], sizeof(nipper->pix->password) - 1); + addJohnPassword(nipper, "LoginPassword", nipper->pix->password); + } +} + + +// Process Username +void processPIXUsername(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct usernamePIX *usernamePIXPointer = 0; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Username Line: %s\n", line); + } + + // Is it the first? + if (nipper->pix->username == 0) + { + nipper->pix->username = malloc(sizeof(struct usernamePIX)); + usernamePIXPointer = nipper->pix->username; + } + else + { + usernamePIXPointer = nipper->pix->username; + while (usernamePIXPointer->next != 0) + usernamePIXPointer = usernamePIXPointer->next; + usernamePIXPointer->next = malloc(sizeof(struct usernamePIX)); + usernamePIXPointer = usernamePIXPointer->next; + } + + // Init + memset(usernamePIXPointer, 0, sizeof(struct usernamePIX)); + command = splitLine(line); + usernamePIXPointer->level = 2; + + // Username + strncpy(usernamePIXPointer->username, command.part[1], sizeof(usernamePIXPointer->username) - 1); + + // Other options... + tempInt = 2; + while (tempInt < command.parts) + { + // No password + if (strcmp(command.part[tempInt], "nopassword") == 0) + usernamePIXPointer->encryption = encrypt_none; + + // Password + else if (strcmp(command.part[tempInt], "password") == 0) + { + strncpy(usernamePIXPointer->passwordEncrypted, command.part[tempInt +1], sizeof(usernamePIXPointer->passwordEncrypted) - 1); + tempInt++; + } + + // Encrypted + else if (strcmp(command.part[tempInt], "encrypted") == 0) + usernamePIXPointer->encryption = encrypt_pix; + + // MSChap + else if (strcmp(command.part[tempInt], "mschap") == 0) + usernamePIXPointer->encryption = encrypt_mschap; + + // NT Encrypted + else if (strcmp(command.part[tempInt], "nt-encrypted") == 0) + usernamePIXPointer->encryption = encrypt_ntenc; + + // Level + else if (strcmp(command.part[tempInt], "privilege") == 0) + usernamePIXPointer->level = atoi(command.part[tempInt +1]); + + tempInt++; + } + + // If password is encrypted + if (usernamePIXPointer->encryption == encrypt_pix) + addJohnPassword(nipper, usernamePIXPointer->username, usernamePIXPointer->passwordEncrypted); +} + diff --git a/0.11.10/PIX/process-general.c b/0.11.10/PIX/process-general.c new file mode 100644 index 0000000..51ee90c --- /dev/null +++ b/0.11.10/PIX/process-general.c @@ -0,0 +1,55 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Domain Loopup +void processPIXName(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("Name Line: %s\n", line); + + // Init + command = splitLine(line); + + // Create + objectListPointer = getObjectListPointer(nipper, "NAMELIST"); + objectPointer = getObjectPointer(objectListPointer, command.part[2]); + strncpy(objectPointer->address, command.part[1], sizeof(objectPointer->address) - 1); + if (strcmp(command.part[1] + strlen(command.part[1]) - 2, ".0") == 0) + objectPointer->type = object_type_network; + else + objectPointer->type = object_type_host; +} diff --git a/0.11.10/PIX/process-http.c b/0.11.10/PIX/process-http.c new file mode 100644 index 0000000..d9acaf4 --- /dev/null +++ b/0.11.10/PIX/process-http.c @@ -0,0 +1,152 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code to process PIX HTTP + +struct httpPIXConfig +{ + int httpServer; // HTTPS server (true or false) + int httpServerPort; // HTTPS server Port + int requireCert; // Require Certificate + int httpRedirect; // Redirect HTTP to HTTPS + int httpRedirectPort; // The HTTP redirect port + struct mgmtHostsPIX *host; // Hosts that can access the HTTP server +}; + +struct mgmtHostsPIX +{ + char interface[32]; + char ipAddress[32]; + char netMask[32]; + struct mgmtHostsPIX *next; +}; + + +// Process HTTP... +void processPIXHTTP(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct mgmtHostsPIX *mgmtHostsPointer = 0; + int tempInt = 0; + int setting = 0; + + // Init + command = splitLine(line); + + // No? + if (strcmp(command.part[0], "no") == 0) + { + setting = false; + tempInt = 1; + } + else + { + setting = true; + tempInt = 0; + } + + // Debug + if (nipper->debugMode == true) + { + printf("HTTP Line: %s\n", line); + } + + // Init... + if (nipper->pix->http == 0) + { + nipper->pix->http = malloc(sizeof(struct httpPIXConfig)); + memset(nipper->pix->http, 0, sizeof(struct httpPIXConfig)); + nipper->pix->http->httpServerPort = 443; + nipper->pix->http->httpServer = false; + nipper->pix->http->requireCert = false; + nipper->pix->http->httpRedirectPort = 80; + } + + // Enable HTTP Server... + if ((strcmp(command.part[tempInt], "http") == 0) && (strcmp(command.part[tempInt + 1], "server") == 0) && (strcmp(command.part[tempInt + 2], "enable") == 0)) + { + nipper->pix->http->httpServer = setting; + // Check for port... + if (command.parts == tempInt + 4) + { + if (setting == false) + nipper->pix->http->httpServerPort = atoi(command.part[tempInt + 3]); + else + nipper->pix->http->httpServerPort = 443; + } + } + + // Require Cert... + else if ((strcmp(command.part[tempInt], "http") == 0) && (strcmp(command.part[tempInt + 1], "authentication-certificate") == 0)) + nipper->pix->http->requireCert = setting; + + // HTTP Redirect... + else if ((strcmp(command.part[tempInt], "http") == 0) && (strcmp(command.part[tempInt + 1], "redirect") == 0)) + { + nipper->pix->http->httpRedirect = setting; + if (command.parts == tempInt + 4) + nipper->pix->http->httpRedirectPort = atoi(command.part[tempInt + 3]); + } + + // HTTP Remote Access host... + else if ((strcmp(command.part[tempInt], "http") == 0) && (command.parts == tempInt + 4)) + { + // Create new mgmt host... + if (nipper->pix->http->host == 0) + { + nipper->pix->http->host = malloc(sizeof(struct mgmtHostsPIX)); + memset(nipper->pix->http->host, 0, sizeof(struct mgmtHostsPIX)); + mgmtHostsPointer = nipper->pix->http->host; + } + else + { + mgmtHostsPointer = nipper->pix->http->host; + while (mgmtHostsPointer->next != 0) + mgmtHostsPointer = mgmtHostsPointer->next; + mgmtHostsPointer->next = malloc(sizeof(struct mgmtHostsPIX)); + memset(mgmtHostsPointer->next, 0, sizeof(struct mgmtHostsPIX)); + mgmtHostsPointer = mgmtHostsPointer->next; + } + + // IP Address... + tempInt++; + strncpy(mgmtHostsPointer->ipAddress, command.part[tempInt], sizeof(mgmtHostsPointer->ipAddress) - 1); + + // Net Mask... + tempInt++; + strncpy(mgmtHostsPointer->netMask, command.part[tempInt], sizeof(mgmtHostsPointer->netMask) - 1); + + // Interface... + tempInt++; + strncpy(mgmtHostsPointer->interface, command.part[tempInt], sizeof(mgmtHostsPointer->interface) - 1); + } +} + diff --git a/0.11.10/PIX/process-icmp.c b/0.11.10/PIX/process-icmp.c new file mode 100644 index 0000000..af6acf7 --- /dev/null +++ b/0.11.10/PIX/process-icmp.c @@ -0,0 +1,115 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// ICMP Access Structure +struct icmpAccess +{ + int permission; // perm_permit or perm_deny + char source[64]; + int sourceType; // access_type_host... + char icmpType[16]; + char interface[32]; + struct icmpAccess *next; +}; + + +// Process ICMP +void processICMPPIX(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct icmpAccess *icmpPIXPointer = 0; + char tempString[nipper->maxSize]; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("ICMP Line: %s\n", line); + } + + // if first + if (nipper->pix->icmp == 0) + { + nipper->pix->icmp = malloc(sizeof(struct icmpAccess)); + icmpPIXPointer = nipper->pix->icmp; + } + else + { + icmpPIXPointer = nipper->pix->icmp; + while (icmpPIXPointer->next != 0) + icmpPIXPointer = icmpPIXPointer->next; + icmpPIXPointer->next = malloc(sizeof(struct icmpAccess)); + icmpPIXPointer = icmpPIXPointer->next; + } + + // Init + command = splitLine(line); + memset(icmpPIXPointer, 0, sizeof(struct icmpAccess)); + + // Permission + if (strcmp(command.part[1], "permit") == 0) + icmpPIXPointer->permission = perm_permit; + else + icmpPIXPointer->permission = perm_deny; + + // Source + if (strcmp(command.part[2], "host") == 0) + { + icmpPIXPointer->sourceType = object_type_host; + tempInt = 4; + strncpy(icmpPIXPointer->source, command.part[3], sizeof(icmpPIXPointer->source) - 1); + } + else if (strcmp(command.part[2], "any") == 0) + { + icmpPIXPointer->sourceType = object_type_any; + tempInt = 3; + strcpy(icmpPIXPointer->source, "any"); + } + else + { + icmpPIXPointer->sourceType = object_type_network; + tempInt = 4; + sprintf(tempString, "%s %s", command.part[2], command.part[3]); + strncpy(icmpPIXPointer->source, tempString, sizeof(icmpPIXPointer->source) - 1); + } + + // ICMP Type? + if (command.parts == tempInt + 2) + { + strncpy(icmpPIXPointer->icmpType, command.part[tempInt], sizeof(icmpPIXPointer->icmpType) - 1); + tempInt++; + } + + // Interface + strncpy(icmpPIXPointer->interface, command.part[tempInt], sizeof(icmpPIXPointer->interface) - 1); +} + diff --git a/0.11.10/PIX/process-interface.c b/0.11.10/PIX/process-interface.c new file mode 100644 index 0000000..1096295 --- /dev/null +++ b/0.11.10/PIX/process-interface.c @@ -0,0 +1,357 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +struct interfacePIXConfig +{ + // Standard... + char interface[32]; + char name[32]; + char ipAddress[64]; + char netMask[32]; + + // Options + int security; + int uRPF; + int shutdown; // true or false + + // Access Lists + char in[32]; + int inOverride; // true or false + char out[32]; + int outOverride; // true or false + + struct interfacePIXConfig *next; +}; + + +// Init interface... +void initPIXInterface(struct interfacePIXConfig *interfacePIXPointer) +{ + memset(interfacePIXPointer, 0, sizeof(struct interfacePIXConfig)); + interfacePIXPointer->inOverride = false; + interfacePIXPointer->outOverride = false; + interfacePIXPointer->shutdown = false; + interfacePIXPointer->uRPF = false; +} + + +// Process Interface +void processPIXInterface(char *line, struct nipperConfig *nipper) +{ + // Variables + struct interfacePIXConfig *interfacePIXPointer = 0; + struct ciscoCommand command; + fpos_t filePosition; + + // Debug + if (nipper->debugMode == true) + { + printf("Interface Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Unsupported + if ((strcmp(command.part[0], "interface") == 0) && ((strcmp(command.part[1], "lbprivate") == 0) || (strcmp(command.part[1], "lbpublic") == 0))) + { + } + + // new interface line(s) (PIX7+) + else if ((strcmp(command.part[0], "interface") == 0) && (command.parts == 2)) + { + // If this is the first interface + if (nipper->pix->interface == 0) + { + // Create structure + nipper->pix->interface = malloc(sizeof(struct interfacePIXConfig)); + memset(nipper->pix->interface, 0 , sizeof(struct interfacePIXConfig)); + interfacePIXPointer = nipper->pix->interface; + initPIXInterface(interfacePIXPointer); + } + else + { + // Search for interface... + interfacePIXPointer = nipper->pix->interface; + while ((interfacePIXPointer->next != 0) && (strcmp(interfacePIXPointer->name, command.part[1]) != 0)) + interfacePIXPointer = interfacePIXPointer->next; + + // If it hasn't been found + if (strcmp(interfacePIXPointer->name, command.part[1]) != 0) + { + // Create structure + interfacePIXPointer->next = malloc(sizeof(struct interfacePIXConfig)); + memset(interfacePIXPointer->next, 0 , sizeof(struct interfacePIXConfig)); + interfacePIXPointer = interfacePIXPointer->next; + initPIXInterface(interfacePIXPointer); + } + } + + // Init + strncpy(interfacePIXPointer->interface, command.part[1], sizeof(interfacePIXPointer->interface) - 1); + + // Loop through the interface lines + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + { + printf("Line Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // nameif + if (strcmp(command.part[0], "nameif") == 0) + strncpy(interfacePIXPointer->name, command.part[1], sizeof(interfacePIXPointer->name) - 1); + + // IP Address + else if ((strcmp(command.part[0], "ip") == 0) && (strcmp(command.part[1], "address") == 0)) + { + if (strcmp(command.part[2], "dhcp") == 0) + { + strcpy(interfacePIXPointer->ipAddress, "dhcp"); + strcpy(interfacePIXPointer->netMask, "dhcp"); + } + else + { + strncpy(interfacePIXPointer->ipAddress, command.part[2], sizeof(interfacePIXPointer->ipAddress) - 1); + strncpy(interfacePIXPointer->netMask, command.part[3], sizeof(interfacePIXPointer->netMask) - 1); + } + } + + // No shutdown + else if ((strcmp(command.part[0], "no") == 0) && (strcmp(command.part[1], "shutdown") == 0)) + interfacePIXPointer->shutdown = false; + + // Shutdown + else if (strcmp(command.part[0], "shutdown") == 0) + interfacePIXPointer->shutdown = true; + + // Security Level + else if (strcmp(command.part[0], "security-level") == 0) + interfacePIXPointer->security = atoi(command.part[1]); + + // Read next line + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + fsetpos(nipper->input, &filePosition); + } + + // nameif... + else if (strcmp(command.part[0], "nameif") == 0) + { + if (nipper->pix->interface == 0) + { + // Create structure + nipper->pix->interface = malloc(sizeof(struct interfacePIXConfig)); + interfacePIXPointer = nipper->pix->interface; + initPIXInterface(interfacePIXPointer); + } + else + { + // Search for interface (just in case) + interfacePIXPointer = nipper->pix->interface; + while ((interfacePIXPointer->next != 0) && ((strcmp(interfacePIXPointer->name, command.part[2]) != 0) && (strcmp(interfacePIXPointer->interface, command.part[1]) != 0))) + interfacePIXPointer = interfacePIXPointer->next; + + // If it has not been found (probable), then create a new struct... + if ((strcmp(interfacePIXPointer->name, command.part[2]) != 0) && (strcmp(interfacePIXPointer->interface, command.part[1]) != 0)) + { + // Create structure + interfacePIXPointer->next = malloc(sizeof(struct interfacePIXConfig)); + interfacePIXPointer = interfacePIXPointer->next; + initPIXInterface(interfacePIXPointer); + } + } + + // Copy the info into the structure + strncpy(interfacePIXPointer->interface, command.part[1], sizeof(interfacePIXPointer->interface) - 1); + strncpy(interfacePIXPointer->name, command.part[2], sizeof(interfacePIXPointer->name) - 1); + interfacePIXPointer->security = atoi(command.part[3] + 8); + } + + // old interface line... + else if (strcmp(command.part[0], "interface") == 0) + { + // Check to see if an interface has already been created + if (nipper->pix->interface == 0) + { + // Create structure + nipper->pix->interface = malloc(sizeof(struct interfacePIXConfig)); + interfacePIXPointer = nipper->pix->interface; + initPIXInterface(interfacePIXPointer); + } + + else + { + // Search for interface... + interfacePIXPointer = nipper->pix->interface; + while ((interfacePIXPointer->next != 0) && (strcmp(interfacePIXPointer->interface, command.part[1]) != 0)) + interfacePIXPointer = interfacePIXPointer->next; + + // If it hasn't been found + if (strcmp(interfacePIXPointer->interface, command.part[1]) != 0) + { + // Create structure + interfacePIXPointer->next = malloc(sizeof(struct interfacePIXConfig)); + interfacePIXPointer = interfacePIXPointer->next; + initPIXInterface(interfacePIXPointer); + } + } + + // Copy the info into the structure + strncpy(interfacePIXPointer->interface, command.part[1], sizeof(interfacePIXPointer->interface) - 1); + + // Interface shutdown? + if (strcmp(command.part[command.parts - 1], "shutdown") == 0) + interfacePIXPointer->shutdown = true; + } + + // IP Address... + else if ((strcmp(command.part[0], "ip") == 0) && (strcmp(command.part[1], "address") == 0)) + { + // Check to see if an interface has already been created + if (nipper->pix->interface == 0) + { + // Create structure + nipper->pix->interface = malloc(sizeof(struct interfacePIXConfig)); + interfacePIXPointer = nipper->pix->interface; + initPIXInterface(interfacePIXPointer); + } + + else + { + // Search for interface... + interfacePIXPointer = nipper->pix->interface; + while ((interfacePIXPointer->next != 0) && (strcmp(interfacePIXPointer->name, command.part[2]) != 0)) + interfacePIXPointer = interfacePIXPointer->next; + + // If it hasn't been found + if (strcmp(interfacePIXPointer->name, command.part[2]) != 0) + { + // Create structure + interfacePIXPointer->next = malloc(sizeof(struct interfacePIXConfig)); + interfacePIXPointer = interfacePIXPointer->next; + initPIXInterface(interfacePIXPointer); + } + } + + // Copy the info into the structure + strncpy(interfacePIXPointer->name, command.part[2], sizeof(interfacePIXPointer->name) - 1); + strncpy(interfacePIXPointer->ipAddress, command.part[3], sizeof(interfacePIXPointer->ipAddress) - 1); + strncpy(interfacePIXPointer->netMask, command.part[4], sizeof(interfacePIXPointer->netMask) - 1); + } + + // Access Group... + else if (strcmp(command.part[0], "access-group") == 0) + { + // Increment counter + nipper->pix->interfaceAccessList++; + + // Check to see if an interface has already been created + if (nipper->pix->interface == 0) + { + // Create structure + nipper->pix->interface = malloc(sizeof(struct interfacePIXConfig)); + interfacePIXPointer = nipper->pix->interface; + initPIXInterface(interfacePIXPointer); + } + + else + { + // Search for interface... + interfacePIXPointer = nipper->pix->interface; + while ((interfacePIXPointer->next != 0) && (strcmp(interfacePIXPointer->name, command.part[4]) != 0)) + interfacePIXPointer = interfacePIXPointer->next; + + // If it hasn't been found + if (strcmp(interfacePIXPointer->name, command.part[4]) != 0) + { + // Create structure + interfacePIXPointer->next = malloc(sizeof(struct interfacePIXConfig)); + interfacePIXPointer = interfacePIXPointer->next; + initPIXInterface(interfacePIXPointer); + } + } + + // Interface Name + strncpy(interfacePIXPointer->name, command.part[4], sizeof(interfacePIXPointer->name) - 1); + + // In... + if (strcmp(command.part[2], "in") == 0) + strncpy(interfacePIXPointer->in, command.part[1], sizeof(interfacePIXPointer->in) - 1); + + // Out... + else + if (strcmp(command.part[2], "out") == 0) + strncpy(interfacePIXPointer->out, command.part[1], sizeof(interfacePIXPointer->out) - 1); + + // User Override + if (command.parts > 5) + { + if ((strcmp(command.part[2], "in") == 0) && (strcmp(command.part[5], "per-user-override") == 0)) + interfacePIXPointer->inOverride = true; + else if ((strcmp(command.part[2], "out") == 0) && (strcmp(command.part[5], "per-user-override") == 0)) + interfacePIXPointer->outOverride = true; + } + } +} + + +// Process uRPF +void processPIXuRPF(char *line, struct nipperConfig *nipper) +{ + // Variables.. + struct interfacePIXConfig *interfacePIXPointer = 0; + struct ciscoCommand command; + + // Debug + if (nipper->debugMode == true) + { + printf("uRPF Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Set Interface... + interfacePIXPointer = nipper->pix->interface; + while (interfacePIXPointer != 0) + { + if (strcmp(interfacePIXPointer->name, command.part[4]) == 0) + interfacePIXPointer->uRPF = true; + interfacePIXPointer = interfacePIXPointer->next; + } +} diff --git a/0.11.10/PIX/process-nat.c b/0.11.10/PIX/process-nat.c new file mode 100644 index 0000000..ebf312e --- /dev/null +++ b/0.11.10/PIX/process-nat.c @@ -0,0 +1,324 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Static NAT/PAT Structure +struct staticPIX +{ + char interfaceReal[32]; // Real Interface + char interfaceMapped[32]; // Mapped Interface + int protocolTcp; // TCP = true, UDP = false (PAT ONLY) + char ipMapped[64]; // Mapped IP + char portMapped[10]; // Mapped Port (PAT ONLY) + char ipReal[64]; // NAT type: Real IP Address NAT + char portReal[10]; + char ipNetMaskReal[16]; // + char accessList[32]; // Access List NAT + int interface; // Interface NAT + int dns; // Rewrite DNS records + int nailed; // Nailed will allow incoming connections + int randomseq; // Random Sequence no.'s + int tcpMaxConnections; // Maximum TCP connections + int udpMaxConnections; // Maximum UDP connections + int embrionicConnections; // Limit Embionic Connections (DoS protection) + struct staticPIX *next; +}; + + +// Seperate out the mapped and real interfaces +void seperateMapped(char *joined, char *real, int realSize, char *mapped, int mappedSize) +{ + // Variables + int tempInt = 1; + int tempInt2 = 0; + + // Copy real + while ((joined[tempInt] != ',') && (tempInt < realSize)) + { + real[tempInt - 1] = joined[tempInt]; + tempInt++; + } + + tempInt++; + + // Copy Mapped + while ((joined[tempInt] != ')') && (tempInt2 < mappedSize - 1)) + { + mapped[tempInt2] = joined[tempInt]; + tempInt++; + tempInt2++; + } +} + + +// Process static NAT / PAT +void processStaticPIX(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct staticPIX *staticPIXPointer = 0; + int tempInt = 0; + + // Init + command = splitLine(line); + + // NAT + if ((strcmp(command.part[2], "tcp") != 0) && (strcmp(command.part[2], "udp") != 0)) + { + // Debug + if (nipper->debugMode == true) + { + printf("Static NAT Line: %s\n", line); + } + + // if first + if (nipper->pix->staticNAT == 0) + { + nipper->pix->staticNAT = malloc(sizeof(struct staticPIX)); + staticPIXPointer = nipper->pix->staticNAT; + } + else + { + staticPIXPointer = nipper->pix->staticNAT; + while (staticPIXPointer->next != 0) + staticPIXPointer = staticPIXPointer->next; + staticPIXPointer->next = malloc(sizeof(struct staticPIX)); + staticPIXPointer = staticPIXPointer->next; + } + + // Init + memset(staticPIXPointer, 0, sizeof(struct staticPIX)); + staticPIXPointer->interface = false; + staticPIXPointer->dns = false; + staticPIXPointer->nailed = false; + staticPIXPointer->randomseq = true; + + // Seperate Real and Mapped + seperateMapped(command.part[1], staticPIXPointer->interfaceReal, sizeof(staticPIXPointer->interfaceReal), staticPIXPointer->interfaceMapped, sizeof(staticPIXPointer->interfaceMapped)); + + // Mapped IP Address + strncpy(staticPIXPointer->ipMapped, command.part[2], sizeof(staticPIXPointer->ipMapped) - 1); + + // Is it Interface NAT? + if (strcmp(command.part[3], "interface") == 0) + { + staticPIXPointer->interface = true; + tempInt = 4; + } + + // Is it Access List NAT? + else if (strcmp(command.part[3], "access-list") == 0) + { + strncpy(staticPIXPointer->accessList, command.part[4], sizeof(staticPIXPointer->accessList) - 1); + tempInt = 5; + } + + // Or a IP address NAT? + else + { + strncpy(staticPIXPointer->ipReal, command.part[3], sizeof(staticPIXPointer->ipReal) - 1); + tempInt = 4; + + // Is there a netmask? + if (command.parts > 4) + { + if (strcmp(command.part[4], "netmask") == 0) + { + strncpy(staticPIXPointer->ipNetMaskReal, command.part[5], sizeof(staticPIXPointer->ipNetMaskReal) - 1); + tempInt = 6; + } + } + } + + // Get options + while (tempInt < command.parts) + { + // DNS A record update + if (strcmp(command.part[tempInt], "dns") == 0) + staticPIXPointer->dns = true; + + // Limit TCP Connections + else if (strcmp(command.part[tempInt], "tcp") == 0) + { + staticPIXPointer->tcpMaxConnections = atoi(command.part[tempInt + 1]); + tempInt++; + // Check for embrionic option + if ((strcmp(command.part[tempInt], "udp") != 0) && (strcmp(command.part[tempInt], "norandomseq") != 0)) + { + staticPIXPointer->tcpMaxConnections = atoi(command.part[tempInt + 1]); + tempInt++; + } + } + + // Limit UDP Connections + else if (strcmp(command.part[tempInt], "udp") == 0) + { + staticPIXPointer->embrionicConnections = atoi(command.part[tempInt + 1]); + tempInt++; + } + + // No Random Sequence Numbers + else if (strcmp(command.part[tempInt], "norandomseq") == 0) + { + staticPIXPointer->randomseq = false; + if (strcmp(command.part[tempInt+1], "nailed") == 0) + { + staticPIXPointer->nailed = true; + tempInt++; + } + } + + tempInt++; + } + } + + // Static PAT + else + { + // Debug + if (nipper->debugMode == true) + { + printf("Static PAT Line: %s\n", line); + } + + // if first + if (nipper->pix->staticPAT == 0) + { + nipper->pix->staticPAT = malloc(sizeof(struct staticPIX)); + staticPIXPointer = nipper->pix->staticPAT; + } + else + { + staticPIXPointer = nipper->pix->staticPAT; + while (staticPIXPointer->next != 0) + staticPIXPointer = staticPIXPointer->next; + staticPIXPointer->next = malloc(sizeof(struct staticPIX)); + staticPIXPointer = staticPIXPointer->next; + } + + // Init + memset(staticPIXPointer, 0, sizeof(struct staticPIX)); + staticPIXPointer->interface = false; + staticPIXPointer->dns = false; + staticPIXPointer->nailed = false; + staticPIXPointer->randomseq = true; + + // Seperate Real and Mapped + seperateMapped(command.part[1], staticPIXPointer->interfaceReal, sizeof(staticPIXPointer->interfaceReal), staticPIXPointer->interfaceMapped, sizeof(staticPIXPointer->interfaceMapped)); + + if (strcmp(command.part[2], "tcp") == 0) + staticPIXPointer->protocolTcp = true; + else + staticPIXPointer->protocolTcp = false; + + // Mapped IP Address + strncpy(staticPIXPointer->ipMapped, command.part[3], sizeof(staticPIXPointer->ipMapped) - 1); + + // Mapped Port + strncpy(staticPIXPointer->portMapped, command.part[4], sizeof(staticPIXPointer->portMapped) - 1); + + // Is it Interface NAT? + if (strcmp(command.part[5], "interface") == 0) + { + staticPIXPointer->interface = true; + tempInt = 6; + } + + // Is it Access List NAT? + else if (strcmp(command.part[5], "access-list") == 0) + { + strncpy(staticPIXPointer->accessList, command.part[6], sizeof(staticPIXPointer->accessList) - 1); + tempInt = 7; + } + + // Or a IP address NAT? + else + { + strncpy(staticPIXPointer->ipReal, command.part[5], sizeof(staticPIXPointer->ipReal) - 1); + tempInt = 7; + + // Real Port + strncpy(staticPIXPointer->portReal, command.part[6], sizeof(staticPIXPointer->portReal) - 1); + + // Is there a netmask? + if (command.parts > 7) + { + if (strcmp(command.part[7], "netmask") == 0) + { + strncpy(staticPIXPointer->ipNetMaskReal, command.part[8], sizeof(staticPIXPointer->ipNetMaskReal) - 1); + tempInt = 9; + } + } + } + + // Get options + while (tempInt < command.parts) + { + // DNS A record update + if (strcmp(command.part[tempInt], "dns") == 0) + staticPIXPointer->dns = true; + + // Limit TCP Connections + else if (strcmp(command.part[tempInt], "tcp") == 0) + { + staticPIXPointer->tcpMaxConnections = atoi(command.part[tempInt + 1]); + tempInt++; + // Check for embrionic option + if ((strcmp(command.part[tempInt], "udp") != 0) && (strcmp(command.part[tempInt], "norandomseq") != 0)) + { + staticPIXPointer->tcpMaxConnections = atoi(command.part[tempInt + 1]); + tempInt++; + } + } + + // Limit UDP Connections + else if (strcmp(command.part[tempInt], "udp") == 0) + { + staticPIXPointer->embrionicConnections = atoi(command.part[tempInt + 1]); + tempInt++; + } + + // No Random Sequence Numbers + else if (strcmp(command.part[tempInt], "norandomseq") == 0) + { + staticPIXPointer->randomseq = false; + if (strcmp(command.part[tempInt+1], "nailed") == 0) + { + staticPIXPointer->nailed = true; + tempInt++; + } + } + + tempInt++; + } + } + +} + diff --git a/0.11.10/PIX/process-objects.c b/0.11.10/PIX/process-objects.c new file mode 100644 index 0000000..81715bc --- /dev/null +++ b/0.11.10/PIX/process-objects.c @@ -0,0 +1,185 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Object Groups +void processObjectGroup(char *line, struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + fpos_t filePosition; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + struct ciscoCommand command; + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct objectMember *memberPointer = 0; + + // Debug output + if (nipper->debugMode == true) + printf("Object Group Line: %s\n", line); + + // Init Struct + command = splitLine(line); + + // Get pointer to object list... + objectListPointer = getObjectListPointer(nipper, "OBJECTLIST"); + + // Get pointer to object group... + objectPointer = getObjectPointer(objectListPointer, command.part[2]); + + // Object Type + if (strcmp(command.part[1], "network") == 0) + objectPointer->type = object_type_group; + else if (strcmp(command.part[1], "protocol") == 0) + objectPointer->type = object_type_protocol; + else if (strcmp(command.part[1], "service") == 0) + objectPointer->type = object_type_service; + else if (strcmp(command.part[1], "icmp-type") == 0) + objectPointer->type = object_type_icmp; + + // Service object group type... + if ((command.parts == 4) && (objectPointer->type == object_type_service)) + { + if (strcmp(command.part[3], "tcp") == 0) + objectPointer->serviceType = service_protocol_tcp; + else if (strcmp(command.part[3], "udp") == 0) + objectPointer->serviceType = service_protocol_udp; + else if (strcmp(command.part[3], "tcp-udp") == 0) + objectPointer->serviceType = service_protocol_both; + } + + // Loop through the object lines + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + while ((feof(nipper->input) == 0) && (line[0] == ' ')) + { + // Debug + if (nipper->debugMode == true) + { + printf("Object Group Line: %s\n", line); + } + + // Init + command = splitLine(line); + + // Description + if (strcmp(command.part[0], "description") == 0) + { + memset(tempString, 0, nipper->maxSize); + memset(tempString2, 0, nipper->maxSize); + for (tempInt = 1; tempInt < command.parts; tempInt++) + { + sprintf(tempString, "%s%s ", tempString2, command.part[tempInt]); + strncpy(tempString2, tempString, nipper->maxSize); + } + tempString2[strlen(tempString2) - 1] = 0; + strncpy(objectPointer->comment, tempString2, sizeof(objectPointer->comment) - 1); + } + else + { + + if (strcmp(command.part[0], "network-object") == 0) + { + if (strcmp(command.part[1], "host") == 0) + { + memberPointer = getObjectMember(objectPointer, command.part[2]); + memberPointer->type = object_type_host; + } + else + { + memberPointer = getObjectMember(objectPointer, command.part[1]); + if (command.parts > 2) + strncpy(memberPointer->netMask, command.part[2], sizeof(memberPointer->netMask) - 1); + if (strcmp(memberPointer->netMask, "255.255.255.255") != 0) + memberPointer->type = object_type_network; + else + memberPointer->type = object_type_host; + } + } + else if (strcmp(command.part[0], "group-object") == 0) + { + memberPointer = getObjectMember(objectPointer, command.part[1]); + memberPointer->type = object_type_group; + } + else if (strcmp(command.part[0], "port-object") == 0) + { + if (strcmp(command.part[1], "eq") == 0) + { + memberPointer = getObjectMember(objectPointer, command.part[2]); + memberPointer->type = object_type_port; + memberPointer->serviceOp = service_oper_eq; + } + else if (strcmp(command.part[1], "range") == 0) + { + memberPointer = getObjectMember(objectPointer, command.part[2]); + memberPointer->type = object_type_port; + memberPointer->serviceOp = service_oper_eq; + if (command.parts > 3) + { + strncpy(memberPointer->netMask, command.part[3], sizeof(memberPointer->netMask) - 1); + memberPointer->serviceOp = service_oper_range; + } + } + else + { + memberPointer = getObjectMember(objectPointer, command.part[1]); + memberPointer->type = object_type_port; + memberPointer->serviceOp = service_oper_eq; + if (command.parts > 2) + { + strncpy(memberPointer->netMask, command.part[2], sizeof(memberPointer->netMask) - 1); + memberPointer->serviceOp = service_oper_range; + } + } + memberPointer->type = object_type_port; + } + else if (strcmp(command.part[0], "icmp-object") == 0) + { + memberPointer = getObjectMember(objectPointer, command.part[1]); + memberPointer->type = object_type_icmp; + } + else if (strcmp(command.part[0], "protocol-object") == 0) + { + memberPointer = getObjectMember(objectPointer, command.part[1]); + memberPointer->type = object_type_protocol; + } + } + + // Get next line + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + + // Set file position back + fsetpos(nipper->input, &filePosition); +} + + diff --git a/0.11.10/PIX/process-protocols.c b/0.11.10/PIX/process-protocols.c new file mode 100644 index 0000000..a736d16 --- /dev/null +++ b/0.11.10/PIX/process-protocols.c @@ -0,0 +1,98 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +struct fixupList +{ + char protocol[16]; + char options[32]; + int enabled; // true or false + struct fixupList *next; +}; + + +// Process fixup +void processFixupPIX(char *line, struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + char tempString[nipper->maxSize]; + struct ciscoCommand command; + struct fixupList *fixupPIXPointer = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Fixup Line: %s\n", line); + } + + // Is first structure + if (nipper->pix->fixup == 0) + { + nipper->pix->fixup = malloc(sizeof(struct fixupList)); + fixupPIXPointer = nipper->pix->fixup; + } + else + { + fixupPIXPointer = nipper->pix->fixup; + while (fixupPIXPointer->next != 0) + fixupPIXPointer = fixupPIXPointer->next; + fixupPIXPointer->next = malloc(sizeof(struct fixupList)); + fixupPIXPointer = fixupPIXPointer->next; + } + + // Init + command = splitLine(line); + memset(fixupPIXPointer, 0, sizeof(struct fixupList)); + memset(&tempString, 0, nipper->maxSize); + fixupPIXPointer->enabled = true; + tempInt = 0; + + // Enable Protocol Analysis... + if (strcmp(command.part[tempInt], "no") == 0) + { + fixupPIXPointer->enabled = false; + tempInt++; + } + + // Protocol + tempInt = tempInt + 2; + strncpy(fixupPIXPointer->protocol, command.part[tempInt], sizeof(fixupPIXPointer->protocol) - 1); + tempInt++; + + // Options + while (tempInt < command.parts) + { + sprintf(tempString, "%s %s", tempString, command.part[tempInt]); + tempInt++; + } + strncpy(fixupPIXPointer->options, tempString, sizeof(fixupPIXPointer->options) - 1); +} + diff --git a/0.11.10/PIX/process-route.c b/0.11.10/PIX/process-route.c new file mode 100644 index 0000000..bac3be9 --- /dev/null +++ b/0.11.10/PIX/process-route.c @@ -0,0 +1,118 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +struct routePIX +{ + char interface[32]; + char ipAddress[64]; + char netMask[16]; + char gateway[64]; + int metric; + int track; + int tunneled; + struct routePIX *next; +}; + + +// Process enable +void processRoutePIX(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct routePIX *routePIXPointer = 0; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Route Line: %s\n", line); + } + + // Is this the first? + if (nipper->pix->route == 0) + { + nipper->pix->route = malloc(sizeof(struct routePIX)); + routePIXPointer = nipper->pix->route; + } + else + { + routePIXPointer = nipper->pix->route; + while (routePIXPointer->next != 0) + routePIXPointer = routePIXPointer->next; + routePIXPointer->next = malloc(sizeof(struct routePIX)); + routePIXPointer = routePIXPointer->next; + } + + // Init Structure + command = splitLine(line); + memset(routePIXPointer, 0, sizeof(struct routePIX)); + routePIXPointer->metric = 1; + routePIXPointer->track = 0; + routePIXPointer->tunneled = false; + + // Interface Name + strncpy(routePIXPointer->interface, command.part[1], sizeof(routePIXPointer->interface) - 1); + + // IP Address + strncpy(routePIXPointer->ipAddress, command.part[2], sizeof(routePIXPointer->ipAddress) - 1); + + // Net Mask + strncpy(routePIXPointer->netMask, command.part[3], sizeof(routePIXPointer->netMask) - 1); + + // Gateway + strncpy(routePIXPointer->gateway, command.part[4], sizeof(routePIXPointer->gateway) - 1); + + // Options + if (command.parts > 5) + { + + // Tunneled + if (strcmp(command.part[5], "tunneled") == 0) + routePIXPointer->tunneled = true; + + // Metric / Track + else + { + tempInt = 5; + + // Metric + if (strcmp(command.part[tempInt], "track") != 0) + { + routePIXPointer->metric = atoi(command.part[tempInt]); + tempInt++; + } + + // Track? + if (strcmp(command.part[tempInt], "track") == 0) + routePIXPointer->track = atoi(command.part[tempInt + 1]); + } + } +} diff --git a/0.11.10/PIX/process-snmp.c b/0.11.10/PIX/process-snmp.c new file mode 100644 index 0000000..47aadfb --- /dev/null +++ b/0.11.10/PIX/process-snmp.c @@ -0,0 +1,333 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code to process PIX SNMP + +struct snmpPIXConfig +{ + int enabled; + char community[64]; + int weak; + int dictionary; + char contact[128]; + char location[128]; + int port; + struct snmpTrapPIX *trap; + struct snmpPIXHost *host; +}; + +struct snmpPIXHost +{ + char interface[64]; + char address[64]; + char community[64]; + int mode; + int port; + int version; + struct snmpPIXHost *next; +}; + +struct snmpTrapPIX +{ + char section[16]; + char trap[32]; + struct snmpTrapPIX *next; +}; + +#define snmp_mode_both 0 +#define snmp_mode_poll 1 +#define snmp_mode_trap 2 + + +// Modify the traps... +void modifyPIXTraps(struct nipperConfig *nipper, char *trapSection, char *trapSubSection, int add) +{ + // Variables... + struct snmpTrapPIX *trapPIXPointer = 0; + struct snmpTrapPIX *trapPIXPointer2 = 0; + + // Is it an add? + if (add == true) + { + // Reserve memory... + if (nipper->pix->snmp->trap == 0) + { + nipper->pix->snmp->trap = malloc(sizeof(struct snmpTrapPIX)); + memset(nipper->pix->snmp->trap, 0, sizeof(struct snmpTrapPIX)); + trapPIXPointer = nipper->pix->snmp->trap; + } + else + { + trapPIXPointer = nipper->pix->snmp->trap; + while (trapPIXPointer->next != 0) + trapPIXPointer = trapPIXPointer->next; + trapPIXPointer->next = malloc(sizeof(struct snmpTrapPIX)); + memset(trapPIXPointer->next, 0, sizeof(struct snmpTrapPIX)); + trapPIXPointer = trapPIXPointer->next; + } + + // Copy data + strncpy(trapPIXPointer->section, trapSection, sizeof(trapPIXPointer->section) - 1); + strncpy(trapPIXPointer->trap, trapSubSection, sizeof(trapPIXPointer->trap) - 1); + } + + // Remove trap... + else + { + trapPIXPointer = nipper->pix->snmp->trap; + trapPIXPointer2 = 0; + while (trapPIXPointer != 0) + { + if (((strcmp(trapSection, trapPIXPointer->section) == 0) && (strcmp(trapSubSection, trapPIXPointer->trap) == 0)) || ((strcmp(trapSection, trapPIXPointer->section) == 0) && (strcmp(trapSubSection, "") == 0))) + { + if (trapPIXPointer2 == 0) + { + nipper->pix->snmp->trap = trapPIXPointer->next; + free(trapPIXPointer); + trapPIXPointer = nipper->pix->snmp->trap; + } + else + { + trapPIXPointer2->next = trapPIXPointer->next; + free(trapPIXPointer); + trapPIXPointer = trapPIXPointer2->next; + } + } + else + { + trapPIXPointer2 = trapPIXPointer; + trapPIXPointer = trapPIXPointer->next; + } + } + } +} + +// Process SNMP +void processSnmpPIX(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct snmpPIXHost *snmpHostPIXPointer = 0; + int tempInt; + int tempInt2; + int setting; + + // Debug + if (nipper->debugMode == true) + { + printf("SNMP Line: %s\n", line); + } + + // Init + command = splitLine(line); + if (nipper->pix->snmp == 0) + { + nipper->pix->snmp = malloc(sizeof(struct snmpPIXConfig)); + memset(nipper->pix->snmp, 0, sizeof(struct snmpPIXConfig)); + + // Defaults... + nipper->pix->snmp->enabled = true; + nipper->pix->snmp->port = 161; + strcpy(nipper->pix->snmp->community, "public"); + modifyPIXTraps(nipper, "snmp", "authentication", true); + modifyPIXTraps(nipper, "snmp", "linkup", true); + modifyPIXTraps(nipper, "snmp", "linkdown", true); + modifyPIXTraps(nipper, "snmp", "coldstart", true); + nipper->pix->snmp->weak = true; + nipper->pix->snmp->dictionary = true; + nipper->simplePasswords++; + nipper->passwordStrengths++; + } + if (strcmp("no", command.part[0]) == 0) + { + setting = false; + tempInt = 2; + } + else + { + setting = true; + tempInt = 1; + } + + // Community + if (strcmp("community", command.part[tempInt]) == 0) + { + tempInt++; + strncpy(nipper->pix->snmp->community, command.part[tempInt], sizeof(nipper->pix->snmp->community) - 1); + + // Check strength / dictionary... + if (simplePassword(nipper->pix->snmp->community, nipper) == true) + { + if (nipper->pix->snmp->dictionary == false) + { + nipper->simplePasswords++; + nipper->pix->snmp->dictionary = true; + } + } + else if (nipper->pix->snmp->dictionary == true) + { + nipper->simplePasswords--; + nipper->pix->snmp->dictionary = false; + } + if (passwordStrength(nipper->pix->snmp->community, nipper) == false) + { + if (nipper->pix->snmp->weak == false) + { + nipper->passwordStrengths++; + nipper->pix->snmp->weak = true; + } + } + else if (nipper->pix->snmp->weak == true) + { + nipper->passwordStrengths--; + nipper->pix->snmp->weak = false; + } + } + + // Contact + else if (strcmp("contact", command.part[tempInt]) == 0) + { + tempInt++; + strncpy(nipper->pix->snmp->contact, command.part[tempInt], sizeof(nipper->pix->snmp->contact) - 1); + } + + // Location + else if (strcmp("location", command.part[tempInt]) == 0) + { + tempInt++; + strncpy(nipper->pix->snmp->location, command.part[tempInt], sizeof(nipper->pix->snmp->location) - 1); + } + + // Traps... + else if ((strcmp("enable", command.part[tempInt]) == 0) && (strcmp("traps", command.part[tempInt + 1]) == 0)) + { + + // If no traps are specified... + if (command.parts == tempInt + 2) + modifyPIXTraps(nipper, "syslog", "", setting); + + // If only the trap catagory is specified... + else if (command.parts == tempInt + 3) + modifyPIXTraps(nipper, command.part[tempInt + 2], "", setting); + + // Do all the other traps... + else + { + tempInt2 = tempInt + 3; + while (tempInt2 < command.parts) + { + modifyPIXTraps(nipper, command.part[tempInt + 2], command.part[tempInt2], setting); + tempInt2++; + } + } + } + + // Listen Port + else if (strcmp("port", command.part[tempInt]) == 0) + { + tempInt++; + nipper->pix->snmp->port = atoi(command.part[tempInt]); + } + + // Server Enable + else if (strcmp("enable", command.part[tempInt]) == 0) + nipper->pix->snmp->enabled = setting; + + // SNMP Host + else if (strcmp("host", command.part[tempInt]) == 0) + { + // Reserve Memory... + if (nipper->pix->snmp->host == 0) + { + nipper->pix->snmp->host = malloc(sizeof(struct snmpPIXHost)); + memset(nipper->pix->snmp->host, 0, sizeof(struct snmpPIXHost)); + snmpHostPIXPointer = nipper->pix->snmp->host; + } + else + { + snmpHostPIXPointer = nipper->pix->snmp->host; + while (snmpHostPIXPointer->next != 0) + snmpHostPIXPointer = snmpHostPIXPointer->next; + snmpHostPIXPointer->next = malloc(sizeof(struct snmpPIXHost)); + memset(snmpHostPIXPointer->next, 0, sizeof(struct snmpPIXHost)); + snmpHostPIXPointer = snmpHostPIXPointer->next; + } + + // Init... + snmpHostPIXPointer->port = 161; + snmpHostPIXPointer->mode = snmp_mode_both; + + // Interface... + strncpy(snmpHostPIXPointer->interface, command.part[2], sizeof(snmpHostPIXPointer->interface) - 1); + + // Address... + strncpy(snmpHostPIXPointer->address, command.part[3], sizeof(snmpHostPIXPointer->address) - 1); + tempInt = 4; + + // Options... + while (tempInt < command.parts) + { + // Poll + if (strcmp("poll", command.part[tempInt]) == 0) + snmpHostPIXPointer->mode = snmp_mode_poll; + + // Trap + else if (strcmp("trap", command.part[tempInt]) == 0) + snmpHostPIXPointer->mode = snmp_mode_trap; + + // Community + else if (strcmp("community", command.part[tempInt]) == 0) + { + tempInt++; + strncpy(snmpHostPIXPointer->community, command.part[tempInt], sizeof(snmpHostPIXPointer->community) - 1); + } + + // Version + else if (strcmp("version", command.part[tempInt]) == 0) + { + tempInt++; + if ('1' == command.part[tempInt][0]) + snmpHostPIXPointer->version = 1; + else if ('2' == command.part[tempInt][0]) + snmpHostPIXPointer->version = 2; + } + + // UDP Port + else if (strcmp("udp-port", command.part[tempInt]) == 0) + { + tempInt++; + snmpHostPIXPointer->port = atoi(command.part[tempInt]); + } + + tempInt++; + } + } +} + diff --git a/0.11.10/PIX/process-ssh.c b/0.11.10/PIX/process-ssh.c new file mode 100644 index 0000000..74fb121 --- /dev/null +++ b/0.11.10/PIX/process-ssh.c @@ -0,0 +1,107 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +struct sshAccessConfig +{ + char ipAddress[32]; + char netMask[32]; + char interface[32]; + struct sshAccessConfig *next; +}; + + +struct sshPIXConfig +{ + int version; + int timeout; + struct sshAccessConfig *access; +}; + + +// Process fixup +void processPIXSSH(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct sshAccessConfig *sshPointer = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("SSH Line: %s\n", line); + } + + // If structure doesn't exist + if (nipper->pix->ssh == 0) + { + nipper->pix->ssh = malloc(sizeof(struct sshPIXConfig)); + memset(nipper->pix->ssh, 0, sizeof(struct sshPIXConfig)); + nipper->pix->ssh->timeout = 5; + } + + // Init + command = splitLine(line); + + // Timeout + if (strcmp(command.part[1], "timeout") == 0) + nipper->pix->ssh->timeout = atoi(command.part[2]); + + // Version + else if (strcmp(command.part[1], "version") == 0) + nipper->pix->ssh->version = atoi(command.part[2]); + + // Management IP + else if (command.parts == 4) + { + // Init... + if (nipper->pix->ssh->access == 0) + { + nipper->pix->ssh->access = malloc(sizeof(struct sshAccessConfig)); + sshPointer = nipper->pix->ssh->access; + } + else + { + sshPointer = nipper->pix->ssh->access; + while (sshPointer->next != 0) + sshPointer = sshPointer->next; + sshPointer->next = malloc(sizeof(struct sshAccessConfig)); + sshPointer = sshPointer->next; + } + memset(sshPointer, 0, sizeof(struct sshAccessConfig)); + strcpy(sshPointer->interface, "Any except outside"); + + // Set... + strncpy(sshPointer->ipAddress, command.part[1], sizeof(sshPointer->ipAddress) - 1); + strncpy(sshPointer->netMask, command.part[2], sizeof(sshPointer->netMask) - 1); + if (command.parts == 4) + strncpy(sshPointer->interface, command.part[3], sizeof(sshPointer->interface) - 1); + } +} + diff --git a/0.11.10/PIX/report-access-list.c b/0.11.10/PIX/report-access-list.c new file mode 100644 index 0000000..c6a39f2 --- /dev/null +++ b/0.11.10/PIX/report-access-list.c @@ -0,0 +1,154 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixACLConfig(struct nipperConfig *nipper) +{ + // Intro text + output_parseText(settings_accesslists1, nipper, section_none, rate_none, 0, 0); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_parseText(settings_accesslists3, nipper, section_none, rate_none, 0, 0); + + // General ACL Settings + output_table(nipper, true, settings_accesslist_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sAlert Interval%s%d seconds%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->accessListAlertInterval, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sMaximum Deny Flows%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->accessListDenyFlowMax, nipper->tablerow_end); + output_table(nipper, false, settings_accesslist_table, &settings_general_heading); + + // ACL + reportRules(nipper); +} + + +void pixObjectConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct objectMember *memberPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + // Intro + output_parseText(settings_objects_desc, nipper, section_none, rate_none, 0, 0); + output_list(nipper, &settings_objects_heading); + + // Get pointer to object list... + objectListPointer = getObjectListPointer(nipper, "OBJECTLIST"); + + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "", objectPointer->name); + + // Generate Table Heading... + if (objectPointer->type == object_type_group) + { + if (objectPointer->comment[0] == 0) + sprintf(tempString, "Network %s %s", settings_objects_table, objectPointer->name); + else + sprintf(tempString, "Network %s %s (%s)", settings_objects_table, objectPointer->name, objectPointer->comment); + } + else if (objectPointer->type == object_type_protocol) + { + if (objectPointer->comment[0] == 0) + sprintf(tempString, "Protocol %s %s", settings_objects_table, objectPointer->name); + else + sprintf(tempString, "Protocol %s %s (%s)", settings_objects_table, objectPointer->name, objectPointer->comment); + } + else if (objectPointer->type == object_type_service) + { + if (objectPointer->comment[0] == 0) + sprintf(tempString, "Service %s %s", settings_objects_table, objectPointer->name); + else + sprintf(tempString, "Service %s %s (%s)", settings_objects_table, objectPointer->name, objectPointer->comment); + } + else if (objectPointer->type == object_type_icmp) + { + if (objectPointer->comment[0] == 0) + sprintf(tempString, "ICMP %s %s", settings_objects_table, objectPointer->name); + else + sprintf(tempString, "ICMP %s %s (%s)", settings_objects_table, objectPointer->name, objectPointer->comment); + } + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_object_heading); + + // Output Table Contents... + memberPointer = objectPointer->members; + while (memberPointer != 0) + { + switch (memberPointer->type) + { + case object_type_group: + outputFriendly(memberPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sObject Group%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + break; + case object_type_port: + fprintf(nipper->reportFile, "%sPort%s", nipper->tablerow_start, nipper->tablerow_mid); + if (memberPointer->serviceOp == service_oper_eq) + fprintf(nipper->reportFile, "%s%s", memberPointer->name, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s - %s%s", memberPointer->name, memberPointer->netMask, nipper->tablerow_end); + addAbbreviation(objectPointer->name, false); + break; + case object_type_service: + fprintf(nipper->reportFile, "%sService%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, memberPointer->name, nipper->tablerow_end); + addAbbreviation(objectPointer->name, false); + break; + case object_type_network: + fprintf(nipper->reportFile, "%sNetwork%s%s / %s%s", nipper->tablerow_start, nipper->tablerow_mid, memberPointer->name, memberPointer->netMask, nipper->tablerow_end); + break; + case object_type_host: + fprintf(nipper->reportFile, "%sHost%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, memberPointer->name, nipper->tablerow_end); + break; + case object_type_protocol: + addAbbreviation(objectPointer->name, false); + fprintf(nipper->reportFile, "%sProtocol%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, memberPointer->name, nipper->tablerow_end); + break; + case object_type_icmp: + fprintf(nipper->reportFile, "%sICMP%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, memberPointer->name, nipper->tablerow_end); + addAbbreviation("ICMP", false); + break; + } + memberPointer = memberPointer->next; + } + output_table(nipper, false, tempString2, &settings_object_heading); + + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, ""); + + objectPointer = objectPointer->next; + } +} + diff --git a/0.11.10/PIX/report-debug.c b/0.11.10/PIX/report-debug.c new file mode 100644 index 0000000..ee530a1 --- /dev/null +++ b/0.11.10/PIX/report-debug.c @@ -0,0 +1,267 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void reportPIXDebug(struct nipperConfig *nipper) +{ + // Variables + struct johnPassword *johnPointer = 0; + struct interfacePIXConfig *interfacePIXPointer = 0; + struct enablePIXPassword *enablePIXPointer = 0; + struct usernamePIX *usernamePIXPointer = 0; + struct fixupList *fixupPIXPointer = 0; + struct icmpAccess *icmpPIXPointer = 0; + struct staticPIX *staticPIXPointer = 0; + struct routePIX *routePIXPointer = 0; + struct snmpPIXHost *snmpHostPIXPointer = 0; + struct snmpTrapPIX *trapPIXPointer = 0; + struct mgmtHostsPIX *mgmtHostsPointer = 0; + struct sshAccessConfig *sshPointer = 0; + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf(" True or Enabled = %d\n", true); + printf(" False or Disabled = %d\n", false); + printf(" Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + printf("Hostname: %s\n", nipper->hostname); + printf("Domain Name: %s\n", nipper->domainName); + printf("Version: %s\n", nipper->version); + printf("Version: %d.%d(%d)\n", nipper->versionMajor, nipper->versionMinor, nipper->versionRevision); + printf("Type: %d\n", nipper->deviceType); + printf("Transparent: %d\n", nipper->pix->transparent); + printf("Floodguard: %d\n", nipper->pix->floodguard); + + // HTTP Server + if (nipper->pix->http != 0) + { + printf("HTTPS Server: %d\n", nipper->pix->http->httpServer); + printf("HTTPS Server Port: %d\n", nipper->pix->http->httpServerPort); + printf("Require Certificate: %d\n", nipper->pix->http->requireCert); + printf("HTTP Redirect: %d\n", nipper->pix->http->httpRedirect); + printf("HTTP Redirect Port: %d\n", nipper->pix->http->httpRedirectPort); + mgmtHostsPointer = nipper->pix->http->host; + while (mgmtHostsPointer != 0) + { + printf("HTTP Management Host:\n"); + printf(" IP Address: %s\n", mgmtHostsPointer->ipAddress); + printf(" Net Mask: %s\n", mgmtHostsPointer->netMask); + printf(" Interface: %s\n", mgmtHostsPointer->interface); + mgmtHostsPointer = mgmtHostsPointer->next; + } + } + + // Users and Passwords + printf("Password: %s\n", nipper->pix->password); + enablePIXPointer = nipper->pix->enable; + while (enablePIXPointer != 0) + { + printf("Enable Password: %s\n", enablePIXPointer->passwordEncrypted); + printf(" Enable Level: %d\n", enablePIXPointer->level); + enablePIXPointer = enablePIXPointer->next; + } + usernamePIXPointer = nipper->pix->username; + while (usernamePIXPointer != 0) + { + printf("Username: %s\n", usernamePIXPointer->username); + printf(" Encrypted Password: %s\n", usernamePIXPointer->passwordEncrypted); + printf(" Encryption: %d\n", usernamePIXPointer->encryption); + printf(" Level: %d\n", usernamePIXPointer->level); + usernamePIXPointer = usernamePIXPointer->next; + } + + // SSH + if (nipper->pix->ssh != 0) + { + printf("SSH Config:\n"); + printf(" SSH Version: %d\n", nipper->pix->ssh->version); + printf(" Timeout: %d\n", nipper->pix->ssh->timeout); + sshPointer = nipper->pix->ssh->access; + while (sshPointer != 0) + { + printf(" IP Address: %s\n", sshPointer->ipAddress); + printf(" Net Mask: %s\n", sshPointer->netMask); + printf(" Interface: %s\n", sshPointer->interface); + sshPointer = sshPointer->next; + } + } + + // SNMP + if (nipper->pix->snmp != 0) + { + printf("SNMP Config:\n"); + printf(" Enabled: %d\n", nipper->pix->snmp->enabled); + printf(" Community: %s\n", nipper->pix->snmp->community); + printf(" Contact: %s\n", nipper->pix->snmp->contact); + printf(" Location: %s\n", nipper->pix->snmp->location); + printf(" Port: %d\n", nipper->pix->snmp->port); + snmpHostPIXPointer = nipper->pix->snmp->host; + while (snmpHostPIXPointer != 0) + { + printf(" SNMP Host:\n"); + printf(" Interface: %s\n", snmpHostPIXPointer->interface); + printf(" Address: %s\n", snmpHostPIXPointer->address); + printf(" Community: %s\n", snmpHostPIXPointer->community); + printf(" Mode: %d\n", snmpHostPIXPointer->mode); + printf(" UDP Port: %d\n", snmpHostPIXPointer->port); + printf(" SNMP Version: %d\n", snmpHostPIXPointer->version); + snmpHostPIXPointer = snmpHostPIXPointer->next; + } + trapPIXPointer = nipper->pix->snmp->trap; + while (trapPIXPointer != 0) + { + printf(" SNMP Trap:\n"); + printf(" Trap Type: %s\n", trapPIXPointer->section); + printf(" Trap: %s\n", trapPIXPointer->trap); + trapPIXPointer = trapPIXPointer->next; + } + } + + // Interfaces + interfacePIXPointer = nipper->pix->interface; + while (interfacePIXPointer != 0) + { + printf("Interface: %s\n", interfacePIXPointer->interface); + printf(" Name: %s\n", interfacePIXPointer->name); + printf(" Shutdown: %d\n", interfacePIXPointer->shutdown); + printf(" IP Address: %s\n", interfacePIXPointer->ipAddress); + printf(" IP Mask: %s\n", interfacePIXPointer->netMask); + printf(" Security: %d\n", interfacePIXPointer->security); + printf(" uRPF: %d\n", interfacePIXPointer->uRPF); + printf(" In ACL: %s\n", interfacePIXPointer->in); + printf(" In Override: %d\n", interfacePIXPointer->inOverride); + printf(" Out ACL: %s\n", interfacePIXPointer->out); + printf(" Out Override: %d\n", interfacePIXPointer->outOverride); + interfacePIXPointer = interfacePIXPointer->next; + } + + // ICMP Access + icmpPIXPointer = nipper->pix->icmp; + while (icmpPIXPointer != 0) + { + printf("ICMP Access: %d\n", icmpPIXPointer->permission); + printf(" Source: %s\n", icmpPIXPointer->source); + printf(" Source Type: %d\n", icmpPIXPointer->sourceType); + printf(" ICMP Type: %s\n", icmpPIXPointer->icmpType); + printf(" Interface: %s\n", icmpPIXPointer->interface); + icmpPIXPointer = icmpPIXPointer->next; + } + + // Protocol Analysis + fixupPIXPointer = nipper->pix->fixup; + while (fixupPIXPointer != 0) + { + printf("Fixup Protocol: %s\n", fixupPIXPointer->protocol); + printf(" Fixup Options: %s\n", fixupPIXPointer->options); + printf(" Enabled: %d\n", fixupPIXPointer->enabled); + fixupPIXPointer = fixupPIXPointer->next; + } + + // Static NAT / PAT + staticPIXPointer = nipper->pix->staticNAT; + while (staticPIXPointer != 0) + { + printf("Static NAT Configuration\n"); + printf(" Real Interface: %s\n", staticPIXPointer->interfaceReal); + printf(" Mapped Interface: %s\n", staticPIXPointer->interfaceMapped); + printf(" Mapped IP: %s\n", staticPIXPointer->ipMapped); + printf(" Real IP: %s\n", staticPIXPointer->ipReal); + printf(" Real IP Mask: %s\n", staticPIXPointer->ipNetMaskReal); + printf(" Access List: %s\n", staticPIXPointer->accessList); + printf(" Interface: %d\n", staticPIXPointer->interface); + printf(" DNS: %d\n", staticPIXPointer->dns); + printf(" Nailed: %d\n", staticPIXPointer->nailed); + printf(" Random Sequence Numbers: %d\n", staticPIXPointer->randomseq); + printf(" Max TCP Connections: %d\n", staticPIXPointer->tcpMaxConnections); + printf(" Max UDP Connections: %d\n", staticPIXPointer->udpMaxConnections); + printf(" Max Embrionic Connections: %d\n", staticPIXPointer->embrionicConnections); + staticPIXPointer = staticPIXPointer->next; + } + staticPIXPointer = nipper->pix->staticPAT; + while (staticPIXPointer != 0) + { + printf("Static PAT Configuration\n"); + printf(" Real Interface: %s\n", staticPIXPointer->interfaceReal); + printf(" Mapped Interface: %s\n", staticPIXPointer->interfaceMapped); + printf(" TCP Protocol: %d\n", staticPIXPointer->protocolTcp); + printf(" Mapped IP: %s\n", staticPIXPointer->ipMapped); + printf(" Mapped Port: %s\n", staticPIXPointer->portMapped); + printf(" Real IP: %s\n", staticPIXPointer->ipReal); + printf(" Real Port: %s\n", staticPIXPointer->portReal); + printf(" Real IP Mask: %s\n", staticPIXPointer->ipNetMaskReal); + printf(" Access List: %s\n", staticPIXPointer->accessList); + printf(" Interface: %d\n", staticPIXPointer->interface); + printf(" DNS: %d\n", staticPIXPointer->dns); + printf(" Nailed: %d\n", staticPIXPointer->nailed); + printf(" Random Sequence Numbers: %d\n", staticPIXPointer->randomseq); + printf(" Max TCP Connections: %d\n", staticPIXPointer->tcpMaxConnections); + printf(" Max UDP Connections: %d\n", staticPIXPointer->udpMaxConnections); + printf(" Max Embrionic Connections: %d\n", staticPIXPointer->embrionicConnections); + staticPIXPointer = staticPIXPointer->next; + } + + // Static Route + routePIXPointer = nipper->pix->route; + while (routePIXPointer != 0) + { + printf("Static Route\n"); + printf(" Interface: %s\n", routePIXPointer->interface); + printf(" IP Address: %s\n", routePIXPointer->ipAddress); + printf(" Net Mask: %s\n", routePIXPointer->netMask); + printf(" Gateway: %s\n", routePIXPointer->gateway); + printf(" Metric: %d\n", routePIXPointer->metric); + printf(" Track: %d\n", routePIXPointer->track); + printf(" Tunneled: %d\n", routePIXPointer->tunneled); + routePIXPointer = routePIXPointer->next; + } + + // Filter Rules... + reportRulesDebug(nipper); + + // Name Mappings / Objects + reportObjectsDebug(nipper); + + // John-the-ripper + if (nipper->john != 0) + { + printf("\n%sJohn-the-ripper Output\n======================%s\n", COL_BLUE, RESET); + johnPointer = nipper->john; + while (johnPointer != 0) + { + printf("Username: %s\n", johnPointer->username); + printf(" Password: %s\n", johnPointer->password); + johnPointer = johnPointer->next; + } + } +} + + diff --git a/0.11.10/PIX/report-enable.c b/0.11.10/PIX/report-enable.c new file mode 100644 index 0000000..faf3ca2 --- /dev/null +++ b/0.11.10/PIX/report-enable.c @@ -0,0 +1,105 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixUsersConfig(struct nipperConfig *nipper) +{ + // Variables... + struct enablePIXPassword *enablePIXPointer = 0; + struct usernamePIX *usernamePIXPointer = 0; + + // Login Password + if (nipper->pix->password[0] != 0) + { + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, " "); + fprintf(nipper->reportFile, "%s %s.", settings_logon_password, nipper->pix->password); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + } + + // Enable Password + if (nipper->pix->enable != 0) + { + output_table(nipper, true, settings_enable_table, &report_enablepix_heading); + enablePIXPointer = nipper->pix->enable; + while (enablePIXPointer != 0) + { + fprintf(nipper->reportFile, "%s%d", nipper->tablerow_start, enablePIXPointer->level); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, enablePIXPointer->passwordEncrypted); + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + enablePIXPointer = enablePIXPointer->next; + } + output_table(nipper, false, settings_enable_table, &report_enablepix_heading); + } + + // Usernames + if (nipper->pix->username != 0) + { + output_table(nipper, true, settings_users_table, &report_userspix_heading); + usernamePIXPointer = nipper->pix->username; + while (usernamePIXPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, usernamePIXPointer->username, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", usernamePIXPointer->level, nipper->tablerow_mid); + switch (usernamePIXPointer->encryption) + { + case encrypt_none: + fprintf(nipper->reportFile, "N/A"); + break; + case encrypt_pix: + fprintf(nipper->reportFile, "Standard"); + break; + case encrypt_mschap: + fprintf(nipper->reportFile, "MS-CHAP"); + addAbbreviation("MS-CHAP", false); + break; + case encrypt_ntenc: + fprintf(nipper->reportFile, "NT Encrypted"); + addAbbreviation("NT", false); + break; + } + if (nipper->passwords == true) + { + if (usernamePIXPointer->passwordEncrypted[0] == 0) + fprintf(nipper->reportFile, "%sNone%s", nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, usernamePIXPointer->passwordEncrypted, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + usernamePIXPointer = usernamePIXPointer->next; + } + output_table(nipper, false, settings_users_table, &report_userspix_heading); + } +} + + diff --git a/0.11.10/PIX/report-general.c b/0.11.10/PIX/report-general.c new file mode 100644 index 0000000..90a7162 --- /dev/null +++ b/0.11.10/PIX/report-general.c @@ -0,0 +1,293 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixGeneralConfig(struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_general_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sHostname%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->friendlyHostname, nipper->tablerow_end); + if (nipper->domainName[0] != 0) + { + outputFriendly(nipper->domainName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sDomain Name%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if ((nipper->version[0] != 0) && (nipper->deviceType == type_pix_firewall)) + { + addAbbreviation("PIX", false); + fprintf(nipper->reportFile, "%sPIX Version%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->version, nipper->tablerow_end); + } + else if ((nipper->version[0] != 0) && (nipper->deviceType == type_asa_firewall)) + { + addAbbreviation("ASA", false); + fprintf(nipper->reportFile, "%sASA Version%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->version, nipper->tablerow_end); + } + else if ((nipper->version[0] != 0) && (nipper->deviceType == type_fwsm_firewall)) + { + addAbbreviation("FWSM", false); + fprintf(nipper->reportFile, "%sFWSM Version%s%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->version, nipper->tablerow_end); + } + if (nipper->pix->transparent == true) + fprintf(nipper->reportFile, "%sTransparent Firewall%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sTransparent Firewall%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->pix->floodguard == true) + fprintf(nipper->reportFile, "%sFlood Guard%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sFlood Guard%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_general_table, &settings_general_heading); +} + + +void pixServicesConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_services_table, &report_services_heading); + if (nipper->pix->snmp == 0) + fprintf(nipper->reportFile, "%sSNMP Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->pix->snmp->enabled == true) + fprintf(nipper->reportFile, "%sSNMP Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSNMP Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->pix->http == 0) + fprintf(nipper->reportFile, "%sHTTPS Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->pix->http->httpServer == false) + fprintf(nipper->reportFile, "%sHTTPS Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sHTTPS Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_services_table, &report_services_heading); + addAbbreviation("SNMP", false); + addAbbreviation("HTTPS", false); +} + + +void pixVulnerabilityIssue(struct nipperConfig *nipper) +{ + // Variables... + struct vulnerability *vulnPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_osver_obs1, nipper, section_obs, rate_none, nipper->vulnIssues, nipper->tableNum); + if (nipper->vulnIssues > 1) + { + output_table(nipper, true, report_osver_table, &report_osver_heading); + if (nipper->deviceType == type_fwsm_firewall) + vulnPointer = &report_vuln_fwsm; + else + vulnPointer = &report_vuln_pix; + while (vulnPointer->next != 0) + { + if (vulnPointer->include == true) + { + outputFriendly(vulnPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s%s%s", vulnPointer->cve, nipper->tablerow_mid, vulnPointer->bid, nipper->tablerow_end); + } + vulnPointer = vulnPointer->next; + } + output_table(nipper, false, report_osver_table, &report_osver_heading); + output_parseText(report_osver_obs2, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + } + else if (nipper->vulnIssues > 0) + { + output_parseText(report_osver_obs3, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + if (nipper->deviceType == type_fwsm_firewall) + vulnPointer = &report_vuln_fwsm; + else + vulnPointer = &report_vuln_pix; + while (vulnPointer->next != 0) + { + if (vulnPointer->include == true) + { + outputFriendly(vulnPointer->description, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "\"%s\" (", tempString); + if (vulnPointer->cve[0] != 0) + fprintf(nipper->reportFile, "CVE reference %s", vulnPointer->cve); + if ((vulnPointer->cve[0] != 0) && (vulnPointer->bid[0] != 0)) + fprintf(nipper->reportFile, " and "); + if (vulnPointer->bid[0] != 0) + fprintf(nipper->reportFile, " Bugtraq ID %s", vulnPointer->bid); + fprintf(nipper->reportFile, ")."); + } + vulnPointer = vulnPointer->next; + } + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_parseText(report_osver_obs2, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + } + output_endsection(nipper, section_obs); + if (nipper->vulnIssues > 0) + { + output_parseText(report_osver_impact1, nipper, section_imp, rate_high, nipper->vulnIssues, nipper->tableNum -1); + if ((nipper->vulnIssueDos == true) && (nipper->vulnIssueRemote == true)) + output_parseText(report_osver_impact2, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + else if (nipper->vulnIssueDos == true) + output_parseText(report_osver_impact3, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + else if (nipper->vulnIssueRemote == true) + output_parseText(report_osver_impact4, nipper, section_none, rate_none, nipper->vulnIssues, nipper->tableNum -1); + addAbbreviation("CVE", false); + addAbbreviation("BID", false); + } + else + output_parseText(report_osver_impact5, nipper, section_imp, rate_high, nipper->vulnIssues, nipper->tableNum -1); + output_endsection(nipper, section_imp); + output_parseText(report_osver_ease, nipper, section_ease, rate_trivial, nipper->vulnIssues, nipper->tableNum -1); + output_endsection(nipper, section_ease); + output_parseText(report_osver_rec, nipper, section_rec, rate_none, nipper->vulnIssues, nipper->tableNum -1); + output_endsection(nipper, section_rec); +} + + +void pixTimeoutIssue(struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + + output_parseText(report_timeout_obs1, nipper, section_obs, rate_none, nipper->insecureTimeouts, nipper->tableNum); + if ((nipper->connectionTimeout % 60) == 0) + { + numToWord(nipper->reportFile, (nipper->connectionTimeout / 60)); + fprintf(nipper->reportFile, " minutes"); + } + else + { + numToWord(nipper->reportFile, nipper->connectionTimeout / 60); + fprintf(nipper->reportFile, " minutes and "); + numToWord(nipper->reportFile, nipper->connectionTimeout % 60); + fprintf(nipper->reportFile, " seconds"); + } + output_parseText(report_timeout_obs2, nipper, section_none, rate_none, nipper->insecureTimeouts, nipper->tableNum); + if (nipper->insecureTimeouts > 1) + { + output_table(nipper, true, report_timeout_table, &report_timeout_heading); + if (nipper->pix->ssh != 0) + { + if ((nipper->pix->ssh->timeout * 60) > nipper->connectionTimeout) + { + fprintf(nipper->reportFile, "%sSSH Session Timeout%s", nipper->tablerow_start, nipper->tablerow_mid); + numToWord(nipper->reportFile, nipper->pix->ssh->timeout); + fprintf(nipper->reportFile, " minutes%s", nipper->tablerow_end); + } + } + output_table(nipper, false, report_timeout_table, &report_timeout_heading); + } + else + { + if (nipper->pix->ssh != 0) + { + if ((nipper->pix->ssh->timeout * 60) > nipper->connectionTimeout) + { + sprintf(tempString, "*NOTEXTSTART*The SSH session timeout was *NUMBER* minutes."); + output_parseText(tempString, nipper, section_none, rate_none, nipper->pix->ssh->timeout, 0); + } + } + } + output_endsection(nipper, section_obs); + output_parseText(report_timeout_impact, nipper, section_imp, rate_high, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_timeout_ease, nipper, section_ease, rate_difficult, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_timeout_rec1, nipper, section_rec, rate_none, 0, 0); + if ((nipper->connectionTimeout % 60) == 0) + { + numToWord(nipper->reportFile, (nipper->connectionTimeout / 60)); + fprintf(nipper->reportFile, " minutes"); + } + else + { + numToWord(nipper->reportFile, nipper->connectionTimeout / 60); + fprintf(nipper->reportFile, " minutes and "); + numToWord(nipper->reportFile, (nipper->connectionTimeout % 60)); + fprintf(nipper->reportFile, " seconds"); + } + output_parseText(report_timeout_rec2, nipper, section_none, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} + + +void pixFloodGuardIssue(struct nipperConfig *nipper) +{ + output_parseText(report_floodguard_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_floodguard_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_floodguard_ease, nipper, section_ease, rate_trivial, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_floodguard_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void pixURPFIssue(struct nipperConfig *nipper) +{ + // Variables... + struct interfacePIXConfig *interfacePIXConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_urpf_pix_obs, nipper, section_obs, rate_none, nipper->uRPFIssues, nipper->tableNum); + if (nipper->uRPFIssues > 1) + { + interfacePIXConfigPointer = nipper->pix->interface; + output_table(nipper, true, report_urpf_table, &report_interfacepix_heading); + while (interfacePIXConfigPointer != 0) + { + if ((interfacePIXConfigPointer->uRPF == false) && (interfacePIXConfigPointer->shutdown == false) && (strcmp(interfacePIXConfigPointer->ipAddress, "") != 0)) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, interfacePIXConfigPointer->interface, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", interfacePIXConfigPointer->name, nipper->tablerow_end); + } + interfacePIXConfigPointer = interfacePIXConfigPointer->next; + } + output_table(nipper, false, report_urpf_table, &report_interfacepix_heading); + } + else if (nipper->uRPFIssues > 0) + { + interfacePIXConfigPointer = nipper->pix->interface; + while (interfacePIXConfigPointer != 0) + { + if ((interfacePIXConfigPointer->uRPF == false) && (interfacePIXConfigPointer->shutdown == false) && (strcmp(interfacePIXConfigPointer->ipAddress, "") != 0)) + { + outputFriendly(interfacePIXConfigPointer->interface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s.", tempString); + } + interfacePIXConfigPointer = interfacePIXConfigPointer->next; + } + output_newPara(nipper); + } + output_endsection(nipper, section_obs); + output_parseText(report_urpf_impact, nipper, section_imp, rate_med, nipper->uRPFIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_urpf_ease, nipper, section_ease, rate_noease, nipper->uRPFIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_urpf_pix_rec, nipper, section_rec, rate_none, nipper->uRPFIssues, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/PIX/report-http.c b/0.11.10/PIX/report-http.c new file mode 100644 index 0000000..eac3b27 --- /dev/null +++ b/0.11.10/PIX/report-http.c @@ -0,0 +1,77 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixHTTPConfig(struct nipperConfig *nipper) +{ + // Variables... + struct mgmtHostsPIX *mgmtHostsPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_http_table, &settings_general_heading); + if (nipper->pix->http->httpServer == false) + fprintf(nipper->reportFile, "%sHTTPS Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sHTTPS Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sHTTPS Server Port%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->http->httpServerPort, nipper->tablerow_end); + if (((nipper->versionMajor == 7) && (nipper->versionMinor == 0) && (nipper->versionRevision > 0)) || ((nipper->versionMajor >= 7) && (nipper->versionMinor > 0))) + { + if (nipper->pix->http->requireCert == false) + fprintf(nipper->reportFile, "%sClients Require Certificates%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sClients Require Certificates%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + } + if (nipper->pix->http->httpRedirect == true) + { + fprintf(nipper->reportFile, "%sHTTP Redirect%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sHTTP Redirect Port%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->http->httpRedirectPort, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%sHTTP Redirect%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_http_table, &settings_general_heading); + if (nipper->pix->http->host != 0) + { + output_table(nipper, true, settings_httphosts_table, &settings_httphosts_heading); + mgmtHostsPointer = nipper->pix->http->host; + while (mgmtHostsPointer != 0) + { + outputFriendly(mgmtHostsPointer->interface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(mgmtHostsPointer->ipAddress, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(mgmtHostsPointer->netMask, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + mgmtHostsPointer = mgmtHostsPointer->next; + } + output_table(nipper, false, settings_httphosts_table, &settings_httphosts_heading); + } +} + + diff --git a/0.11.10/PIX/report-icmp.c b/0.11.10/PIX/report-icmp.c new file mode 100644 index 0000000..3b39a83 --- /dev/null +++ b/0.11.10/PIX/report-icmp.c @@ -0,0 +1,62 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixICMPConfig(struct nipperConfig *nipper) +{ + // Variables... + struct icmpAccess *icmpPIXPointer = 0; + char tempString[nipper->maxSize]; + + // Intro + output_parseText(settings_icmpaccess_desc, nipper, section_none, rate_none, 0, 0); + output_table(nipper, true, settings_icmpaccess_table, &settings_icmpaccess_heading); + icmpPIXPointer = nipper->pix->icmp; + while (icmpPIXPointer != 0) + { + if (icmpPIXPointer->permission == perm_permit) + fprintf(nipper->reportFile, "%sPermit%s", nipper->tablerow_start, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%sDeny%s", nipper->tablerow_start, nipper->tablerow_mid); + if (strcasecmp(icmpPIXPointer->source, "any") == 0) + fprintf(nipper->reportFile, "Any%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s", icmpPIXPointer->source, nipper->tablerow_mid); + if (icmpPIXPointer->icmpType[0] != 0) + fprintf(nipper->reportFile, "%s", icmpPIXPointer->icmpType); + else + fprintf(nipper->reportFile, "Any"); + outputFriendly(icmpPIXPointer->interface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + icmpPIXPointer = icmpPIXPointer->next; + } + output_table(nipper, false, settings_icmpaccess_table, &settings_icmpaccess_heading); +} + diff --git a/0.11.10/PIX/report-interface.c b/0.11.10/PIX/report-interface.c new file mode 100644 index 0000000..1fb104e --- /dev/null +++ b/0.11.10/PIX/report-interface.c @@ -0,0 +1,78 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixInterfaceConfig(struct nipperConfig *nipper) +{ + // Variables... + struct interfacePIXConfig *interfacePIXConfigPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_inter_table, &settings_interpix_heading); + interfacePIXConfigPointer = nipper->pix->interface; + while (interfacePIXConfigPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, interfacePIXConfigPointer->interface, nipper->tablerow_mid); + outputFriendly(interfacePIXConfigPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (interfacePIXConfigPointer->shutdown == true) + fprintf(nipper->reportFile, "Yes"); + else + fprintf(nipper->reportFile, "No"); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, interfacePIXConfigPointer->ipAddress, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", interfacePIXConfigPointer->netMask, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", interfacePIXConfigPointer->security, nipper->tablerow_mid); + if (interfacePIXConfigPointer->uRPF == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (interfacePIXConfigPointer->in[0] == 0) + fprintf(nipper->reportFile, " %s", nipper->tablerow_mid); + else + { + outputFriendly(interfacePIXConfigPointer->in, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + if (interfacePIXConfigPointer->out[0] == 0) + fprintf(nipper->reportFile, " "); + else + { + outputFriendly(interfacePIXConfigPointer->out, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s", tempString); + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + interfacePIXConfigPointer = interfacePIXConfigPointer->next; + } + output_table(nipper, false, settings_inter_table, &settings_interpix_heading); + addAbbreviation("ACL", false); + addAbbreviation("MTU", false); + addAbbreviation("IP", false); +} + diff --git a/0.11.10/PIX/report-nat.c b/0.11.10/PIX/report-nat.c new file mode 100644 index 0000000..c0705ea --- /dev/null +++ b/0.11.10/PIX/report-nat.c @@ -0,0 +1,151 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixNATPATConfig(struct nipperConfig *nipper) +{ + // Variables... + struct staticPIX *staticPIXPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(settings_natpat_desc, nipper, section_none, rate_none, 1, 0); + if (nipper->pix->staticNAT !=0) + { + output_table(nipper, true, settings_nat_static_table, &settings_nat_static_heading); + staticPIXPointer = nipper->pix->staticNAT; + while (staticPIXPointer != 0) + { + outputFriendly(staticPIXPointer->interfaceReal, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (staticPIXPointer->interface == true) + fprintf(nipper->reportFile, "Interface"); + else if (staticPIXPointer->accessList[0] != 0) + { + outputFriendly(staticPIXPointer->accessList, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "ACL: %s", tempString); + addAbbreviation("ACL", false); + } + else if (staticPIXPointer->ipNetMaskReal[0] != 0) + fprintf(nipper->reportFile, "%s %s", staticPIXPointer->ipReal, staticPIXPointer->ipNetMaskReal); + else + fprintf(nipper->reportFile, "%s", staticPIXPointer->ipReal); + outputFriendly(staticPIXPointer->interfaceMapped, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_mid); + outputFriendly(staticPIXPointer->ipMapped, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (staticPIXPointer->dns == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (staticPIXPointer->randomseq == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (staticPIXPointer->nailed == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (staticPIXPointer->tcpMaxConnections == 0) + fprintf(nipper->reportFile, "Unlimited%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", staticPIXPointer->tcpMaxConnections, nipper->tablerow_mid); + if (staticPIXPointer->embrionicConnections == 0) + fprintf(nipper->reportFile, "Unlimited%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", staticPIXPointer->embrionicConnections, nipper->tablerow_mid); + if (staticPIXPointer->udpMaxConnections == 0) + fprintf(nipper->reportFile, "Unlimited%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%d%s", staticPIXPointer->udpMaxConnections, nipper->tablerow_end); + + staticPIXPointer = staticPIXPointer->next; + } + output_table(nipper, false, settings_nat_static_table, &settings_nat_static_heading); + } + if (nipper->pix->staticPAT !=0) + { + output_table(nipper, true, settings_pat_static_table, &settings_pat_static_heading); + staticPIXPointer = nipper->pix->staticPAT; + while (staticPIXPointer != 0) + { + outputFriendly(staticPIXPointer->interfaceReal, tempString, nipper->maxSize, nipper->outputFormat); + if (staticPIXPointer->protocolTcp == true) + fprintf(nipper->reportFile, "%sTCP%s", nipper->tablerow_start, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%sUDP%s", nipper->tablerow_start, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (staticPIXPointer->interface == true) + fprintf(nipper->reportFile, "Interface"); + else if (staticPIXPointer->accessList[0] != 0) + { + outputFriendly(staticPIXPointer->accessList, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "ACL: %s", tempString); + addAbbreviation("ACL", false); + } + else if (staticPIXPointer->ipNetMaskReal[0] != 0) + fprintf(nipper->reportFile, "%s %s", staticPIXPointer->ipReal, staticPIXPointer->ipNetMaskReal); + else + fprintf(nipper->reportFile, "%s", staticPIXPointer->ipReal); + fprintf(nipper->reportFile, " (%s)", staticPIXPointer->portReal); + outputFriendly(staticPIXPointer->interfaceMapped, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_mid); + outputFriendly(staticPIXPointer->ipMapped, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s (%s)%s", tempString, staticPIXPointer->portMapped, nipper->tablerow_mid); + if (staticPIXPointer->dns == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (staticPIXPointer->randomseq == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (staticPIXPointer->nailed == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (staticPIXPointer->tcpMaxConnections == 0) + fprintf(nipper->reportFile, "Unlimited%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", staticPIXPointer->tcpMaxConnections, nipper->tablerow_mid); + if (staticPIXPointer->embrionicConnections == 0) + fprintf(nipper->reportFile, "Unlimited%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", staticPIXPointer->embrionicConnections, nipper->tablerow_mid); + if (staticPIXPointer->udpMaxConnections == 0) + fprintf(nipper->reportFile, "Unlimited%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%d%s", staticPIXPointer->udpMaxConnections, nipper->tablerow_end); + + staticPIXPointer = staticPIXPointer->next; + } + output_table(nipper, false, settings_pat_static_table, &settings_pat_static_heading); + } +} + diff --git a/0.11.10/PIX/report-passwords.c b/0.11.10/PIX/report-passwords.c new file mode 100644 index 0000000..870555d --- /dev/null +++ b/0.11.10/PIX/report-passwords.c @@ -0,0 +1,265 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void output_PIXTablePasswords(struct nipperConfig *nipper, int dictPassword) +{ + // Variables + char tempString[nipper->maxSize]; + + // SNMP + if (nipper->pix->snmp != 0) + { + if (((nipper->pix->snmp->dictionary == true) && (dictPassword == true)) || ((nipper->pix->snmp->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sCommunity%sSNMP%sread-only", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(nipper->pix->snmp->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + } +} + + +void output_PIXLinePasswords(struct nipperConfig *nipper, int dictPassword) +{ + // Variables + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + char tempString3[nipper->maxSize]; + + // SNMP + if (nipper->pix->snmp != 0) + { + if (((nipper->pix->snmp->dictionary == true) && (dictPassword == true)) || ((nipper->pix->snmp->weak == true) && (dictPassword == false))) + { + sprintf(tempString3, "*NOTEXTSTART*The read-only *ABBREV*SNMP*-ABBREV* community string was "); + if (nipper->passwords == true) + { + outputFriendly(nipper->pix->snmp->community, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + } + + output_parseText(tempString2, nipper, section_none, rate_none, 0, 0); +} + + +void pixDictionaryIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + output_parseText(report_dict_obs, nipper, section_obs, rate_none, nipper->simplePasswords, nipper->tableNum); + if (nipper->simplePasswords > 1) + { + output_table(nipper, true, report_dict_table, &report_dict_heading); + output_PIXTablePasswords(nipper, true); + output_table(nipper, false, report_dict_table, &report_dict_heading); + } + else + output_PIXLinePasswords(nipper, true); + output_endsection(nipper, section_obs); + output_parseText(report_dict_impact, nipper, section_imp, rate_high, nipper->simplePasswords, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_dict_ease, nipper, section_ease, rate_trivial, nipper->simplePasswords, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_dict_rec, nipper, section_rec, rate_none, nipper->simplePasswords, nipper->tableNum); + numToWord(nipper->reportFile, nipper->passwordLength); + fprintf(nipper->reportFile, " characters in length and contain"); + if (nipper->passwordUppers == true) + tempInt = 1; + else + tempInt = 0; + if (nipper->passwordLowers == true) + tempInt++; + if (nipper->passwordEither == true) + tempInt++; + if (nipper->passwordNumbers == true) + tempInt++; + if (nipper->passwordSpecials == true) + tempInt++; + if (nipper->passwordUppers == true) + { + fprintf(nipper->reportFile, " uppercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordLowers == true) + { + fprintf(nipper->reportFile, " lowercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordEither == true) + { + fprintf(nipper->reportFile, " either uppercase or lowercase characters"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordNumbers == true) + { + fprintf(nipper->reportFile, " numbers"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordSpecials == true) + { + fprintf(nipper->reportFile, " special"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (((nipper->passwordNumbers == true) && (nipper->passwordSpecials == false)) || ((nipper->passwordEither == false) && (nipper->passwordNumbers == false) && (nipper->passwordSpecials == false))) + fprintf(nipper->reportFile, "."); + else + fprintf(nipper->reportFile, "characters."); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_endsection(nipper, section_rec); +} + + +void pixStrengthIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + output_parseText(report_strength_obs, nipper, section_obs, rate_none, nipper->passwordStrengths, nipper->tableNum); + if (nipper->passwordStrengths > 1) + { + output_table(nipper, true, report_strength_table, &report_dict_heading); + output_PIXTablePasswords(nipper, false); + output_table(nipper, false, report_strength_table, &report_dict_heading); + } + else + output_PIXLinePasswords(nipper, false); + output_endsection(nipper, section_obs); + output_parseText(report_strength_impact, nipper, section_imp, rate_high, nipper->passwordStrengths, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_strength_ease, nipper, section_ease, rate_trivial, nipper->passwordStrengths, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_strength_rec, nipper, section_rec, rate_trivial, nipper->passwordStrengths, nipper->tableNum); + numToWord(nipper->reportFile, nipper->passwordLength); + fprintf(nipper->reportFile, " characters in length and contain"); + if (nipper->passwordUppers == true) + tempInt = 1; + else + tempInt = 0; + if (nipper->passwordLowers == true) + tempInt++; + if (nipper->passwordEither == true) + tempInt++; + if (nipper->passwordNumbers == true) + tempInt++; + if (nipper->passwordSpecials == true) + tempInt++; + if (nipper->passwordUppers == true) + { + fprintf(nipper->reportFile, " uppercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordLowers == true) + { + fprintf(nipper->reportFile, " lowercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordEither == true) + { + fprintf(nipper->reportFile, " either uppercase or lowercase characters"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordNumbers == true) + { + fprintf(nipper->reportFile, " numbers"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordSpecials == true) + { + fprintf(nipper->reportFile, " special"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (((nipper->passwordNumbers == true) && (nipper->passwordSpecials == false)) || ((nipper->passwordEither == false) && (nipper->passwordNumbers == false) && (nipper->passwordSpecials == false))) + fprintf(nipper->reportFile, "."); + else + fprintf(nipper->reportFile, " characters."); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/PIX/report-protocols.c b/0.11.10/PIX/report-protocols.c new file mode 100644 index 0000000..a5a0b20 --- /dev/null +++ b/0.11.10/PIX/report-protocols.c @@ -0,0 +1,57 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixProtocolConfig(struct nipperConfig *nipper) +{ + // Variables... + struct fixupList *fixupPIXPointer = 0; + + // Intro + output_parseText(settings_protoinspect_desc, nipper, section_none, rate_none, 0, 0); + if (nipper->pix->fixup != 0) + { + output_table(nipper, true, settings_protoinspect_table, &settings_protoinspect_heading); + fixupPIXPointer = nipper->pix->fixup; + while (fixupPIXPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, fixupPIXPointer->protocol, nipper->tablerow_mid); + addAbbreviation(fixupPIXPointer->protocol, false); + if (fixupPIXPointer->enabled == true) + fprintf(nipper->reportFile, "Yes"); + else + fprintf(nipper->reportFile, "No"); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, fixupPIXPointer->options, nipper->tablerow_end); + fixupPIXPointer = fixupPIXPointer->next; + } + output_table(nipper, false, settings_protoinspect_table, &settings_protoinspect_heading); + } +} + diff --git a/0.11.10/PIX/report-route.c b/0.11.10/PIX/report-route.c new file mode 100644 index 0000000..f05689f --- /dev/null +++ b/0.11.10/PIX/report-route.c @@ -0,0 +1,64 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixRoutingConfig(struct nipperConfig *nipper) +{ + // Variables... + struct routePIX *routePIXPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(settings_routing_desc, nipper, section_none, rate_none, 0, 0); + output_table(nipper, true, settings_static_route_table, &settings_route_heading); + routePIXPointer = nipper->pix->route; + while (routePIXPointer != 0) + { + outputFriendly(routePIXPointer->interface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile,"%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(routePIXPointer->ipAddress, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(routePIXPointer->netMask, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(routePIXPointer->gateway, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", routePIXPointer->metric, nipper->tablerow_mid); + if (routePIXPointer->track == 0) + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", routePIXPointer->track, nipper->tablerow_mid); + if (routePIXPointer->tunneled == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + routePIXPointer = routePIXPointer->next; + } + output_table(nipper, false, settings_static_route_table, &settings_route_heading); +} + diff --git a/0.11.10/PIX/report-snmp.c b/0.11.10/PIX/report-snmp.c new file mode 100644 index 0000000..8b05cea --- /dev/null +++ b/0.11.10/PIX/report-snmp.c @@ -0,0 +1,109 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixSNMPConfig(struct nipperConfig *nipper) +{ + // Variables... + struct snmpPIXHost *snmpHostPIXPointer = 0; + struct snmpTrapPIX *trapPIXPointer = 0; + + output_parseText(settings_snmp_desc, nipper, section_none, rate_none, -1, 0); + output_table(nipper, true, settings_snmp_table, &settings_general_heading); + if (nipper->pix->snmp->enabled == true) + fprintf(nipper->reportFile, "%sSNMP Server%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSNMP Server%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUDP Port%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->snmp->port, nipper->tablerow_end); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%sCommunity String%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->snmp->community, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sContact%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->snmp->contact, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sLocation%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->snmp->location, nipper->tablerow_end); + output_table(nipper, false, settings_snmp_table, &settings_snmpPIXhosts_heading); + if (nipper->pix->snmp->host != 0) + { + output_table(nipper, true, settings_snmphost_table, &settings_snmpPIXhosts_heading); + snmpHostPIXPointer = nipper->pix->snmp->host; + while (snmpHostPIXPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, snmpHostPIXPointer->interface, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", snmpHostPIXPointer->address, nipper->tablerow_mid); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s%s", snmpHostPIXPointer->community, nipper->tablerow_mid); + if (snmpHostPIXPointer->version == 0) + fprintf(nipper->reportFile, "1 and 2c%s", nipper->tablerow_mid); + else if (snmpHostPIXPointer->version == 1) + fprintf(nipper->reportFile, "1%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "2c%s", nipper->tablerow_mid); + fprintf(nipper->reportFile, "%d%s", snmpHostPIXPointer->port, nipper->tablerow_mid); + if (snmpHostPIXPointer->mode == snmp_mode_both) + fprintf(nipper->reportFile, "Poll and Trap%s", nipper->tablerow_end); + else if (snmpHostPIXPointer->mode == snmp_mode_poll) + fprintf(nipper->reportFile, "Poll%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Trap%s", nipper->tablerow_end); + snmpHostPIXPointer = snmpHostPIXPointer->next; + } + output_table(nipper, false, settings_snmphost_table, &settings_snmpPIXhosts_heading); + } + if (nipper->pix->snmp->trap != 0) + { + output_table(nipper, true, settings_snmptrap_table, &settings_snmpPIXtraps_heading); + trapPIXPointer = nipper->pix->snmp->trap; + while (trapPIXPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s%s %s", nipper->tablerow_start, trapPIXPointer->section, nipper->tablerow_mid, trapPIXPointer->trap, nipper->tablerow_end); + trapPIXPointer = trapPIXPointer->next; + } + output_table(nipper, false, settings_snmptrap_table, &settings_snmpPIXtraps_heading); + } +} + + +void pixSNMPIssue(struct nipperConfig *nipper) +{ + output_parseText(report_snmp_pix_obs, nipper, section_obs, rate_med, nipper->snmpIssue, 0); + output_endsection(nipper, section_obs); + output_parseText(report_snmp_impact, nipper, section_imp, rate_med, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_snmp_ease, nipper, section_ease, rate_difficult, 0, 0); + output_endsection(nipper, section_ease); + if (nipper->pix->snmp == 0) + output_parseText(report_snmp_pix_rec, nipper, section_obs, rate_none, 0, nipper->tableNum); + else if (nipper->pix->snmp->enabled == false) + output_parseText(report_snmp_pix2_rec, nipper, section_obs, rate_none, 0, nipper->tableNum); + else if (nipper->pix->snmp->host != 0) + output_parseText(report_snmp_pix_rec, nipper, section_obs, rate_none, -1, nipper->tableNum); + else + output_parseText(report_snmp_pix_rec, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/PIX/report-ssh.c b/0.11.10/PIX/report-ssh.c new file mode 100644 index 0000000..49a9169 --- /dev/null +++ b/0.11.10/PIX/report-ssh.c @@ -0,0 +1,95 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void pixSSHConfig(struct nipperConfig *nipper) +{ + // Variables... + struct sshAccessConfig *sshPointer = 0; + + output_table(nipper, true, settings_ssh_table, &settings_general_heading); + if (nipper->pix->ssh->version == 0) + fprintf(nipper->reportFile, "%sProtocol Version%s1 and 2%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sProtocol Version%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pix->ssh->version, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sSession Timeout%s", nipper->tablerow_start, nipper->tablerow_mid); + numToWord(nipper->reportFile, nipper->pix->ssh->timeout); + fprintf(nipper->reportFile, " minutes%s", nipper->tablerow_end); + output_table(nipper, false, settings_ssh_table, &settings_general_heading); + + sshPointer = nipper->pix->ssh->access; + if (sshPointer != 0) + { + output_table(nipper, true, settings_sshman_table, &settings_sshman_heading); + while (sshPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, sshPointer->ipAddress, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", sshPointer->netMask, nipper->tablerow_mid); + fprintf(nipper->reportFile, "%s%s", sshPointer->interface, nipper->tablerow_end); + sshPointer = sshPointer->next; + } + output_table(nipper, false, settings_sshman_table, &settings_sshman_heading); + } + addAbbreviation("SSH", false); +} + + +void pixSSHIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + if ((nipper->versionMajor < 7) || ((nipper->versionMajor == 7) && (nipper->versionMinor == 0) && (nipper->versionRevision == 0))) + tempInt = -1; + else + tempInt = 0; + output_parseText(report_sshproto_obs, nipper, section_obs, rate_none, tempInt, 0); + output_endsection(nipper, section_obs); + output_parseText(report_sshproto_impact, nipper, section_imp, rate_med, tempInt, 0); + output_endsection(nipper, section_imp); + output_parseText(report_sshproto_ease, nipper, section_ease, rate_difficult, tempInt, 0); + output_endsection(nipper, section_ease); + output_parseText(report_sshproto_rec1, nipper, section_rec, rate_none, tempInt, 0); + output_endsection(nipper, section_rec); +} + + +void sshManIssue(struct nipperConfig *nipper) +{ + output_parseText(report_sshman_obs, nipper, section_obs, rate_none, 0, 0); + output_endsection(nipper, section_obs); + output_parseText(report_sshman_impact, nipper, section_imp, rate_med, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_sshman_ease, nipper, section_ease, rate_noease, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_sshman_rec, nipper, section_rec, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/PIX/report.c b/0.11.10/PIX/report.c new file mode 100644 index 0000000..dec9719 --- /dev/null +++ b/0.11.10/PIX/report.c @@ -0,0 +1,196 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for PIX/ASA reporting... + +// Report PIX includes... +#include "report-access-list.c" +#include "report-debug.c" +#include "report-enable.c" +#include "report-general.c" +#include "report-http.c" +#include "report-icmp.c" +#include "report-interface.c" +#include "report-nat.c" +#include "report-passwords.c" +#include "report-protocols.c" +#include "report-route.c" +#include "report-snmp.c" +#include "report-ssh.c" + + +void generatePIXReport(struct nipperConfig *nipper) +{ + // Variables + struct interfacePIXConfig *interfacePIXConfigPointer = 0; + struct vulnerability *vulnPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct sshAccessConfig *sshPointer = 0; + + // Security Section Issues + if (nipper->fullReport == true) + { + + // Software Version + nipper->vulnIssues = 0; + nipper->vulnIssueDos = false; + nipper->vulnIssueRemote = false; + if (nipper->deviceType == type_fwsm_firewall) + vulnPointer = &report_vuln_fwsm; + else + vulnPointer = &report_vuln_pix; + while (vulnPointer->next != 0) + { + checkVulnVersion(nipper, vulnPointer); + vulnPointer = vulnPointer->next; + } + if (nipper->vulnIssues > 0) + addReportSection(nipper, section_security, report_osver_title, report_osver_context, report_osver_rectext, 10, 8, 5, 3, pixVulnerabilityIssue); + + // Simple Passwords + if (nipper->simplePasswords > 1) + addReportSection(nipper, section_security, report_dict_title1, report_dict_context, report_dict_rectext, 10, 8, 5, 3, pixDictionaryIssue); + else if (nipper->simplePasswords > 0) + addReportSection(nipper, section_security, report_dict_title2, report_dict_context, report_dict_rectext, 10, 8, 5, 3, pixDictionaryIssue); + + // Password Strength + if (nipper->passwordStrengths > 1) + addReportSection(nipper, section_security, report_strength_title1, report_strength_context, report_strength_rectext, 10, 8, 5, 3, pixStrengthIssue); + else if (nipper->passwordStrengths > 0) + addReportSection(nipper, section_security, report_strength_title2, report_strength_context, report_strength_rectext, 10, 8, 5, 3, pixStrengthIssue); + + // Timeout + if (nipper->pix->ssh != 0) + { + if (nipper->pix->ssh->timeout * 60 > nipper->connectionTimeout) + nipper->insecureTimeouts++; + } + if (nipper->insecureTimeouts > 0) + addReportSection(nipper, section_security, report_timeout_title, report_timeout_context, report_timeout_rectext, 10, 8, 5, 3, pixTimeoutIssue); + + // SNMP + if (nipper->pix->snmp != 0) + { + if ((nipper->pix->snmp->enabled == true) && (nipper->pix->snmp->host != 0)) + nipper->snmpIssue = 2; + else if (nipper->pix->snmp->enabled == true) + nipper->snmpIssue = 1; + else if (nipper->pix->snmp->host != 0) + nipper->snmpIssue = -1; + } + if (nipper->snmpIssue != 0) + addReportSection(nipper, section_security, report_snmp_title, report_snmp_context, report_snmp_css_rectext, 10, 8, 5, 3, pixSNMPIssue); + + // Access Lists + rulesAudit(nipper); + if (nipper->aclIssues > 0) + addReportSection(nipper, section_security, report_accesslist_title, report_accesslist_context, report_accesslist_rectext, 10, 8, 5, 3, ciscoACLIssue); + + // SSH Remote Management Hosts + if (nipper->pix->ssh != 0) + { + sshPointer = nipper->pix->ssh->access; + while (sshPointer != 0) + { + if (strcmp(sshPointer->netMask, "255.255.255.255") != 0) + nipper->sshManIssues++; + sshPointer = sshPointer->next; + } + } + if (nipper->sshManIssues > 0) + addReportSection(nipper, section_security, report_sshman_title, report_sshman_context, report_sshman_rectext, 10, 8, 5, 3, sshManIssue); + + // FloodGuard + if (nipper->pix->floodguard == false) + addReportSection(nipper, section_security, report_floodguard_title, report_floodguard_context, report_floodguard_rectext, 10, 8, 5, 3, pixFloodGuardIssue); + + // uRPF verification + if ((nipper->deviceType != type_fwsm_firewall) && (nipper->deviceUse == use_edge)) + { + interfacePIXConfigPointer = nipper->pix->interface; + while (interfacePIXConfigPointer != 0) + { + if ((interfacePIXConfigPointer->uRPF == false) && (interfacePIXConfigPointer->shutdown == false) && (strcmp(interfacePIXConfigPointer->ipAddress, "") != 0)) + nipper->uRPFIssues++; + interfacePIXConfigPointer = interfacePIXConfigPointer->next; + } + } + if (nipper->uRPFIssues != 0) + addReportSection(nipper, section_security, report_urpf_title, report_urpf_context, report_urpf_rectext, 10, 8, 5, 3, pixURPFIssue); + + // SSH Protocol Version + if ((nipper->pix->ssh != 0) && (nipper->deviceType != type_fwsm_firewall)) + { + if (nipper->pix->ssh->version < 2) + addReportSection(nipper, section_security, report_sshproto_title, report_sshproto_context, report_sshproto_rectext, 10, 8, 5, 3, pixSSHIssue); + } + } + + // Configuration Reporting... + addReportSection(nipper, section_config, settings_general_title, 0, 0, 0, 0, 0, 0, pixGeneralConfig); + addReportSection(nipper, section_config, settings_services_title, 0, 0, 0, 0, 0, 0, pixServicesConfig); + if (((nipper->pix->enable != 0) || (nipper->pix->password[0] != 0)) && (nipper->passwords == true)) + addReportSection(nipper, section_config, settings_users_title, 0, 0, 0, 0, 0, 0, pixUsersConfig); + if (nipper->pix->snmp != 0) + addReportSection(nipper, section_config, settings_snmp_title, 0, 0, 0, 0, 0, 0, pixSNMPConfig); + if (nipper->pix->ssh != 0) + addReportSection(nipper, section_config, settings_ssh_title, 0, 0, 0, 0, 0, 0, pixSSHConfig); + if (nipper->pix->http != 0) + addReportSection(nipper, section_config, settings_http_title, 0, 0, 0, 0, 0, 0, pixHTTPConfig); + if (nipper->pix->interface != 0) + addReportSection(nipper, section_config, settings_inter_title, 0, 0, 0, 0, 0, 0, pixInterfaceConfig); + if ((nipper->pix->staticNAT !=0) || (nipper->pix->staticPAT !=0)) + addReportSection(nipper, section_config, settings_natpat_title, 0, 0, 0, 0, 0, 0, pixNATPATConfig); + if (nipper->pix->route !=0) + addReportSection(nipper, section_config, settings_routing_title, 0, 0, 0, 0, 0, 0, pixRoutingConfig); + if ((nipper->pix->standardAccessList > 0) || (nipper->pix->extendedAccessList > 0) || (nipper->pix->oldAccessList > 0)) + addReportSection(nipper, section_config, settings_accesslists_title, 0, 0, 0, 0, 0, 0, pixACLConfig); + if (nipper->pix->icmp != 0) + addReportSection(nipper, section_config, settings_icmpaccess_title, 0, 0, 0, 0, 0, 0, pixICMPConfig); + if (nipper->pix->fixup != 0) + addReportSection(nipper, section_config, settings_protoinspect_title, 0, 0, 0, 0, 0, 0, pixProtocolConfig); + objectListPointer = nipper->objectList; + while (objectListPointer != 0) + { + if (strcmp(objectListPointer->name, "OBJECTLIST") == 0) + addReportSection(nipper, section_config, settings_objects_title, 0, 0, 0, 0, 0, 0, pixObjectConfig); + objectListPointer = objectListPointer->next; + } + objectListPointer = nipper->objectList; + while (objectListPointer != 0) + { + if (strcmp(objectListPointer->name, "NAMELIST") == 0) + addReportSection(nipper, section_config, settings_namemap_title, 0, 0, 0, 0, 0, 0, nameMapConfig); + objectListPointer = objectListPointer->next; + } + + // Generate Report... + generateReport(nipper); +} diff --git a/0.11.10/Passport/.svn/all-wcprops b/0.11.10/Passport/.svn/all-wcprops new file mode 100644 index 0000000..af3c708 --- /dev/null +++ b/0.11.10/Passport/.svn/all-wcprops @@ -0,0 +1,53 @@ +K 25 +svn:wc:ra_dav:version-url +V 38 +/svn/!svn/ver/3/trunk/0.11.10/Passport +END +input.c +K 25 +svn:wc:ra_dav:version-url +V 46 +/svn/!svn/ver/3/trunk/0.11.10/Passport/input.c +END +report-debug.c +K 25 +svn:wc:ra_dav:version-url +V 53 +/svn/!svn/ver/3/trunk/0.11.10/Passport/report-debug.c +END +report-filters.c +K 25 +svn:wc:ra_dav:version-url +V 55 +/svn/!svn/ver/3/trunk/0.11.10/Passport/report-filters.c +END +process-filters.c +K 25 +svn:wc:ra_dav:version-url +V 56 +/svn/!svn/ver/3/trunk/0.11.10/Passport/process-filters.c +END +report-general.c +K 25 +svn:wc:ra_dav:version-url +V 55 +/svn/!svn/ver/3/trunk/0.11.10/Passport/report-general.c +END +cleanup.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/Passport/cleanup.c +END +process-general.c +K 25 +svn:wc:ra_dav:version-url +V 56 +/svn/!svn/ver/3/trunk/0.11.10/Passport/process-general.c +END +report.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/Passport/report.c +END diff --git a/0.11.10/Passport/.svn/entries b/0.11.10/Passport/.svn/entries new file mode 100644 index 0000000..1a179b1 --- /dev/null +++ b/0.11.10/Passport/.svn/entries @@ -0,0 +1,300 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/0.11.10/Passport +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +cleanup.c +file + + + + +2016-02-13T06:47:11.984153Z +11cc6ac47dc27f3842509de4e69ec77b +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2390 + +process-general.c +file + + + + +2016-02-13T06:47:11.984153Z +207021826dcfbf5026b4e8fa3556d8cd +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4482 + +report.c +file + + + + +2016-02-13T06:47:11.984153Z +9ebb47dc2cbdc25e1a3d9a57e6c28071 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3120 + +input.c +file + + + + +2016-02-13T06:47:11.984153Z +678a80ee3f3b84c5e53d452de0ab37b6 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4062 + +report-debug.c +file + + + + +2016-02-13T06:47:11.984153Z +042a0e7c5384ab0eba107f6906a4132c +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3002 + +report-filters.c +file + + + + +2016-02-13T06:47:11.984153Z +e394b14249bf915ec90ccd9d209249ea +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5519 + +process-filters.c +file + + + + +2016-02-13T06:47:11.984153Z +45a3708cbc728dd0651a5e1838c58f40 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +17178 + +report-general.c +file + + + + +2016-02-13T06:47:11.984153Z +87dba06d7ac949d77ca4f9508689a2d8 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3102 + diff --git a/0.11.10/Passport/.svn/text-base/cleanup.c.svn-base b/0.11.10/Passport/.svn/text-base/cleanup.c.svn-base new file mode 100644 index 0000000..dc863c6 --- /dev/null +++ b/0.11.10/Passport/.svn/text-base/cleanup.c.svn-base @@ -0,0 +1,39 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the Passport cleanup code + + +void cleanupPAS(struct nipperConfig *nipper) +{ + // Cleanup Nortel Passport config + free(nipper->pas); +} + diff --git a/0.11.10/Passport/.svn/text-base/input.c.svn-base b/0.11.10/Passport/.svn/text-base/input.c.svn-base new file mode 100644 index 0000000..310fe7e --- /dev/null +++ b/0.11.10/Passport/.svn/text-base/input.c.svn-base @@ -0,0 +1,93 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct passportConfig +{ + char boxType[16]; + char monitorVersion[16]; + struct passportFilter *filter; + struct passportFilterSet *filterSet; +}; + + +// Processing Nortel Passport includes... +#include "process-filters.c" +#include "process-general.c" + + +void processPASInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + + // Split the command line up + command = splitLine(line); + + // Software Version + if ((strcmp(command.part[0], "#") == 0) && (strcmp(command.part[1], "software") == 0) && (strcmp(command.part[2], "version") == 0) && (strcmp(command.part[3], ":") == 0)) + processSoftwarePAS(line, nipper); + + // Box Type + else if ((strcmp(command.part[0], "#") == 0) && (strcmp(command.part[1], "box") == 0) && (strcmp(command.part[2], "type") == 0) && (strcmp(command.part[3], ":") == 0)) + processBoxTypePAS(line, nipper); + + // Monitor Version + else if ((strcmp(command.part[0], "#") == 0) && (strcmp(command.part[1], "monitor") == 0) && (strcmp(command.part[2], "version") == 0) && (strcmp(command.part[3], ":") == 0)) + processMonitorPAS(line, nipper); + + // IP Commands... + else if (strcmp(command.part[0], "ip") == 0) + { + + // Traffic Filter Commands... + if (strcmp(command.part[1], "traffic-filter") == 0) + { + + // Create ... + if (strcmp(command.part[2], "create") == 0) + processCreateFilterPAS(line, nipper); + + // Filter ... + else if (strcmp(command.part[2], "filter") == 0) + processFilterPAS(line, nipper); + + // Filter Set... + else if ((strcmp(command.part[2], "set") == 0) || (strcmp(command.part[2], "global-set") == 0)) + processFilterSetPAS(line, nipper); + } + } + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} diff --git a/0.11.10/Passport/.svn/text-base/process-filters.c.svn-base b/0.11.10/Passport/.svn/text-base/process-filters.c.svn-base new file mode 100644 index 0000000..3310818 --- /dev/null +++ b/0.11.10/Passport/.svn/text-base/process-filters.c.svn-base @@ -0,0 +1,488 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code to process Passport filters + + +// Process a Filter Set... +void processFilterSetPAS(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct filterListConfig *filterListPointer = 0; + struct filterListConfig *filterListFromPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterConfig *filterSearchPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + struct filterObjectConfig *filterObjectFromPointer = 0; + struct ciscoCommand command; + char tempString[nipper->maxSize]; + + // Debug + if (nipper->debugMode == true) + { + printf("Filter Set Line: %s\n", line); + } + + // Split the command line up + command = splitLine(line); + + // Get Filter set pointer... + filterListPointer = getFilterList(nipper, command.part[3], "", false); + + // Filter Set Create? + if (strcmp(command.part[4], "create") == 0) + { + stripQuotes(command.part[6], tempString, nipper->maxSize); + strncpy(filterListPointer->listName, tempString, sizeof(filterListPointer->listName) - 1); + } + + // Add filter to the set + else if (strcmp(command.part[4], "add-filter") == 0) + { + // Find filter... + filterListFromPointer = getFilterList(nipper, "**UNASSIGNED**", "", false); + filterSearchPointer = filterListFromPointer->filter; + if (filterSearchPointer != 0) + { + while ((filterSearchPointer->next != 0) && (filterSearchPointer->id != atoi(command.part[5]))) + filterSearchPointer = filterSearchPointer->next; + if (filterSearchPointer->id == atoi(command.part[5])) + { + + // Set it found... + filterSearchPointer->inSet = true; + + // If first filter in destination filter set... + if (filterListPointer->filter == 0) + { + filterListPointer->filter = malloc(sizeof(struct filterConfig)); + filterPointer = filterListPointer->filter; + } + else + { + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + filterPointer->next = malloc(sizeof(struct filterConfig)); + filterPointer = filterPointer->next; + } + + // Copy the settings... + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->id = filterSearchPointer->id; + filterPointer->enabled = filterSearchPointer->enabled; + filterPointer->action = filterSearchPointer->action; + filterPointer->log = filterSearchPointer->log; + strcpy(filterPointer->remark, filterSearchPointer->remark); + strcpy(filterPointer->protocol, filterSearchPointer->protocol); + filterPointer->protocolType = filterSearchPointer->protocolType; + filterPointer->established = filterSearchPointer->established; + filterPointer->fragments = filterSearchPointer->fragments; + filterPointer->filterType = filterSearchPointer->filterType; + filterPointer->stop = filterSearchPointer->stop; + filterPointer->inSet = filterSearchPointer->inSet; + + // Source Objects... + filterObjectFromPointer = filterSearchPointer->source; + while (filterObjectFromPointer != 0) + { + // If first object member... + if (filterPointer->source == 0) + { + filterPointer->source = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->source; + } + else + { + filterObjectPointer = filterPointer->source; + while (filterObjectPointer->next != 0) + filterObjectPointer = filterObjectPointer->next; + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + } + + // Copy data... + memset(filterObjectPointer, 0, sizeof(struct filterObjectConfig)); + strcpy(filterObjectPointer->name, filterObjectFromPointer->name); + strcpy(filterObjectPointer->netMask, filterObjectFromPointer->netMask); + filterObjectPointer->serviceOp = filterObjectFromPointer->serviceOp; + filterObjectPointer->type = filterObjectFromPointer->type; + + filterObjectFromPointer = filterObjectFromPointer->next; + } + + // Source ServiceObjects... + filterObjectFromPointer = filterSearchPointer->sourceService; + while (filterObjectFromPointer != 0) + { + // If first object member... + if (filterPointer->sourceService == 0) + { + filterPointer->sourceService = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->sourceService; + } + else + { + filterObjectPointer = filterPointer->sourceService; + while (filterObjectPointer->next != 0) + filterObjectPointer = filterObjectPointer->next; + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + } + + // Copy data... + memset(filterObjectPointer, 0, sizeof(struct filterObjectConfig)); + strcpy(filterObjectPointer->name, filterObjectFromPointer->name); + strcpy(filterObjectPointer->netMask, filterObjectFromPointer->netMask); + filterObjectPointer->serviceOp = filterObjectFromPointer->serviceOp; + filterObjectPointer->type = filterObjectFromPointer->type; + + filterObjectFromPointer = filterObjectFromPointer->next; + } + + // Destination Objects... + filterObjectFromPointer = filterSearchPointer->destination; + while (filterObjectFromPointer != 0) + { + // If first object member... + if (filterPointer->destination == 0) + { + filterPointer->destination = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->destination; + } + else + { + filterObjectPointer = filterPointer->destination; + while (filterObjectPointer->next != 0) + filterObjectPointer = filterObjectPointer->next; + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + } + + // Copy data... + memset(filterObjectPointer, 0, sizeof(struct filterObjectConfig)); + strcpy(filterObjectPointer->name, filterObjectFromPointer->name); + strcpy(filterObjectPointer->netMask, filterObjectFromPointer->netMask); + filterObjectPointer->serviceOp = filterObjectFromPointer->serviceOp; + filterObjectPointer->type = filterObjectFromPointer->type; + + filterObjectFromPointer = filterObjectFromPointer->next; + } + + // Destination Service Objects... + filterObjectFromPointer = filterSearchPointer->destinationService; + while (filterObjectFromPointer != 0) + { + // If first object member... + if (filterPointer->destinationService == 0) + { + filterPointer->destinationService = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->destinationService; + } + else + { + filterObjectPointer = filterPointer->destinationService; + while (filterObjectPointer->next != 0) + filterObjectPointer = filterObjectPointer->next; + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + } + + // Copy data... + memset(filterObjectPointer, 0, sizeof(struct filterObjectConfig)); + strcpy(filterObjectPointer->name, filterObjectFromPointer->name); + strcpy(filterObjectPointer->netMask, filterObjectFromPointer->netMask); + filterObjectPointer->serviceOp = filterObjectFromPointer->serviceOp; + filterObjectPointer->type = filterObjectFromPointer->type; + + filterObjectFromPointer = filterObjectFromPointer->next; + } + } + } + } +} + + +// Add a source / destination... +struct filterObjectConfig *addPASFilterSourceDestination(struct filterConfig *filterPointer, char *address, int objectType) +{ + // Variables... + struct filterObjectConfig *filterObjectPointer = 0; + char *slashChar; + int size = 0; + + // Check that if it is default... + if ((strcasecmp(address, "default") == 0) || (strcmp(address, "0.0.0.0/0.0.0.0") == 0)) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", objectType); + filterObjectPointer->type = object_type_any; + } + + else + { + // Get size... + size = strlen(address); + + // Find the / character (if one exists) + slashChar = strchr(address, '/'); + + // Set string terminator... + if (slashChar != NULL) + slashChar[0] = 0; + + // Create object + filterObjectPointer = getFilterMember(filterPointer, address, objectType); + + // Set mask... + if (slashChar != NULL) + { + if (strlen(slashChar + 1) < 3) + setMaskFromCIDR(filterObjectPointer->netMask, atoi(slashChar + 1)); + else + strncpy(filterObjectPointer->netMask, slashChar + 1, sizeof(filterObjectPointer->netMask) - 1); + if (strcmp(filterObjectPointer->netMask, "255.255.255.255") == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_network; + } + else + filterObjectPointer->type = object_type_host; + } + + return filterObjectPointer; +} + + +// Process a Create Filter... +void processCreateFilterPAS(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct filterListConfig *filterListPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Filter Create Line: %s\n", line); + } + + // Split the command line up + command = splitLine(line); + + if ((strcmp(command.part[3], "source") == 0) || (strcmp(command.part[3], "destination") == 0) || (strcmp(command.part[3], "global") == 0)) + { + // Create & init structure... + filterListPointer = getFilterList(nipper, "**UNASSIGNED**", "", false); + + // If first filter... + if (filterListPointer->filter == 0) + { + filterListPointer->filter = malloc(sizeof(struct filterConfig)); + filterPointer = filterListPointer->filter; + } + else + { + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + filterPointer->next = malloc(sizeof(struct filterConfig)); + filterPointer = filterPointer->next; + } + + // Init... + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->action = filter_action_default; + filterPointer->stop = true; + filterPointer->inSet = false; + + // Source + if (strcmp(command.part[3], "source") == 0) + filterPointer->filterType = filter_type_source; + // Destination + else if (strcmp(command.part[3], "destination") == 0) + filterPointer->filterType = filter_type_destination; + // Global + else + filterPointer->filterType = filter_type_global; + tempInt = 4; + + while (tempInt < command.parts) + { + // Source? + if (strcmp(command.part[tempInt], "src-ip") == 0) + { + tempInt++; + filterObjectPointer = addPASFilterSourceDestination(filterPointer, command.part[tempInt], object_filter_source); + } + + // Destination? + else if (strcmp(command.part[tempInt], "dst-ip") == 0) + { + tempInt++; + filterObjectPointer = addPASFilterSourceDestination(filterPointer, command.part[tempInt], object_filter_destination); + } + + // Filter Id? + else if (strcmp(command.part[tempInt], "id") == 0) + { + tempInt++; + filterPointer->id = atoi(command.part[tempInt]); + } + + tempInt++; + } + } +} + + +// Process a Filter... +void processFilterPAS(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct filterListConfig *filterListPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + char tempString[nipper->maxSize]; + + // Debug + if (nipper->debugMode == true) + { + printf("Filter Filter Line: %s\n", line); + } + + // Split the command line up + command = splitLine(line); + + // Find filter... + filterListPointer = getFilterList(nipper, "**UNASSIGNED**", "", false); + if (filterListPointer->filter != 0) + { + filterPointer = filterListPointer->filter; + while ((filterPointer->next != 0) && (filterPointer->id != atoi(command.part[3]))) + filterPointer = filterPointer->next; + if (filterPointer->id == atoi(command.part[3])) + { + + // Name... + if (strcmp(command.part[4], "name") == 0) + { + stripQuotes(command.part[5], tempString, nipper->maxSize); + strncpy(filterPointer->remark, tempString, sizeof(filterPointer->remark) - 1); + } + + // Action... + else if (strcmp(command.part[4], "action") == 0) + { + + // Mode... + if (strcmp(command.part[5], "mode") == 0) + { + if (strcmp(command.part[6], "forward") == 0) + filterPointer->action = filter_action_accept; + else if (strcmp(command.part[6], "drop") == 0) + filterPointer->action = filter_action_drop; + else if (strcmp(command.part[6], "forward-to-next-hop") == 0) + filterPointer->action = filter_action_accept; + } + + // Stop on match... + else if (strcmp(command.part[5], "stop-on-match") == 0) + { + if (strcmp(command.part[6], "true") == 0) + filterPointer->stop = true; + else + filterPointer->stop = false; + } + } + + // Match... + else if (strcmp(command.part[4], "match") == 0) + { + + // Protocol... + if (strcmp(command.part[5], "protocol") == 0) + strncpy(filterPointer->protocol, command.part[6], sizeof(filterPointer->protocol) - 1); + + // Source Port... + else if (strcmp(command.part[5], "src-port") == 0) + { + filterObjectPointer = addPASFilterSourceDestination(filterPointer, command.part[6], object_filter_sourceService); + if (command.parts == 9) + { + + // Options... + if (strcasecmp(command.part[7], "src-option") == 0) + { + if (strcasecmp(command.part[8], "ignore") == 0) + filterObjectPointer->serviceOp = service_oper_ignore; + else if (strcasecmp(command.part[8], "equal") == 0) + filterObjectPointer->serviceOp = service_oper_eq; + else if (strcasecmp(command.part[8], "less") == 0) + filterObjectPointer->serviceOp = service_oper_lt; + else if (strcasecmp(command.part[8], "greater") == 0) + filterObjectPointer->serviceOp = service_oper_gt; + else if (strcasecmp(command.part[8], "notequal") == 0) + filterObjectPointer->serviceOp = service_oper_neq; + } + } + } + + // Destination Port... + else if (strcmp(command.part[5], "dst-port") == 0) + { + filterObjectPointer = addPASFilterSourceDestination(filterPointer, command.part[6], object_filter_service); + if (command.parts == 9) + { + + // Destination Option... + if (strcasecmp(command.part[7], "dst-option") == 0) + { + if (strcasecmp(command.part[8], "ignore") == 0) + filterObjectPointer->serviceOp = service_oper_ignore; + else if (strcasecmp(command.part[8], "equal") == 0) + filterObjectPointer->serviceOp = service_oper_eq; + else if (strcasecmp(command.part[8], "less") == 0) + filterObjectPointer->serviceOp = service_oper_lt; + else if (strcasecmp(command.part[8], "greater") == 0) + filterObjectPointer->serviceOp = service_oper_gt; + else if (strcasecmp(command.part[8], "notequal") == 0) + filterObjectPointer->serviceOp = service_oper_neq; + } + } + } + } + } + } +} + diff --git a/0.11.10/Passport/.svn/text-base/process-general.c.svn-base b/0.11.10/Passport/.svn/text-base/process-general.c.svn-base new file mode 100644 index 0000000..a60cd82 --- /dev/null +++ b/0.11.10/Passport/.svn/text-base/process-general.c.svn-base @@ -0,0 +1,120 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the general processing code for Passport devices + + +// Software Version... +void processSoftwarePAS(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + int tempInt = 0; + int offset = 0; + + if (nipper->debugMode == true) + printf("Software Version Line: %s\n", line); + + // Split the command line up + command = splitLine(line); + + // Copy Box Type + strncpy(nipper->version, command.part[4], sizeof(nipper->version) - 1); + + // Major... + while ((command.part[4][tempInt] != '.') && (tempInt < strlen(nipper->version))) + tempInt++; + if (command.part[4][tempInt] == '.') + command.part[4][tempInt] = 0; + nipper->versionMajor = atoi(command.part[4]); + tempInt++; + + // Minor... + if (tempInt < strlen(nipper->version)) + { + offset = tempInt; + while ((command.part[4][tempInt] != '.') && (tempInt < strlen(nipper->version))) + tempInt++; + if (command.part[4][tempInt] == '.') + command.part[4][tempInt] = 0; + nipper->versionMinor = atoi(command.part[4] + offset); + tempInt++; + } + + // Revision... + if (tempInt < strlen(nipper->version)) + { + offset = tempInt; + while ((command.part[4][tempInt] != '.') && (tempInt < strlen(nipper->version))) + tempInt++; + if (command.part[4][tempInt] == '.') + command.part[4][tempInt] = 0; + nipper->versionRevision = atoi(command.part[4] + offset); + tempInt++; + } + + // Revision Minor... + if (tempInt < strlen(nipper->version)) + nipper->versionRevisionMinor = atoi(command.part[4] + tempInt); +} + + +// Box Type... +void processBoxTypePAS(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + + if (nipper->debugMode == true) + printf("Box Type Line: %s\n", line); + + // Split the command line up + command = splitLine(line); + + // Copy Box Type + strncpy(nipper->pas->boxType, command.part[4], sizeof(nipper->pas->boxType) - 1); +} + + +// Monitor Version... +void processMonitorPAS(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + + if (nipper->debugMode == true) + printf("Monitor Version Line: %s\n", line); + + // Split the command line up + command = splitLine(line); + + // Copy Box Type + strncpy(nipper->pas->monitorVersion, command.part[4], sizeof(nipper->pas->monitorVersion) - 1); +} diff --git a/0.11.10/Passport/.svn/text-base/report-debug.c.svn-base b/0.11.10/Passport/.svn/text-base/report-debug.c.svn-base new file mode 100644 index 0000000..b40b60a --- /dev/null +++ b/0.11.10/Passport/.svn/text-base/report-debug.c.svn-base @@ -0,0 +1,52 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void reportPASDebug(struct nipperConfig *nipper) +{ + // Variables... + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf("True or Enabled = %d\n", true); + printf("False or Disabled = %d\n", false); + printf("Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + printf("Hostname: %s\n", nipper->hostname); + printf("Passport Version: %s\n", nipper->version); + printf("Passport Version: %d.%d.%d.%d\n", nipper->versionMajor, nipper->versionMinor, nipper->versionRevision, nipper->versionRevisionMinor); + printf("Monitor Version: %s\n", nipper->pas->monitorVersion); + printf("Box Type: %s\n", nipper->pas->boxType); + + // Filter Rules... + reportRulesDebug(nipper); +} diff --git a/0.11.10/Passport/.svn/text-base/report-filters.c.svn-base b/0.11.10/Passport/.svn/text-base/report-filters.c.svn-base new file mode 100644 index 0000000..d2926d1 --- /dev/null +++ b/0.11.10/Passport/.svn/text-base/report-filters.c.svn-base @@ -0,0 +1,129 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for Passport reporting + + +void pasFilterConfig(struct nipperConfig *nipper) +{ + // ACL + reportRules(nipper); +} + + +void pasFilterIssue(struct nipperConfig *nipper) +{ + // Variables... + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + char tempString[128]; + int ruleNumber = 0; + + output_parseText(report_pasfilter_obs, nipper, section_obs, rate_none, nipper->aclIssues, nipper->tableNum); + + // One Access List issue... + if (nipper->aclIssues == 1) + { + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + ruleNumber = 1; + + // Set filter set name... + if (strcmp(filterListPointer->name, "**UNASSIGNED**") == 0) + strcpy(tempString, "Unassigned"); + else + strcpy(tempString, filterListPointer->name); + + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + reportCommonFilterIssues(nipper, tempString, "IP filter set", "filter ID", filterPointer, ruleNumber, filterListPointer); + ruleNumber++; + } + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "IP filter set %s %s", tempString, report_pasfilter_denylog); + + filterListPointer = filterListPointer->next; + } + output_newPara(nipper); + } + + // More than one issue... + else if (nipper->aclIssues > 1) + { + output_table(nipper, true, report_pasfilter_table, &report_pasfilter_table_heading); + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + ruleNumber = 1; + // Set filter set name... + if (strcmp(filterListPointer->name, "**UNASSIGNED**") == 0) + strcpy(tempString, "Unassigned"); + else + strcpy(tempString, filterListPointer->name); + + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + reportCommonFilterTableIssues(nipper, tempString, filterPointer, ruleNumber, filterListPointer); + + ruleNumber++; + } + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "%s%s%sN/A%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, nipper->tablerow_mid, report_pasfilter_denylog, nipper->tablerow_end); + + filterListPointer = filterListPointer->next; + } + output_table(nipper, false, report_pasfilter_table, &report_pasfilter_table_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_pasfilter_impact, nipper, section_imp, rate_med, nipper->aclIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_pasfilter_ease, nipper, section_ease, rate_noease, nipper->aclIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_pasfilter_rec, nipper, section_rec, rate_none, nipper->aclIssues, nipper->tableNum); + set_aclrec_list(nipper, &report_pasfilter_heading); + output_list(nipper, &report_pasfilter_heading); + output_parseText(report_fw1policy_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} diff --git a/0.11.10/Passport/.svn/text-base/report-general.c.svn-base b/0.11.10/Passport/.svn/text-base/report-general.c.svn-base new file mode 100644 index 0000000..56a2240 --- /dev/null +++ b/0.11.10/Passport/.svn/text-base/report-general.c.svn-base @@ -0,0 +1,42 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for Passport reporting + +void pasGeneralConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_general_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sHostname%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->friendlyHostname, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPassport Software Version%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->version, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sMonitor Version%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pas->monitorVersion, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPassport Hardware%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pas->boxType, nipper->tablerow_end); + output_table(nipper, false, settings_general_table, &settings_general_heading); +} + diff --git a/0.11.10/Passport/.svn/text-base/report.c.svn-base b/0.11.10/Passport/.svn/text-base/report.c.svn-base new file mode 100644 index 0000000..f5ad461 --- /dev/null +++ b/0.11.10/Passport/.svn/text-base/report.c.svn-base @@ -0,0 +1,62 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for Passport reporting + +// Report Passport includes... +#include "report-debug.c" +#include "report-filters.c" +#include "report-general.c" + + +void generatePASReport(struct nipperConfig *nipper) +{ + // Security Issues... + if (nipper->fullReport == true) + { + + // Filter Issues + if (nipper->filterList == 0) + nipper->aclIssues = -1; + else + rulesAudit(nipper); + if (nipper->aclIssues != 0) + addReportSection(nipper, section_security, report_pasfilter_title, report_pasfilter_context, report_pasfilter_rectext, 10, 8, 5, 3, pasFilterIssue); + } + + // Configuration Output + addReportSection(nipper, section_config, settings_general_title, 0, 0, 0, 0, 0, 0, pasGeneralConfig); + if (nipper->filterList != 0) + addReportSection(nipper, section_config, settings_filter_title, 0, 0, 0, 0, 0, 0, pasFilterConfig); + + // Generate Report... + generateReport(nipper); +} + diff --git a/0.11.10/Passport/cleanup.c b/0.11.10/Passport/cleanup.c new file mode 100644 index 0000000..dc863c6 --- /dev/null +++ b/0.11.10/Passport/cleanup.c @@ -0,0 +1,39 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the Passport cleanup code + + +void cleanupPAS(struct nipperConfig *nipper) +{ + // Cleanup Nortel Passport config + free(nipper->pas); +} + diff --git a/0.11.10/Passport/input.c b/0.11.10/Passport/input.c new file mode 100644 index 0000000..310fe7e --- /dev/null +++ b/0.11.10/Passport/input.c @@ -0,0 +1,93 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct passportConfig +{ + char boxType[16]; + char monitorVersion[16]; + struct passportFilter *filter; + struct passportFilterSet *filterSet; +}; + + +// Processing Nortel Passport includes... +#include "process-filters.c" +#include "process-general.c" + + +void processPASInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + + // Split the command line up + command = splitLine(line); + + // Software Version + if ((strcmp(command.part[0], "#") == 0) && (strcmp(command.part[1], "software") == 0) && (strcmp(command.part[2], "version") == 0) && (strcmp(command.part[3], ":") == 0)) + processSoftwarePAS(line, nipper); + + // Box Type + else if ((strcmp(command.part[0], "#") == 0) && (strcmp(command.part[1], "box") == 0) && (strcmp(command.part[2], "type") == 0) && (strcmp(command.part[3], ":") == 0)) + processBoxTypePAS(line, nipper); + + // Monitor Version + else if ((strcmp(command.part[0], "#") == 0) && (strcmp(command.part[1], "monitor") == 0) && (strcmp(command.part[2], "version") == 0) && (strcmp(command.part[3], ":") == 0)) + processMonitorPAS(line, nipper); + + // IP Commands... + else if (strcmp(command.part[0], "ip") == 0) + { + + // Traffic Filter Commands... + if (strcmp(command.part[1], "traffic-filter") == 0) + { + + // Create ... + if (strcmp(command.part[2], "create") == 0) + processCreateFilterPAS(line, nipper); + + // Filter ... + else if (strcmp(command.part[2], "filter") == 0) + processFilterPAS(line, nipper); + + // Filter Set... + else if ((strcmp(command.part[2], "set") == 0) || (strcmp(command.part[2], "global-set") == 0)) + processFilterSetPAS(line, nipper); + } + } + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} diff --git a/0.11.10/Passport/process-filters.c b/0.11.10/Passport/process-filters.c new file mode 100644 index 0000000..3310818 --- /dev/null +++ b/0.11.10/Passport/process-filters.c @@ -0,0 +1,488 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code to process Passport filters + + +// Process a Filter Set... +void processFilterSetPAS(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct filterListConfig *filterListPointer = 0; + struct filterListConfig *filterListFromPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterConfig *filterSearchPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + struct filterObjectConfig *filterObjectFromPointer = 0; + struct ciscoCommand command; + char tempString[nipper->maxSize]; + + // Debug + if (nipper->debugMode == true) + { + printf("Filter Set Line: %s\n", line); + } + + // Split the command line up + command = splitLine(line); + + // Get Filter set pointer... + filterListPointer = getFilterList(nipper, command.part[3], "", false); + + // Filter Set Create? + if (strcmp(command.part[4], "create") == 0) + { + stripQuotes(command.part[6], tempString, nipper->maxSize); + strncpy(filterListPointer->listName, tempString, sizeof(filterListPointer->listName) - 1); + } + + // Add filter to the set + else if (strcmp(command.part[4], "add-filter") == 0) + { + // Find filter... + filterListFromPointer = getFilterList(nipper, "**UNASSIGNED**", "", false); + filterSearchPointer = filterListFromPointer->filter; + if (filterSearchPointer != 0) + { + while ((filterSearchPointer->next != 0) && (filterSearchPointer->id != atoi(command.part[5]))) + filterSearchPointer = filterSearchPointer->next; + if (filterSearchPointer->id == atoi(command.part[5])) + { + + // Set it found... + filterSearchPointer->inSet = true; + + // If first filter in destination filter set... + if (filterListPointer->filter == 0) + { + filterListPointer->filter = malloc(sizeof(struct filterConfig)); + filterPointer = filterListPointer->filter; + } + else + { + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + filterPointer->next = malloc(sizeof(struct filterConfig)); + filterPointer = filterPointer->next; + } + + // Copy the settings... + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->id = filterSearchPointer->id; + filterPointer->enabled = filterSearchPointer->enabled; + filterPointer->action = filterSearchPointer->action; + filterPointer->log = filterSearchPointer->log; + strcpy(filterPointer->remark, filterSearchPointer->remark); + strcpy(filterPointer->protocol, filterSearchPointer->protocol); + filterPointer->protocolType = filterSearchPointer->protocolType; + filterPointer->established = filterSearchPointer->established; + filterPointer->fragments = filterSearchPointer->fragments; + filterPointer->filterType = filterSearchPointer->filterType; + filterPointer->stop = filterSearchPointer->stop; + filterPointer->inSet = filterSearchPointer->inSet; + + // Source Objects... + filterObjectFromPointer = filterSearchPointer->source; + while (filterObjectFromPointer != 0) + { + // If first object member... + if (filterPointer->source == 0) + { + filterPointer->source = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->source; + } + else + { + filterObjectPointer = filterPointer->source; + while (filterObjectPointer->next != 0) + filterObjectPointer = filterObjectPointer->next; + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + } + + // Copy data... + memset(filterObjectPointer, 0, sizeof(struct filterObjectConfig)); + strcpy(filterObjectPointer->name, filterObjectFromPointer->name); + strcpy(filterObjectPointer->netMask, filterObjectFromPointer->netMask); + filterObjectPointer->serviceOp = filterObjectFromPointer->serviceOp; + filterObjectPointer->type = filterObjectFromPointer->type; + + filterObjectFromPointer = filterObjectFromPointer->next; + } + + // Source ServiceObjects... + filterObjectFromPointer = filterSearchPointer->sourceService; + while (filterObjectFromPointer != 0) + { + // If first object member... + if (filterPointer->sourceService == 0) + { + filterPointer->sourceService = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->sourceService; + } + else + { + filterObjectPointer = filterPointer->sourceService; + while (filterObjectPointer->next != 0) + filterObjectPointer = filterObjectPointer->next; + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + } + + // Copy data... + memset(filterObjectPointer, 0, sizeof(struct filterObjectConfig)); + strcpy(filterObjectPointer->name, filterObjectFromPointer->name); + strcpy(filterObjectPointer->netMask, filterObjectFromPointer->netMask); + filterObjectPointer->serviceOp = filterObjectFromPointer->serviceOp; + filterObjectPointer->type = filterObjectFromPointer->type; + + filterObjectFromPointer = filterObjectFromPointer->next; + } + + // Destination Objects... + filterObjectFromPointer = filterSearchPointer->destination; + while (filterObjectFromPointer != 0) + { + // If first object member... + if (filterPointer->destination == 0) + { + filterPointer->destination = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->destination; + } + else + { + filterObjectPointer = filterPointer->destination; + while (filterObjectPointer->next != 0) + filterObjectPointer = filterObjectPointer->next; + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + } + + // Copy data... + memset(filterObjectPointer, 0, sizeof(struct filterObjectConfig)); + strcpy(filterObjectPointer->name, filterObjectFromPointer->name); + strcpy(filterObjectPointer->netMask, filterObjectFromPointer->netMask); + filterObjectPointer->serviceOp = filterObjectFromPointer->serviceOp; + filterObjectPointer->type = filterObjectFromPointer->type; + + filterObjectFromPointer = filterObjectFromPointer->next; + } + + // Destination Service Objects... + filterObjectFromPointer = filterSearchPointer->destinationService; + while (filterObjectFromPointer != 0) + { + // If first object member... + if (filterPointer->destinationService == 0) + { + filterPointer->destinationService = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->destinationService; + } + else + { + filterObjectPointer = filterPointer->destinationService; + while (filterObjectPointer->next != 0) + filterObjectPointer = filterObjectPointer->next; + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + } + + // Copy data... + memset(filterObjectPointer, 0, sizeof(struct filterObjectConfig)); + strcpy(filterObjectPointer->name, filterObjectFromPointer->name); + strcpy(filterObjectPointer->netMask, filterObjectFromPointer->netMask); + filterObjectPointer->serviceOp = filterObjectFromPointer->serviceOp; + filterObjectPointer->type = filterObjectFromPointer->type; + + filterObjectFromPointer = filterObjectFromPointer->next; + } + } + } + } +} + + +// Add a source / destination... +struct filterObjectConfig *addPASFilterSourceDestination(struct filterConfig *filterPointer, char *address, int objectType) +{ + // Variables... + struct filterObjectConfig *filterObjectPointer = 0; + char *slashChar; + int size = 0; + + // Check that if it is default... + if ((strcasecmp(address, "default") == 0) || (strcmp(address, "0.0.0.0/0.0.0.0") == 0)) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", objectType); + filterObjectPointer->type = object_type_any; + } + + else + { + // Get size... + size = strlen(address); + + // Find the / character (if one exists) + slashChar = strchr(address, '/'); + + // Set string terminator... + if (slashChar != NULL) + slashChar[0] = 0; + + // Create object + filterObjectPointer = getFilterMember(filterPointer, address, objectType); + + // Set mask... + if (slashChar != NULL) + { + if (strlen(slashChar + 1) < 3) + setMaskFromCIDR(filterObjectPointer->netMask, atoi(slashChar + 1)); + else + strncpy(filterObjectPointer->netMask, slashChar + 1, sizeof(filterObjectPointer->netMask) - 1); + if (strcmp(filterObjectPointer->netMask, "255.255.255.255") == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_network; + } + else + filterObjectPointer->type = object_type_host; + } + + return filterObjectPointer; +} + + +// Process a Create Filter... +void processCreateFilterPAS(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct filterListConfig *filterListPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + int tempInt = 0; + + // Debug + if (nipper->debugMode == true) + { + printf("Filter Create Line: %s\n", line); + } + + // Split the command line up + command = splitLine(line); + + if ((strcmp(command.part[3], "source") == 0) || (strcmp(command.part[3], "destination") == 0) || (strcmp(command.part[3], "global") == 0)) + { + // Create & init structure... + filterListPointer = getFilterList(nipper, "**UNASSIGNED**", "", false); + + // If first filter... + if (filterListPointer->filter == 0) + { + filterListPointer->filter = malloc(sizeof(struct filterConfig)); + filterPointer = filterListPointer->filter; + } + else + { + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + filterPointer->next = malloc(sizeof(struct filterConfig)); + filterPointer = filterPointer->next; + } + + // Init... + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->action = filter_action_default; + filterPointer->stop = true; + filterPointer->inSet = false; + + // Source + if (strcmp(command.part[3], "source") == 0) + filterPointer->filterType = filter_type_source; + // Destination + else if (strcmp(command.part[3], "destination") == 0) + filterPointer->filterType = filter_type_destination; + // Global + else + filterPointer->filterType = filter_type_global; + tempInt = 4; + + while (tempInt < command.parts) + { + // Source? + if (strcmp(command.part[tempInt], "src-ip") == 0) + { + tempInt++; + filterObjectPointer = addPASFilterSourceDestination(filterPointer, command.part[tempInt], object_filter_source); + } + + // Destination? + else if (strcmp(command.part[tempInt], "dst-ip") == 0) + { + tempInt++; + filterObjectPointer = addPASFilterSourceDestination(filterPointer, command.part[tempInt], object_filter_destination); + } + + // Filter Id? + else if (strcmp(command.part[tempInt], "id") == 0) + { + tempInt++; + filterPointer->id = atoi(command.part[tempInt]); + } + + tempInt++; + } + } +} + + +// Process a Filter... +void processFilterPAS(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + struct filterListConfig *filterListPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + char tempString[nipper->maxSize]; + + // Debug + if (nipper->debugMode == true) + { + printf("Filter Filter Line: %s\n", line); + } + + // Split the command line up + command = splitLine(line); + + // Find filter... + filterListPointer = getFilterList(nipper, "**UNASSIGNED**", "", false); + if (filterListPointer->filter != 0) + { + filterPointer = filterListPointer->filter; + while ((filterPointer->next != 0) && (filterPointer->id != atoi(command.part[3]))) + filterPointer = filterPointer->next; + if (filterPointer->id == atoi(command.part[3])) + { + + // Name... + if (strcmp(command.part[4], "name") == 0) + { + stripQuotes(command.part[5], tempString, nipper->maxSize); + strncpy(filterPointer->remark, tempString, sizeof(filterPointer->remark) - 1); + } + + // Action... + else if (strcmp(command.part[4], "action") == 0) + { + + // Mode... + if (strcmp(command.part[5], "mode") == 0) + { + if (strcmp(command.part[6], "forward") == 0) + filterPointer->action = filter_action_accept; + else if (strcmp(command.part[6], "drop") == 0) + filterPointer->action = filter_action_drop; + else if (strcmp(command.part[6], "forward-to-next-hop") == 0) + filterPointer->action = filter_action_accept; + } + + // Stop on match... + else if (strcmp(command.part[5], "stop-on-match") == 0) + { + if (strcmp(command.part[6], "true") == 0) + filterPointer->stop = true; + else + filterPointer->stop = false; + } + } + + // Match... + else if (strcmp(command.part[4], "match") == 0) + { + + // Protocol... + if (strcmp(command.part[5], "protocol") == 0) + strncpy(filterPointer->protocol, command.part[6], sizeof(filterPointer->protocol) - 1); + + // Source Port... + else if (strcmp(command.part[5], "src-port") == 0) + { + filterObjectPointer = addPASFilterSourceDestination(filterPointer, command.part[6], object_filter_sourceService); + if (command.parts == 9) + { + + // Options... + if (strcasecmp(command.part[7], "src-option") == 0) + { + if (strcasecmp(command.part[8], "ignore") == 0) + filterObjectPointer->serviceOp = service_oper_ignore; + else if (strcasecmp(command.part[8], "equal") == 0) + filterObjectPointer->serviceOp = service_oper_eq; + else if (strcasecmp(command.part[8], "less") == 0) + filterObjectPointer->serviceOp = service_oper_lt; + else if (strcasecmp(command.part[8], "greater") == 0) + filterObjectPointer->serviceOp = service_oper_gt; + else if (strcasecmp(command.part[8], "notequal") == 0) + filterObjectPointer->serviceOp = service_oper_neq; + } + } + } + + // Destination Port... + else if (strcmp(command.part[5], "dst-port") == 0) + { + filterObjectPointer = addPASFilterSourceDestination(filterPointer, command.part[6], object_filter_service); + if (command.parts == 9) + { + + // Destination Option... + if (strcasecmp(command.part[7], "dst-option") == 0) + { + if (strcasecmp(command.part[8], "ignore") == 0) + filterObjectPointer->serviceOp = service_oper_ignore; + else if (strcasecmp(command.part[8], "equal") == 0) + filterObjectPointer->serviceOp = service_oper_eq; + else if (strcasecmp(command.part[8], "less") == 0) + filterObjectPointer->serviceOp = service_oper_lt; + else if (strcasecmp(command.part[8], "greater") == 0) + filterObjectPointer->serviceOp = service_oper_gt; + else if (strcasecmp(command.part[8], "notequal") == 0) + filterObjectPointer->serviceOp = service_oper_neq; + } + } + } + } + } + } +} + diff --git a/0.11.10/Passport/process-general.c b/0.11.10/Passport/process-general.c new file mode 100644 index 0000000..a60cd82 --- /dev/null +++ b/0.11.10/Passport/process-general.c @@ -0,0 +1,120 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the general processing code for Passport devices + + +// Software Version... +void processSoftwarePAS(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + int tempInt = 0; + int offset = 0; + + if (nipper->debugMode == true) + printf("Software Version Line: %s\n", line); + + // Split the command line up + command = splitLine(line); + + // Copy Box Type + strncpy(nipper->version, command.part[4], sizeof(nipper->version) - 1); + + // Major... + while ((command.part[4][tempInt] != '.') && (tempInt < strlen(nipper->version))) + tempInt++; + if (command.part[4][tempInt] == '.') + command.part[4][tempInt] = 0; + nipper->versionMajor = atoi(command.part[4]); + tempInt++; + + // Minor... + if (tempInt < strlen(nipper->version)) + { + offset = tempInt; + while ((command.part[4][tempInt] != '.') && (tempInt < strlen(nipper->version))) + tempInt++; + if (command.part[4][tempInt] == '.') + command.part[4][tempInt] = 0; + nipper->versionMinor = atoi(command.part[4] + offset); + tempInt++; + } + + // Revision... + if (tempInt < strlen(nipper->version)) + { + offset = tempInt; + while ((command.part[4][tempInt] != '.') && (tempInt < strlen(nipper->version))) + tempInt++; + if (command.part[4][tempInt] == '.') + command.part[4][tempInt] = 0; + nipper->versionRevision = atoi(command.part[4] + offset); + tempInt++; + } + + // Revision Minor... + if (tempInt < strlen(nipper->version)) + nipper->versionRevisionMinor = atoi(command.part[4] + tempInt); +} + + +// Box Type... +void processBoxTypePAS(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + + if (nipper->debugMode == true) + printf("Box Type Line: %s\n", line); + + // Split the command line up + command = splitLine(line); + + // Copy Box Type + strncpy(nipper->pas->boxType, command.part[4], sizeof(nipper->pas->boxType) - 1); +} + + +// Monitor Version... +void processMonitorPAS(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct ciscoCommand command; + + if (nipper->debugMode == true) + printf("Monitor Version Line: %s\n", line); + + // Split the command line up + command = splitLine(line); + + // Copy Box Type + strncpy(nipper->pas->monitorVersion, command.part[4], sizeof(nipper->pas->monitorVersion) - 1); +} diff --git a/0.11.10/Passport/report-debug.c b/0.11.10/Passport/report-debug.c new file mode 100644 index 0000000..b40b60a --- /dev/null +++ b/0.11.10/Passport/report-debug.c @@ -0,0 +1,52 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void reportPASDebug(struct nipperConfig *nipper) +{ + // Variables... + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf("True or Enabled = %d\n", true); + printf("False or Disabled = %d\n", false); + printf("Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + printf("Hostname: %s\n", nipper->hostname); + printf("Passport Version: %s\n", nipper->version); + printf("Passport Version: %d.%d.%d.%d\n", nipper->versionMajor, nipper->versionMinor, nipper->versionRevision, nipper->versionRevisionMinor); + printf("Monitor Version: %s\n", nipper->pas->monitorVersion); + printf("Box Type: %s\n", nipper->pas->boxType); + + // Filter Rules... + reportRulesDebug(nipper); +} diff --git a/0.11.10/Passport/report-filters.c b/0.11.10/Passport/report-filters.c new file mode 100644 index 0000000..d2926d1 --- /dev/null +++ b/0.11.10/Passport/report-filters.c @@ -0,0 +1,129 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for Passport reporting + + +void pasFilterConfig(struct nipperConfig *nipper) +{ + // ACL + reportRules(nipper); +} + + +void pasFilterIssue(struct nipperConfig *nipper) +{ + // Variables... + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + char tempString[128]; + int ruleNumber = 0; + + output_parseText(report_pasfilter_obs, nipper, section_obs, rate_none, nipper->aclIssues, nipper->tableNum); + + // One Access List issue... + if (nipper->aclIssues == 1) + { + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + ruleNumber = 1; + + // Set filter set name... + if (strcmp(filterListPointer->name, "**UNASSIGNED**") == 0) + strcpy(tempString, "Unassigned"); + else + strcpy(tempString, filterListPointer->name); + + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + reportCommonFilterIssues(nipper, tempString, "IP filter set", "filter ID", filterPointer, ruleNumber, filterListPointer); + ruleNumber++; + } + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "IP filter set %s %s", tempString, report_pasfilter_denylog); + + filterListPointer = filterListPointer->next; + } + output_newPara(nipper); + } + + // More than one issue... + else if (nipper->aclIssues > 1) + { + output_table(nipper, true, report_pasfilter_table, &report_pasfilter_table_heading); + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + ruleNumber = 1; + // Set filter set name... + if (strcmp(filterListPointer->name, "**UNASSIGNED**") == 0) + strcpy(tempString, "Unassigned"); + else + strcpy(tempString, filterListPointer->name); + + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + reportCommonFilterTableIssues(nipper, tempString, filterPointer, ruleNumber, filterListPointer); + + ruleNumber++; + } + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "%s%s%sN/A%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, nipper->tablerow_mid, report_pasfilter_denylog, nipper->tablerow_end); + + filterListPointer = filterListPointer->next; + } + output_table(nipper, false, report_pasfilter_table, &report_pasfilter_table_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_pasfilter_impact, nipper, section_imp, rate_med, nipper->aclIssues, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_pasfilter_ease, nipper, section_ease, rate_noease, nipper->aclIssues, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_pasfilter_rec, nipper, section_rec, rate_none, nipper->aclIssues, nipper->tableNum); + set_aclrec_list(nipper, &report_pasfilter_heading); + output_list(nipper, &report_pasfilter_heading); + output_parseText(report_fw1policy_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} diff --git a/0.11.10/Passport/report-general.c b/0.11.10/Passport/report-general.c new file mode 100644 index 0000000..56a2240 --- /dev/null +++ b/0.11.10/Passport/report-general.c @@ -0,0 +1,42 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for Passport reporting + +void pasGeneralConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_general_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sHostname%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->friendlyHostname, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPassport Software Version%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->version, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sMonitor Version%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pas->monitorVersion, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPassport Hardware%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->pas->boxType, nipper->tablerow_end); + output_table(nipper, false, settings_general_table, &settings_general_heading); +} + diff --git a/0.11.10/Passport/report.c b/0.11.10/Passport/report.c new file mode 100644 index 0000000..f5ad461 --- /dev/null +++ b/0.11.10/Passport/report.c @@ -0,0 +1,62 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for Passport reporting + +// Report Passport includes... +#include "report-debug.c" +#include "report-filters.c" +#include "report-general.c" + + +void generatePASReport(struct nipperConfig *nipper) +{ + // Security Issues... + if (nipper->fullReport == true) + { + + // Filter Issues + if (nipper->filterList == 0) + nipper->aclIssues = -1; + else + rulesAudit(nipper); + if (nipper->aclIssues != 0) + addReportSection(nipper, section_security, report_pasfilter_title, report_pasfilter_context, report_pasfilter_rectext, 10, 8, 5, 3, pasFilterIssue); + } + + // Configuration Output + addReportSection(nipper, section_config, settings_general_title, 0, 0, 0, 0, 0, 0, pasGeneralConfig); + if (nipper->filterList != 0) + addReportSection(nipper, section_config, settings_filter_title, 0, 0, 0, 0, 0, 0, pasFilterConfig); + + // Generate Report... + generateReport(nipper); +} + diff --git a/0.11.10/Readme b/0.11.10/Readme new file mode 100644 index 0000000..782b768 --- /dev/null +++ b/0.11.10/Readme @@ -0,0 +1,78 @@ + _ ____ + _ __ (_)_ __ _ __ ___ _ __ / ->/| + | '_ \| | '_ \| '_ \ / _ \ '__| /<-_/ | + | | | | | |_) | |_) | __/ | | | / + |_| |_|_| .__/| .__/ \___|_| |___|/ + |_| |_| + + The Network Infrastructure Parser + + +nipper is a Network Infrastructure Configuration Parser. nipper takes +a network infrastructure device configuration, processes the file and +details security-related issues with the configuration together with +detailed recommendations. nipper was previous known as CiscoParse. + +nipper currently supports: + + Cisco Switches (IOS) + Cisco Routers (IOS) + Cisco Firewalls (PIX, ASA, FWSM) + Cisco Catalysts (NMP, CatOS, IOS) + Cisco Content Service Switches (CSS) + Juniper NetScreen Firewalls (ScreenOS) + CheckPoint Firewall-1 (FW1) + Nortel Passport Devices + SonicWALL SonicOS Firewalls + +Output from nipper is in HTML, Latex, XML and Text. Additionally, nipper +will reverse any Cisco type-7 passwords, any other encrypted passwords +can be output to a John-the-Ripper file for further testing. +By default, input is retrieved from stdin and is output (in HTML format) +to stdout. + +The following documentation is supplied with nipper: + + LICENSE - Program license + README - This file + INSTALL - Installation guide + TODO - The never ending todo list + Quickstart.txt - A quickstart guide + Features.txt - Description of nippers main features + Options.txt - The command line options, as per help. + XML.txt - A guide to nippers XML output + +nipper updates and downloads, including example configs can be found at: + +http://nipper.titania.co.uk + + +Donations +========= + +Please support nipper with donations. nipper is an open source project that +audits expensive devices. All donations will be used to aquire devices in +order to enable better support in the future. Equipment donations are welcome, +please contact me at: + + fizz@titania.co.uk + + + *************************************************************************** + * nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting (Fizz) * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + *************************************************************************** \ No newline at end of file diff --git a/0.11.10/ScreenOS/.svn/all-wcprops b/0.11.10/ScreenOS/.svn/all-wcprops new file mode 100644 index 0000000..afc8385 --- /dev/null +++ b/0.11.10/ScreenOS/.svn/all-wcprops @@ -0,0 +1,143 @@ +K 25 +svn:wc:ra_dav:version-url +V 38 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS +END +report-auth-server.c +K 25 +svn:wc:ra_dav:version-url +V 59 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/report-auth-server.c +END +process-auth-server.c +K 25 +svn:wc:ra_dav:version-url +V 60 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/process-auth-server.c +END +report-zone.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/report-zone.c +END +report-general.c +K 25 +svn:wc:ra_dav:version-url +V 55 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/report-general.c +END +report-snmp.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/report-snmp.c +END +process-zone.c +K 25 +svn:wc:ra_dav:version-url +V 53 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/process-zone.c +END +cleanup.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/cleanup.c +END +process-snmp.c +K 25 +svn:wc:ra_dav:version-url +V 53 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/process-snmp.c +END +report-address.c +K 25 +svn:wc:ra_dav:version-url +V 55 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/report-address.c +END +report-passwords.c +K 25 +svn:wc:ra_dav:version-url +V 57 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/report-passwords.c +END +report-debug.c +K 25 +svn:wc:ra_dav:version-url +V 53 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/report-debug.c +END +input.c +K 25 +svn:wc:ra_dav:version-url +V 46 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/input.c +END +report-timeout.c +K 25 +svn:wc:ra_dav:version-url +V 55 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/report-timeout.c +END +process-address.c +K 25 +svn:wc:ra_dav:version-url +V 56 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/process-address.c +END +report-admin.c +K 25 +svn:wc:ra_dav:version-url +V 53 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/report-admin.c +END +process-admin.c +K 25 +svn:wc:ra_dav:version-url +V 54 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/process-admin.c +END +report-ssh.c +K 25 +svn:wc:ra_dav:version-url +V 51 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/report-ssh.c +END +report-policy.c +K 25 +svn:wc:ra_dav:version-url +V 54 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/report-policy.c +END +process-ssh.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/process-ssh.c +END +report-interface.c +K 25 +svn:wc:ra_dav:version-url +V 57 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/report-interface.c +END +process-policy.c +K 25 +svn:wc:ra_dav:version-url +V 55 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/process-policy.c +END +report.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/report.c +END +process-interface.c +K 25 +svn:wc:ra_dav:version-url +V 58 +/svn/!svn/ver/3/trunk/0.11.10/ScreenOS/process-interface.c +END diff --git a/0.11.10/ScreenOS/.svn/entries b/0.11.10/ScreenOS/.svn/entries new file mode 100644 index 0000000..99017b0 --- /dev/null +++ b/0.11.10/ScreenOS/.svn/entries @@ -0,0 +1,810 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/0.11.10/ScreenOS +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +process-address.c +file + + + + +2016-02-13T06:47:11.536156Z +3eac55d78d58d4f68bdea5b9ac7ad930 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5474 + +report-admin.c +file + + + + +2016-02-13T06:47:11.536156Z +60dc9224dbf077e817c59d0f3d0b87d6 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +10132 + +process-admin.c +file + + + + +2016-02-13T06:47:11.536156Z +49c8c2d07a75eea90e6a0858b1a936b3 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +10169 + +report-ssh.c +file + + + + +2016-02-13T06:47:11.536156Z +802d59676a52c4b55aad9d98d89e4ab4 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3710 + +report-policy.c +file + + + + +2016-02-13T06:47:11.536156Z +715fab00889f9ac1fffae49ab7932284 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7326 + +process-ssh.c +file + + + + +2016-02-13T06:47:11.536156Z +18ede400b5b6121f2e4dc02c68b3dbda +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3140 + +report-interface.c +file + + + + +2016-02-13T06:47:11.536156Z +cc24229cfb0534a28d492ed0e46ae41c +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6176 + +process-policy.c +file + + + + +2016-02-13T06:47:11.536156Z +018c83e57d736a9449bbb24aa9522794 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +12932 + +report.c +file + + + + +2016-02-13T06:47:11.536156Z +a19728a0a422ec416829b21b3b28dcfb +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7272 + +process-interface.c +file + + + + +2016-02-13T06:47:11.536156Z +dea3c84ae36ead12b21f407a98b5343c +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7929 + +report-auth-server.c +file + + + + +2016-02-13T06:47:11.536156Z +bfb0b08b1dd64c1e7865ec63b8d50fbd +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5158 + +process-auth-server.c +file + + + + +2016-02-13T06:47:11.536156Z +83cd5660bcdc2bce5a1e6fae4da4f74c +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6482 + +report-zone.c +file + + + + +2016-02-13T06:47:11.536156Z +91b98c2a257d07e67565b8147e6cf07a +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +16557 + +report-general.c +file + + + + +2016-02-13T06:47:11.536156Z +9972ae24a312f5356da603618ba34a46 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3477 + +report-snmp.c +file + + + + +2016-02-13T06:47:11.536156Z +a6e6def1e4318669e10f81ed5cd4c783 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7814 + +process-zone.c +file + + + + +2016-02-13T06:47:11.536156Z +d0e93d58ed8edfec24cbea44a3b5de31 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +14793 + +cleanup.c +file + + + + +2016-02-13T06:47:11.536156Z +d671ee026ce02fd657846225e9a8114a +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3800 + +process-snmp.c +file + + + + +2016-02-13T06:47:11.536156Z +815afd63f4466bd1ee3324554a381394 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +8733 + +report-address.c +file + + + + +2016-02-13T06:47:11.536156Z +237361663c0a14af29afcdc6d9efff9b +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5910 + +report-passwords.c +file + + + + +2016-02-13T06:47:11.536156Z +6b90c85581013cb8d11d759d7f826eab +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +14489 + +report-debug.c +file + + + + +2016-02-13T06:47:11.536156Z +4c0ffe8a20d703013a9870757ac2f51c +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +10929 + +input.c +file + + + + +2016-02-13T06:47:11.536156Z +fa0a91dd43a65415ff1e7bec11a517ac +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6494 + +report-timeout.c +file + + + + +2016-02-13T06:47:11.536156Z +9133ad963a4ac4e4a11d7f267c8b8824 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6559 + diff --git a/0.11.10/ScreenOS/.svn/text-base/cleanup.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/cleanup.c.svn-base new file mode 100644 index 0000000..e505a92 --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/cleanup.c.svn-base @@ -0,0 +1,95 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void cleanupSOS(struct nipperConfig *nipper) +{ + // Pointers + struct adminUsersSOS *userSOSPointer = 0; + struct authServerSOS *authServerPointer = 0; + struct interfaceSOS *interfaceSOSPointer = 0; + struct snmpCommunitySOS *communityPointer = 0; + struct snmpHostSOS *snmpHostPointer = 0; + struct zoneSOS *zonePointer = 0; + + // SNMP + if (nipper->sos->snmp != 0) + { + while (nipper->sos->snmp->community != 0) + { + communityPointer = nipper->sos->snmp->community->next; + free (nipper->sos->snmp->community); + nipper->sos->snmp->community = communityPointer; + } + while (nipper->sos->snmp->host != 0) + { + snmpHostPointer = nipper->sos->snmp->host->next; + free (nipper->sos->snmp->host); + nipper->sos->snmp->host = snmpHostPointer; + } + free (nipper->sos->snmp); + } + + // Cleanup Admin Users + while (nipper->sos->users != 0) + { + userSOSPointer = nipper->sos->users->next; + free(nipper->sos->users); + nipper->sos->users = userSOSPointer; + } + + // Cleanup auth server + while (nipper->sos->authServer != 0) + { + authServerPointer = nipper->sos->authServer->next; + free (nipper->sos->authServer); + nipper->sos->authServer = authServerPointer; + } + + // Cleanup Interfaces + while (nipper->sos->interface != 0) + { + interfaceSOSPointer = nipper->sos->interface->next; + free (nipper->sos->interface); + nipper->sos->interface = interfaceSOSPointer; + } + + // Cleanup Zones + while (nipper->sos->zone != 0) + { + zonePointer = nipper->sos->zone->next; + free (nipper->sos->zone); + nipper->sos->zone = zonePointer; + } + + // Cleanup SOS config + free(nipper->sos); +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/input.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/input.c.svn-base new file mode 100644 index 0000000..dc20e97 --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/input.c.svn-base @@ -0,0 +1,162 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct screenOSConfig // Juniper ScreenOS Configuration +{ + struct adminSOS *admin; // Admin settings + struct authServerSOS *authServer; // Authentication settings + struct interfaceSOS *interface; // Interfaces + struct snmpSOS *snmp; // SNMP Settings + struct zoneSOS *zone; // Zone Settings + struct adminUsersSOS *users; // Administrative users + + // General + int defaultFirewallMode; // The default mode is to deny everything + + // SSH Settings + int sshVersion; // SSH Server Protocol Version + int sshEnabled; // SSH Server Enabled/Disabled true or false + int sshKeyGenTime; // Mins for Key Gen - SSH V1 Only + char sshPublicKey[128]; // Public Key - SSH v2 Only + + // Admin Settings + int accessAttempts; // Login attempts allowed + int mailAlert; // Mail admin alerts + int authTimeout; // Connection timeout + char authenticationServer[64]; // Authentication server + int adminFormat; // Format of config file (default, dos or unix) + int httpRedirect; // Redirect Admin HTTP traffic to HTTPS + char email[64]; // Admin email address + char email1[64]; // Admin additional email address + char email2[64]; // Admin additional email address + char emailServer[32]; // Email Server Name + char name[32]; // Admin username + char password[32]; // Admin password + int restrictLength; // Restrict Minimum Password Length (Between 1 and 31) + int privilege; // Admin privilege (default, read-write or get external) + char adminIP[16]; // Administration IP address (default 0.0.0.0) + char adminNetMask[16]; // Administration Netmask (default 255.255.255.255) + int consoleOnly; // Restrict admin access to only the console + int nameMappings; // Set to true if address name mappings exist + int nameGroupMappings; // Set to true if group address name mappings exist + + // Zone Settings + int asymmetricVPN; // Allow multiple paths for VPN traffic +}; + + +struct listSOS // NetScreenOS List +{ + char name[32]; + struct listSOS *next; +}; + + +// Processing ScreenOS includes... +#include "process-address.c" +#include "process-admin.c" +#include "process-auth-server.c" +#include "process-interface.c" +#include "process-policy.c" +#include "process-snmp.c" +#include "process-ssh.c" +#include "process-zone.c" + + +void processSOSInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + + // Split the command line up + command = splitLine(line); + + if ((strcasecmp(command.part[0], "set") == 0) || (strcasecmp(command.part[0], "unset") == 0)) + { + // Hostname + if (strcasecmp(command.part[1], "hostname") == 0) + { + if (nipper->debugMode == true) + printf("Hostname Line: %s\n", line); + stripQuotes(command.part[2], nipper->hostname, sizeof(nipper->hostname)); + } + + // Admin + else if (strcasecmp(command.part[1], "admin") == 0) + processSOSAdmin(line, nipper); + + // Auth Server + else if (strcasecmp(command.part[1], "auth-server") == 0) + processSOSAuthServer(line, nipper); + + // Addresses + else if (strcasecmp(command.part[1], "address") == 0) + processSOSAddress(line, nipper); + + // Group Addresses + else if ((strcasecmp(command.part[1], "group") == 0) && (strcasecmp(command.part[2], "address") == 0)) + processSOSGroupAddress(line, nipper); + + // Interface + else if (strcasecmp(command.part[1], "interface") == 0) + processSOSInterface(line, nipper); + + // Policy Default Permit All + else if ((strcasecmp(command.part[1], "policy") == 0) && (strcasecmp(command.part[2], "default-permit-all") == 0)) + { + if (nipper->debugMode == true) + printf("Default Policy Line: %s\n", line); + nipper->sos->defaultFirewallMode = false; + } + + // Policy + else if (strcasecmp(command.part[1], "policy") == 0) + processSOSPolicy(line, nipper); + + // SSH + else if (strcasecmp(command.part[1], "ssh") == 0) + processSOSSSH(line, nipper); + + // SNMP + else if (strcasecmp(command.part[1], "snmp") == 0) + processSOSSNMP(line, nipper); + + // Zones + else if (strcasecmp(command.part[1], "zone") == 0) + processSOSZone(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + } +} diff --git a/0.11.10/ScreenOS/.svn/text-base/process-address.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/process-address.c.svn-base new file mode 100644 index 0000000..2aa4b9e --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/process-address.c.svn-base @@ -0,0 +1,146 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process address lines +void processSOSAddress(char *line, struct nipperConfig *nipper) +{ + // Variables + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + char tempString[nipper->maxSize]; + int position = 0; + char *stringPointer = 0; + struct ciscoCommand command; + + // Debug Mode + if (nipper->debugMode == true) + printf("Address Line: %s\n", line); + + // Init + position = 2; + command = splitLine(line); + + // Get Name List + stripQuotes(command.part[position], tempString, nipper->maxSize); + objectListPointer = getObjectListPointer(nipper, tempString); + position++; + + // Add Name Mapping + stripQuotes(command.part[position], tempString, nipper->maxSize); + objectPointer = getObjectPointer(objectListPointer, tempString); + position++; + + // Get Mapping Address / FQDN + stripQuotes(command.part[position], tempString, nipper->maxSize); + stringPointer = strchr(tempString, '/'); + + // Address and Name Mask + if (stringPointer == NULL) + { + strncpy(objectPointer->address, tempString, sizeof(objectPointer->address) - 1); + position++; + // Get netmask + stripQuotes(command.part[position], tempString, nipper->maxSize); + strncpy(objectPointer->netMask, tempString, sizeof(objectPointer->netMask) - 1); + } + else + { + stringPointer[0] = 0; + strncpy(objectPointer->address, tempString, sizeof(objectPointer->address) - 1); + setMaskFromCIDR(objectPointer->netMask, atoi(stringPointer + 1)); + } + if (strcmp(objectPointer->netMask, "255.255.255.255") == 0) + objectPointer->type = object_type_host; + else + objectPointer->type = object_type_network; + position++; + + // If there is a comment + if (position < command.parts) + { + stripQuotes(command.part[position], tempString, nipper->maxSize); + strncpy(objectPointer->comment, tempString, sizeof(objectPointer->comment) - 1); + } + + nipper->sos->nameMappings = true; +} + + +// Process group address lines +void processSOSGroupAddress(char *line, struct nipperConfig *nipper) +{ + // Variables + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct objectMember *memberPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + int position = 0; + struct ciscoCommand command; + + // Debug Mode + if (nipper->debugMode == true) + printf("Group Address Line: %s\n", line); + + // Init + position = 3; + command = splitLine(line); + + // Get Address Name List + stripQuotes(command.part[position], tempString2, nipper->maxSize); + sprintf(tempString, "**ADDR-GRP**%s", tempString2); + objectListPointer = getObjectListPointer(nipper, tempString); + position++; + + // Add Name Mapping + stripQuotes(command.part[position], tempString, nipper->maxSize); + objectPointer = getObjectPointer(objectListPointer, tempString); + objectPointer->type = object_type_group; + position++; + + // Create the mapping... + if (command.parts == position) + objectPointer->type = object_type_group; + + // Add an entry to it... + else if (strcasecmp(command.part[position], "add") == 0) + { + position++; + + // Add entry + stripQuotes(command.part[position], tempString, nipper->maxSize); + memberPointer = getObjectMember(objectPointer, tempString); + memberPointer->type = object_type_object; + } + + nipper->sos->nameGroupMappings = true; +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/process-admin.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/process-admin.c.svn-base new file mode 100644 index 0000000..111416c --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/process-admin.c.svn-base @@ -0,0 +1,296 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +#define adminfmt_default 0 +#define adminfmt_dos 1 +#define adminfmt_unix 2 + +#define adminpriv_default 0 +#define adminpriv_rw 1 +#define adminpriv_ext 2 +#define adminpriv_all 3 +#define adminpriv_read 4 + +#define trustee_none 0 +#define trustee_modem 1 +#define trustee_inter 2 + + +struct adminUsersSOS +{ + char username[32]; + char password[32]; + int trustee; + int privilege; + struct adminUsersSOS *next; +}; + + +// Process admin lines +void processSOSAdmin(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + struct adminUsersSOS *userSOSPointer = 0; + + if (nipper->debugMode == true) + printf("Admin Line: %s\n", line); + + // Init + command = splitLine(line); + + // Access Attempts + if ((strcasecmp(command.part[2], "access") == 0) && (strcasecmp(command.part[3], "attempts") == 0)) + { + if (strcasecmp(command.part[1], "unset") == 0) + nipper->sos->accessAttempts = 3; + else + nipper->sos->accessAttempts = atoi(command.part[4]); + } + + // Users + else if ((strcasecmp(command.part[0], "set") == 0) && (strcasecmp(command.part[2], "user") == 0)) + { + // Is this the first user? + if (nipper->sos->users == 0) + { + // Create + nipper->sos->users = malloc(sizeof(struct adminUsersSOS)); + + // Init + memset(nipper->sos->users, 0 , sizeof(struct adminUsersSOS)); + userSOSPointer = nipper->sos->users; + userSOSPointer->trustee = trustee_none; + userSOSPointer->privilege = adminpriv_default; + } + + // Find users + else + { + userSOSPointer = nipper->sos->users; + while ((userSOSPointer->next != 0) && (strcmp(userSOSPointer->username, command.part[3]) != 0)) + userSOSPointer = userSOSPointer->next; + + // If not found + if (strcmp(userSOSPointer->username, command.part[3]) != 0) + { + // Create + userSOSPointer->next = malloc(sizeof(struct adminUsersSOS)); + + // Init + memset(userSOSPointer->next, 0 , sizeof(struct adminUsersSOS)); + userSOSPointer = userSOSPointer->next; + userSOSPointer->trustee = trustee_none; + userSOSPointer->privilege = adminpriv_default; + } + } + + // Set username + strncpy(userSOSPointer->username, command.part[3], sizeof(userSOSPointer->username) - 1); + + // Is it a password? + if (strcasecmp(command.part[4], "password") == 0) + { + stripQuotes(command.part[5], userSOSPointer->password, sizeof(userSOSPointer->password)); + addJohnPassword(nipper, userSOSPointer->username, userSOSPointer->password); + + // Is there a privilege set? + if (command.parts > 7) + { + if ((strcasecmp(command.part[6], "privilege") == 0) && (strcasecmp(command.part[7], "all") == 0)) + userSOSPointer->privilege = adminpriv_all; + else if ((strcasecmp(command.part[6], "privilege") == 0) && (strcasecmp(command.part[7], "read-only") == 0)) + userSOSPointer->privilege = adminpriv_read; + } + } + + // Is it a trustee? + else if (strcasecmp(command.part[4], "trustee") == 0) + { + if (command.parts > 5) + { + if (strcasecmp(command.part[5], "interface") == 0) + userSOSPointer->trustee = trustee_inter; + else if (strcasecmp(command.part[5], "modem") == 0) + userSOSPointer->trustee = trustee_modem; + } + else + userSOSPointer->trustee = trustee_none; + } + } + + // Auth Timeout + else if ((strcasecmp(command.part[2], "auth") == 0) && (strcasecmp(command.part[3], "timeout") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->authTimeout = 0; + else + nipper->sos->authTimeout = atoi(command.part[4]); + } + + // Auth Server + else if ((strcasecmp(command.part[2], "auth") == 0) && (strcasecmp(command.part[3], "server") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->authenticationServer[0] = 0; + else + stripQuotes(command.part[4], nipper->sos->authenticationServer, sizeof(nipper->sos->authenticationServer)); + } + + // Name + else if (strcasecmp(command.part[2], "name") == 0) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->name[0] = 0; + else + stripQuotes(command.part[3], nipper->sos->name, sizeof(nipper->sos->name)); + } + + // Password Length + else if ((strcasecmp(command.part[2], "password") == 0) && (strcasecmp(command.part[3], "restrict") == 0) && (strcasecmp(command.part[4], "length") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->restrictLength = 0; + else + nipper->sos->restrictLength = atoi(command.part[5]); + } + + // Password + else if (strcasecmp(command.part[2], "password") == 0) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->password[0] = 0; + else + { + stripQuotes(command.part[3], nipper->sos->password, sizeof(nipper->sos->password)); + addJohnPassword(nipper, nipper->sos->name, nipper->sos->password); + } + } + + // Admin Privilege + else if (strcasecmp(command.part[2], "privilege") == 0) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->privilege = adminpriv_default; + else if (strcasecmp(command.part[3], "read-write") == 0) + nipper->sos->privilege = adminpriv_rw; + else if (strcasecmp(command.part[3], "get-external") == 0) + nipper->sos->privilege = adminpriv_ext; + } + + // Management IP + else if (strcasecmp(command.part[2], "manager-ip") == 0) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->name[0] = 0; + else + { + stripQuotes(command.part[3], nipper->sos->adminIP, sizeof(nipper->sos->adminIP)); + if (command.parts > 4) + stripQuotes(command.part[4], nipper->sos->adminNetMask, sizeof(nipper->sos->adminNetMask)); + } + } + + // Admin Format + else if (strcasecmp(command.part[2], "format") == 0) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->adminFormat = adminfmt_default; + else if (strcasecmp(command.part[3], "dos") == 0) + nipper->sos->adminFormat = adminfmt_dos; + else if (strcasecmp(command.part[3], "unix") == 0) + nipper->sos->adminFormat = adminfmt_unix; + } + + // Admin HTTP Redirect + else if ((strcasecmp(command.part[2], "http") == 0) && (strcasecmp(command.part[3], "redirect") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->httpRedirect = false; + else + nipper->sos->httpRedirect = true; + } + + // Console only access + else if ((strcasecmp(command.part[2], "root") == 0) && (strcasecmp(command.part[3], "access") == 0) && (strcasecmp(command.part[4], "console") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->consoleOnly = false; + else + nipper->sos->consoleOnly = true; + } + + // Mail Alerts + else if ((strcasecmp(command.part[2], "mail") == 0) && (strcasecmp(command.part[3], "alert") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->mailAlert = false; + else + nipper->sos->mailAlert = true; + } + + // Mail Server Name / IP + else if ((strcasecmp(command.part[2], "mail") == 0) && (strcasecmp(command.part[3], "server-name") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->emailServer[0] = 0; + else + stripQuotes(command.part[4], nipper->sos->emailServer, sizeof(nipper->sos->emailServer)); + } + + // Mail email address - additional 1 + else if ((strcasecmp(command.part[2], "mail") == 0) && (strcasecmp(command.part[3], "mail-addr1") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->email1[0] = 0; + else + stripQuotes(command.part[4], nipper->sos->email1, sizeof(nipper->sos->email1)); + } + + // Mail email address - additional 2 + else if ((strcasecmp(command.part[2], "mail") == 0) && (strcasecmp(command.part[3], "mail-addr2") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->email2[0] = 0; + else + stripQuotes(command.part[4], nipper->sos->email2, sizeof(nipper->sos->email2)); + } + + // Admin email address (this should be the last mail entry!) + else if ((strcasecmp(command.part[2], "mail") == 0) && (strcasecmp(command.part[3], "traffic-log") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->email[0] = 0; + else + stripQuotes(command.part[3], nipper->sos->email, sizeof(nipper->sos->email)); + } +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/process-auth-server.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/process-auth-server.c.svn-base new file mode 100644 index 0000000..46751b5 --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/process-auth-server.c.svn-base @@ -0,0 +1,179 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +#define authtype_builtin 0 +#define authtype_radius 1 +#define authtype_ldap 2 +#define authtype_securid 3 + + +struct authServerSOS +{ + int type; // Type of Auth Server (radius (default), ldap, securid) + char name[32]; // Auth Server name + int id; // ID + char serverName[32]; // Server Name + char backup1[32]; // Backup Server Name 1 + char backup2[32]; // Backup Server Name 2 + int timeout; // Server timeout + int forcedTimeout; // Forced Timeout + char radiusSecret[32]; // Radius Secret + int weak; + int dictionary; + char sourceInterface[32]; // Source Interface + + struct authServerSOS *next; +}; + + +// Process Auth Server +void processSOSAuthServer(char *line, struct nipperConfig *nipper) +{ + // Variables + char tempString[nipper->maxSize]; + struct ciscoCommand command; + struct authServerSOS *authServerPointer = 0; + int init = false; + + + if (nipper->debugMode == true) + printf("Auth-Server Line: %s\n", line); + + // Init + command = splitLine(line); + + if (strcasecmp(command.part[0], "set") == 0) + { + + // Has Auth Server structure been created? + if (nipper->sos->authServer == 0) + { + // Create + nipper->sos->authServer = malloc(sizeof(struct authServerSOS)); + authServerPointer = nipper->sos->authServer; + init = true; + } + + // Search for server + else + { + authServerPointer = nipper->sos->authServer; + stripQuotes(command.part[2], tempString, nipper->maxSize); + while ((authServerPointer->next != 0) && (strcmp(tempString, authServerPointer->name) != 0)) + authServerPointer = authServerPointer->next; + + // If not found + if (strcmp(tempString, authServerPointer->name) != 0) + { + // Create + authServerPointer->next = malloc(sizeof(struct authServerSOS)); + authServerPointer = authServerPointer->next; + init = true; + } + } + + if (init == true) + { + memset(authServerPointer, 0 , sizeof(struct authServerSOS)); + authServerPointer->type = authtype_builtin; + authServerPointer->timeout = 10; + authServerPointer->dictionary = false; + authServerPointer->weak = false; + } + + // Set auth-server name + stripQuotes(command.part[2], authServerPointer->name, sizeof(authServerPointer->name)); + + // Timeout + if (strcasecmp(command.part[3], "timeout") == 0) + authServerPointer->timeout = atoi(command.part[4]); + + // Forced Timeout + else if (strcasecmp(command.part[3], "forced-timeout") == 0) + authServerPointer->forcedTimeout = atoi(command.part[4]); + + // ID + else if (strcasecmp(command.part[3], "id") == 0) + authServerPointer->id = atoi(command.part[4]); + + // Server Name + else if (strcasecmp(command.part[3], "server-name") == 0) + stripQuotes(command.part[4], authServerPointer->serverName, sizeof(authServerPointer->serverName)); + + // Backup Server Name 1 + else if (strcasecmp(command.part[3], "backup1") == 0) + stripQuotes(command.part[4], authServerPointer->backup1, sizeof(authServerPointer->backup1)); + + // Backup Server Name 2 + else if (strcasecmp(command.part[3], "backup2") == 0) + stripQuotes(command.part[4], authServerPointer->backup2, sizeof(authServerPointer->backup2)); + + // Source Interface + else if ((strcasecmp(command.part[3], "src_interface") == 0) || (strcasecmp(command.part[3], "src-interface") == 0)) + stripQuotes(command.part[4], authServerPointer->sourceInterface, sizeof(authServerPointer->sourceInterface)); + + // Radius + else if (strcasecmp(command.part[3], "radius") == 0) + { + authServerPointer->type = authtype_radius; + // Secret + if (strcasecmp(command.part[4], "secret") == 0) + { + stripQuotes(command.part[5], authServerPointer->radiusSecret, sizeof(authServerPointer->radiusSecret)); + + // Check strength / dictionary... + if (simplePassword(authServerPointer->radiusSecret, nipper) == true) + { + nipper->simplePasswords++; + authServerPointer->dictionary = true; + } + if (passwordStrength(authServerPointer->radiusSecret, nipper) == false) + { + nipper->passwordStrengths++; + authServerPointer->weak = true; + } + } + } + + // LDAP + else if (strcasecmp(command.part[3], "ldap") == 0) + { + authServerPointer->type = authtype_ldap; + } + + // SecureID + else if (strcasecmp(command.part[3], "securid") == 0) + { + authServerPointer->type = authtype_securid; + } + } +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/process-interface.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/process-interface.c.svn-base new file mode 100644 index 0000000..ba45586 --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/process-interface.c.svn-base @@ -0,0 +1,208 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +struct interfaceSOS +{ + char name[32]; + int enabled; + char zone[32]; + char ipAddress[32]; + // Manage (unconfigured, true, false) + int manageIdent; // Ident Reset + int manageMtrace; // Mtrace + int manageNsmgmt; // NetScreen Managment + int managePing; // Ping + int manageSnmp; // SNMP + int manageSsh; // SSH + int manageSsl; // SSL + int manageTelnet; // Telnet + int manageWeb; // Web + + struct interfaceSOS *next; +}; + + +// Process Interface +void processSOSInterface(char *line, struct nipperConfig *nipper) +{ + // Variables + char tempString[nipper->maxSize]; + struct ciscoCommand command; + struct interfaceSOS *interfaceSOSPointer = 0; + + + if (nipper->debugMode == true) + printf("Interface Line: %s\n", line); + + // Init + command = splitLine(line); + + // Has Auth Server structure been created? + if (nipper->sos->interface == 0) + { + // Create + nipper->sos->interface = malloc(sizeof(struct interfaceSOS)); + + // Init + memset(nipper->sos->interface, 0 , sizeof(struct interfaceSOS)); + interfaceSOSPointer = nipper->sos->interface; + strcpy(interfaceSOSPointer->ipAddress, "None"); + interfaceSOSPointer->enabled = true; + interfaceSOSPointer->manageIdent = unconfigured; + interfaceSOSPointer->manageMtrace = unconfigured; + interfaceSOSPointer->manageNsmgmt = unconfigured; + interfaceSOSPointer->managePing = unconfigured; + interfaceSOSPointer->manageSnmp = unconfigured; + interfaceSOSPointer->manageSsh = unconfigured; + interfaceSOSPointer->manageSsl = unconfigured; + interfaceSOSPointer->manageTelnet = unconfigured; + interfaceSOSPointer->manageWeb = unconfigured; + } + + // Search for server + else + { + interfaceSOSPointer = nipper->sos->interface; + stripQuotes(command.part[2], tempString, nipper->maxSize); + while ((interfaceSOSPointer->next != 0) && (strcmp(tempString, interfaceSOSPointer->name) != 0)) + interfaceSOSPointer = interfaceSOSPointer->next; + + // If not found + if (strcmp(tempString, interfaceSOSPointer->name) != 0) + { + // Create + interfaceSOSPointer->next = malloc(sizeof(struct interfaceSOS)); + + // Init + memset(interfaceSOSPointer->next, 0 , sizeof(struct interfaceSOS)); + interfaceSOSPointer = interfaceSOSPointer->next; + strcpy(interfaceSOSPointer->ipAddress, "None"); + interfaceSOSPointer->enabled = true; + interfaceSOSPointer->manageIdent = unconfigured; + interfaceSOSPointer->manageMtrace = unconfigured; + interfaceSOSPointer->manageNsmgmt = unconfigured; + interfaceSOSPointer->managePing = unconfigured; + interfaceSOSPointer->manageSnmp = unconfigured; + interfaceSOSPointer->manageSsh = unconfigured; + interfaceSOSPointer->manageSsl = unconfigured; + interfaceSOSPointer->manageTelnet = unconfigured; + interfaceSOSPointer->manageWeb = unconfigured; + } + } + + // Set auth-server name + stripQuotes(command.part[2], interfaceSOSPointer->name, sizeof(interfaceSOSPointer->name)); + + // Disabled? + if (strcasecmp(command.part[3], "disable") == 0) + interfaceSOSPointer->enabled = false; + + // Zone + else if (strcasecmp(command.part[3], "zone") == 0) + stripQuotes(command.part[4], interfaceSOSPointer->zone, sizeof(interfaceSOSPointer->zone)); + + // IP Address + else if ((strcasecmp(command.part[0], "set") == 0) && (strcasecmp(command.part[3], "ip") == 0) && (strcasecmp(command.part[4], "manageable") != 0) && (strcasecmp(command.part[4], "unnumbered") != 0)) + stripQuotes(command.part[4], interfaceSOSPointer->ipAddress, sizeof(interfaceSOSPointer->ipAddress)); + + // IP Address Unnumbered + else if ((strcasecmp(command.part[0], "set") == 0) && (strcasecmp(command.part[3], "ip") == 0) && (strcasecmp(command.part[4], "unnumbered") == 0)) + stripQuotes(command.part[6], interfaceSOSPointer->ipAddress, sizeof(interfaceSOSPointer->ipAddress)); + + // Manage + else if (strcasecmp(command.part[3], "manage") == 0) + { + if (strcasecmp(command.part[4], "ident-reset") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->manageIdent = true; + else + interfaceSOSPointer->manageIdent = false; + } + else if (strcasecmp(command.part[4], "mtrace") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->manageMtrace = true; + else + interfaceSOSPointer->manageMtrace = false; + } + else if (strcasecmp(command.part[4], "nsmgmt") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->manageNsmgmt = true; + else + interfaceSOSPointer->manageNsmgmt = false; + } + else if (strcasecmp(command.part[4], "ping") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->managePing = true; + else + interfaceSOSPointer->managePing = false; + } + else if (strcasecmp(command.part[4], "snmp") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->manageSnmp = true; + else + interfaceSOSPointer->manageSnmp = false; + } + else if (strcasecmp(command.part[4], "ssh") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->manageSsh = true; + else + interfaceSOSPointer->manageSsh = false; + } + else if (strcasecmp(command.part[4], "ssl") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->manageSsl = true; + else + interfaceSOSPointer->manageSsl = false; + } + else if (strcasecmp(command.part[4], "telnet") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->manageTelnet = true; + else + interfaceSOSPointer->manageTelnet = false; + } + else if (strcasecmp(command.part[4], "web") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->manageWeb = true; + else + interfaceSOSPointer->manageWeb = false; + } + } +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/process-policy.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/process-policy.c.svn-base new file mode 100644 index 0000000..ba36906 --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/process-policy.c.svn-base @@ -0,0 +1,399 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process policy lines +void processSOSPolicy(char *line, struct nipperConfig *nipper) +{ + // Variables + struct filterListConfig *filterListPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterConfig *filterPreviousPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + char policyName[32]; + int policyGlobal = false; + int policyId = 0; + int policyTop = false; + int policyBefore = -1; + char fromZone[32]; + char toZone[32]; + char tempString[nipper->maxSize]; + int position = 2; + struct ciscoCommand command; + + if (nipper->debugMode == true) + printf("Policy Line: %s\n", line); + + // Init + strcpy(policyName, ""); + strcpy(fromZone, ""); + strcpy(toZone, ""); + command = splitLine(line); + + // Check for Global + if (strcasecmp(command.part[position], "global") == 0) + { + policyGlobal = true; + position++; + } + + // Check for ID + if (strcasecmp(command.part[position], "id") == 0) + { + position++; + policyId = atoi(command.part[position]); + position++; + } + + // Check top + if (strcasecmp(command.part[position], "top") == 0) + { + position++; + policyTop = true; + } + + // Check Before + if (strcasecmp(command.part[position], "before") == 0) + { + position++; + policyBefore = atoi(command.part[position]); + position++; + } + + // Check for a Name + if (strcasecmp(command.part[position], "name") == 0) + { + position++; + strncpy(policyName, command.part[position], sizeof(policyName) - 1); + position++; + } + + if (position < command.parts) + { + // Check for From and to + if (strcasecmp(command.part[position], "from") == 0) + { + position++; + stripQuotes(command.part[position], tempString, nipper->maxSize); + strncpy(fromZone, tempString, sizeof(fromZone) - 1); + position += 2; + stripQuotes(command.part[position], tempString, nipper->maxSize); + strncpy(toZone, tempString, sizeof(toZone) - 1); + position++; + } + + // If FROM / TO + if ((fromZone[0] != 0) || (policyGlobal == true)) + { + + // Get Pointer to policy list... + if (fromZone[0] != 0) + filterListPointer = getFilterList(nipper, fromZone, toZone, false); + else if (policyGlobal == true) + filterListPointer = getFilterList(nipper, "", "", true); + + // Name... + if (policyName[0] != 0) + strncpy(filterListPointer->name, policyName, sizeof(filterListPointer->name)); + + // Create policy rule + // If no other rules exist + if (filterListPointer->filter == 0) + { + // Create... + filterListPointer->filter = malloc(sizeof(struct filterConfig)); + // Pointers... + filterPointer = filterListPointer->filter; + } + // Policy at top + else if (policyTop == true) + { + // Create... + filterPointer = malloc(sizeof(struct filterConfig)); + // Pointers... + filterPointer->next = filterListPointer->filter; + filterListPointer->filter = filterPointer; + } + // Policy Before + else if (policyBefore != -1) + { + // If first rule matches + if (filterListPointer->filter->id == policyBefore) + { + // Create... + filterPointer = malloc(sizeof(struct filterConfig)); + // Pointers... + filterPointer->next = filterListPointer->filter; + filterListPointer->filter = filterPointer; + } + // Look for rule + else + { + filterPreviousPointer = filterListPointer->filter; + filterPointer = filterPreviousPointer->next; + if (filterPointer == 0) + { + // Create... + filterPreviousPointer->next = malloc(sizeof(struct filterConfig)); + // Pointers... + filterPointer = filterPreviousPointer->next; + } + else + { + // Search + while ((filterPointer->next != 0) && (filterPointer->id != policyBefore)) + { + filterPreviousPointer = filterPointer; + filterPointer = filterPointer->next; + } + + // If found + if (filterPointer->id == policyBefore) + { + // Create... + filterPreviousPointer->next = malloc(sizeof(struct filterConfig)); + // Pointers... + filterPreviousPointer = filterPreviousPointer->next; + filterPreviousPointer->next = filterPointer; + filterPointer = filterPreviousPointer; + } + else + { + // Create... + filterPointer->next = malloc(sizeof(struct filterConfig)); + // Pointers... + filterPointer = filterPointer->next; + } + } + } + } + // At the end + else + { + // Search... + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + // Create... + filterPointer->next = malloc(sizeof(struct filterConfig)); + // Pointers... + filterPointer = filterPointer->next; + } + + // Init + memset(filterPointer, 0 , sizeof(struct filterConfig)); + filterPointer->enabled = true; + filterPointer->log = false; + + // ID + filterPointer->id = policyId; + + // Source Address + stripQuotes(command.part[position], tempString, nipper->maxSize); + filterObjectPointer = getFilterMember(filterPointer, tempString, object_filter_source); + if (strcasecmp(filterObjectPointer->name, "Any") == 0) + filterObjectPointer->type = object_type_any; + else if (strncasecmp(filterObjectPointer->name, "MIP(", 4) == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_object; + position++; + + // Destination Address + stripQuotes(command.part[position], tempString, nipper->maxSize); + filterObjectPointer = getFilterMember(filterPointer, tempString, object_filter_destination); + if (strcasecmp(filterObjectPointer->name, "Any") == 0) + filterObjectPointer->type = object_type_any; + else if (strncasecmp(filterObjectPointer->name, "MIP(", 4) == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_object; + position++; + + // Service + stripQuotes(command.part[position], tempString, nipper->maxSize); + filterObjectPointer = getFilterMember(filterPointer, tempString, object_filter_service); + if (strcasecmp(filterObjectPointer->name, "Any") == 0) + { + filterObjectPointer->type = object_type_any; + filterObjectPointer->serviceOp = service_oper_any; + } + else + { + filterObjectPointer->type = object_type_service; + filterObjectPointer->serviceOp = service_oper_eq; + } + position++; + + while (position < command.parts) + { + // Permit + if (strcasecmp(command.part[position], "permit") == 0) + filterPointer->action = filter_action_accept; + + // Deny + else if (strcasecmp(command.part[position], "deny") == 0) + filterPointer->action = filter_action_drop; + + // Reject + else if (strcasecmp(command.part[position], "reject") == 0) + filterPointer->action = filter_action_reject; + + // Log + else if (strcasecmp(command.part[position], "log") == 0) + filterPointer->log = true; + + position++; + } + } + + // Disable? + else if (strcasecmp(command.part[position], "disable") == 0) + { + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->id == policyId) + filterPointer->enabled = false; + filterPointer = filterPointer->next; + } + filterListPointer = filterListPointer->next; + } + } + } + + // If Additional policy settings + else + { + + // Loop through the policy additional setting lines + readLine(nipper->input, line, nipper->maxSize); + command = splitLine(line); + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], "exit") != 0)) + { + // Debug + if (nipper->debugMode == true) + printf("Policy Line: %s\n", line); + + // Source + if ((strcasecmp(command.part[0], "set") == 0) && (strcasecmp(command.part[1], "src-address") == 0)) + { + // Find policy ID + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while ((filterPointer->next != 0) && (filterPointer->id != policyId)) + filterPointer = filterPointer->next; + + // Found, add new entry + if (filterPointer->id == policyId) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + filterObjectPointer = getFilterMember(filterPointer, tempString, object_filter_source); + if (strcasecmp(filterObjectPointer->name, "Any") == 0) + filterObjectPointer->type = object_type_any; + else if (strncasecmp(filterObjectPointer->name, "MIP(", 4) == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_object; + } + filterListPointer = filterListPointer->next; + } + } + + // Destination + if ((strcasecmp(command.part[0], "set") == 0) && (strcasecmp(command.part[1], "dst-address") == 0)) + { + // Find policy ID + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while ((filterPointer->next != 0) && (filterPointer->id != policyId)) + filterPointer = filterPointer->next; + + // Found, add new entry + if (filterPointer->id == policyId) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + filterObjectPointer = getFilterMember(filterPointer, tempString, object_filter_destination); + if (strcasecmp(filterObjectPointer->name, "Any") == 0) + filterObjectPointer->type = object_type_any; + else if (strncasecmp(filterObjectPointer->name, "MIP(", 4) == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_object; + } + filterListPointer = filterListPointer->next; + } + } + + // Service + if ((strcasecmp(command.part[0], "set") == 0) && (strcasecmp(command.part[1], "service") == 0)) + { + // Find policy ID + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while ((filterPointer->next != 0) && (filterPointer->id != policyId)) + filterPointer = filterPointer->next; + + // Found, add new entry + if (filterPointer->id == policyId) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + filterObjectPointer = getFilterMember(filterPointer, tempString, object_filter_service); + if (strcasecmp(filterObjectPointer->name, "Any") == 0) + { + filterObjectPointer->type = object_type_any; + filterObjectPointer->serviceOp = service_oper_any; + } + else + { + filterObjectPointer->type = object_type_service; + filterObjectPointer->serviceOp = service_oper_eq; + } + } + filterListPointer = filterListPointer->next; + } + } + + // Get next line + readLine(nipper->input, line, nipper->maxSize); + command = splitLine(line); + } + } +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/process-snmp.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/process-snmp.c.svn-base new file mode 100644 index 0000000..9aaba97 --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/process-snmp.c.svn-base @@ -0,0 +1,261 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +struct snmpSOS +{ + char contact[64]; + char location[64]; + char systemName[64]; + int listenPort; + int trapPort; + int authTrap; + struct snmpCommunitySOS *community; + struct snmpHostSOS *host; +}; + + +struct snmpCommunitySOS +{ + char community[64]; + int weak; + int dictionary; + int readOnly; + int enableTraps; + int trafficTraps; + int version; + struct snmpCommunitySOS *next; +}; + + +struct snmpHostSOS +{ + char community[64]; + int weak; + int dictionary; + char host[32]; + char sourceInterface[32]; + int version; + struct snmpHostSOS *next; +}; + + +// Process admin lines +void processSOSSNMP(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + struct snmpCommunitySOS *communityPointer = 0; + struct snmpHostSOS *snmpHostPointer = 0; + int tempInt; + + if (nipper->debugMode == true) + printf("SNMP Line: %s\n", line); + + // Init + command = splitLine(line); + + // Create SNMP Struct if required. + if (nipper->sos->snmp == 0) + { + nipper->sos->snmp = malloc(sizeof(struct snmpSOS)); + memset(nipper->sos->snmp, 0 , sizeof(struct snmpSOS)); + nipper->sos->snmp->listenPort = 161; + nipper->sos->snmp->trapPort = 162; + nipper->sos->snmp->authTrap = false; + } + + // SNMP Contact... + if (strcasecmp(command.part[2], "contact") == 0) + stripQuotes(command.part[3], nipper->sos->snmp->contact, sizeof(nipper->sos->snmp->contact)); + + // SNMP location... + else if (strcasecmp(command.part[2], "location") == 0) + stripQuotes(command.part[3], nipper->sos->snmp->location, sizeof(nipper->sos->snmp->location)); + + // SNMP System Name... + else if (strcasecmp(command.part[2], "name") == 0) + stripQuotes(command.part[3], nipper->sos->snmp->systemName, sizeof(nipper->sos->snmp->systemName)); + + // SNMP Listen Port... + else if ((strcasecmp(command.part[2], "port") == 0) && (strcmp(command.part[3], "listen") == 0)) + nipper->sos->snmp->listenPort = atoi(command.part[4]); + + // SNMP Trap Port... + else if ((strcasecmp(command.part[2], "port") == 0) && (strcmp(command.part[3], "trap") == 0)) + nipper->sos->snmp->trapPort = atoi(command.part[4]); + + // Authentication Traps... + else if ((strcasecmp(command.part[2], "auth-trap") == 0) && (strcmp(command.part[3], "enable") == 0)) + nipper->sos->snmp->authTrap = true; + + // Community + else if ((strcasecmp(command.part[2], "community") == 0) && (strcmp(command.part[0], "set") == 0)) + { + // If first community... + if (nipper->sos->snmp->community == 0) + { + nipper->sos->snmp->community = malloc(sizeof(struct snmpCommunitySOS)); + memset(nipper->sos->snmp->community, 0 , sizeof(struct snmpCommunitySOS)); + communityPointer = nipper->sos->snmp->community; + } + else + { + communityPointer = nipper->sos->snmp->community; + while (communityPointer->next != 0) + communityPointer = communityPointer->next; + communityPointer->next = malloc(sizeof(struct snmpCommunitySOS)); + memset(communityPointer->next, 0 , sizeof(struct snmpCommunitySOS)); + communityPointer = communityPointer->next; + } + + // Init... + communityPointer->enableTraps = false; + communityPointer->trafficTraps = false; + communityPointer->version = snmp1_2; + communityPointer->weak = false; + communityPointer->dictionary = false; + + // Community + stripQuotes(command.part[3], communityPointer->community, sizeof(communityPointer->community)); + + // Check strength / dictionary... + if (simplePassword(communityPointer->community, nipper) == true) + { + nipper->simplePasswords++; + communityPointer->dictionary = true; + } + if (passwordStrength(communityPointer->community, nipper) == false) + { + nipper->passwordStrengths++; + communityPointer->weak = true; + } + + // Get other parameters... + tempInt = 4; + while (tempInt < command.parts) + { + // version + if (strcasecmp(command.part[tempInt], "version") == 0) + { + tempInt++; + if (strcasecmp(command.part[tempInt], "any") == 0) + communityPointer->version = snmp1_2; + else if (strcasecmp(command.part[tempInt], "v1") == 0) + communityPointer->version = snmp1; + else if ((strcasecmp(command.part[tempInt], "v2") == 0) || (strcmp(command.part[tempInt], "v2c") == 0)) + communityPointer->version = snmp2c; + } + + // Trap On + else if (strcasecmp(command.part[tempInt], "trap-on") == 0) + communityPointer->enableTraps = true; + + // Trap Off + else if (strcasecmp(command.part[tempInt], "trap-off") == 0) + communityPointer->enableTraps = false; + + // Trap On + else if (strcasecmp(command.part[tempInt], "traffic") == 0) + communityPointer->trafficTraps = true; + + tempInt++; + } + } + + // Host + else if (strcasecmp(command.part[2], "host") == 0) + { + // If first community... + if (nipper->sos->snmp->host == 0) + { + nipper->sos->snmp->host = malloc(sizeof(struct snmpHostSOS)); + memset(nipper->sos->snmp->host, 0 , sizeof(struct snmpHostSOS)); + snmpHostPointer = nipper->sos->snmp->host; + } + else + { + snmpHostPointer = nipper->sos->snmp->host; + while (snmpHostPointer->next != 0) + snmpHostPointer = snmpHostPointer->next; + snmpHostPointer->next = malloc(sizeof(struct snmpHostSOS)); + memset(snmpHostPointer->next, 0 , sizeof(struct snmpHostSOS)); + snmpHostPointer = snmpHostPointer->next; + } + + // Init + strcpy(snmpHostPointer->sourceInterface, "Any"); + snmpHostPointer->weak = false; + snmpHostPointer->dictionary = false; + + // Community + stripQuotes(command.part[3], snmpHostPointer->community, sizeof(snmpHostPointer->community)); + + // Check strength / dictionary... + if (simplePassword(snmpHostPointer->community, nipper) == true) + { + nipper->simplePasswords++; + snmpHostPointer->dictionary = true; + } + if (passwordStrength(snmpHostPointer->community, nipper) == false) + { + nipper->passwordStrengths++; + snmpHostPointer->weak = true; + } + + // Host + stripQuotes(command.part[4], snmpHostPointer->host, sizeof(snmpHostPointer->host)); + + // Options and Trap version + tempInt = 5; + while (tempInt < command.parts) + { + // Source Interface... + if (strcasecmp(command.part[tempInt], "src-interface") == 0) + { + tempInt++; + stripQuotes(command.part[tempInt], snmpHostPointer->sourceInterface, sizeof(snmpHostPointer->sourceInterface)); + } + + // trap... + else if (strcasecmp(command.part[tempInt], "trap") == 0) + { + tempInt++; + if (strcasecmp(command.part[tempInt], "v1") == 0) + snmpHostPointer->version = snmp1; + else if ((strcasecmp(command.part[tempInt], "v2") == 0) || (strcasecmp(command.part[tempInt], "v2c") == 0)) + snmpHostPointer->version = snmp2c; + } + + tempInt++; + } + } +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/process-ssh.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/process-ssh.c.svn-base new file mode 100644 index 0000000..4dcc184 --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/process-ssh.c.svn-base @@ -0,0 +1,66 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process SSH Service Lines +void processSOSSSH(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + + // Debug Output + if (nipper->debugMode == true) + printf("SSH Line: %s\n", line); + + // Init + command = splitLine(line); + + // Version? + if (strcasecmp(command.part[2], "version") == 0) + { + if (strcasecmp(command.part[3], "v1") == 0) + nipper->sos->sshVersion = 1; + else if (strcasecmp(command.part[3], "v2") == 0) + nipper->sos->sshVersion = 2; + } + + // Enabled? + else if (strcasecmp(command.part[2], "enable") == 0) + nipper->sos->sshEnabled = true; + + // SSH v1 Key Gen Time + else if (strcasecmp(command.part[2], "key-gen-time") == 0) + nipper->sos->sshKeyGenTime = atoi(command.part[3]); + + // SSH v2 Public Key + else if (strcasecmp(command.part[2], "pub-key") == 0) + strncpy(nipper->sos->sshPublicKey, command.part[3], sizeof(nipper->sos->sshPublicKey) - 1); +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/process-zone.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/process-zone.c.svn-base new file mode 100644 index 0000000..dc14c3a --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/process-zone.c.svn-base @@ -0,0 +1,436 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#define sos_spoofing_off 0 +#define sos_spoofing_interface 1 +#define sos_spoofing_routing 2 +#define sos_spoofing_zone 3 + +struct zoneSOS +{ + char name[32]; // Zone Name + int id; // Zone ID + int vlan; // L2 VLAN number + int block; // Intra Zone Blocking + char pbr[32]; // Policy-based Routing + char tunnel[32]; // The Tunnel out zone for this VPN zone + int tcpReset; // Send reset packets back when receiving nosync packets + char vrouter[32]; // Bind the zone to a Virtual Router + int dhcpRelay; // Relay DHCP requests + int reasembleForALG; // Reasemble fragmented packets for the ALG + + // Firewall options on the zone... + int alarmWithoutDrop; // Generate an attack alarm, but do not drop + int blockFrag; // Block IP fragmentation attacks + int activeX; // Block ActiveX controls + int java; // Block Java + int exe; // Block Executables + int zip; // Block zip files + int flagDrop; // Detects incorrect flags and drops the packets + long icmpFlood; // Detect and drop ICMP floods (0 = off) + int icmpFrag; // Detect ICMP fragments + int icmpLarge; // Detect and drop large ICMP frames + int ipBadOptions; // Detect and drop bad IP options + int ipSourceRoute; // Detects and drops IP Source Route options + int ipLooseSource; // As above, but loose source (does not drop) + int ipRecordRoute; // Detect ip record route packets (not drop) + int ipSecurityOption; // Detect and record security option (not drop) + int ipSpoofing; // Detect and drop spoofing attacks + int ipStream; // Detect IP stream (not drop) + int strictSource; // Detect IP Strict Source (not drop) + long ipSweep; // Detects and prevents IP sweep attack (0 = off) + int ipTimestamp; // Detect and record timestamp packets + int land; // Detect and prevent land attacks + int limitSessions; // Limit no of sessions (default is 128) + int malformedUrl; // Detects and prevents malformed URL + int pingOfDeath; // Detects and rejects oversized/irregular ICMP + long portScan; // Detect and prevent port scan (0 = off) + int synAckAck; // Detect and prevent SYN ACK ACK attack + int synFin; // Detect illegal flags + int synFlood; // Detect and prevent SYN floods + int synFrags; // Detect and drop a SYN fragmentation attack + int noFlag; // Detects and drops packets with no flags set + int tearDrop; // Detect and block the tear drop attack + int udpFlood; // Detect and drop UDP floods + int unknownProtocol; // Detect and drop protocol numbers greater than 135 + int winNuke; // Detect and modify Windows attack packets + int onTunnel; // Apply to a tunnel + + struct zoneSOS *next; +}; + + +// Get / Create Zone +struct zoneSOS *getZonePointer(struct nipperConfig *nipper, char *zone) +{ + // Variables... + struct zoneSOS *zonePointer = 0; + int init = false; + + // If this is the first zone... + if (nipper->sos->zone == 0) + { + nipper->sos->zone = malloc(sizeof(struct zoneSOS)); + zonePointer = nipper->sos->zone; + init = true; + } + else + { + zonePointer = nipper->sos->zone; + while ((zonePointer->next != 0) && (strcmp(zonePointer->name, zone) != 0)) + zonePointer = zonePointer->next; + if (strcmp(zonePointer->name, zone) != 0) + { + zonePointer->next = malloc(sizeof(struct zoneSOS)); + zonePointer = zonePointer->next; + init = true; + } + } + + // Init? + if (init == true) + { + memset(zonePointer, 0, sizeof(struct zoneSOS)); + zonePointer->vlan = 0; + zonePointer->block = false; + zonePointer->tcpReset = false; + if (strcasecmp(zone, "V1-Untrust") == 0) + zonePointer->dhcpRelay = false; + else + zonePointer->dhcpRelay = true; + strncpy(zonePointer->name, zone, sizeof(zonePointer->name) - 1); + zonePointer->reasembleForALG = false; + zonePointer->alarmWithoutDrop = false; + zonePointer->blockFrag = false; + zonePointer->activeX = false; + zonePointer->java = false; + zonePointer->exe = false; + zonePointer->zip = false; + zonePointer->flagDrop = false; + zonePointer->icmpFlood = 0; + zonePointer->icmpFrag = false; + zonePointer->icmpLarge = false; + zonePointer->ipBadOptions = false; + zonePointer->ipSourceRoute = false; + zonePointer->ipLooseSource = false; + zonePointer->ipRecordRoute = false; + zonePointer->ipSecurityOption = false; + zonePointer->ipSpoofing = sos_spoofing_off; + zonePointer->ipStream = false; + zonePointer->strictSource = false; + zonePointer->ipSweep = 0; + zonePointer->ipTimestamp = false; + zonePointer->land = false; + zonePointer->limitSessions = 128; + zonePointer->malformedUrl = false; + zonePointer->pingOfDeath = false; + zonePointer->portScan = 5000; + zonePointer->synAckAck = false; + zonePointer->synFin = false; + zonePointer->synFlood = false; + zonePointer->synFrags = false; + zonePointer->noFlag = false; + zonePointer->tearDrop = false; + zonePointer->udpFlood = false; + zonePointer->unknownProtocol = false; + zonePointer->winNuke = false; + zonePointer->onTunnel = false; + } + + return zonePointer; +} + + +// Process Zone Lines +void processSOSZone(char *line, struct nipperConfig *nipper) +{ + // Variables + struct zoneSOS *zonePointer = 0; + struct ciscoCommand command; + char tempString[nipper->maxSize]; + int tempInt; + int setting; + + // Debug Output + if (nipper->debugMode == true) + printf("Zone Line: %s\n", line); + + // Init + command = splitLine(line); + + // Set or Unset + if (strcasecmp(command.part[0], "set") == 0) + setting = true; + else + setting = false; + + // Zone name... + if (strcasecmp(command.part[2], "name") == 0) + { + stripQuotes(command.part[3], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + tempInt = 4; + while (tempInt < command.parts) + { + // Layer 2 VLAN... + if (strcasecmp(command.part[tempInt], "L2") == 0) + { + tempInt++; + zonePointer->id = atoi(command.part[tempInt]); + } + + // Tunnel... + else if (strcasecmp(command.part[tempInt], "tunnel") == 0) + { + tempInt++; + stripQuotes(command.part[tempInt], zonePointer->tunnel, sizeof(zonePointer->tunnel)); + } + + tempInt++; + } + } + + // Zone ID + else if (strcasecmp(command.part[2], "id") == 0) + { + stripQuotes(command.part[4], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + zonePointer->id = atoi(command.part[3]); + } + + // Asymmetric VPN? + else if (strcasecmp(command.part[2], "asymmetric-vpn") == 0) + nipper->sos->asymmetricVPN = setting; + + // Block Zone + else if (strcasecmp(command.part[3], "block") == 0) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + zonePointer->block = setting; + } + + // DHCP Relay + else if (strcasecmp(command.part[3], "no-dhcp-relay") == 0) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + if (setting == true) + zonePointer->dhcpRelay = false; + else + zonePointer->dhcpRelay = true; + } + + // Policy Based Routing + else if (strcasecmp(command.part[3], "pbr") == 0) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + stripQuotes(command.part[4], zonePointer->pbr, sizeof(zonePointer->pbr)); + } + + // Reassemble for ALG + else if (strcasecmp(command.part[3], "reassembly-for-alg") == 0) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + zonePointer->reasembleForALG = setting; + } + + // Screen Network Traffic (Packet/Traffic Analysis) + else if (strcasecmp(command.part[3], "screen") == 0) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + + if (strcasecmp(command.part[4], "alarm-without-drop") == 0) + zonePointer->alarmWithoutDrop = setting; + + else if (strcasecmp(command.part[4], "block-frag") == 0) + zonePointer->blockFrag = setting; + + else if (strcasecmp(command.part[4], "component-block") == 0) + { + if (strcasecmp(command.part[5], "activex") == 0) + zonePointer->activeX = setting; + + else if (strcasecmp(command.part[5], "java") == 0) + zonePointer->java = setting; + + else if (strcasecmp(command.part[5], "exe") == 0) + zonePointer->exe = setting; + + else if (strcasecmp(command.part[5], "zip") == 0) + zonePointer->zip = setting; + } + + else if (strcasecmp(command.part[4], "fin-no-ack") == 0) + zonePointer->flagDrop = setting; + + else if (strcasecmp(command.part[4], "icmp-flood") == 0) + { + if (setting == false) + zonePointer->icmpFlood = 0; + else + { + if (command.parts == 7) + zonePointer->icmpFlood = atol(command.part[6]); + else + zonePointer->icmpFlood = 1; + } + } + + else if (strcasecmp(command.part[4], "icmp-fragment") == 0) + zonePointer->icmpFrag = setting; + + else if (strcasecmp(command.part[4], "icmp-large") == 0) + zonePointer->icmpLarge = setting; + + else if (strcasecmp(command.part[4], "ip-bad-option") == 0) + zonePointer->ipBadOptions = setting; + + else if (strcasecmp(command.part[4], "ip-filter-src") == 0) + zonePointer->ipSourceRoute = setting; + + else if (strcasecmp(command.part[4], "ip-loose-src-route") == 0) + zonePointer->ipLooseSource = setting; + + else if (strcasecmp(command.part[4], "ip-record-route") == 0) + zonePointer->ipRecordRoute = setting; + + else if (strcasecmp(command.part[4], "ip-security-opt") == 0) + zonePointer->ipSecurityOption = setting; + + else if (strcasecmp(command.part[4], "ip-spoofing") == 0) + { + if (setting == false) + zonePointer->ipSpoofing = sos_spoofing_off; + else if (command.parts == 5) + zonePointer->ipSpoofing = sos_spoofing_interface; + else if (strcasecmp(command.part[5], "zone-based") != 0) + zonePointer->ipSpoofing = sos_spoofing_routing; + else + zonePointer->ipSpoofing = sos_spoofing_zone; + } + + else if (strcasecmp(command.part[4], "ip-stream-opt") == 0) + zonePointer->ipStream = setting; + + else if (strcasecmp(command.part[4], "ip-strict-src-route") == 0) + zonePointer->strictSource = setting; + + else if (strcasecmp(command.part[4], "ip-sweep") == 0) + { + if (setting == false) + zonePointer->ipSweep = 0; + else + zonePointer->ipSweep = atoi(command.part[6]); + } + + else if (strcasecmp(command.part[4], "ip-timestamp-opt") == 0) + zonePointer->ipTimestamp = setting; + + else if (strcasecmp(command.part[4], "land") == 0) + zonePointer->land = setting; + + else if (strcasecmp(command.part[4], "limit-session") == 0) + { + if (setting == false) + zonePointer->limitSessions = 0; + else + { + zonePointer->limitSessions = 128; + if (command.parts == 7) + zonePointer->limitSessions = atoi(command.part[6]); + } + } + + else if (strcasecmp(command.part[4], "mal-URL") == 0) + zonePointer->malformedUrl = setting; + + else if (strcasecmp(command.part[4], "mal-URL") == 0) + zonePointer->onTunnel = setting; + + else if ((strcasecmp(command.part[4], "ping-of-death") == 0) || (strcasecmp(command.part[4], "ping-death") == 0)) + zonePointer->pingOfDeath = setting; + + else if (strcasecmp(command.part[4], "port-scan") == 0) + { + if (setting == false) + zonePointer->portScan = 0; + else + zonePointer->portScan = atol(command.part[6]); + } + + else if (strcasecmp(command.part[4], "syn-ack-ack-proxy") == 0) + zonePointer->synAckAck = setting; + + else if (strcasecmp(command.part[4], "syn-fin") == 0) + zonePointer->synFin = setting; + + else if (strcasecmp(command.part[4], "syn-flood") == 0) + zonePointer->synFlood = setting; + + else if (strcasecmp(command.part[4], "syn-frag") == 0) + zonePointer->synFrags = setting; + + else if (strcasecmp(command.part[4], "tcp-no-flag") == 0) + zonePointer->noFlag = setting; + + else if (strcasecmp(command.part[4], "tear-drop") == 0) + zonePointer->tearDrop = setting; + + else if (strcasecmp(command.part[4], "udp-flood") == 0) + zonePointer->udpFlood = setting; + + else if (strcasecmp(command.part[4], "unknown-protocol") == 0) + zonePointer->unknownProtocol = setting; + + else if (strcasecmp(command.part[4], "winnuke") == 0) + zonePointer->winNuke = setting; + } + + // Send TCP Reset + else if (strcasecmp(command.part[3], "tcp-rst") == 0) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + zonePointer->tcpReset = setting; + } + + // VRouter + else if (strcasecmp(command.part[3], "vrouter") == 0) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + stripQuotes(command.part[4], zonePointer->vrouter, sizeof(zonePointer->vrouter)); + } +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/report-address.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/report-address.c.svn-base new file mode 100644 index 0000000..25fb177 --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/report-address.c.svn-base @@ -0,0 +1,120 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS Policy reporting + + +void sosNameMapConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + objectListPointer = nipper->objectList; + while (objectListPointer != 0) + { + if (strncmp(objectListPointer->name, "**ADDR-GRP**", 12) != 0) + { + sprintf(tempString2, "Zone %s name mappings", objectListPointer->name); + outputFriendly(tempString2, tempString, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString, &settings_namemapSOS_heading); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + outputFriendly(objectPointer->name, tempString2, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString2, tempString2, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString2, nipper->tablerow_mid); + outputFriendly(objectPointer->address, tempString2, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString2, nipper->tablerow_mid); + outputFriendly(objectPointer->netMask, tempString2, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString2, nipper->tablerow_mid); + outputFriendly(objectPointer->comment, tempString2, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString2, nipper->tablerow_end); + objectPointer = objectPointer->next; + } + output_table(nipper, false, tempString, &settings_namemapSOS_heading); + } + objectListPointer = objectListPointer->next; + } +} + + +void sosNameGroupMapConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct objectMember *memberPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + objectListPointer = nipper->objectList; + while (objectListPointer != 0) + { + if (strncmp(objectListPointer->name, "**ADDR-GRP**", 12) == 0) + { + + sprintf(tempString, "Zone %s name mapping groups", objectListPointer->name + 12); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "", objectListPointer->name + 12); + output_table(nipper, true, tempString2, &settings_namemapgroup_heading); + + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + + memberPointer = objectPointer->members; + while (memberPointer != 0) + { + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, tempString, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(memberPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + memberPointer = memberPointer->next; + } + + objectPointer = objectPointer->next; + } + + output_table(nipper, false, tempString2, &settings_namemapgroup_heading); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, ""); + } + objectListPointer = objectListPointer->next; + } +} diff --git a/0.11.10/ScreenOS/.svn/text-base/report-admin.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/report-admin.c.svn-base new file mode 100644 index 0000000..b43246e --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/report-admin.c.svn-base @@ -0,0 +1,167 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS Admin reporting + + +void sosAdminConfig(struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + struct adminUsersSOS *userSOSPointer = 0; + + output_table(nipper, true, settings_admin_table, &settings_general_heading); + if (nipper->sos->name[0] != 0) + { + outputFriendly(nipper->sos->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sAdministrative User%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if ((nipper->sos->password[0] != 0) && (nipper->passwords == true)) + { + outputFriendly(nipper->sos->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sEncrypted Administrative Password%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if (nipper->sos->restrictLength == 0) + fprintf(nipper->reportFile, "%sAdmin Password Length%sAny Length (upto 31 characters)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sAdmin Password Length%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->restrictLength, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sAdmin Login Attempts%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->accessAttempts, nipper->tablerow_end); + if (nipper->sos->privilege == adminpriv_default) + fprintf(nipper->reportFile, "%sAdmin Privilages%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->sos->privilege == adminpriv_rw) + fprintf(nipper->reportFile, "%sAdmin Privilages%sRead / Write%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->sos->privilege == adminpriv_ext) + fprintf(nipper->reportFile, "%sAdmin Privilages%sGet Externally%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (strcmp(nipper->sos->adminIP, "0.0.0.0") == 0) + fprintf(nipper->reportFile, "%sAdmin Management IP%sAny%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sAdmin Management IP%s%s %s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->adminIP, nipper->sos->adminNetMask, nipper->tablerow_end); + addAbbreviation("IP", false); + if (nipper->sos->consoleOnly == true) + fprintf(nipper->reportFile, "%sConsole Only Administration%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sConsole Only Administration%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->sos->authenticationServer[0] != 0) + fprintf(nipper->reportFile, "%sAuthentication Server%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->authenticationServer, nipper->tablerow_end); + if (nipper->sos->authTimeout == 0) + fprintf(nipper->reportFile, "%sAdministration Timeout%sNone%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sAdministration Timeout%s%d mins%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->authTimeout, nipper->tablerow_end); + if (nipper->sos->httpRedirect == true) + fprintf(nipper->reportFile, "%sHTTP Redirection%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->sos->httpRedirect == false) + fprintf(nipper->reportFile, "%sHTTP Redirection%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sHTTP Redirection%sUnconfigured%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + addAbbreviation("HTTP", false); + if (nipper->sos->mailAlert == true) + fprintf(nipper->reportFile, "%sMail Alerts%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sMail Alerts%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->sos->email[0] != 0) + fprintf(nipper->reportFile, "%sMail Alerts Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->email, nipper->tablerow_end); + if (nipper->sos->email1[0] != 0) + fprintf(nipper->reportFile, "%sMail Alerts Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->email1, nipper->tablerow_end); + if (nipper->sos->email2[0] != 0) + fprintf(nipper->reportFile, "%sMail Alerts Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->email2, nipper->tablerow_end); + if (nipper->sos->emailServer[0] != 0) + fprintf(nipper->reportFile, "%sMail Server%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->emailServer, nipper->tablerow_end); + if (nipper->sos->adminFormat == adminfmt_default) + fprintf(nipper->reportFile, "%sConfiguration Format%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->sos->adminFormat == adminfmt_dos) + { + addAbbreviation("DOS", false); + fprintf(nipper->reportFile, "%sConfiguration Format%sDOS%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + } + else if (nipper->sos->adminFormat == adminfmt_unix) + fprintf(nipper->reportFile, "%sConfiguration Format%sUnix%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + + output_table(nipper, false, settings_admin_table, &settings_general_heading); + + if (nipper->sos->users != 0) + { + output_table(nipper, true, settings_admins_table, &settings_admins_heading); + userSOSPointer = nipper->sos->users; + while (userSOSPointer != 0) + { + outputFriendly(userSOSPointer->username, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s%s", userSOSPointer->password, nipper->tablerow_mid); + switch (userSOSPointer->privilege) + { + case adminpriv_default: + fprintf(nipper->reportFile, "Default%s", nipper->tablerow_mid); + break; + case adminpriv_all: + fprintf(nipper->reportFile, "All%s", nipper->tablerow_mid); + break; + case adminpriv_read: + fprintf(nipper->reportFile, "Read Only%s", nipper->tablerow_mid); + break; + } + if (userSOSPointer->trustee == trustee_none) + fprintf(nipper->reportFile, "None%s", nipper->tablerow_end); + else if (userSOSPointer->trustee == trustee_modem) + fprintf(nipper->reportFile, "Modem%s", nipper->tablerow_end); + else if (userSOSPointer->trustee == trustee_inter) + fprintf(nipper->reportFile, "Interface%s", nipper->tablerow_end); + userSOSPointer = userSOSPointer->next; + } + output_table(nipper, false, settings_admins_table, &settings_admins_heading); + } +} + + +void sosHTTPRedirectIssue(struct nipperConfig *nipper) +{ + output_parseText(report_httpred_obs, nipper, section_obs, rate_none, 0, 0); + output_endsection(nipper, section_obs); + output_parseText(report_httpred_impact, nipper, section_imp, rate_med, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_httpred_ease, nipper, section_ease, rate_trivial, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_httpred_rec, nipper, section_rec, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} + + +void sosManagementRIPIssue(struct nipperConfig *nipper) +{ + output_parseText(report_mngrip_obs, nipper, section_obs, rate_none, 0, 0); + output_endsection(nipper, section_obs); + output_parseText(report_mngrip_impact, nipper, section_imp, rate_med, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_mngrip_ease, nipper, section_ease, rate_noease, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_mngrip_rec, nipper, section_rec, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/report-auth-server.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/report-auth-server.c.svn-base new file mode 100644 index 0000000..71f4fab --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/report-auth-server.c.svn-base @@ -0,0 +1,98 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS Auth Servers reporting + + +void sosAuthServerConfig(struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + struct authServerSOS *authServerPointer = 0; + + output_table(nipper, true, settings_authservers_table, &settings_authservers_heading); + authServerPointer = nipper->sos->authServer; + while (authServerPointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, authServerPointer->id, nipper->tablerow_mid); + outputFriendly(authServerPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + switch (authServerPointer->type) + { + case authtype_builtin: + fprintf(nipper->reportFile, "Built-in%s", nipper->tablerow_mid); + break; + case authtype_radius: + fprintf(nipper->reportFile, "RADIUS%s", nipper->tablerow_mid); + addAbbreviation("RADIUS", false); + break; + case authtype_ldap: + fprintf(nipper->reportFile, "LDAP%s", nipper->tablerow_mid); + addAbbreviation("LDAP", false); + break; + case authtype_securid: + fprintf(nipper->reportFile, "SecurID%s", nipper->tablerow_mid); + break; + } + outputFriendly(authServerPointer->serverName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (authServerPointer->backup2[0] == 0) + { + outputFriendly(authServerPointer->backup1, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + else + { + outputFriendly(authServerPointer->backup1, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s, ", tempString); + outputFriendly(authServerPointer->backup2, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + if (authServerPointer->timeout == 0) + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d mins%s", authServerPointer->timeout, nipper->tablerow_mid); + if (authServerPointer->forcedTimeout == 0) + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d mins%s", authServerPointer->forcedTimeout, nipper->tablerow_mid); + outputFriendly(authServerPointer->sourceInterface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(authServerPointer->radiusSecret, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s", tempString); + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + authServerPointer = authServerPointer->next; + } + output_table(nipper, false, settings_authservers_table, &settings_authservers_heading); +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/report-debug.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/report-debug.c.svn-base new file mode 100644 index 0000000..a4a056a --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/report-debug.c.svn-base @@ -0,0 +1,233 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void reportSOSDebug(struct nipperConfig *nipper) +{ + // Variables + struct adminUsersSOS *userSOSPointer = 0; + struct authServerSOS *authServerPointer = 0; + struct interfaceSOS *interfaceSOSPointer = 0; + struct snmpCommunitySOS *communityPointer = 0; + struct snmpHostSOS *snmpHostPointer = 0; + struct zoneSOS *zonePointer = 0; + struct johnPassword *johnPointer = 0; + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf(" True or Enabled = %d\n", true); + printf(" False or Disabled = %d\n", false); + printf(" Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + printf("Hostname: %s\n", nipper->hostname); + printf("SSH Version: %d\n", nipper->sos->sshVersion); + printf("SSH Enabled: %d\n", nipper->sos->sshEnabled); + printf("SSH v1 Key Gen Time: %d\n", nipper->sos->sshKeyGenTime); + printf("SSH v2 Public Key: %s\n", nipper->sos->sshPublicKey); + + // Admin Settings + printf("Admin Settings\n"); + printf(" Admin Name: %s\n", nipper->sos->name); + printf(" Admin Password: %s\n", nipper->sos->password); + printf(" Restrict Password Length: %d\n", nipper->sos->restrictLength); + printf(" Access Attempts: %d\n", nipper->sos->accessAttempts); + printf(" Privilege: %d\n", nipper->sos->privilege); + printf(" Admin IP: %s\n", nipper->sos->adminIP); + printf(" Admin Net Mask: %s\n", nipper->sos->adminNetMask); + printf(" Console Only Access: %d\n", nipper->sos->consoleOnly); + printf(" Mail Alerts: %d\n", nipper->sos->mailAlert); + printf(" E-Mail to: %s\n", nipper->sos->email); + printf(" E-Mail(1) to: %s\n", nipper->sos->email1); + printf(" E-Mail(2) to: %s\n", nipper->sos->email2); + printf(" E-Mail Server: %s\n", nipper->sos->emailServer); + printf(" Auth Timeout: %d\n", nipper->sos->authTimeout); + printf(" Auth Server: %s\n", nipper->sos->authenticationServer); + printf(" Format: %d\n", nipper->sos->adminFormat); + printf(" HTTP Redirect: %d\n", nipper->sos->httpRedirect); + + // Users + userSOSPointer = nipper->sos->users; + while (userSOSPointer != 0) + { + printf(" Username: %s\n", userSOSPointer->username); + printf(" Password: %s\n", userSOSPointer->password); + printf(" Privilege: %d\n", userSOSPointer->privilege); + printf(" Trustee: %d\n", userSOSPointer->trustee); + userSOSPointer = userSOSPointer->next; + } + + // Auth Servers + authServerPointer = nipper->sos->authServer; + while (authServerPointer != 0) + { + printf("Auth Server: %s\n", authServerPointer->name); + printf(" Type: %d\n", authServerPointer->type); + printf(" ID: %d\n", authServerPointer->id); + printf(" Server Name: %s\n", authServerPointer->serverName); + printf(" Backup Server 1: %s\n", authServerPointer->backup1); + printf(" Backup Server 2: %s\n", authServerPointer->backup2); + printf(" Timeout: %d\n", authServerPointer->timeout); + printf(" Forced Timeout: %d\n", authServerPointer->forcedTimeout); + printf(" Source Interface: %s\n", authServerPointer->sourceInterface); + printf(" Radius Secret: %s\n", authServerPointer->radiusSecret); + authServerPointer = authServerPointer->next; + } + + // Interfaces + interfaceSOSPointer = nipper->sos->interface; + while (interfaceSOSPointer != 0) + { + printf("Interface: %s\n", interfaceSOSPointer->name); + printf(" Enabled: %d\n", interfaceSOSPointer->enabled); + printf(" Zone: %s\n", interfaceSOSPointer->zone); + printf(" IP Address: %s\n", interfaceSOSPointer->ipAddress); + printf(" Manage / Monitor\n"); + printf(" Ident-Reset: %d\n", interfaceSOSPointer->manageIdent); + printf(" MTrace: %d\n", interfaceSOSPointer->manageMtrace); + printf(" NS Management: %d\n", interfaceSOSPointer->manageNsmgmt); + printf(" Ping: %d\n", interfaceSOSPointer->managePing); + printf(" SNMP: %d\n", interfaceSOSPointer->manageSnmp); + printf(" SSH: %d\n", interfaceSOSPointer->manageSsh); + printf(" SSL: %d\n", interfaceSOSPointer->manageSsl); + printf(" Telnet: %d\n", interfaceSOSPointer->manageTelnet); + printf(" Wen: %d\n", interfaceSOSPointer->manageWeb); + interfaceSOSPointer = interfaceSOSPointer->next; + } + + // Zones + zonePointer = nipper->sos->zone; + while (zonePointer != 0) + { + printf("Zone: %s\n", zonePointer->name); + printf(" ID: %d\n", zonePointer->id); + printf(" VLAN: %d\n", zonePointer->vlan); + printf(" Block: %d\n", zonePointer->block); + printf(" Policy Based Routing: %s\n", zonePointer->pbr); + printf(" Tunnel: %s\n", zonePointer->tunnel); + printf(" TCP Reset: %d\n", zonePointer->tcpReset); + printf(" VRouter: %s\n", zonePointer->vrouter); + printf(" DHCP Relay: %d\n", zonePointer->dhcpRelay); + printf(" Reasemble for ALG: %d\n", zonePointer->reasembleForALG); + printf(" Alarm without Drop: %d\n", zonePointer->alarmWithoutDrop); + printf(" Block Frag: %d\n", zonePointer->blockFrag); + printf(" ActiveX: %d\n", zonePointer->activeX); + printf(" Java: %d\n", zonePointer->java); + printf(" Exe: %d\n", zonePointer->exe); + printf(" Zip: %d\n", zonePointer->zip); + printf(" Frag Drop: %d\n", zonePointer->flagDrop); + printf(" ICMP Flood: %ld\n", zonePointer->icmpFlood); + printf(" ICMP Frag: %d\n", zonePointer->icmpFrag); + printf(" ICMP Large: %d\n", zonePointer->icmpLarge); + printf(" IP Bad Options: %d\n", zonePointer->ipBadOptions); + printf(" IP Source Route: %d\n", zonePointer->ipSourceRoute); + printf(" IP Loose Source: %d\n", zonePointer->ipLooseSource); + printf(" IP Record Route: %d\n", zonePointer->ipRecordRoute); + printf(" IP Security Option: %d\n", zonePointer->ipSecurityOption); + printf(" IP Spoofing: %d\n", zonePointer->ipSpoofing); + printf(" IP Stream: %d\n", zonePointer->ipStream); + printf(" Strict Source: %d\n", zonePointer->strictSource); + printf(" IP Sweep: %ld\n", zonePointer->ipSweep); + printf(" IP Timestamp: %d\n", zonePointer->ipTimestamp); + printf(" Land: %d\n", zonePointer->land); + printf(" Limit Sessions: %d\n", zonePointer->limitSessions); + printf(" Malformed URL: %d\n", zonePointer->malformedUrl); + printf(" Ping of Death: %d\n", zonePointer->pingOfDeath); + printf(" Port Scan: %ld\n", zonePointer->portScan); + printf(" SYN ACK ACK: %d\n", zonePointer->synAckAck); + printf(" SYN FIN: %d\n", zonePointer->synFin); + printf(" SYN Flood: %d\n", zonePointer->synFlood); + printf(" SYN Frags: %d\n", zonePointer->synFrags); + printf(" No Flags: %d\n", zonePointer->noFlag); + printf(" Tear Drop: %d\n", zonePointer->tearDrop); + printf(" UDP Flood: %d\n", zonePointer->udpFlood); + printf(" Unknown Protocol: %d\n", zonePointer->unknownProtocol); + printf(" Win Nuke: %d\n", zonePointer->winNuke); + printf(" Apply To Tunnel?: %d\n", zonePointer->onTunnel); + zonePointer = zonePointer->next; + } + + // SNMP + if (nipper->sos->snmp != 0) + { + printf("SNMP:\n"); + printf(" Contact: %s\n", nipper->sos->snmp->contact); + printf(" Location: %s\n", nipper->sos->snmp->location); + printf(" System Name: %s\n", nipper->sos->snmp->systemName); + printf(" Listen Port: %d\n", nipper->sos->snmp->listenPort); + printf(" Trap Port: %d\n", nipper->sos->snmp->trapPort); + printf(" Authentication Traps: %d\n", nipper->sos->snmp->authTrap); + communityPointer = nipper->sos->snmp->community; + while (communityPointer != 0) + { + printf(" SNMP Community: %s\n", communityPointer->community); + printf(" Weak: %d\n", communityPointer->weak); + printf(" Dictionary: %d\n", communityPointer->dictionary); + printf(" Read Only?: %d\n", communityPointer->readOnly); + printf(" Traps?: %d\n", communityPointer->enableTraps); + printf(" Traffic Traps: %d\n", communityPointer->trafficTraps); + printf(" SNMP Version: %d\n", communityPointer->version); + communityPointer = communityPointer->next; + } + snmpHostPointer = nipper->sos->snmp->host; + while (snmpHostPointer != 0) + { + printf(" SNMP Host: %s\n", snmpHostPointer->host); + printf(" SNMP Community: %s\n", snmpHostPointer->community); + printf(" Weak: %d\n", snmpHostPointer->weak); + printf(" Dictionary: %d\n", snmpHostPointer->dictionary); + printf(" Source Interface: %s\n", snmpHostPointer->sourceInterface); + printf(" SNMP Version: %d\n", snmpHostPointer->version); + snmpHostPointer = snmpHostPointer->next; + } + } + + // Filter Rules... + reportRulesDebug(nipper); + + // Name Mappings + reportObjectsDebug(nipper); + + // John-the-ripper + if (nipper->john != 0) + { + printf("\n%sJohn-the-ripper Output\n======================%s\n", COL_BLUE, RESET); + johnPointer = nipper->john; + while (johnPointer != 0) + { + printf("Username: %s\n", johnPointer->username); + printf(" Password: %s\n", johnPointer->password); + johnPointer = johnPointer->next; + } + } +} + + diff --git a/0.11.10/ScreenOS/.svn/text-base/report-general.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/report-general.c.svn-base new file mode 100644 index 0000000..33a8a57 --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/report-general.c.svn-base @@ -0,0 +1,56 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS General reporting + + +void sosGeneralConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_general_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sHostname%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->friendlyHostname, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDefault Firewall Policy%s", nipper->tablerow_start, nipper->tablerow_mid); + if (nipper->sos->defaultFirewallMode == true) + fprintf(nipper->reportFile, "Deny%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Permit%s", nipper->tablerow_end); + output_table(nipper, false, settings_general_table, &settings_general_heading); +} + + +void sosServicesConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_services_table, &report_services_heading); + if (nipper->sos->sshEnabled == true) + fprintf(nipper->reportFile, "%sSSH%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSSH%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_services_table, &report_services_heading); + addAbbreviation("SSH", false); +} diff --git a/0.11.10/ScreenOS/.svn/text-base/report-interface.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/report-interface.c.svn-base new file mode 100644 index 0000000..9881d33 --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/report-interface.c.svn-base @@ -0,0 +1,114 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS Interface reporting + + +void sosInterfaceConfig(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceSOS *interfaceSOSPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_inter_table, &settings_interSOS_heading); + interfaceSOSPointer = nipper->sos->interface; + while (interfaceSOSPointer != 0) + { + outputFriendly(interfaceSOSPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (interfaceSOSPointer->enabled == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + outputFriendly(interfaceSOSPointer->ipAddress, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(interfaceSOSPointer->zone, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (interfaceSOSPointer->manageIdent == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceSOSPointer->manageIdent == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (interfaceSOSPointer->manageMtrace == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceSOSPointer->manageMtrace == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (interfaceSOSPointer->manageNsmgmt == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceSOSPointer->manageNsmgmt == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (interfaceSOSPointer->managePing == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceSOSPointer->managePing == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (interfaceSOSPointer->manageSnmp == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceSOSPointer->manageSnmp == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (interfaceSOSPointer->manageSsh == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceSOSPointer->manageSsh == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (interfaceSOSPointer->manageSsl == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceSOSPointer->manageSsl == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (interfaceSOSPointer->manageTelnet == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceSOSPointer->manageTelnet == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (interfaceSOSPointer->manageWeb == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_end); + else if (interfaceSOSPointer->manageWeb == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_end); + interfaceSOSPointer = interfaceSOSPointer->next; + } + output_table(nipper, false, settings_inter_table, &settings_interSOS_heading); + addAbbreviation("SNMP", false); + addAbbreviation("SSL", false); +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/report-passwords.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/report-passwords.c.svn-base new file mode 100644 index 0000000..6ec41bc --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/report-passwords.c.svn-base @@ -0,0 +1,392 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void output_SOSTablePasswords(struct nipperConfig *nipper, int dictPassword) +{ + // Variables + char tempString[nipper->maxSize]; + struct snmpCommunitySOS *communityPointer = 0; + struct snmpHostSOS *snmpHostPointer = 0; + struct authServerSOS *authServerPointer = 0; + //struct adminUsersSOS *userSOSPointer = 0; + + // Authentication Server - Radius Secret + authServerPointer = nipper->sos->authServer; + while (authServerPointer != 0) + { + if (((authServerPointer->dictionary == true) && (dictPassword == true)) || ((authServerPointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sRADIUS Secret%sAuth Server%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + fprintf(nipper->reportFile, "N/A"); + if (nipper->passwords == true) + { + outputFriendly(authServerPointer->radiusSecret, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + authServerPointer = authServerPointer->next; + } + + // SNMP + if (nipper->sos->snmp != 0) + { + // Community + if (nipper->sos->snmp->community != 0) + { + communityPointer = nipper->sos->snmp->community; + while (communityPointer != 0) + { + if (((communityPointer->dictionary == true) && (dictPassword == true)) || ((communityPointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sCommunity%sSNMP%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + if (communityPointer->readOnly == true) + fprintf(nipper->reportFile, "read-only"); + else + fprintf(nipper->reportFile, "read/write"); + if (nipper->passwords == true) + { + outputFriendly(communityPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + communityPointer = communityPointer->next; + } + } + + // Hosts + if (nipper->sos->snmp->host != 0) + { + snmpHostPointer = nipper->sos->snmp->host; + while (snmpHostPointer != 0) + { + if (((snmpHostPointer->dictionary == true) && (dictPassword == true)) || ((snmpHostPointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sCommunity%sSNMP%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + outputFriendly(snmpHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "Host: %s", tempString); + if (nipper->passwords == true) + { + outputFriendly(snmpHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + snmpHostPointer = snmpHostPointer->next; + } + } + } +} + + +void output_SOSLinePasswords(struct nipperConfig *nipper, int dictPassword) +{ + // Variables + struct snmpCommunitySOS *communityPointer = 0; + struct snmpHostSOS *snmpHostPointer = 0; + struct authServerSOS *authServerPointer = 0; + //struct adminUsersSOS *userSOSPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + char tempString3[nipper->maxSize]; + + // Authentication Server - Radius Secret + authServerPointer = nipper->sos->authServer; + while (authServerPointer != 0) + { + if (((authServerPointer->dictionary == true) && (dictPassword == true)) || ((authServerPointer->weak == true) && (dictPassword == false))) + { + sprintf(tempString3, "*NOTEXTSTART*The RADIUS authentication server secret was "); + if (nipper->passwords == true) + { + outputFriendly(authServerPointer->radiusSecret, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + authServerPointer = authServerPointer->next; + } + + // SNMP + if (nipper->sos->snmp != 0) + { + // Community + if (nipper->sos->snmp->community != 0) + { + communityPointer = nipper->sos->snmp->community; + while (communityPointer != 0) + { + if (((communityPointer->dictionary == true) && (dictPassword == true)) || ((communityPointer->weak == true) && (dictPassword == false))) + { + sprintf(tempString3, "*NOTEXTSTART*The "); + if (communityPointer->readOnly == true) + sprintf(tempString2, "%sread-only", tempString3); + else + sprintf(tempString2, "%sread/write", tempString3); + sprintf(tempString3, "%s *ABBREV*SNMP*-ABBREV* community string was ", tempString2); + if (nipper->passwords == true) + { + outputFriendly(communityPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + communityPointer = communityPointer->next; + } + } + + // Hosts + if (nipper->sos->snmp->host != 0) + { + snmpHostPointer = nipper->sos->snmp->host; + while (snmpHostPointer != 0) + { + if (((snmpHostPointer->dictionary == true) && (dictPassword == true)) || ((snmpHostPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(snmpHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString3, "*NOTEXTSTART*The *ABBREV*SNMP*-ABBREV* community string for the host %s was ", tempString); + if (nipper->passwords == true) + { + outputFriendly(snmpHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + snmpHostPointer = snmpHostPointer->next; + } + } + } + + output_parseText(tempString2, nipper, section_none, rate_none, 0, 0); +} + + +void sosDictionaryIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + output_parseText(report_dict_obs, nipper, section_obs, rate_none, nipper->simplePasswords, nipper->tableNum); + if (nipper->simplePasswords > 1) + { + output_table(nipper, true, report_dict_table, &report_dict_heading); + output_SOSTablePasswords(nipper, true); + output_table(nipper, false, report_dict_table, &report_dict_heading); + } + else + output_SOSLinePasswords(nipper, true); + output_endsection(nipper, section_obs); + output_parseText(report_dict_impact, nipper, section_imp, rate_high, nipper->simplePasswords, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_dict_ease, nipper, section_ease, rate_trivial, nipper->simplePasswords, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_dict_rec, nipper, section_rec, rate_none, nipper->simplePasswords, nipper->tableNum); + numToWord(nipper->reportFile, nipper->passwordLength); + fprintf(nipper->reportFile, " characters in length and contain"); + if (nipper->passwordUppers == true) + tempInt = 1; + else + tempInt = 0; + if (nipper->passwordLowers == true) + tempInt++; + if (nipper->passwordEither == true) + tempInt++; + if (nipper->passwordNumbers == true) + tempInt++; + if (nipper->passwordSpecials == true) + tempInt++; + if (nipper->passwordUppers == true) + { + fprintf(nipper->reportFile, " uppercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordLowers == true) + { + fprintf(nipper->reportFile, " lowercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordEither == true) + { + fprintf(nipper->reportFile, " either uppercase or lowercase characters"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordNumbers == true) + { + fprintf(nipper->reportFile, " numbers"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordSpecials == true) + { + fprintf(nipper->reportFile, " special"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (((nipper->passwordNumbers == true) && (nipper->passwordSpecials == false)) || ((nipper->passwordEither == false) && (nipper->passwordNumbers == false) && (nipper->passwordSpecials == false))) + fprintf(nipper->reportFile, "."); + else + fprintf(nipper->reportFile, "characters."); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_endsection(nipper, section_rec); +} + + +void sosStrengthIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + output_parseText(report_strength_obs, nipper, section_obs, rate_none, nipper->passwordStrengths, nipper->tableNum); + if (nipper->passwordStrengths > 1) + { + output_table(nipper, true, report_strength_table, &report_dict_heading); + output_SOSTablePasswords(nipper, false); + output_table(nipper, false, report_strength_table, &report_dict_heading); + } + else + output_SOSLinePasswords(nipper, false); + output_endsection(nipper, section_obs); + output_parseText(report_strength_impact, nipper, section_imp, rate_high, nipper->passwordStrengths, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_strength_ease, nipper, section_ease, rate_trivial, nipper->passwordStrengths, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_strength_rec, nipper, section_rec, rate_trivial, nipper->passwordStrengths, nipper->tableNum); + numToWord(nipper->reportFile, nipper->passwordLength); + fprintf(nipper->reportFile, " characters in length and contain"); + if (nipper->passwordUppers == true) + tempInt = 1; + else + tempInt = 0; + if (nipper->passwordLowers == true) + tempInt++; + if (nipper->passwordEither == true) + tempInt++; + if (nipper->passwordNumbers == true) + tempInt++; + if (nipper->passwordSpecials == true) + tempInt++; + if (nipper->passwordUppers == true) + { + fprintf(nipper->reportFile, " uppercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordLowers == true) + { + fprintf(nipper->reportFile, " lowercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordEither == true) + { + fprintf(nipper->reportFile, " either uppercase or lowercase characters"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordNumbers == true) + { + fprintf(nipper->reportFile, " numbers"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordSpecials == true) + { + fprintf(nipper->reportFile, " special"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (((nipper->passwordNumbers == true) && (nipper->passwordSpecials == false)) || ((nipper->passwordEither == false) && (nipper->passwordNumbers == false) && (nipper->passwordSpecials == false))) + fprintf(nipper->reportFile, "."); + else + fprintf(nipper->reportFile, " characters."); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/report-policy.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/report-policy.c.svn-base new file mode 100644 index 0000000..2f445f6 --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/report-policy.c.svn-base @@ -0,0 +1,159 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS Policy reporting + + +void sosDefaultPolicyIssue(struct nipperConfig *nipper) +{ + output_parseText(report_defaultpolicy_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_defaultpolicy_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_defaultpolicy_ease, nipper, section_ease, rate_noease, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_defaultpolicy_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void sosNoPolicyIssue(struct nipperConfig *nipper) +{ + output_parseText(report_policy_obs, nipper, section_obs, rate_none, -1, nipper->tableNum); + output_endsection(nipper, section_obs); + if (nipper->sos->defaultFirewallMode == false) + output_parseText(report_nopolicy_impact, nipper, section_imp, rate_med, -1, nipper->tableNum); + else + output_parseText(report_nopolicy_impact, nipper, section_imp, rate_med, 1, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_policy_ease, nipper, section_ease, rate_noease, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_nopolicy_rec1, nipper, section_rec, rate_none, 0, nipper->tableNum); + nipper->anySourceServiceIssue = false; + nipper->bypassRulesIssue = false; + nipper->defaultRulesIssue = false; + set_aclrec_list(nipper, &report_issues_heading); + output_list(nipper, &report_issues_heading); + output_parseText(report_nopolicy_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void sosPolicyIssue(struct nipperConfig *nipper) +{ + // Variables... + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_policy_obs, nipper, section_obs, rate_none, nipper->aclIssues, nipper->tableNum); + + // One issue... + if (nipper->aclIssues == 1) + { + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + memset(tempString, 0, sizeof(tempString)); + if (filterListPointer->global == true) + strcpy(tempString, "global"); + else + sprintf(tempString, "%s to %s", filterListPointer->fromZone, filterListPointer->toZone); + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + reportCommonFilterIssues(nipper, tempString, "The", "policy ID", filterPointer, 0, filterListPointer); + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "The %s %s", filterListPointer->name, report_sospolicy_denylog); + filterListPointer = filterListPointer->next; + } + output_newPara(nipper); + } + + // More than one issue... + else + { + output_table(nipper, true, report_policy_table, &report_policy_heading); + + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + + memset(tempString, 0, sizeof(tempString)); + if (filterListPointer->global == false) + sprintf(tempString, "%s%s%s%sNo", filterListPointer->fromZone, nipper->tablerow_mid, filterListPointer->toZone, nipper->tablerow_mid); + else + sprintf(tempString, "N/A%sN/A%sYes", nipper->tablerow_mid, nipper->tablerow_mid); + + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + reportCommonFilterTableIssues(nipper, tempString, filterPointer, 0, filterListPointer); + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "%s%s%sN/A%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, nipper->tablerow_mid, report_sospolicyt_denylog, nipper->tablerow_end); + + filterListPointer = filterListPointer->next; + } + + output_table(nipper, false, report_policy_table, &report_policy_heading); + } + output_endsection(nipper, section_obs); + if (nipper->rejectIssue == true) + output_parseText(report_policy_impact, nipper, section_imp, rate_med, 2, 0); + else + output_parseText(report_policy_impact, nipper, section_imp, rate_med, 1, 0); + output_endsection(nipper, section_imp); + output_parseText(report_policy_ease, nipper, section_ease, rate_noease, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_policy_rec1, nipper, section_rec, rate_none, 0, nipper->tableNum); + set_aclrec_list(nipper, &report_issues_heading); + output_list(nipper, &report_issues_heading); + output_parseText(report_fw1policy_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void sosPolicyConfig(struct nipperConfig *nipper) +{ + output_parseText(settings_policies_text, nipper, section_none, rate_none, 0, 0); + output_list(nipper, &settings_sospolicy_heading); + reportRules(nipper); +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/report-snmp.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/report-snmp.c.svn-base new file mode 100644 index 0000000..c90699d --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/report-snmp.c.svn-base @@ -0,0 +1,160 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS SNMP reporting + + +void sosSNMPConfig(struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + struct snmpCommunitySOS *communityPointer = 0; + struct snmpHostSOS *snmpHostPointer = 0; + + // General SNMP Settings... + output_table(nipper, true, settings_snmp_sos_table, &settings_general_heading); + if (nipper->sos->snmp->systemName[0] != 0) + { + outputFriendly(nipper->sos->snmp->systemName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sSystem Name%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if (nipper->sos->snmp->contact[0] != 0) + { + outputFriendly(nipper->sos->snmp->contact, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sContact%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if (nipper->sos->snmp->location[0] != 0) + { + outputFriendly(nipper->sos->snmp->location, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sLocation%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + fprintf(nipper->reportFile, "%sSNMP Port%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->snmp->listenPort, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sSNMP Trap Port%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->snmp->trapPort, nipper->tablerow_end); + if (nipper->sos->snmp->authTrap == true) + fprintf(nipper->reportFile, "%sAuthentication Traps%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sAuthentication Traps%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_snmp_sos_table, &settings_general_heading); + + // SNMP Communities... + if (nipper->sos->snmp->community != 0) + { + output_table(nipper, true, settings_snmpstring_table, &settings_snmpstring_sos_heading); + communityPointer = nipper->sos->snmp->community; + while (communityPointer != 0) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_start); + if (nipper->passwords == true) + { + outputFriendly(communityPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + switch (communityPointer->version) + { + case snmp1_2: + fprintf(nipper->reportFile, "1 and 2%s", nipper->tablerow_mid); + break; + case snmp1: + fprintf(nipper->reportFile, "1%s", nipper->tablerow_mid); + break; + case snmp2c: + fprintf(nipper->reportFile, "2%s", nipper->tablerow_mid); + break; + } + if (communityPointer->readOnly == true) + fprintf(nipper->reportFile, "Read Only%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Read/Write%s", nipper->tablerow_mid); + if (communityPointer->enableTraps == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + if (communityPointer->trafficTraps == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_end); + communityPointer = communityPointer->next; + } + output_table(nipper, false, settings_snmpstring_table, &settings_snmpstring_sos_heading); + } + + // SNMP Hosts... + if (nipper->sos->snmp->host != 0) + { + output_table(nipper, true, settings_snmphost_table, &settings_snmphost_sos_heading); + snmpHostPointer = nipper->sos->snmp->host; + while (snmpHostPointer != 0) + { + outputFriendly(snmpHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(snmpHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + switch (snmpHostPointer->version) + { + case snmp1_2: + fprintf(nipper->reportFile, "1 and 2%s", nipper->tablerow_mid); + break; + case snmp1: + fprintf(nipper->reportFile, "1%s", nipper->tablerow_mid); + break; + case snmp2c: + fprintf(nipper->reportFile, "2%s", nipper->tablerow_mid); + break; + } + outputFriendly(snmpHostPointer->sourceInterface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + snmpHostPointer = snmpHostPointer->next; + } + output_table(nipper, false, settings_snmphost_table, &settings_snmphost_sos_heading); + } +} + + +void sosSNMPIssue(struct nipperConfig *nipper) +{ + if (nipper->sos->snmp->host == 0) + output_parseText(report_snmp_css_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + else + output_parseText(report_snmp_css_obs, nipper, section_obs, rate_none, -1, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_snmp_impact, nipper, section_imp, rate_med, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_snmp_ease, nipper, section_ease, rate_difficult, 0, 0); + output_endsection(nipper, section_ease); + if (nipper->sos->snmp->host == 0) + output_parseText(report_snmp_sos_rec, nipper, section_obs, rate_none, 0, nipper->tableNum); + else + output_parseText(report_snmp_sos_rec, nipper, section_obs, rate_none, -1, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/report-ssh.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/report-ssh.c.svn-base new file mode 100644 index 0000000..dab74a5 --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/report-ssh.c.svn-base @@ -0,0 +1,56 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS SSH reporting + + +void sosSSHConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_ssh_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sSSH Service%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sSSH Protocol Version%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->sshVersion, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sSSH V1 Key Generation Time%s%d mins%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->sshKeyGenTime, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sSSH V2 Public Key%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->sshPublicKey, nipper->tablerow_end); + output_table(nipper, false, settings_ssh_table, &settings_general_heading); +} + + +void sosSSHProtocolIssue(struct nipperConfig *nipper) +{ + output_parseText(report_sshproto_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_sshproto_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_sshproto_ease, nipper, section_ease, rate_difficult, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_sshproto_sos_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/report-timeout.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/report-timeout.c.svn-base new file mode 100644 index 0000000..f44c2df --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/report-timeout.c.svn-base @@ -0,0 +1,145 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS Timeout reporting + + +void sosTimeoutIssue(struct nipperConfig *nipper) +{ + // Variables... + struct authServerSOS *authServerPointer = 0; + + output_parseText(report_timeout_obs1, nipper, section_obs, rate_none, nipper->insecureTimeouts, nipper->tableNum); + if ((nipper->connectionTimeout % 60) == 0) + { + numToWord(nipper->reportFile, (nipper->connectionTimeout / 60)); + fprintf(nipper->reportFile, " minutes"); + } + else + { + numToWord(nipper->reportFile, nipper->connectionTimeout / 60); + fprintf(nipper->reportFile, " minutes and "); + numToWord(nipper->reportFile, nipper->connectionTimeout % 60); + fprintf(nipper->reportFile, " seconds"); + } + output_parseText(report_timeout_obs2, nipper, section_none, rate_none, nipper->insecureTimeouts, nipper->tableNum); + if (nipper->insecureTimeouts > 1) + { + output_table(nipper, true, report_timeout_table, &report_timeout_heading); + if ((nipper->sos->authTimeout * 60) > nipper->connectionTimeout) + { + fprintf(nipper->reportFile, "%sWeb Administration%s", nipper->tablerow_start, nipper->tablerow_mid); + numToWord(nipper->reportFile, nipper->sos->authTimeout); + fprintf(nipper->reportFile, " minutes%s", nipper->tablerow_end); + } + authServerPointer = nipper->sos->authServer; + while (authServerPointer != 0) + { + if ((authServerPointer->timeout * 60 ) > nipper->connectionTimeout) + { + switch (authServerPointer->type) + { + case authtype_builtin: + fprintf(nipper->reportFile, "%sBuiltin Authentication%s", nipper->tablerow_start, nipper->tablerow_mid); + break; + case authtype_radius: + fprintf(nipper->reportFile, "%sRADIUS Authentication%s", nipper->tablerow_start, nipper->tablerow_mid); + break; + case authtype_ldap: + fprintf(nipper->reportFile, "%sLDAP Authentication%s", nipper->tablerow_start, nipper->tablerow_mid); + break; + case authtype_securid: + fprintf(nipper->reportFile, "%sSecurId Authentication%s", nipper->tablerow_start, nipper->tablerow_mid); + break; + } + numToWord(nipper->reportFile, authServerPointer->timeout); + fprintf(nipper->reportFile, " minutes%s", nipper->tablerow_end); + } + authServerPointer = authServerPointer->next; + } + output_table(nipper, false, report_timeout_table, &report_timeout_heading); + } + else + { + if ((nipper->sos->authTimeout * 60) > nipper->connectionTimeout) + { + fprintf(nipper->reportFile, "Web Administration had a timeout of "); + numToWord(nipper->reportFile, nipper->sos->authTimeout); + fprintf(nipper->reportFile, " minutes."); + } + authServerPointer = nipper->sos->authServer; + while (authServerPointer != 0) + { + if ((authServerPointer->timeout * 60 ) > nipper->connectionTimeout) + { + switch (authServerPointer->type) + { + case authtype_builtin: + fprintf(nipper->reportFile, "Builtin Authentication had a timeout of "); + break; + case authtype_radius: + fprintf(nipper->reportFile, "RADIUS Authentication had a timeout of "); + break; + case authtype_ldap: + fprintf(nipper->reportFile, "LDAP Authentication had a timeout of "); + break; + case authtype_securid: + fprintf(nipper->reportFile, "SecurId Authentication had a timeout of "); + break; + } + numToWord(nipper->reportFile, authServerPointer->timeout); + fprintf(nipper->reportFile, " minutes."); + } + authServerPointer = authServerPointer->next; + } + output_newPara(nipper); + } + output_endsection(nipper, section_obs); + output_parseText(report_timeout_impact, nipper, section_imp, rate_high, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_timeout_ease, nipper, section_ease, rate_difficult, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_timeout_rec1, nipper, section_rec, rate_none, 0, 0); + if ((nipper->connectionTimeout % 60) == 0) + { + numToWord(nipper->reportFile, (nipper->connectionTimeout / 60)); + fprintf(nipper->reportFile, " minutes"); + } + else + { + numToWord(nipper->reportFile, nipper->connectionTimeout / 60); + fprintf(nipper->reportFile, " minutes and "); + numToWord(nipper->reportFile, (nipper->connectionTimeout % 60)); + fprintf(nipper->reportFile, " seconds"); + } + output_parseText(report_timeout_rec2, nipper, section_none, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/report-zone.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/report-zone.c.svn-base new file mode 100644 index 0000000..4f0c075 --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/report-zone.c.svn-base @@ -0,0 +1,297 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Zone Lines +void sosZoneConfig(struct nipperConfig *nipper) +{ + // Variables + struct zoneSOS *zonePointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(settings_zone_desc, nipper, section_none, rate_none, 0, 0); + + // Show zone list and basic options + output_table(nipper, true, settings_zones_table, &settings_zones_heading); + zonePointer = nipper->sos->zone; + while (zonePointer != 0) + { + outputFriendly(zonePointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (zonePointer->id == 0) + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", zonePointer->id, nipper->tablerow_mid); + if (zonePointer->vlan == 0) + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", zonePointer->vlan, nipper->tablerow_mid); + if (zonePointer->block == false) + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + if (zonePointer->pbr[0] == 0) + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + else + { + outputFriendly(zonePointer->pbr, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + if (zonePointer->tunnel[0] == 0) + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + else + { + outputFriendly(zonePointer->tunnel, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + if (zonePointer->vrouter[0] == 0) + fprintf(nipper->reportFile, "None%s", nipper->tablerow_end); + else + { + outputFriendly(zonePointer->vrouter, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + zonePointer = zonePointer->next; + } + output_table(nipper, false, settings_zones_table, &settings_zones_heading); + + // Zone security settings + zonePointer = nipper->sos->zone; + while (zonePointer != 0) + { + sprintf(tempString, "%s %s", zonePointer->name, settings_zone_table); + output_table(nipper, true, tempString, &settings_general_heading); + fprintf(nipper->reportFile, "%sSend TCP resets for nonsync packets%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->tcpReset == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sRelay DHCP requests to other zones%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->dhcpRelay == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sReassemble HTTP and FTP fragmented packets for ALG%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->reasembleForALG == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sGenerate attack alarms but do not block%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->alarmWithoutDrop == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sApply the security settings to tunnels%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->tunnel[0] == 0) + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_end); + else if (zonePointer->onTunnel == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop fragmented packets%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->blockFrag == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop HTTP traffic containing ActiveX%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->activeX == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop HTTP traffic containing Java%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->java == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop HTTP traffic containing executables%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->exe == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop HTTP traffic containing ZIP files%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->zip == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop HTTP traffic containing malformed URL%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->malformedUrl == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop packets with illegal flags%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->flagDrop == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + if (zonePointer->icmpFlood > 0) + fprintf(nipper->reportFile, "%sDrop ICMP traffic after%s%ld per second%s", nipper->tablerow_start, nipper->tablerow_mid, zonePointer->icmpFlood, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sDrop ICMP traffic flood%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop ICMP traffic with fragments flag%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->icmpFrag == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop ICMP frames larger than 1024%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->icmpLarge == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop packets with invalid IP options%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->ipBadOptions == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop packets with IP source route option%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->ipSourceRoute == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop packets with no or malformed flags%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->noFlag == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop IP frames with a protocol number greater than 135%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->unknownProtocol == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop ping of death attacks%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->pingOfDeath == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPrevent spoofing attacks%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->ipSpoofing == sos_spoofing_off) + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + else if (zonePointer->ipSpoofing == sos_spoofing_interface) + fprintf(nipper->reportFile, "Based on interfaces%s", nipper->tablerow_end); + else if (zonePointer->ipSpoofing == sos_spoofing_routing) + fprintf(nipper->reportFile, "Based on route%s", nipper->tablerow_end); + else if (zonePointer->ipSpoofing == sos_spoofing_zone) + fprintf(nipper->reportFile, "Based on zone%s", nipper->tablerow_end); + if (zonePointer->ipSweep == 0) + fprintf(nipper->reportFile, "%sPrevent IP sweep attacks%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sPrevent IP sweep attacks after 10 ICMP echos%sPer %ld microseconds%s", nipper->tablerow_start, nipper->tablerow_mid, zonePointer->ipSweep, nipper->tablerow_end); + if (zonePointer->portScan == 0) + fprintf(nipper->reportFile, "%sPrevent port scans%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sPrevent port scans after 10 ports%sPer %ld microseconds%s", nipper->tablerow_start, nipper->tablerow_mid, zonePointer->portScan, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPrevent Land attacks%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->land == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPrevent SYN ACK ACK attacks%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->synAckAck == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPrevent SYN flood attacks%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->synFlood == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDetect SYN FIN attacks%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->synFin == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPrevent SYN frag attacks%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->synFrags == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPrevent tear drop attacks%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->tearDrop == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPrevent UDP floods%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->udpFlood == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sLog packets with a loose IP source route%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->ipLooseSource == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sLog packets with the record route option%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->ipRecordRoute == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sLog packets with the security option%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->ipSecurityOption == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sLog packets with the stream option%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->ipStream == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sLog packets with the strict source option%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->strictSource == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sLog packets with the timestamp option%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->ipTimestamp == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sLimit concurrent sessions%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->limitSessions > 0 ) + fprintf(nipper->reportFile, "%d sessions%s", zonePointer->limitSessions, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDetect and modify NetBIOS attack packets%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->winNuke == true ) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + output_table(nipper, false, tempString, &settings_general_heading); + + zonePointer = zonePointer->next; + } + + addAbbreviation("TCP", false); + addAbbreviation("DHCP", false); + addAbbreviation("HTTP", false); + addAbbreviation("FTP", false); + addAbbreviation("ALG", false); + addAbbreviation("ICMP", false); + addAbbreviation("IP", false); +} + diff --git a/0.11.10/ScreenOS/.svn/text-base/report.c.svn-base b/0.11.10/ScreenOS/.svn/text-base/report.c.svn-base new file mode 100644 index 0000000..a9074ca --- /dev/null +++ b/0.11.10/ScreenOS/.svn/text-base/report.c.svn-base @@ -0,0 +1,140 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains ScreenOS reporting code... + +// Report SOS includes... +#include "report-address.c" +#include "report-admin.c" +#include "report-auth-server.c" +#include "report-debug.c" +#include "report-general.c" +#include "report-interface.c" +#include "report-passwords.c" +#include "report-policy.c" +#include "report-snmp.c" +#include "report-ssh.c" +#include "report-timeout.c" +#include "report-zone.c" + + +void generateSOSReport(struct nipperConfig *nipper) +{ + // Variables + struct authServerSOS *authServerPointer = 0; + + // Security Issues... + if (nipper->fullReport == true) + { + + // Simple Passwords + if (nipper->simplePasswords > 1) + addReportSection(nipper, section_security, report_dict_title1, report_dict_context, report_dict_rectext, 10, 8, 5, 3, sosDictionaryIssue); + else if (nipper->simplePasswords > 0) + addReportSection(nipper, section_security, report_dict_title2, report_dict_context, report_dict_rectext, 10, 8, 5, 3, sosDictionaryIssue); + + // Password Strength + if (nipper->passwordStrengths > 1) + addReportSection(nipper, section_security, report_strength_title1, report_strength_context, report_strength_rectext, 10, 8, 5, 3, sosStrengthIssue); + else if (nipper->passwordStrengths > 0) + addReportSection(nipper, section_security, report_strength_title2, report_strength_context, report_strength_rectext, 10, 8, 5, 3, sosStrengthIssue); + + // SNMP + if (nipper->sos->snmp != 0) + { + if ((nipper->sos->snmp->community != 0) || (nipper->sos->snmp->host != 0)) + addReportSection(nipper, section_security, report_snmp_title, report_snmp_context, report_snmp_css_rectext, 10, 8, 5, 3, sosSNMPIssue); + } + + // Default Policy is allow + if (nipper->sos->defaultFirewallMode == false) + addReportSection(nipper, section_security, report_defaultpolicy_title, report_defaultpolicy_context, report_defaultpolicy_rectext, 10, 8, 5, 3, sosDefaultPolicyIssue); + + // Policy Issues + if (nipper->filterList == 0) + addReportSection(nipper, section_security, report_policy_title, report_nopolicy_context, report_nopolicy_rectext, 10, 8, 5, 3, sosNoPolicyIssue); + else + { + rulesAudit(nipper); + if (nipper->aclIssues > 0) + addReportSection(nipper, section_security, report_policy_title, report_policy_context, report_policy_rectext, 10, 8, 5, 3, sosPolicyIssue); + } + + // Timeout + if ((nipper->sos->authTimeout * 60) > nipper->connectionTimeout) + nipper->insecureTimeouts++; + authServerPointer = nipper->sos->authServer; + while (authServerPointer != 0) + { + if ((authServerPointer->timeout * 60 ) > nipper->connectionTimeout) + nipper->insecureTimeouts++; + authServerPointer = authServerPointer->next; + } + if (nipper->insecureTimeouts > 0) + addReportSection(nipper, section_security, report_timeout_title, report_timeout_context, report_timeout_rectext, 10, 8, 5, 3, sosTimeoutIssue); + + // Administrative HTTP Redirect + if (nipper->sos->httpRedirect != true) + addReportSection(nipper, section_security, report_httpred_title, report_httpred_context, report_httpred_rectext, 10, 8, 5, 3, sosHTTPRedirectIssue); + + // Management IP + if (strcmp(nipper->sos->adminIP, "0.0.0.0") == 0) + addReportSection(nipper, section_security, report_mngrip_title, report_mngrip_context, report_mngrip_rectext, 10, 8, 5, 3, sosManagementRIPIssue); + + // SSH Protocol Version + if ((nipper->sos->sshEnabled == true) && (nipper->sos->sshVersion == 1)) + addReportSection(nipper, section_security, report_sshproto_title, report_sshproto_context, report_sshproto_rectext, 10, 8, 5, 3, sosSSHProtocolIssue); + } + + // In Configuration Index + addReportSection(nipper, section_config, settings_general_title, 0, 0, 0, 0, 0, 0, sosGeneralConfig); + addReportSection(nipper, section_config, settings_services_title, 0, 0, 0, 0, 0, 0, sosServicesConfig); + addReportSection(nipper, section_config, settings_admin_title, 0, 0, 0, 0, 0, 0, sosAdminConfig); + if (nipper->sos->authServer != 0) + addReportSection(nipper, section_config, settings_authservers_title, 0, 0, 0, 0, 0, 0, sosAuthServerConfig); + if (nipper->sos->snmp != 0) + addReportSection(nipper, section_config, settings_snmp_title, 0, 0, 0, 0, 0, 0, sosSNMPConfig); + if (nipper->sos->sshEnabled == true) + addReportSection(nipper, section_config, settings_ssh_title, 0, 0, 0, 0, 0, 0, sosSSHConfig); + if (nipper->sos->interface !=0) + addReportSection(nipper, section_config, settings_inter_title, 0, 0, 0, 0, 0, 0, sosInterfaceConfig); + if (nipper->sos->zone != 0) + addReportSection(nipper, section_config, settings_zone_title, 0, 0, 0, 0, 0, 0, sosZoneConfig); + if (nipper->filterList != 0) + addReportSection(nipper, section_config, settings_policies_title, 0, 0, 0, 0, 0, 0, sosPolicyConfig); + if (nipper->sos->nameGroupMappings == true) + addReportSection(nipper, section_config, settings_namegroupmap_title, 0, 0, 0, 0, 0, 0, sosNameGroupMapConfig); + if (nipper->sos->nameMappings == true) + addReportSection(nipper, section_config, settings_namemap_title, 0, 0, 0, 0, 0, 0, sosNameMapConfig); + + // Generate Report... + generateReport(nipper); +} + diff --git a/0.11.10/ScreenOS/cleanup.c b/0.11.10/ScreenOS/cleanup.c new file mode 100644 index 0000000..e505a92 --- /dev/null +++ b/0.11.10/ScreenOS/cleanup.c @@ -0,0 +1,95 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void cleanupSOS(struct nipperConfig *nipper) +{ + // Pointers + struct adminUsersSOS *userSOSPointer = 0; + struct authServerSOS *authServerPointer = 0; + struct interfaceSOS *interfaceSOSPointer = 0; + struct snmpCommunitySOS *communityPointer = 0; + struct snmpHostSOS *snmpHostPointer = 0; + struct zoneSOS *zonePointer = 0; + + // SNMP + if (nipper->sos->snmp != 0) + { + while (nipper->sos->snmp->community != 0) + { + communityPointer = nipper->sos->snmp->community->next; + free (nipper->sos->snmp->community); + nipper->sos->snmp->community = communityPointer; + } + while (nipper->sos->snmp->host != 0) + { + snmpHostPointer = nipper->sos->snmp->host->next; + free (nipper->sos->snmp->host); + nipper->sos->snmp->host = snmpHostPointer; + } + free (nipper->sos->snmp); + } + + // Cleanup Admin Users + while (nipper->sos->users != 0) + { + userSOSPointer = nipper->sos->users->next; + free(nipper->sos->users); + nipper->sos->users = userSOSPointer; + } + + // Cleanup auth server + while (nipper->sos->authServer != 0) + { + authServerPointer = nipper->sos->authServer->next; + free (nipper->sos->authServer); + nipper->sos->authServer = authServerPointer; + } + + // Cleanup Interfaces + while (nipper->sos->interface != 0) + { + interfaceSOSPointer = nipper->sos->interface->next; + free (nipper->sos->interface); + nipper->sos->interface = interfaceSOSPointer; + } + + // Cleanup Zones + while (nipper->sos->zone != 0) + { + zonePointer = nipper->sos->zone->next; + free (nipper->sos->zone); + nipper->sos->zone = zonePointer; + } + + // Cleanup SOS config + free(nipper->sos); +} + diff --git a/0.11.10/ScreenOS/input.c b/0.11.10/ScreenOS/input.c new file mode 100644 index 0000000..dc20e97 --- /dev/null +++ b/0.11.10/ScreenOS/input.c @@ -0,0 +1,162 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct screenOSConfig // Juniper ScreenOS Configuration +{ + struct adminSOS *admin; // Admin settings + struct authServerSOS *authServer; // Authentication settings + struct interfaceSOS *interface; // Interfaces + struct snmpSOS *snmp; // SNMP Settings + struct zoneSOS *zone; // Zone Settings + struct adminUsersSOS *users; // Administrative users + + // General + int defaultFirewallMode; // The default mode is to deny everything + + // SSH Settings + int sshVersion; // SSH Server Protocol Version + int sshEnabled; // SSH Server Enabled/Disabled true or false + int sshKeyGenTime; // Mins for Key Gen - SSH V1 Only + char sshPublicKey[128]; // Public Key - SSH v2 Only + + // Admin Settings + int accessAttempts; // Login attempts allowed + int mailAlert; // Mail admin alerts + int authTimeout; // Connection timeout + char authenticationServer[64]; // Authentication server + int adminFormat; // Format of config file (default, dos or unix) + int httpRedirect; // Redirect Admin HTTP traffic to HTTPS + char email[64]; // Admin email address + char email1[64]; // Admin additional email address + char email2[64]; // Admin additional email address + char emailServer[32]; // Email Server Name + char name[32]; // Admin username + char password[32]; // Admin password + int restrictLength; // Restrict Minimum Password Length (Between 1 and 31) + int privilege; // Admin privilege (default, read-write or get external) + char adminIP[16]; // Administration IP address (default 0.0.0.0) + char adminNetMask[16]; // Administration Netmask (default 255.255.255.255) + int consoleOnly; // Restrict admin access to only the console + int nameMappings; // Set to true if address name mappings exist + int nameGroupMappings; // Set to true if group address name mappings exist + + // Zone Settings + int asymmetricVPN; // Allow multiple paths for VPN traffic +}; + + +struct listSOS // NetScreenOS List +{ + char name[32]; + struct listSOS *next; +}; + + +// Processing ScreenOS includes... +#include "process-address.c" +#include "process-admin.c" +#include "process-auth-server.c" +#include "process-interface.c" +#include "process-policy.c" +#include "process-snmp.c" +#include "process-ssh.c" +#include "process-zone.c" + + +void processSOSInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + + // Split the command line up + command = splitLine(line); + + if ((strcasecmp(command.part[0], "set") == 0) || (strcasecmp(command.part[0], "unset") == 0)) + { + // Hostname + if (strcasecmp(command.part[1], "hostname") == 0) + { + if (nipper->debugMode == true) + printf("Hostname Line: %s\n", line); + stripQuotes(command.part[2], nipper->hostname, sizeof(nipper->hostname)); + } + + // Admin + else if (strcasecmp(command.part[1], "admin") == 0) + processSOSAdmin(line, nipper); + + // Auth Server + else if (strcasecmp(command.part[1], "auth-server") == 0) + processSOSAuthServer(line, nipper); + + // Addresses + else if (strcasecmp(command.part[1], "address") == 0) + processSOSAddress(line, nipper); + + // Group Addresses + else if ((strcasecmp(command.part[1], "group") == 0) && (strcasecmp(command.part[2], "address") == 0)) + processSOSGroupAddress(line, nipper); + + // Interface + else if (strcasecmp(command.part[1], "interface") == 0) + processSOSInterface(line, nipper); + + // Policy Default Permit All + else if ((strcasecmp(command.part[1], "policy") == 0) && (strcasecmp(command.part[2], "default-permit-all") == 0)) + { + if (nipper->debugMode == true) + printf("Default Policy Line: %s\n", line); + nipper->sos->defaultFirewallMode = false; + } + + // Policy + else if (strcasecmp(command.part[1], "policy") == 0) + processSOSPolicy(line, nipper); + + // SSH + else if (strcasecmp(command.part[1], "ssh") == 0) + processSOSSSH(line, nipper); + + // SNMP + else if (strcasecmp(command.part[1], "snmp") == 0) + processSOSSNMP(line, nipper); + + // Zones + else if (strcasecmp(command.part[1], "zone") == 0) + processSOSZone(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); + } +} diff --git a/0.11.10/ScreenOS/process-address.c b/0.11.10/ScreenOS/process-address.c new file mode 100644 index 0000000..2aa4b9e --- /dev/null +++ b/0.11.10/ScreenOS/process-address.c @@ -0,0 +1,146 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process address lines +void processSOSAddress(char *line, struct nipperConfig *nipper) +{ + // Variables + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + char tempString[nipper->maxSize]; + int position = 0; + char *stringPointer = 0; + struct ciscoCommand command; + + // Debug Mode + if (nipper->debugMode == true) + printf("Address Line: %s\n", line); + + // Init + position = 2; + command = splitLine(line); + + // Get Name List + stripQuotes(command.part[position], tempString, nipper->maxSize); + objectListPointer = getObjectListPointer(nipper, tempString); + position++; + + // Add Name Mapping + stripQuotes(command.part[position], tempString, nipper->maxSize); + objectPointer = getObjectPointer(objectListPointer, tempString); + position++; + + // Get Mapping Address / FQDN + stripQuotes(command.part[position], tempString, nipper->maxSize); + stringPointer = strchr(tempString, '/'); + + // Address and Name Mask + if (stringPointer == NULL) + { + strncpy(objectPointer->address, tempString, sizeof(objectPointer->address) - 1); + position++; + // Get netmask + stripQuotes(command.part[position], tempString, nipper->maxSize); + strncpy(objectPointer->netMask, tempString, sizeof(objectPointer->netMask) - 1); + } + else + { + stringPointer[0] = 0; + strncpy(objectPointer->address, tempString, sizeof(objectPointer->address) - 1); + setMaskFromCIDR(objectPointer->netMask, atoi(stringPointer + 1)); + } + if (strcmp(objectPointer->netMask, "255.255.255.255") == 0) + objectPointer->type = object_type_host; + else + objectPointer->type = object_type_network; + position++; + + // If there is a comment + if (position < command.parts) + { + stripQuotes(command.part[position], tempString, nipper->maxSize); + strncpy(objectPointer->comment, tempString, sizeof(objectPointer->comment) - 1); + } + + nipper->sos->nameMappings = true; +} + + +// Process group address lines +void processSOSGroupAddress(char *line, struct nipperConfig *nipper) +{ + // Variables + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct objectMember *memberPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + int position = 0; + struct ciscoCommand command; + + // Debug Mode + if (nipper->debugMode == true) + printf("Group Address Line: %s\n", line); + + // Init + position = 3; + command = splitLine(line); + + // Get Address Name List + stripQuotes(command.part[position], tempString2, nipper->maxSize); + sprintf(tempString, "**ADDR-GRP**%s", tempString2); + objectListPointer = getObjectListPointer(nipper, tempString); + position++; + + // Add Name Mapping + stripQuotes(command.part[position], tempString, nipper->maxSize); + objectPointer = getObjectPointer(objectListPointer, tempString); + objectPointer->type = object_type_group; + position++; + + // Create the mapping... + if (command.parts == position) + objectPointer->type = object_type_group; + + // Add an entry to it... + else if (strcasecmp(command.part[position], "add") == 0) + { + position++; + + // Add entry + stripQuotes(command.part[position], tempString, nipper->maxSize); + memberPointer = getObjectMember(objectPointer, tempString); + memberPointer->type = object_type_object; + } + + nipper->sos->nameGroupMappings = true; +} + diff --git a/0.11.10/ScreenOS/process-admin.c b/0.11.10/ScreenOS/process-admin.c new file mode 100644 index 0000000..111416c --- /dev/null +++ b/0.11.10/ScreenOS/process-admin.c @@ -0,0 +1,296 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +#define adminfmt_default 0 +#define adminfmt_dos 1 +#define adminfmt_unix 2 + +#define adminpriv_default 0 +#define adminpriv_rw 1 +#define adminpriv_ext 2 +#define adminpriv_all 3 +#define adminpriv_read 4 + +#define trustee_none 0 +#define trustee_modem 1 +#define trustee_inter 2 + + +struct adminUsersSOS +{ + char username[32]; + char password[32]; + int trustee; + int privilege; + struct adminUsersSOS *next; +}; + + +// Process admin lines +void processSOSAdmin(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + struct adminUsersSOS *userSOSPointer = 0; + + if (nipper->debugMode == true) + printf("Admin Line: %s\n", line); + + // Init + command = splitLine(line); + + // Access Attempts + if ((strcasecmp(command.part[2], "access") == 0) && (strcasecmp(command.part[3], "attempts") == 0)) + { + if (strcasecmp(command.part[1], "unset") == 0) + nipper->sos->accessAttempts = 3; + else + nipper->sos->accessAttempts = atoi(command.part[4]); + } + + // Users + else if ((strcasecmp(command.part[0], "set") == 0) && (strcasecmp(command.part[2], "user") == 0)) + { + // Is this the first user? + if (nipper->sos->users == 0) + { + // Create + nipper->sos->users = malloc(sizeof(struct adminUsersSOS)); + + // Init + memset(nipper->sos->users, 0 , sizeof(struct adminUsersSOS)); + userSOSPointer = nipper->sos->users; + userSOSPointer->trustee = trustee_none; + userSOSPointer->privilege = adminpriv_default; + } + + // Find users + else + { + userSOSPointer = nipper->sos->users; + while ((userSOSPointer->next != 0) && (strcmp(userSOSPointer->username, command.part[3]) != 0)) + userSOSPointer = userSOSPointer->next; + + // If not found + if (strcmp(userSOSPointer->username, command.part[3]) != 0) + { + // Create + userSOSPointer->next = malloc(sizeof(struct adminUsersSOS)); + + // Init + memset(userSOSPointer->next, 0 , sizeof(struct adminUsersSOS)); + userSOSPointer = userSOSPointer->next; + userSOSPointer->trustee = trustee_none; + userSOSPointer->privilege = adminpriv_default; + } + } + + // Set username + strncpy(userSOSPointer->username, command.part[3], sizeof(userSOSPointer->username) - 1); + + // Is it a password? + if (strcasecmp(command.part[4], "password") == 0) + { + stripQuotes(command.part[5], userSOSPointer->password, sizeof(userSOSPointer->password)); + addJohnPassword(nipper, userSOSPointer->username, userSOSPointer->password); + + // Is there a privilege set? + if (command.parts > 7) + { + if ((strcasecmp(command.part[6], "privilege") == 0) && (strcasecmp(command.part[7], "all") == 0)) + userSOSPointer->privilege = adminpriv_all; + else if ((strcasecmp(command.part[6], "privilege") == 0) && (strcasecmp(command.part[7], "read-only") == 0)) + userSOSPointer->privilege = adminpriv_read; + } + } + + // Is it a trustee? + else if (strcasecmp(command.part[4], "trustee") == 0) + { + if (command.parts > 5) + { + if (strcasecmp(command.part[5], "interface") == 0) + userSOSPointer->trustee = trustee_inter; + else if (strcasecmp(command.part[5], "modem") == 0) + userSOSPointer->trustee = trustee_modem; + } + else + userSOSPointer->trustee = trustee_none; + } + } + + // Auth Timeout + else if ((strcasecmp(command.part[2], "auth") == 0) && (strcasecmp(command.part[3], "timeout") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->authTimeout = 0; + else + nipper->sos->authTimeout = atoi(command.part[4]); + } + + // Auth Server + else if ((strcasecmp(command.part[2], "auth") == 0) && (strcasecmp(command.part[3], "server") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->authenticationServer[0] = 0; + else + stripQuotes(command.part[4], nipper->sos->authenticationServer, sizeof(nipper->sos->authenticationServer)); + } + + // Name + else if (strcasecmp(command.part[2], "name") == 0) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->name[0] = 0; + else + stripQuotes(command.part[3], nipper->sos->name, sizeof(nipper->sos->name)); + } + + // Password Length + else if ((strcasecmp(command.part[2], "password") == 0) && (strcasecmp(command.part[3], "restrict") == 0) && (strcasecmp(command.part[4], "length") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->restrictLength = 0; + else + nipper->sos->restrictLength = atoi(command.part[5]); + } + + // Password + else if (strcasecmp(command.part[2], "password") == 0) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->password[0] = 0; + else + { + stripQuotes(command.part[3], nipper->sos->password, sizeof(nipper->sos->password)); + addJohnPassword(nipper, nipper->sos->name, nipper->sos->password); + } + } + + // Admin Privilege + else if (strcasecmp(command.part[2], "privilege") == 0) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->privilege = adminpriv_default; + else if (strcasecmp(command.part[3], "read-write") == 0) + nipper->sos->privilege = adminpriv_rw; + else if (strcasecmp(command.part[3], "get-external") == 0) + nipper->sos->privilege = adminpriv_ext; + } + + // Management IP + else if (strcasecmp(command.part[2], "manager-ip") == 0) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->name[0] = 0; + else + { + stripQuotes(command.part[3], nipper->sos->adminIP, sizeof(nipper->sos->adminIP)); + if (command.parts > 4) + stripQuotes(command.part[4], nipper->sos->adminNetMask, sizeof(nipper->sos->adminNetMask)); + } + } + + // Admin Format + else if (strcasecmp(command.part[2], "format") == 0) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->adminFormat = adminfmt_default; + else if (strcasecmp(command.part[3], "dos") == 0) + nipper->sos->adminFormat = adminfmt_dos; + else if (strcasecmp(command.part[3], "unix") == 0) + nipper->sos->adminFormat = adminfmt_unix; + } + + // Admin HTTP Redirect + else if ((strcasecmp(command.part[2], "http") == 0) && (strcasecmp(command.part[3], "redirect") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->httpRedirect = false; + else + nipper->sos->httpRedirect = true; + } + + // Console only access + else if ((strcasecmp(command.part[2], "root") == 0) && (strcasecmp(command.part[3], "access") == 0) && (strcasecmp(command.part[4], "console") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->consoleOnly = false; + else + nipper->sos->consoleOnly = true; + } + + // Mail Alerts + else if ((strcasecmp(command.part[2], "mail") == 0) && (strcasecmp(command.part[3], "alert") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->mailAlert = false; + else + nipper->sos->mailAlert = true; + } + + // Mail Server Name / IP + else if ((strcasecmp(command.part[2], "mail") == 0) && (strcasecmp(command.part[3], "server-name") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->emailServer[0] = 0; + else + stripQuotes(command.part[4], nipper->sos->emailServer, sizeof(nipper->sos->emailServer)); + } + + // Mail email address - additional 1 + else if ((strcasecmp(command.part[2], "mail") == 0) && (strcasecmp(command.part[3], "mail-addr1") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->email1[0] = 0; + else + stripQuotes(command.part[4], nipper->sos->email1, sizeof(nipper->sos->email1)); + } + + // Mail email address - additional 2 + else if ((strcasecmp(command.part[2], "mail") == 0) && (strcasecmp(command.part[3], "mail-addr2") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->email2[0] = 0; + else + stripQuotes(command.part[4], nipper->sos->email2, sizeof(nipper->sos->email2)); + } + + // Admin email address (this should be the last mail entry!) + else if ((strcasecmp(command.part[2], "mail") == 0) && (strcasecmp(command.part[3], "traffic-log") == 0)) + { + if (strcasecmp(command.part[0], "unset") == 0) + nipper->sos->email[0] = 0; + else + stripQuotes(command.part[3], nipper->sos->email, sizeof(nipper->sos->email)); + } +} + diff --git a/0.11.10/ScreenOS/process-auth-server.c b/0.11.10/ScreenOS/process-auth-server.c new file mode 100644 index 0000000..46751b5 --- /dev/null +++ b/0.11.10/ScreenOS/process-auth-server.c @@ -0,0 +1,179 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +#define authtype_builtin 0 +#define authtype_radius 1 +#define authtype_ldap 2 +#define authtype_securid 3 + + +struct authServerSOS +{ + int type; // Type of Auth Server (radius (default), ldap, securid) + char name[32]; // Auth Server name + int id; // ID + char serverName[32]; // Server Name + char backup1[32]; // Backup Server Name 1 + char backup2[32]; // Backup Server Name 2 + int timeout; // Server timeout + int forcedTimeout; // Forced Timeout + char radiusSecret[32]; // Radius Secret + int weak; + int dictionary; + char sourceInterface[32]; // Source Interface + + struct authServerSOS *next; +}; + + +// Process Auth Server +void processSOSAuthServer(char *line, struct nipperConfig *nipper) +{ + // Variables + char tempString[nipper->maxSize]; + struct ciscoCommand command; + struct authServerSOS *authServerPointer = 0; + int init = false; + + + if (nipper->debugMode == true) + printf("Auth-Server Line: %s\n", line); + + // Init + command = splitLine(line); + + if (strcasecmp(command.part[0], "set") == 0) + { + + // Has Auth Server structure been created? + if (nipper->sos->authServer == 0) + { + // Create + nipper->sos->authServer = malloc(sizeof(struct authServerSOS)); + authServerPointer = nipper->sos->authServer; + init = true; + } + + // Search for server + else + { + authServerPointer = nipper->sos->authServer; + stripQuotes(command.part[2], tempString, nipper->maxSize); + while ((authServerPointer->next != 0) && (strcmp(tempString, authServerPointer->name) != 0)) + authServerPointer = authServerPointer->next; + + // If not found + if (strcmp(tempString, authServerPointer->name) != 0) + { + // Create + authServerPointer->next = malloc(sizeof(struct authServerSOS)); + authServerPointer = authServerPointer->next; + init = true; + } + } + + if (init == true) + { + memset(authServerPointer, 0 , sizeof(struct authServerSOS)); + authServerPointer->type = authtype_builtin; + authServerPointer->timeout = 10; + authServerPointer->dictionary = false; + authServerPointer->weak = false; + } + + // Set auth-server name + stripQuotes(command.part[2], authServerPointer->name, sizeof(authServerPointer->name)); + + // Timeout + if (strcasecmp(command.part[3], "timeout") == 0) + authServerPointer->timeout = atoi(command.part[4]); + + // Forced Timeout + else if (strcasecmp(command.part[3], "forced-timeout") == 0) + authServerPointer->forcedTimeout = atoi(command.part[4]); + + // ID + else if (strcasecmp(command.part[3], "id") == 0) + authServerPointer->id = atoi(command.part[4]); + + // Server Name + else if (strcasecmp(command.part[3], "server-name") == 0) + stripQuotes(command.part[4], authServerPointer->serverName, sizeof(authServerPointer->serverName)); + + // Backup Server Name 1 + else if (strcasecmp(command.part[3], "backup1") == 0) + stripQuotes(command.part[4], authServerPointer->backup1, sizeof(authServerPointer->backup1)); + + // Backup Server Name 2 + else if (strcasecmp(command.part[3], "backup2") == 0) + stripQuotes(command.part[4], authServerPointer->backup2, sizeof(authServerPointer->backup2)); + + // Source Interface + else if ((strcasecmp(command.part[3], "src_interface") == 0) || (strcasecmp(command.part[3], "src-interface") == 0)) + stripQuotes(command.part[4], authServerPointer->sourceInterface, sizeof(authServerPointer->sourceInterface)); + + // Radius + else if (strcasecmp(command.part[3], "radius") == 0) + { + authServerPointer->type = authtype_radius; + // Secret + if (strcasecmp(command.part[4], "secret") == 0) + { + stripQuotes(command.part[5], authServerPointer->radiusSecret, sizeof(authServerPointer->radiusSecret)); + + // Check strength / dictionary... + if (simplePassword(authServerPointer->radiusSecret, nipper) == true) + { + nipper->simplePasswords++; + authServerPointer->dictionary = true; + } + if (passwordStrength(authServerPointer->radiusSecret, nipper) == false) + { + nipper->passwordStrengths++; + authServerPointer->weak = true; + } + } + } + + // LDAP + else if (strcasecmp(command.part[3], "ldap") == 0) + { + authServerPointer->type = authtype_ldap; + } + + // SecureID + else if (strcasecmp(command.part[3], "securid") == 0) + { + authServerPointer->type = authtype_securid; + } + } +} + diff --git a/0.11.10/ScreenOS/process-interface.c b/0.11.10/ScreenOS/process-interface.c new file mode 100644 index 0000000..ba45586 --- /dev/null +++ b/0.11.10/ScreenOS/process-interface.c @@ -0,0 +1,208 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +struct interfaceSOS +{ + char name[32]; + int enabled; + char zone[32]; + char ipAddress[32]; + // Manage (unconfigured, true, false) + int manageIdent; // Ident Reset + int manageMtrace; // Mtrace + int manageNsmgmt; // NetScreen Managment + int managePing; // Ping + int manageSnmp; // SNMP + int manageSsh; // SSH + int manageSsl; // SSL + int manageTelnet; // Telnet + int manageWeb; // Web + + struct interfaceSOS *next; +}; + + +// Process Interface +void processSOSInterface(char *line, struct nipperConfig *nipper) +{ + // Variables + char tempString[nipper->maxSize]; + struct ciscoCommand command; + struct interfaceSOS *interfaceSOSPointer = 0; + + + if (nipper->debugMode == true) + printf("Interface Line: %s\n", line); + + // Init + command = splitLine(line); + + // Has Auth Server structure been created? + if (nipper->sos->interface == 0) + { + // Create + nipper->sos->interface = malloc(sizeof(struct interfaceSOS)); + + // Init + memset(nipper->sos->interface, 0 , sizeof(struct interfaceSOS)); + interfaceSOSPointer = nipper->sos->interface; + strcpy(interfaceSOSPointer->ipAddress, "None"); + interfaceSOSPointer->enabled = true; + interfaceSOSPointer->manageIdent = unconfigured; + interfaceSOSPointer->manageMtrace = unconfigured; + interfaceSOSPointer->manageNsmgmt = unconfigured; + interfaceSOSPointer->managePing = unconfigured; + interfaceSOSPointer->manageSnmp = unconfigured; + interfaceSOSPointer->manageSsh = unconfigured; + interfaceSOSPointer->manageSsl = unconfigured; + interfaceSOSPointer->manageTelnet = unconfigured; + interfaceSOSPointer->manageWeb = unconfigured; + } + + // Search for server + else + { + interfaceSOSPointer = nipper->sos->interface; + stripQuotes(command.part[2], tempString, nipper->maxSize); + while ((interfaceSOSPointer->next != 0) && (strcmp(tempString, interfaceSOSPointer->name) != 0)) + interfaceSOSPointer = interfaceSOSPointer->next; + + // If not found + if (strcmp(tempString, interfaceSOSPointer->name) != 0) + { + // Create + interfaceSOSPointer->next = malloc(sizeof(struct interfaceSOS)); + + // Init + memset(interfaceSOSPointer->next, 0 , sizeof(struct interfaceSOS)); + interfaceSOSPointer = interfaceSOSPointer->next; + strcpy(interfaceSOSPointer->ipAddress, "None"); + interfaceSOSPointer->enabled = true; + interfaceSOSPointer->manageIdent = unconfigured; + interfaceSOSPointer->manageMtrace = unconfigured; + interfaceSOSPointer->manageNsmgmt = unconfigured; + interfaceSOSPointer->managePing = unconfigured; + interfaceSOSPointer->manageSnmp = unconfigured; + interfaceSOSPointer->manageSsh = unconfigured; + interfaceSOSPointer->manageSsl = unconfigured; + interfaceSOSPointer->manageTelnet = unconfigured; + interfaceSOSPointer->manageWeb = unconfigured; + } + } + + // Set auth-server name + stripQuotes(command.part[2], interfaceSOSPointer->name, sizeof(interfaceSOSPointer->name)); + + // Disabled? + if (strcasecmp(command.part[3], "disable") == 0) + interfaceSOSPointer->enabled = false; + + // Zone + else if (strcasecmp(command.part[3], "zone") == 0) + stripQuotes(command.part[4], interfaceSOSPointer->zone, sizeof(interfaceSOSPointer->zone)); + + // IP Address + else if ((strcasecmp(command.part[0], "set") == 0) && (strcasecmp(command.part[3], "ip") == 0) && (strcasecmp(command.part[4], "manageable") != 0) && (strcasecmp(command.part[4], "unnumbered") != 0)) + stripQuotes(command.part[4], interfaceSOSPointer->ipAddress, sizeof(interfaceSOSPointer->ipAddress)); + + // IP Address Unnumbered + else if ((strcasecmp(command.part[0], "set") == 0) && (strcasecmp(command.part[3], "ip") == 0) && (strcasecmp(command.part[4], "unnumbered") == 0)) + stripQuotes(command.part[6], interfaceSOSPointer->ipAddress, sizeof(interfaceSOSPointer->ipAddress)); + + // Manage + else if (strcasecmp(command.part[3], "manage") == 0) + { + if (strcasecmp(command.part[4], "ident-reset") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->manageIdent = true; + else + interfaceSOSPointer->manageIdent = false; + } + else if (strcasecmp(command.part[4], "mtrace") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->manageMtrace = true; + else + interfaceSOSPointer->manageMtrace = false; + } + else if (strcasecmp(command.part[4], "nsmgmt") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->manageNsmgmt = true; + else + interfaceSOSPointer->manageNsmgmt = false; + } + else if (strcasecmp(command.part[4], "ping") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->managePing = true; + else + interfaceSOSPointer->managePing = false; + } + else if (strcasecmp(command.part[4], "snmp") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->manageSnmp = true; + else + interfaceSOSPointer->manageSnmp = false; + } + else if (strcasecmp(command.part[4], "ssh") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->manageSsh = true; + else + interfaceSOSPointer->manageSsh = false; + } + else if (strcasecmp(command.part[4], "ssl") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->manageSsl = true; + else + interfaceSOSPointer->manageSsl = false; + } + else if (strcasecmp(command.part[4], "telnet") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->manageTelnet = true; + else + interfaceSOSPointer->manageTelnet = false; + } + else if (strcasecmp(command.part[4], "web") == 0) + { + if (strcasecmp(command.part[0], "set") == 0) + interfaceSOSPointer->manageWeb = true; + else + interfaceSOSPointer->manageWeb = false; + } + } +} + diff --git a/0.11.10/ScreenOS/process-policy.c b/0.11.10/ScreenOS/process-policy.c new file mode 100644 index 0000000..ba36906 --- /dev/null +++ b/0.11.10/ScreenOS/process-policy.c @@ -0,0 +1,399 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process policy lines +void processSOSPolicy(char *line, struct nipperConfig *nipper) +{ + // Variables + struct filterListConfig *filterListPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterConfig *filterPreviousPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + char policyName[32]; + int policyGlobal = false; + int policyId = 0; + int policyTop = false; + int policyBefore = -1; + char fromZone[32]; + char toZone[32]; + char tempString[nipper->maxSize]; + int position = 2; + struct ciscoCommand command; + + if (nipper->debugMode == true) + printf("Policy Line: %s\n", line); + + // Init + strcpy(policyName, ""); + strcpy(fromZone, ""); + strcpy(toZone, ""); + command = splitLine(line); + + // Check for Global + if (strcasecmp(command.part[position], "global") == 0) + { + policyGlobal = true; + position++; + } + + // Check for ID + if (strcasecmp(command.part[position], "id") == 0) + { + position++; + policyId = atoi(command.part[position]); + position++; + } + + // Check top + if (strcasecmp(command.part[position], "top") == 0) + { + position++; + policyTop = true; + } + + // Check Before + if (strcasecmp(command.part[position], "before") == 0) + { + position++; + policyBefore = atoi(command.part[position]); + position++; + } + + // Check for a Name + if (strcasecmp(command.part[position], "name") == 0) + { + position++; + strncpy(policyName, command.part[position], sizeof(policyName) - 1); + position++; + } + + if (position < command.parts) + { + // Check for From and to + if (strcasecmp(command.part[position], "from") == 0) + { + position++; + stripQuotes(command.part[position], tempString, nipper->maxSize); + strncpy(fromZone, tempString, sizeof(fromZone) - 1); + position += 2; + stripQuotes(command.part[position], tempString, nipper->maxSize); + strncpy(toZone, tempString, sizeof(toZone) - 1); + position++; + } + + // If FROM / TO + if ((fromZone[0] != 0) || (policyGlobal == true)) + { + + // Get Pointer to policy list... + if (fromZone[0] != 0) + filterListPointer = getFilterList(nipper, fromZone, toZone, false); + else if (policyGlobal == true) + filterListPointer = getFilterList(nipper, "", "", true); + + // Name... + if (policyName[0] != 0) + strncpy(filterListPointer->name, policyName, sizeof(filterListPointer->name)); + + // Create policy rule + // If no other rules exist + if (filterListPointer->filter == 0) + { + // Create... + filterListPointer->filter = malloc(sizeof(struct filterConfig)); + // Pointers... + filterPointer = filterListPointer->filter; + } + // Policy at top + else if (policyTop == true) + { + // Create... + filterPointer = malloc(sizeof(struct filterConfig)); + // Pointers... + filterPointer->next = filterListPointer->filter; + filterListPointer->filter = filterPointer; + } + // Policy Before + else if (policyBefore != -1) + { + // If first rule matches + if (filterListPointer->filter->id == policyBefore) + { + // Create... + filterPointer = malloc(sizeof(struct filterConfig)); + // Pointers... + filterPointer->next = filterListPointer->filter; + filterListPointer->filter = filterPointer; + } + // Look for rule + else + { + filterPreviousPointer = filterListPointer->filter; + filterPointer = filterPreviousPointer->next; + if (filterPointer == 0) + { + // Create... + filterPreviousPointer->next = malloc(sizeof(struct filterConfig)); + // Pointers... + filterPointer = filterPreviousPointer->next; + } + else + { + // Search + while ((filterPointer->next != 0) && (filterPointer->id != policyBefore)) + { + filterPreviousPointer = filterPointer; + filterPointer = filterPointer->next; + } + + // If found + if (filterPointer->id == policyBefore) + { + // Create... + filterPreviousPointer->next = malloc(sizeof(struct filterConfig)); + // Pointers... + filterPreviousPointer = filterPreviousPointer->next; + filterPreviousPointer->next = filterPointer; + filterPointer = filterPreviousPointer; + } + else + { + // Create... + filterPointer->next = malloc(sizeof(struct filterConfig)); + // Pointers... + filterPointer = filterPointer->next; + } + } + } + } + // At the end + else + { + // Search... + filterPointer = filterListPointer->filter; + while (filterPointer->next != 0) + filterPointer = filterPointer->next; + // Create... + filterPointer->next = malloc(sizeof(struct filterConfig)); + // Pointers... + filterPointer = filterPointer->next; + } + + // Init + memset(filterPointer, 0 , sizeof(struct filterConfig)); + filterPointer->enabled = true; + filterPointer->log = false; + + // ID + filterPointer->id = policyId; + + // Source Address + stripQuotes(command.part[position], tempString, nipper->maxSize); + filterObjectPointer = getFilterMember(filterPointer, tempString, object_filter_source); + if (strcasecmp(filterObjectPointer->name, "Any") == 0) + filterObjectPointer->type = object_type_any; + else if (strncasecmp(filterObjectPointer->name, "MIP(", 4) == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_object; + position++; + + // Destination Address + stripQuotes(command.part[position], tempString, nipper->maxSize); + filterObjectPointer = getFilterMember(filterPointer, tempString, object_filter_destination); + if (strcasecmp(filterObjectPointer->name, "Any") == 0) + filterObjectPointer->type = object_type_any; + else if (strncasecmp(filterObjectPointer->name, "MIP(", 4) == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_object; + position++; + + // Service + stripQuotes(command.part[position], tempString, nipper->maxSize); + filterObjectPointer = getFilterMember(filterPointer, tempString, object_filter_service); + if (strcasecmp(filterObjectPointer->name, "Any") == 0) + { + filterObjectPointer->type = object_type_any; + filterObjectPointer->serviceOp = service_oper_any; + } + else + { + filterObjectPointer->type = object_type_service; + filterObjectPointer->serviceOp = service_oper_eq; + } + position++; + + while (position < command.parts) + { + // Permit + if (strcasecmp(command.part[position], "permit") == 0) + filterPointer->action = filter_action_accept; + + // Deny + else if (strcasecmp(command.part[position], "deny") == 0) + filterPointer->action = filter_action_drop; + + // Reject + else if (strcasecmp(command.part[position], "reject") == 0) + filterPointer->action = filter_action_reject; + + // Log + else if (strcasecmp(command.part[position], "log") == 0) + filterPointer->log = true; + + position++; + } + } + + // Disable? + else if (strcasecmp(command.part[position], "disable") == 0) + { + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->id == policyId) + filterPointer->enabled = false; + filterPointer = filterPointer->next; + } + filterListPointer = filterListPointer->next; + } + } + } + + // If Additional policy settings + else + { + + // Loop through the policy additional setting lines + readLine(nipper->input, line, nipper->maxSize); + command = splitLine(line); + while ((feof(nipper->input) == 0) && (strcasecmp(command.part[0], "exit") != 0)) + { + // Debug + if (nipper->debugMode == true) + printf("Policy Line: %s\n", line); + + // Source + if ((strcasecmp(command.part[0], "set") == 0) && (strcasecmp(command.part[1], "src-address") == 0)) + { + // Find policy ID + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while ((filterPointer->next != 0) && (filterPointer->id != policyId)) + filterPointer = filterPointer->next; + + // Found, add new entry + if (filterPointer->id == policyId) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + filterObjectPointer = getFilterMember(filterPointer, tempString, object_filter_source); + if (strcasecmp(filterObjectPointer->name, "Any") == 0) + filterObjectPointer->type = object_type_any; + else if (strncasecmp(filterObjectPointer->name, "MIP(", 4) == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_object; + } + filterListPointer = filterListPointer->next; + } + } + + // Destination + if ((strcasecmp(command.part[0], "set") == 0) && (strcasecmp(command.part[1], "dst-address") == 0)) + { + // Find policy ID + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while ((filterPointer->next != 0) && (filterPointer->id != policyId)) + filterPointer = filterPointer->next; + + // Found, add new entry + if (filterPointer->id == policyId) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + filterObjectPointer = getFilterMember(filterPointer, tempString, object_filter_destination); + if (strcasecmp(filterObjectPointer->name, "Any") == 0) + filterObjectPointer->type = object_type_any; + else if (strncasecmp(filterObjectPointer->name, "MIP(", 4) == 0) + filterObjectPointer->type = object_type_host; + else + filterObjectPointer->type = object_type_object; + } + filterListPointer = filterListPointer->next; + } + } + + // Service + if ((strcasecmp(command.part[0], "set") == 0) && (strcasecmp(command.part[1], "service") == 0)) + { + // Find policy ID + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while ((filterPointer->next != 0) && (filterPointer->id != policyId)) + filterPointer = filterPointer->next; + + // Found, add new entry + if (filterPointer->id == policyId) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + filterObjectPointer = getFilterMember(filterPointer, tempString, object_filter_service); + if (strcasecmp(filterObjectPointer->name, "Any") == 0) + { + filterObjectPointer->type = object_type_any; + filterObjectPointer->serviceOp = service_oper_any; + } + else + { + filterObjectPointer->type = object_type_service; + filterObjectPointer->serviceOp = service_oper_eq; + } + } + filterListPointer = filterListPointer->next; + } + } + + // Get next line + readLine(nipper->input, line, nipper->maxSize); + command = splitLine(line); + } + } +} + diff --git a/0.11.10/ScreenOS/process-snmp.c b/0.11.10/ScreenOS/process-snmp.c new file mode 100644 index 0000000..9aaba97 --- /dev/null +++ b/0.11.10/ScreenOS/process-snmp.c @@ -0,0 +1,261 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +struct snmpSOS +{ + char contact[64]; + char location[64]; + char systemName[64]; + int listenPort; + int trapPort; + int authTrap; + struct snmpCommunitySOS *community; + struct snmpHostSOS *host; +}; + + +struct snmpCommunitySOS +{ + char community[64]; + int weak; + int dictionary; + int readOnly; + int enableTraps; + int trafficTraps; + int version; + struct snmpCommunitySOS *next; +}; + + +struct snmpHostSOS +{ + char community[64]; + int weak; + int dictionary; + char host[32]; + char sourceInterface[32]; + int version; + struct snmpHostSOS *next; +}; + + +// Process admin lines +void processSOSSNMP(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + struct snmpCommunitySOS *communityPointer = 0; + struct snmpHostSOS *snmpHostPointer = 0; + int tempInt; + + if (nipper->debugMode == true) + printf("SNMP Line: %s\n", line); + + // Init + command = splitLine(line); + + // Create SNMP Struct if required. + if (nipper->sos->snmp == 0) + { + nipper->sos->snmp = malloc(sizeof(struct snmpSOS)); + memset(nipper->sos->snmp, 0 , sizeof(struct snmpSOS)); + nipper->sos->snmp->listenPort = 161; + nipper->sos->snmp->trapPort = 162; + nipper->sos->snmp->authTrap = false; + } + + // SNMP Contact... + if (strcasecmp(command.part[2], "contact") == 0) + stripQuotes(command.part[3], nipper->sos->snmp->contact, sizeof(nipper->sos->snmp->contact)); + + // SNMP location... + else if (strcasecmp(command.part[2], "location") == 0) + stripQuotes(command.part[3], nipper->sos->snmp->location, sizeof(nipper->sos->snmp->location)); + + // SNMP System Name... + else if (strcasecmp(command.part[2], "name") == 0) + stripQuotes(command.part[3], nipper->sos->snmp->systemName, sizeof(nipper->sos->snmp->systemName)); + + // SNMP Listen Port... + else if ((strcasecmp(command.part[2], "port") == 0) && (strcmp(command.part[3], "listen") == 0)) + nipper->sos->snmp->listenPort = atoi(command.part[4]); + + // SNMP Trap Port... + else if ((strcasecmp(command.part[2], "port") == 0) && (strcmp(command.part[3], "trap") == 0)) + nipper->sos->snmp->trapPort = atoi(command.part[4]); + + // Authentication Traps... + else if ((strcasecmp(command.part[2], "auth-trap") == 0) && (strcmp(command.part[3], "enable") == 0)) + nipper->sos->snmp->authTrap = true; + + // Community + else if ((strcasecmp(command.part[2], "community") == 0) && (strcmp(command.part[0], "set") == 0)) + { + // If first community... + if (nipper->sos->snmp->community == 0) + { + nipper->sos->snmp->community = malloc(sizeof(struct snmpCommunitySOS)); + memset(nipper->sos->snmp->community, 0 , sizeof(struct snmpCommunitySOS)); + communityPointer = nipper->sos->snmp->community; + } + else + { + communityPointer = nipper->sos->snmp->community; + while (communityPointer->next != 0) + communityPointer = communityPointer->next; + communityPointer->next = malloc(sizeof(struct snmpCommunitySOS)); + memset(communityPointer->next, 0 , sizeof(struct snmpCommunitySOS)); + communityPointer = communityPointer->next; + } + + // Init... + communityPointer->enableTraps = false; + communityPointer->trafficTraps = false; + communityPointer->version = snmp1_2; + communityPointer->weak = false; + communityPointer->dictionary = false; + + // Community + stripQuotes(command.part[3], communityPointer->community, sizeof(communityPointer->community)); + + // Check strength / dictionary... + if (simplePassword(communityPointer->community, nipper) == true) + { + nipper->simplePasswords++; + communityPointer->dictionary = true; + } + if (passwordStrength(communityPointer->community, nipper) == false) + { + nipper->passwordStrengths++; + communityPointer->weak = true; + } + + // Get other parameters... + tempInt = 4; + while (tempInt < command.parts) + { + // version + if (strcasecmp(command.part[tempInt], "version") == 0) + { + tempInt++; + if (strcasecmp(command.part[tempInt], "any") == 0) + communityPointer->version = snmp1_2; + else if (strcasecmp(command.part[tempInt], "v1") == 0) + communityPointer->version = snmp1; + else if ((strcasecmp(command.part[tempInt], "v2") == 0) || (strcmp(command.part[tempInt], "v2c") == 0)) + communityPointer->version = snmp2c; + } + + // Trap On + else if (strcasecmp(command.part[tempInt], "trap-on") == 0) + communityPointer->enableTraps = true; + + // Trap Off + else if (strcasecmp(command.part[tempInt], "trap-off") == 0) + communityPointer->enableTraps = false; + + // Trap On + else if (strcasecmp(command.part[tempInt], "traffic") == 0) + communityPointer->trafficTraps = true; + + tempInt++; + } + } + + // Host + else if (strcasecmp(command.part[2], "host") == 0) + { + // If first community... + if (nipper->sos->snmp->host == 0) + { + nipper->sos->snmp->host = malloc(sizeof(struct snmpHostSOS)); + memset(nipper->sos->snmp->host, 0 , sizeof(struct snmpHostSOS)); + snmpHostPointer = nipper->sos->snmp->host; + } + else + { + snmpHostPointer = nipper->sos->snmp->host; + while (snmpHostPointer->next != 0) + snmpHostPointer = snmpHostPointer->next; + snmpHostPointer->next = malloc(sizeof(struct snmpHostSOS)); + memset(snmpHostPointer->next, 0 , sizeof(struct snmpHostSOS)); + snmpHostPointer = snmpHostPointer->next; + } + + // Init + strcpy(snmpHostPointer->sourceInterface, "Any"); + snmpHostPointer->weak = false; + snmpHostPointer->dictionary = false; + + // Community + stripQuotes(command.part[3], snmpHostPointer->community, sizeof(snmpHostPointer->community)); + + // Check strength / dictionary... + if (simplePassword(snmpHostPointer->community, nipper) == true) + { + nipper->simplePasswords++; + snmpHostPointer->dictionary = true; + } + if (passwordStrength(snmpHostPointer->community, nipper) == false) + { + nipper->passwordStrengths++; + snmpHostPointer->weak = true; + } + + // Host + stripQuotes(command.part[4], snmpHostPointer->host, sizeof(snmpHostPointer->host)); + + // Options and Trap version + tempInt = 5; + while (tempInt < command.parts) + { + // Source Interface... + if (strcasecmp(command.part[tempInt], "src-interface") == 0) + { + tempInt++; + stripQuotes(command.part[tempInt], snmpHostPointer->sourceInterface, sizeof(snmpHostPointer->sourceInterface)); + } + + // trap... + else if (strcasecmp(command.part[tempInt], "trap") == 0) + { + tempInt++; + if (strcasecmp(command.part[tempInt], "v1") == 0) + snmpHostPointer->version = snmp1; + else if ((strcasecmp(command.part[tempInt], "v2") == 0) || (strcasecmp(command.part[tempInt], "v2c") == 0)) + snmpHostPointer->version = snmp2c; + } + + tempInt++; + } + } +} + diff --git a/0.11.10/ScreenOS/process-ssh.c b/0.11.10/ScreenOS/process-ssh.c new file mode 100644 index 0000000..4dcc184 --- /dev/null +++ b/0.11.10/ScreenOS/process-ssh.c @@ -0,0 +1,66 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process SSH Service Lines +void processSOSSSH(char *line, struct nipperConfig *nipper) +{ + // Variables + struct ciscoCommand command; + + // Debug Output + if (nipper->debugMode == true) + printf("SSH Line: %s\n", line); + + // Init + command = splitLine(line); + + // Version? + if (strcasecmp(command.part[2], "version") == 0) + { + if (strcasecmp(command.part[3], "v1") == 0) + nipper->sos->sshVersion = 1; + else if (strcasecmp(command.part[3], "v2") == 0) + nipper->sos->sshVersion = 2; + } + + // Enabled? + else if (strcasecmp(command.part[2], "enable") == 0) + nipper->sos->sshEnabled = true; + + // SSH v1 Key Gen Time + else if (strcasecmp(command.part[2], "key-gen-time") == 0) + nipper->sos->sshKeyGenTime = atoi(command.part[3]); + + // SSH v2 Public Key + else if (strcasecmp(command.part[2], "pub-key") == 0) + strncpy(nipper->sos->sshPublicKey, command.part[3], sizeof(nipper->sos->sshPublicKey) - 1); +} + diff --git a/0.11.10/ScreenOS/process-zone.c b/0.11.10/ScreenOS/process-zone.c new file mode 100644 index 0000000..dc14c3a --- /dev/null +++ b/0.11.10/ScreenOS/process-zone.c @@ -0,0 +1,436 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#define sos_spoofing_off 0 +#define sos_spoofing_interface 1 +#define sos_spoofing_routing 2 +#define sos_spoofing_zone 3 + +struct zoneSOS +{ + char name[32]; // Zone Name + int id; // Zone ID + int vlan; // L2 VLAN number + int block; // Intra Zone Blocking + char pbr[32]; // Policy-based Routing + char tunnel[32]; // The Tunnel out zone for this VPN zone + int tcpReset; // Send reset packets back when receiving nosync packets + char vrouter[32]; // Bind the zone to a Virtual Router + int dhcpRelay; // Relay DHCP requests + int reasembleForALG; // Reasemble fragmented packets for the ALG + + // Firewall options on the zone... + int alarmWithoutDrop; // Generate an attack alarm, but do not drop + int blockFrag; // Block IP fragmentation attacks + int activeX; // Block ActiveX controls + int java; // Block Java + int exe; // Block Executables + int zip; // Block zip files + int flagDrop; // Detects incorrect flags and drops the packets + long icmpFlood; // Detect and drop ICMP floods (0 = off) + int icmpFrag; // Detect ICMP fragments + int icmpLarge; // Detect and drop large ICMP frames + int ipBadOptions; // Detect and drop bad IP options + int ipSourceRoute; // Detects and drops IP Source Route options + int ipLooseSource; // As above, but loose source (does not drop) + int ipRecordRoute; // Detect ip record route packets (not drop) + int ipSecurityOption; // Detect and record security option (not drop) + int ipSpoofing; // Detect and drop spoofing attacks + int ipStream; // Detect IP stream (not drop) + int strictSource; // Detect IP Strict Source (not drop) + long ipSweep; // Detects and prevents IP sweep attack (0 = off) + int ipTimestamp; // Detect and record timestamp packets + int land; // Detect and prevent land attacks + int limitSessions; // Limit no of sessions (default is 128) + int malformedUrl; // Detects and prevents malformed URL + int pingOfDeath; // Detects and rejects oversized/irregular ICMP + long portScan; // Detect and prevent port scan (0 = off) + int synAckAck; // Detect and prevent SYN ACK ACK attack + int synFin; // Detect illegal flags + int synFlood; // Detect and prevent SYN floods + int synFrags; // Detect and drop a SYN fragmentation attack + int noFlag; // Detects and drops packets with no flags set + int tearDrop; // Detect and block the tear drop attack + int udpFlood; // Detect and drop UDP floods + int unknownProtocol; // Detect and drop protocol numbers greater than 135 + int winNuke; // Detect and modify Windows attack packets + int onTunnel; // Apply to a tunnel + + struct zoneSOS *next; +}; + + +// Get / Create Zone +struct zoneSOS *getZonePointer(struct nipperConfig *nipper, char *zone) +{ + // Variables... + struct zoneSOS *zonePointer = 0; + int init = false; + + // If this is the first zone... + if (nipper->sos->zone == 0) + { + nipper->sos->zone = malloc(sizeof(struct zoneSOS)); + zonePointer = nipper->sos->zone; + init = true; + } + else + { + zonePointer = nipper->sos->zone; + while ((zonePointer->next != 0) && (strcmp(zonePointer->name, zone) != 0)) + zonePointer = zonePointer->next; + if (strcmp(zonePointer->name, zone) != 0) + { + zonePointer->next = malloc(sizeof(struct zoneSOS)); + zonePointer = zonePointer->next; + init = true; + } + } + + // Init? + if (init == true) + { + memset(zonePointer, 0, sizeof(struct zoneSOS)); + zonePointer->vlan = 0; + zonePointer->block = false; + zonePointer->tcpReset = false; + if (strcasecmp(zone, "V1-Untrust") == 0) + zonePointer->dhcpRelay = false; + else + zonePointer->dhcpRelay = true; + strncpy(zonePointer->name, zone, sizeof(zonePointer->name) - 1); + zonePointer->reasembleForALG = false; + zonePointer->alarmWithoutDrop = false; + zonePointer->blockFrag = false; + zonePointer->activeX = false; + zonePointer->java = false; + zonePointer->exe = false; + zonePointer->zip = false; + zonePointer->flagDrop = false; + zonePointer->icmpFlood = 0; + zonePointer->icmpFrag = false; + zonePointer->icmpLarge = false; + zonePointer->ipBadOptions = false; + zonePointer->ipSourceRoute = false; + zonePointer->ipLooseSource = false; + zonePointer->ipRecordRoute = false; + zonePointer->ipSecurityOption = false; + zonePointer->ipSpoofing = sos_spoofing_off; + zonePointer->ipStream = false; + zonePointer->strictSource = false; + zonePointer->ipSweep = 0; + zonePointer->ipTimestamp = false; + zonePointer->land = false; + zonePointer->limitSessions = 128; + zonePointer->malformedUrl = false; + zonePointer->pingOfDeath = false; + zonePointer->portScan = 5000; + zonePointer->synAckAck = false; + zonePointer->synFin = false; + zonePointer->synFlood = false; + zonePointer->synFrags = false; + zonePointer->noFlag = false; + zonePointer->tearDrop = false; + zonePointer->udpFlood = false; + zonePointer->unknownProtocol = false; + zonePointer->winNuke = false; + zonePointer->onTunnel = false; + } + + return zonePointer; +} + + +// Process Zone Lines +void processSOSZone(char *line, struct nipperConfig *nipper) +{ + // Variables + struct zoneSOS *zonePointer = 0; + struct ciscoCommand command; + char tempString[nipper->maxSize]; + int tempInt; + int setting; + + // Debug Output + if (nipper->debugMode == true) + printf("Zone Line: %s\n", line); + + // Init + command = splitLine(line); + + // Set or Unset + if (strcasecmp(command.part[0], "set") == 0) + setting = true; + else + setting = false; + + // Zone name... + if (strcasecmp(command.part[2], "name") == 0) + { + stripQuotes(command.part[3], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + tempInt = 4; + while (tempInt < command.parts) + { + // Layer 2 VLAN... + if (strcasecmp(command.part[tempInt], "L2") == 0) + { + tempInt++; + zonePointer->id = atoi(command.part[tempInt]); + } + + // Tunnel... + else if (strcasecmp(command.part[tempInt], "tunnel") == 0) + { + tempInt++; + stripQuotes(command.part[tempInt], zonePointer->tunnel, sizeof(zonePointer->tunnel)); + } + + tempInt++; + } + } + + // Zone ID + else if (strcasecmp(command.part[2], "id") == 0) + { + stripQuotes(command.part[4], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + zonePointer->id = atoi(command.part[3]); + } + + // Asymmetric VPN? + else if (strcasecmp(command.part[2], "asymmetric-vpn") == 0) + nipper->sos->asymmetricVPN = setting; + + // Block Zone + else if (strcasecmp(command.part[3], "block") == 0) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + zonePointer->block = setting; + } + + // DHCP Relay + else if (strcasecmp(command.part[3], "no-dhcp-relay") == 0) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + if (setting == true) + zonePointer->dhcpRelay = false; + else + zonePointer->dhcpRelay = true; + } + + // Policy Based Routing + else if (strcasecmp(command.part[3], "pbr") == 0) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + stripQuotes(command.part[4], zonePointer->pbr, sizeof(zonePointer->pbr)); + } + + // Reassemble for ALG + else if (strcasecmp(command.part[3], "reassembly-for-alg") == 0) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + zonePointer->reasembleForALG = setting; + } + + // Screen Network Traffic (Packet/Traffic Analysis) + else if (strcasecmp(command.part[3], "screen") == 0) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + + if (strcasecmp(command.part[4], "alarm-without-drop") == 0) + zonePointer->alarmWithoutDrop = setting; + + else if (strcasecmp(command.part[4], "block-frag") == 0) + zonePointer->blockFrag = setting; + + else if (strcasecmp(command.part[4], "component-block") == 0) + { + if (strcasecmp(command.part[5], "activex") == 0) + zonePointer->activeX = setting; + + else if (strcasecmp(command.part[5], "java") == 0) + zonePointer->java = setting; + + else if (strcasecmp(command.part[5], "exe") == 0) + zonePointer->exe = setting; + + else if (strcasecmp(command.part[5], "zip") == 0) + zonePointer->zip = setting; + } + + else if (strcasecmp(command.part[4], "fin-no-ack") == 0) + zonePointer->flagDrop = setting; + + else if (strcasecmp(command.part[4], "icmp-flood") == 0) + { + if (setting == false) + zonePointer->icmpFlood = 0; + else + { + if (command.parts == 7) + zonePointer->icmpFlood = atol(command.part[6]); + else + zonePointer->icmpFlood = 1; + } + } + + else if (strcasecmp(command.part[4], "icmp-fragment") == 0) + zonePointer->icmpFrag = setting; + + else if (strcasecmp(command.part[4], "icmp-large") == 0) + zonePointer->icmpLarge = setting; + + else if (strcasecmp(command.part[4], "ip-bad-option") == 0) + zonePointer->ipBadOptions = setting; + + else if (strcasecmp(command.part[4], "ip-filter-src") == 0) + zonePointer->ipSourceRoute = setting; + + else if (strcasecmp(command.part[4], "ip-loose-src-route") == 0) + zonePointer->ipLooseSource = setting; + + else if (strcasecmp(command.part[4], "ip-record-route") == 0) + zonePointer->ipRecordRoute = setting; + + else if (strcasecmp(command.part[4], "ip-security-opt") == 0) + zonePointer->ipSecurityOption = setting; + + else if (strcasecmp(command.part[4], "ip-spoofing") == 0) + { + if (setting == false) + zonePointer->ipSpoofing = sos_spoofing_off; + else if (command.parts == 5) + zonePointer->ipSpoofing = sos_spoofing_interface; + else if (strcasecmp(command.part[5], "zone-based") != 0) + zonePointer->ipSpoofing = sos_spoofing_routing; + else + zonePointer->ipSpoofing = sos_spoofing_zone; + } + + else if (strcasecmp(command.part[4], "ip-stream-opt") == 0) + zonePointer->ipStream = setting; + + else if (strcasecmp(command.part[4], "ip-strict-src-route") == 0) + zonePointer->strictSource = setting; + + else if (strcasecmp(command.part[4], "ip-sweep") == 0) + { + if (setting == false) + zonePointer->ipSweep = 0; + else + zonePointer->ipSweep = atoi(command.part[6]); + } + + else if (strcasecmp(command.part[4], "ip-timestamp-opt") == 0) + zonePointer->ipTimestamp = setting; + + else if (strcasecmp(command.part[4], "land") == 0) + zonePointer->land = setting; + + else if (strcasecmp(command.part[4], "limit-session") == 0) + { + if (setting == false) + zonePointer->limitSessions = 0; + else + { + zonePointer->limitSessions = 128; + if (command.parts == 7) + zonePointer->limitSessions = atoi(command.part[6]); + } + } + + else if (strcasecmp(command.part[4], "mal-URL") == 0) + zonePointer->malformedUrl = setting; + + else if (strcasecmp(command.part[4], "mal-URL") == 0) + zonePointer->onTunnel = setting; + + else if ((strcasecmp(command.part[4], "ping-of-death") == 0) || (strcasecmp(command.part[4], "ping-death") == 0)) + zonePointer->pingOfDeath = setting; + + else if (strcasecmp(command.part[4], "port-scan") == 0) + { + if (setting == false) + zonePointer->portScan = 0; + else + zonePointer->portScan = atol(command.part[6]); + } + + else if (strcasecmp(command.part[4], "syn-ack-ack-proxy") == 0) + zonePointer->synAckAck = setting; + + else if (strcasecmp(command.part[4], "syn-fin") == 0) + zonePointer->synFin = setting; + + else if (strcasecmp(command.part[4], "syn-flood") == 0) + zonePointer->synFlood = setting; + + else if (strcasecmp(command.part[4], "syn-frag") == 0) + zonePointer->synFrags = setting; + + else if (strcasecmp(command.part[4], "tcp-no-flag") == 0) + zonePointer->noFlag = setting; + + else if (strcasecmp(command.part[4], "tear-drop") == 0) + zonePointer->tearDrop = setting; + + else if (strcasecmp(command.part[4], "udp-flood") == 0) + zonePointer->udpFlood = setting; + + else if (strcasecmp(command.part[4], "unknown-protocol") == 0) + zonePointer->unknownProtocol = setting; + + else if (strcasecmp(command.part[4], "winnuke") == 0) + zonePointer->winNuke = setting; + } + + // Send TCP Reset + else if (strcasecmp(command.part[3], "tcp-rst") == 0) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + zonePointer->tcpReset = setting; + } + + // VRouter + else if (strcasecmp(command.part[3], "vrouter") == 0) + { + stripQuotes(command.part[2], tempString, nipper->maxSize); + zonePointer = getZonePointer(nipper, tempString); + stripQuotes(command.part[4], zonePointer->vrouter, sizeof(zonePointer->vrouter)); + } +} + diff --git a/0.11.10/ScreenOS/report-address.c b/0.11.10/ScreenOS/report-address.c new file mode 100644 index 0000000..25fb177 --- /dev/null +++ b/0.11.10/ScreenOS/report-address.c @@ -0,0 +1,120 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS Policy reporting + + +void sosNameMapConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + objectListPointer = nipper->objectList; + while (objectListPointer != 0) + { + if (strncmp(objectListPointer->name, "**ADDR-GRP**", 12) != 0) + { + sprintf(tempString2, "Zone %s name mappings", objectListPointer->name); + outputFriendly(tempString2, tempString, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString, &settings_namemapSOS_heading); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + outputFriendly(objectPointer->name, tempString2, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString2, tempString2, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString2, nipper->tablerow_mid); + outputFriendly(objectPointer->address, tempString2, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString2, nipper->tablerow_mid); + outputFriendly(objectPointer->netMask, tempString2, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString2, nipper->tablerow_mid); + outputFriendly(objectPointer->comment, tempString2, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString2, nipper->tablerow_end); + objectPointer = objectPointer->next; + } + output_table(nipper, false, tempString, &settings_namemapSOS_heading); + } + objectListPointer = objectListPointer->next; + } +} + + +void sosNameGroupMapConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct objectMember *memberPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + + objectListPointer = nipper->objectList; + while (objectListPointer != 0) + { + if (strncmp(objectListPointer->name, "**ADDR-GRP**", 12) == 0) + { + + sprintf(tempString, "Zone %s name mapping groups", objectListPointer->name + 12); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "", objectListPointer->name + 12); + output_table(nipper, true, tempString2, &settings_namemapgroup_heading); + + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + + memberPointer = objectPointer->members; + while (memberPointer != 0) + { + outputFriendly(objectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, tempString, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + outputFriendly(memberPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + memberPointer = memberPointer->next; + } + + objectPointer = objectPointer->next; + } + + output_table(nipper, false, tempString2, &settings_namemapgroup_heading); + if (nipper->outputFormat == output_html) + fprintf(nipper->reportFile, ""); + } + objectListPointer = objectListPointer->next; + } +} diff --git a/0.11.10/ScreenOS/report-admin.c b/0.11.10/ScreenOS/report-admin.c new file mode 100644 index 0000000..b43246e --- /dev/null +++ b/0.11.10/ScreenOS/report-admin.c @@ -0,0 +1,167 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS Admin reporting + + +void sosAdminConfig(struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + struct adminUsersSOS *userSOSPointer = 0; + + output_table(nipper, true, settings_admin_table, &settings_general_heading); + if (nipper->sos->name[0] != 0) + { + outputFriendly(nipper->sos->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sAdministrative User%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if ((nipper->sos->password[0] != 0) && (nipper->passwords == true)) + { + outputFriendly(nipper->sos->password, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sEncrypted Administrative Password%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if (nipper->sos->restrictLength == 0) + fprintf(nipper->reportFile, "%sAdmin Password Length%sAny Length (upto 31 characters)%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sAdmin Password Length%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->restrictLength, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sAdmin Login Attempts%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->accessAttempts, nipper->tablerow_end); + if (nipper->sos->privilege == adminpriv_default) + fprintf(nipper->reportFile, "%sAdmin Privilages%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->sos->privilege == adminpriv_rw) + fprintf(nipper->reportFile, "%sAdmin Privilages%sRead / Write%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->sos->privilege == adminpriv_ext) + fprintf(nipper->reportFile, "%sAdmin Privilages%sGet Externally%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (strcmp(nipper->sos->adminIP, "0.0.0.0") == 0) + fprintf(nipper->reportFile, "%sAdmin Management IP%sAny%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sAdmin Management IP%s%s %s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->adminIP, nipper->sos->adminNetMask, nipper->tablerow_end); + addAbbreviation("IP", false); + if (nipper->sos->consoleOnly == true) + fprintf(nipper->reportFile, "%sConsole Only Administration%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sConsole Only Administration%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->sos->authenticationServer[0] != 0) + fprintf(nipper->reportFile, "%sAuthentication Server%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->authenticationServer, nipper->tablerow_end); + if (nipper->sos->authTimeout == 0) + fprintf(nipper->reportFile, "%sAdministration Timeout%sNone%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sAdministration Timeout%s%d mins%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->authTimeout, nipper->tablerow_end); + if (nipper->sos->httpRedirect == true) + fprintf(nipper->reportFile, "%sHTTP Redirection%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->sos->httpRedirect == false) + fprintf(nipper->reportFile, "%sHTTP Redirection%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sHTTP Redirection%sUnconfigured%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + addAbbreviation("HTTP", false); + if (nipper->sos->mailAlert == true) + fprintf(nipper->reportFile, "%sMail Alerts%sYes%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sMail Alerts%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->sos->email[0] != 0) + fprintf(nipper->reportFile, "%sMail Alerts Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->email, nipper->tablerow_end); + if (nipper->sos->email1[0] != 0) + fprintf(nipper->reportFile, "%sMail Alerts Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->email1, nipper->tablerow_end); + if (nipper->sos->email2[0] != 0) + fprintf(nipper->reportFile, "%sMail Alerts Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->email2, nipper->tablerow_end); + if (nipper->sos->emailServer[0] != 0) + fprintf(nipper->reportFile, "%sMail Server%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->emailServer, nipper->tablerow_end); + if (nipper->sos->adminFormat == adminfmt_default) + fprintf(nipper->reportFile, "%sConfiguration Format%sDefault%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else if (nipper->sos->adminFormat == adminfmt_dos) + { + addAbbreviation("DOS", false); + fprintf(nipper->reportFile, "%sConfiguration Format%sDOS%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + } + else if (nipper->sos->adminFormat == adminfmt_unix) + fprintf(nipper->reportFile, "%sConfiguration Format%sUnix%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + + output_table(nipper, false, settings_admin_table, &settings_general_heading); + + if (nipper->sos->users != 0) + { + output_table(nipper, true, settings_admins_table, &settings_admins_heading); + userSOSPointer = nipper->sos->users; + while (userSOSPointer != 0) + { + outputFriendly(userSOSPointer->username, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (nipper->passwords == true) + fprintf(nipper->reportFile, "%s%s", userSOSPointer->password, nipper->tablerow_mid); + switch (userSOSPointer->privilege) + { + case adminpriv_default: + fprintf(nipper->reportFile, "Default%s", nipper->tablerow_mid); + break; + case adminpriv_all: + fprintf(nipper->reportFile, "All%s", nipper->tablerow_mid); + break; + case adminpriv_read: + fprintf(nipper->reportFile, "Read Only%s", nipper->tablerow_mid); + break; + } + if (userSOSPointer->trustee == trustee_none) + fprintf(nipper->reportFile, "None%s", nipper->tablerow_end); + else if (userSOSPointer->trustee == trustee_modem) + fprintf(nipper->reportFile, "Modem%s", nipper->tablerow_end); + else if (userSOSPointer->trustee == trustee_inter) + fprintf(nipper->reportFile, "Interface%s", nipper->tablerow_end); + userSOSPointer = userSOSPointer->next; + } + output_table(nipper, false, settings_admins_table, &settings_admins_heading); + } +} + + +void sosHTTPRedirectIssue(struct nipperConfig *nipper) +{ + output_parseText(report_httpred_obs, nipper, section_obs, rate_none, 0, 0); + output_endsection(nipper, section_obs); + output_parseText(report_httpred_impact, nipper, section_imp, rate_med, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_httpred_ease, nipper, section_ease, rate_trivial, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_httpred_rec, nipper, section_rec, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} + + +void sosManagementRIPIssue(struct nipperConfig *nipper) +{ + output_parseText(report_mngrip_obs, nipper, section_obs, rate_none, 0, 0); + output_endsection(nipper, section_obs); + output_parseText(report_mngrip_impact, nipper, section_imp, rate_med, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_mngrip_ease, nipper, section_ease, rate_noease, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_mngrip_rec, nipper, section_rec, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/ScreenOS/report-auth-server.c b/0.11.10/ScreenOS/report-auth-server.c new file mode 100644 index 0000000..71f4fab --- /dev/null +++ b/0.11.10/ScreenOS/report-auth-server.c @@ -0,0 +1,98 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS Auth Servers reporting + + +void sosAuthServerConfig(struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + struct authServerSOS *authServerPointer = 0; + + output_table(nipper, true, settings_authservers_table, &settings_authservers_heading); + authServerPointer = nipper->sos->authServer; + while (authServerPointer != 0) + { + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, authServerPointer->id, nipper->tablerow_mid); + outputFriendly(authServerPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + switch (authServerPointer->type) + { + case authtype_builtin: + fprintf(nipper->reportFile, "Built-in%s", nipper->tablerow_mid); + break; + case authtype_radius: + fprintf(nipper->reportFile, "RADIUS%s", nipper->tablerow_mid); + addAbbreviation("RADIUS", false); + break; + case authtype_ldap: + fprintf(nipper->reportFile, "LDAP%s", nipper->tablerow_mid); + addAbbreviation("LDAP", false); + break; + case authtype_securid: + fprintf(nipper->reportFile, "SecurID%s", nipper->tablerow_mid); + break; + } + outputFriendly(authServerPointer->serverName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (authServerPointer->backup2[0] == 0) + { + outputFriendly(authServerPointer->backup1, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + else + { + outputFriendly(authServerPointer->backup1, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s, ", tempString); + outputFriendly(authServerPointer->backup2, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + if (authServerPointer->timeout == 0) + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d mins%s", authServerPointer->timeout, nipper->tablerow_mid); + if (authServerPointer->forcedTimeout == 0) + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d mins%s", authServerPointer->forcedTimeout, nipper->tablerow_mid); + outputFriendly(authServerPointer->sourceInterface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(authServerPointer->radiusSecret, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s", tempString); + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + authServerPointer = authServerPointer->next; + } + output_table(nipper, false, settings_authservers_table, &settings_authservers_heading); +} + diff --git a/0.11.10/ScreenOS/report-debug.c b/0.11.10/ScreenOS/report-debug.c new file mode 100644 index 0000000..a4a056a --- /dev/null +++ b/0.11.10/ScreenOS/report-debug.c @@ -0,0 +1,233 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void reportSOSDebug(struct nipperConfig *nipper) +{ + // Variables + struct adminUsersSOS *userSOSPointer = 0; + struct authServerSOS *authServerPointer = 0; + struct interfaceSOS *interfaceSOSPointer = 0; + struct snmpCommunitySOS *communityPointer = 0; + struct snmpHostSOS *snmpHostPointer = 0; + struct zoneSOS *zonePointer = 0; + struct johnPassword *johnPointer = 0; + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf(" True or Enabled = %d\n", true); + printf(" False or Disabled = %d\n", false); + printf(" Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + printf("Hostname: %s\n", nipper->hostname); + printf("SSH Version: %d\n", nipper->sos->sshVersion); + printf("SSH Enabled: %d\n", nipper->sos->sshEnabled); + printf("SSH v1 Key Gen Time: %d\n", nipper->sos->sshKeyGenTime); + printf("SSH v2 Public Key: %s\n", nipper->sos->sshPublicKey); + + // Admin Settings + printf("Admin Settings\n"); + printf(" Admin Name: %s\n", nipper->sos->name); + printf(" Admin Password: %s\n", nipper->sos->password); + printf(" Restrict Password Length: %d\n", nipper->sos->restrictLength); + printf(" Access Attempts: %d\n", nipper->sos->accessAttempts); + printf(" Privilege: %d\n", nipper->sos->privilege); + printf(" Admin IP: %s\n", nipper->sos->adminIP); + printf(" Admin Net Mask: %s\n", nipper->sos->adminNetMask); + printf(" Console Only Access: %d\n", nipper->sos->consoleOnly); + printf(" Mail Alerts: %d\n", nipper->sos->mailAlert); + printf(" E-Mail to: %s\n", nipper->sos->email); + printf(" E-Mail(1) to: %s\n", nipper->sos->email1); + printf(" E-Mail(2) to: %s\n", nipper->sos->email2); + printf(" E-Mail Server: %s\n", nipper->sos->emailServer); + printf(" Auth Timeout: %d\n", nipper->sos->authTimeout); + printf(" Auth Server: %s\n", nipper->sos->authenticationServer); + printf(" Format: %d\n", nipper->sos->adminFormat); + printf(" HTTP Redirect: %d\n", nipper->sos->httpRedirect); + + // Users + userSOSPointer = nipper->sos->users; + while (userSOSPointer != 0) + { + printf(" Username: %s\n", userSOSPointer->username); + printf(" Password: %s\n", userSOSPointer->password); + printf(" Privilege: %d\n", userSOSPointer->privilege); + printf(" Trustee: %d\n", userSOSPointer->trustee); + userSOSPointer = userSOSPointer->next; + } + + // Auth Servers + authServerPointer = nipper->sos->authServer; + while (authServerPointer != 0) + { + printf("Auth Server: %s\n", authServerPointer->name); + printf(" Type: %d\n", authServerPointer->type); + printf(" ID: %d\n", authServerPointer->id); + printf(" Server Name: %s\n", authServerPointer->serverName); + printf(" Backup Server 1: %s\n", authServerPointer->backup1); + printf(" Backup Server 2: %s\n", authServerPointer->backup2); + printf(" Timeout: %d\n", authServerPointer->timeout); + printf(" Forced Timeout: %d\n", authServerPointer->forcedTimeout); + printf(" Source Interface: %s\n", authServerPointer->sourceInterface); + printf(" Radius Secret: %s\n", authServerPointer->radiusSecret); + authServerPointer = authServerPointer->next; + } + + // Interfaces + interfaceSOSPointer = nipper->sos->interface; + while (interfaceSOSPointer != 0) + { + printf("Interface: %s\n", interfaceSOSPointer->name); + printf(" Enabled: %d\n", interfaceSOSPointer->enabled); + printf(" Zone: %s\n", interfaceSOSPointer->zone); + printf(" IP Address: %s\n", interfaceSOSPointer->ipAddress); + printf(" Manage / Monitor\n"); + printf(" Ident-Reset: %d\n", interfaceSOSPointer->manageIdent); + printf(" MTrace: %d\n", interfaceSOSPointer->manageMtrace); + printf(" NS Management: %d\n", interfaceSOSPointer->manageNsmgmt); + printf(" Ping: %d\n", interfaceSOSPointer->managePing); + printf(" SNMP: %d\n", interfaceSOSPointer->manageSnmp); + printf(" SSH: %d\n", interfaceSOSPointer->manageSsh); + printf(" SSL: %d\n", interfaceSOSPointer->manageSsl); + printf(" Telnet: %d\n", interfaceSOSPointer->manageTelnet); + printf(" Wen: %d\n", interfaceSOSPointer->manageWeb); + interfaceSOSPointer = interfaceSOSPointer->next; + } + + // Zones + zonePointer = nipper->sos->zone; + while (zonePointer != 0) + { + printf("Zone: %s\n", zonePointer->name); + printf(" ID: %d\n", zonePointer->id); + printf(" VLAN: %d\n", zonePointer->vlan); + printf(" Block: %d\n", zonePointer->block); + printf(" Policy Based Routing: %s\n", zonePointer->pbr); + printf(" Tunnel: %s\n", zonePointer->tunnel); + printf(" TCP Reset: %d\n", zonePointer->tcpReset); + printf(" VRouter: %s\n", zonePointer->vrouter); + printf(" DHCP Relay: %d\n", zonePointer->dhcpRelay); + printf(" Reasemble for ALG: %d\n", zonePointer->reasembleForALG); + printf(" Alarm without Drop: %d\n", zonePointer->alarmWithoutDrop); + printf(" Block Frag: %d\n", zonePointer->blockFrag); + printf(" ActiveX: %d\n", zonePointer->activeX); + printf(" Java: %d\n", zonePointer->java); + printf(" Exe: %d\n", zonePointer->exe); + printf(" Zip: %d\n", zonePointer->zip); + printf(" Frag Drop: %d\n", zonePointer->flagDrop); + printf(" ICMP Flood: %ld\n", zonePointer->icmpFlood); + printf(" ICMP Frag: %d\n", zonePointer->icmpFrag); + printf(" ICMP Large: %d\n", zonePointer->icmpLarge); + printf(" IP Bad Options: %d\n", zonePointer->ipBadOptions); + printf(" IP Source Route: %d\n", zonePointer->ipSourceRoute); + printf(" IP Loose Source: %d\n", zonePointer->ipLooseSource); + printf(" IP Record Route: %d\n", zonePointer->ipRecordRoute); + printf(" IP Security Option: %d\n", zonePointer->ipSecurityOption); + printf(" IP Spoofing: %d\n", zonePointer->ipSpoofing); + printf(" IP Stream: %d\n", zonePointer->ipStream); + printf(" Strict Source: %d\n", zonePointer->strictSource); + printf(" IP Sweep: %ld\n", zonePointer->ipSweep); + printf(" IP Timestamp: %d\n", zonePointer->ipTimestamp); + printf(" Land: %d\n", zonePointer->land); + printf(" Limit Sessions: %d\n", zonePointer->limitSessions); + printf(" Malformed URL: %d\n", zonePointer->malformedUrl); + printf(" Ping of Death: %d\n", zonePointer->pingOfDeath); + printf(" Port Scan: %ld\n", zonePointer->portScan); + printf(" SYN ACK ACK: %d\n", zonePointer->synAckAck); + printf(" SYN FIN: %d\n", zonePointer->synFin); + printf(" SYN Flood: %d\n", zonePointer->synFlood); + printf(" SYN Frags: %d\n", zonePointer->synFrags); + printf(" No Flags: %d\n", zonePointer->noFlag); + printf(" Tear Drop: %d\n", zonePointer->tearDrop); + printf(" UDP Flood: %d\n", zonePointer->udpFlood); + printf(" Unknown Protocol: %d\n", zonePointer->unknownProtocol); + printf(" Win Nuke: %d\n", zonePointer->winNuke); + printf(" Apply To Tunnel?: %d\n", zonePointer->onTunnel); + zonePointer = zonePointer->next; + } + + // SNMP + if (nipper->sos->snmp != 0) + { + printf("SNMP:\n"); + printf(" Contact: %s\n", nipper->sos->snmp->contact); + printf(" Location: %s\n", nipper->sos->snmp->location); + printf(" System Name: %s\n", nipper->sos->snmp->systemName); + printf(" Listen Port: %d\n", nipper->sos->snmp->listenPort); + printf(" Trap Port: %d\n", nipper->sos->snmp->trapPort); + printf(" Authentication Traps: %d\n", nipper->sos->snmp->authTrap); + communityPointer = nipper->sos->snmp->community; + while (communityPointer != 0) + { + printf(" SNMP Community: %s\n", communityPointer->community); + printf(" Weak: %d\n", communityPointer->weak); + printf(" Dictionary: %d\n", communityPointer->dictionary); + printf(" Read Only?: %d\n", communityPointer->readOnly); + printf(" Traps?: %d\n", communityPointer->enableTraps); + printf(" Traffic Traps: %d\n", communityPointer->trafficTraps); + printf(" SNMP Version: %d\n", communityPointer->version); + communityPointer = communityPointer->next; + } + snmpHostPointer = nipper->sos->snmp->host; + while (snmpHostPointer != 0) + { + printf(" SNMP Host: %s\n", snmpHostPointer->host); + printf(" SNMP Community: %s\n", snmpHostPointer->community); + printf(" Weak: %d\n", snmpHostPointer->weak); + printf(" Dictionary: %d\n", snmpHostPointer->dictionary); + printf(" Source Interface: %s\n", snmpHostPointer->sourceInterface); + printf(" SNMP Version: %d\n", snmpHostPointer->version); + snmpHostPointer = snmpHostPointer->next; + } + } + + // Filter Rules... + reportRulesDebug(nipper); + + // Name Mappings + reportObjectsDebug(nipper); + + // John-the-ripper + if (nipper->john != 0) + { + printf("\n%sJohn-the-ripper Output\n======================%s\n", COL_BLUE, RESET); + johnPointer = nipper->john; + while (johnPointer != 0) + { + printf("Username: %s\n", johnPointer->username); + printf(" Password: %s\n", johnPointer->password); + johnPointer = johnPointer->next; + } + } +} + + diff --git a/0.11.10/ScreenOS/report-general.c b/0.11.10/ScreenOS/report-general.c new file mode 100644 index 0000000..33a8a57 --- /dev/null +++ b/0.11.10/ScreenOS/report-general.c @@ -0,0 +1,56 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS General reporting + + +void sosGeneralConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_general_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sHostname%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->friendlyHostname, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDefault Firewall Policy%s", nipper->tablerow_start, nipper->tablerow_mid); + if (nipper->sos->defaultFirewallMode == true) + fprintf(nipper->reportFile, "Deny%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Permit%s", nipper->tablerow_end); + output_table(nipper, false, settings_general_table, &settings_general_heading); +} + + +void sosServicesConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_services_table, &report_services_heading); + if (nipper->sos->sshEnabled == true) + fprintf(nipper->reportFile, "%sSSH%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sSSH%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_services_table, &report_services_heading); + addAbbreviation("SSH", false); +} diff --git a/0.11.10/ScreenOS/report-interface.c b/0.11.10/ScreenOS/report-interface.c new file mode 100644 index 0000000..9881d33 --- /dev/null +++ b/0.11.10/ScreenOS/report-interface.c @@ -0,0 +1,114 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS Interface reporting + + +void sosInterfaceConfig(struct nipperConfig *nipper) +{ + // Variables... + struct interfaceSOS *interfaceSOSPointer = 0; + char tempString[nipper->maxSize]; + + output_table(nipper, true, settings_inter_table, &settings_interSOS_heading); + interfaceSOSPointer = nipper->sos->interface; + while (interfaceSOSPointer != 0) + { + outputFriendly(interfaceSOSPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (interfaceSOSPointer->enabled == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + outputFriendly(interfaceSOSPointer->ipAddress, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + outputFriendly(interfaceSOSPointer->zone, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (interfaceSOSPointer->manageIdent == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceSOSPointer->manageIdent == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (interfaceSOSPointer->manageMtrace == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceSOSPointer->manageMtrace == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (interfaceSOSPointer->manageNsmgmt == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceSOSPointer->manageNsmgmt == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (interfaceSOSPointer->managePing == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceSOSPointer->managePing == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (interfaceSOSPointer->manageSnmp == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceSOSPointer->manageSnmp == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (interfaceSOSPointer->manageSsh == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceSOSPointer->manageSsh == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (interfaceSOSPointer->manageSsl == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceSOSPointer->manageSsl == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (interfaceSOSPointer->manageTelnet == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else if (interfaceSOSPointer->manageTelnet == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + if (interfaceSOSPointer->manageWeb == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_end); + else if (interfaceSOSPointer->manageWeb == false) + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "-%s", nipper->tablerow_end); + interfaceSOSPointer = interfaceSOSPointer->next; + } + output_table(nipper, false, settings_inter_table, &settings_interSOS_heading); + addAbbreviation("SNMP", false); + addAbbreviation("SSL", false); +} + diff --git a/0.11.10/ScreenOS/report-passwords.c b/0.11.10/ScreenOS/report-passwords.c new file mode 100644 index 0000000..6ec41bc --- /dev/null +++ b/0.11.10/ScreenOS/report-passwords.c @@ -0,0 +1,392 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void output_SOSTablePasswords(struct nipperConfig *nipper, int dictPassword) +{ + // Variables + char tempString[nipper->maxSize]; + struct snmpCommunitySOS *communityPointer = 0; + struct snmpHostSOS *snmpHostPointer = 0; + struct authServerSOS *authServerPointer = 0; + //struct adminUsersSOS *userSOSPointer = 0; + + // Authentication Server - Radius Secret + authServerPointer = nipper->sos->authServer; + while (authServerPointer != 0) + { + if (((authServerPointer->dictionary == true) && (dictPassword == true)) || ((authServerPointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sRADIUS Secret%sAuth Server%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + fprintf(nipper->reportFile, "N/A"); + if (nipper->passwords == true) + { + outputFriendly(authServerPointer->radiusSecret, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + authServerPointer = authServerPointer->next; + } + + // SNMP + if (nipper->sos->snmp != 0) + { + // Community + if (nipper->sos->snmp->community != 0) + { + communityPointer = nipper->sos->snmp->community; + while (communityPointer != 0) + { + if (((communityPointer->dictionary == true) && (dictPassword == true)) || ((communityPointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sCommunity%sSNMP%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + if (communityPointer->readOnly == true) + fprintf(nipper->reportFile, "read-only"); + else + fprintf(nipper->reportFile, "read/write"); + if (nipper->passwords == true) + { + outputFriendly(communityPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + communityPointer = communityPointer->next; + } + } + + // Hosts + if (nipper->sos->snmp->host != 0) + { + snmpHostPointer = nipper->sos->snmp->host; + while (snmpHostPointer != 0) + { + if (((snmpHostPointer->dictionary == true) && (dictPassword == true)) || ((snmpHostPointer->weak == true) && (dictPassword == false))) + { + fprintf(nipper->reportFile, "%sCommunity%sSNMP%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid); + outputFriendly(snmpHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "Host: %s", tempString); + if (nipper->passwords == true) + { + outputFriendly(snmpHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + else + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + } + snmpHostPointer = snmpHostPointer->next; + } + } + } +} + + +void output_SOSLinePasswords(struct nipperConfig *nipper, int dictPassword) +{ + // Variables + struct snmpCommunitySOS *communityPointer = 0; + struct snmpHostSOS *snmpHostPointer = 0; + struct authServerSOS *authServerPointer = 0; + //struct adminUsersSOS *userSOSPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + char tempString3[nipper->maxSize]; + + // Authentication Server - Radius Secret + authServerPointer = nipper->sos->authServer; + while (authServerPointer != 0) + { + if (((authServerPointer->dictionary == true) && (dictPassword == true)) || ((authServerPointer->weak == true) && (dictPassword == false))) + { + sprintf(tempString3, "*NOTEXTSTART*The RADIUS authentication server secret was "); + if (nipper->passwords == true) + { + outputFriendly(authServerPointer->radiusSecret, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + authServerPointer = authServerPointer->next; + } + + // SNMP + if (nipper->sos->snmp != 0) + { + // Community + if (nipper->sos->snmp->community != 0) + { + communityPointer = nipper->sos->snmp->community; + while (communityPointer != 0) + { + if (((communityPointer->dictionary == true) && (dictPassword == true)) || ((communityPointer->weak == true) && (dictPassword == false))) + { + sprintf(tempString3, "*NOTEXTSTART*The "); + if (communityPointer->readOnly == true) + sprintf(tempString2, "%sread-only", tempString3); + else + sprintf(tempString2, "%sread/write", tempString3); + sprintf(tempString3, "%s *ABBREV*SNMP*-ABBREV* community string was ", tempString2); + if (nipper->passwords == true) + { + outputFriendly(communityPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + communityPointer = communityPointer->next; + } + } + + // Hosts + if (nipper->sos->snmp->host != 0) + { + snmpHostPointer = nipper->sos->snmp->host; + while (snmpHostPointer != 0) + { + if (((snmpHostPointer->dictionary == true) && (dictPassword == true)) || ((snmpHostPointer->weak == true) && (dictPassword == false))) + { + outputFriendly(snmpHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString3, "*NOTEXTSTART*The *ABBREV*SNMP*-ABBREV* community string for the host %s was ", tempString); + if (nipper->passwords == true) + { + outputFriendly(snmpHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + sprintf(tempString2, "%s%s.", tempString3, tempString); + } + else + { + if (dictPassword == true) + sprintf(tempString2, "%sdictionary-based.", tempString3); + else + sprintf(tempString2, "%sweak.", tempString3); + } + } + snmpHostPointer = snmpHostPointer->next; + } + } + } + + output_parseText(tempString2, nipper, section_none, rate_none, 0, 0); +} + + +void sosDictionaryIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + output_parseText(report_dict_obs, nipper, section_obs, rate_none, nipper->simplePasswords, nipper->tableNum); + if (nipper->simplePasswords > 1) + { + output_table(nipper, true, report_dict_table, &report_dict_heading); + output_SOSTablePasswords(nipper, true); + output_table(nipper, false, report_dict_table, &report_dict_heading); + } + else + output_SOSLinePasswords(nipper, true); + output_endsection(nipper, section_obs); + output_parseText(report_dict_impact, nipper, section_imp, rate_high, nipper->simplePasswords, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_dict_ease, nipper, section_ease, rate_trivial, nipper->simplePasswords, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_dict_rec, nipper, section_rec, rate_none, nipper->simplePasswords, nipper->tableNum); + numToWord(nipper->reportFile, nipper->passwordLength); + fprintf(nipper->reportFile, " characters in length and contain"); + if (nipper->passwordUppers == true) + tempInt = 1; + else + tempInt = 0; + if (nipper->passwordLowers == true) + tempInt++; + if (nipper->passwordEither == true) + tempInt++; + if (nipper->passwordNumbers == true) + tempInt++; + if (nipper->passwordSpecials == true) + tempInt++; + if (nipper->passwordUppers == true) + { + fprintf(nipper->reportFile, " uppercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordLowers == true) + { + fprintf(nipper->reportFile, " lowercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordEither == true) + { + fprintf(nipper->reportFile, " either uppercase or lowercase characters"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordNumbers == true) + { + fprintf(nipper->reportFile, " numbers"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordSpecials == true) + { + fprintf(nipper->reportFile, " special"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (((nipper->passwordNumbers == true) && (nipper->passwordSpecials == false)) || ((nipper->passwordEither == false) && (nipper->passwordNumbers == false) && (nipper->passwordSpecials == false))) + fprintf(nipper->reportFile, "."); + else + fprintf(nipper->reportFile, "characters."); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_endsection(nipper, section_rec); +} + + +void sosStrengthIssue(struct nipperConfig *nipper) +{ + // Variables... + int tempInt = 0; + + output_parseText(report_strength_obs, nipper, section_obs, rate_none, nipper->passwordStrengths, nipper->tableNum); + if (nipper->passwordStrengths > 1) + { + output_table(nipper, true, report_strength_table, &report_dict_heading); + output_SOSTablePasswords(nipper, false); + output_table(nipper, false, report_strength_table, &report_dict_heading); + } + else + output_SOSLinePasswords(nipper, false); + output_endsection(nipper, section_obs); + output_parseText(report_strength_impact, nipper, section_imp, rate_high, nipper->passwordStrengths, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_strength_ease, nipper, section_ease, rate_trivial, nipper->passwordStrengths, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_strength_rec, nipper, section_rec, rate_trivial, nipper->passwordStrengths, nipper->tableNum); + numToWord(nipper->reportFile, nipper->passwordLength); + fprintf(nipper->reportFile, " characters in length and contain"); + if (nipper->passwordUppers == true) + tempInt = 1; + else + tempInt = 0; + if (nipper->passwordLowers == true) + tempInt++; + if (nipper->passwordEither == true) + tempInt++; + if (nipper->passwordNumbers == true) + tempInt++; + if (nipper->passwordSpecials == true) + tempInt++; + if (nipper->passwordUppers == true) + { + fprintf(nipper->reportFile, " uppercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordLowers == true) + { + fprintf(nipper->reportFile, " lowercase"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordEither == true) + { + fprintf(nipper->reportFile, " either uppercase or lowercase characters"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordNumbers == true) + { + fprintf(nipper->reportFile, " numbers"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (nipper->passwordSpecials == true) + { + fprintf(nipper->reportFile, " special"); + if (tempInt > 2) + fprintf(nipper->reportFile, ","); + else if (tempInt == 2) + fprintf(nipper->reportFile, " and"); + tempInt--; + } + if (((nipper->passwordNumbers == true) && (nipper->passwordSpecials == false)) || ((nipper->passwordEither == false) && (nipper->passwordNumbers == false) && (nipper->passwordSpecials == false))) + fprintf(nipper->reportFile, "."); + else + fprintf(nipper->reportFile, " characters."); + if (nipper->outputFormat == output_xml) + fprintf(nipper->reportFile, "\n"); + output_newPara(nipper); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/ScreenOS/report-policy.c b/0.11.10/ScreenOS/report-policy.c new file mode 100644 index 0000000..2f445f6 --- /dev/null +++ b/0.11.10/ScreenOS/report-policy.c @@ -0,0 +1,159 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS Policy reporting + + +void sosDefaultPolicyIssue(struct nipperConfig *nipper) +{ + output_parseText(report_defaultpolicy_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_defaultpolicy_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_defaultpolicy_ease, nipper, section_ease, rate_noease, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_defaultpolicy_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void sosNoPolicyIssue(struct nipperConfig *nipper) +{ + output_parseText(report_policy_obs, nipper, section_obs, rate_none, -1, nipper->tableNum); + output_endsection(nipper, section_obs); + if (nipper->sos->defaultFirewallMode == false) + output_parseText(report_nopolicy_impact, nipper, section_imp, rate_med, -1, nipper->tableNum); + else + output_parseText(report_nopolicy_impact, nipper, section_imp, rate_med, 1, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_policy_ease, nipper, section_ease, rate_noease, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_nopolicy_rec1, nipper, section_rec, rate_none, 0, nipper->tableNum); + nipper->anySourceServiceIssue = false; + nipper->bypassRulesIssue = false; + nipper->defaultRulesIssue = false; + set_aclrec_list(nipper, &report_issues_heading); + output_list(nipper, &report_issues_heading); + output_parseText(report_nopolicy_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void sosPolicyIssue(struct nipperConfig *nipper) +{ + // Variables... + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(report_policy_obs, nipper, section_obs, rate_none, nipper->aclIssues, nipper->tableNum); + + // One issue... + if (nipper->aclIssues == 1) + { + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + memset(tempString, 0, sizeof(tempString)); + if (filterListPointer->global == true) + strcpy(tempString, "global"); + else + sprintf(tempString, "%s to %s", filterListPointer->fromZone, filterListPointer->toZone); + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + reportCommonFilterIssues(nipper, tempString, "The", "policy ID", filterPointer, 0, filterListPointer); + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "The %s %s", filterListPointer->name, report_sospolicy_denylog); + filterListPointer = filterListPointer->next; + } + output_newPara(nipper); + } + + // More than one issue... + else + { + output_table(nipper, true, report_policy_table, &report_policy_heading); + + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + + memset(tempString, 0, sizeof(tempString)); + if (filterListPointer->global == false) + sprintf(tempString, "%s%s%s%sNo", filterListPointer->fromZone, nipper->tablerow_mid, filterListPointer->toZone, nipper->tablerow_mid); + else + sprintf(tempString, "N/A%sN/A%sYes", nipper->tablerow_mid, nipper->tablerow_mid); + + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + reportCommonFilterTableIssues(nipper, tempString, filterPointer, 0, filterListPointer); + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "%s%s%sN/A%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid, nipper->tablerow_mid, report_sospolicyt_denylog, nipper->tablerow_end); + + filterListPointer = filterListPointer->next; + } + + output_table(nipper, false, report_policy_table, &report_policy_heading); + } + output_endsection(nipper, section_obs); + if (nipper->rejectIssue == true) + output_parseText(report_policy_impact, nipper, section_imp, rate_med, 2, 0); + else + output_parseText(report_policy_impact, nipper, section_imp, rate_med, 1, 0); + output_endsection(nipper, section_imp); + output_parseText(report_policy_ease, nipper, section_ease, rate_noease, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_policy_rec1, nipper, section_rec, rate_none, 0, nipper->tableNum); + set_aclrec_list(nipper, &report_issues_heading); + output_list(nipper, &report_issues_heading); + output_parseText(report_fw1policy_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + +void sosPolicyConfig(struct nipperConfig *nipper) +{ + output_parseText(settings_policies_text, nipper, section_none, rate_none, 0, 0); + output_list(nipper, &settings_sospolicy_heading); + reportRules(nipper); +} + diff --git a/0.11.10/ScreenOS/report-snmp.c b/0.11.10/ScreenOS/report-snmp.c new file mode 100644 index 0000000..c90699d --- /dev/null +++ b/0.11.10/ScreenOS/report-snmp.c @@ -0,0 +1,160 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS SNMP reporting + + +void sosSNMPConfig(struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + struct snmpCommunitySOS *communityPointer = 0; + struct snmpHostSOS *snmpHostPointer = 0; + + // General SNMP Settings... + output_table(nipper, true, settings_snmp_sos_table, &settings_general_heading); + if (nipper->sos->snmp->systemName[0] != 0) + { + outputFriendly(nipper->sos->snmp->systemName, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sSystem Name%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if (nipper->sos->snmp->contact[0] != 0) + { + outputFriendly(nipper->sos->snmp->contact, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sContact%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + if (nipper->sos->snmp->location[0] != 0) + { + outputFriendly(nipper->sos->snmp->location, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%sLocation%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, tempString, nipper->tablerow_end); + } + fprintf(nipper->reportFile, "%sSNMP Port%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->snmp->listenPort, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sSNMP Trap Port%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->snmp->trapPort, nipper->tablerow_end); + if (nipper->sos->snmp->authTrap == true) + fprintf(nipper->reportFile, "%sAuthentication Traps%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sAuthentication Traps%sDisabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, settings_snmp_sos_table, &settings_general_heading); + + // SNMP Communities... + if (nipper->sos->snmp->community != 0) + { + output_table(nipper, true, settings_snmpstring_table, &settings_snmpstring_sos_heading); + communityPointer = nipper->sos->snmp->community; + while (communityPointer != 0) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_start); + if (nipper->passwords == true) + { + outputFriendly(communityPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + switch (communityPointer->version) + { + case snmp1_2: + fprintf(nipper->reportFile, "1 and 2%s", nipper->tablerow_mid); + break; + case snmp1: + fprintf(nipper->reportFile, "1%s", nipper->tablerow_mid); + break; + case snmp2c: + fprintf(nipper->reportFile, "2%s", nipper->tablerow_mid); + break; + } + if (communityPointer->readOnly == true) + fprintf(nipper->reportFile, "Read Only%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Read/Write%s", nipper->tablerow_mid); + if (communityPointer->enableTraps == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_mid); + if (communityPointer->trafficTraps == true) + fprintf(nipper->reportFile, "On%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "Off%s", nipper->tablerow_end); + communityPointer = communityPointer->next; + } + output_table(nipper, false, settings_snmpstring_table, &settings_snmpstring_sos_heading); + } + + // SNMP Hosts... + if (nipper->sos->snmp->host != 0) + { + output_table(nipper, true, settings_snmphost_table, &settings_snmphost_sos_heading); + snmpHostPointer = nipper->sos->snmp->host; + while (snmpHostPointer != 0) + { + outputFriendly(snmpHostPointer->host, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (nipper->passwords == true) + { + outputFriendly(snmpHostPointer->community, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + switch (snmpHostPointer->version) + { + case snmp1_2: + fprintf(nipper->reportFile, "1 and 2%s", nipper->tablerow_mid); + break; + case snmp1: + fprintf(nipper->reportFile, "1%s", nipper->tablerow_mid); + break; + case snmp2c: + fprintf(nipper->reportFile, "2%s", nipper->tablerow_mid); + break; + } + outputFriendly(snmpHostPointer->sourceInterface, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + snmpHostPointer = snmpHostPointer->next; + } + output_table(nipper, false, settings_snmphost_table, &settings_snmphost_sos_heading); + } +} + + +void sosSNMPIssue(struct nipperConfig *nipper) +{ + if (nipper->sos->snmp->host == 0) + output_parseText(report_snmp_css_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + else + output_parseText(report_snmp_css_obs, nipper, section_obs, rate_none, -1, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_snmp_impact, nipper, section_imp, rate_med, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_snmp_ease, nipper, section_ease, rate_difficult, 0, 0); + output_endsection(nipper, section_ease); + if (nipper->sos->snmp->host == 0) + output_parseText(report_snmp_sos_rec, nipper, section_obs, rate_none, 0, nipper->tableNum); + else + output_parseText(report_snmp_sos_rec, nipper, section_obs, rate_none, -1, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/ScreenOS/report-ssh.c b/0.11.10/ScreenOS/report-ssh.c new file mode 100644 index 0000000..dab74a5 --- /dev/null +++ b/0.11.10/ScreenOS/report-ssh.c @@ -0,0 +1,56 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS SSH reporting + + +void sosSSHConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_ssh_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sSSH Service%sEnabled%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sSSH Protocol Version%s%d%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->sshVersion, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sSSH V1 Key Generation Time%s%d mins%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->sshKeyGenTime, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sSSH V2 Public Key%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sos->sshPublicKey, nipper->tablerow_end); + output_table(nipper, false, settings_ssh_table, &settings_general_heading); +} + + +void sosSSHProtocolIssue(struct nipperConfig *nipper) +{ + output_parseText(report_sshproto_obs, nipper, section_obs, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_obs); + output_parseText(report_sshproto_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_sshproto_ease, nipper, section_ease, rate_difficult, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_sshproto_sos_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/ScreenOS/report-timeout.c b/0.11.10/ScreenOS/report-timeout.c new file mode 100644 index 0000000..f44c2df --- /dev/null +++ b/0.11.10/ScreenOS/report-timeout.c @@ -0,0 +1,145 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for ScreenOS Timeout reporting + + +void sosTimeoutIssue(struct nipperConfig *nipper) +{ + // Variables... + struct authServerSOS *authServerPointer = 0; + + output_parseText(report_timeout_obs1, nipper, section_obs, rate_none, nipper->insecureTimeouts, nipper->tableNum); + if ((nipper->connectionTimeout % 60) == 0) + { + numToWord(nipper->reportFile, (nipper->connectionTimeout / 60)); + fprintf(nipper->reportFile, " minutes"); + } + else + { + numToWord(nipper->reportFile, nipper->connectionTimeout / 60); + fprintf(nipper->reportFile, " minutes and "); + numToWord(nipper->reportFile, nipper->connectionTimeout % 60); + fprintf(nipper->reportFile, " seconds"); + } + output_parseText(report_timeout_obs2, nipper, section_none, rate_none, nipper->insecureTimeouts, nipper->tableNum); + if (nipper->insecureTimeouts > 1) + { + output_table(nipper, true, report_timeout_table, &report_timeout_heading); + if ((nipper->sos->authTimeout * 60) > nipper->connectionTimeout) + { + fprintf(nipper->reportFile, "%sWeb Administration%s", nipper->tablerow_start, nipper->tablerow_mid); + numToWord(nipper->reportFile, nipper->sos->authTimeout); + fprintf(nipper->reportFile, " minutes%s", nipper->tablerow_end); + } + authServerPointer = nipper->sos->authServer; + while (authServerPointer != 0) + { + if ((authServerPointer->timeout * 60 ) > nipper->connectionTimeout) + { + switch (authServerPointer->type) + { + case authtype_builtin: + fprintf(nipper->reportFile, "%sBuiltin Authentication%s", nipper->tablerow_start, nipper->tablerow_mid); + break; + case authtype_radius: + fprintf(nipper->reportFile, "%sRADIUS Authentication%s", nipper->tablerow_start, nipper->tablerow_mid); + break; + case authtype_ldap: + fprintf(nipper->reportFile, "%sLDAP Authentication%s", nipper->tablerow_start, nipper->tablerow_mid); + break; + case authtype_securid: + fprintf(nipper->reportFile, "%sSecurId Authentication%s", nipper->tablerow_start, nipper->tablerow_mid); + break; + } + numToWord(nipper->reportFile, authServerPointer->timeout); + fprintf(nipper->reportFile, " minutes%s", nipper->tablerow_end); + } + authServerPointer = authServerPointer->next; + } + output_table(nipper, false, report_timeout_table, &report_timeout_heading); + } + else + { + if ((nipper->sos->authTimeout * 60) > nipper->connectionTimeout) + { + fprintf(nipper->reportFile, "Web Administration had a timeout of "); + numToWord(nipper->reportFile, nipper->sos->authTimeout); + fprintf(nipper->reportFile, " minutes."); + } + authServerPointer = nipper->sos->authServer; + while (authServerPointer != 0) + { + if ((authServerPointer->timeout * 60 ) > nipper->connectionTimeout) + { + switch (authServerPointer->type) + { + case authtype_builtin: + fprintf(nipper->reportFile, "Builtin Authentication had a timeout of "); + break; + case authtype_radius: + fprintf(nipper->reportFile, "RADIUS Authentication had a timeout of "); + break; + case authtype_ldap: + fprintf(nipper->reportFile, "LDAP Authentication had a timeout of "); + break; + case authtype_securid: + fprintf(nipper->reportFile, "SecurId Authentication had a timeout of "); + break; + } + numToWord(nipper->reportFile, authServerPointer->timeout); + fprintf(nipper->reportFile, " minutes."); + } + authServerPointer = authServerPointer->next; + } + output_newPara(nipper); + } + output_endsection(nipper, section_obs); + output_parseText(report_timeout_impact, nipper, section_imp, rate_high, 0, 0); + output_endsection(nipper, section_imp); + output_parseText(report_timeout_ease, nipper, section_ease, rate_difficult, 0, 0); + output_endsection(nipper, section_ease); + output_parseText(report_timeout_rec1, nipper, section_rec, rate_none, 0, 0); + if ((nipper->connectionTimeout % 60) == 0) + { + numToWord(nipper->reportFile, (nipper->connectionTimeout / 60)); + fprintf(nipper->reportFile, " minutes"); + } + else + { + numToWord(nipper->reportFile, nipper->connectionTimeout / 60); + fprintf(nipper->reportFile, " minutes and "); + numToWord(nipper->reportFile, (nipper->connectionTimeout % 60)); + fprintf(nipper->reportFile, " seconds"); + } + output_parseText(report_timeout_rec2, nipper, section_none, rate_none, 0, 0); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/ScreenOS/report-zone.c b/0.11.10/ScreenOS/report-zone.c new file mode 100644 index 0000000..4f0c075 --- /dev/null +++ b/0.11.10/ScreenOS/report-zone.c @@ -0,0 +1,297 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Process Zone Lines +void sosZoneConfig(struct nipperConfig *nipper) +{ + // Variables + struct zoneSOS *zonePointer = 0; + char tempString[nipper->maxSize]; + + output_parseText(settings_zone_desc, nipper, section_none, rate_none, 0, 0); + + // Show zone list and basic options + output_table(nipper, true, settings_zones_table, &settings_zones_heading); + zonePointer = nipper->sos->zone; + while (zonePointer != 0) + { + outputFriendly(zonePointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, tempString, nipper->tablerow_mid); + if (zonePointer->id == 0) + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", zonePointer->id, nipper->tablerow_mid); + if (zonePointer->vlan == 0) + fprintf(nipper->reportFile, "-%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%d%s", zonePointer->vlan, nipper->tablerow_mid); + if (zonePointer->block == false) + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + if (zonePointer->pbr[0] == 0) + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + else + { + outputFriendly(zonePointer->pbr, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + if (zonePointer->tunnel[0] == 0) + fprintf(nipper->reportFile, "None%s", nipper->tablerow_mid); + else + { + outputFriendly(zonePointer->tunnel, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + } + if (zonePointer->vrouter[0] == 0) + fprintf(nipper->reportFile, "None%s", nipper->tablerow_end); + else + { + outputFriendly(zonePointer->vrouter, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_end); + } + zonePointer = zonePointer->next; + } + output_table(nipper, false, settings_zones_table, &settings_zones_heading); + + // Zone security settings + zonePointer = nipper->sos->zone; + while (zonePointer != 0) + { + sprintf(tempString, "%s %s", zonePointer->name, settings_zone_table); + output_table(nipper, true, tempString, &settings_general_heading); + fprintf(nipper->reportFile, "%sSend TCP resets for nonsync packets%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->tcpReset == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sRelay DHCP requests to other zones%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->dhcpRelay == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sReassemble HTTP and FTP fragmented packets for ALG%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->reasembleForALG == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sGenerate attack alarms but do not block%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->alarmWithoutDrop == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sApply the security settings to tunnels%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->tunnel[0] == 0) + fprintf(nipper->reportFile, "N/A%s", nipper->tablerow_end); + else if (zonePointer->onTunnel == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop fragmented packets%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->blockFrag == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop HTTP traffic containing ActiveX%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->activeX == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop HTTP traffic containing Java%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->java == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop HTTP traffic containing executables%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->exe == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop HTTP traffic containing ZIP files%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->zip == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop HTTP traffic containing malformed URL%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->malformedUrl == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop packets with illegal flags%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->flagDrop == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + if (zonePointer->icmpFlood > 0) + fprintf(nipper->reportFile, "%sDrop ICMP traffic after%s%ld per second%s", nipper->tablerow_start, nipper->tablerow_mid, zonePointer->icmpFlood, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sDrop ICMP traffic flood%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop ICMP traffic with fragments flag%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->icmpFrag == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop ICMP frames larger than 1024%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->icmpLarge == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop packets with invalid IP options%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->ipBadOptions == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop packets with IP source route option%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->ipSourceRoute == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop packets with no or malformed flags%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->noFlag == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop IP frames with a protocol number greater than 135%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->unknownProtocol == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDrop ping of death attacks%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->pingOfDeath == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPrevent spoofing attacks%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->ipSpoofing == sos_spoofing_off) + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + else if (zonePointer->ipSpoofing == sos_spoofing_interface) + fprintf(nipper->reportFile, "Based on interfaces%s", nipper->tablerow_end); + else if (zonePointer->ipSpoofing == sos_spoofing_routing) + fprintf(nipper->reportFile, "Based on route%s", nipper->tablerow_end); + else if (zonePointer->ipSpoofing == sos_spoofing_zone) + fprintf(nipper->reportFile, "Based on zone%s", nipper->tablerow_end); + if (zonePointer->ipSweep == 0) + fprintf(nipper->reportFile, "%sPrevent IP sweep attacks%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sPrevent IP sweep attacks after 10 ICMP echos%sPer %ld microseconds%s", nipper->tablerow_start, nipper->tablerow_mid, zonePointer->ipSweep, nipper->tablerow_end); + if (zonePointer->portScan == 0) + fprintf(nipper->reportFile, "%sPrevent port scans%sNo%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%sPrevent port scans after 10 ports%sPer %ld microseconds%s", nipper->tablerow_start, nipper->tablerow_mid, zonePointer->portScan, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPrevent Land attacks%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->land == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPrevent SYN ACK ACK attacks%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->synAckAck == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPrevent SYN flood attacks%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->synFlood == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDetect SYN FIN attacks%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->synFin == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPrevent SYN frag attacks%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->synFrags == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPrevent tear drop attacks%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->tearDrop == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sPrevent UDP floods%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->udpFlood == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sLog packets with a loose IP source route%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->ipLooseSource == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sLog packets with the record route option%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->ipRecordRoute == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sLog packets with the security option%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->ipSecurityOption == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sLog packets with the stream option%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->ipStream == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sLog packets with the strict source option%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->strictSource == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sLog packets with the timestamp option%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->ipTimestamp == true) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sLimit concurrent sessions%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->limitSessions > 0 ) + fprintf(nipper->reportFile, "%d sessions%s", zonePointer->limitSessions, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%sDetect and modify NetBIOS attack packets%s", nipper->tablerow_start, nipper->tablerow_mid); + if (zonePointer->winNuke == true ) + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + else + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + output_table(nipper, false, tempString, &settings_general_heading); + + zonePointer = zonePointer->next; + } + + addAbbreviation("TCP", false); + addAbbreviation("DHCP", false); + addAbbreviation("HTTP", false); + addAbbreviation("FTP", false); + addAbbreviation("ALG", false); + addAbbreviation("ICMP", false); + addAbbreviation("IP", false); +} + diff --git a/0.11.10/ScreenOS/report.c b/0.11.10/ScreenOS/report.c new file mode 100644 index 0000000..a9074ca --- /dev/null +++ b/0.11.10/ScreenOS/report.c @@ -0,0 +1,140 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains ScreenOS reporting code... + +// Report SOS includes... +#include "report-address.c" +#include "report-admin.c" +#include "report-auth-server.c" +#include "report-debug.c" +#include "report-general.c" +#include "report-interface.c" +#include "report-passwords.c" +#include "report-policy.c" +#include "report-snmp.c" +#include "report-ssh.c" +#include "report-timeout.c" +#include "report-zone.c" + + +void generateSOSReport(struct nipperConfig *nipper) +{ + // Variables + struct authServerSOS *authServerPointer = 0; + + // Security Issues... + if (nipper->fullReport == true) + { + + // Simple Passwords + if (nipper->simplePasswords > 1) + addReportSection(nipper, section_security, report_dict_title1, report_dict_context, report_dict_rectext, 10, 8, 5, 3, sosDictionaryIssue); + else if (nipper->simplePasswords > 0) + addReportSection(nipper, section_security, report_dict_title2, report_dict_context, report_dict_rectext, 10, 8, 5, 3, sosDictionaryIssue); + + // Password Strength + if (nipper->passwordStrengths > 1) + addReportSection(nipper, section_security, report_strength_title1, report_strength_context, report_strength_rectext, 10, 8, 5, 3, sosStrengthIssue); + else if (nipper->passwordStrengths > 0) + addReportSection(nipper, section_security, report_strength_title2, report_strength_context, report_strength_rectext, 10, 8, 5, 3, sosStrengthIssue); + + // SNMP + if (nipper->sos->snmp != 0) + { + if ((nipper->sos->snmp->community != 0) || (nipper->sos->snmp->host != 0)) + addReportSection(nipper, section_security, report_snmp_title, report_snmp_context, report_snmp_css_rectext, 10, 8, 5, 3, sosSNMPIssue); + } + + // Default Policy is allow + if (nipper->sos->defaultFirewallMode == false) + addReportSection(nipper, section_security, report_defaultpolicy_title, report_defaultpolicy_context, report_defaultpolicy_rectext, 10, 8, 5, 3, sosDefaultPolicyIssue); + + // Policy Issues + if (nipper->filterList == 0) + addReportSection(nipper, section_security, report_policy_title, report_nopolicy_context, report_nopolicy_rectext, 10, 8, 5, 3, sosNoPolicyIssue); + else + { + rulesAudit(nipper); + if (nipper->aclIssues > 0) + addReportSection(nipper, section_security, report_policy_title, report_policy_context, report_policy_rectext, 10, 8, 5, 3, sosPolicyIssue); + } + + // Timeout + if ((nipper->sos->authTimeout * 60) > nipper->connectionTimeout) + nipper->insecureTimeouts++; + authServerPointer = nipper->sos->authServer; + while (authServerPointer != 0) + { + if ((authServerPointer->timeout * 60 ) > nipper->connectionTimeout) + nipper->insecureTimeouts++; + authServerPointer = authServerPointer->next; + } + if (nipper->insecureTimeouts > 0) + addReportSection(nipper, section_security, report_timeout_title, report_timeout_context, report_timeout_rectext, 10, 8, 5, 3, sosTimeoutIssue); + + // Administrative HTTP Redirect + if (nipper->sos->httpRedirect != true) + addReportSection(nipper, section_security, report_httpred_title, report_httpred_context, report_httpred_rectext, 10, 8, 5, 3, sosHTTPRedirectIssue); + + // Management IP + if (strcmp(nipper->sos->adminIP, "0.0.0.0") == 0) + addReportSection(nipper, section_security, report_mngrip_title, report_mngrip_context, report_mngrip_rectext, 10, 8, 5, 3, sosManagementRIPIssue); + + // SSH Protocol Version + if ((nipper->sos->sshEnabled == true) && (nipper->sos->sshVersion == 1)) + addReportSection(nipper, section_security, report_sshproto_title, report_sshproto_context, report_sshproto_rectext, 10, 8, 5, 3, sosSSHProtocolIssue); + } + + // In Configuration Index + addReportSection(nipper, section_config, settings_general_title, 0, 0, 0, 0, 0, 0, sosGeneralConfig); + addReportSection(nipper, section_config, settings_services_title, 0, 0, 0, 0, 0, 0, sosServicesConfig); + addReportSection(nipper, section_config, settings_admin_title, 0, 0, 0, 0, 0, 0, sosAdminConfig); + if (nipper->sos->authServer != 0) + addReportSection(nipper, section_config, settings_authservers_title, 0, 0, 0, 0, 0, 0, sosAuthServerConfig); + if (nipper->sos->snmp != 0) + addReportSection(nipper, section_config, settings_snmp_title, 0, 0, 0, 0, 0, 0, sosSNMPConfig); + if (nipper->sos->sshEnabled == true) + addReportSection(nipper, section_config, settings_ssh_title, 0, 0, 0, 0, 0, 0, sosSSHConfig); + if (nipper->sos->interface !=0) + addReportSection(nipper, section_config, settings_inter_title, 0, 0, 0, 0, 0, 0, sosInterfaceConfig); + if (nipper->sos->zone != 0) + addReportSection(nipper, section_config, settings_zone_title, 0, 0, 0, 0, 0, 0, sosZoneConfig); + if (nipper->filterList != 0) + addReportSection(nipper, section_config, settings_policies_title, 0, 0, 0, 0, 0, 0, sosPolicyConfig); + if (nipper->sos->nameGroupMappings == true) + addReportSection(nipper, section_config, settings_namegroupmap_title, 0, 0, 0, 0, 0, 0, sosNameGroupMapConfig); + if (nipper->sos->nameMappings == true) + addReportSection(nipper, section_config, settings_namemap_title, 0, 0, 0, 0, 0, 0, sosNameMapConfig); + + // Generate Report... + generateReport(nipper); +} + diff --git a/0.11.10/SonicOS/.svn/all-wcprops b/0.11.10/SonicOS/.svn/all-wcprops new file mode 100644 index 0000000..fb833d8 --- /dev/null +++ b/0.11.10/SonicOS/.svn/all-wcprops @@ -0,0 +1,71 @@ +K 25 +svn:wc:ra_dav:version-url +V 37 +/svn/!svn/ver/3/trunk/0.11.10/SonicOS +END +report-services.c +K 25 +svn:wc:ra_dav:version-url +V 55 +/svn/!svn/ver/3/trunk/0.11.10/SonicOS/report-services.c +END +process-services.c +K 25 +svn:wc:ra_dav:version-url +V 56 +/svn/!svn/ver/3/trunk/0.11.10/SonicOS/process-services.c +END +input.c +K 25 +svn:wc:ra_dav:version-url +V 45 +/svn/!svn/ver/3/trunk/0.11.10/SonicOS/input.c +END +report-debug.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/SonicOS/report-debug.c +END +input-preprocessing.c +K 25 +svn:wc:ra_dav:version-url +V 59 +/svn/!svn/ver/3/trunk/0.11.10/SonicOS/input-preprocessing.c +END +report-rules.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/SonicOS/report-rules.c +END +process-rules.c +K 25 +svn:wc:ra_dav:version-url +V 53 +/svn/!svn/ver/3/trunk/0.11.10/SonicOS/process-rules.c +END +report-general.c +K 25 +svn:wc:ra_dav:version-url +V 54 +/svn/!svn/ver/3/trunk/0.11.10/SonicOS/report-general.c +END +cleanup.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/SonicOS/cleanup.c +END +process-policy.c +K 25 +svn:wc:ra_dav:version-url +V 54 +/svn/!svn/ver/3/trunk/0.11.10/SonicOS/process-policy.c +END +report.c +K 25 +svn:wc:ra_dav:version-url +V 46 +/svn/!svn/ver/3/trunk/0.11.10/SonicOS/report.c +END diff --git a/0.11.10/SonicOS/.svn/entries b/0.11.10/SonicOS/.svn/entries new file mode 100644 index 0000000..4894587 --- /dev/null +++ b/0.11.10/SonicOS/.svn/entries @@ -0,0 +1,402 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/0.11.10/SonicOS +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +process-policy.c +file + + + + +2016-02-13T06:47:12.004153Z +ec1b0fd5458f63e593366be687da279a +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +8671 + +report.c +file + + + + +2016-02-13T06:47:12.004153Z +e8156b8433e78f0ad46736a268211a13 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3804 + +report-services.c +file + + + + +2016-02-13T06:47:12.004153Z +994151f75d47bf5f2f5e1f58724c1117 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4123 + +process-services.c +file + + + + +2016-02-13T06:47:12.004153Z +b67065b2164c22ebb1b40af4a336f747 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5837 + +input.c +file + + + + +2016-02-13T06:47:12.004153Z +b1c6682bf2a82c9d7e2ce81221a2a792 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4245 + +report-debug.c +file + + + + +2016-02-13T06:47:12.004153Z +e987d01a8d5ffd302f395e16c2b7e3ff +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2860 + +input-preprocessing.c +file + + + + +2016-02-13T06:47:12.004153Z +685a2c5f4a496e5e6c5f85c7a961b62f +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3130 + +report-rules.c +file + + + + +2016-02-13T06:47:12.004153Z +fe5faaddf4cc857a3ee93ed2df781778 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5375 + +process-rules.c +file + + + + +2016-02-13T06:47:12.004153Z +59fcb870f27334ace91a4d864f0bd977 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +9592 + +report-general.c +file + + + + +2016-02-13T06:47:12.004153Z +5a13fcd7b051f00c93d440b8403997c2 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3052 + +cleanup.c +file + + + + +2016-02-13T06:47:12.004153Z +cd88fc6751b967fc83c5fdd235866add +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2350 + diff --git a/0.11.10/SonicOS/.svn/text-base/cleanup.c.svn-base b/0.11.10/SonicOS/.svn/text-base/cleanup.c.svn-base new file mode 100644 index 0000000..869c786 --- /dev/null +++ b/0.11.10/SonicOS/.svn/text-base/cleanup.c.svn-base @@ -0,0 +1,39 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void cleanupSonicOS(struct nipperConfig *nipper) +{ + // Pointers... + + // Cleanup config + free(nipper->sonicos); +} + diff --git a/0.11.10/SonicOS/.svn/text-base/input-preprocessing.c.svn-base b/0.11.10/SonicOS/.svn/text-base/input-preprocessing.c.svn-base new file mode 100644 index 0000000..7d7584f --- /dev/null +++ b/0.11.10/SonicOS/.svn/text-base/input-preprocessing.c.svn-base @@ -0,0 +1,76 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void preProcessSonicOSConfig(char *inputString) +{ + // Variables... + int readPos = 0; + int writePos = 0; + + for (readPos = 0; readPos < strlen(inputString); readPos++) + { + // If it is an space character... + if (strncmp(inputString + readPos, "%20", 3) == 0) + { + inputString[writePos] = ' '; + readPos += 2; + } + + // If it is an & character... + else if (strncmp(inputString + readPos, "%26", 3) == 0) + { + inputString[writePos] = '&'; + readPos += 2; + } + + // If it is an : character... + else if (strncmp(inputString + readPos, "%3a", 3) == 0) + { + inputString[writePos] = ':'; + readPos += 2; + } + + // If it is an ? character... + else if (strncmp(inputString + readPos, "%3f", 3) == 0) + { + inputString[writePos] = '?'; + readPos += 2; + } + + else + inputString[writePos] = inputString[readPos]; + + writePos++; + } + + // Set string terminator... + inputString[writePos] = 0; +} diff --git a/0.11.10/SonicOS/.svn/text-base/input.c.svn-base b/0.11.10/SonicOS/.svn/text-base/input.c.svn-base new file mode 100644 index 0000000..00e67d2 --- /dev/null +++ b/0.11.10/SonicOS/.svn/text-base/input.c.svn-base @@ -0,0 +1,105 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct sonicosConfig // SonicWall SonicOS Configuration +{ + char ipAddress[16]; + char netMask[16]; + char serialNo[18]; + + int enhanced; +}; + + +// Processing SonicWall SonicOS includes... +#include "process-rules.c" +#include "process-policy.c" +#include "process-services.c" + + +void processSonicOSInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + + // Split the command line up + command = splitLine(line); + + // Device name... + if (strcmp(command.part[0], "firewallName") == 0) + { + if (nipper->debugMode == true) + printf("Hostname Line: %s\n", line); + strncpy(nipper->hostname, line + 13, sizeof(nipper->hostname) - 1); + } + + // IP address... + else if (strcmp(command.part[0], "ipAddr") == 0) + { + if (nipper->debugMode == true) + printf("IP Address Line: %s\n", line); + strncpy(nipper->sonicos->ipAddress, command.part[1], sizeof(nipper->sonicos->ipAddress) - 1); + } + + // Network Mask... + else if (strcmp(command.part[0], "ipSubnetMask") == 0) + { + if (nipper->debugMode == true) + printf("IP Net Mask Line: %s\n", line); + strncpy(nipper->sonicos->netMask, command.part[1], sizeof(nipper->sonicos->netMask) - 1); + } + + // Serial number... + else if (strcmp(command.part[0], "serialNumber") == 0) + { + if (nipper->debugMode == true) + printf("Serial Number Line: %s\n", line); + strncpy(nipper->sonicos->serialNo, command.part[1], sizeof(nipper->sonicos->serialNo) - 1); + } + + // Firewall Rules... + else if (strncmp(command.part[0], "prefs_rule", 10) == 0) + processSonicOSRule(line, nipper); + + // Firewall Policies... + else if (strncmp(command.part[0], "policy", 6) == 0) + processSonicOSPolicy(line, nipper); + + // Services... + else if ((strncmp(command.part[0], "prefs_svc", 9) == 0) || (strncmp(command.part[0], "svcObj", 6) == 0)) + processSonicOSService(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} diff --git a/0.11.10/SonicOS/.svn/text-base/process-policy.c.svn-base b/0.11.10/SonicOS/.svn/text-base/process-policy.c.svn-base new file mode 100644 index 0000000..c56e089 --- /dev/null +++ b/0.11.10/SonicOS/.svn/text-base/process-policy.c.svn-base @@ -0,0 +1,283 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void processSonicOSPolicy(char *line, struct nipperConfig *nipper) +{ + // Variables... + fpos_t filePosition; + struct ciscoCommand command; + struct filterListConfig *filterListPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterConfig *filterSearchPointer = 0; + struct filterObjectConfig *servicePointer = 0; + struct filterObjectConfig *sourcePointer = 0; + struct filterObjectConfig *destinationPointer = 0; + int stopReading = false; + int initialSetup = false; + char sourceNet[32]; + + // Set enhanced... + nipper->sonicos->enhanced = true; + + // Loop through the policy lines + fgetpos(nipper->input, &filePosition); + while ((feof(nipper->input) == 0) && (stopReading == false)) + { + // Debug output + if (nipper->debugMode == true) + printf("Policy Line: %s\n", line); + + // Init + command = splitLine(line); + + // If filter does not yet exist... + if (filterPointer == 0) + { + filterPointer = malloc(sizeof(struct filterConfig)); + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->enabled = true; + filterPointer->log = false; + } + + // Action... + if (strncmp(command.part[0], "policyAction_", 13) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 13); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 13)) + { + if (strcasecmp(command.part[1], "2") == 0) + filterPointer->action = filter_action_accept; + else if (strcasecmp(command.part[1], "1") == 0) + filterPointer->action = filter_action_reject; + else + filterPointer->action = filter_action_drop; + } + else + stopReading = true; + } + + // Service + else if ((strncmp(command.part[0], "policyDstSvc_", 13) == 0) && (command.part[1][0] != 0)) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 13); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 13)) + { + servicePointer = getFilterMember(filterPointer, command.part[1], object_filter_service); + servicePointer->type = object_type_object; + servicePointer->serviceOp = service_oper_eq; + } + else + stopReading = true; + } + + // Source Zone + else if (strncmp(command.part[0], "policySrcZone_", 14) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 14); + initialSetup = true; + } + + if ((filterPointer->id == atoi(command.part[0] + 14)) && (command.part[1][0] == 0)) + strcpy(sourceNet, "Any"); + else if (filterPointer->id == atoi(command.part[0] + 14)) + strncpy(sourceNet, command.part[1], sizeof(sourceNet) - 1); + else + stopReading = true; + } + + // Destination Zone + else if (strncmp(command.part[0], "policyDstZone_", 14) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 14); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 14)) + { + if (command.part[1][0] == 0) + filterListPointer = getFilterList(nipper, sourceNet, "Any", false); + else + filterListPointer = getFilterList(nipper, sourceNet, command.part[1], false); + filterListPointer->type = access_ext; + // If no filters yet... + if (filterListPointer->filter == 0) + filterListPointer->filter = filterPointer; + else + { + filterSearchPointer = filterListPointer->filter; + while (filterSearchPointer->next != 0) + filterSearchPointer = filterSearchPointer->next; + filterSearchPointer->next = filterPointer; + } + } + else + stopReading = true; + } + + // Source + else if (strncmp(command.part[0], "policySrcNet_", 13) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 13); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 13)) + { + if (command.part[1][0] != 0) + { + sourcePointer = getFilterMember(filterPointer, line + strlen(command.part[0]) + 1, object_filter_source); + sourcePointer->type = object_type_object; + } + } + else + stopReading = true; + } + + // Destination + else if (strncmp(command.part[0], "policyDstNet_", 13) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 13); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 13)) + { + if (command.part[1][0] != 0) + { + destinationPointer = getFilterMember(filterPointer, line + strlen(command.part[0]) + 1, object_filter_destination); + destinationPointer->type = object_type_object; + } + } + else + stopReading = true; + } + + // Policy Enabled + else if (strncmp(command.part[0], "policyEnabled_", 14) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 14); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 14)) + { + if (strcmp(command.part[1], "1") == 0) + filterPointer->enabled = true; + else + filterPointer->enabled = false; + } + else + stopReading = true; + } + + // Fragmentation + else if (strncmp(command.part[0], "policyFrag_", 11) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 11); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 11)) + { + if (strcmp(command.part[1], "0") == 0) + filterPointer->fragments = false; + else + filterPointer->fragments = true; + } + else + stopReading = true; + } + + // Comments + else if (strncmp(command.part[0], "policyComment_", 14) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 14); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 14)) + strncpy(filterPointer->remark, line + strlen(command.part[0]) + 1, sizeof(filterPointer->remark) -1); + else + stopReading = true; + } + + // Stop reading... + else if (strncmp(command.part[0], "policy", 6) != 0) + stopReading = true; + + if (stopReading == false) + { + // Get next line + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + } + + // Set file position back + fsetpos(nipper->input, &filePosition); + + // If the filter was not added to the list... + if ((filterListPointer == 0) && (filterPointer != 0)) + { + if (sourcePointer != 0) + free(sourcePointer); + if (destinationPointer != 0) + free(destinationPointer); + if (servicePointer != 0) + free (servicePointer); + free(filterPointer); + } +} + diff --git a/0.11.10/SonicOS/.svn/text-base/process-rules.c.svn-base b/0.11.10/SonicOS/.svn/text-base/process-rules.c.svn-base new file mode 100644 index 0000000..0172d06 --- /dev/null +++ b/0.11.10/SonicOS/.svn/text-base/process-rules.c.svn-base @@ -0,0 +1,308 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void processSonicOSRule(char *line, struct nipperConfig *nipper) +{ + // Variables... + fpos_t filePosition; + struct ciscoCommand command; + struct filterListConfig *filterListPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterConfig *filterSearchPointer = 0; + struct filterObjectConfig *servicePointer = 0; + struct filterObjectConfig *sourcePointer = 0; + struct filterObjectConfig *destinationPointer = 0; + int stopReading = false; + int initialSetup = false; + char sourceNet[32]; + + // Loop through the rule lines + fgetpos(nipper->input, &filePosition); + while ((feof(nipper->input) == 0) && (stopReading == false)) + { + // Debug output + if (nipper->debugMode == true) + printf("Rules Line: %s\n", line); + + // Init + command = splitLine(line); + + // If filter does not yet exist... + if (filterPointer == 0) + { + filterPointer = malloc(sizeof(struct filterConfig)); + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->enabled = true; + filterPointer->log = false; + } + + // Rule Action... + if (strncmp(command.part[0], "prefs_ruleAction_", 17) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 17); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 17)) + { + if (strcasecmp(command.part[1], "allow") == 0) + filterPointer->action = filter_action_accept; + else if (strcasecmp(command.part[1], "deny") == 0) + filterPointer->action = filter_action_reject; + else + filterPointer->action = filter_action_drop; + } + else + stopReading = true; + } + + // Service ID + else if (strncmp(command.part[0], "prefs_ruleSvcID_", 16) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 16); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 16)) + { + servicePointer = getFilterMember(filterPointer, command.part[1], object_filter_service); + servicePointer->type = object_type_object; + servicePointer->serviceOp = service_oper_eq; + } + else + stopReading = true; + } + + // Source Ethernet + else if (strncmp(command.part[0], "prefs_ruleSrcEnet_", 18) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 18); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 18)) + strncpy(sourceNet, command.part[1], sizeof(sourceNet) - 1); + else + stopReading = true; + } + + // Destination Ethernet + else if (strncmp(command.part[0], "prefs_ruleDstEnet_", 18) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 18); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 18)) + { + filterListPointer = getFilterList(nipper, sourceNet, command.part[1], false); + filterListPointer->type = access_std; + // If no filters yet... + if (filterListPointer->filter == 0) + filterListPointer->filter = filterPointer; + else + { + filterSearchPointer = filterListPointer->filter; + while (filterSearchPointer->next != 0) + filterSearchPointer = filterSearchPointer->next; + filterSearchPointer->next = filterPointer; + } + } + else + stopReading = true; + } + + // Source Begin + else if (strncmp(command.part[0], "prefs_ruleSrcBegin_", 19) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 19); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 19)) + sourcePointer = getFilterMember(filterPointer, command.part[1], object_filter_source); + else + stopReading = true; + } + + // Source End + else if (strncmp(command.part[0], "prefs_ruleSrcEnd_", 17) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 17); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 17)) + { + strncpy(sourcePointer->netMask, command.part[1], sizeof(sourcePointer->netMask) - 1); + if (strcmp(sourcePointer->name, "0.0.0.0") == 0) + sourcePointer->type = object_type_any; + else if (strcmp(sourcePointer->name, sourcePointer->netMask) != 0) + sourcePointer->type = object_type_network; + else + sourcePointer->type = object_type_host; + } + else + stopReading = true; + } + + // Destination Begin + else if (strncmp(command.part[0], "prefs_ruleDstBegin_", 19) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 19); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 19)) + destinationPointer = getFilterMember(filterPointer, command.part[1], object_filter_destination); + else + stopReading = true; + } + + // Destination End + else if (strncmp(command.part[0], "prefs_ruleDstEnd_", 17) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 17); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 17)) + { + strncpy(destinationPointer->netMask, command.part[1], sizeof(destinationPointer->netMask) - 1); + if (strcmp(destinationPointer->name, "0.0.0.0") == 0) + destinationPointer->type = object_type_any; + else if (strcmp(destinationPointer->name, destinationPointer->netMask) != 0) + destinationPointer->type = object_type_network; + else + destinationPointer->type = object_type_host; + } + else + stopReading = true; + } + + // Rule Enabled + else if (strncmp(command.part[0], "prefs_ruleEnabled_", 18) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 18); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 18)) + { + if (strcmp(command.part[1], "1") == 0) + filterPointer->enabled = true; + else + filterPointer->enabled = false; + } + else + stopReading = true; + } + + // Fragmentation + else if (strncmp(command.part[0], "prefs_ruleAllowFrags_", 21) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 21); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 21)) + { + if (strcmp(command.part[1], "off") == 0) + filterPointer->fragments = false; + else + filterPointer->fragments = true; + } + else + stopReading = true; + } + + // Comments + else if (strncmp(command.part[0], "ruleComment_", 12) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 12); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 12)) + strncpy(filterPointer->remark, line + strlen(command.part[0]) + 1, sizeof(filterPointer->remark) -1); + else + stopReading = true; + } + + else if ((strncmp(command.part[0], "serviceNameInRule_", 18) != 0) || (strncmp(command.part[0], "prefs_rule", 10) == 0)) + stopReading = true; + + if (stopReading == false) + { + // Get next line + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + } + + // Set file position back + fsetpos(nipper->input, &filePosition); + + // If the filter was not added to the list... + if ((filterListPointer == 0) && (filterPointer != 0)) + { + if (sourcePointer != 0) + free(sourcePointer); + if (destinationPointer != 0) + free(destinationPointer); + if (servicePointer != 0) + free (servicePointer); + free(filterPointer); + } +} + diff --git a/0.11.10/SonicOS/.svn/text-base/process-services.c.svn-base b/0.11.10/SonicOS/.svn/text-base/process-services.c.svn-base new file mode 100644 index 0000000..79b53c0 --- /dev/null +++ b/0.11.10/SonicOS/.svn/text-base/process-services.c.svn-base @@ -0,0 +1,117 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void processSonicOSService(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("Service Line: %s\n", line); + + // Init + command = splitLine(line); + + // Service Port (start)... + if (strncmp(command.part[0], "svcObjPort1_", 12) == 0) + { + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + objectPointer = getObjectPointer(objectListPointer, command.part[0] + 12); + strncpy(objectPointer->address, command.part[1], sizeof(objectPointer->address) - 1); + objectPointer->type = object_type_service; + } + else if (strncmp(command.part[0], "prefs_svcPortNum_", 17) == 0) + { + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + objectPointer = getObjectPointer(objectListPointer, command.part[0] + 17); + strncpy(objectPointer->address, command.part[1], sizeof(objectPointer->address) - 1); + objectPointer->type = object_type_service; + } + + // Service Port (end)... + else if (strncmp(command.part[0], "svcObjPort2_", 12) == 0) + { + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + objectPointer = getObjectPointer(objectListPointer, command.part[0] + 12); + strncpy(objectPointer->netMask, command.part[1], sizeof(objectPointer->netMask) - 1); + if (strcmp(objectPointer->netMask, objectPointer->address) != 0) + objectPointer->type = object_type_servicerange; + else if ((strcmp(objectPointer->netMask, "65535") == 0) && (strcmp(objectPointer->address, "65535") == 0)) + objectPointer->type = object_type_any; + } + else if (strncmp(command.part[0], "prefs_svcPortEnd_", 17) == 0) + { + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + objectPointer = getObjectPointer(objectListPointer, command.part[0] + 17); + strncpy(objectPointer->netMask, command.part[1], sizeof(objectPointer->netMask) - 1); + if (strcmp(objectPointer->netMask, objectPointer->address) != 0) + objectPointer->type = object_type_servicerange; + else if ((strcmp(objectPointer->netMask, "65535") == 0) && (strcmp(objectPointer->address, "65535") == 0)) + objectPointer->type = object_type_any; + } + + // Service IP Type... + else if (strncmp(command.part[0], "svcObjIpType_", 13) == 0) + { + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + objectPointer = getObjectPointer(objectListPointer, command.part[0] + 13); + objectPointer->serviceType = atoi(command.part[1]); + } + else if (strncmp(command.part[0], "prefs_svcIPType_", 16) == 0) + { + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + objectPointer = getObjectPointer(objectListPointer, command.part[0] + 16); + objectPointer->serviceType = atoi(command.part[1]); + } + + // Service Name... + else if (strncmp(command.part[0], "svcObjId_", 9) == 0) + { + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + objectPointer = getObjectPointer(objectListPointer, command.part[0] + 9); + if (objectPointer->type == object_type_any) + strcpy(objectPointer->comment, "Any"); + else + strncpy(objectPointer->comment, line + strlen(command.part[0]) + 1, sizeof(objectPointer->comment) - 1); + } + else if (strncmp(command.part[0], "prefs_svcName_", 14) == 0) + { + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + objectPointer = getObjectPointer(objectListPointer, command.part[0] + 14); + if (objectPointer->type == object_type_any) + strcpy(objectPointer->comment, "Any"); + else + strncpy(objectPointer->comment, line + strlen(command.part[0]) + 1, sizeof(objectPointer->comment) - 1); + } +} diff --git a/0.11.10/SonicOS/.svn/text-base/report-debug.c.svn-base b/0.11.10/SonicOS/.svn/text-base/report-debug.c.svn-base new file mode 100644 index 0000000..6719d53 --- /dev/null +++ b/0.11.10/SonicOS/.svn/text-base/report-debug.c.svn-base @@ -0,0 +1,53 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void reportSonicOSDebug(struct nipperConfig *nipper) +{ + // Variables + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf("True or Enabled = %d\n", true); + printf("False or Disabled = %d\n", false); + printf("Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + printf("Hostname: %s\n", nipper->hostname); + printf("IP Address: %s\n", nipper->sonicos->ipAddress); + printf("IP Network Mask: %s\n", nipper->sonicos->netMask); + + // Filter Rules... + reportRulesDebug(nipper); + + // Services... + reportObjectsDebug(nipper); +} diff --git a/0.11.10/SonicOS/.svn/text-base/report-general.c.svn-base b/0.11.10/SonicOS/.svn/text-base/report-general.c.svn-base new file mode 100644 index 0000000..73b78a5 --- /dev/null +++ b/0.11.10/SonicOS/.svn/text-base/report-general.c.svn-base @@ -0,0 +1,41 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void sonicosGeneralConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_general_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sFirewall Name%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->friendlyHostname, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sSerial No.%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sonicos->serialNo, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sIP Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sonicos->ipAddress, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sIP Network Mask%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sonicos->netMask, nipper->tablerow_end); + output_table(nipper, false, settings_general_table, &settings_general_heading); +} + diff --git a/0.11.10/SonicOS/.svn/text-base/report-rules.c.svn-base b/0.11.10/SonicOS/.svn/text-base/report-rules.c.svn-base new file mode 100644 index 0000000..829a553 --- /dev/null +++ b/0.11.10/SonicOS/.svn/text-base/report-rules.c.svn-base @@ -0,0 +1,119 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void sonicosRulesConfig(struct nipperConfig *nipper) +{ + reportRules(nipper); +} + + +void sonicosRulesIssue(struct nipperConfig *nipper) +{ + // Variables... + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + char tempString[nipper->maxSize]; + int ruleNumber = 0; + + output_parseText(report_sonicosrules_obs, nipper, section_obs, rate_none, nipper->aclIssues, nipper->tableNum); + + // One issue... + if (nipper->aclIssues == 1) + { + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + ruleNumber = 1; + sprintf(tempString, "%s to %s", filterListPointer->fromZone, filterListPointer->toZone); + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + reportCommonFilterIssues(nipper, tempString, "The", "access rule", filterPointer, ruleNumber, filterListPointer); + ruleNumber++; + } + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "The %s to %s %s", filterListPointer->fromZone, filterListPointer->toZone, report_sonicosrules_denylog); + + filterListPointer = filterListPointer->next; + } + output_newPara(nipper); + } + + // More than one issue... + else + { + output_table(nipper, true, report_sonicosaccess_table, &report_sonicosaccess_heading); + + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + ruleNumber = 1; + sprintf(tempString, "%s%s%s", filterListPointer->fromZone, nipper->tablerow_mid, filterListPointer->toZone); + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + // Report issues... + reportCommonFilterTableIssues(nipper, tempString, filterPointer, ruleNumber, filterListPointer); + + ruleNumber++; + } + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "%s%s%s%s%sN/A%s%s%s", nipper->tablerow_start, filterListPointer->fromZone, nipper->tablerow_mid, filterListPointer->toZone, nipper->tablerow_mid, nipper->tablerow_mid, report_sonicosrulest_denylog, nipper->tablerow_end); + + filterListPointer = filterListPointer->next; + } + + output_table(nipper, false, report_sonicosaccess_table, &report_sonicosaccess_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_sonicosrules_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_sonicosrules_ease, nipper, section_ease, rate_noease, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_sonicosrules_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + set_aclrec_list(nipper, &report_sonicosrules_heading); + output_list(nipper, &report_sonicosrules_heading); + output_parseText(report_fw1policy_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/SonicOS/.svn/text-base/report-services.c.svn-base b/0.11.10/SonicOS/.svn/text-base/report-services.c.svn-base new file mode 100644 index 0000000..779b558 --- /dev/null +++ b/0.11.10/SonicOS/.svn/text-base/report-services.c.svn-base @@ -0,0 +1,86 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void sonicosServicesConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + char tempString[nipper->maxSize]; + + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + output_table(nipper, true, settings_sonicosservices_table, &settings_sonicosservices_heading); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, objectPointer->name, nipper->tablerow_mid); + addAbbreviation(objectPointer->comment, false); + outputFriendly(objectPointer->comment, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + switch (objectPointer->type) + { + case object_type_service: + fprintf(nipper->reportFile, "%s%s", objectPointer->address, nipper->tablerow_mid); + break; + case object_type_servicerange: + fprintf(nipper->reportFile, "%s - %s%s", objectPointer->address, objectPointer->netMask, nipper->tablerow_mid); + break; + case object_type_any: + fprintf(nipper->reportFile, "1 - 65535%s", nipper->tablerow_mid); + break; + } + switch (objectPointer->serviceType) + { + case 1: + fprintf(nipper->reportFile, "ICMP"); + addAbbreviation("ICMP", false); + break; + case 6: + fprintf(nipper->reportFile, "TCP"); + addAbbreviation("TCP", false); + break; + case 17: + fprintf(nipper->reportFile, "UDP"); + addAbbreviation("UDP", false); + break; + case 255: + fprintf(nipper->reportFile, "Any"); + break; + default: + fprintf(nipper->reportFile, "%d", objectPointer->serviceType); + break; + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + objectPointer = objectPointer->next; + } + output_table(nipper, false, settings_sonicosservices_table, &settings_sonicosservices_heading); +} + diff --git a/0.11.10/SonicOS/.svn/text-base/report.c.svn-base b/0.11.10/SonicOS/.svn/text-base/report.c.svn-base new file mode 100644 index 0000000..cff3b70 --- /dev/null +++ b/0.11.10/SonicOS/.svn/text-base/report.c.svn-base @@ -0,0 +1,72 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for SonicWall reporting + +// Report SonicWall includes... +#include "report-general.c" +#include "report-debug.c" +#include "report-rules.c" +#include "report-services.c" + + +void generateSonicOSReport(struct nipperConfig *nipper) +{ + // Set ACL logging for different SonicOS devices + // Could not set it in the usual place + if (nipper->sonicos->enhanced == false) + { + nipper->logDenyRulesIssue = false; + nipper->allRulesLogIssue = false; + nipper->denyLogIssue = false; + } + + // Security Issues... + if (nipper->fullReport == true) + { + // Access Lists + rulesAudit(nipper); + nipper->aclIssues = nipper->anySource + nipper->networkSource + nipper->rejectRules + nipper->logDenyRules + nipper->anySourceService + nipper->anyDestination + nipper->networkDestination + nipper->anyDestinationService + nipper->filtersWithNoLogging + nipper->denyAllAndLog + nipper->disabledRules; + if (nipper->aclIssues > 0) + addReportSection(nipper, section_security, report_sonicosrules_title, report_sonicosrules_context, report_sonicosrules_rectext, 10, 8, 5, 3, sonicosRulesIssue); + }; + + // In Configuration Index + addReportSection(nipper, section_config, settings_general_title, 0, 0, 0, 0, 0, 0, sonicosGeneralConfig); + if (nipper->filterList != 0) + addReportSection(nipper, section_config, settings_accessrules_title, 0, 0, 0, 0, 0, 0, sonicosRulesConfig); + if (nipper->objectList != 0) + addReportSection(nipper, section_config, settings_sonicosservices_title, 0, 0, 0, 0, 0, 0, sonicosServicesConfig); + + // Generate Report... + generateReport(nipper); +} + + diff --git a/0.11.10/SonicOS/cleanup.c b/0.11.10/SonicOS/cleanup.c new file mode 100644 index 0000000..869c786 --- /dev/null +++ b/0.11.10/SonicOS/cleanup.c @@ -0,0 +1,39 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void cleanupSonicOS(struct nipperConfig *nipper) +{ + // Pointers... + + // Cleanup config + free(nipper->sonicos); +} + diff --git a/0.11.10/SonicOS/input-preprocessing.c b/0.11.10/SonicOS/input-preprocessing.c new file mode 100644 index 0000000..7d7584f --- /dev/null +++ b/0.11.10/SonicOS/input-preprocessing.c @@ -0,0 +1,76 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void preProcessSonicOSConfig(char *inputString) +{ + // Variables... + int readPos = 0; + int writePos = 0; + + for (readPos = 0; readPos < strlen(inputString); readPos++) + { + // If it is an space character... + if (strncmp(inputString + readPos, "%20", 3) == 0) + { + inputString[writePos] = ' '; + readPos += 2; + } + + // If it is an & character... + else if (strncmp(inputString + readPos, "%26", 3) == 0) + { + inputString[writePos] = '&'; + readPos += 2; + } + + // If it is an : character... + else if (strncmp(inputString + readPos, "%3a", 3) == 0) + { + inputString[writePos] = ':'; + readPos += 2; + } + + // If it is an ? character... + else if (strncmp(inputString + readPos, "%3f", 3) == 0) + { + inputString[writePos] = '?'; + readPos += 2; + } + + else + inputString[writePos] = inputString[readPos]; + + writePos++; + } + + // Set string terminator... + inputString[writePos] = 0; +} diff --git a/0.11.10/SonicOS/input.c b/0.11.10/SonicOS/input.c new file mode 100644 index 0000000..00e67d2 --- /dev/null +++ b/0.11.10/SonicOS/input.c @@ -0,0 +1,105 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct sonicosConfig // SonicWall SonicOS Configuration +{ + char ipAddress[16]; + char netMask[16]; + char serialNo[18]; + + int enhanced; +}; + + +// Processing SonicWall SonicOS includes... +#include "process-rules.c" +#include "process-policy.c" +#include "process-services.c" + + +void processSonicOSInput(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + + // Split the command line up + command = splitLine(line); + + // Device name... + if (strcmp(command.part[0], "firewallName") == 0) + { + if (nipper->debugMode == true) + printf("Hostname Line: %s\n", line); + strncpy(nipper->hostname, line + 13, sizeof(nipper->hostname) - 1); + } + + // IP address... + else if (strcmp(command.part[0], "ipAddr") == 0) + { + if (nipper->debugMode == true) + printf("IP Address Line: %s\n", line); + strncpy(nipper->sonicos->ipAddress, command.part[1], sizeof(nipper->sonicos->ipAddress) - 1); + } + + // Network Mask... + else if (strcmp(command.part[0], "ipSubnetMask") == 0) + { + if (nipper->debugMode == true) + printf("IP Net Mask Line: %s\n", line); + strncpy(nipper->sonicos->netMask, command.part[1], sizeof(nipper->sonicos->netMask) - 1); + } + + // Serial number... + else if (strcmp(command.part[0], "serialNumber") == 0) + { + if (nipper->debugMode == true) + printf("Serial Number Line: %s\n", line); + strncpy(nipper->sonicos->serialNo, command.part[1], sizeof(nipper->sonicos->serialNo) - 1); + } + + // Firewall Rules... + else if (strncmp(command.part[0], "prefs_rule", 10) == 0) + processSonicOSRule(line, nipper); + + // Firewall Policies... + else if (strncmp(command.part[0], "policy", 6) == 0) + processSonicOSPolicy(line, nipper); + + // Services... + else if ((strncmp(command.part[0], "prefs_svc", 9) == 0) || (strncmp(command.part[0], "svcObj", 6) == 0)) + processSonicOSService(line, nipper); + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} diff --git a/0.11.10/SonicOS/process-policy.c b/0.11.10/SonicOS/process-policy.c new file mode 100644 index 0000000..c56e089 --- /dev/null +++ b/0.11.10/SonicOS/process-policy.c @@ -0,0 +1,283 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void processSonicOSPolicy(char *line, struct nipperConfig *nipper) +{ + // Variables... + fpos_t filePosition; + struct ciscoCommand command; + struct filterListConfig *filterListPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterConfig *filterSearchPointer = 0; + struct filterObjectConfig *servicePointer = 0; + struct filterObjectConfig *sourcePointer = 0; + struct filterObjectConfig *destinationPointer = 0; + int stopReading = false; + int initialSetup = false; + char sourceNet[32]; + + // Set enhanced... + nipper->sonicos->enhanced = true; + + // Loop through the policy lines + fgetpos(nipper->input, &filePosition); + while ((feof(nipper->input) == 0) && (stopReading == false)) + { + // Debug output + if (nipper->debugMode == true) + printf("Policy Line: %s\n", line); + + // Init + command = splitLine(line); + + // If filter does not yet exist... + if (filterPointer == 0) + { + filterPointer = malloc(sizeof(struct filterConfig)); + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->enabled = true; + filterPointer->log = false; + } + + // Action... + if (strncmp(command.part[0], "policyAction_", 13) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 13); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 13)) + { + if (strcasecmp(command.part[1], "2") == 0) + filterPointer->action = filter_action_accept; + else if (strcasecmp(command.part[1], "1") == 0) + filterPointer->action = filter_action_reject; + else + filterPointer->action = filter_action_drop; + } + else + stopReading = true; + } + + // Service + else if ((strncmp(command.part[0], "policyDstSvc_", 13) == 0) && (command.part[1][0] != 0)) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 13); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 13)) + { + servicePointer = getFilterMember(filterPointer, command.part[1], object_filter_service); + servicePointer->type = object_type_object; + servicePointer->serviceOp = service_oper_eq; + } + else + stopReading = true; + } + + // Source Zone + else if (strncmp(command.part[0], "policySrcZone_", 14) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 14); + initialSetup = true; + } + + if ((filterPointer->id == atoi(command.part[0] + 14)) && (command.part[1][0] == 0)) + strcpy(sourceNet, "Any"); + else if (filterPointer->id == atoi(command.part[0] + 14)) + strncpy(sourceNet, command.part[1], sizeof(sourceNet) - 1); + else + stopReading = true; + } + + // Destination Zone + else if (strncmp(command.part[0], "policyDstZone_", 14) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 14); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 14)) + { + if (command.part[1][0] == 0) + filterListPointer = getFilterList(nipper, sourceNet, "Any", false); + else + filterListPointer = getFilterList(nipper, sourceNet, command.part[1], false); + filterListPointer->type = access_ext; + // If no filters yet... + if (filterListPointer->filter == 0) + filterListPointer->filter = filterPointer; + else + { + filterSearchPointer = filterListPointer->filter; + while (filterSearchPointer->next != 0) + filterSearchPointer = filterSearchPointer->next; + filterSearchPointer->next = filterPointer; + } + } + else + stopReading = true; + } + + // Source + else if (strncmp(command.part[0], "policySrcNet_", 13) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 13); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 13)) + { + if (command.part[1][0] != 0) + { + sourcePointer = getFilterMember(filterPointer, line + strlen(command.part[0]) + 1, object_filter_source); + sourcePointer->type = object_type_object; + } + } + else + stopReading = true; + } + + // Destination + else if (strncmp(command.part[0], "policyDstNet_", 13) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 13); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 13)) + { + if (command.part[1][0] != 0) + { + destinationPointer = getFilterMember(filterPointer, line + strlen(command.part[0]) + 1, object_filter_destination); + destinationPointer->type = object_type_object; + } + } + else + stopReading = true; + } + + // Policy Enabled + else if (strncmp(command.part[0], "policyEnabled_", 14) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 14); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 14)) + { + if (strcmp(command.part[1], "1") == 0) + filterPointer->enabled = true; + else + filterPointer->enabled = false; + } + else + stopReading = true; + } + + // Fragmentation + else if (strncmp(command.part[0], "policyFrag_", 11) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 11); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 11)) + { + if (strcmp(command.part[1], "0") == 0) + filterPointer->fragments = false; + else + filterPointer->fragments = true; + } + else + stopReading = true; + } + + // Comments + else if (strncmp(command.part[0], "policyComment_", 14) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 14); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 14)) + strncpy(filterPointer->remark, line + strlen(command.part[0]) + 1, sizeof(filterPointer->remark) -1); + else + stopReading = true; + } + + // Stop reading... + else if (strncmp(command.part[0], "policy", 6) != 0) + stopReading = true; + + if (stopReading == false) + { + // Get next line + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + } + + // Set file position back + fsetpos(nipper->input, &filePosition); + + // If the filter was not added to the list... + if ((filterListPointer == 0) && (filterPointer != 0)) + { + if (sourcePointer != 0) + free(sourcePointer); + if (destinationPointer != 0) + free(destinationPointer); + if (servicePointer != 0) + free (servicePointer); + free(filterPointer); + } +} + diff --git a/0.11.10/SonicOS/process-rules.c b/0.11.10/SonicOS/process-rules.c new file mode 100644 index 0000000..0172d06 --- /dev/null +++ b/0.11.10/SonicOS/process-rules.c @@ -0,0 +1,308 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void processSonicOSRule(char *line, struct nipperConfig *nipper) +{ + // Variables... + fpos_t filePosition; + struct ciscoCommand command; + struct filterListConfig *filterListPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterConfig *filterSearchPointer = 0; + struct filterObjectConfig *servicePointer = 0; + struct filterObjectConfig *sourcePointer = 0; + struct filterObjectConfig *destinationPointer = 0; + int stopReading = false; + int initialSetup = false; + char sourceNet[32]; + + // Loop through the rule lines + fgetpos(nipper->input, &filePosition); + while ((feof(nipper->input) == 0) && (stopReading == false)) + { + // Debug output + if (nipper->debugMode == true) + printf("Rules Line: %s\n", line); + + // Init + command = splitLine(line); + + // If filter does not yet exist... + if (filterPointer == 0) + { + filterPointer = malloc(sizeof(struct filterConfig)); + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->enabled = true; + filterPointer->log = false; + } + + // Rule Action... + if (strncmp(command.part[0], "prefs_ruleAction_", 17) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 17); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 17)) + { + if (strcasecmp(command.part[1], "allow") == 0) + filterPointer->action = filter_action_accept; + else if (strcasecmp(command.part[1], "deny") == 0) + filterPointer->action = filter_action_reject; + else + filterPointer->action = filter_action_drop; + } + else + stopReading = true; + } + + // Service ID + else if (strncmp(command.part[0], "prefs_ruleSvcID_", 16) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 16); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 16)) + { + servicePointer = getFilterMember(filterPointer, command.part[1], object_filter_service); + servicePointer->type = object_type_object; + servicePointer->serviceOp = service_oper_eq; + } + else + stopReading = true; + } + + // Source Ethernet + else if (strncmp(command.part[0], "prefs_ruleSrcEnet_", 18) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 18); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 18)) + strncpy(sourceNet, command.part[1], sizeof(sourceNet) - 1); + else + stopReading = true; + } + + // Destination Ethernet + else if (strncmp(command.part[0], "prefs_ruleDstEnet_", 18) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 18); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 18)) + { + filterListPointer = getFilterList(nipper, sourceNet, command.part[1], false); + filterListPointer->type = access_std; + // If no filters yet... + if (filterListPointer->filter == 0) + filterListPointer->filter = filterPointer; + else + { + filterSearchPointer = filterListPointer->filter; + while (filterSearchPointer->next != 0) + filterSearchPointer = filterSearchPointer->next; + filterSearchPointer->next = filterPointer; + } + } + else + stopReading = true; + } + + // Source Begin + else if (strncmp(command.part[0], "prefs_ruleSrcBegin_", 19) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 19); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 19)) + sourcePointer = getFilterMember(filterPointer, command.part[1], object_filter_source); + else + stopReading = true; + } + + // Source End + else if (strncmp(command.part[0], "prefs_ruleSrcEnd_", 17) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 17); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 17)) + { + strncpy(sourcePointer->netMask, command.part[1], sizeof(sourcePointer->netMask) - 1); + if (strcmp(sourcePointer->name, "0.0.0.0") == 0) + sourcePointer->type = object_type_any; + else if (strcmp(sourcePointer->name, sourcePointer->netMask) != 0) + sourcePointer->type = object_type_network; + else + sourcePointer->type = object_type_host; + } + else + stopReading = true; + } + + // Destination Begin + else if (strncmp(command.part[0], "prefs_ruleDstBegin_", 19) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 19); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 19)) + destinationPointer = getFilterMember(filterPointer, command.part[1], object_filter_destination); + else + stopReading = true; + } + + // Destination End + else if (strncmp(command.part[0], "prefs_ruleDstEnd_", 17) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 17); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 17)) + { + strncpy(destinationPointer->netMask, command.part[1], sizeof(destinationPointer->netMask) - 1); + if (strcmp(destinationPointer->name, "0.0.0.0") == 0) + destinationPointer->type = object_type_any; + else if (strcmp(destinationPointer->name, destinationPointer->netMask) != 0) + destinationPointer->type = object_type_network; + else + destinationPointer->type = object_type_host; + } + else + stopReading = true; + } + + // Rule Enabled + else if (strncmp(command.part[0], "prefs_ruleEnabled_", 18) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 18); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 18)) + { + if (strcmp(command.part[1], "1") == 0) + filterPointer->enabled = true; + else + filterPointer->enabled = false; + } + else + stopReading = true; + } + + // Fragmentation + else if (strncmp(command.part[0], "prefs_ruleAllowFrags_", 21) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 21); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 21)) + { + if (strcmp(command.part[1], "off") == 0) + filterPointer->fragments = false; + else + filterPointer->fragments = true; + } + else + stopReading = true; + } + + // Comments + else if (strncmp(command.part[0], "ruleComment_", 12) == 0) + { + if (initialSetup == false) + { + filterPointer->id = atoi(command.part[0] + 12); + initialSetup = true; + } + + if (filterPointer->id == atoi(command.part[0] + 12)) + strncpy(filterPointer->remark, line + strlen(command.part[0]) + 1, sizeof(filterPointer->remark) -1); + else + stopReading = true; + } + + else if ((strncmp(command.part[0], "serviceNameInRule_", 18) != 0) || (strncmp(command.part[0], "prefs_rule", 10) == 0)) + stopReading = true; + + if (stopReading == false) + { + // Get next line + fgetpos(nipper->input, &filePosition); + readLine(nipper->input, line, nipper->maxSize); + } + } + + // Set file position back + fsetpos(nipper->input, &filePosition); + + // If the filter was not added to the list... + if ((filterListPointer == 0) && (filterPointer != 0)) + { + if (sourcePointer != 0) + free(sourcePointer); + if (destinationPointer != 0) + free(destinationPointer); + if (servicePointer != 0) + free (servicePointer); + free(filterPointer); + } +} + diff --git a/0.11.10/SonicOS/process-services.c b/0.11.10/SonicOS/process-services.c new file mode 100644 index 0000000..79b53c0 --- /dev/null +++ b/0.11.10/SonicOS/process-services.c @@ -0,0 +1,117 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void processSonicOSService(char *line, struct nipperConfig *nipper) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct ciscoCommand command; + + // Debug output + if (nipper->debugMode == true) + printf("Service Line: %s\n", line); + + // Init + command = splitLine(line); + + // Service Port (start)... + if (strncmp(command.part[0], "svcObjPort1_", 12) == 0) + { + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + objectPointer = getObjectPointer(objectListPointer, command.part[0] + 12); + strncpy(objectPointer->address, command.part[1], sizeof(objectPointer->address) - 1); + objectPointer->type = object_type_service; + } + else if (strncmp(command.part[0], "prefs_svcPortNum_", 17) == 0) + { + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + objectPointer = getObjectPointer(objectListPointer, command.part[0] + 17); + strncpy(objectPointer->address, command.part[1], sizeof(objectPointer->address) - 1); + objectPointer->type = object_type_service; + } + + // Service Port (end)... + else if (strncmp(command.part[0], "svcObjPort2_", 12) == 0) + { + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + objectPointer = getObjectPointer(objectListPointer, command.part[0] + 12); + strncpy(objectPointer->netMask, command.part[1], sizeof(objectPointer->netMask) - 1); + if (strcmp(objectPointer->netMask, objectPointer->address) != 0) + objectPointer->type = object_type_servicerange; + else if ((strcmp(objectPointer->netMask, "65535") == 0) && (strcmp(objectPointer->address, "65535") == 0)) + objectPointer->type = object_type_any; + } + else if (strncmp(command.part[0], "prefs_svcPortEnd_", 17) == 0) + { + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + objectPointer = getObjectPointer(objectListPointer, command.part[0] + 17); + strncpy(objectPointer->netMask, command.part[1], sizeof(objectPointer->netMask) - 1); + if (strcmp(objectPointer->netMask, objectPointer->address) != 0) + objectPointer->type = object_type_servicerange; + else if ((strcmp(objectPointer->netMask, "65535") == 0) && (strcmp(objectPointer->address, "65535") == 0)) + objectPointer->type = object_type_any; + } + + // Service IP Type... + else if (strncmp(command.part[0], "svcObjIpType_", 13) == 0) + { + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + objectPointer = getObjectPointer(objectListPointer, command.part[0] + 13); + objectPointer->serviceType = atoi(command.part[1]); + } + else if (strncmp(command.part[0], "prefs_svcIPType_", 16) == 0) + { + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + objectPointer = getObjectPointer(objectListPointer, command.part[0] + 16); + objectPointer->serviceType = atoi(command.part[1]); + } + + // Service Name... + else if (strncmp(command.part[0], "svcObjId_", 9) == 0) + { + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + objectPointer = getObjectPointer(objectListPointer, command.part[0] + 9); + if (objectPointer->type == object_type_any) + strcpy(objectPointer->comment, "Any"); + else + strncpy(objectPointer->comment, line + strlen(command.part[0]) + 1, sizeof(objectPointer->comment) - 1); + } + else if (strncmp(command.part[0], "prefs_svcName_", 14) == 0) + { + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + objectPointer = getObjectPointer(objectListPointer, command.part[0] + 14); + if (objectPointer->type == object_type_any) + strcpy(objectPointer->comment, "Any"); + else + strncpy(objectPointer->comment, line + strlen(command.part[0]) + 1, sizeof(objectPointer->comment) - 1); + } +} diff --git a/0.11.10/SonicOS/report-debug.c b/0.11.10/SonicOS/report-debug.c new file mode 100644 index 0000000..6719d53 --- /dev/null +++ b/0.11.10/SonicOS/report-debug.c @@ -0,0 +1,53 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void reportSonicOSDebug(struct nipperConfig *nipper) +{ + // Variables + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf("True or Enabled = %d\n", true); + printf("False or Disabled = %d\n", false); + printf("Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + printf("Hostname: %s\n", nipper->hostname); + printf("IP Address: %s\n", nipper->sonicos->ipAddress); + printf("IP Network Mask: %s\n", nipper->sonicos->netMask); + + // Filter Rules... + reportRulesDebug(nipper); + + // Services... + reportObjectsDebug(nipper); +} diff --git a/0.11.10/SonicOS/report-general.c b/0.11.10/SonicOS/report-general.c new file mode 100644 index 0000000..73b78a5 --- /dev/null +++ b/0.11.10/SonicOS/report-general.c @@ -0,0 +1,41 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void sonicosGeneralConfig(struct nipperConfig *nipper) +{ + output_table(nipper, true, settings_general_table, &settings_general_heading); + fprintf(nipper->reportFile, "%sFirewall Name%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->friendlyHostname, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sSerial No.%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sonicos->serialNo, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sIP Address%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sonicos->ipAddress, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sIP Network Mask%s%s%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->sonicos->netMask, nipper->tablerow_end); + output_table(nipper, false, settings_general_table, &settings_general_heading); +} + diff --git a/0.11.10/SonicOS/report-rules.c b/0.11.10/SonicOS/report-rules.c new file mode 100644 index 0000000..829a553 --- /dev/null +++ b/0.11.10/SonicOS/report-rules.c @@ -0,0 +1,119 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void sonicosRulesConfig(struct nipperConfig *nipper) +{ + reportRules(nipper); +} + + +void sonicosRulesIssue(struct nipperConfig *nipper) +{ + // Variables... + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + char tempString[nipper->maxSize]; + int ruleNumber = 0; + + output_parseText(report_sonicosrules_obs, nipper, section_obs, rate_none, nipper->aclIssues, nipper->tableNum); + + // One issue... + if (nipper->aclIssues == 1) + { + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + ruleNumber = 1; + sprintf(tempString, "%s to %s", filterListPointer->fromZone, filterListPointer->toZone); + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + reportCommonFilterIssues(nipper, tempString, "The", "access rule", filterPointer, ruleNumber, filterListPointer); + ruleNumber++; + } + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "The %s to %s %s", filterListPointer->fromZone, filterListPointer->toZone, report_sonicosrules_denylog); + + filterListPointer = filterListPointer->next; + } + output_newPara(nipper); + } + + // More than one issue... + else + { + output_table(nipper, true, report_sonicosaccess_table, &report_sonicosaccess_heading); + + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + ruleNumber = 1; + sprintf(tempString, "%s%s%s", filterListPointer->fromZone, nipper->tablerow_mid, filterListPointer->toZone); + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + // Report issues... + reportCommonFilterTableIssues(nipper, tempString, filterPointer, ruleNumber, filterListPointer); + + ruleNumber++; + } + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + fprintf(nipper->reportFile, "%s%s%s%s%sN/A%s%s%s", nipper->tablerow_start, filterListPointer->fromZone, nipper->tablerow_mid, filterListPointer->toZone, nipper->tablerow_mid, nipper->tablerow_mid, report_sonicosrulest_denylog, nipper->tablerow_end); + + filterListPointer = filterListPointer->next; + } + + output_table(nipper, false, report_sonicosaccess_table, &report_sonicosaccess_heading); + } + output_endsection(nipper, section_obs); + output_parseText(report_sonicosrules_impact, nipper, section_imp, rate_med, 0, nipper->tableNum); + output_endsection(nipper, section_imp); + output_parseText(report_sonicosrules_ease, nipper, section_ease, rate_noease, 0, nipper->tableNum); + output_endsection(nipper, section_ease); + output_parseText(report_sonicosrules_rec, nipper, section_rec, rate_none, 0, nipper->tableNum); + set_aclrec_list(nipper, &report_sonicosrules_heading); + output_list(nipper, &report_sonicosrules_heading); + output_parseText(report_fw1policy_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + diff --git a/0.11.10/SonicOS/report-services.c b/0.11.10/SonicOS/report-services.c new file mode 100644 index 0000000..779b558 --- /dev/null +++ b/0.11.10/SonicOS/report-services.c @@ -0,0 +1,86 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void sonicosServicesConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + char tempString[nipper->maxSize]; + + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + output_table(nipper, true, settings_sonicosservices_table, &settings_sonicosservices_heading); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, objectPointer->name, nipper->tablerow_mid); + addAbbreviation(objectPointer->comment, false); + outputFriendly(objectPointer->comment, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + switch (objectPointer->type) + { + case object_type_service: + fprintf(nipper->reportFile, "%s%s", objectPointer->address, nipper->tablerow_mid); + break; + case object_type_servicerange: + fprintf(nipper->reportFile, "%s - %s%s", objectPointer->address, objectPointer->netMask, nipper->tablerow_mid); + break; + case object_type_any: + fprintf(nipper->reportFile, "1 - 65535%s", nipper->tablerow_mid); + break; + } + switch (objectPointer->serviceType) + { + case 1: + fprintf(nipper->reportFile, "ICMP"); + addAbbreviation("ICMP", false); + break; + case 6: + fprintf(nipper->reportFile, "TCP"); + addAbbreviation("TCP", false); + break; + case 17: + fprintf(nipper->reportFile, "UDP"); + addAbbreviation("UDP", false); + break; + case 255: + fprintf(nipper->reportFile, "Any"); + break; + default: + fprintf(nipper->reportFile, "%d", objectPointer->serviceType); + break; + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + objectPointer = objectPointer->next; + } + output_table(nipper, false, settings_sonicosservices_table, &settings_sonicosservices_heading); +} + diff --git a/0.11.10/SonicOS/report.c b/0.11.10/SonicOS/report.c new file mode 100644 index 0000000..cff3b70 --- /dev/null +++ b/0.11.10/SonicOS/report.c @@ -0,0 +1,72 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for SonicWall reporting + +// Report SonicWall includes... +#include "report-general.c" +#include "report-debug.c" +#include "report-rules.c" +#include "report-services.c" + + +void generateSonicOSReport(struct nipperConfig *nipper) +{ + // Set ACL logging for different SonicOS devices + // Could not set it in the usual place + if (nipper->sonicos->enhanced == false) + { + nipper->logDenyRulesIssue = false; + nipper->allRulesLogIssue = false; + nipper->denyLogIssue = false; + } + + // Security Issues... + if (nipper->fullReport == true) + { + // Access Lists + rulesAudit(nipper); + nipper->aclIssues = nipper->anySource + nipper->networkSource + nipper->rejectRules + nipper->logDenyRules + nipper->anySourceService + nipper->anyDestination + nipper->networkDestination + nipper->anyDestinationService + nipper->filtersWithNoLogging + nipper->denyAllAndLog + nipper->disabledRules; + if (nipper->aclIssues > 0) + addReportSection(nipper, section_security, report_sonicosrules_title, report_sonicosrules_context, report_sonicosrules_rectext, 10, 8, 5, 3, sonicosRulesIssue); + }; + + // In Configuration Index + addReportSection(nipper, section_config, settings_general_title, 0, 0, 0, 0, 0, 0, sonicosGeneralConfig); + if (nipper->filterList != 0) + addReportSection(nipper, section_config, settings_accessrules_title, 0, 0, 0, 0, 0, 0, sonicosRulesConfig); + if (nipper->objectList != 0) + addReportSection(nipper, section_config, settings_sonicosservices_title, 0, 0, 0, 0, 0, 0, sonicosServicesConfig); + + // Generate Report... + generateReport(nipper); +} + + diff --git a/0.11.10/TODO b/0.11.10/TODO new file mode 100644 index 0000000..f8a963d --- /dev/null +++ b/0.11.10/TODO @@ -0,0 +1,20 @@ + + _ ____ + _ __ (_)_ __ _ __ ___ _ __ / ->/| + | '_ \| | '_ \| '_ \ / _ \ '__| /<-_/ | + | | | | | |_) | |_) | __/ | | | / + |_| |_|_| .__/| .__/ \___|_| |___|/ + |_| |_| + + The Network Infrastructure Parser + +This document is a TODO list of features and functionality to be added to +the next feature release of nipper. This list should not be seen as definative +and will expand and contract over time. If you have feature requests, please +add them to the sourceforge project page. Additionally, any bugs and patches +should also be added to the sourceforge project page. + + +Its all in the 0.12.x release TODO list now. + +Fizz \ No newline at end of file diff --git a/0.11.10/Template/.svn/all-wcprops b/0.11.10/Template/.svn/all-wcprops new file mode 100644 index 0000000..f43ed05 --- /dev/null +++ b/0.11.10/Template/.svn/all-wcprops @@ -0,0 +1,29 @@ +K 25 +svn:wc:ra_dav:version-url +V 38 +/svn/!svn/ver/3/trunk/0.11.10/Template +END +input.c +K 25 +svn:wc:ra_dav:version-url +V 46 +/svn/!svn/ver/3/trunk/0.11.10/Template/input.c +END +report-debug.c +K 25 +svn:wc:ra_dav:version-url +V 53 +/svn/!svn/ver/3/trunk/0.11.10/Template/report-debug.c +END +cleanup.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/Template/cleanup.c +END +report.c +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/Template/report.c +END diff --git a/0.11.10/Template/.svn/entries b/0.11.10/Template/.svn/entries new file mode 100644 index 0000000..851fc85 --- /dev/null +++ b/0.11.10/Template/.svn/entries @@ -0,0 +1,164 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/0.11.10/Template +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +input.c +file + + + + +2016-02-13T06:47:11.968153Z +e2a6cf6268f9589a68d473bd9ee2e3cc +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2789 + +report-debug.c +file + + + + +2016-02-13T06:47:11.968153Z +db8ee78b5491536d620357ad1acf7757 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2660 + +cleanup.c +file + + + + +2016-02-13T06:47:11.968153Z +46cdb7dc97ba178c35b17f377937887a +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2368 + +report.c +file + + + + +2016-02-13T06:47:11.968153Z +4aa9c111ccb5282a5eee708cfdeed77d +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3214 + diff --git a/0.11.10/Template/.svn/text-base/cleanup.c.svn-base b/0.11.10/Template/.svn/text-base/cleanup.c.svn-base new file mode 100644 index 0000000..9c10cf6 --- /dev/null +++ b/0.11.10/Template/.svn/text-base/cleanup.c.svn-base @@ -0,0 +1,39 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void cleanup****(struct nipperConfig *nipper) +{ + // Pointers... + + // Cleanup CSS config + free(nipper->****); +} + diff --git a/0.11.10/Template/.svn/text-base/input.c.svn-base b/0.11.10/Template/.svn/text-base/input.c.svn-base new file mode 100644 index 0000000..30ceb46 --- /dev/null +++ b/0.11.10/Template/.svn/text-base/input.c.svn-base @@ -0,0 +1,58 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct cisco****Config // **** Configuration +{ +}; + + +// Processing **** includes... + + +void process****Input(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + int setting = 0; + int tempInt = 0; + + // Split the command line up + command = splitLine(line); + + if (****) + { } + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} diff --git a/0.11.10/Template/.svn/text-base/report-debug.c.svn-base b/0.11.10/Template/.svn/text-base/report-debug.c.svn-base new file mode 100644 index 0000000..26b9b40 --- /dev/null +++ b/0.11.10/Template/.svn/text-base/report-debug.c.svn-base @@ -0,0 +1,48 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void report****Debug(struct nipperConfig *nipper) +{ + // Variables += + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf("True or Enabled = %d\n", true); + printf("False or Disabled = %d\n", false); + printf("Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + + // Filter Rules... + reportRulesDebug(nipper); +} diff --git a/0.11.10/Template/.svn/text-base/report.c.svn-base b/0.11.10/Template/.svn/text-base/report.c.svn-base new file mode 100644 index 0000000..97224c5 --- /dev/null +++ b/0.11.10/Template/.svn/text-base/report.c.svn-base @@ -0,0 +1,57 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for **** reporting + +// Report **** includes... + + +void generate****Report(struct nipperConfig *nipper) +{ + // Variables + + // Security Issues... + if (nipper->fullReport == true) + { + // Access Lists + rulesAudit(nipper); + nipper->aclIssues = nipper->anySource + nipper->networkSource + nipper->rejectRules + nipper->logDenyRules + nipper->anySourceService + nipper->anyDestination + nipper->networkDestination + nipper->anyDestinationService + nipper->filtersWithNoLogging + nipper->denyAllAndLog + nipper->disabledRules; + if (nipper->aclIssues > 0) + addReportSection(nipper, section_security, report_****_title, report_****_context, report_****_rectext, 10, 8, 5, 3, pix****Issue); + } + + // In Configuration Index + addReportSection(nipper, section_config, settings_general_title, 0, 0, 0, 0, 0, 0, ****GeneralConfig); + + // Generate Report... + generateReport(nipper); +} + + diff --git a/0.11.10/Template/cleanup.c b/0.11.10/Template/cleanup.c new file mode 100644 index 0000000..9c10cf6 --- /dev/null +++ b/0.11.10/Template/cleanup.c @@ -0,0 +1,39 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void cleanup****(struct nipperConfig *nipper) +{ + // Pointers... + + // Cleanup CSS config + free(nipper->****); +} + diff --git a/0.11.10/Template/input.c b/0.11.10/Template/input.c new file mode 100644 index 0000000..30ceb46 --- /dev/null +++ b/0.11.10/Template/input.c @@ -0,0 +1,58 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains the code that handles the input processing for this config type + + +struct cisco****Config // **** Configuration +{ +}; + + +// Processing **** includes... + + +void process****Input(struct nipperConfig *nipper, char *line) +{ + // Variables... + struct ciscoCommand command; + int setting = 0; + int tempInt = 0; + + // Split the command line up + command = splitLine(line); + + if (****) + { } + + // Debug (lines not processed) + else if (nipper->linesnotprocessed == true) + printf("%s\n", line); +} diff --git a/0.11.10/Template/report-debug.c b/0.11.10/Template/report-debug.c new file mode 100644 index 0000000..26b9b40 --- /dev/null +++ b/0.11.10/Template/report-debug.c @@ -0,0 +1,48 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void report****Debug(struct nipperConfig *nipper) +{ + // Variables += + + // Setting info + printf("\n\nFor some debug settings...\n"); + printf("True or Enabled = %d\n", true); + printf("False or Disabled = %d\n", false); + printf("Unconfigured = %d\n\n", unconfigured); + + // General Info + printf("\n%sInformation Collected\n=====================%s\n", COL_BLUE, RESET); + + // Filter Rules... + reportRulesDebug(nipper); +} diff --git a/0.11.10/Template/report.c b/0.11.10/Template/report.c new file mode 100644 index 0000000..97224c5 --- /dev/null +++ b/0.11.10/Template/report.c @@ -0,0 +1,57 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains code for **** reporting + +// Report **** includes... + + +void generate****Report(struct nipperConfig *nipper) +{ + // Variables + + // Security Issues... + if (nipper->fullReport == true) + { + // Access Lists + rulesAudit(nipper); + nipper->aclIssues = nipper->anySource + nipper->networkSource + nipper->rejectRules + nipper->logDenyRules + nipper->anySourceService + nipper->anyDestination + nipper->networkDestination + nipper->anyDestinationService + nipper->filtersWithNoLogging + nipper->denyAllAndLog + nipper->disabledRules; + if (nipper->aclIssues > 0) + addReportSection(nipper, section_security, report_****_title, report_****_context, report_****_rectext, 10, 8, 5, 3, pix****Issue); + } + + // In Configuration Index + addReportSection(nipper, section_config, settings_general_title, 0, 0, 0, 0, 0, 0, ****GeneralConfig); + + // Generate Report... + generateReport(nipper); +} + + diff --git a/0.11.10/cisco/.svn/all-wcprops b/0.11.10/cisco/.svn/all-wcprops new file mode 100644 index 0000000..b31a9a0 --- /dev/null +++ b/0.11.10/cisco/.svn/all-wcprops @@ -0,0 +1,11 @@ +K 25 +svn:wc:ra_dav:version-url +V 35 +/svn/!svn/ver/3/trunk/0.11.10/cisco +END +report-acl.c +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/0.11.10/cisco/report-acl.c +END diff --git a/0.11.10/cisco/.svn/entries b/0.11.10/cisco/.svn/entries new file mode 100644 index 0000000..49c8fc4 --- /dev/null +++ b/0.11.10/cisco/.svn/entries @@ -0,0 +1,62 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/0.11.10/cisco +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +report-acl.c +file + + + + +2016-02-13T06:47:11.944154Z +24de7d975ed29ef190a939546eade00b +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6056 + diff --git a/0.11.10/cisco/.svn/text-base/report-acl.c.svn-base b/0.11.10/cisco/.svn/text-base/report-acl.c.svn-base new file mode 100644 index 0000000..e75756c --- /dev/null +++ b/0.11.10/cisco/.svn/text-base/report-acl.c.svn-base @@ -0,0 +1,126 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +void ciscoACLIssue(struct nipperConfig *nipper) +{ + // Variables... + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + int ruleNumber = 0; + + output_parseText(report_accesslist_obs1, nipper, section_obs, rate_none, nipper->aclIssues, nipper->tableNum); + + // One Access List issue... + if (nipper->aclIssues == 1) + { + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + ruleNumber = 1; + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + if (filterListPointer->type != access_std) + reportCommonFilterIssues(nipper, filterListPointer->name, "ACL", "line", filterPointer, ruleNumber, filterListPointer); + else + reportCommonStandardFilterIssues(nipper, filterListPointer->name, "ACL", "line", filterPointer, ruleNumber, filterListPointer); + ruleNumber++; + } + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + { + if (filterListPointer->type != access_std) + fprintf(nipper->reportFile, "The %s %s", filterListPointer->name, report_accesslist_denylog); + else + fprintf(nipper->reportFile, "The %s %s", filterListPointer->name, report_accesslist_std_denylog); + } + + filterListPointer = filterListPointer->next; + } + output_newPara(nipper); + } + + // More than one issue... + else if (nipper->aclIssues > 1) + { + output_table(nipper, true, report_accesslist_table1, &report_accesslists_heading); + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + ruleNumber = 1; + + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + if (filterListPointer->type != access_std) + reportCommonFilterTableIssues(nipper, filterListPointer->name, filterPointer, ruleNumber, filterListPointer); + else + reportCommonStandardFilterTableIssues(nipper, filterListPointer->name, filterPointer, ruleNumber, filterListPointer); + ruleNumber++; + } + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + { + if (filterListPointer->type != access_std) + fprintf(nipper->reportFile, "%s%s%sN/A%s%s%s", nipper->tablerow_start, filterListPointer->name, nipper->tablerow_mid, nipper->tablerow_mid, report_accesslist_denylog, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s%s%sN/A%s%s%s", nipper->tablerow_start, filterListPointer->name, nipper->tablerow_mid, nipper->tablerow_mid, report_accesslist_std_denylog, nipper->tablerow_end); + } + + filterListPointer = filterListPointer->next; + } + output_table(nipper, false, report_accesslist_table1, &report_accesslists_heading); + } + output_endsection(nipper, section_obs); + if ((nipper->deviceType == type_pix_firewall) && (nipper->deviceType == type_asa_firewall) && (nipper->deviceType == type_fwsm_firewall) && (nipper->aclIssues == -1)) + output_parseText(report_accesslist_noacl_pix_impact, nipper, section_imp, rate_med, nipper->aclIssues, 0); + else + output_parseText(report_accesslist_impact, nipper, section_imp, rate_med, nipper->aclIssues, 0); + output_endsection(nipper, section_imp); + output_parseText(report_accesslist_ease, nipper, section_ease, rate_noease, nipper->aclIssues, 0); + output_endsection(nipper, section_ease); + output_parseText(report_accesslist_rec, nipper, section_rec, rate_none, nipper->aclIssues, 0); + set_aclrec_list(nipper, &report_aclrec_heading); + output_list(nipper, &report_aclrec_heading); + output_parseText(report_fw1policy_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + diff --git a/0.11.10/cisco/report-acl.c b/0.11.10/cisco/report-acl.c new file mode 100644 index 0000000..e75756c --- /dev/null +++ b/0.11.10/cisco/report-acl.c @@ -0,0 +1,126 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +void ciscoACLIssue(struct nipperConfig *nipper) +{ + // Variables... + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + int ruleNumber = 0; + + output_parseText(report_accesslist_obs1, nipper, section_obs, rate_none, nipper->aclIssues, nipper->tableNum); + + // One Access List issue... + if (nipper->aclIssues == 1) + { + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + ruleNumber = 1; + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + if (filterListPointer->type != access_std) + reportCommonFilterIssues(nipper, filterListPointer->name, "ACL", "line", filterPointer, ruleNumber, filterListPointer); + else + reportCommonStandardFilterIssues(nipper, filterListPointer->name, "ACL", "line", filterPointer, ruleNumber, filterListPointer); + ruleNumber++; + } + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + { + if (filterListPointer->type != access_std) + fprintf(nipper->reportFile, "The %s %s", filterListPointer->name, report_accesslist_denylog); + else + fprintf(nipper->reportFile, "The %s %s", filterListPointer->name, report_accesslist_std_denylog); + } + + filterListPointer = filterListPointer->next; + } + output_newPara(nipper); + } + + // More than one issue... + else if (nipper->aclIssues > 1) + { + output_table(nipper, true, report_accesslist_table1, &report_accesslists_heading); + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + ruleNumber = 1; + + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + if (filterListPointer->type != access_std) + reportCommonFilterTableIssues(nipper, filterListPointer->name, filterPointer, ruleNumber, filterListPointer); + else + reportCommonStandardFilterTableIssues(nipper, filterListPointer->name, filterPointer, ruleNumber, filterListPointer); + ruleNumber++; + } + filterPointer = filterPointer->next; + } + + // If it was a deny all and log issue... + if (filterListPointer->denyAllAndLog == true) + { + if (filterListPointer->type != access_std) + fprintf(nipper->reportFile, "%s%s%sN/A%s%s%s", nipper->tablerow_start, filterListPointer->name, nipper->tablerow_mid, nipper->tablerow_mid, report_accesslist_denylog, nipper->tablerow_end); + else + fprintf(nipper->reportFile, "%s%s%sN/A%s%s%s", nipper->tablerow_start, filterListPointer->name, nipper->tablerow_mid, nipper->tablerow_mid, report_accesslist_std_denylog, nipper->tablerow_end); + } + + filterListPointer = filterListPointer->next; + } + output_table(nipper, false, report_accesslist_table1, &report_accesslists_heading); + } + output_endsection(nipper, section_obs); + if ((nipper->deviceType == type_pix_firewall) && (nipper->deviceType == type_asa_firewall) && (nipper->deviceType == type_fwsm_firewall) && (nipper->aclIssues == -1)) + output_parseText(report_accesslist_noacl_pix_impact, nipper, section_imp, rate_med, nipper->aclIssues, 0); + else + output_parseText(report_accesslist_impact, nipper, section_imp, rate_med, nipper->aclIssues, 0); + output_endsection(nipper, section_imp); + output_parseText(report_accesslist_ease, nipper, section_ease, rate_noease, nipper->aclIssues, 0); + output_endsection(nipper, section_ease); + output_parseText(report_accesslist_rec, nipper, section_rec, rate_none, nipper->aclIssues, 0); + set_aclrec_list(nipper, &report_aclrec_heading); + output_list(nipper, &report_aclrec_heading); + output_parseText(report_fw1policy_rec2, nipper, section_none, rate_none, 0, nipper->tableNum); + output_endsection(nipper, section_rec); +} + + diff --git a/0.11.10/common/.svn/all-wcprops b/0.11.10/common/.svn/all-wcprops new file mode 100644 index 0000000..828d752 --- /dev/null +++ b/0.11.10/common/.svn/all-wcprops @@ -0,0 +1,131 @@ +K 25 +svn:wc:ra_dav:version-url +V 36 +/svn/!svn/ver/3/trunk/0.11.10/common +END +report-text.c +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/0.11.10/common/report-text.c +END +report-debug.c +K 25 +svn:wc:ra_dav:version-url +V 51 +/svn/!svn/ver/3/trunk/0.11.10/common/report-debug.c +END +nipper-config.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/common/nipper-config.c +END +nipper-remote-snmp.c +K 25 +svn:wc:ra_dav:version-url +V 57 +/svn/!svn/ver/3/trunk/0.11.10/common/nipper-remote-snmp.c +END +nipper-defaults.c +K 25 +svn:wc:ra_dav:version-url +V 54 +/svn/!svn/ver/3/trunk/0.11.10/common/nipper-defaults.c +END +report-acl.c +K 25 +svn:wc:ra_dav:version-url +V 49 +/svn/!svn/ver/3/trunk/0.11.10/common/report-acl.c +END +nipper-cmdoptions.c +K 25 +svn:wc:ra_dav:version-url +V 56 +/svn/!svn/ver/3/trunk/0.11.10/common/nipper-cmdoptions.c +END +nipper-namemappings.c +K 25 +svn:wc:ra_dav:version-url +V 58 +/svn/!svn/ver/3/trunk/0.11.10/common/nipper-namemappings.c +END +report.c +K 25 +svn:wc:ra_dav:version-url +V 45 +/svn/!svn/ver/3/trunk/0.11.10/common/report.c +END +nipper-defs.c +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/0.11.10/common/nipper-defs.c +END +nipper-base64.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/common/nipper-base64.c +END +nipper-struct.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/common/nipper-struct.c +END +report-vulns.c +K 25 +svn:wc:ra_dav:version-url +V 51 +/svn/!svn/ver/3/trunk/0.11.10/common/report-vulns.c +END +report-functions.c +K 25 +svn:wc:ra_dav:version-url +V 55 +/svn/!svn/ver/3/trunk/0.11.10/common/report-functions.c +END +report-appendix.c +K 25 +svn:wc:ra_dav:version-url +V 54 +/svn/!svn/ver/3/trunk/0.11.10/common/report-appendix.c +END +nipper-cleanup.c +K 25 +svn:wc:ra_dav:version-url +V 53 +/svn/!svn/ver/3/trunk/0.11.10/common/nipper-cleanup.c +END +nipper-common.c +K 25 +svn:wc:ra_dav:version-url +V 52 +/svn/!svn/ver/3/trunk/0.11.10/common/nipper-common.c +END +nipper-help.c +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/0.11.10/common/nipper-help.c +END +nipper-objects.c +K 25 +svn:wc:ra_dav:version-url +V 53 +/svn/!svn/ver/3/trunk/0.11.10/common/nipper-objects.c +END +nipper-acl.c +K 25 +svn:wc:ra_dav:version-url +V 49 +/svn/!svn/ver/3/trunk/0.11.10/common/nipper-acl.c +END +nipper-input.c +K 25 +svn:wc:ra_dav:version-url +V 51 +/svn/!svn/ver/3/trunk/0.11.10/common/nipper-input.c +END diff --git a/0.11.10/common/.svn/entries b/0.11.10/common/.svn/entries new file mode 100644 index 0000000..eee0747 --- /dev/null +++ b/0.11.10/common/.svn/entries @@ -0,0 +1,742 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/0.11.10/common +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +report-acl.c +file + + + + +2016-02-13T06:47:11.672155Z +a67486966c9fc25dbea52a89f7e4a06c +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +93946 + +nipper-cmdoptions.c +file + + + + +2016-02-13T06:47:11.672155Z +33dcef16fd836fcc3026b707523387c0 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +17043 + +nipper-namemappings.c +file + + + + +2016-02-13T06:47:11.672155Z +5f8a6c1d6a1d03b7358616369a11a0e4 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +9796 + +report.c +file + + + + +2016-02-13T06:47:11.672155Z +a2d10c4c691265401cd2e7480e32ab6c +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +23999 + +nipper-defs.c +file + + + + +2016-02-13T06:47:11.672155Z +8935b88379c9d7c26e09991ed648ddc5 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6244 + +nipper-base64.c +file + + + + +2016-02-13T06:47:11.672155Z +46430409da672057aa3272657e2b0fe8 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7101 + +nipper-struct.c +file + + + + +2016-02-13T06:47:11.672155Z +3eddd475676d9fc25fc28b1817656ea4 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +8580 + +report-vulns.c +file + + + + +2016-02-13T06:47:11.672155Z +b2e4724ba984c890f51cb2584ae78942 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +13016 + +report-functions.c +file + + + + +2016-02-13T06:47:11.672155Z +36a181289deb5ee33a11cc1c89038771 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +58299 + +report-appendix.c +file + + + + +2016-02-13T06:47:11.672155Z +9d4406ec434327210ca19ba2a90c19a0 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +31195 + +nipper-cleanup.c +file + + + + +2016-02-13T06:47:11.672155Z +2792f733b69e4701bdac13ab0b5a46d9 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7314 + +nipper-common.c +file + + + + +2016-02-13T06:47:11.672155Z +abbd4ce7aee3050b4695ee1c8e05ac66 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +12789 + +nipper-help.c +file + + + + +2016-02-13T06:47:11.672155Z +6a203b0f87d860503c79357c184906ca +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +23344 + +nipper-objects.c +file + + + + +2016-02-13T06:47:11.672155Z +06fe23678ed4982f38df84a64bf341e5 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +10428 + +nipper-acl.c +file + + + + +2016-02-13T06:47:11.672155Z +19f510e5e1fe3fe99b08f445cd7d2cc1 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +25174 + +nipper-input.c +file + + + + +2016-02-13T06:47:11.672155Z +49c97d2ff8ba8e3f0e9d28b81c9641e3 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +13845 + +report-text.c +file + + + + +2016-02-13T06:47:11.672155Z +e607133c088029b5143f97e7a638096b +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +202588 + +report-debug.c +file + + + + +2016-02-13T06:47:11.672155Z +93294373c50c01db67ea4971ecfef02f +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6489 + +nipper-config.c +file + + + + +2016-02-13T06:47:11.672155Z +1acb85a3259dd504b649d235dfc42b16 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +13281 + +nipper-remote-snmp.c +file + + + + +2016-02-13T06:47:11.672155Z +56eaf8a457742a3fb3b782451dc18bc8 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5535 + +nipper-defaults.c +file + + + + +2016-02-13T06:47:11.672155Z +4438ab87ac18d7bcdbb1d69a44ddff04 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +18541 + diff --git a/0.11.10/common/.svn/text-base/nipper-acl.c.svn-base b/0.11.10/common/.svn/text-base/nipper-acl.c.svn-base new file mode 100644 index 0000000..af1990f --- /dev/null +++ b/0.11.10/common/.svn/text-base/nipper-acl.c.svn-base @@ -0,0 +1,772 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains all the code for filtering... + +#define access_none 0 +#define access_old 1 +#define access_std 2 +#define access_ext 3 + +struct filterListConfig +{ + char name[64]; // List Name (or ID) + + // Cisco ACL... + int type; // access_old... + + // Cisco CSS... + char applyTo[32]; + + // ScreenOS List... + int global; + char fromZone[32]; // Also used for SonicOS + char toZone[32]; // Also ussed for SonicOS + + // Passport... + char listName[64]; + + // Filters / Rules... + struct filterConfig *filter; + + // Filter issue flags + int denyAllAndLog; + + // Next list... + struct filterListConfig *next; +}; + + +struct filterConfig +{ + int id; // Rule ID (ScreenOS), Clause No. (CSS) + int enabled; + int action; // Deny, Accept + struct filterObjectConfig *source; // Source + struct filterObjectConfig *sourceService; // Source Services + struct filterObjectConfig *destination; // Destination + struct filterObjectConfig *destinationService; // Destination Services + struct filterObjectConfig *through; // Through which devices (FW1) + struct filterObjectConfig *install; // Install onto the following devices (FW1) + int log; // Log traffic + char remark[128]; // Or name on Passport devices + + int deleteMe; // If this rule is to be terminated! (Internal only) + + // Firewall-1 + char uid[48]; + + // Cisco... + char protocol[32]; + int protocolType; // access_type_protocol... + + // Cisco IOS... + int established; // true or false + int fragments; // true or false + + // Passport... + int filterType; + int stop; + int inSet; + + // Filter issue flags + int anySource; + int networkSource; + int anySourceService; + int anyDestination; + int networkDestination; + int anyDestinationService; + int logging; + int logDeny; + struct filterConfig *next; +}; + + +struct filterObjectConfig +{ + char name[64]; + char netMask[16]; + int serviceOp; // access_oper_eq... + int type; // access_type_interface... + + struct filterObjectConfig *next; +}; + + +#define object_filter_destination 0 +#define object_filter_source 1 +#define object_filter_sourceService 2 +#define object_filter_service 3 +#define object_filter_install 4 +#define object_filter_through 5 + +// Gets the filter list (or creates one) and returns the pointer to it... +struct filterListConfig *getFilterList(struct nipperConfig *nipper, char *name, char *name2, int global) +{ + // Variables... + struct filterListConfig *filterListPointer = 0; + int init = false; + + // If this is the first, create... + if (nipper->filterList == 0) + { + nipper->filterList = malloc(sizeof(struct filterListConfig)); + filterListPointer = nipper->filterList; + init = true; + } + + // Find / Create Filter List... + else if ((nipper->deviceType != type_sos_firewall) && (nipper->deviceType != type_sonicwall)) + { + filterListPointer = nipper->filterList; + while ((filterListPointer->next != 0) && (strcmp(filterListPointer->name, name) != 0)) + filterListPointer = filterListPointer->next; + if (strcmp(filterListPointer->name, name) != 0) + { + filterListPointer->next = malloc(sizeof(struct filterListConfig)); + filterListPointer = filterListPointer->next; + init = true; + } + } + else + { + if (global == false) + { + filterListPointer = nipper->filterList; + while ((filterListPointer->next != 0) && !((strcmp(filterListPointer->fromZone, name) == 0) && (strcmp(filterListPointer->toZone, name2) == 0))) + filterListPointer = filterListPointer->next; + if (!((strcmp(filterListPointer->fromZone, name) == 0) && (strcmp(filterListPointer->toZone, name2) == 0))) + { + filterListPointer->next = malloc(sizeof(struct filterListConfig)); + filterListPointer = filterListPointer->next; + init = true; + } + } + else + { + filterListPointer = nipper->filterList; + while ((filterListPointer->next != 0) && (filterListPointer->global == false)) + filterListPointer = filterListPointer->next; + if (filterListPointer->global == false) + { + filterListPointer->next = malloc(sizeof(struct filterListConfig)); + filterListPointer = filterListPointer->next; + init = true; + } + } + } + + // Init? + if (init == true) + { + memset(filterListPointer, 0, sizeof(struct filterListConfig)); + if ((nipper->deviceType != type_sos_firewall) && (nipper->deviceType != type_sonicwall)) + strncpy(filterListPointer->name, name, sizeof(filterListPointer->name) - 1); + else + { + strncpy(filterListPointer->fromZone, name, sizeof(filterListPointer->fromZone) - 1); + strncpy(filterListPointer->toZone, name2, sizeof(filterListPointer->toZone) - 1); + } + filterListPointer->denyAllAndLog = false; + filterListPointer->global = global; + filterListPointer->type = access_none; + } + + return filterListPointer; +} + + +// Code that adds filter objects... +struct filterConfig *getFilter(struct filterListConfig *filterListPointer, int id) +{ + // Variables... + struct filterConfig *filterPointer; + int init = false; + + // if not filters exist... + if (filterListPointer->filter == 0) + { + filterListPointer->filter = malloc(sizeof(struct filterConfig)); + filterPointer = filterListPointer->filter; + init = true; + } + else + { + filterPointer = filterListPointer->filter; + while ((filterPointer->next != 0) && (filterPointer->id != id)) + filterPointer = filterPointer->next; + if (filterPointer->id != id) + { + filterPointer->next = malloc(sizeof(struct filterConfig)); + filterPointer = filterPointer->next; + init = true; + } + } + + // Init... + if (init == true) + { + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->id = id; + } + + return filterPointer; +} + + +// Code that adds filter object members... +struct filterObjectConfig *getFilterMember(struct filterConfig *filterPointer, char *name, int objectType) +{ + // Variables... + struct filterObjectConfig *filterObjectPointer = 0; + int init = false; + + // Create / Get pointer to object... + switch (objectType) + { + case object_filter_destination: + if (filterPointer->destination == 0) + { + filterPointer->destination = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->destination; + init = true; + } + else + { + filterObjectPointer = filterPointer->destination; + while ((filterObjectPointer->next != 0) && (strcasecmp(filterObjectPointer->name, name) != 0)) + filterObjectPointer = filterObjectPointer->next; + if (strcasecmp(filterObjectPointer->name, name) != 0) + { + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + init = true; + } + } + break; + + case object_filter_source: + if (filterPointer->source == 0) + { + filterPointer->source = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->source; + init = true; + } + else + { + filterObjectPointer = filterPointer->source; + while ((filterObjectPointer->next != 0) && (strcasecmp(filterObjectPointer->name, name) != 0)) + filterObjectPointer = filterObjectPointer->next; + if (strcasecmp(filterObjectPointer->name, name) != 0) + { + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + init = true; + } + } + break; + + case object_filter_sourceService: + if (filterPointer->sourceService == 0) + { + filterPointer->sourceService = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->sourceService; + init = true; + } + else + { + filterObjectPointer = filterPointer->sourceService; + while ((filterObjectPointer->next != 0) && (strcasecmp(filterObjectPointer->name, name) != 0)) + filterObjectPointer = filterObjectPointer->next; + if (strcasecmp(filterObjectPointer->name, name) != 0) + { + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + init = true; + } + } + break; + + case object_filter_service: + if (filterPointer->destinationService == 0) + { + filterPointer->destinationService = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->destinationService; + init = true; + } + else + { + filterObjectPointer = filterPointer->destinationService; + while ((filterObjectPointer->next != 0) && (strcasecmp(filterObjectPointer->name, name) != 0)) + filterObjectPointer = filterObjectPointer->next; + if (strcasecmp(filterObjectPointer->name, name) != 0) + { + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + init = true; + } + } + break; + + case object_filter_install: + if (filterPointer->install == 0) + { + filterPointer->install = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->install; + init = true; + } + else + { + filterObjectPointer = filterPointer->install; + while ((filterObjectPointer->next != 0) && (strcasecmp(filterObjectPointer->name, name) != 0)) + filterObjectPointer = filterObjectPointer->next; + if (strcasecmp(filterObjectPointer->name, name) != 0) + { + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + init = true; + } + } + break; + + case object_filter_through: + if (filterPointer->through == 0) + { + filterPointer->through = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->through; + init = true; + } + else + { + filterObjectPointer = filterPointer->through; + while ((filterObjectPointer->next != 0) && (strcasecmp(filterObjectPointer->name, name) != 0)) + filterObjectPointer = filterObjectPointer->next; + if (strcasecmp(filterObjectPointer->name, name) != 0) + { + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + init = true; + } + } + break; + } + + // Init... + if (init == true) + { + memset(filterObjectPointer, 0, sizeof(struct filterObjectConfig)); + strncpy(filterObjectPointer->name, name, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->serviceOp = service_oper_eq; + } + + return filterObjectPointer; +} + + +// Insert a remark into a filter list... +void insertFilterRemark(struct filterListConfig *filterListPointer, struct filterConfig *filterPointer, int before, char *remark) +{ + // Variables... + struct filterConfig *insertFilterPointer = 0; + struct filterConfig *searchFilterPointer = 0; + + // Create new filter for the remark and init... + insertFilterPointer = malloc(sizeof(struct filterConfig)); + memset(insertFilterPointer, 0, sizeof(struct filterConfig)); + insertFilterPointer->action = filter_action_remark; + strncpy(insertFilterPointer->remark, remark, sizeof(insertFilterPointer->remark) - 1); + + // Put it in the right place in the list... + if ((before == false) && (filterPointer == 0)) + { + // if first + if (filterListPointer->filter == 0) + filterListPointer->filter = insertFilterPointer; + else + { + searchFilterPointer = filterListPointer->filter; + while (searchFilterPointer->next != 0) + searchFilterPointer = searchFilterPointer->next; + searchFilterPointer->next = insertFilterPointer; + } + } + else if ((before == true) && (filterListPointer->filter == filterPointer)) + { + insertFilterPointer->next = filterPointer; + filterListPointer->filter = insertFilterPointer; + } + else if (before == true) + { + insertFilterPointer->next = filterPointer; + searchFilterPointer = filterListPointer->filter; + while (searchFilterPointer->next != filterPointer) + searchFilterPointer = searchFilterPointer->next; + searchFilterPointer->next = insertFilterPointer; + } + else + { + insertFilterPointer->next = filterPointer->next; + filterPointer->next = insertFilterPointer; + } +} + + +// Search for network objects... +int searchForNetworkObjects(struct nipperConfig *nipper, char *name) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct objectMember *memberPointer = 0; + int foundNetwork = false; + + // Search for network objects... + objectListPointer = nipper->objectList; + while ((objectListPointer != 0) && (foundNetwork == false)) + { + objectPointer = objectListPointer->object; + while ((objectPointer != 0) && (foundNetwork == false)) + { + + // If object has been found... + if (strcmp(objectPointer->name, name) == 0) + { + // Look at the current object first... + if ((objectPointer->type == object_type_network) || (objectPointer->type == object_type_machinesrange) || (objectPointer->type == object_type_dynamicnet)) + foundNetwork = true; + + // Look at member objects next... + else + { + memberPointer = objectPointer->members; + while ((memberPointer != 0) && (foundNetwork == false)) + { + + if ((memberPointer->type == object_type_network) || (memberPointer->type == object_type_machinesrange) || (memberPointer->type == object_type_dynamicnet)) + foundNetwork = true; + else if ((memberPointer->type == object_type_group) || (memberPointer->type == object_type_object)) + foundNetwork = searchForNetworkObjects(nipper, memberPointer->name); + + // Next member... + memberPointer = memberPointer->next; + } + } + } + + // Next object... + objectPointer = objectPointer->next; + } + + // Next object list... + objectListPointer = objectListPointer->next; + } + + return foundNetwork; +} + + +// The code that looks for audit issues... +void rulesAudit(struct nipperConfig *nipper) +{ + // Variables... + struct filterObjectConfig *filterObjectPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + int tempInt = 0; + + // Disable source service checking for those devices that dont support it + switch (nipper->deviceType) + { + case type_fw1_firewall: + case type_nokiaip: + nipper->rejectRulesIssue = false; + nipper->bypassRulesIssue = false; + nipper->defaultRulesIssue = false; + nipper->anySourceServiceIssue = false; + break; + case type_sos_firewall: + nipper->anySourceServiceIssue = false; + nipper->bypassRulesIssue = false; + nipper->defaultRulesIssue = false; + break; + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + nipper->bypassRulesIssue = false; + nipper->rejectRulesIssue = false; + nipper->defaultRulesIssue = false; + break; + case type_css_filter: + nipper->rejectRulesIssue = false; + nipper->disabledRulesIssue = false; + nipper->defaultRulesIssue = false; + break; + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + nipper->bypassRulesIssue = false; + nipper->rejectRulesIssue = false; + nipper->disabledRulesIssue = false; + nipper->defaultRulesIssue = false; + break; + case type_passport: + case type_bayaccelar: + nipper->bypassRulesIssue = false; + nipper->rejectRulesIssue = false; + nipper->disabledRulesIssue = false; + nipper->logDenyRulesIssue = false; + nipper->allRulesLogIssue = false; + nipper->denyLogIssue = false; + break; + case type_sonicwall: + nipper->bypassRulesIssue = false; + nipper->defaultRulesIssue = false; + break; + } + + // Check for Any and Log issues... + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + // Check for disabled... + if ((filterPointer->enabled == false) && (nipper->disabledRulesIssue == true)) + nipper->disabledRules++; + + // Check for reject... + if ((filterPointer->action == filter_action_reject) && (nipper->rejectRulesIssue == true)) + nipper->rejectRules++; + + // Check for bypass... + if ((filterPointer->action == filter_action_bypass) && (nipper->bypassRulesIssue == true)) + nipper->bypassRules++; + + // Check for bypass... + if ((filterPointer->action == filter_action_default) && (nipper->defaultRulesIssue == true)) + nipper->defaultRules++; + + // Check for Any source... + if ((filterPointer->action == filter_action_accept) && (nipper->anySourceIssue == true)) + { + filterObjectPointer = filterPointer->source; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->type == object_type_any) + filterPointer->anySource = true; + filterObjectPointer = filterObjectPointer->next; + } + if (filterPointer->anySource == true) + nipper->anySource++; + } + + // Check for network source... + if ((filterPointer->action == filter_action_accept) && (nipper->networkSourceIssue == true)) + { + filterObjectPointer = filterPointer->source; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->type == object_type_network) + filterPointer->networkSource = true; + else if ((filterObjectPointer->type == object_type_group) || (filterObjectPointer->type == object_type_object)) + { + tempInt = searchForNetworkObjects(nipper, filterObjectPointer->name); + if (tempInt == true) + filterPointer->networkSource = true; + } + filterObjectPointer = filterObjectPointer->next; + } + if (filterPointer->networkSource == true) + nipper->networkSource++; + } + + // If not standard ACL (for PIX, IOS...) + if (filterListPointer->type != access_std) + { + + // Check for Any source service... + if ((filterPointer->action == filter_action_accept) && (nipper->anySourceServiceIssue == true)) + { + filterObjectPointer = filterPointer->sourceService; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->serviceOp == service_oper_any) + filterPointer->anySourceService = true; + filterObjectPointer = filterObjectPointer->next; + } + if (filterPointer->anySourceService == true) + nipper->anySourceService++; + } + + // Check for Any destination... + if ((filterPointer->action == filter_action_accept) && (nipper->anyDestinationIssue == true)) + { + filterObjectPointer = filterPointer->destination; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->type == object_type_any) + filterPointer->anyDestination = true; + filterObjectPointer = filterObjectPointer->next; + } + if (filterPointer->anyDestination == true) + nipper->anyDestination++; + } + + // Check for network destination... + if ((filterPointer->action == filter_action_accept) && (nipper->networkDestinationIssue == true)) + { + filterObjectPointer = filterPointer->destination; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->type == object_type_network) + filterPointer->networkDestination = true; + else if ((filterObjectPointer->type == object_type_group) || (filterObjectPointer->type == object_type_object)) + { + tempInt = searchForNetworkObjects(nipper, filterObjectPointer->name); + if (tempInt == true) + filterPointer->networkDestination = true; + } + filterObjectPointer = filterObjectPointer->next; + } + if (filterPointer->networkDestination == true) + nipper->networkDestination++; + } + + // Check for Any destination service... + if ((filterPointer->action == filter_action_accept) && (nipper->anyDestinationServiceIssue == true)) + { + filterObjectPointer = filterPointer->destinationService; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->serviceOp == service_oper_any) + filterPointer->anyDestinationService = true; + filterObjectPointer = filterObjectPointer->next; + } + if (filterPointer->anyDestinationService == true) + nipper->anyDestinationService++; + } + + // Filters with deny and log rules... + if ((nipper->logDenyRulesIssue == true) && (filterPointer->action != filter_action_accept) && (filterPointer->log == false)) + { + nipper->logDenyRules++; + filterPointer->logDeny = true; + } + } + + // Not PIX std access lists... + if (!(((nipper->deviceType == type_pix_firewall) || (nipper->deviceType == type_asa_firewall) || (nipper->deviceType == type_fwsm_firewall)) && (filterListPointer->type == access_std))) + { + // Filters with no logging... + if ((nipper->allRulesLogIssue == true) && (filterPointer->log == false) && (filterPointer->logDeny == false)) + { + if ((filterPointer->next != 0) || (nipper->denyLogIssue == false)) + { + filterPointer->logging = true; + nipper->filtersWithNoLogging++; + } + } + + // Filters ending with deny all and log + tempInt = false; + if ((nipper->denyLogIssue == true) && (filterPointer->action != filter_action_remark)) + { + if (filterPointer->next == 0) + tempInt = true; + else if ((filterPointer->next->action == filter_action_remark) && (filterPointer->next->next == 0)) + tempInt = true; + } + if (tempInt == true) + { + tempInt = false; + if (filterPointer->action != filter_action_drop) + tempInt = true; + filterObjectPointer = filterPointer->source; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->type != object_type_any) + tempInt = true; + filterObjectPointer = filterObjectPointer->next; + } + filterObjectPointer = filterPointer->sourceService; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->serviceOp != service_oper_any) + tempInt = true; + filterObjectPointer = filterObjectPointer->next; + } + filterObjectPointer = filterPointer->destination; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->type != object_type_any) + tempInt = true; + filterObjectPointer = filterObjectPointer->next; + } + filterObjectPointer = filterPointer->destinationService; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->serviceOp != service_oper_any) + tempInt = true; + filterObjectPointer = filterObjectPointer->next; + } + if (tempInt == true) + { + nipper->denyAllAndLog++; + filterListPointer->denyAllAndLog = true; + } + } + } + } + + filterPointer = filterPointer->next; + } + filterListPointer = filterListPointer->next; + } + + // Add to ACL issues... + nipper->aclIssues += nipper->anySource; + nipper->aclIssues += nipper->networkSource; + nipper->aclIssues += nipper->rejectRules; + nipper->aclIssues += nipper->bypassRules; + nipper->aclIssues += nipper->defaultRules; + nipper->aclIssues += nipper->logDenyRules; + nipper->aclIssues += nipper->anySourceService; + nipper->aclIssues += nipper->anyDestination; + nipper->aclIssues += nipper->networkDestination; + nipper->aclIssues += nipper->anyDestinationService; + nipper->aclIssues += nipper->filtersWithNoLogging; + nipper->aclIssues += nipper->denyAllAndLog; + nipper->aclIssues += nipper->disabledRules; +} + + diff --git a/0.11.10/common/.svn/text-base/nipper-base64.c.svn-base b/0.11.10/common/.svn/text-base/nipper-base64.c.svn-base new file mode 100644 index 0000000..a30ac01 --- /dev/null +++ b/0.11.10/common/.svn/text-base/nipper-base64.c.svn-base @@ -0,0 +1,254 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// See RFC3548 for details of Base64 Encode / Decode standards + +static const char base64string[] = {62, -1, -1, -1, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, 0, -1, -1, -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51}; + + +// Base64 character check +int checkBase64Char(char inputChar) +{ + if (inputChar > 122) + return -1; + if (inputChar < 43) + return -1; + else + return base64string[inputChar - 43]; +} + + +// Base64 character strip (gets rid of odd characters at the end) +void base64StringStrip(char *inputString) +{ + // Variables... + char endChar; + + // Stripped Characters... + // 32 - Space + // 10 - Line Feed + // 13 - Carridge Return + if (strlen(inputString) != 0) + { + // Loop until characters have gone... + endChar = inputString[strlen(inputString) - 1]; + while (checkBase64Char(endChar) == -1) + { + inputString[strlen(inputString) - 1] = 0; + endChar = inputString[strlen(inputString) - 1]; + } + } +} + + +int base64DecodeChars(char *inputString) +{ + // Variables... + int stringLoop = 0; + char *outString = inputString; + int equalsReplaced = false; + int percentUsed = 0; + char inter1, inter2, inter3, inter4 = 0; + + // Strip unwanted characters from the end of the string + base64StringStrip(inputString); + + // Convert from base64 converts every 4 characters to 3. This is due to + // base64 conversion from 6bit to 8bit characters. + while (inputString[0] != 0) + { + // Decode characters + inter1 = checkBase64Char(inputString[0]); + if (inter1 == -1) + return false; + inputString++; + if (inputString[0] != 0) + { + inter2 = checkBase64Char(inputString[0]); + if (inter2 == -1) + return false; + } + else + inter2 = 0; + inputString++; + if (inputString[0] != 0) + { + inter3 = checkBase64Char(inputString[0]); + if (inter3 == -1) + return false; + } + else + inter3 = 0; + inputString++; + if (inputString[0] != 0) + { + inter4 = checkBase64Char(inputString[stringLoop]); + if (inter4 == -1) + return false; + } + else + inter4 = 0; + inputString++; + + // Convert 4 6 bit characters into 3 8 bit ones... + // First char... + outString[0] = (inter1 << 2) | (inter2 >> 4); + if ((outString[0] == '=') && (equalsReplaced == false)) + { + equalsReplaced = true; + outString[0] = ' '; + } + else if (outString[0] == '&') + { + equalsReplaced = false; + outString[0] = '\n'; + } + else if (percentUsed == 2) + { + if (strncmp(outString - 2, "%20", 3) == 0) + { + outString -= 2; + outString[0] = ' '; + } + else if (strncmp(outString - 2, "%26", 3) == 0) + { + outString -= 2; + outString[0] = '&'; + } + else if (strncmp(outString - 2, "%3a", 3) == 0) + { + outString -= 2; + outString[0] = ':'; + } + else if (strncmp(outString - 2, "%3f", 3) == 0) + { + outString -= 2; + outString[0] = '?'; + } + percentUsed = 0; + } + else if (percentUsed == 1) + percentUsed = 2; + else if (outString[0] == '%') + percentUsed = 1; + outString++; + + // Second char... + outString[0] = ((inter2 << 4) & 240) | (inter3 >> 2); + if ((outString[0] == '=') && (equalsReplaced == false)) + { + equalsReplaced = true; + outString[0] = ' '; + } + else if (outString[0] == '&') + { + equalsReplaced = false; + outString[0] = '\n'; + } + else if (percentUsed == 2) + { + if (strncmp(outString - 2, "%20", 3) == 0) + { + outString -= 2; + outString[0] = ' '; + } + else if (strncmp(outString - 2, "%26", 3) == 0) + { + outString -= 2; + outString[0] = '&'; + } + else if (strncmp(outString - 2, "%3a", 3) == 0) + { + outString -= 2; + outString[0] = ':'; + } + else if (strncmp(outString - 2, "%3f", 3) == 0) + { + outString -= 2; + outString[0] = '?'; + } + percentUsed = 0; + } + else if (percentUsed == 1) + percentUsed = 2; + else if (outString[0] == '%') + percentUsed = 1; + outString++; + + // Third char... + outString[0] = ((inter3 << 6) & 192)| inter4; + if ((outString[0] == '=') && (equalsReplaced == false)) + { + equalsReplaced = true; + outString[0] = ' '; + } + else if (outString[0] == '&') + { + equalsReplaced = false; + outString[0] = '\n'; + } + else if (percentUsed == 2) + { + if (strncmp(outString - 2, "%20", 3) == 0) + { + outString -= 2; + outString[0] = ' '; + } + else if (strncmp(outString - 2, "%26", 3) == 0) + { + outString -= 2; + outString[0] = '&'; + } + else if (strncmp(outString - 2, "%3a", 3) == 0) + { + outString -= 2; + outString[0] = ':'; + } + else if (strncmp(outString - 2, "%3f", 3) == 0) + { + outString -= 2; + outString[0] = '?'; + } + percentUsed = 0; + } + else if (percentUsed == 1) + percentUsed = 2; + else if (outString[0] == '%') + percentUsed = 1; + outString++; + } + + // String end... + outString[0] = 0; + + return true; +} + + diff --git a/0.11.10/common/.svn/text-base/nipper-cleanup.c.svn-base b/0.11.10/common/.svn/text-base/nipper-cleanup.c.svn-base new file mode 100644 index 0000000..c0515a8 --- /dev/null +++ b/0.11.10/common/.svn/text-base/nipper-cleanup.c.svn-base @@ -0,0 +1,215 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +void cleanup(struct nipperConfig *nipper) +{ + // Program variables... + struct debugAbbrev *debugAbPointer = 0; + struct johnPassword *johnPointer = 0; + struct reportText *reportTextPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct objectMember *memberPointer = 0; + struct hostInterfaces *fw1InterfacePointer = 0; + + // Debug Abbreviations + while (debugAb != 0) + { + debugAbPointer = debugAb->next; + free(debugAb); + debugAb = debugAbPointer; + } + + // CSS from config... + if (nipper->cssFromConfig != 0) + free(nipper->cssFromConfig); + + // Device Model from config... + if (nipper->deviceModelInt != 0) + free(nipper->deviceModelInt); + + // Dict file from config... + if (nipper->dictionaryFilename != 0) + free(nipper->dictionaryFilename); + + // If Dict file is open... + if (nipper->dictFile != 0) + fclose(nipper->dictFile); + + // Filter Lists... + while (nipper->filterList != 0) + { + while (nipper->filterList->filter != 0) + { + while (nipper->filterList->filter->source != 0) + { + filterObjectPointer = nipper->filterList->filter->source->next; + free (nipper->filterList->filter->source); + nipper->filterList->filter->source = filterObjectPointer; + } + while (nipper->filterList->filter->sourceService != 0) + { + filterObjectPointer = nipper->filterList->filter->sourceService->next; + free (nipper->filterList->filter->sourceService); + nipper->filterList->filter->sourceService = filterObjectPointer; + } + while (nipper->filterList->filter->destination != 0) + { + filterObjectPointer = nipper->filterList->filter->destination->next; + free (nipper->filterList->filter->destination); + nipper->filterList->filter->destination = filterObjectPointer; + } + while (nipper->filterList->filter->destinationService != 0) + { + filterObjectPointer = nipper->filterList->filter->destinationService->next; + free (nipper->filterList->filter->destinationService); + nipper->filterList->filter->destinationService = filterObjectPointer; + } + while (nipper->filterList->filter->through != 0) + { + filterObjectPointer = nipper->filterList->filter->through->next; + free (nipper->filterList->filter->through); + nipper->filterList->filter->through = filterObjectPointer; + } + while (nipper->filterList->filter->install != 0) + { + filterObjectPointer = nipper->filterList->filter->install->next; + free (nipper->filterList->filter->install); + nipper->filterList->filter->install = filterObjectPointer; + } + filterPointer = nipper->filterList->filter->next; + free (nipper->filterList->filter); + nipper->filterList->filter = filterPointer; + } + filterListPointer = nipper->filterList->next; + free (nipper->filterList); + nipper->filterList = filterListPointer; + } + + // Object Lists and Objects... + while (nipper->objectList != 0) + { + while (nipper->objectList->object != 0) + { + while (nipper->objectList->object->members != 0) + { + memberPointer = nipper->objectList->object->members->next; + free (nipper->objectList->object->members); + nipper->objectList->object->members = memberPointer; + } + while (nipper->objectList->object->interfaces != 0) + { + fw1InterfacePointer = nipper->objectList->object->interfaces->next; + free (nipper->objectList->object->interfaces); + nipper->objectList->object->interfaces = fw1InterfacePointer; + } + objectPointer = nipper->objectList->object->next; + free (nipper->objectList->object); + nipper->objectList->object = objectPointer; + } + objectListPointer = nipper->objectList->next; + free (nipper->objectList); + nipper->objectList = objectListPointer; + } + + // Cleanup device type structures + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + if (nipper->ios != 0) + cleanupIOS(nipper); + break; + + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if (nipper->pix != 0) + cleanupPIX(nipper); + break; + + case type_cos_catalyst: + case type_nmp_catalyst: + if (nipper->nmp != 0) + cleanupNMP(nipper); + break; + + case type_css_filter: + if (nipper->css != 0) + cleanupCSS(nipper); + break; + + case type_sos_firewall: + if (nipper->sos != 0) + cleanupSOS(nipper); + break; + + case type_bayaccelar: + case type_passport: + if (nipper->pas != 0) + cleanupPAS(nipper); + break; + + case type_nokiaip: + case type_fw1_firewall: + if (nipper->fw1 != 0) + cleanupFW1(nipper); + break; + + case type_sonicwall: + if (nipper->sonicos != 0) + cleanupSonicOS(nipper); + break; + } + + // Cleanup report text + while (nipper->report != 0) + { + reportTextPointer = nipper->report->next; + free(nipper->report); + nipper->report = reportTextPointer; + } + + // Cleanup John-the-ripper + while (nipper->john != 0) + { + johnPointer = nipper->john->next; + free(nipper->john); + nipper->john = johnPointer; + } + + // Cleanup nipper struct... + free (nipper); +} + diff --git a/0.11.10/common/.svn/text-base/nipper-cmdoptions.c.svn-base b/0.11.10/common/.svn/text-base/nipper-cmdoptions.c.svn-base new file mode 100644 index 0000000..03bd7bd --- /dev/null +++ b/0.11.10/common/.svn/text-base/nipper-cmdoptions.c.svn-base @@ -0,0 +1,468 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains all the code to get the command-line options... + +void getCommandOptions(int argc, char *argv[], struct nipperConfig *nipper) +{ + // Variables... + int argLoop; + + // Get program parameters + for (argLoop = 1; argLoop < argc; argLoop++) + { + // Output format specified + if ((strncmp("--output-format=", argv[argLoop], 16) == 0) || (strncmp("--report-format=", argv[argLoop], 16) == 0)) + { + if (strcmp("text", argv[argLoop]+16) == 0) + nipper->outputFormat = output_text; + else if (strcmp("html", argv[argLoop]+16) == 0) + nipper->outputFormat = output_html; + else if (strcmp("latex", argv[argLoop]+16) == 0) + nipper->outputFormat = output_latex; + else if (strcmp("xml", argv[argLoop]+16) == 0) + nipper->outputFormat = output_xml; + else + nipper->nipperMode = mode_help; + } + else if (strncmp("--text", argv[argLoop], 6) == 0) + nipper->outputFormat = output_text; + else if (strncmp("--html", argv[argLoop], 6) == 0) + nipper->outputFormat = output_html; + else if (strncmp("--latex", argv[argLoop], 7) == 0) + nipper->outputFormat = output_latex; + else if (strncmp("--xml", argv[argLoop], 5) == 0) + nipper->outputFormat = output_xml; + + // Input file (defaults to stdin) + else if ((strncmp("--input=", argv[argLoop], 8) == 0) && (strlen(argv[argLoop]) > 8)) + nipper->inputName = argv[argLoop] + 8; + + // Output file (defaults to stdout) + else if (((strncmp("--output=", argv[argLoop], 9) == 0) || (strncmp("--report=", argv[argLoop], 9) == 0)) && (strlen(argv[argLoop]) > 9)) + nipper->outputFile = argv[argLoop] + 9; + + // Configuration File + else if ((strncmp("--config=", argv[argLoop], 9) == 0) && (strlen(argv[argLoop]) > 9)) + configFilename = argv[argLoop] + 9; + + // CSV File... + else if ((strncmp("--csv=", argv[argLoop], 6) == 0) && (strlen(argv[argLoop]) > 6)) + nipper->csvFilename = argv[argLoop] + 6; + + // Password output + else if (strcmp("--no-passwords", argv[argLoop]) == 0) + nipper->passwords = false; + + // Force + else if (strcmp("--force", argv[argLoop]) == 0) + nipper->force = true; + + // Do not perform a security audit + else if (strcmp("--no-audit", argv[argLoop]) == 0) + nipper->fullReport = false; + + // Do include a configuration report + else if (strcmp("--no-config", argv[argLoop]) == 0) + nipper->configReport = false; + + // Expand ACL object definitions + else if (strcmp("--expand-acl", argv[argLoop]) == 0) + nipper->expandACL = true; + + // Rule Comments + else if (strcmp("--rule-comments", argv[argLoop]) == 0) + nipper->showACLComments = true; + + // Debug output + else if (strcmp("--debug", argv[argLoop]) == 0) + nipper->debugMode = true; + else if (strcmp("--debug-lnp", argv[argLoop]) == 0) + nipper->linesnotprocessed = true; + + // Router + else if ((strcmp("--ios-router", argv[argLoop]) == 0) || (strcmp("--ios", argv[argLoop]) == 0)) + nipper->deviceType = type_ios_router; + + // Cisco Router + else if (strcmp("--ios-switch", argv[argLoop]) == 0) + nipper->deviceType = type_ios_switch; + + // Cisco Catalyst + else if (strcmp("--ios-catalyst", argv[argLoop]) == 0) + nipper->deviceType = type_ios_catalyst; + else if (strcmp("--catos", argv[argLoop]) == 0) + nipper->deviceType = type_cos_catalyst; + else if (strcmp("--nmp", argv[argLoop]) == 0) + nipper->deviceType = type_nmp_catalyst; + + // Cisco Firewall + else if (strcmp("--pix", argv[argLoop]) == 0) + nipper->deviceType = type_pix_firewall; + else if (strcmp("--asa", argv[argLoop]) == 0) + nipper->deviceType = type_asa_firewall; + else if (strcmp("--fwsm", argv[argLoop]) == 0) + nipper->deviceType = type_fwsm_firewall; + + // Cisco CSS + else if (strcmp("--css", argv[argLoop]) == 0) + nipper->deviceType = type_css_filter; + + // CheckPoint Firewall-1 + else if ((strcmp("--fw1", argv[argLoop]) == 0) || (strcmp("--firewall1", argv[argLoop]) == 0)) + nipper->deviceType = type_fw1_firewall; + + // Nokia IP + else if ((strcmp("--nokia", argv[argLoop]) == 0) || (strcmp("--nokiaip", argv[argLoop]) == 0)) + nipper->deviceType = type_nokiaip; + + // SonicWall Firewall + else if ((strcmp("--sonicwall", argv[argLoop]) == 0) || (strcmp("--sonicos", argv[argLoop]) == 0)) + nipper->deviceType = type_sonicwall; + + // Nortel Passport + else if (strcmp("--passport", argv[argLoop]) == 0) + nipper->deviceType = type_passport; + + // Bay Networks Accelar + else if (strcmp("--accelar", argv[argLoop]) == 0) + nipper->deviceType = type_bayaccelar; + + // Juniper ScreenOS + else if ((strcmp("--netscreen", argv[argLoop]) == 0) || (strcmp("--screenos", argv[argLoop]) == 0)) + nipper->deviceType = type_sos_firewall; + + // Device Model... + else if (strncmp("--model=", argv[argLoop], 8) == 0) + nipper->deviceModel = argv[argLoop] + 8; + + // Set Timeout + else if (strncmp("--timeout=", argv[argLoop], 10) == 0) + { + if (atoi(argv[argLoop] + 10) != 0) + nipper->connectionTimeout = atoi(argv[argLoop] + 10); + } + + // Dictionary supplied + else if (strncmp("--stylesheet=", argv[argLoop], 13) == 0) + nipper->cssFile = argv[argLoop] + 13; + + // Company name specified + else if (strncmp("--company-name=", argv[argLoop], 15) == 0) + strncpy(nipper->companyName, argv[argLoop] + 15, sizeof(nipper->companyName) - 1); + + // Company name specified + else if (strncmp("--device-name=", argv[argLoop], 14) == 0) + strncpy(nipper->hostname, argv[argLoop] + 14, sizeof(nipper->hostname) - 1); + + // Password Length + else if (strncmp("--pass-length=", argv[argLoop], 14) == 0) + nipper->passwordLength = atoi(argv[argLoop] + 14); + + // Password Uppers + else if (strcmp("--pass-uppers=yes", argv[argLoop]) == 0) + nipper->passwordUppers = true; + else if (strcmp("--pass-uppers=no", argv[argLoop]) == 0) + nipper->passwordUppers = false; + + // Password Lowers + else if (strcmp("--pass-lowers=yes", argv[argLoop]) == 0) + nipper->passwordLowers = true; + else if (strcmp("--pass-lowers=no", argv[argLoop]) == 0) + nipper->passwordLowers = false; + + // Password Either + else if (strcmp("--pass-either=yes", argv[argLoop]) == 0) + nipper->passwordEither = true; + else if (strcmp("--pass-either=no", argv[argLoop]) == 0) + nipper->passwordEither = false; + + // Password Numbers + else if (strcmp("--pass-numbers=yes", argv[argLoop]) == 0) + nipper->passwordNumbers = true; + else if (strcmp("--pass-numbers=no", argv[argLoop]) == 0) + nipper->passwordNumbers = false; + + // Password Specials + else if (strcmp("--pass-specials=yes", argv[argLoop]) == 0) + nipper->passwordSpecials = true; + else if (strcmp("--pass-specials=no", argv[argLoop]) == 0) + nipper->passwordSpecials = false; + + // Deny all and log filtering + else if (strcmp("--deny-log", argv[argLoop]) == 0) + nipper->denyLogIssue = true; + else if (strcmp("--no-deny-log", argv[argLoop]) == 0) + nipper->denyLogIssue = false; + + // Any Source + else if (strcmp("--no-any-source", argv[argLoop]) == 0) + nipper->anySourceIssue = false; + else if (strcmp("--any-source", argv[argLoop]) == 0) + nipper->anySourceIssue = true; + + // Network Source + else if (strcmp("--no-network-source", argv[argLoop]) == 0) + nipper->networkSourceIssue = false; + else if (strcmp("--network-source", argv[argLoop]) == 0) + nipper->networkSourceIssue = true; + + // Source Service + else if (strcmp("--no-source-service", argv[argLoop]) == 0) + nipper->anySourceServiceIssue = false; + else if (strcmp("--source-service", argv[argLoop]) == 0) + nipper->anySourceServiceIssue = true; + + // Any Destination + else if (strcmp("--no-any-destination", argv[argLoop]) == 0) + nipper->anyDestinationIssue = false; + else if (strcmp("--any-destination", argv[argLoop]) == 0) + nipper->anyDestinationIssue = true; + + // Network Destination + else if (strcmp("--no-network-destination", argv[argLoop]) == 0) + nipper->networkDestinationIssue = false; + else if (strcmp("--network-destination", argv[argLoop]) == 0) + nipper->networkDestinationIssue = true; + + // Destination Service + else if (strcmp("--no-destination-service", argv[argLoop]) == 0) + nipper->anyDestinationServiceIssue = false; + else if (strcmp("--destination-service", argv[argLoop]) == 0) + nipper->anyDestinationServiceIssue = true; + + // Log Rules + else if (strcmp("--no-log-rules", argv[argLoop]) == 0) + nipper->allRulesLogIssue = false; + else if (strcmp("--log-rules", argv[argLoop]) == 0) + nipper->allRulesLogIssue = true; + + // Disabled Rules + else if (strcmp("--no-disabled-rules", argv[argLoop]) == 0) + nipper->disabledRulesIssue = false; + else if (strcmp("--disabled-rules", argv[argLoop]) == 0) + nipper->disabledRulesIssue = true; + + // Reject Rules + else if (strcmp("--no-reject-rules", argv[argLoop]) == 0) + nipper->rejectRulesIssue = false; + else if (strcmp("--reject-rules", argv[argLoop]) == 0) + nipper->rejectRulesIssue = true; + + // Bypass Rules + else if (strcmp("--no-bypass-rules", argv[argLoop]) == 0) + nipper->bypassRulesIssue = false; + else if (strcmp("--bypass-rules", argv[argLoop]) == 0) + nipper->bypassRulesIssue = true; + + // Default Rules + else if (strcmp("--no-default-rules", argv[argLoop]) == 0) + nipper->defaultRulesIssue = false; + else if (strcmp("--default-rules", argv[argLoop]) == 0) + nipper->defaultRulesIssue = true; + + // Log Deny Rules + else if (strcmp("--no-log-deny-rules", argv[argLoop]) == 0) + nipper->logDenyRulesIssue = false; + else if (strcmp("--log-deny-rules", argv[argLoop]) == 0) + nipper->logDenyRulesIssue = true; + + // Latex paper size + else if (strncmp("--paper=", argv[argLoop], 8) == 0) + strncpy(nipper->paperSize, argv[argLoop]+8, sizeof(nipper->paperSize) - 1); + + // Latex document class + else if (strncmp("--documentclass=", argv[argLoop], 16) == 0) + strncpy(nipper->documentClass, argv[argLoop]+16, sizeof(nipper->documentClass) - 1); + + // Appendix + else if (strcmp("--no-appendix", argv[argLoop]) == 0) + nipper->appendix = false; + + // Glossary + else if (strcmp("--no-glossary", argv[argLoop]) == 0) + nipper->glossary = false; + + // Common Ports + else if (strcmp("--no-ports", argv[argLoop]) == 0) + nipper->commonPorts = false; + + // Nipper Version Appendix + else if (strcmp("--no-version", argv[argLoop]) == 0) + nipper->nipperVersion = false; + + // Edge device + else if (strcmp("--location=edge", argv[argLoop]) == 0) + nipper->deviceUse = use_edge; + + // Internal device + else if (strcmp("--location=internal", argv[argLoop]) == 0) + nipper->deviceUse = use_internal; + + // Logging Levels Appendix + else if (strcmp("--no-logging", argv[argLoop]) == 0) + nipper->loggingLevels = false; + + // Time Zone Appendix + else if (strcmp("--no-timezones", argv[argLoop]) == 0) + nipper->timeZones = false; + + // Abbreviations + else if (strcmp("--no-abbreviations", argv[argLoop]) == 0) + nipper->abs = false; + + // Show host / network names instead of IP addresses (where possible) + else if (strcmp("--no-names", argv[argLoop]) == 0) + nipper->names = true; + + // Show host / network names instead of IP addresses (where possible) + else if (strcmp("--debug-abbreviations", argv[argLoop]) == 0) + nipper->debugAbbrev = true; + + // John the ripper output + else if ((strncmp("--john=", argv[argLoop], 7) == 0) && (strlen(argv[argLoop]) > 7)) + nipper->johnFile = argv[argLoop] + 7; + + // Dictionary supplied + else if (strncmp("--dictionary=", argv[argLoop], 13) == 0) + nipper->dictionaryFile = argv[argLoop] + 13; + +#if !defined(__WIN32__) + // Remote Cisco Device IP + else if (strncmp("--cisco-ip=", argv[argLoop], 11) == 0) + strncpy(nipper->remoteIP, argv[argLoop] + 11, sizeof(nipper->remoteIP) - 1); + + // Remote Cisco Device IP (Local) + else if (strncmp("--local-ip=", argv[argLoop], 11) == 0) + strncpy(nipper->localIP, argv[argLoop] + 11, sizeof(nipper->localIP) - 1); + + // Remote Cisco Device SNMP read/write community + else if (strncmp("--snmp=", argv[argLoop], 7) == 0) + strncpy(nipper->remoteSnmp, argv[argLoop] + 7, sizeof(nipper->remoteSnmp) - 1); + + // Local TFTP server to use + else if (strncmp("--tftproot=", argv[argLoop], 11) == 0) + strncpy(nipper->remoteTftp, argv[argLoop] + 11, sizeof(nipper->remoteTftp) - 1); + + // Local Cisco Config file to save to + else if (strncmp("--cisco-file=", argv[argLoop], 13) == 0) + nipper->localSave = argLoop; + + // Cisco retrival method (old or new) + else if (strcmp("--cisco=old", argv[argLoop]) == 0) + nipper->oldCisco = true; + else if (strcmp("--cisco=new", argv[argLoop]) == 0) + nipper->oldCisco = false; +#endif + + // Version + else if (strcmp("--version", argv[argLoop]) == 0) + nipper->nipperMode = mode_version; + + // Help + else if ((strcasecmp("--help", argv[argLoop]) == 0) || (strcasecmp("/?", argv[argLoop]) == 0) || (strcasecmp("--help=general", argv[argLoop]) == 0)) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_general; + } + else if (strcasecmp("--help=devices", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_device_types; + } + else if (strcasecmp("--help=SNMP", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_snmp; + } + else if (strcasecmp("--help=devices-adv", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_device_usage; + } + else if (strcasecmp("--help=REPORT", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_report_formats; + } + else if (strcasecmp("--help=REPORT-ADV", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_report_options; + } + else if (strcasecmp("--help=REPORT-SECT", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_report_appendix; + } + else if (strcasecmp("--help=REPORT-HTML", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_report_html; + } + else if (strcasecmp("--help=REPORT-LATEX", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_report_latex; + } + else if (strcasecmp("--help=AUDIT-ACL", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_audit_acl; + } + else if (strcasecmp("--help=AUDIT-PASS", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_audit_password; + } + else if (strcasecmp("--help=AUDIT-ADV", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_audit_misc; + } + else if (strcasecmp("--help=DEBUG", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_debug; + } + else if (strcasecmp("--help=CONFIG-FILE", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_config_file; + } + + // If all else fails, display the help + else + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_params; + } + } +} diff --git a/0.11.10/common/.svn/text-base/nipper-common.c.svn-base b/0.11.10/common/.svn/text-base/nipper-common.c.svn-base new file mode 100644 index 0000000..6012c2a --- /dev/null +++ b/0.11.10/common/.svn/text-base/nipper-common.c.svn-base @@ -0,0 +1,538 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Colour Console Output... +#if !defined(__WIN32__) +const char *RESET = ""; // DEFAULT +const char *COL_RED = ""; // RED +const char *COL_BLUE = ""; // BLUE +const char *COL_GREEN = ""; // GREEN +#else +const char *RESET = ""; +const char *COL_RED = ""; +const char *COL_BLUE = ""; +const char *COL_GREEN = ""; +#endif + + +// Temporary Directory... +#if !defined(__WIN32__) +const char *tmpDir = "/tmp/"; +#else +const char *tmpDir = ""; +#endif + + +// Read a line from the input... +void readLine(FILE *input, char *lineFromFile, int maxLength) +{ + // Variables... + int stripPointer = 0; + + // Read line from file... + memset(lineFromFile, 0, maxLength); + fgets(lineFromFile, maxLength, input); + + // Clear the end-of-line stuff... + stripPointer = strlen(lineFromFile) -1; + while ((lineFromFile[stripPointer] == '\r') || (lineFromFile[stripPointer] == '\n') || (lineFromFile[stripPointer] == ' ')) + { + lineFromFile[stripPointer] = 0; + stripPointer--; + } +} + + +// Checks for simple passwords +int simplePassword(char *password, struct nipperConfig *nipper) +{ + // Constants + const char passwords[][12] = {"password", "password1", "public", "private", "admin", "cisco", "default", "secret", "juniper", + "dbsnmp", "laflaf", "ILMI", "cascade", "cable-docsis", "MiniAP", "snmp-trap", "volition", + "super", "master", "netscreen", "ro", "rw", + ""}; + // Variables + int loop = 0; + char line[128]; + + if ((nipper->dictFile == 0) && (nipper->dictionaryFile != 0)) + nipper->dictFile = fopen(nipper->dictionaryFile, "r"); + + + // Check using a Dictionary File... + if (nipper->dictFile != 0) + { + // Set the dictionary at the start + rewind(nipper->dictFile); + + // Go through the dict until a match or eof + while (feof(nipper->dictFile) == 0) + { + // Read line + readLine(nipper->dictFile, line, sizeof(line)); + + if (strcmp(password, line) == 0) + return true; + } + } + + // Check using the small built-in dictionary + else + { + for (loop = 0; passwords[loop][0] != 0; loop++) + { + if (strcasecmp(password, passwords[loop]) == 0) + return true; + } + } + + return false; +} + + +// Checks password strength +int passwordStrength(char *password, struct nipperConfig *nipper) +{ + // Variables + int contUpper = false; + int contLower = false; + int contUpperOrLower = false; + int contNumber = false; + int contSpecial = false; + int loop = 0; + + // Check length first + if (strlen(password) < nipper->passwordLength) + return false; + + // Get password components + for (loop = 0; loop < strlen(password); loop++) + { + // check for lowercase + if ((password[loop] > 96) && (password[loop] < 123)) + { + contLower = true; + contUpperOrLower = true; + } + + // check for upper + else if ((password[loop] > 64) && (password[loop] < 91)) + { + contUpper = true; + contUpperOrLower = true; + } + + // check for number + else if ((password[loop] > 47) && (password[loop] < 58)) + contNumber = true; + + // check for special chars + else + contSpecial = true; + } + + // Check password components + if ((nipper->passwordLowers == true) && (contLower == false)) + return false; + + if ((nipper->passwordUppers == true) && (contUpper == false)) + return false; + + if ((nipper->passwordEither == true) && (contUpperOrLower == false)) + return false; + + if ((nipper->passwordNumbers == true) && (contNumber == false)) + return false; + + if ((nipper->passwordSpecials == true) && (contSpecial == false)) + return false; + + return true; +} + + +// Return how many chars to next space character (or end of string) +int nextSpace(char *line) +{ + // Variables... + int counter = 0; + + // The work... + while ((line[counter] != ' ') && (line[counter] != 0)) + { + counter++; + } + + // Return... + return counter; +} + + +// Make text Latex friendly +void stripQuotes(char *line, char *output, int maxSize) +{ + // Variables + int loop = 0; + int outPos = 0; + + // Init + if (strlen(line) < maxSize) + maxSize = strlen(line) + 1; + + // Check each character + for (loop = 0; (loop < strlen(line)) && (loop < maxSize -1); loop++) + { + // If it contains one of the chars + if (line[loop] != '\"') + { + // Copy + output[outPos] = line[loop]; + outPos++; + } + } + + // Null terminate + output[outPos] = 0; +} + + +// Make text Latex friendly +void latexFriendly(char *line, char *output, int maxSize) +{ + // Variables + int loop = 0; + int outPos = 0; + + // Init + if (strlen(line) < maxSize) + maxSize = strlen(line) + 1; + + // Check each character + for (loop = 0; (loop < strlen(line)) && (loop < maxSize -1); loop++) + { + // If it contains one of the chars + if ((line[loop] == '_') || (line[loop] == '$') || (line[loop] == '#') || (line[loop] == '&') || (line[loop] == '\\') || (line[loop] == '%')) + { + output[outPos] = '\\'; + outPos++; + } + + // Copy + output[outPos] = line[loop]; + + // Increment + outPos++; + } + + // Null terminate + output[outPos] = 0; +} + + +// Make text HTML friendly +void htmlFriendly(char *line, char *output, int maxSize) +{ + // Variables + int loop = 0; + int outPos = 0; + + // Init + if (strlen(line) < maxSize) + maxSize = strlen(line) + 1; + + // Check each character + for (loop = 0; (loop < strlen(line)) && (loop < maxSize -1); loop++) + { + // If it contains one of the chars + if (line[loop] == '<') + { + output[outPos] = '&'; + outPos++; + output[outPos] = 'l'; + outPos++; + output[outPos] = 't'; + outPos++; + output[outPos] = ';'; + outPos++; + } + else if (line[loop] == '>') + { + output[outPos] = '&'; + outPos++; + output[outPos] = 'g'; + outPos++; + output[outPos] = 't'; + outPos++; + output[outPos] = ';'; + outPos++; + } + else if (line[loop] == '&') + { + output[outPos] = '&'; + outPos++; + output[outPos] = 'a'; + outPos++; + output[outPos] = 'm'; + outPos++; + output[outPos] = 'p'; + outPos++; + output[outPos] = ';'; + outPos++; + } + + // Copy + else + { + output[outPos] = line[loop]; + outPos++; + } + } + + // Null terminate + output[outPos] = 0; +} + + +// Break line up into its parts +struct ciscoCommand splitLine(char *line) +{ + // Variables + int tempInt = 0; + int offset = 0; + int commandCount = -1; + int quotes = false; + struct ciscoCommand command; + + // Init + memset(&command, 0, sizeof(struct ciscoCommand)); + + // Process the line + while ((line[tempInt] != 0) && (commandCount < 40)) + { + // If the character is a space or a tab + if (((line[tempInt] == 9) || (line[tempInt] == ' ')) && (quotes == false)) + { + offset = 0; + } + + // If the character is not a space/tab or quotes are open + else + { + // Increment part counter + if (offset == 0) + commandCount = commandCount + 1; + + // If quote + if ((quotes == true) && (line[tempInt] == '"')) + quotes = false; + else if (line[tempInt] == '"') + quotes = true; + + // copy stuff + if (offset < sizeof(command.part[commandCount]) - 1) + { + command.part[commandCount][offset] = line[tempInt]; + offset = offset + 1; + command.part[commandCount][offset] = 0; + } + } + tempInt++; + } + + // return + command.parts = commandCount + 1; + return command; +} + + +// Add a password to the john the ripper list +void addJohnPassword(struct nipperConfig *nipper, char *username, char *password) +{ + // struct + struct johnPassword *johnPointer; + johnPointer = malloc(sizeof(struct johnPassword)); + memset(johnPointer, 0, sizeof(struct johnPassword)); + + // Sort out pointers + johnPointer->next = nipper->john; + nipper->john = johnPointer; + + // Copy strings + strncpy(johnPointer->username, username, sizeof(johnPointer->username) - 1); + strncpy(johnPointer->password, password, sizeof(johnPointer->password) - 1); +} + + +// Decrypt the Cisco password-7 password +int password7(char *password, char *decoded, int size, int debug) +{ + // Declarations... + const char xlat[] = { + 0x64, 0x73, 0x66, 0x64, 0x3b, 0x6b, 0x66, 0x6f, + 0x41, 0x2c, 0x2e, 0x69, 0x79, 0x65, 0x77, 0x72, + 0x6b, 0x6c, 0x64, 0x4a, 0x4b, 0x44, 0x48, 0x53, + 0x55, 0x42, 0x73, 0x67, 0x76, 0x63, 0x61, 0x36, + 0x39, 0x38, 0x33, 0x34, 0x6e, 0x63, 0x78, 0x76, + 0x39, 0x38, 0x37, 0x33, 0x32, 0x35, 0x34, 0x6b, + 0x3b, 0x66, 0x67, 0x38, 0x37, 0x64, 0x73, 0x66, + 0x64, 0x3b, 0x6b, 0x66, 0x6f, 0x41, 0x2c, 0x2e, + 0x69, 0x79, 0x65, 0x77, 0x72, 0x6b, 0x6c, 0x64, + 0x4a, 0x4b, 0x44, 0x48, 0x53, 0x55, 0x42, 0x73, + 0x67, 0x76, 0x63, 0x61, 0x36, 0x39, 0x38, 0x33, + 0x34, 0x6e, 0x63, 0x78, 0x76, 0x39, 0x38, 0x37, + 0x33, 0x32, 0x35, 0x34, 0x6b, 0x3b, 0x66, 0x67, + 0x38, 0x37}; + unsigned int seed = 0; + unsigned int i = 0; + unsigned int val = 0; + + // Output debug information? + if (debug == true) + { + int loop; + printf(" Type-7 Std: %s\n", password); + printf(" Type-7 Hex: "); + for (loop = 0; loop < strlen(password); loop++) + { + printf("%x ", password[loop]); + } + printf("\n"); + } + + if ((strlen(password) & 1) || (strlen(password) > size * 2)) + return(-1); + + seed = (password[0] - '0') * 10 + password[1] - '0'; + + if (seed > 15 || !isdigit(password[0]) || !isdigit(password[1])) + return(-1); + + for (i = 2 ; i <= strlen(password); i++) + { + if (i !=2 && !(i & 1)) + { + decoded[i / 2 - 2] = val ^ xlat[seed++]; + val = 0; + } + val *= 16; + + if (isdigit(password[i] = toupper(password[i]))) + { + val += password[i] - '0'; + continue; + } + + if (password[i] >= 'A' && password[i] <= 'F') + { + val += password[i] - 'A' + 10; + continue; + } + + if (strlen(password) != i) + return(-1); + } + + decoded[++i / 2] = 0; + return(0); +} + + +// Output text title +void printTextTitle(FILE *reportFile, const char *title) +{ + // Variables... + int loop = 0; + + // Output Title... + fprintf(reportFile, "%s\n", title); + + // Output underlining... + for (loop = 0; loop < strlen(title); loop++) + { + fprintf(reportFile, "-"); + } + fprintf(reportFile, "\n\n"); +} + + +// Output numbers as words... +void numToWord(FILE *reportFile, int value) +{ + switch (value) + { + case 1: + fprintf(reportFile, "one"); + break; + case 2: + fprintf(reportFile, "two"); + break; + case 3: + fprintf(reportFile, "three"); + break; + case 4: + fprintf(reportFile, "four"); + break; + case 5: + fprintf(reportFile, "five"); + break; + case 6: + fprintf(reportFile, "six"); + break; + case 7: + fprintf(reportFile, "seven"); + break; + case 8: + fprintf(reportFile, "eight"); + break; + case 9: + fprintf(reportFile, "nine"); + break; + case 10: + fprintf(reportFile, "ten"); + break; + case 11: + fprintf(reportFile, "eleven"); + break; + case 12: + fprintf(reportFile, "twelve"); + break; + case 13: + fprintf(reportFile, "thirteen"); + break; + case 14: + fprintf(reportFile, "fourteen"); + break; + default: + fprintf(reportFile, "%d", value); + break; + } +} + diff --git a/0.11.10/common/.svn/text-base/nipper-config.c.svn-base b/0.11.10/common/.svn/text-base/nipper-config.c.svn-base new file mode 100644 index 0000000..a8c9a31 --- /dev/null +++ b/0.11.10/common/.svn/text-base/nipper-config.c.svn-base @@ -0,0 +1,315 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains all the code for nipper configuration... + + +// External default settings file... +#if !defined(__WIN32__) +char *configFilename = "/etc/nipper.conf"; +#else +char *configFilename = "nipper.ini"; +#endif + + +// Get setting... +// Parameters +// section : should include the square braces (E.g. "[passwords]") +// setting : is the setting that you are looking for +// default setting : will return +// size : The size of the default storage space (incl null termination). +// Returns +// True or False +// The defaultSetting is replaced by new setting +int getSettingString(char *section, char *setting, char *defaultSetting, int size) +{ + // Variables... + struct stat *fileStats = 0; + FILE *configFile = 0; + char line[LINE_SIZE + 1]; + char *tempString = 0; + + // Check that the file exists and is not empty... + fileStats = malloc(sizeof(struct stat)); + memset(fileStats, 0, sizeof(struct stat)); + stat(configFilename, fileStats); + if (fileStats->st_size != 0) + { + free(fileStats); + + // Open Config... + configFile = fopen(configFilename, "r"); + if (configFile != NULL) + { + + // Search for section... + do + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(configFile, line, LINE_SIZE); + } + while ((feof(configFile) == 0) && (strncasecmp(section, line, strlen(section)) != 0)); + + // if not found, return... + if (strncasecmp(section, line, strlen(section)) != 0) + { + fclose(configFile); + return false; + } + + // Search for setting... + do + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(configFile, line, LINE_SIZE); + } + while ((feof(configFile) == 0) && (strncasecmp(setting, line, strlen(setting)) != 0) && (line[0] != '[')); + fclose(configFile); + + // If not found, return... + if (strncasecmp(setting, line, strlen(setting)) != 0) + return false; + + // Search for the =... + tempString = strchr(line, '='); + if (tempString == NULL) + return false; + tempString++; + + // Search for the first character... + while ((tempString[0] != 0) && (tempString[0] == ' ')) + tempString++; + + // If there is a setting, return it... + if (tempString[0] != 0) + { + memset(defaultSetting, 0, size); + strncpy(defaultSetting, tempString, size - 1); + return true; + } + else + return false; + } + } + else + free(fileStats); + + return false; +} + + +// Gets the setting as Int, same as above... +// For on/off or true/false it will return true or false +// This one returns the default setting +int getSettingInt(char *section, char *setting, int defaultSetting) +{ + // Variables... + char tempString[] = "false"; + int tempInt; + + // Get Setting... + tempInt = getSettingString(section, setting, tempString, sizeof(tempString)); + + // If error, return default + if (tempInt == false) + return defaultSetting; + + // If false or off + if ((strncasecmp(tempString, "no", 2) == 0) || (strncasecmp(tempString, "off", 3) == 0) || (strncasecmp(tempString, "false", 5) == 0)) + return false; + + // If true or on + if ((strncasecmp(tempString, "yes", 3) == 0) || (strncasecmp(tempString, "on", 2) == 0) || (strncasecmp(tempString, "true", 4) == 0)) + return true; + + return atoi(tempString); +} + + +// Create the Nipper configuration structure... +struct nipperConfig *createNipperConfig() +{ + // Variables... + struct nipperConfig *nipper; + char tempString[LINE_SIZE]; + + // Reserve Memory... + nipper = malloc(sizeof(struct nipperConfig)); + memset(nipper, 0, sizeof(struct nipperConfig)); + + // nipper Program Option Defaults... + nipper->maxSize = LINE_SIZE; + nipper->tableNum = 1; + nipper->nipperMode = mode_process; + nipper->deviceUse = use_all; + nipper->doCSV = false; + nipper->showACLComments = false; + + // General + strcpy(tempString, "Cisco Router (IOS)"); + getSettingString("[General]", "Device Type", tempString, sizeof(tempString)); + if (strncasecmp(tempString, "Cisco Switch (IOS)", 18) == 0) + nipper->deviceType = type_ios_switch; + else if (strncasecmp(tempString, "Cisco Catalyst (IOS)", 20) == 0) + nipper->deviceType = type_ios_catalyst; + else if (strncasecmp(tempString, "Cisco Catalyst (NMP)", 20) == 0) + nipper->deviceType = type_nmp_catalyst; + else if (strncasecmp(tempString, "Cisco Catalyst (CatOS)", 22) == 0) + nipper->deviceType = type_cos_catalyst; + else if (strncasecmp(tempString, "Cisco Firewall (PIX)", 20) == 0) + nipper->deviceType = type_pix_firewall; + else if (strncasecmp(tempString, "Cisco Firewall (ASA)", 20) == 0) + nipper->deviceType = type_asa_firewall; + else if (strncasecmp(tempString, "Cisco Firewall (FWSM)", 21) == 0) + nipper->deviceType = type_fwsm_firewall; + else if (strncasecmp(tempString, "Cisco Content Services Switch (CSS)", 35) == 0) + nipper->deviceType = type_css_filter; + else if (strncasecmp(tempString, "Juniper ScreenOS Firewall", 25) == 0) + nipper->deviceType = type_sos_firewall; + else if (strncasecmp(tempString, "Nortel Passport", 15) == 0) + nipper->deviceType = type_passport; + else if (strncasecmp(tempString, "Checkpoint Firewall-1", 21) == 0) + nipper->deviceType = type_fw1_firewall; + else if (strncasecmp(tempString, "SonicWall SonicOS Firewall", 26) == 0) + nipper->deviceType = type_sonicwall; + else + nipper->deviceType = type_ios_router; + strcpy(tempString, "Internal"); + getSettingString("[General]", "Location", tempString, sizeof(tempString)); + if (strncasecmp(tempString, "Edge", 4) == 0) + nipper->deviceUse = use_edge; + else if (strncasecmp(tempString, "Internal", 4) == 0) + nipper->deviceUse = use_internal; + else + nipper->deviceUse = use_all; + strcpy(tempString, ""); + getSettingString("[General]", "Model", tempString, sizeof(tempString)); + if (tempString[0] != 0) + { + nipper->deviceModelInt = malloc(strlen(tempString) + 1); + strcpy(nipper->deviceModelInt, tempString); + nipper->deviceModel = nipper->deviceModelInt; + } + nipper->force = getSettingInt("[General]", "Force Type", false); + + // HTML... + strcpy(tempString, ""); + getSettingString("[HTML]", "Style Sheet File", tempString, sizeof(tempString)); + if (tempString[0] != 0) + { + nipper->cssFromConfig = malloc(strlen(tempString) + 1); + strcpy(nipper->cssFromConfig, tempString); + nipper->cssFile = nipper->cssFromConfig; + } + + // Latex Report Defaults... + strcpy(nipper->paperSize, "a4paper"); + getSettingString("[Latex]", "Paper Size", nipper->paperSize, sizeof(nipper->paperSize)); + strcpy(nipper->documentClass, "article"); + getSettingString("[Latex]", "Document Class", nipper->documentClass, sizeof(nipper->documentClass)); + + // SNMP Defaults... + strcpy(nipper->remoteSnmp, "private"); + getSettingString("[SNMP]", "Community String", nipper->remoteSnmp, sizeof(nipper->remoteSnmp)); + nipper->oldCisco = getSettingInt("[SNMP]", "Old Cisco Method", false); + strcpy(nipper->remoteTftp, "/tftproot/"); + getSettingString("[SNMP]", "TFTP Server Root", nipper->remoteTftp, sizeof(nipper->remoteTftp)); + getSettingString("[SNMP]", "Local IP Address", nipper->localIP, sizeof(nipper->localIP)); + getSettingString("[SNMP]", "Remote IP Address", nipper->remoteIP, sizeof(nipper->remoteIP)); + + // Report Defaults... + strcpy(nipper->companyName, "Nipper"); + getSettingString("[Report]", "Company Name", nipper->companyName, sizeof(nipper->companyName)); + strcpy(tempString, "HTML"); + getSettingString("[Report]", "Report Format", tempString, sizeof(tempString)); + if (strncasecmp(tempString, "text", 4) == 0) + nipper->outputFormat = output_text; + else if (strncasecmp(tempString, "latex", 5) == 0) + nipper->outputFormat = output_latex; + else if (strncasecmp(tempString, "xml", 3) == 0) + nipper->outputFormat = output_xml; + else + nipper->outputFormat = output_html; + nipper->passwords = getSettingInt("[Report]", "Show Passwords In Report", true); + nipper->expandACL = getSettingInt("[Report]", "Expand ACL In Report", false); + nipper->names = getSettingInt("[Report]", "Convert Names To IP Addresses", false); + + // Debug settings (internal only)... + nipper->debugMode = false; + nipper->linesnotprocessed = false; + nipper->debugAbbrev = false; + + // Report Section Defaults... + nipper->abs = getSettingInt("[Report Sections]", "Abbreviations", true); + nipper->appendix = getSettingInt("[Report Sections]", "Appendix", true); + nipper->loggingLevels = getSettingInt("[Report Sections]", "Logging Levels", true); + nipper->timeZones = getSettingInt("[Report Sections]", "Time Zones", true); + nipper->glossary = getSettingInt("[Report Sections]", "Glossary", true); + nipper->nipperVersion = getSettingInt("[Report Sections]", "Nipper Details", true); + nipper->commonPorts = getSettingInt("[Report Sections]", "Common Ports", true); + nipper->fullReport = getSettingInt("[Report Sections]", "Security Audit", true); + nipper->configReport = getSettingInt("[Report Sections]", "Configuration Report", true); + + // Password Audit Defaults... + strcpy(tempString, ""); + getSettingString("[Audit]", "Dictionary File", tempString, sizeof(tempString)); + if (tempString[0] != 0) + { + nipper->dictionaryFilename = malloc(strlen(tempString) + 1); + strcpy(nipper->dictionaryFilename, tempString); + nipper->dictionaryFile = nipper->dictionaryFilename; + } + nipper->passwordLength = getSettingInt("[Audit]", "Minimum Password Length", 8); + nipper->passwordUppers = getSettingInt("[Audit]", "Passwords Must Include Uppercase", false); + nipper->passwordLowers = getSettingInt("[Audit]", "Passwords Must Include Lowercase", false); + nipper->passwordEither = getSettingInt("[Audit]", "Passwords Must Include Lowercase or Uppercase", false); + nipper->passwordNumbers = getSettingInt("[Audit]", "Passwords Must Include Numbers", true); + nipper->passwordSpecials = getSettingInt("[Audit]", "Passwords Must Include Special Characters", false); + // Timeout Audit Defaults... + nipper->connectionTimeout = getSettingInt("[Audit]", "Minimum Timeout (Seconds)", 600); + // ACL Audit Defaults... + nipper->anySourceIssue = getSettingInt("[Audit]", "Check For Any Source", true); + nipper->networkSourceIssue = getSettingInt("[Audit]", "Check Source Rules Do Not Include Networks", true); + nipper->anySourceServiceIssue = getSettingInt("[Audit]", "Check For Any Source Service", false); + nipper->anyDestinationIssue = getSettingInt("[Audit]", "Check For Any Destination", true); + nipper->networkDestinationIssue = getSettingInt("[Audit]", "Check Destination Rules Do Not Include Networks", true); + nipper->anyDestinationServiceIssue = getSettingInt("[Audit]", "Check For Any Destination Service", true); + nipper->allRulesLogIssue = getSettingInt("[Audit]", "Check That All Rules Log", false); + nipper->logDenyRulesIssue = getSettingInt("[Audit]", "Check That All Deny Rules Log", true); + nipper->rejectRulesIssue = getSettingInt("[Audit]", "Check For Reject Rules", true); + nipper->bypassRulesIssue = getSettingInt("[Audit]", "Check For Bypass Rules", true); + nipper->defaultRulesIssue = getSettingInt("[Audit]", "Check For Default Rules", true); + nipper->disabledRulesIssue = getSettingInt("[Audit]", "Check For Disabled Rules", true); + nipper->denyLogIssue = getSettingInt("[Audit]", "Check Rule Lists End With Deny All And Log", true); + + return nipper; +} diff --git a/0.11.10/common/.svn/text-base/nipper-defaults.c.svn-base b/0.11.10/common/.svn/text-base/nipper-defaults.c.svn-base new file mode 100644 index 0000000..6c2fb10 --- /dev/null +++ b/0.11.10/common/.svn/text-base/nipper-defaults.c.svn-base @@ -0,0 +1,520 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void processDefaults(struct nipperConfig *nipper) +{ + // Variables... + struct lineConfig *linePointer = 0; + struct interfaceConfig *interfacePointer = 0; + struct passiveStruct *passivePointer = 0; + struct eigrpConfig *eigrpPointer = 0; + struct eigrpAutonStruct *eigrpAutonPointer = 0; + struct bgpInterStruct *bgpInterPointer = 0; + struct bgpConfig *bgpPointer = 0; + struct ospfInterStruct *ospfInterPointer = 0; + struct ospfConfig *ospfPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterConfig *filterSearchPointer = 0; + struct filterListConfig *filterListPointer = 0; + struct filterListConfig *filterListMovePointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + struct interfaceSOS *interfaceSOSPointer = 0; + int setting = 0; + int setting2 = 0; + + // Remove Passport device, assigned filters first, doing it after would be a waste of CPU/Memory... + if ((nipper->deviceType == type_passport) && (nipper->filterList != 0)) + { + // Get unassigned list... + filterListPointer = getFilterList(nipper, "**UNASSIGNED**", "", false); + + // Move the unassigned list to being the last one... + if ((nipper->filterList == filterListPointer) && (nipper->filterList->next != 0)) + { + filterListMovePointer = nipper->filterList->next; + while (filterListMovePointer->next != 0) + filterListMovePointer = filterListMovePointer->next; + filterListMovePointer->next = filterListPointer; + nipper->filterList = filterListPointer->next; + filterListPointer->next = 0; + } + else if (nipper->filterList != filterListPointer) + { + filterListMovePointer = nipper->filterList; + while (filterListMovePointer->next != filterListPointer) + filterListMovePointer = filterListMovePointer->next; + filterListMovePointer->next = filterListPointer->next; + while (filterListMovePointer->next != 0) + filterListMovePointer = filterListMovePointer->next; + filterListMovePointer->next = filterListPointer; + filterListPointer->next = 0; + } + + // Remove all assigned filters in the unassigned set... + filterPointer = filterListPointer->filter; + filterSearchPointer = 0; + while (filterPointer != 0) + { + // If filter should be removed... + if (filterPointer->inSet == true) + { + // Sort out pointers first... + if (filterSearchPointer == 0) + filterListPointer->filter = filterPointer->next; + else + filterSearchPointer->next = filterPointer->next; + + // Free sub structures... + while (filterPointer->source != 0) + { + filterObjectPointer = filterPointer->source->next; + free (filterPointer->source); + filterPointer->source = filterObjectPointer; + } + while (filterPointer->sourceService != 0) + { + filterObjectPointer = filterPointer->sourceService->next; + free (filterPointer->sourceService); + filterPointer->sourceService = filterObjectPointer; + } + while (filterPointer->destination != 0) + { + filterObjectPointer = filterPointer->destination->next; + free (filterPointer->destination); + filterPointer->destination = filterObjectPointer; + } + while (filterPointer->destinationService != 0) + { + filterObjectPointer = filterPointer->destinationService->next; + free (filterPointer->destinationService); + filterPointer->destinationService = filterObjectPointer; + } + while (filterPointer->through != 0) + { + filterObjectPointer = filterPointer->through->next; + free (filterPointer->through); + filterPointer->through = filterObjectPointer; + } + while (filterPointer->install != 0) + { + filterObjectPointer = filterPointer->install->next; + free (filterPointer->install); + filterPointer->install = filterObjectPointer; + } + free (filterPointer); + + // Sort out pointers... + if (filterSearchPointer == 0) + filterPointer = filterListPointer->filter; + else + filterPointer = filterSearchPointer->next; + } + + // Update Pointers... + else + { + filterSearchPointer = filterPointer; + filterPointer = filterPointer->next; + } + } + + // If unset filter list has no more filters, remove it... + if (filterListPointer->filter == 0) + { + if (nipper->filterList == filterListPointer) + nipper->filterList = 0; + else + { + filterListMovePointer = nipper->filterList; + while (filterListMovePointer != filterListPointer) + filterListMovePointer = filterListMovePointer->next; + filterListMovePointer->next = 0; + } + free (filterListPointer); + } + } + + + // Add the "Any" to filters that are blank... + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->protocol[0] == 0) + strcpy(filterPointer->protocol, "Any"); + if (filterPointer->source == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_source); + filterObjectPointer->type = object_type_any; + } + if (filterPointer->sourceService == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_sourceService); + filterObjectPointer->type = object_type_any; + filterObjectPointer->serviceOp = service_oper_any; + } + if (filterPointer->destination == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_destination); + filterObjectPointer->type = object_type_any; + } + if (filterPointer->destinationService == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_service); + filterObjectPointer->type = object_type_any; + filterObjectPointer->serviceOp = service_oper_any; + } + if (filterPointer->through == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_through); + filterObjectPointer->type = object_type_any; + } + if (filterPointer->install == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_install); + filterObjectPointer->type = object_type_any; + } + filterPointer = filterPointer->next; + } + filterListPointer = filterListPointer->next; + } + + switch(nipper->deviceType) + { + // Switch / Router / IOS + case type_ios_switch: + case type_ios_router: + case type_ios_catalyst: + + // CEF... + if (nipper->ios->cef == unconfigured) + { + if (nipper->deviceModel == 0) + nipper->ios->cef = false; + else if ((strncmp(nipper->deviceModel, "71", 2) == 0) && (strlen(nipper->deviceModel) > 3)) + nipper->ios->cef = true; + else if ((strncmp(nipper->deviceModel, "72", 2) == 0) && (strlen(nipper->deviceModel) > 3)) + nipper->ios->cef = true; + else if ((strncmp(nipper->deviceModel, "75", 2) == 0) && (strlen(nipper->deviceModel) > 3)) + nipper->ios->cef = true; + else if ((strncmp(nipper->deviceModel, "65", 2) == 0) && (strlen(nipper->deviceModel) > 3)) + nipper->ios->cef = true; + else if ((strncmp(nipper->deviceModel, "120", 3) == 0) && (strlen(nipper->deviceModel) > 4)) + nipper->ios->cef = true; + else + nipper->ios->cef = false; + } + + // Time Zones... + if (nipper->timeZones == unconfigured) + nipper->timeZones = true; + + // Minimum Password Length + if (nipper->ios->passwordMinLength == -1) + { + if ((nipper->versionMajor == 12) && (nipper->versionMinor > 2)) + nipper->ios->passwordMinLength = 6; + } + + // BGP Passive + if (nipper->ios->bgp != 0) + { + bgpPointer = nipper->ios->bgp; + while (bgpPointer != 0) + { + interfacePointer = nipper->ios->interface; + while (interfacePointer != 0) + { + bgpInterPointer = bgpInterfaceConfig(interfacePointer, bgpPointer->autonomousNo); + passivePointer = bgpPointer->passive; + while (passivePointer != 0) + { + if (strcmp(passivePointer->interface, interfacePointer->name) == 0) + bgpInterPointer->passive = passivePointer->passive; + passivePointer = passivePointer->next; + } + interfacePointer = interfacePointer->next; + } + bgpPointer = bgpPointer->next; + } + bgpPointer = nipper->ios->bgp; + while (bgpPointer != 0) + { + interfacePointer = nipper->ios->interface; + while (interfacePointer != 0) + { + bgpInterPointer = bgpInterfaceConfig(interfacePointer, bgpPointer->autonomousNo); + if (bgpInterPointer->passive == unconfigured) + bgpInterPointer->passive = bgpPointer->defaultPassive; + interfacePointer = interfacePointer->next; + } + bgpPointer = bgpPointer->next; + } + } + + // EIGRP Passive + if (nipper->ios->eigrp != 0) + { + eigrpPointer = nipper->ios->eigrp; + while (eigrpPointer != 0) + { + interfacePointer = nipper->ios->interface; + while (interfacePointer != 0) + { + eigrpAutonPointer = eigrpInterfaceConfig(interfacePointer, eigrpPointer->process); + passivePointer = eigrpPointer->passive; + while (passivePointer != 0) + { + if (strcmp(passivePointer->interface, interfacePointer->name) == 0) + eigrpAutonPointer->passive = passivePointer->passive; + passivePointer = passivePointer->next; + } + interfacePointer = interfacePointer->next; + } + eigrpPointer = eigrpPointer->next; + } + eigrpPointer = nipper->ios->eigrp; + while (eigrpPointer != 0) + { + interfacePointer = nipper->ios->interface; + while (interfacePointer != 0) + { + eigrpAutonPointer = eigrpInterfaceConfig(interfacePointer, eigrpPointer->process); + if (eigrpAutonPointer->passive == unconfigured) + eigrpAutonPointer->passive = eigrpPointer->defaultPassive; + interfacePointer = interfacePointer->next; + } + eigrpPointer = eigrpPointer->next; + } + } + + // OSPF Passive + if (nipper->ios->ospf != 0) + { + ospfPointer = nipper->ios->ospf; + while (ospfPointer != 0) + { + interfacePointer = nipper->ios->interface; + while (interfacePointer != 0) + { + ospfInterPointer = ospfInterfaceConfig(interfacePointer, ospfPointer->processID); + passivePointer = ospfPointer->passive; + while (passivePointer != 0) + { + if (strcmp(passivePointer->interface, interfacePointer->name) == 0) + ospfInterPointer->passive = passivePointer->passive; + passivePointer = passivePointer->next; + } + interfacePointer = interfacePointer->next; + } + ospfPointer = ospfPointer->next; + } + ospfPointer = nipper->ios->ospf; + while (ospfPointer != 0) + { + interfacePointer = nipper->ios->interface; + while (interfacePointer != 0) + { + ospfInterPointer = ospfInterfaceConfig(interfacePointer, ospfPointer->processID); + if (ospfInterPointer->passive == unconfigured) + ospfInterPointer->passive = ospfPointer->defaultPassive; + interfacePointer = interfacePointer->next; + } + ospfPointer = ospfPointer->next; + } + } + + // RIP Version and Passive + if (nipper->ios->rip != 0) + { + switch (nipper->ios->rip->version) + { + case rip_version1: + setting = rip_version1; // Send + setting2 = rip_version1; // Receive + break; + case rip_version2: + setting = rip_version2; // Send + setting2 = rip_version2; // Receive + break; + default: + setting = rip_version1; // Send + setting2 = rip_version1and2; // Receive + break; + } + interfacePointer = nipper->ios->interface; + while (interfacePointer != 0) + { + passivePointer = nipper->ios->rip->passive; + while (passivePointer != 0) + { + if (strcmp(passivePointer->interface, interfacePointer->name) == 0) + interfacePointer->ripPassive = passivePointer->passive; + passivePointer = passivePointer->next; + } + if (interfacePointer->ripSendVersion == rip_version_global) + interfacePointer->ripSendVersion = setting; + if (interfacePointer->ripReceiveVersion == rip_version_global) + interfacePointer->ripReceiveVersion = setting2; + interfacePointer = interfacePointer->next; + } + interfacePointer = nipper->ios->interface; + while (interfacePointer != 0) + { + if (interfacePointer->ripPassive == unconfigured) + interfacePointer->ripPassive = nipper->ios->rip->defaultPassive; + interfacePointer = interfacePointer->next; + } + } + + // Finger + if (nipper->ios->finger == unconfigured) + { + if (((nipper->versionMajor > 11) || ((nipper->versionMajor == 11) && (nipper->versionMinor > 2))) && ((nipper->versionMajor < 12) || ((nipper->versionMajor == 12) && (nipper->versionMinor < 1)))) + nipper->ios->finger = true; + else + nipper->ios->finger = false; + } + + // TCP Small Servers + if (nipper->ios->tcpSmallServers == unconfigured) + { + if ((nipper->versionMajor < 11) || ((nipper->versionMajor == 11) && (nipper->versionMinor < 3))) + nipper->ios->tcpSmallServers = true; + else + nipper->ios->tcpSmallServers = false; + } + + // UDP Small Servers + if (nipper->ios->udpSmallServers == unconfigured) + { + if ((nipper->versionMajor < 11) || ((nipper->versionMajor == 11) && (nipper->versionMinor < 3))) + nipper->ios->udpSmallServers = true; + else + nipper->ios->udpSmallServers = false; + } + + // Transport Input Lines Telnet... + if ((nipper->versionMajor < 11) || ((nipper->versionMajor == 11) && (nipper->versionMinor == 0))) + setting = true; + else + setting = false; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if (linePointer->telnet == unconfigured) + linePointer->telnet = setting; + linePointer = linePointer->next; + } + break; + + // Firewall / PIX + case type_pix_firewall: + case type_asa_firewall: + // SNMP + if (nipper->pix->snmp == 0) + { + nipper->pix->snmp = malloc(sizeof(struct snmpPIXConfig)); + memset(nipper->pix->snmp, 0, sizeof(struct snmpPIXConfig)); + nipper->pix->snmp->enabled = true; + nipper->pix->snmp->port = 161; + strcpy(nipper->pix->snmp->community, "public"); + modifyPIXTraps(nipper, "snmp", "authentication", true); + modifyPIXTraps(nipper, "snmp", "linkup", true); + modifyPIXTraps(nipper, "snmp", "linkdown", true); + modifyPIXTraps(nipper, "snmp", "coldstart", true); + nipper->pix->snmp->weak = true; + nipper->pix->snmp->dictionary = true; + nipper->simplePasswords++; + nipper->passwordStrengths++; + } + // SSH Version + if (nipper->pix->ssh != 0) + { + if ((nipper->pix->ssh->version == 0) && ((nipper->versionMajor < 7) || ((nipper->versionMajor == 7) && (nipper->versionMinor == 0) && (nipper->versionRevision == 0)))) + nipper->pix->ssh->version = 1; + } + case type_fwsm_firewall: + break; + + // Catalyst / NMP + case type_nmp_catalyst: + case type_cos_catalyst: + break; + + // Cisco CSS + case type_css_filter: + break; + + // ScreenOS + case type_sos_firewall: + // Set all unconfigured management services for the management and trust zones, and disabled on all others + interfaceSOSPointer = nipper->sos->interface; + while (interfaceSOSPointer != 0) + { + if ((strcasecmp(interfaceSOSPointer->zone, "MGT") == 0) || (strcasecmp(interfaceSOSPointer->zone, "Management") == 0) || (strcasecmp(interfaceSOSPointer->zone, "Trust") == 0)) + setting = true; + else + setting = false; + + if (interfaceSOSPointer->manageIdent == unconfigured) + interfaceSOSPointer->manageIdent = setting; + if (interfaceSOSPointer->manageMtrace == unconfigured) + interfaceSOSPointer->manageMtrace = setting; + if (interfaceSOSPointer->manageNsmgmt == unconfigured) + interfaceSOSPointer->manageNsmgmt = setting; + if (interfaceSOSPointer->managePing == unconfigured) + interfaceSOSPointer->managePing = setting; + if (interfaceSOSPointer->manageSnmp == unconfigured) + interfaceSOSPointer->manageSnmp = setting; + if (interfaceSOSPointer->manageSsh == unconfigured) + interfaceSOSPointer->manageSsh = setting; + if (interfaceSOSPointer->manageSsl == unconfigured) + interfaceSOSPointer->manageSsl = setting; + if (interfaceSOSPointer->manageTelnet == unconfigured) + interfaceSOSPointer->manageTelnet = setting; + if (interfaceSOSPointer->manageWeb == unconfigured) + interfaceSOSPointer->manageWeb = setting; + + interfaceSOSPointer = interfaceSOSPointer->next; + } + break; + + // Passport + case type_passport: + // Sort out hostname... + if (nipper->hostname[0] == 0) + strncpy(nipper->hostname, nipper->pas->boxType, sizeof(nipper->hostname) - 1); + break; + } +} diff --git a/0.11.10/common/.svn/text-base/nipper-defs.c.svn-base b/0.11.10/common/.svn/text-base/nipper-defs.c.svn-base new file mode 100644 index 0000000..826ab29 --- /dev/null +++ b/0.11.10/common/.svn/text-base/nipper-defs.c.svn-base @@ -0,0 +1,180 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains common definitions... + +// Defines... +#define false 0 +#define true 1 +#define unconfigured 2 + +#define LINE_SIZE 1024 + +#define output_text 0 +#define output_html 1 +#define output_latex 2 +// 3 is reserved! +#define output_xml 4 + +#define type_ios_router 0 // Cisco IOS Router +#define type_ios_switch 1 // Cisco IOS Switch +#define type_ios_catalyst 2 // Cisco IOS Catalyst +#define type_pix_firewall 3 // Cisco PIX Firewall +#define type_asa_firewall 4 // Cisco ASA Firewall +#define type_fwsm_firewall 5 // Cisco FWSM Firewall +#define type_sos_firewall 6 // Juniper ScreenOS Firewall +#define type_fw1_firewall 7 // Checkpoint Firewall-1 +#define type_nmp_catalyst 8 // Cisco NMP Catalyst +#define type_cos_catalyst 9 // Cisco CatOS Catalyst +#define type_css_filter 10 // Cisco Content Services Switch (CSS) +#define type_passport 11 // Nortel Passport +#define type_sonicwall 12 // SonicWall Firewall +#define type_nokiaip 13 // Nokia IP Firewall +#define type_bayaccelar 14 // Bay Networks Accelar + +// Object types... +#define object_type_network 0 +#define object_type_protocol 1 +#define object_type_icmp 2 +#define object_type_service 3 +#define object_type_group 4 +#define object_type_port 5 +#define object_type_host 6 +#define object_type_machinesrange 7 +#define object_type_dynamicnet 8 +#define object_type_gateway 9 +#define object_type_gateway_cluster 10 +#define object_type_cluster_member 11 +#define object_type_servicerange 12 +#define object_type_interface 13 +#define object_type_object 14 +#define object_type_any 15 +#define object_type_notset 100 +#define object_type_delete_me 101 + +// Object service operators... +#define service_oper_eq 0 +#define service_oper_neq 1 +#define service_oper_lt 2 +#define service_oper_gt 3 +#define service_oper_range 4 +#define service_oper_object 5 +#define service_oper_ignore 6 +#define service_oper_any 6 + +// Object service protocols... +#define service_protocol_none 0 +#define service_protocol_tcp 1 +#define service_protocol_udp 2 +#define service_protocol_both 3 +#define service_protocol_other 4 +#define service_protocol_unknown 5 +#define service_protocol_dcerpc 6 +#define service_protocol_rpc 7 +#define service_protocol_icmp 8 +#define service_protocol_tcpsub 9 +#define service_protocol_gtp0 10 +#define service_protocol_gtp1 11 + +// SNMP... +#define snmp1_2 0 +#define snmp1 1 +#define snmp2c 2 +#define snmp3_no_auth 3 +#define snmp3_auth 4 +#define snmp3_priv 5 + +// Authentication... +#define auth_none 0 +#define auth_clear 1 +#define auth_md5 2 + +// Encryption... +#define encrypt_type7 0 +#define encrypt_md5 1 +#define encrypt_des56 2 +#define encrypt_none 3 +#define encrypt_unknown 4 +#define encrypt_pix 5 +#define encrypt_mschap 6 +#define encrypt_ntenc 7 + +// Filters... +#define filter_action_drop 0 +#define filter_action_reject 1 +#define filter_action_accept 2 +#define filter_action_bypass 3 +#define filter_action_default 4 +#define filter_action_remark 100 + +// Filter Types... +#define filter_type_source 0 +#define filter_type_destination 1 +#define filter_type_global 2 + +// Permissions... +#define perm_permit 0 +#define perm_deny 1 + +// Device purpose... +#define use_all 0 +#define use_edge 1 +#define use_internal 2 + +// Nipper modes... +#define mode_help 0 +#define mode_version 1 +#define mode_process 2 + +// Help modes... +#define help_general 0 +#define help_device_types 10 +#define help_device_usage 11 +#define help_report_formats 20 +#define help_report_options 21 +#define help_report_appendix 22 +#define help_report_html 23 +#define help_report_latex 24 +#define help_audit_acl 30 +#define help_audit_password 31 +#define help_audit_misc 32 +#define help_snmp 33 +#define help_debug 40 +#define help_config_file 50 +#define help_error_params 100 +#define help_error_empty_file 101 +#define help_error_wrong_type 102 +#define help_error_opening_file 103 +#define help_error_john_file 104 +#define help_error_report_file 105 +#define help_error_read_timeout 106 +#define help_error_base64_decode 107 +#define help_error_snmp_failure 108 +#define help_error_snmp_root 109 diff --git a/0.11.10/common/.svn/text-base/nipper-help.c.svn-base b/0.11.10/common/.svn/text-base/nipper-help.c.svn-base new file mode 100644 index 0000000..8783df0 --- /dev/null +++ b/0.11.10/common/.svn/text-base/nipper-help.c.svn-base @@ -0,0 +1,433 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains all the code for the on-line help system... + + +void showHelp(int argc, char *argv[], struct nipperConfig *nipper) +{ + // Program banner... + printf("%s%s\n%s", COL_BLUE, program_banner, RESET); + + switch (nipper->helpMode) + { + // General Help... + case help_general: + printf("Nipper is a Network Infrastructure Configuration Parser. Nipper takes\n"); + printf("a network infrastructure device configuration, processes the file and\n"); + printf("details security-related issues with detailed recommendations. Nipper\n"); + printf("was previous known as CiscoParse.\n\n"); + printf("By default, input is retrieved from stdin and is output (in HTML format)\n"); + printf("to stdout.\n\n"); + + printf("%sCommand:%s\n", COL_BLUE, RESET); + printf(" %s%s [Options]%s\n\n", COL_GREEN, argv[0], RESET); + + printf("%sGeneral Options:%s\n", COL_BLUE, RESET); + printf(" %s--input=%s\n", COL_GREEN, RESET); + printf(" Specifies a device configuration file to process. For CheckPoint\n"); + printf(" Firewall-1 configurations, the input should be the conf directory.\n\n"); + printf(" %s--output= | --report=%s\n", COL_GREEN, RESET); + printf(" Specified an output file for the report.\n\n"); + printf(" %s--csv=%s\n", COL_GREEN, RESET); + printf(" Want to output the network filtering configuration to a CSV file?.\n\n"); + printf(" %s--version%s\n", COL_GREEN, RESET); + printf(" Displays the program version.\n\n"); + + printf("%sExample:%s\n", COL_BLUE, RESET); + printf(" The example below will process a Cisco IOS-based router\n"); + printf(" configuration file called ios.conf and output the report to a file\n"); + printf(" called report.html.\n\n"); + printf(" %s%s --ios-router --input=ios.conf --output=report.html%s\n\n", COL_GREEN, argv[0], RESET); + break; + + // Device Types... + case help_device_types: + printf("Nipper supports a number of different types of network device. This\n"); + printf("version contains support for the following devices:\n\n"); + printf(" CMD Option Device Type\n"); + printf(" =================================================\n"); + printf(" --ios-switch Cisco IOS-based Switch\n"); + printf(" --ios-router Cisco IOS-based Router (default)\n"); + printf(" --ios-catalyst Cisco IOS-based Catalyst\n"); + printf(" --pix Cisco PIX-based Firewall\n"); + printf(" --asa Cisco ASA-based Firewall\n"); + printf(" --fwsm Cisco FWSM-based Router\n"); + printf(" --catos Cisco CatOS-based Catalyst\n"); + printf(" --nmp Cisco NMP-based Catalyst\n"); + printf(" --css Cisco Content Services Switch\n"); + printf(" --screenos Juniper NetScreen Firewall\n"); + printf(" --passport Nortel Passport Device\n"); + printf(" --sonicos SonicWall SonicOS Firewall\n"); + printf(" --fw1 CheckPoint Firewall-1 Firewall\n"); + printf(" --nokiaip Nokia IP Firewall\n"); + printf(" --accelar Bay Networks Accelar\n\n"); + printf("Please note that the level of support for each type of device varies.\n\n"); + break; + + // Device Usage... + case help_device_usage: + printf("Nipper performs various checks to ensure that the device type that\n"); + printf("has been specified matches the configuration file. Additionally, the\n"); + printf("security issues reported by Nipper can depend on what the device is\n"); + printf("used for.\n\n"); + printf("%sAdvanced Device Options:%s\n\n", COL_BLUE, RESET); + printf(" %s--force%s\n", COL_GREEN, RESET); + printf(" Force Nipper to bypass any configuration type checks.\n\n"); + printf(" %s--location=%s\n", COL_GREEN, RESET); + printf(" Where is the device located.\n\n"); + printf(" %s--model=%s\n", COL_GREEN, RESET); + printf(" Specify a device model, such as 7200VXR for a Cisco 7200VXR.\n\n"); + break; + + // Report Formats... + case help_report_formats: + printf("Nipper supports a number of different report formats. They are:\n\n"); + printf(" CMD Option Report Format\n"); + printf(" =============================\n"); + printf(" --html HTML (default)\n"); + printf(" --latex Latex\n"); + printf(" --text Text\n"); + printf(" --xml XML\n\n"); + break; + + // Advanced Report Options... + case help_report_options: + printf("These reporting options apply to all report output.\n\n"); + printf(" %s--company-name=%s\n", COL_GREEN, RESET); + printf(" Replace the 'nipper recommends...' in the report output to something\n"); + printf(" else. So for the Acme company, it would read, 'Acme recommends...'.\n\n"); + printf(" %s--device-name=%s\n", COL_GREEN, RESET); + printf(" If a device configuration file does not contain a device name, it\n"); + printf(" can be specified using this option.\n\n"); + printf(" %s--no-names%s\n", COL_GREEN, RESET); + printf(" Convert host and network names to IP addresses where possible.\n\n"); + printf(" %s--rule-comments%s\n", COL_GREEN, RESET); + printf(" Shows CheckPoint rule comments in the rules output.\n\n"); + printf(" %s--expand-acl%s\n", COL_GREEN, RESET); + printf(" Expand an Access Control Lists / Filtering object definitions. This\n"); + printf(" option will show the reality of a filtering policy.\n\n"); + break; + + // Report Options to include report sections... + case help_report_appendix: + printf("The following report options determine which sections are included in\n"); + printf("the report output. The default is to include all sections.\n\n"); + printf(" %s--no-config%s\n", COL_GREEN, RESET); + printf(" This option disables the configuration report section.\n\n"); + printf(" %s--no-audit%s\n", COL_GREEN, RESET); + printf(" This option disables the security audit of the device configuration.\n\n"); + printf(" %s--no-appendix%s\n", COL_GREEN, RESET); + printf(" Disables the output of the entire report appendix section. By\n"); + printf(" default an appendix section is generated and added to the report.\n\n"); + printf(" %s--no-abbreviations%s\n", COL_GREEN, RESET); + printf(" Disables the output of an abbreviations section in the appendix.\n\n"); + //printf(" %s--no-glossary%s\n", COL_GREEN, RESET); + //printf(" Disables the output of a glossary section in the appendix.\n\n"); + printf(" %s--no-logging%s\n", COL_GREEN, RESET); + printf(" Disables the output of the logging levels section in the appendix.\n\n"); + printf(" %s--no-timezones%s\n", COL_GREEN, RESET); + printf(" Disables the output of the time zones section in the appendix.\n\n"); + printf(" %s--no-ports%s\n", COL_GREEN, RESET); + printf(" Disables the output of a common ports section in the appendix.\n\n"); + printf(" %s--no-version%s\n", COL_GREEN, RESET); + printf(" Disables the output of the nipper version section in the appendix.\n\n"); + break; + + // Report HTML options... + case help_report_html: + printf("These report options apply only to the HTML report file format.\n\n"); + printf(" %s--stylesheet=%s\n", COL_GREEN, RESET); + printf(" Supply an external Cascading Style Sheet (CSS) for use with the HTML\n"); + printf(" -based reports. If this option is not supplied a default CSS is\n"); + printf(" embeded. The supplied CSS file will be embeded within the report\n"); + printf(" output.\n\n"); + break; + + // Report Latex Options... + case help_report_latex: + printf("These report options apply only to the Latex report file format.\n\n"); + printf(" %s--paper=%s\n", COL_GREEN, RESET); + printf(" This option can be used to configure the Latex document paper size.\n"); + printf(" The default paper size is '%s'. Refer to the Latex\n", nipper->paperSize); + printf(" documentation for other settings.\n\n"); + printf(" %s--documentclass=%s\n", COL_GREEN, RESET); + printf(" This option can be used to configure the Latex document class. The\n"); + printf(" default document class is '%s'. Refer to the Latex\n", nipper->documentClass); + printf(" documentation for other settings.\n\n"); + break; + + // Security Auditing ACL options... + case help_audit_acl: + printf("These options only apply to the security auditing of the network\n"); + printf("filtering. Checks for logging on all rules and for any source service\n"); + printf("are disabled by default, all other rules are enabled by default.\n\n"); + printf(" %s--deny-log | --no-deny-log%s\n", COL_GREEN, RESET); + printf(" Enable/Disable checks to ensure that the rule lists end with a deny\n"); + printf(" all and log.\n\n"); + printf(" %s--any-source | --no-any-source%s\n", COL_GREEN, RESET); + printf(" Enable/Disable rule checks for any source.\n\n"); + printf(" %s--network-source | --no-network-source%s\n", COL_GREEN, RESET); + printf(" Enable/Disable rule checks for network sources.\n\n"); + printf(" %s--source-service | --no-source-service%s\n", COL_GREEN, RESET); + printf(" Enable/Disable checks for any sources services.\n\n"); + printf(" %s--any-destination | --no-any-destination%s\n", COL_GREEN, RESET); + printf(" Enable/Disable rule checks for any destination.\n\n"); + printf(" %s--network-destination | --no-network-destination%s\n", COL_GREEN, RESET); + printf(" Enable/Disable rule checks for network destionations.\n\n"); + printf(" %s--destination-service | --no-destination-service%s\n", COL_GREEN, RESET); + printf(" Enable/Disable rule checks for any destination service.\n\n"); + printf(" %s--log-rules | --no-log-rules%s\n", COL_GREEN, RESET); + printf(" Enable/Disable checks for logging on all rules.\n\n"); + printf(" %s--disabled-rules | --no-disabled-rules%s\n", COL_GREEN, RESET); + printf(" Enable/Disable checks for disabled rules.\n\n"); + printf(" %s--reject-rules | --no-reject-rules%s\n", COL_GREEN, RESET); + printf(" Enable/Disable checks for reject rules.\n\n"); + printf(" %s--bypass-rules | --no-bypass-rules%s\n", COL_GREEN, RESET); + printf(" Enable/Disable checks for bypass rules.\n\n"); + printf(" %s--default-rules | --no-default-rules%s\n", COL_GREEN, RESET); + printf(" Enable/Disable checks for default rules.\n\n"); + printf(" %s--log-deny-rules | --no-log-deny-rules%s\n", COL_GREEN, RESET); + printf(" Enable/Disable checks for deny and log rules.\n\n"); + break; + + // Security Auditing Password Options... + case help_audit_password: + printf("These options apply to the password security auditing. In addition to\n"); + printf("user passwords, other authentication strings are audited such as shared\n"); + printf("keys and SNMP community strings.\n\n"); + printf(" %s--no-passwords%s\n", COL_GREEN, RESET); + printf(" Removes passwords from the output. However, passwords are always\n"); + printf(" checked against defaults and for password strength.\n\n"); + printf(" %s--john=%s\n", COL_GREEN, RESET); + printf(" Output the Cisco type 5 passwords in a file that can then be run\n"); + printf(" through john-the-ripper.\n\n"); + printf(" %s--dictionary=%s\n", COL_GREEN, RESET); + printf(" Use a dictionary file to check the passwords and keys are not\n"); + printf(" dictionary-based words. If this option is not specified a small\n"); + printf(" number of built-in passwords are used instead. This option is\n"); + printf(" not used to break MD5 passwords, only compare passwords already\n"); + printf(" known.\n\n"); + printf(" %s--pass-length=%s\n", COL_GREEN, RESET); + printf(" Password strength checks will check that retrieved passwords have\n"); + printf(" a minimum length as specified. The default is %d characters.\n\n", nipper->passwordLength); + printf(" %s--pass-uppers=%s\n", COL_GREEN, RESET); + printf(" Password strength checks will check that retrieved passwords must\n"); + printf(" include uppercase characters. The default is "); + if (nipper->passwordUppers == false) + printf("no.\n\n"); + else + printf("yes.\n\n"); + printf(" %s--pass-lowers=%s\n", COL_GREEN, RESET); + printf(" Password strength checks will check that retrieved passwords must\n"); + printf(" include lowercase characters. The default is "); + if (nipper->passwordLowers == false) + printf("no.\n\n"); + else + printf("yes.\n\n"); + printf(" %s--pass-either=%s\n", COL_GREEN, RESET); + printf(" Password strength checks will check that retrieved passwords must\n"); + printf(" include upper or lowercase characters. The default is "); + if (nipper->passwordEither == false) + printf("no.\n\n"); + else + printf("yes.\n\n"); + printf(" %s--pass-numbers=%s\n", COL_GREEN, RESET); + printf(" Password strength checks will check that retrieved passwords must\n"); + printf(" include numbers. The default is "); + if (nipper->passwordNumbers == false) + printf("no.\n\n"); + else + printf("yes.\n\n"); + printf(" %s--pass-specials=%s\n", COL_GREEN, RESET); + printf(" Password strength checks will check that retrieved passwords must\n"); + printf(" include special characters. The default is "); + if (nipper->passwordSpecials == false) + printf("no.\n\n"); + else + printf("yes.\n\n"); + break; + + // Other Security Auditing Options... + case help_audit_misc: + printf("These options apply to the security auditing.\n\n"); + printf(" %s--timeout=%s\n", COL_GREEN, RESET); + printf(" Specify the number of seconds that connection timeouts should be\n"); + printf(" less than or equal to. If timeouts are less than this, a security\n"); + printf(" will be generated in the report. The default is %d minutes.\n\n", (nipper->connectionTimeout / 60)); + break; + +#if !defined(__WIN32__) + // Other SNMP Options... + case help_snmp: + printf("These options apply to remote SNMP configuration retrival from Cisco\n"); + printf("devices. Older Cisco devices make use of a slightly different method.\n"); + printf("The old method works with IOS devices up to version 12.x. Newer methods\n"); + printf("are supported with IOS version 12.0 (some with 11.2P). This requires a\n"); + printf("local TFTP server and the snmpget command.\n\n"); + printf(" %s--cisco-ip=%s\n", COL_GREEN, RESET); + printf(" Specify the IP address of the Cisco Device to retrieve the config\n"); + printf(" from.\n\n"); + printf(" %s--local-ip=%s\n", COL_GREEN, RESET); + printf(" The IP address of the host making the request. This is essential for\n"); + printf(" remote config retrival, else it will fail.\n\n"); + printf(" %s--cisco=%s\n", COL_GREEN, RESET); + printf(" There are two methods of retrieving the config remotely using SNMP.\n"); + printf(" The old method is supported on Cisco devices upto IOS 12.x, the\n"); + printf(" new method (default) is supported from IOS 12.0 (11.2P on some\n"); + printf(" devices).\n\n"); + printf(" %s--snmp=%s\n", COL_GREEN, RESET); + printf(" The snmp community to be used with the above. A default of 'private'\n"); + printf(" will be used if not specified.\n\n"); + printf(" %s--tftproot=%s\n", COL_GREEN, RESET); + printf(" The tftp root directory to be used for the Cisco config transfer. If\n"); + printf(" not specified a default of /tftproot/ will be used.\n\n"); + printf(" %s--cisco-file=%s\n", COL_GREEN, RESET); + printf(" Specifies a filename for the Cisco config file to be saved to. If\n"); + printf(" not specified, then the file will be left in the tftproot as a\n"); + printf(" random file name.\n\n"); + break; +#endif + + // The debug options (hidden)... + case help_debug: + printf("These are the Nipper debug options, useful for working out what has gone\n"); + printf("AWOL. These options can ouput a lot of information and disrupt the\n"); + printf("normal report output.\n\n"); + printf(" %s--debug%s\n", COL_GREEN, RESET); + printf(" Outputs additional information that most users would not find very\n"); + printf(" helpful, but is useful in understanding how the configuration is\n"); + printf(" interpreted. Using the debug option overrides all other output.\n\n"); + printf(" %s--debug-abbreviations%s\n", COL_GREEN, RESET); + printf(" Shows a list of all the abbreviations that were not processed. The\n"); + printf(" list is output to stdout and lists the number of hits each entry\n"); + printf(" has had. Not all of the items listed will be valid abbreviations.\n\n"); + printf(" %s--debug-lnp%s\n", COL_GREEN, RESET); + printf(" Output the configuration lines not processed (to screen only).\n\n"); + break; + + // External Configuration file... + case help_config_file: + printf("Nipper can be configured using an external configuration file. This file\n"); + printf("can be specified on the command line or Nipper will load configuration\n"); +#if !defined(__WIN32__) + printf("settings from '/etc/nipper.conf'.\n\n"); +#else + printf("settings from 'nipper.ini' in the current directory.\n\n"); +#endif + printf(" %s--config=%s\n", COL_GREEN, RESET); + printf(" Specifies a Nipper configuration file.\n\n"); + break; + + case help_error_params: + printf("%sERROR: Invalid command line options specified.%s\n\n", COL_RED, RESET); + break; + + case help_error_empty_file: + printf("%sERROR: The input was either an empty file or a directory.%s\n\n", COL_RED, RESET); + break; + + case help_error_wrong_type: + printf("%sERROR: Nipper has determined that you are attempting to process the\n", COL_RED); + printf("wrong type of configuration. Refer to the DEVICES section on the online\n"); + printf("help, or alternatively, use the --force option.%s\n\n", RESET); + break; + + case help_error_opening_file: + printf("%sERROR: Nipper could not open the configuration file for input.%s\n\n", COL_RED, RESET); + break; + + case help_error_snmp_failure: + printf("%sERROR: Could not get the Cisco configuration via SNMP.%s\n\n", COL_RED, RESET); + break; + + case help_error_snmp_root: + printf("%sERROR: You must be the root user to get the configuration via SNMP.%s\n\n", COL_RED, RESET); + break; + + case help_error_report_file: + printf("%sERROR: Nipper could not open the report file for output.%s\n\n", COL_RED, RESET); + break; + + case help_error_john_file: + printf("%sERROR: Nipper could not open the john-the-ripper file for output.%s\n\n", COL_RED, RESET); + break; + + case help_error_base64_decode: + printf("%sERROR: Failed to decode the base64 configuration file encoding.%s\n\n", COL_RED, RESET); + break; + + case help_error_read_timeout: + if (nipper->inputName == 0) + { + printf("%sERROR: Failed to read from stdin, please pipe a configuration in or\n", COL_RED); + printf("supply an input file using the --input= option.%s\n\n", RESET); + } + else + printf("%sERROR: A timeout occured whilst reading from the file.%s\n\n", COL_RED, RESET); + break; + } + + // Further Help... + printf("%sFor additional help:%s\n", COL_BLUE, RESET); + printf(" %s--help[=]%s\n", COL_GREEN, RESET); + printf(" Show the online help or show the additional help on the topic\n"); + printf(" specified. The help topics are; GENERAL, DEVICES, DEVICES-ADV,\n"); +#if !defined(__WIN32__) + printf(" SNMP, REPORT, REPORT-ADV, REPORT-SECT, REPORT-HTML, REPORT-LATEX,\n"); +#else + printf(" REPORT, REPORT-ADV, REPORT-SECT, REPORT-HTML, REPORT-LATEX,\n"); +#endif + printf(" AUDIT-ACL, AUDIT-PASS, AUDIT-ADV or CONFIG-FILE.\n"); +} + + +void stdinTimeout() +{ + // Program banner... + printf("%s%s\n%s", COL_BLUE, program_banner, RESET); + + printf("%sERROR: Failed to read from stdin, please pipe a configuration in or\n", COL_RED); + printf("supply an input file using the --input= option.%s\n\n", RESET); + + // Further Help... + printf("%sFor additional help:%s\n", COL_BLUE, RESET); + printf(" %s--help[=]%s\n", COL_GREEN, RESET); + printf(" Show the online help or show the additional help on the topic\n"); + printf(" specified. The help topics are; GENERAL, DEVICES, DEVICES-ADV,\n"); +#if !defined(__WIN32__) + printf(" SNMP, REPORT, REPORT-ADV, REPORT-SECT, REPORT-HTML, REPORT-LATEX,\n"); +#else + printf(" REPORT, REPORT-ADV, REPORT-SECT, REPORT-HTML, REPORT-LATEX,\n"); +#endif + printf(" AUDIT-ACL, AUDIT-PASS, AUDIT-ADV or CONFIG-FILE.\n"); + exit(0); +} + diff --git a/0.11.10/common/.svn/text-base/nipper-input.c.svn-base b/0.11.10/common/.svn/text-base/nipper-input.c.svn-base new file mode 100644 index 0000000..e42c8d1 --- /dev/null +++ b/0.11.10/common/.svn/text-base/nipper-input.c.svn-base @@ -0,0 +1,449 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains all the code to get input from file/directory/snmp/stdin... + + +// Process a file... +int processFile(struct nipperConfig *nipper, void (processLine)(struct nipperConfig *nipper, char *line)) +{ + // Variables... + struct stat *fileStats = 0; + char line[LINE_SIZE + 1]; + + // Check the file has some contents... + fileStats = malloc(sizeof(struct stat)); + memset(fileStats, 0, sizeof(struct stat)); + stat(nipper->inputName, fileStats); + if (fileStats->st_size == 0) + { + free(fileStats); + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_empty_file; + return false; + } + free(fileStats); + + nipper->input = fopen(nipper->inputName, "r"); + if (nipper->input == NULL) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_opening_file; + return false; + } + setvbuf(nipper->input, 0, _IONBF, 0); + + if (nipper->debugMode == true) + { + printf("\n%sConfig Lines Examined\n=====================%s\n", COL_BLUE, RESET); + } + + // Read in input and process... + while (feof(nipper->input) == 0) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Process the line... + processLine(nipper, line); + } + + // Close input file... + fclose(nipper->input); + + return true; +} + + +// Process the input... +int processInput(struct nipperConfig *nipper) +{ + // Variables... + struct policyCollection *policyCollectionPointer = 0; + struct stat *fileStats = 0; + const char *dirname = 0; + char *buffer = 0; + char fullname[512]; + FILE *tempFile = 0; + char temporaryFileName[64] = ""; + int returnValue = 0; +#if !defined(__WIN32__) + const char slashChar = '/'; +#else + const char slashChar = '\\'; +#endif + int addSlash = false; + + switch (nipper->deviceType) + { + // IOS devices + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + // Create IOS Structure... + nipper->ios = malloc(sizeof(struct ciscoIOSConfig)); + + // Init... + memset(nipper->ios, 0, sizeof(struct ciscoIOSConfig)); + nipper->ios->sourceRouting = true; + nipper->ios->tcpSmallServers = unconfigured; + nipper->ios->udpSmallServers = unconfigured; + nipper->ios->finger = unconfigured; + nipper->ios->cdp = true; + nipper->ios->cef = unconfigured; + nipper->ios->servicePasswordEncryption = false; + nipper->ios->bootp = true; + nipper->ios->bootNetwork = false; + nipper->ios->serviceConfig = false; + nipper->ios->pad = true; + nipper->ios->domainLookup = true; + nipper->ios->classlessRouting = true; + nipper->ios->keepAlivesIn = false; + nipper->ios->keepAlivesOut = false; + nipper->ios->gratuitousArps = false; + nipper->ios->calendarValid = false; + nipper->ios->passwordMinLength = -1; + nipper->ios->vtpMode = vtp_mode_server; + strcpy(nipper->ios->timeZone, "UTC"); + + // Process... + return processFile(nipper, processIOSInput); + break; + + + // NMP devices + case type_nmp_catalyst: + case type_cos_catalyst: + // Create NMP/CatOS Structure... + nipper->nmp = malloc(sizeof(struct ciscoNMPConfig)); + + // Init... + memset(nipper->nmp, 0, sizeof(struct ciscoNMPConfig)); + nipper->nmp->cdp = true; + nipper->nmp->cdpInterval = 60; + nipper->nmp->cdpHoldtime = 180; + nipper->nmp->cdpVersion = 2; + nipper->nmp->timeout = 20; + nipper->nmp->portSecurityAuto = false; + + // Process... + return processFile(nipper, processNMPInput); + break; + + + // PIX devices + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + // Create PIX/ASA/FWSM Structure... + nipper->pix = malloc(sizeof(struct ciscoPIXConfig)); + + // Init... + memset(nipper->pix, 0, sizeof(struct ciscoPIXConfig)); + nipper->pix->transparent = false; + nipper->pix->floodguard = true; + nipper->pix->accessListAlertInterval = 300; + nipper->pix->accessListDenyFlowMax = 4096; + + // Process.. + return processFile(nipper, processPIXInput); + break; + + + // Cisco CSS devices + case type_css_filter: + // Create CSS Structure... + nipper->css = malloc(sizeof(struct ciscoCSSConfig)); + + // Init... + memset(nipper->css, 0, sizeof(struct ciscoCSSConfig)); + nipper->css->snmpAccess = true; + nipper->css->ftpAccess = true; + nipper->css->telnetAccess = true; + nipper->css->sshAccess = true; + nipper->css->consoleAccess = true; + nipper->css->webManagementAccess = false; + nipper->css->aclEnabled = false; + + // Process... + return processFile(nipper, processCSSInput); + break; + + + // ScreenOS devices + case type_sos_firewall: + // Create ScreenOS Structure... + nipper->sos = malloc(sizeof(struct screenOSConfig)); + + // Init... + memset(nipper->sos, 0, sizeof(struct screenOSConfig)); + nipper->sos->sshEnabled = false; + nipper->sos->sshKeyGenTime = 60; + nipper->sos->asymmetricVPN = false; + nipper->sos->accessAttempts = 3; + nipper->sos->mailAlert = false; + nipper->sos->adminFormat = adminfmt_default; + nipper->sos->httpRedirect = unconfigured; + nipper->sos->privilege = adminpriv_default; + strcpy(nipper->sos->adminIP, "0.0.0.0"); + strcpy(nipper->sos->adminNetMask, "0.0.0.0"); + strcpy(nipper->sos->name, "netscreen"); + strcpy(nipper->sos->password, ""); + nipper->sos->nameMappings = false; + nipper->sos->nameGroupMappings = false; + nipper->sos->defaultFirewallMode = true; + nipper->sos->consoleOnly = false; + + // Process... + return processFile(nipper, processSOSInput); + break; + + + // Nortel Passport Devices + case type_bayaccelar: + case type_passport: + // Create Nortel Passport Structure... + nipper->pas = malloc(sizeof(struct passportConfig)); + + // Init... + memset(nipper->pas, 0, sizeof(struct passportConfig)); + + // Process... + return processFile(nipper, processPASInput); + break; + + + // CheckPoint Firewall-1 Devices + case type_nokiaip: + case type_fw1_firewall: + // Create Structure... + nipper->fw1 = malloc(sizeof(struct firewall1Config)); + fileStats = malloc(sizeof(struct stat)); + + // Init... + memset(nipper->fw1, 0, sizeof(struct firewall1Config)); + memset(fileStats, 0, sizeof(struct stat)); + + if (nipper->showACLComments == true) + settings_policycol_heading8.next = &settings_policycol_heading9; + + // Check that the Config directory is a directory... + stat(nipper->inputName, fileStats); + + // Process as a single file... + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + free(fileStats); + return processFile(nipper, processFW1Input); + } + + // Process as a directory... + else + { + free(fileStats); + + // Set Directory name... + dirname = nipper->inputName; + + // Slash Char? +#if !defined(__WIN32__) + if (dirname[strlen(dirname) - 1] == '/') +#else + if (dirname[strlen(dirname) - 1] == '\\') +#endif + addSlash = false; + else + addSlash = true; + + // ------------------------ + // Process Objects Files... + + // Process objects_5_0.C + memset(fullname, 0, sizeof(fullname)); + if (addSlash == false) + sprintf(fullname, "%sobjects_5_0.C", dirname); + else + sprintf(fullname, "%s%cobjects_5_0.C", dirname, slashChar); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1Input); + + if (returnValue == false) + { + // Process objects.C_41 + memset(fullname, 0, sizeof(fullname)); + if (addSlash == false) + sprintf(fullname, "%sobjects.C_41", dirname); + else + sprintf(fullname, "%s%cobjects.C_41", dirname, slashChar); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1Input); + + // Process objects.C + if (returnValue == false) + { + memset(fullname, 0, sizeof(fullname)); + if (addSlash == false) + sprintf(fullname, "%sobjects.C", dirname); + else + sprintf(fullname, "%s%cobjects.C", dirname, slashChar); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1Input); + if (returnValue == false) + { + if (addSlash == false) + sprintf(fullname, "%sobjects.c", dirname); + else + sprintf(fullname, "%s%cobjects.c", dirname, slashChar); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1Input); + } + } + } + + // --------------------- + // Process Rule Files... + + // Process the Rules files... + policyCollectionPointer = nipper->fw1->policies; + while (policyCollectionPointer != 0) + { + memset(fullname, 0, sizeof(fullname)); + if (addSlash == false) + sprintf(fullname, "%s%s.W", dirname, policyCollectionPointer->name); + else + sprintf(fullname, "%s%c%s.W", dirname, slashChar, policyCollectionPointer->name); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1RuleInput); + policyCollectionPointer = policyCollectionPointer->next; + } + + // Process rules.C file... + memset(fullname, 0, sizeof(fullname)); + if (addSlash == false) + sprintf(fullname, "%srules.C", dirname); + else + sprintf(fullname, "%s%crules.C", dirname, slashChar); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1RulesInput); + if (returnValue == false) + { + if (addSlash == false) + sprintf(fullname, "%srules.c", dirname); + else + sprintf(fullname, "%s%crules.c", dirname, slashChar); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1RulesInput); + } + + // Process the Rulebase files (for comments mostly)... + memset(fullname, 0, sizeof(fullname)); + if (addSlash == false) + sprintf(fullname, "%srulebases_5_0.fws", dirname); + else + sprintf(fullname, "%s%crulebases_5_0.fws", dirname, slashChar); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1RuleInput); + + if (returnValue == false) + { + // Oh well, try this one then... + memset(fullname, 0, sizeof(fullname)); + if (addSlash == false) + sprintf(fullname, "%srulebases.fws", dirname); + else + sprintf(fullname, "%s%crulebases.fws", dirname, slashChar); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1Input); + } + + return true; + } + break; + + // Sonic Wall devices... + case type_sonicwall: + // SonicWall configs are base64 encoded. The file needs to be decoded first... + + // Check the file has some contents... + fileStats = malloc(sizeof(struct stat)); + stat(nipper->inputName, fileStats); + if (fileStats->st_size == 0) + { + free(fileStats); + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_empty_file; + return false; + } + + // Set buffer to the size of the file... + buffer = malloc(fileStats->st_size + 1); + memset (buffer, 0, fileStats->st_size + 1); + tempFile = fopen(nipper->inputName, "r"); + fread(buffer, 1, fileStats->st_size, tempFile); + fclose(tempFile); + returnValue = base64DecodeChars(buffer); + if (returnValue == true) + { + sprintf(temporaryFileName, "%sdelete-me-%d", tmpDir, rand()); + tempFile = fopen(temporaryFileName, "w"); + fwrite(buffer, 1, strlen(buffer), tempFile); + fclose(tempFile); + nipper->inputName = temporaryFileName; + } + free(buffer); + free(fileStats); + + // If base64 decode failed... + if (returnValue == false) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_base64_decode; + return false; + } + + // Create Structure... + nipper->sonicos = malloc(sizeof(struct sonicosConfig)); + + // Init... + memset(nipper->sonicos, 0, sizeof(struct sonicosConfig)); + nipper->sonicos->enhanced = false; + + // Process... + returnValue = processFile(nipper, processSonicOSInput); + + // Cleanup + unlink(temporaryFileName); + break; + } + + return false; +} + diff --git a/0.11.10/common/.svn/text-base/nipper-namemappings.c.svn-base b/0.11.10/common/.svn/text-base/nipper-namemappings.c.svn-base new file mode 100644 index 0000000..b783080 --- /dev/null +++ b/0.11.10/common/.svn/text-base/nipper-namemappings.c.svn-base @@ -0,0 +1,218 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void processNameMappings(struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + struct filterObjectConfig *filterObjectPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + + // Convert filters names to ip addresses + if ((nipper->filterList != 0) && (nipper->objectList != 0)) + { + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + // Source... + filterObjectPointer = filterPointer->source; + while (filterObjectPointer != 0) + { + objectListPointer = nipper->objectList; + if ((nipper->deviceType == type_sos_firewall) && (objectListPointer != 0)) + { + while ((strcasecmp(filterListPointer->fromZone, objectListPointer->name) != 0) && (objectListPointer->next != 0)) + objectListPointer = objectListPointer->next; + if (strcasecmp(filterListPointer->fromZone, objectListPointer->name) != 0) + objectListPointer = 0; + } + while (objectListPointer != 0) + { + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (strcasecmp(objectPointer->name, filterObjectPointer->name) == 0) + { + if (objectPointer->type == object_type_network) + { + sprintf(tempString, "%s %s", objectPointer->address, objectPointer->netMask); + strncpy(filterObjectPointer->name, tempString, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(tempString)] = 0; + } + else if (objectPointer->type == object_type_machinesrange) + { + sprintf(tempString, "%s - %s", objectPointer->address, objectPointer->netMask); + strncpy(filterObjectPointer->name, tempString, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(tempString)] = 0; + } + else if ((objectPointer->type != object_type_group) && (objectPointer->type != object_type_gateway_cluster)) + { + strncpy(filterObjectPointer->name, objectPointer->address, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(objectPointer->address)] = 0; + } + } + objectPointer = objectPointer->next; + } + objectListPointer = objectListPointer->next; + } + filterObjectPointer = filterObjectPointer->next; + } + + // Destination... + filterObjectPointer = filterPointer->destination; + while (filterObjectPointer != 0) + { + objectListPointer = nipper->objectList; + if ((nipper->deviceType == type_sos_firewall) && (objectListPointer != 0)) + { + while ((strcasecmp(filterListPointer->toZone, objectListPointer->name) != 0) && (objectListPointer->next != 0)) + objectListPointer = objectListPointer->next; + if (strcasecmp(filterListPointer->toZone, objectListPointer->name) != 0) + objectListPointer = 0; + } + while (objectListPointer != 0) + { + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (strcasecmp(objectPointer->name, filterObjectPointer->name) == 0) + { + if (objectPointer->type == object_type_network) + { + sprintf(tempString, "%s %s", objectPointer->address, objectPointer->netMask); + strncpy(filterObjectPointer->name, tempString, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(tempString)] = 0; + } + else if (objectPointer->type == object_type_machinesrange) + { + sprintf(tempString, "%s - %s", objectPointer->address, objectPointer->netMask); + strncpy(filterObjectPointer->name, tempString, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(tempString)] = 0; + } + else if ((objectPointer->type != object_type_group) && (objectPointer->type != object_type_gateway_cluster)) + { + strncpy(filterObjectPointer->name, objectPointer->address, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(objectPointer->address)] = 0; + } + } + objectPointer = objectPointer->next; + } + objectListPointer = objectListPointer->next; + } + filterObjectPointer = filterObjectPointer->next; + } + + // Through... + filterObjectPointer = filterPointer->through; + while (filterObjectPointer != 0) + { + objectListPointer = nipper->objectList; + while (objectListPointer != 0) + { + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (strcasecmp(objectPointer->name, filterObjectPointer->name) == 0) + { + if (objectPointer->type == object_type_network) + { + sprintf(tempString, "%s %s", objectPointer->address, objectPointer->netMask); + strncpy(filterObjectPointer->name, tempString, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(tempString)] = 0; + } + else if (objectPointer->type == object_type_machinesrange) + { + sprintf(tempString, "%s - %s", objectPointer->address, objectPointer->netMask); + strncpy(filterObjectPointer->name, tempString, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(tempString)] = 0; + } + else if ((objectPointer->type != object_type_group) && (objectPointer->type != object_type_gateway_cluster)) + { + strncpy(filterObjectPointer->name, objectPointer->address, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(objectPointer->address)] = 0; + } + } + objectPointer = objectPointer->next; + } + objectListPointer = objectListPointer->next; + } + filterObjectPointer = filterObjectPointer->next; + } + + // Installed on... + filterObjectPointer = filterPointer->install; + while (filterObjectPointer != 0) + { + objectListPointer = nipper->objectList; + while (objectListPointer != 0) + { + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (strcasecmp(objectPointer->name, filterObjectPointer->name) == 0) + { + if (objectPointer->type == object_type_network) + { + sprintf(tempString, "%s %s", objectPointer->address, objectPointer->netMask); + strncpy(filterObjectPointer->name, tempString, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(tempString)] = 0; + } + else if (objectPointer->type == object_type_machinesrange) + { + sprintf(tempString, "%s - %s", objectPointer->address, objectPointer->netMask); + strncpy(filterObjectPointer->name, tempString, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(tempString)] = 0; + } + else if ((objectPointer->type != object_type_group) && (objectPointer->type != object_type_gateway_cluster)) + { + strncpy(filterObjectPointer->name, objectPointer->address, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(objectPointer->address)] = 0; + } + } + objectPointer = objectPointer->next; + } + objectListPointer = objectListPointer->next; + } + filterObjectPointer = filterObjectPointer->next; + } + + filterPointer = filterPointer->next; + } + filterListPointer = filterListPointer->next; + } + } +} diff --git a/0.11.10/common/.svn/text-base/nipper-objects.c.svn-base b/0.11.10/common/.svn/text-base/nipper-objects.c.svn-base new file mode 100644 index 0000000..ede30b2 --- /dev/null +++ b/0.11.10/common/.svn/text-base/nipper-objects.c.svn-base @@ -0,0 +1,303 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains all the code for objects... + + +struct objectListConfig +{ + char name[64]; + + struct objectConfig *object; + + // Next list... + struct objectListConfig *next; +}; + + +struct objectConfig +{ + char name[64]; + char address[64]; + char netMask[16]; + int type; // object_type_network... + char comment[128]; // Used by ScreenOS and is Description with PIX + + // Cisco PIX (also used by SonicOS and FW1)... + int serviceType; // object_service_tcp... + + // Used by FW1... + int firewall; // Is the object a firewall? (FW1) + int internal; // Is the object internal? (FW1) + int management; // Is management firewall? + char cpVersion[8]; // CheckPoint Version + int cpVersionMajor; // Major + int cpVersionMinor; // Minor + struct objectMember *members; // Group members + struct hostInterfaces *interfaces; // Interfaces + + struct objectConfig *next; +}; + + +struct objectMember +{ + int number; // Used for cluster members + char name[64]; + char netMask[16]; + int type; + int serviceOp; + struct objectMember *next; +}; + + +// Interface config used by Firewall-1 +struct hostInterfaces +{ + int interface; // Interface No. + int dynamicIP; + char name[16]; // Interface name + char address[16]; + char netMask[16]; + struct hostInterfaces *next; +}; + + +// Get pointer to object list (or create a new one)... +struct objectListConfig *getObjectListPointer(struct nipperConfig *nipper, char *name) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + int init = false; + + // If first object list... + if (nipper->objectList == 0) + { + nipper->objectList = malloc(sizeof(struct objectListConfig)); + objectListPointer = nipper->objectList; + init = true; + } + else + { + objectListPointer = nipper->objectList; + while ((objectListPointer->next != 0) && (strcmp(objectListPointer->name, name) != 0)) + objectListPointer = objectListPointer->next; + if (strcmp(objectListPointer->name, name) != 0) + { + objectListPointer->next = malloc(sizeof(struct objectListConfig)); + objectListPointer = objectListPointer->next; + init = true; + } + } + + // Init... + if (init == true) + { + memset(objectListPointer, 0, sizeof(struct objectListConfig)); + strncpy(objectListPointer->name, name, sizeof(objectListPointer->name) - 1); + } + + return objectListPointer; +} + + +// Get pointer to object (or create a new one)... +struct objectConfig *getObjectPointer(struct objectListConfig *objectListPointer, char *name) +{ + // Variables... + struct objectConfig *objectPointer = 0; + int init = false; + + // If first object + if (objectListPointer->object == 0) + { + objectListPointer->object = malloc(sizeof(struct objectConfig)); + objectPointer = objectListPointer->object; + init = true; + } + else + { + objectPointer = objectListPointer->object; + while ((objectPointer->next != 0) && (strcmp(objectPointer->name, name) != 0)) + objectPointer = objectPointer->next; + if (strcmp(objectPointer->name, name) != 0) + { + objectPointer->next = malloc(sizeof(struct objectConfig)); + objectPointer = objectPointer->next; + init = true; + } + } + + // Init... + if (init == true) + { + memset(objectPointer, 0, sizeof(struct objectConfig)); + strncpy(objectPointer->name, name, sizeof(objectPointer->name) - 1); + objectPointer->firewall = false; + objectPointer->internal = true; + objectPointer->management = false; + } + + return objectPointer; +} + + +// Get a pointer to an object member (or add one)... +struct objectMember *getObjectMember(struct objectConfig *objectPointer, char *member) +{ + // Variables... + struct objectMember *memberPointer = 0; + int init = false; + + // If first... + if (objectPointer->members == 0) + { + objectPointer->members = malloc(sizeof(struct objectMember)); + memberPointer = objectPointer->members; + init = true; + } + else + { + memberPointer = objectPointer->members; + while ((memberPointer->next != 0) && (strcmp(memberPointer->name, member) != 0)) + memberPointer = memberPointer->next; + if (strcmp(memberPointer->name, member) != 0) + { + memberPointer->next = malloc(sizeof(struct objectMember)); + memberPointer = memberPointer->next; + init = true; + } + } + + // Init? + if (init == true) + { + memset(memberPointer, 0, sizeof(struct objectMember)); + strncpy(memberPointer->name, member, sizeof(memberPointer->name) - 1); + memberPointer->type = object_type_notset; + } + + return memberPointer; +} + + +// Set netmask from CIDR... +void setMaskFromCIDR(char *netmask, int cidr) +{ + const char netmasks[][16] = { "0.0.0.0", "128.0.0.0", "192.0.0.0", "224.0.0.0", "240.0.0.0", + "248.0.0.0", "252.0.0.0", "254.0.0.0", "255.0.0.0", "255.128.0.0", + "255.192.0.0", "255.224.0.0", "255.240.0.0", "255.248.0.0", + "255.252.0.0", "255.254.0.0", "255.255.0.0", "255.255.128.0", + "255.255.192.0", "255.255.224.0", "255.255.240.0", "255.255.248.0", + "255.255.252.0", "255.255.254.0", "255.255.255.0", "255.255.255.128", + "255.255.255.192", "255.255.255.224", "255.255.255.240", + "255.255.255.248", "255.255.255.252", "255.255.255.254", + "255.255.255.255" }; + + strcpy(netmask, netmasks[cidr]); +} + + +// Output the ACL debug information... +void reportObjectsDebug(struct nipperConfig *nipper) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct hostInterfaces *fw1InterfacePointer = 0; + struct objectMember *memberPointer = 0; + + objectListPointer = nipper->objectList; + while (objectListPointer != 0) + { + printf("Object List: %s\n", objectListPointer->name); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + printf(" Object: %s\n", objectPointer->name); + printf(" Address: %s\n", objectPointer->address); + printf(" Netmask: %s\n", objectPointer->netMask); + printf(" Comment: %s\n", objectPointer->comment); + printf(" Type: %d\n", objectPointer->type); + printf(" Service Type: %d\n", objectPointer->serviceType); + printf(" Firewall: %d\n", objectPointer->firewall); + printf(" Internal: %d\n", objectPointer->internal); + printf(" Management: %d\n", objectPointer->management); + printf(" CP Version: %s\n", objectPointer->cpVersion); + printf(" CP Version Major: %d\n", objectPointer->cpVersionMajor); + printf(" CP Version Minor: %d\n", objectPointer->cpVersionMinor); + fw1InterfacePointer = objectPointer->interfaces; + while (fw1InterfacePointer != 0) + { + printf(" Interface: %d\n", fw1InterfacePointer->interface); + printf(" Name: %s\n", fw1InterfacePointer->name); + printf(" Dynamic IP: %d\n", fw1InterfacePointer->dynamicIP); + printf(" Address: %s\n", fw1InterfacePointer->address); + printf(" Net Mask: %s\n", fw1InterfacePointer->netMask); + fw1InterfacePointer = fw1InterfacePointer->next; + } + memberPointer = objectPointer->members; + while (memberPointer != 0) + { + printf(" Member: %s\n", memberPointer->name); + printf(" Number: %d\n", memberPointer->number); + printf(" Mask: %s\n", memberPointer->netMask); + printf(" Type: %d\n", memberPointer->type); + memberPointer = memberPointer->next; + } + objectPointer = objectPointer->next; + } + objectListPointer = objectListPointer->next; + } +} + + +// Report name mappings... +void nameMapConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + + objectListPointer = nipper->objectList; + while (strcmp(objectListPointer->name, "NAMELIST") != 0) + objectListPointer = objectListPointer->next; + + output_table(nipper, true, settings_namemap_table, &settings_namemap_heading); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s%s%s", nipper->tablerow_start, objectPointer->name, nipper->tablerow_mid, objectPointer->address, nipper->tablerow_end); + objectPointer = objectPointer->next; + } + output_table(nipper, false, settings_namemap_table, &settings_namemap_heading); +} + + diff --git a/0.11.10/common/.svn/text-base/nipper-remote-snmp.c.svn-base b/0.11.10/common/.svn/text-base/nipper-remote-snmp.c.svn-base new file mode 100644 index 0000000..27444fa --- /dev/null +++ b/0.11.10/common/.svn/text-base/nipper-remote-snmp.c.svn-base @@ -0,0 +1,131 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#if !defined(__WIN32__) +void getRemoteConfig(struct nipperConfig *nipper, char *tempFile, int tempFileSize, char *localSave) +{ + // Variables... + int tempInt = 0; + int tempInt2 = 0; + struct stat *fileStats = 0; + char tempCommand[nipper->maxSize]; + + // Get remote config? + if (getuid() == 0) + { + + // Create tftp file + tempInt = rand(); + if (nipper->remoteTftp[strlen(nipper->remoteTftp) -1] != '/') + nipper->remoteTftp[strlen(nipper->remoteTftp)] = '/'; + sprintf(tempCommand, "touch %s%d.config", nipper->remoteTftp, tempInt); + system(tempCommand); + + // Set tftp file writable + sprintf(tempCommand, "chmod 666 %s%d.config", nipper->remoteTftp, tempInt); + system(tempCommand); + + // Old method? + if (nipper->oldCisco == true) + { + // http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a008009463e.shtml + // Write to SNMP server + sprintf(tempCommand, "snmpset -c %s -v 1 %s 1.3.6.1.4.1.9.2.1.55.%s s \"%d.config\"", nipper->remoteSnmp, nipper->remoteIP, nipper->localIP, tempInt); + if (nipper->debugMode == true) + printf("SNMP Command: %s\n", tempCommand); + system(tempCommand); + } + + // new method#if !defined(__WIN32__) + else + { + // http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094aa6.shtml + // Write to SNMP server + tempInt2 = rand(); + sprintf(tempCommand, "snmpset -c %s -v 1 %s .1.3.6.1.4.1.9.9.96.1.1.1.1.2.%d i 1 .1.3.6.1.4.1.9.9.96.1.1.1.1.3.%d i 4 .1.3.6.1.4.1.9.9.96.1.1.1.1.4.%d i 1 .1.3.6.1.4.1.9.9.96.1.1.1.1.5.%d a \"%s\" .1.3.6.1.4.1.9.9.96.1.1.1.1.6.%d s \"%d.config\" .1.3.6.1.4.1.9.9.96.1.1.1.1.14.%d i 4", nipper->remoteSnmp, nipper->remoteIP, tempInt2, tempInt2, tempInt2, tempInt2, nipper->localIP, tempInt2, tempInt, tempInt2); + if (nipper->debugMode == true) + printf("SNMP Command: %s\n", tempCommand); + system(tempCommand); + } + + // Wait for a couple of secs (for file to arrive) + system("sleep 3"); + + // Check the file has content + fileStats = malloc(sizeof(struct stat)); + memset(tempCommand, 0, sizeof(tempCommand)); + sprintf(tempCommand, "%s%d.config", nipper->remoteTftp, tempInt); + stat(tempCommand, fileStats); + + // Cleanup SNMP if new... + if (nipper->oldCisco == false) + { + memset(tempCommand, 0, sizeof(tempCommand)); + sprintf(tempCommand, "snmpset -c %s -v 1 %s .1.3.6.1.4.1.9.9.96.1.1.1.1.14.%d i 6", nipper->remoteSnmp, nipper->remoteIP, tempInt2); + system(tempCommand); + } + + // Exit if file has nothing in it... + if (fileStats->st_size == 0) + { + free(fileStats); + unlink(tempCommand); + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_snmp_failure; + } + else + { + + // If file is to called something... + if (nipper->localSave != 0) + { + memset(tempCommand, 0, sizeof(tempCommand)); + sprintf(tempCommand, "mv %s%d.config %s", nipper->remoteTftp, tempInt, localSave); + system(tempCommand); + memset(tempCommand, 0, sizeof(tempCommand)); + sprintf(tempCommand, "%s", localSave); + nipper->inputName = tempCommand; + } + else + { + sprintf(tempCommand, "%s%d.config", nipper->remoteTftp, tempInt); + strncpy(tempFile, tempCommand, tempFileSize); + nipper->inputName = tempFile; + } + } + free(fileStats); + } + else + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_snmp_root; + } +} +#endif diff --git a/0.11.10/common/.svn/text-base/nipper-struct.c.svn-base b/0.11.10/common/.svn/text-base/nipper-struct.c.svn-base new file mode 100644 index 0000000..aa7f973 --- /dev/null +++ b/0.11.10/common/.svn/text-base/nipper-struct.c.svn-base @@ -0,0 +1,254 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +struct nipperConfig // Global Configuration +{ + // Program options... + int nipperMode; + int helpMode; // The help page to show, see codes above + int force; // Force configuration type (bypass type checking) + char companyName[128]; // Company name to output in a report + struct johnPassword *john; // The encrypted passwords to crack with john-the-ripper + + int sectionCount; + int subSectionCount; + + // Latex report output options + char paperSize[32]; + char documentClass[32]; + + // SNMP Options + char remoteIP[16]; // Retrival of Config remotely - IP + char localIP[16]; // Retrival of Config remotely - IP (local) + char remoteTftp[128]; // Retrival of Config remotely - TFTP root + char remoteSnmp[128]; // Retrival of Config remotely - SNMP community + int localSave; // Retrival of Config remotely - Config Save Name + int oldCisco; // Retrival of Config remotely - Old or new methods + + // Reporting + struct reportText *report; // Reporting config + + // Table Structure Pointers, used for report writing + const char *tablerow_start; + const char *tablerow_mid; + const char *tablerow_end; + const char *tablerow_itemsep; + + // Report Output Options + int outputFormat; // Output file format output_text... + int abs; // Abbreviation output + int loggingLevels; // Logging Levels output + int timeZones; // Time Zone output + int appendix; // Appendix output + int glossary; // Glossary output + int commonPorts; // Common Ports output + int fullReport; // Include Security Audit + int configReport; // Include configuration report + int expandACL; // Expand an ACL's object definitions. + int names; // Show hostnames instead of IP addresses (where possible) + int passwords; // Output passwords? + int nipperVersion; // Output nipper appendix version details + + // Debug Options + int debugMode; // Show debug output + int linesnotprocessed; // Print the lines that were not processed (true or false) + int debugAbbrev; // Output Abbreviations that were not found + + // File Handles / File Names + char *outputFile; // Argument that contains output file, if specified. + char *johnFile; // John the ripper file name + FILE *input; // Input file + char *inputName; // Input name from command line + FILE *reportFile; // Report file + char *dictionaryFilename; // The Dictionary Filename + char *dictionaryFile; // Dictionary file + FILE *dictFile; // The Dictionary File handle + char *cssFile; // HTML CSS file + char *cssFromConfig; // CSS filename from config file + int doCSV; // Do CSV? + char *csvFilename; // ACL output CSV filename + FILE *csvFile; + int showACLComments; + + // Default Password Settings + int passwordLength; + int passwordUppers; + int passwordLowers; + int passwordEither; + int passwordNumbers; + int passwordSpecials; + + // Connection settings + int connectionTimeout; // The Connection Timeout + + // Issue Counters... + int aclIssues; + int denyIssue; + int rejectIssue; + int simplePasswords; + int passwordStrengths; + int insecureTimeouts; + int vulnIssues; + int vulnIssueDos; + int vulnIssueRemote; + int ipDirectedIssues; + int switchportModeIssues; + int switchportIssues; + int proxyArpIssues; + int unreachIssues; + int maskReplyIssues; + int loggingIssue; + int enableIssues; + int vrrpIssues; + int ospfAuthMD5; + int ospfAuthNoneIssues; + int ospfAuthClearIssues; + int eigrpIssues; + int ripIssues; + int redirectsIssues; + int uRPFIssues; + int snmpIssue; + int sshIssue; + int sshManIssues; + + // Misc Variables... + int maxSize; // Maximum Variable Size + int tableNum; // Current Table Number for Report Writing + + // Device Details... + int deviceType; // type_screenos... + char *deviceModel; // Model series + char *deviceModelInt; // * Do not use * + int deviceUse; // use_edge, use_internal, use_all (default) + char hostname[128]; + char domainName[128]; + char friendlyHostname[148]; // Hostname processed for report output + char version[16]; // Version string + int versionMajor; + int versionMinor; + int versionRevision; + int versionRevisionMinor; + + // Device Specific Configuration + struct ciscoIOSConfig *ios; + struct ciscoPIXConfig *pix; + struct ciscoNMPConfig *nmp; + struct ciscoCSSConfig *css; + struct screenOSConfig *sos; + struct passportConfig *pas; + struct firewall1Config *fw1; + struct sonicosConfig *sonicos; + + // Common Device Specific Configuration + struct filterListConfig *filterList; + struct objectListConfig *objectList; + + // Filtering options + int denyLogIssue; // Check for deny all and log at the end of filtering rules + int anySourceIssue; // Any Source + int networkSourceIssue; // Network Source + int anySourceServiceIssue; // Any Source Service + int anyDestinationIssue; // Any Destination + int networkDestinationIssue; // Network Destination + int anyDestinationServiceIssue; // Any Destination Service + int allRulesLogIssue; // All Rules Log + int disabledRulesIssue; // Disabled Rules + int rejectRulesIssue; // Reject Rules + int logDenyRulesIssue; // Log Deny Rules + int bypassRulesIssue; // Bypass Rules + int defaultRulesIssue; // Default Rules + + // Filter Issue Counters + int anySource; + int networkSource; + int anySourceService; + int anyDestination; + int networkDestination; + int anyDestinationService; + int filtersWithNoLogging; + int denyAllAndLog; + int disabledRules; + int rejectRules; + int logDenyRules; + int bypassRules; + int defaultRules; +}; + + +struct host // Host +{ + char server[32]; + struct host *next; +}; + + +// Used to break each line up +struct ciscoCommand +{ + int parts; + char part[40][128]; +}; + + +// Encrypted passwords for john +struct johnPassword +{ + char username[128]; + char password[128]; + struct johnPassword *next; +}; + + +// Reporting +struct reportText +{ + int section; // Section + const char *sectionTitle; // Section Title + const char *shortConText; // Short Conculsions text + const char *shortRecText; // Short Recommendations text + // All scores are between 1 and 10 (0 is off or N/A) + int scoreOverall; // Overall Score + int scoreImpact; // Impact of issue + int scoreEase; // Ease of exploitation + int scoreRec; // How easy to fix + void (*writeSection)(struct nipperConfig *nipper); + struct reportText *next; +}; + + +// SNMP Traps +struct snmpTrap +{ + char trap[128]; + int enabled; + struct snmpTrap *next; +}; + diff --git a/0.11.10/common/.svn/text-base/report-acl.c.svn-base b/0.11.10/common/.svn/text-base/report-acl.c.svn-base new file mode 100644 index 0000000..20ed005 --- /dev/null +++ b/0.11.10/common/.svn/text-base/report-acl.c.svn-base @@ -0,0 +1,2363 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Output a remark into the filter table... +void reportFilterRemark(struct nipperConfig *nipper, struct filterListConfig *filterListPointer, struct filterConfig *filterPointer) +{ + switch (nipper->deviceType) + { + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if (filterListPointer->type == access_old) + table_row_span(nipper, &settings_accesspix_heading, filterPointer->remark); + else if (filterListPointer->type == access_std) + table_row_span(nipper, &settings_accessstdpix_heading, filterPointer->remark); + else if (filterListPointer->type == access_ext) + table_row_span(nipper, &settings_accessextpix_heading, filterPointer->remark); + break; + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + if (filterListPointer->type == access_std) + table_row_span(nipper, &settings_accessstd_heading, filterPointer->remark); + else if (filterListPointer->type == access_ext) + table_row_span(nipper, &settings_accessext_heading, filterPointer->remark); + break; + case type_css_filter: + table_row_span(nipper, &settings_acl_css_heading, filterPointer->remark); + break; + case type_fw1_firewall: + case type_nokiaip: + table_row_span(nipper, &settings_policycol_heading, filterPointer->remark); + break; + case type_sos_firewall: + table_row_span(nipper, &settings_policies_heading, filterPointer->remark); + break; + case type_passport: + case type_bayaccelar: + if (strcmp(filterListPointer->name, "**UNASSIGNED**") == 0) + table_row_span(nipper, &settings_filter_heading, filterPointer->remark); + else if (atoi(filterListPointer->name) < 101) + table_row_span(nipper, &settings_filterset_heading, filterPointer->remark); + else if ((atoi(filterListPointer->name) > 299) && (atoi(filterListPointer->name) < 1001)) + table_row_span(nipper, &settings_filter_heading, filterPointer->remark); + break; + case type_sonicwall: + table_row_span(nipper, &settings_accessrules_heading, filterPointer->remark); + break; + } +} + + +// Report the source/destination +void reportSourceDestination(struct nipperConfig *nipper, struct filterObjectConfig *filterObjectPointer) +{ + // Variables... + char tempString[nipper->maxSize]; + + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\""); + + while (filterObjectPointer != 0) + { + outputFriendly(filterObjectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + + switch (filterObjectPointer->type) + { + case object_type_machinesrange: + fprintf(nipper->reportFile, "%s - %s", tempString, filterObjectPointer->netMask); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s - %s", tempString, filterObjectPointer->netMask); + break; + case object_type_network: + fprintf(nipper->reportFile, "%s / %s", tempString, filterObjectPointer->netMask); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s / %s", tempString, filterObjectPointer->netMask); + break; + case object_type_interface: + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + break; + case object_type_object: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "", tempString); + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + break; + case object_type_protocol: + addAbbreviation(filterObjectPointer->name, false); + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + break; + case object_type_host: + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + break; + case object_type_any: + fprintf(nipper->reportFile, "Any"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "Any"); + break; + } + + if (filterObjectPointer->next != 0) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_itemsep); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "; "); + } + + filterObjectPointer = filterObjectPointer->next; + } + + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\""); + +} + + +// Report objects one after another... +void reportSourceDestinationLine(struct nipperConfig *nipper, struct filterObjectConfig *filterObjectPointer) +{ + // Variables... + char tempString[nipper->maxSize]; + + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\""); + + while (filterObjectPointer != 0) + { + outputFriendly(filterObjectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + + switch (filterObjectPointer->type) + { + case object_type_network: + fprintf(nipper->reportFile, "%s / %s", tempString, filterObjectPointer->netMask); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s - %s", tempString, filterObjectPointer->netMask); + break; + case object_type_interface: + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + break; + case object_type_object: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "", tempString); + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + break; + case object_type_protocol: + addAbbreviation(filterObjectPointer->name, false); + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + break; + case object_type_host: + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + break; + case object_type_any: + fprintf(nipper->reportFile, "any address"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "any address"); + break; + } + + if (filterObjectPointer->next != 0) + { + if (filterObjectPointer->next->next == 0) + fprintf(nipper->reportFile, " and "); + else + fprintf(nipper->reportFile, ", "); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "; "); + } + + filterObjectPointer = filterObjectPointer->next; + } + + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\""); + +} + + +// Report the service +void reportService(struct nipperConfig *nipper, struct filterObjectConfig *filterObjectPointer) +{ + + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\""); + + while (filterObjectPointer != 0) + { + addAbbreviation(filterObjectPointer->name, false); + + if (filterObjectPointer->serviceOp == service_oper_eq) + { + fprintf(nipper->reportFile, "%s", filterObjectPointer->name); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", filterObjectPointer->name); + } + else if (filterObjectPointer->serviceOp == service_oper_neq) + { + fprintf(nipper->reportFile, "not %s", filterObjectPointer->name); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "not %s", filterObjectPointer->name); + } + else if (filterObjectPointer->serviceOp == service_oper_lt) + { + fprintf(nipper->reportFile, "less than %s", filterObjectPointer->name); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "less than %s", filterObjectPointer->name); + } + else if (filterObjectPointer->serviceOp == service_oper_gt) + { + fprintf(nipper->reportFile, "greater than %s", filterObjectPointer->name); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "greater than %s", filterObjectPointer->name); + } + else if (filterObjectPointer->serviceOp == service_oper_range) + { + fprintf(nipper->reportFile, "%s - %s", filterObjectPointer->name, filterObjectPointer->netMask); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s - %s", filterObjectPointer->name, filterObjectPointer->netMask); + addAbbreviation(filterObjectPointer->netMask, false); + } + else if (filterObjectPointer->serviceOp == service_oper_ignore) + { + fprintf(nipper->reportFile, "Any"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "Any"); + } + else + { + fprintf(nipper->reportFile, "%s", filterObjectPointer->name); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", filterObjectPointer->name); + } + + if (filterObjectPointer->next != 0) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_itemsep); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "; "); + } + + filterObjectPointer = filterObjectPointer->next; + } + + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\""); + +} + + +// Output the filter to the filter table... +void reportFilter(struct nipperConfig *nipper, int ruleNumber, struct filterListConfig *filterListPointer, struct filterConfig *filterPointer) +{ + // Variables... + struct filterObjectConfig *filterObjectPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + char tempString[nipper->maxSize]; + + switch (nipper->deviceType) + { + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + // Rule No. + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterListPointer->name, ruleNumber, ruleNumber, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, ruleNumber, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", \"%d\", ", filterListPointer->name, ruleNumber); + // Action... + switch (filterPointer->action) + { + case filter_action_drop: + fprintf(nipper->reportFile, "Deny%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Deny\", "); + break; + case filter_action_accept: + fprintf(nipper->reportFile, "Permit%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Permit\", "); + break; + } + // Protocol + if (filterListPointer->type != access_std) + { + fprintf(nipper->reportFile, "%s%s", filterPointer->protocol, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", ", filterPointer->protocol); + addAbbreviation(filterPointer->protocol, false); + } + // Source + reportSourceDestination(nipper, filterPointer->source); + // Std ACL end + if (filterListPointer->type == access_std) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\n"); + } + // Old/Extended ACL + else + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Source Service + reportService(nipper, filterPointer->sourceService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Destination + reportSourceDestination(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Destination Service + reportService(nipper, filterPointer->destinationService); + if (filterListPointer->type != access_ext) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\n"); + } + else + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Log + if (filterPointer->log == true) + { + fprintf(nipper->reportFile, "Yes"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\", "); + } + else + { + fprintf(nipper->reportFile, "No"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\", "); + } + + // Active + if (filterPointer->enabled == true) + { + fprintf(nipper->reportFile, "%sYes%s", nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\"\n"); + } + else + { + fprintf(nipper->reportFile, "%sNo%s", nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\"\n"); + } + } + } + break; + + // IOS-based devices... + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterListPointer->name, ruleNumber, ruleNumber, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, ruleNumber, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", \"%d\", ", filterListPointer->name, ruleNumber); + switch (filterPointer->action) + { + case filter_action_drop: + fprintf(nipper->reportFile, "Deny%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Deny\", "); + break; + case filter_action_accept: + fprintf(nipper->reportFile, "Permit%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Permit\", "); + break; + } + if (filterListPointer->type == access_ext) + { + fprintf(nipper->reportFile, "%s%s", filterPointer->protocol, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", ", filterPointer->protocol); + addAbbreviation(filterPointer->protocol, false); + } + // Source + reportSourceDestination(nipper, filterPointer->source); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Extended ACL + if (filterListPointer->type == access_ext) + { + // Source Service + reportService(nipper, filterPointer->sourceService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Destination + reportSourceDestination(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Destination Service + reportService(nipper, filterPointer->destinationService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + } + // Log + if (filterPointer->log == true) + { + fprintf(nipper->reportFile, "Yes"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\""); + } + else + { + fprintf(nipper->reportFile, "No"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\""); + } + if (filterListPointer->type == access_std) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\n"); + } + else + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", \""); + if (filterPointer->established == true) + { + fprintf(nipper->reportFile, "Established"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "Established"); + } + if ((filterPointer->established == true) && (filterPointer->fragments == true)) + { + fprintf(nipper->reportFile, ", "); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "; "); + } + if (filterPointer->fragments == true) + { + fprintf(nipper->reportFile, "Fragments"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "Fragments"); + } + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"\n"); + } + break; + + // Firewall-1 Filter... + case type_fw1_firewall: + case type_nokiaip: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterListPointer->name, ruleNumber, ruleNumber, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, ruleNumber, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", \"%d\", ", filterListPointer->name, ruleNumber); + if (filterPointer->enabled == true) + { + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\", "); + } + else + { + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\", "); + } + switch (filterPointer->action) + { + case filter_action_drop: + fprintf(nipper->reportFile, "Drop%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Drop\", "); + break; + case filter_action_accept: + fprintf(nipper->reportFile, "Accept%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Accept\", "); + break; + case filter_action_reject: + fprintf(nipper->reportFile, "Reject%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Reject\", "); + break; + } + // Source... + reportSourceDestination(nipper, filterPointer->source); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Destination... + reportSourceDestination(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Destination Service... + reportService(nipper, filterPointer->destinationService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", \""); + filterObjectPointer = filterPointer->through; + while (filterObjectPointer != 0) + { + outputFriendly(filterObjectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + if (filterObjectPointer->next != 0) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_itemsep); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "; "); + } + filterObjectPointer = filterObjectPointer->next; + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\", \""); + filterObjectPointer = filterPointer->install; + while (filterObjectPointer != 0) + { + outputFriendly(filterObjectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + if (filterObjectPointer->next != 0) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_itemsep); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "; "); + } + filterObjectPointer = filterObjectPointer->next; + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\", \""); + if (filterPointer->log == true) + { + fprintf(nipper->reportFile, "Yes"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "Yes\""); + } + else + { + fprintf(nipper->reportFile, "No"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "No\", "); + } + if (nipper->showACLComments == true) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, filterPointer->remark, nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", \"%s\"\n", filterPointer->remark); + } + else + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\n"); + } + break; + + // ScreenOS Filter... + case type_sos_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterPointer->id, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", \"%s\", \"%d\", ", filterListPointer->fromZone, filterListPointer->toZone, filterPointer->id); + if (filterPointer->enabled == true) + { + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\", "); + } + else + { + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\", "); + } + switch (filterPointer->action) + { + case filter_action_accept: + fprintf(nipper->reportFile, "Permit%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Permit\", "); + break; + case filter_action_drop: + fprintf(nipper->reportFile, "Deny%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Deny\", "); + break; + case filter_action_reject: + fprintf(nipper->reportFile, "Reject%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Reject\", "); + break; + } + reportSourceDestination(nipper, filterPointer->source); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportSourceDestination(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportService(nipper, filterPointer->destinationService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + if (filterPointer->log == true) + { + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\"\n"); + } + else + { + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\"\n"); + } + filterPointer = filterPointer->next; + break; + + // SonicOS... + case type_sonicwall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterListPointer->name, ruleNumber, ruleNumber, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, ruleNumber, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", \"%s\", \"%d\", ", filterListPointer->fromZone, filterListPointer->toZone, ruleNumber); + if (filterPointer->enabled == true) + { + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\", "); + } + else + { + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\", "); + } + switch (filterPointer->action) + { + case filter_action_accept: + fprintf(nipper->reportFile, "Allow%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Allow\", "); + break; + case filter_action_reject: + fprintf(nipper->reportFile, "Deny%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Deny\", "); + break; + case filter_action_drop: + fprintf(nipper->reportFile, "Discard%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Discard\", "); + break; + } + reportSourceDestination(nipper, filterPointer->source); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportSourceDestination(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (filterListPointer->type == access_std) + { + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", \""); + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + filterObjectPointer = filterPointer->destinationService; + while (filterObjectPointer != 0) + { + objectPointer = getObjectPointer(objectListPointer, filterObjectPointer->name); + outputFriendly(objectPointer->comment, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + if (filterObjectPointer->next != 0) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_itemsep); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "; "); + } + filterObjectPointer = filterObjectPointer->next; + } + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\""); + } + else + reportService(nipper, filterPointer->destinationService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + if (filterPointer->fragments == true) + { + fprintf(nipper->reportFile, "Yes"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\""); + } + else + { + fprintf(nipper->reportFile, "No"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\""); + } + if (filterListPointer->type == access_std) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\n"); + } + else + { + if (filterPointer->log == true) + { + fprintf(nipper->reportFile, "%sYes%s", nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", \"Yes\"\n"); + } + else + { + fprintf(nipper->reportFile, "%sNo%s", nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", \"No\"\n"); + } + } + break; + + // Cisco CSS device... + case type_css_filter: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterPointer->id, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", \"%d\", ", filterListPointer->name, filterPointer->id); + switch (filterPointer->action) + { + case filter_action_accept: + fprintf(nipper->reportFile, "Permit%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Permit\", "); + break; + case filter_action_drop: + fprintf(nipper->reportFile, "Deny%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Deny\", "); + break; + case filter_action_bypass: + fprintf(nipper->reportFile, "Bypass%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Bypass\", "); + break; + } + outputFriendly(filterPointer->protocol, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", ", tempString); + reportSourceDestination(nipper, filterPointer->source); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportService(nipper, filterPointer->sourceService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportSourceDestination(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportService(nipper, filterPointer->destinationService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + if (filterPointer->log == true) + { + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\"\n"); + } + else + { + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\"\n"); + } + break; + + // Nortel Passport Devices... + case type_passport: + case type_bayaccelar: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterPointer->id, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", \"%d\", ", filterListPointer->listName, filterPointer->id); + outputFriendly(filterPointer->remark, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", ", tempString); + if (((atoi(filterListPointer->name) > 299) && (atoi(filterListPointer->name) < 1001)) || (strcmp(filterListPointer->name, "**UNASSIGNED**") == 0)) + { + switch (filterPointer->filterType) + { + case filter_type_source: + fprintf(nipper->reportFile, "Source%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Source\", "); + break; + case filter_type_destination: + fprintf(nipper->reportFile, "Dest%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Dest\", "); + break; + case filter_type_global: + fprintf(nipper->reportFile, "Global%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Global\", "); + break; + } + } + switch (filterPointer->action) + { + case filter_action_accept: + fprintf(nipper->reportFile, "Forward%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Forward\", "); + break; + case filter_action_drop: + fprintf(nipper->reportFile, "Drop%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Drop\", "); + break; + case filter_action_default: + fprintf(nipper->reportFile, "Default%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Default\", "); + break; + } + outputFriendly(filterPointer->protocol, tempString, nipper->maxSize, nipper->outputFormat); + addAbbreviation(filterPointer->protocol, false); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", ", tempString); + reportSourceDestination(nipper, filterPointer->source); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportService(nipper, filterPointer->sourceService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportSourceDestination(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportService(nipper, filterPointer->destinationService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + if (filterPointer->stop == true) + { + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\"\n"); + } + else + { + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\"\n"); + } + break; + } +} + + +void outputCSVHeadings(struct nipperConfig *nipper, const char *title1, const char *title2, struct tableHeading *headings) +{ + // Variables... + struct tableHeading *headingPointer = 0; + + // first heading... + fprintf(nipper->csvFile, "\"%s\", ", title1); + + // second heading... + if (title2 != 0) + fprintf(nipper->csvFile, "\"%s\", ", title2); + + // remaining headings... + headingPointer = headings; + while (headingPointer != 0) + { + fprintf(nipper->csvFile, "\"%s\"", headingPointer->heading); + if (headingPointer->next != 0) + fprintf(nipper->csvFile, ", "); + else + fprintf(nipper->csvFile, "\n"); + headingPointer = headingPointer->next; + } +} + + +// Output the filter list table for the configuration section of the report +void reportRules(struct nipperConfig *nipper) +{ + // Variables... + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + int ruleNumber = 0; + + if (nipper->csvFilename != 0) + nipper->doCSV = true; + + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + // Init rule number... + ruleNumber = 1; + + // Output Table Start... + switch (nipper->deviceType) + { + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if (filterListPointer->type == access_old) + { + sprintf(tempString, "%s %s", settings_accesslists_table, filterListPointer->name); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_accesspix_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "ACL", 0, &settings_accesspix_heading); + } + else if (filterListPointer->type == access_std) + { + sprintf(tempString, "%s %s", settings_accessstd_table, filterListPointer->name); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_accessstdpix_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "ACL", 0, &settings_accessstdpix_heading); + } + else if (filterListPointer->type == access_ext) + { + sprintf(tempString, "%s %s", settings_accessext_table, filterListPointer->name); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_accessextpix_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "ACL", 0, &settings_accessextpix_heading); + } + break; + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + if (filterListPointer->type == access_std) + { + sprintf(tempString, "%s %s", settings_accessstd_table, filterListPointer->name); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_accessstd_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "ACL", 0, &settings_accessstd_heading); + } + else if (filterListPointer->type == access_ext) + { + sprintf(tempString, "%s %s", settings_accessext_table, filterListPointer->name); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_accessext_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "ACL", 0, &settings_accessext_heading); + } + break; + case type_sos_firewall: + if (filterListPointer->global == true) + sprintf(tempString, "Global zone policy list"); + else if (filterListPointer->name[0] == 0) + sprintf(tempString, "Zone %s to zone %s policy list", filterListPointer->fromZone, filterListPointer->toZone); + else + sprintf(tempString, "%s policy list (zone %s to zone %s)", filterListPointer->name, filterListPointer->fromZone, filterListPointer->toZone); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_policies_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "From Zone", "To Zone", &settings_policies_heading); + break; + case type_fw1_firewall: + case type_nokiaip: + sprintf(tempString, "%s %s", filterListPointer->name, settings_policycol_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_policycol_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "Policy", 0, &settings_policycol_heading); + break; + case type_css_filter: + if (filterListPointer->applyTo[0] != 0) + sprintf(tempString2, "ACL %s (applied to %s)", filterListPointer->name, filterListPointer->applyTo); + else + sprintf(tempString2, "ACL %s", filterListPointer->name); + output_table(nipper, true, tempString2, &settings_acl_css_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "ACL", 0, &settings_acl_css_heading); + break; + case type_passport: + case type_bayaccelar: + if (strcmp(filterListPointer->name, "**UNASSIGNED**") == 0) + { + output_table(nipper, true, settings_filter_table, &settings_filter_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "Filter Set", 0, &settings_filter_heading); + } + else if (atoi(filterListPointer->name) < 101) + { + sprintf(tempString2, "Global filter set %s (%s)", filterListPointer->listName, filterListPointer->name); + output_table(nipper, true, tempString2, &settings_filterset_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "Filter Set", 0, &settings_filterset_heading); + } + else if ((atoi(filterListPointer->name) > 299) && (atoi(filterListPointer->name) < 1001)) + { + sprintf(tempString2, "Filter set %s (%s)", filterListPointer->listName, filterListPointer->name); + output_table(nipper, true, tempString2, &settings_filter_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "Filter Set", 0, &settings_filter_heading); + } + break; + case type_sonicwall: + + if (filterListPointer->type == access_std) + { + sprintf(tempString, "From %s to %s access rules", filterListPointer->fromZone, filterListPointer->toZone); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_accessrules_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "From", "To", &settings_accessrules_heading); + } + else + { + sprintf(tempString, "From %s to %s policies", filterListPointer->fromZone, filterListPointer->toZone); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_accesspolicy_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "From", "To", &settings_accesspolicy_heading); + } + break; + } + + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + // Output filter?... + if (filterPointer->action != filter_action_remark) + { + reportFilter(nipper, ruleNumber, filterListPointer, filterPointer); + ruleNumber++; + } + + // Output remark/comment... + else + reportFilterRemark(nipper, filterListPointer, filterPointer); + + // Next Filter... + filterPointer = filterPointer->next; + } + + // Output Table End... + switch (nipper->deviceType) + { + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if (filterListPointer->type == access_old) + output_table(nipper, false, tempString2, &settings_accesspix_heading); + else if (filterListPointer->type == access_std) + output_table(nipper, false, tempString2, &settings_accessstdpix_heading); + else if (filterListPointer->type == access_ext) + output_table(nipper, false, tempString2, &settings_accessextpix_heading); + break; + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + if (filterListPointer->type == access_std) + output_table(nipper, false, tempString2, &settings_accessstd_heading); + else if (filterListPointer->type == access_ext) + output_table(nipper, false, tempString2, &settings_accessext_heading); + break; + case type_sos_firewall: + output_table(nipper, false, tempString2, &settings_policies_heading); + break; + case type_fw1_firewall: + case type_nokiaip: + output_table(nipper, false, tempString2, &settings_policycol_heading); + break; + case type_css_filter: + output_table(nipper, false, tempString2, &settings_acl_css_heading); + break; + case type_passport: + case type_bayaccelar: + if (strcmp(filterListPointer->name, "**UNASSIGNED**") == 0) + output_table(nipper, false, settings_filter_table, &settings_filter_heading); + else if (atoi(filterListPointer->name) < 101) + output_table(nipper, false, tempString2, &settings_filterset_heading); + else if ((atoi(filterListPointer->name) > 299) && (atoi(filterListPointer->name) < 1001)) + output_table(nipper, false, tempString2, &settings_accessrules_heading); + break; + case type_sonicwall: + if (filterListPointer->type == access_std) + output_table(nipper, false, tempString2, &settings_accessrules_heading); + else + output_table(nipper, false, tempString2, &settings_accesspolicy_heading); + break; + } + + filterListPointer = filterListPointer->next; + } + + nipper->doCSV = false; +} + + +// Code to report issues with common single filter issue text accross device types... +void reportCommonFilterIssues(struct nipperConfig *nipper, char *listName, char *lineStart, char *lineMid, struct filterConfig *filterPointer, int ruleNumber, struct filterListConfig *filterListPointer) +{ + // Variables... + int useRuleNumber = false; + + // Set if rule number is to be used... + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + case type_fw1_firewall: + case type_nokiaip: + case type_sonicwall: + useRuleNumber = true; + break; + + case type_sos_firewall: + case type_passport: + case type_bayaccelar: + case type_css_filter: + useRuleNumber = false; + break; + + case type_nmp_catalyst: + case type_cos_catalyst: + // It doesnt matter for these + break; + } + + // Bypass issue... + if ((filterPointer->action == filter_action_bypass) && (nipper->bypassRulesIssue == true)) + { + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, ruleNumber, ruleNumber, report_accesslist_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, ruleNumber, report_accesslist_bypass); + break; + case type_fw1_firewall: + case type_nokiaip: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, ruleNumber, ruleNumber, report_fw1policy_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, ruleNumber, report_fw1policy_bypass); + break; + case type_css_filter: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, filterPointer->id, filterPointer->id, report_accesslist_css_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterPointer->id, report_accesslist_css_bypass); + break; + case type_passport: + case type_bayaccelar: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, filterPointer->id, filterPointer->id, report_pasfilter_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterPointer->id, report_pasfilter_bypass); + break; + case type_sos_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, filterPointer->id, filterPointer->id, report_sospolicy_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterPointer->id, report_sospolicy_bypass); + break; + case type_nmp_catalyst: + case type_cos_catalyst: + case type_sonicwall: + // It doesnt matter for these + break; + } + } + + else if ((filterPointer->action == filter_action_reject) && (nipper->rejectRulesIssue == true)) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_reject); + } + + else if ((filterPointer->action == filter_action_default) && (nipper->defaultRulesIssue == true)) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_default); + } + + else if ((filterPointer->enabled == false) && (nipper->disabledRulesIssue == true)) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_disabled); + } + + else if (filterPointer->anySource == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_anysrc); + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "."); + } + + else if (filterPointer->networkSource == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_netsrc); + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "."); + } + + else if (filterPointer->anySourceService == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_anysvcsrc); + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "."); + } + + else if (filterPointer->anyDestination == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_anydst); + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, " to any destination."); + } + + else if (filterPointer->networkDestination == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_netdst); + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, " to a network destination."); + } + + else if (filterPointer->anyDestinationService == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_netdstsvc); + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, " to any destination service."); + } + + else if (filterPointer->logging == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_nolog); + } + + else if (filterPointer->logDeny == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_nologdenied); + } +} +void reportCommonStandardFilterIssues(struct nipperConfig *nipper, char *listName, char *lineStart, char *lineMid, struct filterConfig *filterPointer, int ruleNumber, struct filterListConfig *filterListPointer) +{ + // Variables... + int useRuleNumber = false; + + // Set if rule number is to be used... + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + case type_fw1_firewall: + case type_nokiaip: + case type_sonicwall: + useRuleNumber = true; + break; + + case type_sos_firewall: + case type_passport: + case type_bayaccelar: + case type_css_filter: + useRuleNumber = false; + break; + + case type_nmp_catalyst: + case type_cos_catalyst: + // It doesnt matter for these + break; + } + + // Bypass issue... + if ((filterPointer->action == filter_action_bypass) && (nipper->bypassRulesIssue == true)) + { + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, ruleNumber, ruleNumber, report_accesslist_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, ruleNumber, report_accesslist_bypass); + break; + case type_fw1_firewall: + case type_nokiaip: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, ruleNumber, ruleNumber, report_fw1policy_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, ruleNumber, report_fw1policy_bypass); + break; + case type_css_filter: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, filterPointer->id, filterPointer->id, report_accesslist_css_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterPointer->id, report_accesslist_css_bypass); + break; + case type_passport: + case type_bayaccelar: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, filterPointer->id, filterPointer->id, report_pasfilter_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterPointer->id, report_pasfilter_bypass); + break; + case type_sos_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, filterPointer->id, filterPointer->id, report_sospolicy_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterPointer->id, report_sospolicy_bypass); + break; + case type_nmp_catalyst: + case type_cos_catalyst: + case type_sonicwall: + // It doesnt matter for these + break; + } + } + + else if ((filterPointer->action == filter_action_reject) && (nipper->rejectRulesIssue == true)) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + if (nipper->deviceType == type_sonicwall) + fprintf(nipper->reportFile, " %s", report_fw1policy_reject); + else + fprintf(nipper->reportFile, " %s", report_fw1policy_reject); + } + + else if ((filterPointer->action == filter_action_default) && (nipper->defaultRulesIssue == true)) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_default); + } + + else if ((filterPointer->enabled == false) && (nipper->disabledRulesIssue == true)) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_disabled); + } + + else if (filterPointer->anySource == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_std_anysrc); + } + + else if (filterPointer->networkSource == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_std_netsrc); + } + + else if (filterPointer->anySourceService == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_std_anysvcsrc); + } + + else if (filterPointer->logging == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_nolog); + } + + else if (filterPointer->logDeny == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_nologdenied); + } +} + + +// Code to report issues with common multiple filter issue table text accross device types... +void reportCommonFilterTableIssues(struct nipperConfig *nipper, char *listName, struct filterConfig *filterPointer, int ruleNumber, struct filterListConfig *filterListPointer) +{ + // Variables... + int issueFound = false; + int useRuleNumber = false; + + // Set if rule number is to be used... + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + case type_fw1_firewall: + case type_nokiaip: + case type_sonicwall: + useRuleNumber = true; + break; + + case type_sos_firewall: + case type_passport: + case type_bayaccelar: + case type_css_filter: + useRuleNumber = false; + break; + + case type_nmp_catalyst: + case type_cos_catalyst: + // It doesnt matter for these + break; + } + + // Bypass issue... + if ((filterPointer->action == filter_action_bypass) && (nipper->bypassRulesIssue == true)) + { + issueFound = true; + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, ruleNumber, ruleNumber, nipper->tablerow_mid, report_accesslistt_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, ruleNumber, nipper->tablerow_mid, report_accesslistt_bypass); + break; + + case type_fw1_firewall: + case type_nokiaip: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, ruleNumber, ruleNumber, nipper->tablerow_mid, report_fw1policyt_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, ruleNumber, nipper->tablerow_mid, report_fw1policyt_bypass); + break; + + case type_sos_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid, report_accesslistt_css_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterPointer->id, nipper->tablerow_mid, report_accesslistt_css_bypass); + break; + + case type_passport: + case type_bayaccelar: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid, report_sospolicyt_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterPointer->id, nipper->tablerow_mid, report_pasfiltert_bypass); + break; + + case type_css_filter: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid, report_accesslistt_css_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterPointer->id, nipper->tablerow_mid, report_accesslistt_css_bypass); + break; + + case type_nmp_catalyst: + case type_cos_catalyst: + case type_sonicwall: + // It doesnt matter for these + break; + } + } + + if ((filterPointer->action == filter_action_reject) && (nipper->rejectRulesIssue == true)) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_reject); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_reject); + } + } + + if ((filterPointer->action == filter_action_default) && (nipper->defaultRulesIssue == true)) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_default); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_default); + } + } + + if ((filterPointer->enabled == false) && (nipper->disabledRulesIssue == true)) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_disabled); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_disabled); + } + } + + if (filterPointer->anySource == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_anysrc); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_anysrc); + } + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "."); + } + + if (filterPointer->networkSource == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_netsrc); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_netsrc); + } + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "."); + } + + if (filterPointer->anySourceService == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_anysvcsrc); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_anysvcsrc); + } + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "."); + } + + if (filterPointer->anyDestination == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_anydst); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_anydst); + } + reportSourceDestinationLine(nipper, filterPointer->source); + fprintf(nipper->reportFile, " to any destination."); + } + + if (filterPointer->networkDestination == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_anydst); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_anydst); + } + reportSourceDestinationLine(nipper, filterPointer->source); + fprintf(nipper->reportFile, " to a network destination."); + } + + if (filterPointer->anyDestinationService == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_anydst); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_anydst); + } + reportSourceDestinationLine(nipper, filterPointer->source); + fprintf(nipper->reportFile, " to any destination service."); + } + + if (filterPointer->logging == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_nolog); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_nolog); + } + } + + if (filterPointer->logDeny == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_nologdenied); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_nologdenied); + } + } + + // If issue found... + if (issueFound == true) + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); +} +void reportCommonStandardFilterTableIssues(struct nipperConfig *nipper, char *listName, struct filterConfig *filterPointer, int ruleNumber, struct filterListConfig *filterListPointer) +{ + // Variables... + int issueFound = false; + int useRuleNumber = false; + + // Set if rule number is to be used... + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + case type_fw1_firewall: + case type_nokiaip: + case type_sonicwall: + useRuleNumber = true; + break; + + case type_sos_firewall: + case type_passport: + case type_bayaccelar: + case type_css_filter: + useRuleNumber = false; + break; + + case type_nmp_catalyst: + case type_cos_catalyst: + // It doesnt matter for these + break; + } + + // Bypass issue... + if ((filterPointer->action == filter_action_bypass) && (nipper->bypassRulesIssue == true)) + { + issueFound = true; + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, ruleNumber, ruleNumber, nipper->tablerow_mid, report_accesslistt_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, ruleNumber, nipper->tablerow_mid, report_accesslistt_bypass); + break; + + case type_fw1_firewall: + case type_nokiaip: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, ruleNumber, ruleNumber, nipper->tablerow_mid, report_fw1policyt_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, ruleNumber, nipper->tablerow_mid, report_fw1policyt_bypass); + break; + + case type_sos_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid, report_accesslistt_css_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterPointer->id, nipper->tablerow_mid, report_accesslistt_css_bypass); + break; + + case type_passport: + case type_bayaccelar: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid, report_pasfiltert_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterPointer->id, nipper->tablerow_mid, report_pasfiltert_bypass); + break; + + case type_css_filter: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid, report_accesslistt_css_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterPointer->id, nipper->tablerow_mid, report_accesslistt_css_bypass); + break; + + case type_nmp_catalyst: + case type_cos_catalyst: + case type_sonicwall: + // It doesnt matter for these + break; + } + } + + if ((filterPointer->action == filter_action_reject) && (nipper->rejectRulesIssue == true)) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_reject); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_reject); + } + } + + if ((filterPointer->action == filter_action_default) && (nipper->defaultRulesIssue == true)) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_default); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_default); + } + } + + if ((filterPointer->enabled == false) && (nipper->disabledRulesIssue == true)) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_disabled); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_disabled); + } + } + + if (filterPointer->anySource == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_anysrc); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_std_anysrc); + } + } + + if (filterPointer->networkSource == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_netsrc); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_std_netsrc); + } + } + + if (filterPointer->anySourceService == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_anysvcsrc); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_std_anysvcsrc); + } + } + + // If issue found... + if (issueFound == true) + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); +} + + diff --git a/0.11.10/common/.svn/text-base/report-appendix.c.svn-base b/0.11.10/common/.svn/text-base/report-appendix.c.svn-base new file mode 100644 index 0000000..fd2d813 --- /dev/null +++ b/0.11.10/common/.svn/text-base/report-appendix.c.svn-base @@ -0,0 +1,566 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// ---------------------------------------------------------------------------------- +// Common Port Assignments... + +struct ports +{ + int add; // true or false + const char *text; + int port; // Port Number + struct ports *next; +}; + +// Current: 92 +struct ports ap_port91 = {false, "PCAnywhere-Status", 5632, 0}; +struct ports ap_port90 = {false, "PCAnywhere-Data", 5631, &ap_port91}; +struct ports ap_port89 = {false, "SecureID-UDP", 5510, &ap_port90}; +struct ports ap_port88 = {false, "AOL", 5190, &ap_port89}; +struct ports ap_port87 = {false, "CTIQBE", 2748, &ap_port88}; +struct ports ap_port86 = {false, "PPTP", 1723, &ap_port87}; +struct ports ap_port85 = {false, "H323", 1720, &ap_port86}; +struct ports ap_port84 = {false, "RADIUS-Acct", 1646, &ap_port85}; +struct ports ap_port83 = {false, "RADIUS", 1645, &ap_port84}; +struct ports ap_port82 = {false, "SQLNet", 1521, &ap_port83}; +struct ports ap_port81 = {false, "Citrix-ICA", 1494, &ap_port82}; +struct ports ap_port80 = {false, "LotusNotes", 1352, &ap_port81}; +struct ports ap_port79 = {false, "KERBEROS", 750, &ap_port80}; +struct ports ap_port78 = {false, "LDAPS", 636, &ap_port79}; +struct ports ap_port77 = {false, "KShell", 544, &ap_port78}; +struct ports ap_port76 = {false, "KLogin", 543, &ap_port77}; +struct ports ap_port75 = {false, "UUCP", 540, &ap_port76}; +struct ports ap_port74 = {false, "Timed", 525, &ap_port75}; +struct ports ap_port73 = {false, "RIPv2", 520, &ap_port74}; +struct ports ap_port72 = {false, "RIP", 520, &ap_port73}; +struct ports ap_port71 = {false, "Talk", 517, &ap_port72}; +struct ports ap_port70 = {false, "LPD", 515, &ap_port71}; +struct ports ap_port69 = {false, "Printer", 515, &ap_port70}; +struct ports ap_port68 = {false, "Syslog", 514, &ap_port69}; +struct ports ap_port67 = {false, "CMD", 514, &ap_port68}; +struct ports ap_port66 = {false, "RSH", 514, &ap_port67}; +struct ports ap_port65 = {false, "RWho", 513, &ap_port66}; +struct ports ap_port64 = {false, "Who", 513, &ap_port65}; +struct ports ap_port63 = {false, "RLogin", 513, &ap_port64}; +struct ports ap_port62 = {false, "Login", 513, &ap_port63}; +struct ports ap_port61 = {false, "RExec", 512, &ap_port62}; +struct ports ap_port60 = {false, "Exec", 512, &ap_port61}; +struct ports ap_port59 = {false, "BIFF", 512, &ap_port60}; +struct ports ap_port58 = {false, "IKE", 500, &ap_port59}; +struct ports ap_port57 = {false, "ISAKMP", 500, &ap_port58}; +struct ports ap_port56 = {false, "PIM-Auto-RP", 496, &ap_port57}; +struct ports ap_port55 = {false, "HTTPS", 443, &ap_port56}; +struct ports ap_port54 = {false, "Mobile-IP", 434, &ap_port55}; +struct ports ap_port53 = {false, "LDAP", 389, &ap_port54}; +struct ports ap_port52 = {false, "DNSIX", 195, &ap_port53}; +struct ports ap_port51 = {false, "IRC", 194, &ap_port52}; +struct ports ap_port50 = {false, "BGP", 179, &ap_port51}; +struct ports ap_port49 = {false, "XDMCP", 177, &ap_port50}; +struct ports ap_port48 = {false, "SNMP-Trap", 162, &ap_port49}; +struct ports ap_port47 = {false, "SNMP", 161, &ap_port48}; +struct ports ap_port46 = {false, "IMAP4", 143, &ap_port47}; +struct ports ap_port45 = {false, "NetBIOS-SSN", 139, &ap_port46}; +struct ports ap_port44 = {false, "NetBIOS-DGM", 138, &ap_port45}; +struct ports ap_port43 = {false, "NetBIOS-NS", 137, &ap_port44}; +//struct ports ap_port42 = {false, "SNMP", 126, &ap_port43}; +struct ports ap_port41 = {false, "NTP", 123, &ap_port43}; +struct ports ap_port40 = {false, "NNTP", 119, &ap_port41}; +struct ports ap_port39 = {false, "UUCP-Path", 117, &ap_port40}; +struct ports ap_port38 = {false, "Auth", 113, &ap_port39}; +struct ports ap_port37 = {false, "Ident", 113, &ap_port38}; +struct ports ap_port36 = {false, "SUNRPC", 111, &ap_port37}; +struct ports ap_port35 = {false, "POP3", 110, &ap_port36}; +struct ports ap_port34 = {false, "POP2", 109, &ap_port35}; +struct ports ap_port33 = {false, "X400-SND", 104, &ap_port34}; +struct ports ap_port32 = {false, "X400", 103, &ap_port33}; +struct ports ap_port31 = {false, "ISO-TSAP", 102, &ap_port32}; +struct ports ap_port30 = {false, "Hostname", 101, &ap_port31}; +struct ports ap_port29 = {false, "SUPDUP", 95, &ap_port30}; +struct ports ap_port28 = {false, "HTTP", 80, &ap_port29}; +struct ports ap_port27 = {false, "WWW", 80, &ap_port28}; +struct ports ap_port26 = {false, "Finger", 79, &ap_port27}; +struct ports ap_port25 = {false, "Gopher", 70, &ap_port26}; +struct ports ap_port24 = {false, "TFTP", 69, &ap_port25}; +struct ports ap_port23 = {false, "BOOTPC", 68, &ap_port24}; +struct ports ap_port22 = {false, "DHCP", 68, &ap_port23}; +struct ports ap_port21 = {false, "DHCP", 67, &ap_port22}; +struct ports ap_port20 = {false, "BOOTPS", 67, &ap_port21}; +struct ports ap_port19 = {false, "Domain", 53, &ap_port20}; +struct ports ap_port18 = {false, "Login", 49, &ap_port19}; +struct ports ap_port17 = {false, "TACACS", 49, &ap_port18}; +struct ports ap_port16 = {false, "Nicname", 43, &ap_port17}; +struct ports ap_port15 = {false, "Whois", 43, &ap_port16}; +struct ports ap_port14 = {false, "Nameserver", 42, &ap_port15}; +struct ports ap_port13 = {false, "RLP", 39, &ap_port14}; +struct ports ap_port12 = {false, "Time", 37, &ap_port13}; +struct ports ap_port11 = {false, "SMTP", 25, &ap_port12}; +struct ports ap_port10 = {false, "Telnet", 23, &ap_port11}; +struct ports ap_port92 = {false, "SSH", 22, &ap_port10}; +struct ports ap_port9 = {false, "FTP", 21, &ap_port92}; +struct ports ap_port8 = {false, "FTP-Data", 20, &ap_port9}; +struct ports ap_port7 = {false, "Chargen", 19, &ap_port8}; +struct ports ap_port6 = {false, "Quote", 17, &ap_port7}; +struct ports ap_port5 = {false, "Netstat", 15, &ap_port6}; +struct ports ap_port4 = {false, "Daytime", 13, &ap_port5}; +struct ports ap_port3 = {false, "Users", 11, &ap_port4}; +struct ports ap_port2 = {false, "Discard", 9, &ap_port3}; +struct ports ap_port1 = {false, "Echo", 7, &ap_port2}; +struct ports ap_port = {false, "AH", 5, &ap_port1}; + + +void addPort(char *port) +{ + // Variables + struct ports *portPointer = 0; + + // Search for abbreviation + portPointer = &ap_port; + while ((portPointer->next != 0) && (strcasecmp(portPointer->text, port) != 0)) + portPointer = portPointer->next; + + // If found, add port + if (strcasecmp(portPointer->text, port) == 0) + portPointer->add = true; +} + + +// ---------------------------------------------------------------------------------- +// Abreviations... + +struct abbrev +{ + int add; // true or false + int expanded; // true or false + const char *ab; + const char *desc; + struct abbrev *next; +}; + +// Current: 162 + +struct abbrev ab_append126 = {false,false, "XDMCP", "X Display Manager Control Protocol", 0}; +struct abbrev ab_append0 = {false,false, "WWW", "World Wide Web", &ab_append126}; +struct abbrev ab_append1 = {false,false, "WAN", "Wide Area Network", &ab_append0}; +struct abbrev ab_append92 = {false,false, "VTY", "Virtual Teletype", &ab_append1}; +struct abbrev ab_append2 = {false,false, "VTP", "VLAN Trunking Protocol", &ab_append92}; +struct abbrev ab_append150 = {false,false, "VRRP", "Virtual Router Redundancy Protocol", &ab_append2}; +struct abbrev ab_append146 = {false,false, "VRF", "VPN Routing and Forwarding", &ab_append150}; +struct abbrev ab_append3 = {false,false, "VPN", "Virtual Private Network", &ab_append146}; +struct abbrev ab_append4 = {false,false, "VoIP", "Voice over IP", &ab_append3}; +struct abbrev ab_append149 = {false,false, "VLANs", "Virtual Local Area Networks", &ab_append4}; +struct abbrev ab_append5 = {false,false, "VLAN", "Virtual Local Area Network", &ab_append149}; +struct abbrev ab_append142 = {false,false, "VIPs", "Versatile Interface Processors", &ab_append5}; +struct abbrev ab_append143 = {false,false, "VIP", "Versatile Interface Processor", &ab_append142}; +struct abbrev ab_append105 = {false,false, "UUCP", "Unix-to-Unix Copy", &ab_append143}; +struct abbrev ab_append147 = {false,false, "UTC", "Coordinated Universal Time", &ab_append105}; +struct abbrev ab_append6 = {false,false, "URL", "Uniform Resource Locator", &ab_append147}; +struct abbrev ab_append7 = {false,false, "UDP", "User Datagram Protocol", &ab_append6}; +struct abbrev ab_append91 = {false,false, "TTY", "Teletype", &ab_append7}; +struct abbrev ab_append90 = {false,false, "TTL", "Time To Live", &ab_append91}; +struct abbrev ab_append103 = {false,false, "TSAP", "Transport Service Access Point", &ab_append90}; +struct abbrev ab_append8 = {false,false, "TFTP", "Trivial File Transfer Protocol", &ab_append103}; +struct abbrev ab_append9 = {false,false, "TDP", "Tag Distribution Protocol", &ab_append8}; +struct abbrev ab_append10 = {false,false, "TCP", "Transmission Control Protocol", &ab_append9}; +struct abbrev ab_append11 = {false,false, "TAPI", "Telephony Application Programming Interface", &ab_append10}; +struct abbrev ab_append12 = {false,false, "TACACS", "Terminal Access Controller Access Control System", &ab_append11}; +struct abbrev ab_append104 = {false,false, "SunRPC", "Sun Remote Procedure Call", &ab_append12}; +struct abbrev ab_append13 = {false,false, "SSL", "Secure Sockets Layer", &ab_append104}; +struct abbrev ab_append14 = {false,false, "SSH", "Secure Shell", &ab_append13}; +struct abbrev ab_append125 = {false,false, "SQLNet", "Structured Query Language Network", &ab_append14}; +struct abbrev ab_append132 = {false,false, "SPAN", "Switch Port Analyser", &ab_append125}; +struct abbrev ab_append15 = {false,false, "SMTP", "Simple Mail Transfer Protocol", &ab_append132}; +struct abbrev ab_append89 = {false,false, "SNTP", "Simple Network Time Protocol", &ab_append15}; +struct abbrev ab_append112 = {false,false, "SNP", "Sitara Networks Protocol", &ab_append89}; +struct abbrev ab_append16 = {false,false, "SNMP", "Simple Network Management Protocol", &ab_append112}; +struct abbrev ab_append17 = {false,false, "SIP", "Session Initiation Protocol", &ab_append16}; +struct abbrev ab_append18 = {false,false, "SDP", "Session Description Protocol", &ab_append17}; +struct abbrev ab_append127 = {false,false, "SAID", "Security Association Identifier", &ab_append18}; +struct abbrev ab_append133 = {false,false, "RPF", "Reverse Path Forwarding", &ab_append127}; +struct abbrev ab_append19 = {false,false, "RPC", "Remote Procedure Call", &ab_append133}; +struct abbrev ab_append100 = {false,false, "RLP", "Resource Location Protocol", &ab_append19}; +struct abbrev ab_append99 = {false,false, "RJE", "Remote Job Entry", &ab_append100}; +struct abbrev ab_append20 = {false,false, "RIP", "Routing Information Protocol", &ab_append99}; +struct abbrev ab_append21 = {false,false, "RADIUS", "Remote Authentication Dial-In User Service", &ab_append20}; +struct abbrev ab_append22 = {false,false, "PPTP", "Point to Point Tunneling Protocol", &ab_append21}; +struct abbrev ab_append23 = {false,false, "PPPoE", "Point to Point Protocol over Ethernet", &ab_append22}; +struct abbrev ab_append24 = {false,false, "PPP", "Point to Point Protocol", &ab_append23}; +struct abbrev ab_append98 = {false,false, "POP3", "Post Office Protocol version 3", &ab_append24}; +struct abbrev ab_append97 = {false,false, "POP2", "Post Office Protocol version 2", &ab_append98}; +struct abbrev ab_append25 = {false,false, "POP", "Post Office Protocol", &ab_append97}; +struct abbrev ab_append26 = {false,false, "PKI", "Public Key Infrastructure", &ab_append25}; +struct abbrev ab_append27 = {false,false, "PIX", "Private Internet Exchange", &ab_append26}; +struct abbrev ab_append111 = {false,false, "PIM", "Protocol Independent Multicast", &ab_append27}; +struct abbrev ab_append110 = {false,false, "PCP", "Payload Compression Protocol", &ab_append111}; +struct abbrev ab_append95 = {false,false, "PAT", "Port Address Translation", &ab_append110}; +struct abbrev ab_append28 = {false,false, "PAP", "Password Authentication Protocol", &ab_append95}; +struct abbrev ab_append29 = {false,false, "PAD", "Packet Assembler / Disassembler", &ab_append28}; +struct abbrev ab_append30 = {false,false, "OSPF", "Open Shortest Path First", &ab_append29}; +struct abbrev ab_append144 = {false,false, "OID", "Object Identifier", &ab_append30}; +struct abbrev ab_append31 = {false,false, "NTP", "Network Time Protocol", &ab_append144}; +struct abbrev ab_append93 = {false,true, "NT", "New Technology", &ab_append31}; +struct abbrev ab_append109 = {false,false, "NOS", "Network Operating System", &ab_append93}; +struct abbrev ab_append32 = {false,false, "NNTP", "Network News Transfer Protocol", &ab_append109}; +struct abbrev ab_append33 = {false,false, "NMP", "Network Management Processor", &ab_append32}; +struct abbrev ab_append34 = {false,false, "NIC", "Network Interface Center", &ab_append33}; +struct abbrev ab_append158 = {false,false, "NFS", "Network File System", &ab_append34}; +struct abbrev ab_append124 = {false,false, "NetBIOS-SSN", "NetBIOS Session Service", &ab_append158}; +struct abbrev ab_append123 = {false,false, "NetBIOS-NS", "NetBIOS Name Service", &ab_append124}; +struct abbrev ab_append122 = {false,false, "NetBIOS-DGM", "NetBIOS Datagram Service", &ab_append123}; +struct abbrev ab_append35 = {false,false, "NAT", "Network Address Translation", &ab_append122}; +struct abbrev ab_append36 = {false,false, "MTU", "Maximum Transmission Unit", &ab_append35}; +struct abbrev ab_append94 = {false,false, "MS-CHAP","MicroSoft Challenge Handshake Authentication Protocol", &ab_append36}; +struct abbrev ab_append86 = {false,false, "MPP", "Management Plane Protection", &ab_append94}; +struct abbrev ab_append37 = {false,false, "MPLS", "Multi Protocol Label Switching", &ab_append86}; +struct abbrev ab_append88 = {false,false, "MOTD", "Message Of The Day", &ab_append37}; +struct abbrev ab_append38 = {false,false, "MOP", "Maintenance Operations Protocol", &ab_append88}; +struct abbrev ab_append156 = {false,false, "MIPs", "Mapped IPs", &ab_append38}; +struct abbrev ab_append155 = {false,false, "MIP", "Mapped IP", &ab_append156}; +struct abbrev ab_append39 = {false,false, "MIB", "Management Information Base", &ab_append155}; +struct abbrev ab_append148 = {false,false, "MAC", "Media Access Control", &ab_append39}; +struct abbrev ab_append40 = {false,true, "MD5", "Message Digest 5", &ab_append148}; +struct abbrev ab_append41 = {false,false, "LSA", "Link State Advertisement", &ab_append40}; +struct abbrev ab_append121 = {false,false, "LPD", "Line Printer Daemon", &ab_append41}; +struct abbrev ab_append42 = {false,false, "LDP", "Label Diretribution Protocol", &ab_append121}; +struct abbrev ab_append120 = {false,false, "LDAPS", "Lightweight Directory Access Protocol (SSL)", &ab_append42}; +struct abbrev ab_append119 = {false,false, "LDAP", "Lightweight Directory Access Protocol", &ab_append120}; +struct abbrev ab_append43 = {false,false, "LAN", "Local Area Network", &ab_append119}; +struct abbrev ab_append118 = {false,false, "ISAKMP", "Internet Security Association and Key Management Protocol", &ab_append43}; +struct abbrev ab_append44 = {false,false, "IRC", "Internet Relay Chat", &ab_append118}; +struct abbrev ab_append45 = {false,false, "IPSec", "IP Security protocol", &ab_append44}; +struct abbrev ab_append108 = {false,false, "IPinIP", "IP-in-IP encapsulation", &ab_append45}; +struct abbrev ab_append46 = {false,true, "IP", "Internet Protocol", &ab_append108}; +struct abbrev ab_append47 = {false,false, "IOS", "Internet Operating System", &ab_append46}; +struct abbrev ab_append117 = {false,false, "IMAP4", "Internet Message Access Protocol version 4", &ab_append47}; +struct abbrev ab_append157 = {false,false, "IMAP3", "Internet Message Access Protocol version 3", &ab_append117}; +struct abbrev ab_append116 = {false,false, "IMAP", "Internet Message Access Protocol", &ab_append157}; +struct abbrev ab_append48 = {false,false, "IKMP", "Internet Key Management Protocol", &ab_append116}; +struct abbrev ab_append49 = {false,false, "IKE", "Internet Key Exchange", &ab_append48}; +struct abbrev ab_append50 = {false,false, "IGRP", "Interior Gateway Routing Protocol", &ab_append49}; +struct abbrev ab_append152 = {false,false, "IGPs", "Interior Gateway Protocols", &ab_append50}; +struct abbrev ab_append51 = {false,false, "IGP", "Interior Gateway Protocol", &ab_append152}; +struct abbrev ab_append52 = {false,false, "IGMP", "Internet Group Management Protocol", &ab_append51}; +struct abbrev ab_append87 = {false,false, "IDS", "Intruder Detection System", &ab_append52}; +struct abbrev ab_append107 = {false,false, "ICMP6", "Internet Control Message Protocol for IPv6", &ab_append87}; +struct abbrev ab_append53 = {false,false, "ICMP", "Internet Control Message Protocol", &ab_append107}; +struct abbrev ab_append114 = {false,false, "ICA", "Independent Computing Architecture", &ab_append53}; +struct abbrev ab_append54 = {false,false, "IANA", "Internet Assigned Number Authority", &ab_append114}; +struct abbrev ab_append55 = {false,true, "HTTPS", "HyperText Transfer Protocol over SSL", &ab_append54}; +struct abbrev ab_append56 = {false,true, "HTTP", "HyperText Transfer Protocol", &ab_append55}; +struct abbrev ab_append57 = {false,false, "HSRP", "Hot Standby Routing Protocol", &ab_append56}; +struct abbrev ab_append134 = {false,false, "GTSM", "Generalised TTL Security Mechanism", &ab_append57}; +struct abbrev ab_append161 = {false,false, "GTP", "GPRS Tunnelling Protocol", &ab_append134}; +struct abbrev ab_append58 = {false,false, "GRE", "Generic Routing Encapsulation protocol", &ab_append161}; +struct abbrev ab_append162 = {false,false, "GPRS", "General Packet Radio Service", &ab_append58}; +struct abbrev ab_append59 = {false,false, "FWSM", "FireWall Service Module", &ab_append162}; +struct abbrev ab_append60 = {false,true, "FTP", "File Transfer Protocol", &ab_append59}; +struct abbrev ab_append106 = {false,false, "ESP", "Encapsulated Security Payload", &ab_append60}; +struct abbrev ab_append61 = {false,false, "FDDI", "Fibre Disctributed Data Interface", &ab_append106}; +struct abbrev ab_append62 = {false,false, "EIGRP", "Enhanced Interior Gateway Routing Protocol", &ab_append61}; +struct abbrev ab_append153 = {false,false, "EGPs", "Exterior Gateway Protocols", &ab_append62}; +struct abbrev ab_append63 = {false,false, "EGP", "Exterior Gateway Protocol", &ab_append153}; +struct abbrev ab_append96 = {false,false, "DOS", "Disk Operating System", &ab_append63}; +struct abbrev ab_append64 = {false,false, "DoS", "Denial of Service", &ab_append96}; +struct abbrev ab_append65 = {false,false, "DNS", "Domain Name System", &ab_append64}; +struct abbrev ab_append66 = {false,false, "DHCP", "Dynamic Host Configuration Protocol", &ab_append65}; +struct abbrev ab_append67 = {false,false, "DH", "Diffie-Hellman", &ab_append66}; +struct abbrev ab_append68 = {false,false, "DES", "Data Encryption Standard", &ab_append67}; +struct abbrev ab_append131 = {false,false, "DDoS", "Distributed Denial of Service", &ab_append68}; +struct abbrev ab_append69 = {false,false, "dCEF", "Distributed CEF", &ab_append131}; +struct abbrev ab_append160 = {false,false, "DCERPC", "Distributed Computing Environment / Remote Procedure Call", &ab_append69}; +struct abbrev ab_append159 = {false,false, "DCE", "Distributed Computing Environment", &ab_append160}; +struct abbrev ab_append140 = {false,false, "CVE", "Common Vulnerabilities and Exposures", &ab_append159}; +struct abbrev ab_append115 = {false,false, "CTIQBE", "Computer Telephony Interface Quick Buffer Encoding", &ab_append140}; +struct abbrev ab_append70 = {false,false, "CTI", "Computer Telephony Integration", &ab_append115}; +struct abbrev ab_append151 = {false,false, "CSS", "Content Services Switch", &ab_append70}; +struct abbrev ab_append71 = {false,false, "CRL", "Certificate Revocation List", &ab_append151}; +struct abbrev ab_append72 = {false,true, "CPU", "Central Processing Unit", &ab_append71}; +struct abbrev ab_append73 = {false,false, "CPP", "Combinet Propietry Protocol", &ab_append72}; +struct abbrev ab_append74 = {false,false, "CHAP", "Challenge Handshake Authentication Protocol", &ab_append73}; +struct abbrev ab_append130 = {false,false, "CEF", "Cisco Express Forwarding", &ab_append74}; +struct abbrev ab_append75 = {false,false, "CDP", "Cisco Discovery Protocol", &ab_append130}; +struct abbrev ab_append76 = {false,false, "CA", "Certificate Authority", &ab_append75}; +struct abbrev ab_append139 = {false,false, "BPDU", "Bridge Protocol Data Unit", &ab_append76}; +struct abbrev ab_append102 = {false,false, "BOOTPS", "BOOTstrap Protocol Server", &ab_append139}; +struct abbrev ab_append101 = {false,false, "BOOTPC", "BOOTstrap Protocol Client", &ab_append102}; +struct abbrev ab_append77 = {false,false, "BOOTP", "BOOTstrap Protocol", &ab_append101}; +struct abbrev ab_append141 = {false,false, "BID", "Bugtraq ID", &ab_append77}; +struct abbrev ab_append78 = {false,false, "BGP", "Border Gateway Protocol", &ab_append141}; +struct abbrev ab_append136 = {false,false, "ATM", "Asynchronous Transfer Mode", &ab_append78}; +struct abbrev ab_append79 = {false,false, "ASBR", "Autonomous System Boundry Router", &ab_append136}; +struct abbrev ab_append80 = {false,false, "ASA", "Adaptive Security Appliance", &ab_append79}; +struct abbrev ab_append81 = {false,false, "ARP", "Address Resolution Protocol", &ab_append80}; +struct abbrev ab_append113 = {false,false, "AOL", "America Online", &ab_append81}; +struct abbrev ab_append138 = {false,false, "AMP", "Active Monitor Present", &ab_append113}; +struct abbrev ab_append154 = {false,false, "ALG", "Application Layer Gateway", &ab_append138}; +struct abbrev ab_append82 = {false,false, "AH", "Authentication Header", &ab_append154}; +struct abbrev ab_append137 = {false,false, "AFI", "Authority and Format Identifier", &ab_append82}; +struct abbrev ab_append83 = {false,false, "ACLs", "Access Control Lists", &ab_append137}; +struct abbrev ab_append129 = {false,false, "ACL", "Access Control List", &ab_append83}; +struct abbrev ab_append128 = {false,false, "ACEs", "Access Control Entries", &ab_append129}; +struct abbrev ab_append84 = {false,false, "ACE", "Access Control Entry", &ab_append128}; +struct abbrev ab_append85 = {false,false, "ABR", "Area Border Router", &ab_append84}; +struct abbrev ab_append135 = {false,false, "AAL", "ATM Adaptation Layer", &ab_append85}; +struct abbrev ab_append145 = {false,false, "AAA", "Authentication, Authorization and Accounting", &ab_append135}; +struct abbrev ab_append = {false,true, "3DES", "Tripple Data Encryption Standard", &ab_append145}; + + +struct debugAbbrev +{ + char ab[20]; + int count; + struct debugAbbrev *next; +}; +struct debugAbbrev *debugAb = 0; + +// Adds an abbreviation not found to a list to be shown +// if the debug abbreviations obtion has been set. +void addAbbrevNotFound(char *abbreviation) +{ + // Variables... + struct debugAbbrev *debugAbPointer = 0; + + // If structure is empty, create + if (debugAb == 0) + { + debugAb = malloc(sizeof(struct debugAbbrev)); + memset(debugAb, 0, sizeof(struct debugAbbrev)); + debugAbPointer = debugAb; + } + else + { + + // Search for matching abbreviations + debugAbPointer = debugAb; + while ((debugAbPointer->next != 0) && (strcasecmp(abbreviation, debugAbPointer->ab) != 0)) + debugAbPointer = debugAbPointer->next; + + // If not found + if (strcasecmp(abbreviation, debugAbPointer->ab) != 0) + { + debugAbPointer->next = malloc(sizeof(struct debugAbbrev)); + memset(debugAbPointer->next, 0, sizeof(struct debugAbbrev)); + debugAbPointer = debugAbPointer->next; + } + } + + // Set information + strncpy(debugAbPointer->ab, abbreviation, sizeof(debugAbPointer->ab) - 1); + debugAbPointer->count++; +} + + +#define abbrev_notfound 0 +#define abbrev_found 1 +#define abbrev_expand 2 + + +// Add an abbreviation to the list to be shown in the +// appendix +int addAbbreviation(char *abbreviation, int expand) +{ + // Variables + struct abbrev *abbrevPointer = 0; + + // Check that it is not something silly + if ((strlen(abbreviation) > 0) && (strcmp(abbreviation, "any") != 0)) + { + + // Add Service Port + addPort(abbreviation); + + // If HTTPS is being set, then SSL also needs to be set + if (strcasecmp(abbreviation, "HTTPS") == 0) + addAbbreviation("SSL", false); + + // If LDAPS is set, the SSL also needs to be set + else if (strcasecmp(abbreviation, "LDAPS") == 0) + addAbbreviation("SSL", false); + + // If GTP is set, the GPRS also needs to be set + else if (strcasecmp(abbreviation, "GTP") == 0) + addAbbreviation("GPRS", false); + + // If IPinIP is set, the IP also needs to be set + else if (strcasecmp(abbreviation, "IPinIP") == 0) + addAbbreviation("IP", false); + + // If IPSec is set, the IP also needs to be set + else if (strcasecmp(abbreviation, "IPSec") == 0) + addAbbreviation("IP", false); + + // If GTSM is set, the TTL also needs to be set + else if (strcasecmp(abbreviation, "GTSM") == 0) + addAbbreviation("TTL", false); + + // If ICMPv6 is set, the IP also needs to be set + else if (strcasecmp(abbreviation, "ICMPv6") == 0) + addAbbreviation("IP", false); + + // If Citrix-ICA is set, then ICA needs to be set + else if (strcasecmp(abbreviation, "Citrix-ICA") == 0) + addAbbreviation("ICA", false); + + // If VTP is set, then VLAN needs to be set + else if (strcasecmp(abbreviation, "VTP") == 0) + addAbbreviation("VLAN", false); + + // If VRF is set, then VPN needs to be set + else if (strcasecmp(abbreviation, "VRF") == 0) + addAbbreviation("VPN", false); + + // If AAL is set, then ATM needs to be set + else if (strcasecmp(abbreviation, "AAL") == 0) + addAbbreviation("ATM", false); + + // If dCEF is set, then CEF needs to be set + else if (strcasecmp(abbreviation, "dCEF") == 0) + addAbbreviation("CEF", false); + + // ACL and ACE Plaural + if (strcmp(abbreviation, "ACLs") == 0) + return addAbbreviation("ACL", expand); + else if (strcmp(abbreviation, "ACEs") == 0) + return addAbbreviation("ACE", expand); + + // VIP Plaural + else if (strcmp(abbreviation, "VIPs") == 0) + return addAbbreviation("VIP", expand); + + // VLAN Plaural + else if (strcmp(abbreviation, "VLANs") == 0) + return addAbbreviation("VLAN", expand); + + // EGP Plaural + else if (strcmp(abbreviation, "EGPs") == 0) + return addAbbreviation("EGP", expand); + + // IGP Plaural + else if (strcmp(abbreviation, "IGPs") == 0) + return addAbbreviation("IGP", expand); + + // If not DOS or DoS... + else if ((strcmp(abbreviation, "DoS") != 0) && (strcmp(abbreviation, "DOS") != 0)) + { + // Search for abbreviation + abbrevPointer = &ab_append; + while ((abbrevPointer->next != 0) && (strcasecmp(abbrevPointer->ab, abbreviation) != 0)) + abbrevPointer = abbrevPointer->next; + + // If found, set enabled and expanded + if (strcasecmp(abbrevPointer->ab, abbreviation) == 0) + { + // Add to abbreviation list + abbrevPointer->add = true; + + // Expand abbreviation in the text? + if ((expand == true) && (abbrevPointer->expanded == false)) + { + abbrevPointer->expanded = true; + return abbrev_expand; + } + else + return abbrev_found; + } + } + else + { + // Search for abbreviation + abbrevPointer = &ab_append; + while ((abbrevPointer->next != 0) && (strcmp(abbrevPointer->ab, abbreviation) != 0)) + abbrevPointer = abbrevPointer->next; + + // If found, set enabled and expanded + if (strcmp(abbrevPointer->ab, abbreviation) == 0) + { + // Add to abbreviation list + abbrevPointer->add = true; + + // Expand abbreviation in the text? + if ((expand == true) && (abbrevPointer->expanded == false)) + { + abbrevPointer->expanded = true; + return abbrev_expand; + } + else + return abbrev_found; + } + } + + // Not found + addAbbrevNotFound(abbreviation); + return abbrev_notfound; + } + else + return abbrev_notfound; +} + + +// Returns the expanded abbreviation text. +const char *getAbbreviation(char *abbreviation) +{ + // Variables + struct abbrev *abbrevPointer = 0; + + // If not DOS or DoS... + if ((strcmp(abbreviation, "DoS") != 0) && (strcmp(abbreviation, "DOS") != 0)) + { + // Search for abbreviation + abbrevPointer = &ab_append; + while ((abbrevPointer->next != 0) && (strcasecmp(abbrevPointer->ab, abbreviation) != 0)) + abbrevPointer = abbrevPointer->next; + + // if found, return + if (strcasecmp(abbrevPointer->ab, abbreviation) == 0) + return abbrevPointer->desc; + else + return 0; + } + else + { + // Search for abbreviation + abbrevPointer = &ab_append; + while ((abbrevPointer->next != 0) && (strcmp(abbrevPointer->ab, abbreviation) != 0)) + abbrevPointer = abbrevPointer->next; + + // if found, return + if (strcmp(abbrevPointer->ab, abbreviation) == 0) + return abbrevPointer->desc; + else + return 0; + } +} + + +// ---------------------------------------------------------------------------------- +// Glossary... + + + diff --git a/0.11.10/common/.svn/text-base/report-debug.c.svn-base b/0.11.10/common/.svn/text-base/report-debug.c.svn-base new file mode 100644 index 0000000..a08a9a4 --- /dev/null +++ b/0.11.10/common/.svn/text-base/report-debug.c.svn-base @@ -0,0 +1,131 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Output the ACL debug information... +void reportRulesDebug(struct nipperConfig *nipper) +{ + // Variables... + struct filterObjectConfig *filterObjectPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + int ruleNumber = 0; + + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + printf("Filter List: %s\n", filterListPointer->name); + printf(" Deny All And Log: %d\n", filterListPointer->denyAllAndLog); + ruleNumber = 1; + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + printf(" Rule: %d\n", ruleNumber); + printf(" Enabled: %d\n", filterPointer->enabled); + printf(" Action: %d\n", filterPointer->action); + printf(" Protocol: %s\n", filterPointer->protocol); + printf(" Protocol Type: %d\n", filterPointer->protocolType); + printf(" Source:\n"); + filterObjectPointer = filterPointer->source; + while (filterObjectPointer != 0) + { + printf(" Object: %s\n", filterObjectPointer->name); + printf(" Netmask: %s\n", filterObjectPointer->netMask); + printf(" Service Oper: %d\n", filterObjectPointer->serviceOp); + printf(" Type: %d\n", filterObjectPointer->type); + filterObjectPointer = filterObjectPointer->next; + } + printf(" Source Service:\n"); + filterObjectPointer = filterPointer->sourceService; + while (filterObjectPointer != 0) + { + printf(" Object: %s\n", filterObjectPointer->name); + printf(" Netmask: %s\n", filterObjectPointer->netMask); + printf(" Service Oper: %d\n", filterObjectPointer->serviceOp); + printf(" Type: %d\n", filterObjectPointer->type); + filterObjectPointer = filterObjectPointer->next; + } + printf(" Destination:\n"); + filterObjectPointer = filterPointer->destination; + while (filterObjectPointer != 0) + { + printf(" Object: %s\n", filterObjectPointer->name); + printf(" Netmask: %s\n", filterObjectPointer->netMask); + printf(" Service Oper: %d\n", filterObjectPointer->serviceOp); + printf(" Type: %d\n", filterObjectPointer->type); + filterObjectPointer = filterObjectPointer->next; + } + printf(" Destination Service:\n"); + filterObjectPointer = filterPointer->destinationService; + while (filterObjectPointer != 0) + { + printf(" Object: %s\n", filterObjectPointer->name); + printf(" Netmask: %s\n", filterObjectPointer->netMask); + printf(" Service Oper: %d\n", filterObjectPointer->serviceOp); + printf(" Type: %d\n", filterObjectPointer->type); + filterObjectPointer = filterObjectPointer->next; + } + printf(" Through Device:\n"); + filterObjectPointer = filterPointer->through; + while (filterObjectPointer != 0) + { + printf(" Object: %s\n", filterObjectPointer->name); + printf(" Netmask: %s\n", filterObjectPointer->netMask); + printf(" Service Oper: %d\n", filterObjectPointer->serviceOp); + printf(" Type: %d\n", filterObjectPointer->type); + filterObjectPointer = filterObjectPointer->next; + } + printf(" Install On:\n"); + filterObjectPointer = filterPointer->install; + while (filterObjectPointer != 0) + { + printf(" Object: %s\n", filterObjectPointer->name); + printf(" Netmask: %s\n", filterObjectPointer->netMask); + printf(" Service Oper: %d\n", filterObjectPointer->serviceOp); + printf(" Type: %d\n", filterObjectPointer->type); + filterObjectPointer = filterObjectPointer->next; + } + printf(" Log: %d\n", filterPointer->log); + printf(" Remark: %s\n", filterPointer->remark); + printf(" Admin UID: %s\n", filterPointer->uid); + printf(" Any Source: %d\n", filterPointer->anySource); + printf(" Network Source: %d\n", filterPointer->networkSource); + printf(" Any Source Service: %d\n", filterPointer->anySourceService); + printf(" Any Destination: %d\n", filterPointer->anyDestination); + printf(" Network Destination: %d\n", filterPointer->networkDestination); + printf(" Any Destination Service: %d\n", filterPointer->anyDestinationService); + filterPointer = filterPointer->next; + ruleNumber++; + } + filterListPointer = filterListPointer->next; + } +} + + diff --git a/0.11.10/common/.svn/text-base/report-functions.c.svn-base b/0.11.10/common/.svn/text-base/report-functions.c.svn-base new file mode 100644 index 0000000..3379559 --- /dev/null +++ b/0.11.10/common/.svn/text-base/report-functions.c.svn-base @@ -0,0 +1,1818 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#define section_none 0 +#define section_obs 1 +#define section_imp 2 +#define section_ease 3 +#define section_rec 4 +#define subsection_end 5 +#define section_end 6 + +#define rate_none 0 +#define rate_low 1 +#define rate_lowmed 2 +#define rate_med 3 +#define rate_medhigh 4 +#define rate_high 5 +#define rate_noease 6 +#define rate_trivial 7 +#define rate_moderate 8 +#define rate_difficult 9 + + +// Make text format friendly +// ------------------------- +// This routing will convert the text into a version that +// is friendly to whatever format the report is to be +// output in. +void outputFriendly(char *line, char *output, int maxSize, int outputFormat) +{ + switch (outputFormat) + { + case output_xml: + case output_html: + htmlFriendly(line, output, maxSize); + break; + + case output_latex: + latexFriendly(line, output, maxSize); + break; + + default: + sprintf(output, "%s", line); + break; + } +} + + +// Insert Bullet List +void output_list(struct nipperConfig *nipper, struct tableHeading *listitems) +{ + // Variables + struct tableHeading *listPointer = 0; + int itemCount = 0; + + // Get Item Count... + listPointer = listitems; + while (listPointer != 0) + { + if (listPointer->password == false) + itemCount++; + listPointer = listPointer->next; + } + + if (itemCount > 0) + { + // Draw list start + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
    \n"); + break; + case output_latex: + fprintf(nipper->reportFile, "\\begin{itemize}\n"); + break; + case output_xml: + fprintf(nipper->reportFile, " \n"); + break; + } + + // Draw list items + listPointer = listitems; + while (listPointer != 0) + { + if (listPointer->password == false) + { + if (itemCount == 1) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
  • %s.
    • \n", listPointer->heading); + break; + case output_latex: + fprintf(nipper->reportFile, "\\item %s.\n", listPointer->heading); + break; + case output_text: + fprintf(nipper->reportFile, " * %s.\n", listPointer->heading); + break; + case output_xml: + fprintf(nipper->reportFile, " %s.\n", listPointer->heading); + break; + } + } + else + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
  • %s;
    • \n", listPointer->heading); + break; + case output_latex: + fprintf(nipper->reportFile, "\\item %s;\n", listPointer->heading); + break; + case output_text: + fprintf(nipper->reportFile, " * %s;\n", listPointer->heading); + break; + case output_xml: + fprintf(nipper->reportFile, " %s;\n", listPointer->heading); + break; + } + } + itemCount--; + } + listPointer = listPointer->next; + } + + // Draw list end + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
\n"); + break; + case output_latex: + fprintf(nipper->reportFile, "\\end{itemize}\n"); + break; + case output_text: + fprintf(nipper->reportFile, "\n"); + break; + case output_xml: + fprintf(nipper->reportFile, " \n"); + break; + } + } +} + + +void set_aclrec_list(struct nipperConfig *nipper, struct tableHeading *listitems) +{ + // Variables + struct tableHeading *listPointer = 0; + + listPointer = listitems; + + // If Any Source... + if (nipper->anySourceIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Network Source... + listPointer = listPointer->next; + if (nipper->networkSourceIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Source Service... + listPointer = listPointer->next; + if (nipper->anySourceServiceIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Any Destination... + listPointer = listPointer->next; + if (nipper->anyDestinationIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Network Destination... + listPointer = listPointer->next; + if (nipper->networkDestinationIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Destination Service... + listPointer = listPointer->next; + if (nipper->anyDestinationServiceIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Log Denied... + listPointer = listPointer->next; + if (nipper->logDenyRulesIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Disabled... + listPointer = listPointer->next; + if (nipper->disabledRulesIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Reject... + listPointer = listPointer->next; + if (nipper->rejectRulesIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Bypass... + listPointer = listPointer->next; + if (nipper->bypassRulesIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Default... + listPointer = listPointer->next; + if (nipper->defaultRulesIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Log Everything... + listPointer = listPointer->next; + if (nipper->allRulesLogIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Deny All and Log... + listPointer = listPointer->next; + if (nipper->denyLogIssue == false) + listPointer->password = true; + else + listPointer->password = false; +} + + +void table_row_span(struct nipperConfig *nipper, struct tableHeading *heading, char *text) +{ + // Variables... + int spanCount = 0; + char tempString[nipper->maxSize]; + struct tableHeading *headingPointer = 0; + + // Get the number of columns to span + headingPointer = heading; + while (headingPointer != 0) + { + spanCount++; + headingPointer = headingPointer->next; + } + + // Sanitise the text for the report format... + outputFriendly(text, tempString, nipper->maxSize, nipper->outputFormat); + + // Output the table row... + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "\n", spanCount, tempString); + break; + case output_xml: + fprintf(nipper->reportFile, " \n %s\n \n", spanCount, tempString); + break; + case output_latex: + fprintf(nipper->reportFile, "\\multicolumn{%d}{|c|}{%s} \\\\", spanCount, tempString); + break; + case output_text: + fprintf(nipper->reportFile, "%s\n", tempString); + break; + } +} + + +// Insert Start / End of Table +// --------------------------- +// This code inserts the start of end of a table into the +// report output. +void output_table(struct nipperConfig *nipper, int tableStart, const char *tableTitle, struct tableHeading *heading) +{ + // Variables + struct tableHeading *headingPointer = 0; + int tempInt = 0; + int total = 0; + int remainder = 0; + char friendlyCaption[nipper->maxSize]; + + outputFriendly((char *)tableTitle, friendlyCaption, nipper->maxSize, nipper->outputFormat); + + // Table start... + if (tableStart == true) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
Table %d: %s.
Network Interface
%s
\n \n \n ", nipper->tableNum, friendlyCaption); + headingPointer = heading; + while (headingPointer != 0) + { + if ((nipper->passwords == true) || (headingPointer->password == false)) + fprintf(nipper->reportFile, "\n ", headingPointer->heading); + headingPointer = headingPointer->next; + } + fprintf(nipper->reportFile, "\n \n\n \n"); + break; + + case output_xml: + fprintf(nipper->reportFile, "
Table %d: %s
%s
\n", nipper->tableNum, nipper->tableNum); + fprintf(nipper->reportFile, " \n \n", friendlyCaption); + headingPointer = heading; + while (headingPointer != 0) + { + if ((nipper->passwords == true) || (headingPointer->password == false)) + fprintf(nipper->reportFile, " %s\n", headingPointer->heading); + headingPointer = headingPointer->next; + } + fprintf(nipper->reportFile, " \n \n"); + break; + + case output_latex: + // Print start of table + fprintf(nipper->reportFile, "\\begin{table}[h!]\n"); + fprintf(nipper->reportFile, "\\begin{tabular}{|"); + headingPointer = heading; + while (headingPointer != 0) + { + if ((nipper->passwords == true) || (headingPointer->password == false)) + fprintf(nipper->reportFile, " c |"); + headingPointer = headingPointer->next; + } + fprintf(nipper->reportFile, "}\n\\hline\n"); + headingPointer = heading; + while (headingPointer != 0) + { + if ((nipper->passwords == true) || (headingPointer->password == false)) + { + if (headingPointer->next != 0) + fprintf(nipper->reportFile, "%s&", headingPointer->heading); + else + fprintf(nipper->reportFile, "%s\\\\\n", headingPointer->heading); + } + headingPointer = headingPointer->next; + } + fprintf(nipper->reportFile, "\\hline\n"); + break; + + case output_text: + total = 0; + tempInt = 0; + // Count headings length + headingPointer = heading; + while (headingPointer != 0) + { + if ((nipper->passwords == true) || (headingPointer->password == false)) + { + total += strlen(headingPointer->heading); + tempInt++; + } + headingPointer = headingPointer->next; + } + if (nipper->tableNum < 10) + remainder = 1; + else if (nipper->tableNum < 100) + remainder = 2; + else if (nipper->tableNum < 1000) + remainder = 3; + else + remainder = 4; + total += (tempInt * 2) - 2; + // Is table title or headings longest + if ((strlen(tableTitle) + 8 + remainder) > total) + total = strlen(tableTitle) + 8 + remainder; + // Print start of table + for (tempInt = 0; tempInt < total; tempInt++) + { + fprintf(nipper->reportFile, "-"); + } + fprintf(nipper->reportFile, "\n"); + headingPointer = heading; + while (headingPointer != 0) + { + if ((nipper->passwords == true) || (headingPointer->password == false)) + { + if (headingPointer->next != 0) + fprintf(nipper->reportFile, "%s, ", headingPointer->heading); + else + fprintf(nipper->reportFile, "%s", headingPointer->heading); + } + headingPointer = headingPointer->next; + } + fprintf(nipper->reportFile, "\n"); + for (tempInt = 0; tempInt < total; tempInt++) + { + fprintf(nipper->reportFile, "-"); + } + fprintf(nipper->reportFile, "\n"); + break; + } + } + + // Table end... + else + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, " \n
%s
\n 
\n\n"); + break; + + case output_xml: + fprintf(nipper->reportFile, " \n \n"); + break; + + case output_latex: + fprintf(nipper->reportFile, "\\end{tabular}\n"); + fprintf(nipper->reportFile, "\\caption{%s}\n", friendlyCaption); + fprintf(nipper->reportFile, "\\end{table}\n\n"); + break; + + case output_text: + total = 0; + tempInt = 0; + // Count headings length + headingPointer = heading; + while (headingPointer != 0) + { + if ((nipper->passwords == true) || (headingPointer->password == false)) + { + total += strlen(headingPointer->heading); + tempInt++; + } + headingPointer = headingPointer->next; + } + if (nipper->tableNum < 10) + remainder = 1; + else if (nipper->tableNum < 100) + remainder = 2; + else if (nipper->tableNum < 1000) + remainder = 3; + else + remainder = 4; + total += (tempInt * 2) - 2; + // Is table title or headings longest + if ((strlen(tableTitle) + 8 + remainder) > total) + total = strlen(tableTitle) + 8 + remainder; + for (tempInt = 0; tempInt < total; tempInt++) + { + fprintf(nipper->reportFile, "-"); + } + fprintf(nipper->reportFile, "\nTable %d: %s\n\n", nipper->tableNum, friendlyCaption); + break; + } + nipper->tableNum++; + } +} + + +// Insert New Paragrapgh +// --------------------- +// This code simply inserts a new paragraph. +void output_newPara(struct nipperConfig *nipper) +{ + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
\n 
\n"); + break; + case output_latex: + case output_text: + fprintf(nipper->reportFile, "\n\n"); + break; + } +} + + +#define section_main 0 +#define section_main_sec 1 +#define section_main_con 2 +#define section_main_app 3 +#define section_main_abt 4 +#define section_security 5 +#define section_config 6 +#define section_appendix 7 +#define section_about 8 +#define section_contents 20 + +// Report Index Parsing and Output +// ------------------------------- +// This code will output the index text and create hyperlinks (where required) for +// the different output formats. +void output_parseIndex(const char *theText, struct nipperConfig *nipper, int section) +{ + // Variables... + int textLoop = 0; + + // Increment Count... + nipper->subSectionCount++; + + switch (nipper->outputFormat) + { + case output_html: + if (section == section_security) + fprintf(nipper->reportFile, "    %d.%d. sectionCount, nipper->subSectionCount); + else if (section == section_config) + fprintf(nipper->reportFile, "    %d.%d. sectionCount, nipper->subSectionCount); + else if (section == section_appendix) + fprintf(nipper->reportFile, "    %d.%d. sectionCount, nipper->subSectionCount); + else if (section == section_about) + fprintf(nipper->reportFile, "    %d.%d. sectionCount, nipper->subSectionCount); + else + fprintf(nipper->reportFile, "    %d.%d. sectionCount, nipper->subSectionCount); + for (textLoop = 0; textLoop < strlen(theText); textLoop++) + { + if (theText[textLoop] != ' ') + fprintf(nipper->reportFile, "%c", theText[textLoop]); + } + fprintf(nipper->reportFile, "\">%s
\n", theText); + break; + + case output_text: + fprintf(nipper->reportFile, " %d.%d. %s\n", nipper->sectionCount, nipper->subSectionCount, theText); + break; + } +} + + +// Report Index Parsing and Output +// ------------------------------- +// This code will output the index text and create hyperlinks (where required) for +// the different output formats. +void output_parseSectionIndex(const char *theText, struct nipperConfig *nipper) +{ + // Variables... + int textLoop = 0; + + // Init Sub Section + nipper->sectionCount++; + nipper->subSectionCount = 0; + + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "%d. sectionCount); + for (textLoop = 0; textLoop < strlen(theText); textLoop++) + { + if (theText[textLoop] != ' ') + fprintf(nipper->reportFile, "%c", theText[textLoop]); + } + fprintf(nipper->reportFile, "\">%s
\n", theText); + break; + + case output_text: + fprintf(nipper->reportFile, "%d. %s\n", nipper->sectionCount, theText); + break; + } +} + + +// Report Title Parsing and Output +// ------------------------------- +// This code will output the section title and create a link destination (where +// required) for the different output formats. +void output_parseTitle(const char *theText, struct nipperConfig *nipper, int section) +{ + // Variables... + int textLoop = 0; + int length = 0; + char tempChar; + + // Sort out section counters... + if ((section == section_main_sec) || (section == section_main_con) || (section == section_main_app) || (section == section_main_abt) || (section == section_main)) + { + nipper->sectionCount++; + nipper->subSectionCount = 0; + } + else if (section != section_contents) + nipper->subSectionCount++; + + switch (nipper->outputFormat) + { + case output_latex: + if ((section == section_contents) || (section == section_main_sec) || (section == section_main_con) || (section == section_main_abt) || (section == section_main_app) || (section == section_main)) + fprintf(nipper->reportFile, "\\section["); + else + fprintf(nipper->reportFile, "\\subsection["); + for (textLoop = 0; textLoop < strlen(theText); textLoop++) + { + if (theText[textLoop] != ' ') + fprintf(nipper->reportFile, "%c", theText[textLoop]); + } + fprintf(nipper->reportFile, "%s]\n {%s}\n\n", nipper->hostname, theText); + break; + + case output_html: + if (section == section_contents) + fprintf(nipper->reportFile, "

reportFile, "

%d. sectionCount); + else if (section == section_security) + fprintf(nipper->reportFile, "

%d.%d. sectionCount, nipper->subSectionCount); + else if (section == section_config) + fprintf(nipper->reportFile, "

%d.%d. sectionCount, nipper->subSectionCount); + else if (section == section_appendix) + fprintf(nipper->reportFile, "

%d.%d. sectionCount, nipper->subSectionCount); + else if (section == section_about) + fprintf(nipper->reportFile, "

%d.%d. sectionCount, nipper->subSectionCount); + else + fprintf(nipper->reportFile, "

%d.%d. sectionCount, nipper->subSectionCount); + for (textLoop = 0; textLoop < strlen(theText); textLoop++) + { + if (theText[textLoop] != ' ') + fprintf(nipper->reportFile, "%c", theText[textLoop]); + } + if ((section == section_main_sec) || (section == section_contents) || (section == section_main_con) || (section == section_main_app) || (section == section_main)) + fprintf(nipper->reportFile, "\">%s

\n", theText); + else + fprintf(nipper->reportFile, "\">%s

\n", theText); + break; + + case output_xml: + if ((section == section_main) || (section == section_contents)) + fprintf(nipper->reportFile, "
reportFile, "
reportFile, "
reportFile, "
reportFile, "
reportFile, " reportFile, " reportFile, " reportFile, " reportFile, " title=\"%s\" ref=\"", theText); + for (textLoop = 0; textLoop < strlen(theText); textLoop++) + { + if (theText[textLoop] != ' ') + fprintf(nipper->reportFile, "%c", theText[textLoop]); + } + fprintf(nipper->reportFile, "%d%s\">\n", section + 48, nipper->hostname); + break; + + case output_text: + if ((section == section_main_sec) || (section == section_main_con) || (section == section_main_abt) || (section == section_main_app)) + tempChar = '~'; + else + tempChar = '-'; + length = strlen(theText); + if (section == section_contents) + fprintf(nipper->reportFile, "%s\n", theText); + else if ((section == section_main_sec) || (section == section_main_con) || (section == section_main_abt) || (section == section_main_app) || (section == section_main)) + { + fprintf(nipper->reportFile, "%d. %s\n", nipper->sectionCount, theText); + length += 3; + if (nipper->sectionCount > 9) + length++; + if (nipper->sectionCount > 99) + length++; + } + else + { + fprintf(nipper->reportFile, "%d.%d. %s\n", nipper->sectionCount, nipper->subSectionCount, theText); + length += 5; + if (nipper->sectionCount > 9) + length++; + if (nipper->sectionCount > 99) + length++; + if (nipper->subSectionCount > 9) + length++; + if (nipper->subSectionCount > 99) + length++; + } + for (textLoop = 0; textLoop < length; textLoop++) + { + fprintf(nipper->reportFile, "%c", tempChar); + } + fprintf(nipper->reportFile, "\n\n"); + break; + } +} + + +// Report End of Section +// --------------------- +// This routine outputs an end of section. +void output_endsection(struct nipperConfig *nipper, int reportSection) +{ + // Format... + switch (nipper->outputFormat) + { + case output_xml: + switch (reportSection) + { + case section_obs: + case section_imp: + case section_ease: + case section_rec: + fprintf(nipper->reportFile, " \n"); + break; + + case subsection_end: + fprintf(nipper->reportFile, " \n"); + break; + + case section_end: + fprintf(nipper->reportFile, "
\n"); + break; + } + break; + } +} + + +// Report Text Parsing and Output +// ------------------------------ +// This code outputs text to the report. The text could be a security report +// paragraph or just plain text. It will use the embeded codes to format the +// text for each output type. The current codes include: +// COMPANY - Company name +// DEVICENAME - The device name +// ABBREV ^ - Abbreviation +// COMMAND ^ - A command +// CMDOPTION ^ - A command option +// CMDREQUIRE ^ - A command requirement +// CMDOR - Command alternatives +// CMDUSER ^ - User supplied command entry +// NEWLINE - A newline +// - The data parameter is: +// SINGULA ^ - * equal to 1 +// PLAURAL ^ - * more than 1 +// POSITIVE ^ - * positive +// NEGATIVE ^ - * negative +// ZERO ^ - * zero +// TABLEREF - Insert Table Reference +// NUMBER - Insert Number (provided by data) +// NONEWPARA - No new paragraph at the end +// NEWPARA - Insert New Paragraph +// DEVICETYPE - Insert device type +// DEVICEVERSION - Device version details +// NOTEXTSTART - XML Only - Do not start with a +// DATE - Insert the current date +// INDENT - Text indentation +// TABLEITEM ^ - Text is used in a table cell +// Each code is encolsed in * and codes that have a start and end [^} use the +// same code with a - prepending it. +void output_parseText(const char *theText, struct nipperConfig *nipper, int reportSection, int rating, int data, int reference) +{ + // Variables... + int offset = 0; + int textLength = 0; + int abbreviationStatus = 0; + char *charPointer; + char tempString[nipper->maxSize]; + int dayType; + time_t tempTime; + const char *abbreviation; + + // Section... + if (strncmp(theText, "*TABLEITEM*", 11) != 0) + { + switch (reportSection) + { + case section_obs: + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, " \n "); + break; + case output_html: + fprintf(nipper->reportFile, "Observation: "); + break; + case output_latex: + case output_text: + fprintf(nipper->reportFile, "OBSERVATION: "); + break; + } + break; + + case section_imp: + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, " reportFile, "low"); + break; + case rate_lowmed: + fprintf(nipper->reportFile, "lowmed"); + break; + case rate_med: + fprintf(nipper->reportFile, "med"); + break; + case rate_medhigh: + fprintf(nipper->reportFile, "medhigh"); + break; + case rate_high: + fprintf(nipper->reportFile, "high"); + break; + } + fprintf(nipper->reportFile, "\">\n "); + break; + case output_html: + fprintf(nipper->reportFile, "Impact: "); + break; + case output_latex: + case output_text: + fprintf(nipper->reportFile, "IMPACT: "); + break; + } + break; + + case section_ease: + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, " reportFile, "noease "); + break; + case rate_trivial: + fprintf(nipper->reportFile, "trivial"); + break; + case rate_moderate: + fprintf(nipper->reportFile, "moderate"); + break; + case rate_difficult: + fprintf(nipper->reportFile, "difficult"); + break; + } + fprintf(nipper->reportFile, "\">\n "); + break; + case output_html: + if (rating == rate_noease) + fprintf(nipper->reportFile, "Ease: N/A"); + else + fprintf(nipper->reportFile, "Ease: "); + break; + case output_latex: + case output_text: + if (rating == rate_noease) + fprintf(nipper->reportFile, "EASE: N/A"); + else + fprintf(nipper->reportFile, "EASE: "); + break; + } + break; + + case section_rec: + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "Recommendation: "); + break; + case output_xml: + fprintf(nipper->reportFile, " \n "); + break; + case output_latex: + case output_text: + fprintf(nipper->reportFile, "RECOMMENDATION: "); + break; + } + break; + + default: + switch (nipper->outputFormat) + { + case output_xml: + if (strncmp(theText, "*NOTEXTSTART*", 13) != 0) + fprintf(nipper->reportFile, " "); + break; + } + break; + } + } + + // Parse the text + textLength = strlen(theText); + for (offset = 0; offset < textLength; offset++) + { + // Init... + memset(tempString, 0, sizeof(tempString)); + + // Company name... + if (strncmp("*COMPANY*", theText + offset, 9) == 0) + { + switch (nipper->outputFormat) + { + default: + fprintf(nipper->reportFile, "%s", nipper->companyName); + break; + } + offset += 8; + } + + // Table Item... + else if (strncmp("*TABLEITEM*", theText + offset, 11) == 0) + offset += 10; + else if (strncmp("*-TABLEITEM*", theText + offset, 12) == 0) + return; + + // Device name... + else if (strncmp("*DEVICENAME*", theText + offset, 12) == 0) + { + switch (nipper->outputFormat) + { + default: + fprintf(nipper->reportFile, "%s", nipper->hostname); + break; + } + offset += 11; + } + + // Device type... + else if (strncmp("*DEVICETYPE*", theText + offset, 12) == 0) + { + switch (nipper->deviceType) + { + case type_ios_switch: + fprintf(nipper->reportFile, "Cisco Switch"); + break; + case type_ios_router: + fprintf(nipper->reportFile, "Cisco Router"); + break; + case type_nmp_catalyst: + case type_cos_catalyst: + case type_ios_catalyst: + fprintf(nipper->reportFile, "Cisco Catalyst"); + break; + case type_passport: + fprintf(nipper->reportFile, "Bay Networks Accelar"); + break; + case type_bayaccelar: + fprintf(nipper->reportFile, "Nortel Passport"); + break; + case type_asa_firewall: + fprintf(nipper->reportFile, "Cisco "); + strcpy(tempString, "ASA"); + break; + case type_fwsm_firewall: + fprintf(nipper->reportFile, "Cisco "); + strcpy(tempString, "FWSM"); + break; + case type_pix_firewall: + fprintf(nipper->reportFile, "Cisco "); + strcpy(tempString, "PIX"); + break; + case type_css_filter: + fprintf(nipper->reportFile, "Cisco "); + abbreviation = getAbbreviation("CSS"); + if (nipper->outputFormat == output_xml) + { + if (addAbbreviation("CSS", true) == abbrev_expand) + fprintf(nipper->reportFile, "", abbreviation); + else + fprintf(nipper->reportFile, "", abbreviation); + } + else + { + if (addAbbreviation("CSS", true) == abbrev_expand) + fprintf(nipper->reportFile, "%s (CSS)", abbreviation); + else + fprintf(nipper->reportFile, "CSS"); + } + break; + case type_sos_firewall: + fprintf(nipper->reportFile, "Juniper NetScreen Firewall"); + break; + case type_fw1_firewall: + fprintf(nipper->reportFile, "CheckPoint Firewall-1"); + break; + case type_nokiaip: + fprintf(nipper->reportFile, "Nokia IP Firewall"); + break; + case type_sonicwall: + fprintf(nipper->reportFile, "SonicWall Firewall"); + break; + } + switch (nipper->deviceType) + { + case type_asa_firewall: + case type_pix_firewall: + case type_fwsm_firewall: + abbreviation = getAbbreviation(&tempString[0]); + if (nipper->outputFormat == output_xml) + { + if (addAbbreviation(tempString, true) == abbrev_expand) + fprintf(nipper->reportFile, " Firewall", abbreviation, tempString); + else + fprintf(nipper->reportFile, " Firewall", abbreviation, tempString); + } + else + { + if (addAbbreviation(tempString, true) == abbrev_expand) + fprintf(nipper->reportFile, "%s (%s) Firewall", abbreviation, tempString); + else + fprintf(nipper->reportFile, "%s Firewall", tempString); + } + break; + } + offset += 11; + } + + // Device type... + else if (strncmp("*DEVICEVERSION*", theText + offset, 15) == 0) + { + switch (nipper->deviceType) + { + case type_ios_switch: + case type_ios_router: + case type_ios_catalyst: + strcpy(tempString, "IOS"); + break; + case type_nmp_catalyst: + strcpy(tempString, "NMP"); + break; + case type_cos_catalyst: + strcpy(tempString, "CatOS"); + break; + case type_asa_firewall: + strcpy(tempString, "ASA"); + break; + case type_fwsm_firewall: + strcpy(tempString, "FWSM"); + break; + case type_pix_firewall: + strcpy(tempString, "PIX"); + break; + case type_css_filter: + strcpy(tempString, "CSS"); + break; + } + switch (nipper->deviceType) + { + case type_ios_switch: + case type_ios_router: + case type_ios_catalyst: + case type_nmp_catalyst: + case type_cos_catalyst: + case type_asa_firewall: + case type_fwsm_firewall: + case type_pix_firewall: + case type_css_filter: + abbreviation = getAbbreviation(&tempString[0]); + if (nipper->outputFormat == output_xml) + { + if (addAbbreviation(tempString, true) == abbrev_expand) + fprintf(nipper->reportFile, " version %s", abbreviation, tempString, nipper->version); + else + fprintf(nipper->reportFile, " version %s", abbreviation, tempString, nipper->version); + } + else + { + if (addAbbreviation(tempString, true) == abbrev_expand) + fprintf(nipper->reportFile, "%s (%s) version %s", abbreviation, tempString, nipper->version); + else + fprintf(nipper->reportFile, "%s version %s", tempString, nipper->version); + } + break; + case type_passport: + fprintf(nipper->reportFile, "Passport software version %s", nipper->version); + break; + case type_bayaccelar: + fprintf(nipper->reportFile, "Accelar software version %s", nipper->version); + break; + case type_fw1_firewall: + fprintf(nipper->reportFile, "Firewall-1 version %s", nipper->version); + break; + case type_nokiaip: + fprintf(nipper->reportFile, "Nokia IP version %s", nipper->version); + break; + case type_sonicwall: + fprintf(nipper->reportFile, "SonicOS version %s", nipper->version); + break; + } + offset += 14; + } + + // Newline... + else if (strncmp("*NEWLINE*", theText + offset, 9) == 0) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, " 
\n"); + break; + default: + fprintf(nipper->reportFile, "\n"); + break; + } + offset += 8; + } + + // New paragraph... + else if (strncmp("*NEWPARA*", theText + offset, 9) == 0) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
\n 
\n"); + break; + case output_xml: + fprintf(nipper->reportFile, "\n "); + break; + default: + fprintf(nipper->reportFile, "\n\n"); + break; + } + offset += 8; + } + + // Indentation... + else if (strncmp("*INDENT*", theText + offset, 8) == 0) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "    "); + break; + default: + fprintf(nipper->reportFile, " "); + break; + } + offset += 7; + } + + // Singula... + else if (strncmp("*SINGULA*", theText + offset, 9) == 0) + { + // If not singula, skip the entire section + if (data != 1) + { + charPointer = strstr(theText + offset, "*-SINGULA*"); + if (charPointer != 0) + offset = charPointer - theText + 9; + } + else + offset += 8; + } + else if (strncmp("*-SINGULA*", theText + offset, 10) == 0) + offset += 9; + + // Plaural... + else if (strncmp("*PLAURAL*", theText + offset, 9) == 0) + { + // If not plaural, skip the entire section + if (data < 2) + { + charPointer = strstr(theText + offset, "*-PLAURAL*"); + if (charPointer != 0) + offset = charPointer - theText + 9; + } + else + offset += 8; + } + else if (strncmp("*-PLAURAL*", theText + offset, 10) == 0) + offset += 9; + + // Positive... + else if (strncmp("*POSITIVE*", theText + offset, 10) == 0) + { + // If not positive, skip the entire section + if (data < 1) + { + charPointer = strstr(theText + offset, "*-POSITIVE*"); + if (charPointer != 0) + offset = charPointer - theText + 10; + } + else + offset += 9; + } + else if (strncmp("*-POSITIVE*", theText + offset, 11) == 0) + offset += 10; + + // Negative... + else if (strncmp("*NEGATIVE*", theText + offset, 10) == 0) + { + // If not negative, skip the entire section + if (data >= 0) + { + charPointer = strstr(theText + offset, "*-NEGATIVE*"); + if (charPointer != 0) + offset = charPointer - theText + 10; + } + else + offset += 9; + } + else if (strncmp("*-NEGATIVE*", theText + offset, 11) == 0) + offset += 10; + + // Zero... + else if (strncmp("*ZERO*", theText + offset, 6) == 0) + { + // If not zero, skip the entire section + if (data != 0) + { + charPointer = strstr(theText + offset, "*-ZERO*"); + if (charPointer != 0) + offset = charPointer - theText + 6; + } + else + offset += 5; + } + else if (strncmp("*-ZERO*", theText + offset, 7) == 0) + offset += 6; + + // Date... + else if (strncmp("*DATE*", theText + offset, 6) == 0) + { + tempTime = time(NULL); + + // Day of week... + strftime(tempString, nipper->maxSize, "%A", localtime(&tempTime)); + fprintf(nipper->reportFile, "%s ", tempString); + + // Day of month... + strftime(tempString, nipper->maxSize, "%d", localtime(&tempTime)); + dayType = tempString[1] - 48; + if (tempString[0] == '0') + { + tempString[0] = tempString[1]; + tempString[1] = 0; + } + switch (dayType) + { + case 1: + fprintf(nipper->reportFile, "%sst ", tempString); + break; + case 2: + fprintf(nipper->reportFile, "%snd ", tempString); + break; + case 3: + fprintf(nipper->reportFile, "%srd ", tempString); + break; + default: + fprintf(nipper->reportFile, "%sth ", tempString); + break; + } + + // Month + Year + strftime(tempString, nipper->maxSize, "%B %Y", localtime(&tempTime)); + fprintf(nipper->reportFile, "%s", tempString); + offset += 5; + } + + // Command... + else if (strncmp("*COMMAND*", theText + offset, 9) == 0) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
"); + break; + case output_latex: + fprintf(nipper->reportFile, "\\texttt{"); + break; + case output_xml: + fprintf(nipper->reportFile, ""); + break; + default: + fprintf(nipper->reportFile, "\""); + break; + } + offset += 8; + } + else if (strncmp("*-COMMAND*", theText + offset, 10) == 0) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
"); + break; + case output_latex: + fprintf(nipper->reportFile, "}"); + break; + case output_xml: + fprintf(nipper->reportFile, ""); + break; + default: + fprintf(nipper->reportFile, "\""); + break; + } + offset += 9; + } + + // Command Requirement... + else if (strncmp("*CMDREQUIRE*", theText + offset, 12) == 0) + { + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, ""); + break; + default: + fprintf(nipper->reportFile, "{"); + break; + } + offset += 11; + } + else if (strncmp("*-CMDREQUIRE*", theText + offset, 13) == 0) + { + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, ""); + break; + default: + fprintf(nipper->reportFile, "}"); + break; + } + offset += 12; + } + + // Command Option... + else if (strncmp("*CMDOPTION*", theText + offset, 11) == 0) + { + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, ""); + break; + default: + fprintf(nipper->reportFile, "["); + break; + } + offset += 10; + } + else if (strncmp("*-CMDOPTION*", theText + offset, 12) == 0) + { + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, ""); + break; + default: + fprintf(nipper->reportFile, "]"); + break; + } + offset += 11; + } + + // Command Alternative... + else if (strncmp("*CMDOR*", theText + offset, 7) == 0) + { + switch (nipper->outputFormat) + { + default: + fprintf(nipper->reportFile, "|"); + break; + } + offset += 6; + } + + // Command Text... + else if (strncmp("*CMDUSER*", theText + offset, 9) == 0) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, ""); + break; + } + offset += 8; + } + else if (strncmp("*-CMDUSER*", theText + offset, 10) == 0) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, ""); + break; + } + offset += 9; + } + + // Table Reference... + else if (strncmp("*TABLEREF*", theText + offset, 10) == 0) + { + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, "", reference); + break; + default: + fprintf(nipper->reportFile, "%d", reference); + break; + } + offset += 9; + } + + // Number... + else if (strncmp("*NUMBER*", theText + offset, 8) == 0) + { + numToWord(nipper->reportFile, data); + offset += 7; + } + + // No XML Text start... + else if (strncmp("*NOTEXTSTART*", theText + offset, 13) == 0) + offset += 12; + + // Abbreviation... + else if (strncmp("*ABBREV*", theText + offset, 8) == 0) + { + // Get abbreviation... + offset += 8; + charPointer = strstr(theText + offset, "*-ABBREV*"); + if (charPointer != 0) + { + strncpy(tempString, theText + offset, charPointer - theText - offset); + offset = charPointer - theText + 8; + abbreviationStatus = addAbbreviation(&tempString[0], true); + + // Process + switch (nipper->outputFormat) + { + case output_xml: + abbreviation = getAbbreviation(&tempString[0]); + if (abbreviationStatus == abbrev_expand) + fprintf(nipper->reportFile, "", abbreviation, tempString); + else + fprintf(nipper->reportFile, "", abbreviation, tempString); + break; + default: + switch (abbreviationStatus) + { + case abbrev_expand: + abbreviation = getAbbreviation(&tempString[0]); + // If ACLs or ACEs + if (strcmp(tempString, "ACLs") == 0) + sprintf(tempString, "ACL"); + else if (strcmp(tempString, "ACEs") == 0) + sprintf(tempString, "ACE"); + if (abbreviation != 0) + fprintf(nipper->reportFile, "%s (%s)", abbreviation, tempString); + else + fprintf(nipper->reportFile, "%s", tempString); + break; + default: + fprintf(nipper->reportFile, "%s", tempString); + break; + } + break; + } + } + } + else if (strncmp("*-ABBREV*", theText + offset, 9) == 0) + { + offset += 8; + } + + // No new paragraph at end + else if (strncmp("*NONEWPARA*", theText + offset, 11) == 0) + return; + + // Output text + else + { + fprintf(nipper->reportFile, "%c", theText[offset]); + } + } + + // End text + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, "\n"); + break; + } + output_newPara(nipper); +} + + +// Generate Appendix +// ----------------- +// This code generates the appendix section. +void generateAppendix(struct nipperConfig *nipper) +{ + // Variables + int tempInt = 0; + struct abbrev *abbrevPointer = 0; + struct ports *portPointer = 0; + + // Check that there is something to show + if ((nipper->abs == true) || (nipper->commonPorts == true) || (nipper->loggingLevels == true) || (nipper->glossary == true) || (nipper->nipperVersion == true)) + { + + // Display Section Start + output_parseTitle(appendix_title, nipper, section_main_app); + + // Abbreviations + abbrevPointer = &ab_append; + while ((abbrevPointer->next != 0) && (abbrevPointer->add == false)) + abbrevPointer = abbrevPointer->next; + if ((nipper->abs == true) && (abbrevPointer->add == true)) + { + output_parseTitle(appendix_abbrev_title, nipper, section_appendix); + + // Display Start of abbreviations + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "\n\n"); + break; + case output_xml: + fprintf(nipper->reportFile, " \n"); + break; + case output_text: + fprintf(nipper->reportFile, "-------------\nAbbreviations\n-------------\n"); + break; + case output_latex: + fprintf(nipper->reportFile, "\\begin{quote}\n\\begin{tabular}{ll}\n"); + break; + } + + // Display Abbreviations + while (abbrevPointer != 0) + { + if (abbrevPointer->add == true) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "\n", abbrevPointer->ab, abbrevPointer->desc); + break; + case output_xml: + fprintf(nipper->reportFile, " %s\n", abbrevPointer->ab, abbrevPointer->desc); + break; + case output_text: + fprintf(nipper->reportFile, " %s", abbrevPointer->ab); + if (strlen(abbrevPointer->ab) < 10) + tempInt = 10 - strlen(abbrevPointer->ab); + else + tempInt = 1; + while (tempInt != 0) + { + fprintf(nipper->reportFile, " "); + tempInt--; + } + fprintf(nipper->reportFile, ": %s\n", abbrevPointer->desc); + break; + case output_latex: + fprintf(nipper->reportFile, "%s&%s\\\\\n", abbrevPointer->ab, abbrevPointer->desc); + break; + } + } + abbrevPointer = abbrevPointer->next; + } + + // Display End of Abbreviations + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "\n
%s%s
\n 
\n\n"); + break; + case output_xml: + fprintf(nipper->reportFile, " \n"); + break; + case output_text: + fprintf(nipper->reportFile, "-------------\n\n"); + break; + case output_latex: + fprintf(nipper->reportFile, "\\end{tabular}\n\\end{quote}\n\n"); + break; + } + + // Output the end of the abbreviations section + output_endsection(nipper, subsection_end); + } + + // Common Ports + portPointer = &ap_port; + while ((portPointer->next != 0) && (portPointer->add == false)) + portPointer = portPointer->next; + if ((nipper->commonPorts == true) && (portPointer->add == true)) + { + output_parseTitle(appendix_ports_title, nipper, section_appendix); + + // Display Ports + output_table(nipper, true, appendix_ports_table, &appendix_ports_heading); + while (portPointer != 0) + { + if (portPointer->add == true) + fprintf(nipper->reportFile, "%s%s%s%d%s", nipper->tablerow_start, portPointer->text, nipper->tablerow_mid, portPointer->port, nipper->tablerow_end); + portPointer = portPointer->next; + } + output_table(nipper, false, appendix_ports_table, &appendix_ports_heading); + + // Output the end of the ports section + output_endsection(nipper, subsection_end); + } + + // Logging Levels + if (nipper->loggingLevels == true) + { + output_parseTitle(appendix_logging_title, nipper, section_appendix); + output_table(nipper, true, appendix_logging_table, &appendix_logging_heading); + fprintf(nipper->reportFile, "%s0%sEmergencies%sSystem is unstable%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%s1%sAlerts%sImmediate action is required%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%s2%sCritical%sCritical conditions%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%s3%sErrors%sError conditions%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%s4%sWarnings%sWarning conditions%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%s5%sNotifications%sSignificant conditions%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%s6%sInformational%sInformational messages%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%s7%sDebugging%sDebugging messages%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, appendix_logging_table, &appendix_logging_heading); + output_endsection(nipper, subsection_end); + } + + // Time Zones + if (nipper->timeZones == true) + { + output_parseTitle(appendix_timezones_title, nipper, section_appendix); + output_table(nipper, true, appendix_timezones_table, &appendix_timezones_heading); + fprintf(nipper->reportFile, "%sAustralia%sCST%sCentral Standard Time%s+9.5 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sAustralia%sEST%sEastern Standard/Summer Time%s+10 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sAustralia%sWST%sWestern Standard Time%s+8 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sBST%sBritish Summer Time%s+1 hour%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sCEST%sCentral Europe Summer Time%s+2 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sCET%sCentral Europe Time%s+1 hour%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sEEST%sEastern Europe Summer Time%s+3 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sEST%sEastern Europe Time%s+2 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sGMT%sGreenwich Mean Time%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sIST%sIrish Summer Time%s+1 hour%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sMSK%sMoscow Time%s+3 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sWEST%sWestern Europe Summer Time%s+1 hour%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sWET%sWestern Europe Time%s+1 hour%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sADT%sAtlantic Daylight Time%s-3 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sAKDT%sAlaska Standard Daylight Saving Time%s-8 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sAKST%sAlaska Standard Time%s-9 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sAST%sAtlantic Standard Time%s-4 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sCDT%sCentral Daylight Saving Time%s-5 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sCST%sCentral Standard Time%s-6 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sEDT%sEastern Daylight Time%s-4 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sEST%sEastern Standard Time%s-5 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sHST%sHawaiian Standard Time%s-10 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sMDT%sMountain Daylight Time%s-6 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sMST%sMountain Standard Time%s-7 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sPDT%sPacific Daylight Time%s-7 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sPST%sPacific Standard Time%s-3 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, appendix_timezones_table, &appendix_timezones_heading); + output_endsection(nipper, subsection_end); + } + + // Nipper Version Details + if (nipper->nipperVersion == true) + { + output_parseTitle(appendix_version_title, nipper, section_appendix); + output_parseText(appendix_version_desc1, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", program_version); + output_parseText(appendix_version_desc2, nipper, section_none, rate_none, 0, 0); + output_endsection(nipper, subsection_end); + } + + // Output section end + output_endsection(nipper, section_end); + } +} + +// Abbreviation Contents +// --------------------- +// This code inserts abbreviation contents +void output_abbrevContents(struct nipperConfig *nipper) +{ + if ((nipper->appendix == true) && ((nipper->abs == true) || (nipper->commonPorts == true) || (nipper->loggingLevels == true) || (nipper->glossary == true) || (nipper->nipperVersion == true))) + { + output_parseSectionIndex(appendix_title, nipper); + + // Abbreviations + if (nipper->abs == true) + output_parseIndex(appendix_abbrev_title, nipper, section_appendix); + + // Common Ports + if (nipper->commonPorts == true) + output_parseIndex(appendix_ports_title, nipper, section_appendix); + + // Logging + if (nipper->loggingLevels == true) + output_parseIndex(appendix_logging_title, nipper, section_appendix); + + // Time Zones + if (nipper->timeZones == true) + output_parseIndex(appendix_timezones_title, nipper, section_appendix); + + // Nipper Version + if (nipper->nipperVersion == true) + output_parseIndex(appendix_version_title, nipper, section_appendix); + } + + // End of security index + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
\n"); + break; + case output_text: + fprintf(nipper->reportFile, "\n\n"); + break; + } +} + + +// Add an item to a heading +struct tableHeading *newListItem(struct tableHeading *list, const char *text) +{ + // Variables... + struct tableHeading *listPointer; + + // If first one... + if (list == 0) + listPointer = malloc(sizeof(struct tableHeading)); + else + { + listPointer = list; + while (listPointer->next != 0) + listPointer = listPointer->next; + listPointer->next = malloc(sizeof(struct tableHeading)); + listPointer = listPointer->next; + } + + // Init... + memset(listPointer, 0 , sizeof(struct tableHeading)); + listPointer->password = false; + listPointer->width = 1; + listPointer->heading = text; + + // Return... + if (list == 0) + return listPointer; + else + return list; +} + + +// Add Report Section +void addReportSection(struct nipperConfig *nipper, int section, const char *sectionTitle, const char *shortConText, const char *shortRecText, int overall, int impact, int ease, int rec, void (*sectionWriter)(struct nipperConfig *nipper)) +{ + // Variables... + struct reportText *reportTextPointer = 0; + + // Create new report text struct... + if (nipper->report == 0) + { + nipper->report = malloc(sizeof(struct reportText)); + reportTextPointer = nipper->report; + } + else + { + reportTextPointer = nipper->report; + while (reportTextPointer->next != 0) + reportTextPointer = reportTextPointer->next; + reportTextPointer->next = malloc(sizeof(struct reportText)); + reportTextPointer = reportTextPointer->next; + } + + // Init... + memset(reportTextPointer, 0 , sizeof(struct reportText)); + + // Copy... + reportTextPointer->section = section; + reportTextPointer->sectionTitle = sectionTitle; + reportTextPointer->shortConText = shortConText; + reportTextPointer->shortRecText = shortRecText; + reportTextPointer->scoreOverall = overall; + reportTextPointer->scoreOverall = impact; + reportTextPointer->scoreOverall = ease; + reportTextPointer->scoreOverall = rec; + reportTextPointer->writeSection = sectionWriter; +} + + diff --git a/0.11.10/common/.svn/text-base/report-text.c.svn-base b/0.11.10/common/.svn/text-base/report-text.c.svn-base new file mode 100644 index 0000000..fa53dd9 --- /dev/null +++ b/0.11.10/common/.svn/text-base/report-text.c.svn-base @@ -0,0 +1,1634 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +const char *table_html_rowstart = ""; +const char *table_html_rowmid = ""; +const char *table_html_rowend = "\n"; +const char *table_html_itemsep = "
"; +const char *table_xml_rowstart = " \n "; +const char *table_xml_rowmid = "\n "; +const char *table_xml_rowend = "\n \n"; +const char *table_xml_itemsep = ""; +const char *table_text_rowstart = ""; +const char *table_text_rowmid = ", "; +const char *table_text_rowend = "\n"; +const char *table_text_itemsep = " "; +const char *table_latex_rowstart = ""; +const char *table_latex_rowmid = "&"; +const char *table_latex_rowend = "\\\\\n\\hline\n"; +const char *table_latex_itemsep = " "; + + +struct tableHeading +{ + int password; // Does the field represent a password (true or false) + int width; // Proportionate column width + const char *heading; // The Heading + struct tableHeading *next; +}; + + +// HTML Cascading Style Sheet +const char *html_css = "body {font-size: 80%; margin: 0px; padding: 0px; font-family: arial, sans-serif;}\n" + " .mainbody { background-color: #EFEFEF;}\n" + " .pagebody {width: 90%; margin: 0px auto; padding: 12px; background-color: #FFFFFF; border: solid 1px rgb(100,100,100);}\n" + " .command {font-size: 95%; font-family: courier;}\n" + " caption { caption-side : bottom; font-style : italic;}\n" + " .table {clear: left; border: solid 1px rgb(150,150,150); empty-cells: show; border-collapse: collapse; background-color: rgb(233,232,244); width: 100%}\n" + " .table tr {margin: 0px; padding: 0px;}\n" + " .table td {padding: 2px 7px 2px 7px; border: solid 1px rgb(150,150,150); text-align: left; font-size: 100%;}\n" + " .table th {margin: 0px; padding: 2px 7px 2px 7px; border: solid 1px rgb(150,150,150); empty-cells: show; text-align: left; font-size: 100%; background-color: #BEB8FB;}\n"; + + +// ---------------------------------------------------------------------------------- +// About this report Text... + +// Organisation +const char *report_organisation = "This *DEVICETYPE* *DEVICENAME* report was produced by *COMPANY* on *DATE*. The report contains the following sections:"; +const char *report_organisation_fw1 = "This *DEVICETYPE* report was produced by *COMPANY* on *DATE*. The report contains the following sections:"; +struct tableHeading report_organisation_heading6 = {false, 1, "an appendix section detailing the software used to produce this report", 0}; +struct tableHeading report_organisation_heading5 = {false, 1, "a time zones appendix section that details a number of the most commonly used time zones", &report_organisation_heading6}; +struct tableHeading report_organisation_heading4 = {false, 1, "an appendix section detailing the logging severity levels used by the logging facility", &report_organisation_heading5}; +struct tableHeading report_organisation_heading3 = {false, 1, "a common ports appendix section that details the TCP and UDP port numbers for the common services outlined within the report", &report_organisation_heading4}; +struct tableHeading report_organisation_heading2 = {false, 1, "an abbreviations appendix section that expands any abbreviations used within the report", &report_organisation_heading3}; +struct tableHeading report_organisation_heading1 = {false, 1, "a configuration report section that details the configuration settings", &report_organisation_heading2}; +struct tableHeading report_organisation_heading = {false, 1, "a security audit report section that details any identified security-related issues. Each security issue includes a description of the issue, its impact, how easy it would be to exploit and a recommendation. The recommendations include, where appropriate, the command(s) to resolve the issue", &report_organisation_heading1}; + +// Conventions +const char *report_conventions = "This report makes use of the text conventions outlined in Table *TABLEREF*."; +const char *report_conventions_table = "Report text conventions"; +struct tableHeading report_conventions_heading1 = {false, 7, "Description", 0}; +struct tableHeading report_conventions_heading = {false, 3, "Convention", &report_conventions_heading1}; +const char *report_conventions1_1 = "*TABLEITEM**COMMAND*command*-COMMAND**-TABLEITEM*"; +const char *report_conventions1_2 = "*TABLEITEM*This text style represents the *DEVICETYPE* command text that has to be entered literally.*-TABLEITEM*"; +const char *report_conventions2_1 = "*TABLEITEM**COMMAND**CMDUSER*string*-CMDUSER**-COMMAND**-TABLEITEM*"; +const char *report_conventions2_2 = "*TABLEITEM*This text style represents the *DEVICETYPE* command text that the you have to enter.*-TABLEITEM*"; +const char *report_conventions3_1 = "*TABLEITEM**COMMAND**CMDOPTION* *-CMDOPTION**-COMMAND**-TABLEITEM*"; +const char *report_conventions3_2 = "*TABLEITEM*Used to enclose a *DEVICETYPE* command option.*-TABLEITEM*"; +const char *report_conventions4_1 = "*TABLEITEM**COMMAND**CMDREQUIRE* *-CMDREQUIRE**-COMMAND**-TABLEITEM*"; +const char *report_conventions4_2 = "*TABLEITEM*Used to enclose a *DEVICETYPE* command requirement.*-TABLEITEM*"; +const char *report_conventions5_1 = "*TABLEITEM**COMMAND**CMDOR**-COMMAND**-TABLEITEM*"; +const char *report_conventions5_2 = "*TABLEITEM*Divides command option or requirement choices.*-TABLEITEM*"; + + +// ---------------------------------------------------------------------------------- +// Report Text... + +// Introduction +const char *report_security_intro_fw1 = "*COMPANY* performed a security audit of the *DEVICETYPE* firewall on *DATE*. This section details the findings of the security audit together with the impact and recommendations*-POSITIVE*."; +const char *report_security_intro = "*COMPANY* performed a security audit of the *DEVICETYPE* *DEVICENAME* on *DATE*. This section details the findings of the security audit together with the impact and recommendations*-POSITIVE*."; +const char *report_security_title = "Security Audit"; + +// Conclusions +const char *report_security_concl_fw1 = "*COMPANY* performed a security audit of the *DEVICETYPE* firewall on *DATE* and identified *POSITIVE**NUMBER* security-related issue*PLAURAL*s*-PLAURAL*. *COMPANY* determined that:*-POSITIVE**ZERO*no security-related issues.*-ZERO*"; +const char *report_security_concl = "*COMPANY* performed a security audit of the *DEVICETYPE* device *DEVICENAME* on *DATE* and identified *POSITIVE**NUMBER* security-related issue*PLAURAL*s*-PLAURAL*. *COMPANY* determined that:*-POSITIVE**ZERO*no security-related issues.*-ZERO*"; + +// Interface Headings... +struct tableHeading report_interface_heading1 = {false, 7, "Description", 0}; +struct tableHeading report_interface_heading = {false, 3, "Interface", &report_interface_heading1}; +struct tableHeading report_interfacepix_heading1 = {false, 1, "Name", 0}; +struct tableHeading report_interfacepix_heading = {false, 1, "Interface", &report_interfacepix_heading1}; + +const char *endottext = "*NOTEXTSTART*"; + +// Software Versions +const char *report_osver_title = "Software Version"; +const char *report_osver_obs1 = "It is critically important that software be regularly maintained with patches and upgrades in order to help mitigate the risk of an attacker exploiting a known software vulnerability. Furthermore, additional security features and other functionality are normally added or extended with each software revision.*NEWPARA**COMPANY* determined that the *DEVICETYPE* *DEVICENAME* was running the out of date software *DEVICEVERSION*.*PLAURAL* Some of the known vulnerabilities for this software version are listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_osver_obs2 = "It is worth noting that *COMPANY* used the version number detailed in the device configuration to identify the potential vulnerabilities, and patches may have already been applied. Additionally, a specific device configuration may be required in order for the device to become vulnerable."; +const char *report_osver_obs3 = "*COMPANY* identified a potential vulnerability in *DEVICEVERSION* which is described in various vulnerability databases as *NONEWPARA*"; +const char *report_osver_impact1 = "*PLAURAL*The vulnerabilities listed in Table *TABLEREF* could allow an attacker to*-PLAURAL**SINGULA*The vulnerability outlined above could allow an attacker to*-SINGULA* *NONEWPARA*"; +const char *report_osver_impact2 = "*NOTEXTSTART*gain remote administrative access or perform a *ABBREV*DoS*-ABBREV* attack."; +const char *report_osver_impact3 = "*NOTEXTSTART*perform a *ABBREV*DoS*-ABBREV* attack."; +const char *report_osver_impact4 = "*NOTEXTSTART*gain remote administrative access."; +const char *report_osver_impact5 = "Out of date software could contain known vulnerabilities that may allow an attacker to gain remote administrative access or perform a *ABBREV*DoS*-ABBREV* attack."; +const char *report_osver_ease = "Exploit code is widely available on the Internet for known *DEVICETYPE* vulnerabilities."; +const char *report_osver_rec = "*COMPANY* strongly recommends that the software be updated and patched to the latest software version. Furthermore, *COMPANY* recommends that the current patch policy be reviewed."; +const char *report_osver_context = "the software version was out of date"; +const char *report_osver_rectext = "Update the software to the latest version"; +const char *report_osver_table = "Potential software vulnerabilities"; +struct tableHeading report_osver_heading2 = {false, 1, "Bugtraq ID", 0}; +struct tableHeading report_osver_heading1 = {false, 1, "CVE Reference", &report_osver_heading2}; +struct tableHeading report_osver_heading = {false, 4, "Description", &report_osver_heading1}; + +// Dictionary-based Password +const char *report_dict_title1 = "Dictionary-based Passwords / Keys"; +const char *report_dict_title2 = "Dictionary-based Password / Key"; +const char *report_dict_obs = "Attackers will often have dictionaries of words that contain names, places, default passwords and other common passwords. If a password or key is likely to be contained within an attacker's dictionary, they could gain access to the system.*NEWPARA*The passwords and keys of the device *DEVICENAME* were tested against a small dictionary and *NUMBER* password*SINGULA* / key was identified. *NONEWPARA**-SINGULA**PLAURAL*s / keys were identified. These are listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_dict_impact = "An attacker who was able to identify a password or key would be able to gain a level of access to the device, based on what service the password / key was used for."; +const char *report_dict_ease = "Tools are available on the Internet that can perform dictionary-based password guessing against a number of network services."; +const char *report_dict_rec = "*COMPANY* strongly recommends that the password*PLAURAL*s*-PLAURAL* identified be immediately changed to something that is more difficult to guess. *COMPANY* recommends that passwords be made up of at least *NONEWPARA*"; +const char *report_dict_context = "dictionary-based passwords / keys were in use"; +const char *report_dict_rectext = "Change dictionary-based passwords / keys for ones that are more complex"; +const char *report_dict_table = "Dictionary-based passwords / keys"; +struct tableHeading report_dict_heading3 = {true, 3, "Password", 0}; +struct tableHeading report_dict_heading2 = {false, 3, "Username", &report_dict_heading3}; +struct tableHeading report_dict_heading1 = {false, 2, "Service", &report_dict_heading2}; +struct tableHeading report_dict_heading = {false, 2, "Type", &report_dict_heading1}; + +// Password Strength +const char *report_strength_title1 = "Weak Passwords / Keys"; +const char *report_strength_title2 = "Weak Password / Key"; +const char *report_strength_obs = "Strong passwords tend to contain a number of different types of character, such as uppercase and lowercase letters, numbers and punctuation characters. Weaker passwords tend not to contain a mixture of character types. Additionally, weaker passwords tend to be short in length.*NEWPARA**COMPANY* identified *NUMBER* password*SINGULA* / key*-SINGULA**PLAURAL*s / keys*-PLAURAL* that did not meet the minimum password complexity requirements. *PLAURAL*These are listed in Table *TABLEREF*.*-PLAURAL**SINGULA**NONEWPARA**-SINGULA*"; +const char *report_strength_impact = "If an attacker were able to gain a password or key, either through dictionary-based guessing techniques or by a brute-force method, the attacker could gain a level of access to *DEVICENAME*."; +const char *report_strength_ease = "A number of dictionary-based password guessing and password brute-force tools are available on the Internet."; +const char *report_strength_rec = "*COMPANY* strongly recommends that the weak password*PLAURAL*s*-PLAURAL* be immediately changed to *PLAURAL*ones that are*-PLAURAL**SINGULA*one that is*-SINGULA* stronger. *COMPANY* recommends that passwords be made up of at least *NONEWPARA*"; +const char *report_strength_context = "weak passwords / keys were identified"; +const char *report_strength_rectext = "Change weak passwords / keys for ones that are stronger"; +const char *report_strength_table = "Weak passwords / keys"; +// Dictionary-based headings are used for the weak passwords table. + +// Configuration Auto-Loading +const char *report_configauto_title = "Configuration Auto-Loading"; +const char *report_configauto_obs = "Cisco devices are capable of loading their configuration from other network devices, rather than using a local configuration file.*NEWPARA*Although the configuration auto-loading feature is typically disabled by default on Cisco devices, *COMPANY* determined that the *DEVICENAME* had configuration auto-loading enabled."; +const char *report_configauto_impact = "The Cisco device configuration files are transmitted unencrypted over the network. An attacker who is able to monitor the network would be able to capture a copy of the device configuration. The attacker would also be able to capture any clear-text passwords or password hashes contained within the configuration file."; +const char *report_configauto_ease = "Tools are widely available on the Internet that would allow an attacker to capture network traffic and reconstruct network streams."; +const char *report_configauto_rec = "*COMPANY* recommends that, if not required, configuration auto-loading be disabled. The following Cisco *ABBREV*IOS*-ABBREV* commands can be used to disable configuration auto-loading:*NEWPARA**COMMAND*no boot network*-COMMAND**NEWLINE**COMMAND*no service config*-COMMAND*"; +const char *report_configauto_context = "configuration auto-loading was configured"; +const char *report_configauto_rectext = "Disable configuration auto-loading"; + +// IP Directed Broadcasts +const char *report_ipdirected_title = "Directed Broadcasts"; +const char *report_ipdirected_obs = "*ABBREV*ICMP*-ABBREV* echo requests can be addressed to an entire network or subnet as well as to individual hosts. Disabling directed broadcasts on each individual network interface will help prevent network ping requests. Directed broadcasts are usually enabled by default on Cisco devices running *ABBREV*IOS*-ABBREV* version 11.3 and earlier.*NEWPARA**COMPANY* determined that the device *DEVICENAME* had support for directed broadcasts enabled on the network *SINGULA*interface *NONEWPARA**-SINGULA**PLAURAL*interfaces listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_ipdirected_impact = "A *ABBREV*DoS*-ABBREV* attack exists that makes use of network echo requests, known as a smurf attack. An attacker would send an ICMP echo request with the victim hosts *ABBREV*IP*-ABBREV* address spoofed as the source. The hosts on the network would then reply to the echo request, flooding the victim host."; +const char *report_ipdirected_ease = "Tools are available on the Internet that can perform the smurf attack outlined above."; +const char *report_ipdirected_rec = "*COMPANY* recommends that directed broadcasts be disabled on all network interfaces. Directed broadcasts can be disabled on each individual network interface using the following command:*NEWPARA**COMMAND*no ip directed broadcast*-COMMAND*"; +const char *report_ipdirected_context = "directed broadcasts were enabled"; +const char *report_ipdirected_rectext = "Disable directed broadcasts on all network interfaces"; +const char *report_ipdirected_table = "Interfaces with directed broadcasts enabled"; + +// BGP Route Dampening +const char *report_bgpdamp_title = "Border Gateway Protocol Route Flapping"; +const char *report_bgpdamp_obs = "*ABBREV*BGP*-ABBREV* route flapping is a condition where routing tables are constantly being updated due to a link transitioning between up and down status. These transitions cause routing tables to be continuously updated across the infrastructure. Configuring route dampening can help mitigate against constant route flapping.*NEWPARA**COMPANY* determined that *ABBREV*BGP*-ABBREV* route dampening was not configured on *DEVICENAME*."; +const char *report_bgpdamp_impact = "Excessive route updates, caused by a link status constantly changing between up to down, can impact network routing performance. Network routing could slow with network packets being dropped, possibly causing a *ABBREV*DoS*-ABBREV* condition."; +const char *report_bgpdamp_ease = "It is possible for an attacker to send *ABBREV*BGP*-ABBREV* packets to a router to update the routing table and cause a route flapping condition. However, the attacker may need additional information in order to perform the attack, such as a *ABBREV*BGP*-ABBREV* password."; +const char *report_bgpdamp_rec = "*COMPANY* recommends that *ABBREV*BGP*-ABBREV* route dampening be configured. Additionally, there are a number of *ABBREV*BGP*-ABBREV* dampening options that can be configured. The following Cisco *ABBREV*IOS*-ABBREV* router command will enable *ABBREV*BGP*-ABBREV* route dampening:*NEWPARA**COMMAND*bgp dampening*-COMMAND*"; +const char *report_bgpdamp_context = "BGP route dampening was not configured"; +const char *report_bgpdamp_rectext = "Configure BGP route dampening"; + +// OSPF Passwords +const char *report_ospfauth_title = "OSPF Authentication"; +const char *report_ospfauth_obs1 = "*ABBREV*OSPF*-ABBREV* is an *ABBREV*IGP*-ABBREV* used by routers to update routing tables. *ABBREV*OSPF*-ABBREV* packets can be configured to use one of three levels of security; no authentication, clear-text authentication and *ABBREV*MD5*-ABBREV* authentication. The clear-text authentication method is almost as insecure as no authentication, as the key is included in the packet. Using the *ABBREV*MD5*-ABBREV* authentication method the packets are signed to prevent route tampering.*NEWPARA**COMPANY* determined that*NONEWPARA*"; +const char *report_ospfauth_obs2 = "*NOTEXTSTART*, although *ABBREV*MD5*-ABBREV* encryption was in use,"; +const char *report_ospfauth_obs3 = "*NOTEXTSTART* *ABBREV*OSPF*-ABBREV* with both no authentication and clear-text authentication was configured on *SINGULA*process ID *NONEWPARA**-SINGULA**PLAURAL*the areas listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_ospfauth_obs4 = "*NOTEXTSTART* *ABBREV*OSPF*-ABBREV* with no authentication was configured on *SINGULA*process ID *NONEWPARA**-SINGULA**PLAURAL*the areas listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_ospfauth_obs5 = "*NOTEXTSTART* *ABBREV*OSPF*-ABBREV* with clear-text authentication was configured on *SINGULA*process ID *NONEWPARA**-SINGULA**PLAURAL*the areas listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_ospfauth_impact = "An attacker who is able to update the routing tables could capture network traffic, perform a network-wide *ABBREV*DoS*-ABBREV* or a man-in-the-middle attack."; +const char *report_ospfauth_ease = "Once an attacker has established what the type of authentication in use, they could use the information to pose as a router and insert routes into the routing tables by sending specially crafted *ABBREV*OSPF*-ABBREV* packets. *ABBREV*OSPF*-ABBREV* packets can be captured using a variety of techniques, and tools are available on the Internet that can be used to exploit insecure *ABBREV*OSPF*-ABBREV* configurations."; +const char *report_ospfauth_rec = "*COMPANY* recommends that, if possible, all *ABBREV*OSPF*-ABBREV* areas be configured to use *ABBREV*MD5*-ABBREV*-based authentication. Message digest authentication needs to be configured for each *ABBREV*OSPF*-ABBREV* area and a key be specified on each *ABBREV*OSPF*-ABBREV* network interface. The Cisco *ABBREV*IOS*-ABBREV* command to enable *ABBREV*MD5*-ABBREV* authentication for an area is:*NEWPARA**COMMAND*area *CMDREQUIRE**CMDUSER*area id*-CMDUSER**-CMDREQUIRE* authentication *CMDOPTION*message-digest*-CMDOPTION**-COMMAND**NEWLINE*The command to configure the *ABBREV*MD5*-ABBREV* authentication key on an interface is:*NEWPARA**COMMAND*ip ospf message-digest-key *CMDREQUIRE**CMDUSER*key id*-CMDUSER**-CMDREQUIRE* md5*-COMMAND*"; +const char *report_ospfauth_context = "the OSPF configuration did not include MD5 authentication for all OSPF areas"; +const char *report_ospfauth_rectext = "Configure MD5 OSPF authentication on all OSPF areas"; +const char *report_ospfauth_table = "OSPF areas with insecure authentication configuration"; +struct tableHeading report_ospfauth_heading2 = {false, 2, "Authentication", 0}; +struct tableHeading report_ospfauth_heading1 = {false, 1, "Area ID", &report_ospfauth_heading2}; +struct tableHeading report_ospfauth_heading = {false, 1, "Process ID", &report_ospfauth_heading1}; + +// EIGRP +const char *report_eigrpauth_title = "EIGRP Authentication"; +const char *report_eigrpauth_obs1 = "Cisco developed *ABBREV*EIGRP*-ABBREV* as an enhanced version of *ABBREV*IGRP*-ABBREV*, an *ABBREV*IGP*-ABBREV* used by routers to dynamically update routing tables. Each interface where *ABBREV*EIGRP*-ABBREV* is used can be configured with *ABBREV*MD5*-ABBREV*-based authentication.*NEWPARA**COMPANY* determined that *NUMBER* *ABBREV*EIGRP*-ABBREV* interface*PLAURAL*s were*-PLAURAL**SINGULA* was*-SINGULA* configured with no authentication*PLAURAL*, these are listed in Table *TABLEREF*.*-PLAURAL**SINGULA*. Interface *NONEWPARA**-SINGULA*"; +const char *report_eigrpauth_obs2 = "*NOTEXTSTART* was configured with no *ABBREV*MD5*-ABBREV* authentication."; +const char *report_eigrpauth_impact = "An attacker who is able to update the routing tables could capture network traffic, perform a network-wide *ABBREV*DoS*-ABBREV* or a man-in-the-middle attack."; +const char *report_eigrpauth_ease = "Once an attacker has established the type of authentication in use, they could use the information to pose as a router and insert routes into the routing tables by sending specially crafted *ABBREV*EIGRP*-ABBREV* packets. *ABBREV*EIGRP*-ABBREV* packets can be captured using a variety of techniques and tools are available on the Internet that can be used to exploit insecure *ABBREV*EIGRP*-ABBREV* configurations."; +const char *report_eigrpauth_rec = "*COMPANY* recommends that all *ABBREV*EIGRP*-ABBREV* interfaces be configured with *ABBREV*EIGRP*-ABBREV* *ABBREV*MD5*-ABBREV*-based authentication. Furthermore, *COMPANY* recommends that all interfaces where *ABBREV*EIGRP*-ABBREV* is not required be configured as passive. *ABBREV*EIGRP*-ABBREV* *ABBREV*MD5*-ABBREV* authentication can be configured on each interface with the following commands:*NEWPARA**COMMAND*ip authentication mode eigrp *CMDREQUIRE**CMDUSER*autonomous number*-CMDUSER**-CMDREQUIRE* md5*-COMMAND**NEWLINE**COMMAND*ip authentication key-chain eigrp *CMDREQUIRE**CMDUSER*autonomous number*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*key chain*-CMDUSER**-CMDREQUIRE**-COMMAND**NEWLINE*Passive interfaces can be configured with the following *ABBREV*EIGRP*-ABBREV* router command:*NEWPARA**COMMAND*passive-interface *CMDREQUIRE**CMDUSER*interface type*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*interface number*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_eigrpauth_context = "the EIGRP configuration did not include MD5 authentication for all EIGRP interfaces"; +const char *report_eigrpauth_rectext = "Configure MD5 authentication on all EIGRP interfaces"; +const char *report_eigrpauth_table = "Interfaces with no EIGRP authentication"; + +// RIP +const char *report_rip_title = "RIP Authentication"; +const char *report_rip_obs = "*ABBREV*RIP*-ABBREV* is a routing protocol that allows network devices to dynamically adapt to changes in the network infrastructure, enabling network devices to forward traffic using the shortest route to their destination. There are two versions of *ABBREV*RIP*-ABBREV* configurable on *DEVICETYPE* devices. *ABBREV*RIP*-ABBREV* version 2 provides a mechanism where routing updates can be authenticated, however *ABBREV*RIP*-ABBREV* version 1 provides no similar mechanism. *ABBREV*RIP*-ABBREV* version 2 supports clear-text authentication and *ABBREV*MD5*-ABBREV* authentication.*NEWPARA**COMPANY* determined that *ABBREV*RIP*-ABBREV* had been configured without encrypted authentication for sent and received updates on *NUMBER* network *SINGULA*interface *NONEWPARA**-SINGULA**PLAURAL*interfaces, these are listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_rip_table = "Insecure RIP interface configurations"; +const char *report_rip_tab_desc1 = "No RIP version 2 key chain or MD5 authentication was configured."; +const char *report_rip_tab_desc2 = "No RIP version 2 key chain was configured."; +const char *report_rip_tab_desc3 = "No RIP version 2 MD5 authentication was configured."; +const char *report_rip_tab_desc4 = "The interface was not configured to send and receive only RIP version 2."; +const char *report_rip_tab_desc5 = "The interface was not configured to send RIP version 2."; +const char *report_rip_tab_desc6 = "The interface was not configured to receive only RIP version 2."; +const char *report_rip_impact = "If *ABBREV*RIP*-ABBREV* updates are sent and received without encrypted authentication an attacker may be able to inject their own route into the routing table. An attacker could modify routes in order to enable the capture of network traffic or to perform a network *ABBREV*DoS*-ABBREV*."; +const char *report_rip_ease = "An attacker would have to determine what authentication, if any, was configured. Once an attacker has identified an insecure *ABBREV*RIP*-ABBREV* configuration they could attempt to pose as a router and inject routes. Tools are available on the Internet that can transmit *ABBREV*RIP*-ABBREV* updates."; +const char *report_rip_rec = "*COMPANY* recommends *ABBREV*RIP*-ABBREV* be configured with encrypted authentication for all interfaces where *ABBREV*RIP*-ABBREV* packets will be sent and received. Furthermore, *COMPANY* recommends that all interfaces where *ABBREV*RIP*-ABBREV* will not be used be configured as passive. *ABBREV*RIP*-ABBREV* version 2 can be configured with the following router command:*NEWPARA**COMMAND*version 2*-COMMAND**NEWLINE**ABBREV*RIP*-ABBREV* authentication can be configured on each interface using the following commands:*NEWPARA**COMMAND*ip rip authentication key-chain *CMDREQUIRE**CMDUSER*Key Chain*-CMDUSER**-CMDREQUIRE**-COMMAND**NEWLINE**COMMAND*ip rip authentication mode md5*-COMMAND**NEWLINE**ABBREV*RIP*-ABBREV* can be disabled on each individual interfaces using the following router command:*NEWPARA**COMMAND*passive-interface *CMDREQUIRE**CMDUSER*interface type*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*interface number*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_rip_context = "the RIP configuration did not include MD5 authentication for all RIP interfaces"; +const char *report_rip_rectext = "Configure MD5 authentication for all RIP interfaces"; + +// VRRP +const char *report_vrrp_title = "VRRP Authentication"; +const char *report_vrrp_obs = "*DEVICETYPE* devices support *ABBREV*VRRP*-ABBREV*, which is used for router load balancing and redundancy. One *ABBREV*VRRP*-ABBREV* group router will be a master router and *ABBREV*VRRP*-ABBREV* advertisements are sent from it to group members. The advertisements contain the priority and state of the master. If the master router becomes unavailable, an election is held to determine a new *ABBREV*VRRP*-ABBREV* master router. *ABBREV*VRRP*-ABBREV* messages can be unauthenticated or authenticated. *ABBREV*VRRP*-ABBREV* authentication uses either a clear-text password or a *ABBREV*MD5*-ABBREV* password.*NEWPARA**COMPANY* determined that *ABBREV*VRRP*-ABBREV* was configured on *DEVICENAME* without *ABBREV*MD5*-ABBREV* authentication on all *ABBREV*VRRP*-ABBREV* interfaces."; +const char *report_vrrp_impact = "An attacker could transmit *ABBREV*VRRP*-ABBREV* group messages in an attempt to become the *ABBREV*VRRP*-ABBREV* master. If an attacker were able to become the *ABBREV*VRRP*-ABBREV* group master, they could modify the network traffic route in order to capture traffic or to perform a network *ABBREV*DoS*-ABBREV*."; +const char *report_vrrp_ease = "The attacker would have to monitor *ABBREV*VRRP*-ABBREV* traffic in order to determine the *ABBREV*VRRP*-ABBREV* group, priority and the authentication method in use. The attacker would then have to transmit *ABBREV*VRRP*-ABBREV* group messages with a higher priority than the *ABBREV*VRRP*-ABBREV* master in order to become the *ABBREV*VRRP*-ABBREV* master."; +const char *report_vrrp_rec = "*COMPANY* recommends that *ABBREV*MD5*-ABBREV* authentication be configured on all *ABBREV*VRRP*-ABBREV* interfaces. *ABBREV*MD5*-ABBREV* *ABBREV*VRRP*-ABBREV* key string authentication can be configured on each *ABBREV*VRRP*-ABBREV* interface with the following command:*NEWPARA**COMMAND*vrrp *CMDREQUIRE**CMDUSER*group*-CMDUSER**-CMDREQUIRE* authentication md5 *CMDREQUIRE**CMDOPTION*key-string *CMDUSER*password*-CMDUSER**-CMDOPTION* *CMDOR* *CMDOPTION*key-chain *CMDUSER*key chain*-CMDUSER**-CMDOPTION**-CMDREQUIRE**-COMMAND*"; +const char *report_vrrp_context = "the VRRP configuration did not include MD5 authentication for all VRRP interfaces"; +const char *report_vrrp_rectext = "Configure MD5 authentication for all VRRP interfaces"; + +// TCP Keep Alives In +const char *report_keepalive_title = "Inbound TCP Connection Keep Alives"; +const char *report_keepalive_obs = "Connections to a *DEVICETYPE* device could become orphaned if a connection becomes disrupted. An attacker could attempt a *ABBREV*DoS*-ABBREV* attack against a *DEVICETYPE* by exhausting the number of possible connections. *ABBREV*TCP*-ABBREV* keep alive messages can be configured to confirm that a remote connection is valid and then terminate any orphaned connections.*NEWPARA**COMPANY* determined that *ABBREV*TCP*-ABBREV* keep alive messages are not sent for connections from remote hosts."; +const char *report_keepalive_impact = "An attacker could attempt a *ABBREV*DoS*-ABBREV* by exhausting the number of possible connections."; +const char *report_keepalive_ease = "Tools are available on the Internet that can open large numbers of *ABBREV*TCP*-ABBREV* connections without correctly terminating them."; +const char *report_keepalive_rec = "*COMPANY* recommends that *ABBREV*TCP*-ABBREV* keep alive messages be sent to detect and drop orphaned connections from remote systems. *ABBREV*TCP*-ABBREV* keep alive messages can be enabled for connections from remote systems using the following command:*NEWPARA**COMMAND*service tcp-keepalives-in*-COMMAND*"; +const char *report_keepalive_context = "TCP keep alive messages are not configured for inbound connections"; +const char *report_keepalive_rectext = "Enable TCP keep alive messages for inbound connections"; + +// Timeouts +const char *report_timeout_title = "Connection Timeout"; +const char *report_timeout_obs1 = "Connection timeouts can be configured for a number of the device services. If a timeout were configured on an administrative service, an administrator that did not correctly terminate the connection would have it automatically closed after the timeout expires. However, if a timeout is not configured, or is configured to be a long timeout, an unauthorised user may be able to gain access using the administrator's previously logged-in connection.*NEWPARA**COMPANY* identified *NUMBER* connection *SINGULA*setting that was*-SINGULA**PLAURAL*settings that were*-PLAURAL* not configured to timeout within *NONEWPARA*"; +const char *report_timeout_obs2 = "*NOTEXTSTART**SINGULA*. *NONEWPARA**-SINGULA**PLAURAL*, these are listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_timeout_impact = "An attacker who was able to gain access to a connection that had not expired, would be able to continue using that connection. A connection could be a console port on the device that was not correctly terminated or a remote administrative connection."; +const char *report_timeout_ease = "The attacker would have to gain physical access to the device to use the console port, or gain remote access to an administration machine that is attached to the port. To gain access to remote connections, an attacker would have to be able to intercept network traffic between the client and *DEVICENAME*. The attacker would then have to take over the connection, which could be very difficult with some services. Tools are available on the Internet that would facilitate the monitoring of network connections."; +const char *report_timeout_rec1 = "*COMPANY* recommends that a timeout period of *NONEWPARA*"; +const char *report_timeout_rec2 = "*NOTEXTSTART* be configured for connections to the device *DEVICENAME*."; +const char *report_timeout_context = "all connections were not configured with secure connection timeout periods"; +const char *report_timeout_rectext = "Configure secure connection time periods for all connections"; +const char *report_timeout_table = "Connections with inadequate timeout periods"; +struct tableHeading report_timeout_heading1 = {false, 3, "Timeout", 0}; +struct tableHeading report_timeout_heading = {false, 1, "Connection", &report_timeout_heading1}; + +// Aux Port +const char *report_aux_title = "Auxiliary Port"; +const char *report_aux_obs = "The auxiliary port's primary purpose is to provide a remote administration capability. It can allow a remote administrator to use a modem to dial into the Cisco device.*NEWPARA**COMPANY* determined that the auxiliary port on the Cisco device *DEVICENAME* allowed exec connections and did not appear to have the callback feature configured."; +const char *report_aux_impact = "An attacker may discover the modem number for the device during a war-dial. If an attacker were able to connect to the device remotely, then they may be able to brute-force the login to gain access to the device."; +const char *report_aux_ease = "The attacker would have to first identify the telephone number of the device, probably through a war-dial. A modem attached to a telephone line would have to be attached directly to the Cisco device's auxiliary port. Then the attacker would be able to attach to the device in order to perform a brute-force of the login."; +const char *report_aux_rec = "*COMPANY* recommends that, if not required, the auxiliary port exec be disabled. Exec can be disabled on the aux port with the following command:*NEWPARA**COMMAND*no exec*-COMMAND**NEWLINE*If the auxiliary port is required for remote administration, the callback feature can be configured to dial a specific preconfigured telephone number."; +const char *report_aux_context = "the AUX port was configured to allow EXEC connections without the callback functionality"; +const char *report_aux_rectext = "Disable the AUX port or configure the callback feature"; + +// Source IP Routing +const char *report_source_title = "IP Source Routing"; +const char *report_source_obs = "*ABBREV*IP*-ABBREV* source routing is a feature whereby a network packet can specify how it should be routed through the network. Cisco routers normally accept and process source routes specified by a packet, unless the feature has been disabled.*NEWPARA**COMPANY* determined that *ABBREV*IP*-ABBREV* source routing was not disabled."; +const char *report_source_impact = "*ABBREV*IP*-ABBREV* source routing can allow an attacker to specify a route for a network packet to follow, possibly to bypass a Firewall device or an *ABBREV*IDS*-ABBREV*. An attacker could also use source routing to capture network traffic by routing it through a system controlled by the attacker."; +const char *report_source_ease = "An attacker would have to control either a routing device or an end point device in order to modify a packets route through the network. However, tools are available on the Internet that would allow an attacker to specify source routes. Tools are also available to modify network routing using vulnerabilities in some routing protocols."; +const char *report_source_rec = "*COMPANY* recommends that, if not required, IP source routing be disabled. *ABBREV*IP*-ABBREV* source routing can be disabled by issuing the following *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*no ip source routing*-COMMAND*"; +const char *report_source_context = "IP source routing was enabled"; +const char *report_source_rectext = "Disable IP source routing"; + +// Finger +const char *report_finger_title = "Finger"; +const char *report_finger_obs = "The finger service was traditionally installed by default on UNIX-based operating systems, though more recently it is disabled by default. The finger service is started by default on Cisco devices and was not explicitly disabled on *DEVICENAME*."; +const char *report_finger_impact = "A malicious user could use the finger service to gain information about users logged in to the device."; +const char *report_finger_ease = "Tools for querying the finger service are widely available on the Internet and some operating systems include the tools by default."; +const char *report_finger_rec = "*COMPANY* recommends that, if not required, the finger service be disabled. Users who do not have authenticated access to the device do not normally need to know who is logged in to the device. Users who have authenticated access to the device are able to log in and show the current users using the following Cisco *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*show users*-COMMAND**NEWLINE*The following Cisco *ABBREV*IOS*-ABBREV* commands can be used to disable the finger service:*NEWPARA**COMMAND*no ip finger*-COMMAND**NEWLINE**COMMAND*no service finger*-COMMAND*"; +const char *report_finger_context = "the finger service was enabled"; +const char *report_finger_rectext = "Disable the finger service"; + +// HTTP Redirect +const char *report_httpred_title = "Administrative HTTP Redirect"; +const char *report_httpred_obs = "The HTTP redirection setting redirects *ABBREV*HTTP*-ABBREV* administrative traffic to the security device to *ABBREV*HTTPS*-ABBREV* (on port 443 by default). This ensures that all web-based administration is performed using the secure *ABBREV*HTTPS*-ABBREV* protocol.*NEWPARA**COMPANY* determined that the ScreenOS device *DEVICENAME* was not configured with the *ABBREV*HTTP*-ABBREV* redirect setting. However, it should be noted that the *ABBREV*HTTP*-ABBREV* redirect setting is enabled by default on ScreenOS versions 5.1.0 or latter."; +const char *report_httpred_impact = "An attacker who was able to monitor network traffic could capture authentication credentials for the device *DEVICENAME*."; +const char *report_httpred_ease = "Network packet and password sniffing tools are widely available on the Internet. Once authentication credentials have been captured, an attacker with access to the devices management services could use them to gain access."; +const char *report_httpred_rec = "*COMPANY* recommends the *ABBREV*HTTP*-ABBREV* redirect administration setting be configured to force access to the device using the cryptographically secure *ABBREV*HTTPS*-ABBREV* protocol. The following command will set the administrative *ABBREV*HTTP*-ABBREV* redirect setting:*NEWPARA**COMMAND*set admin http redirect*-COMMAND*"; +const char *report_httpred_context = "administrative HTTP access does not redirect to HTTPS"; +const char *report_httpred_rectext = "Configure administrative HTTP redirect"; + +// HTTP +const char *report_http_title = "HyperText Transport Protocol Service"; +const char *report_http_obs1 = "Recent Cisco IOS-based devices support web-based administration using the *ABBREV*HTTP*-ABBREV* protocol. Cisco web-based administration facilities can sometimes be basic but they do provide a simple method of administering remote devices. However, *ABBREV*HTTP*-ABBREV* is a clear-text protocol and is vulnerable to various packet-capture techniques."; +const char *report_http_obs2 = "Even though the *ABBREV*HTTP*-ABBREV* service had not been configured, it can be enabled by default on some Cisco devices."; +const char *report_http_obs3 = "The *ABBREV*HTTP*-ABBREV* service was not configured to restrict network access to the device using an access list. Additionally, the device used the default authentication option, using the enable password to authenticate remote users."; +const char *report_http_obs4 = "The *ABBREV*HTTP*-ABBREV* service was not configured with an access-list to restrict network access to the device."; +const char *report_http_obs5 = "The *ABBREV*HTTP*-ABBREV* service was configured to use the default authentication option, using the enable password to authenticate remote users."; +const char *report_http_obs6 = "The *ABBREV*HTTP*-ABBREV* service was configured and made use of an access-list to restrict access to the device."; +const char *report_http_impact1 = "An attacker who was able to monitor network traffic could capture authentication credentials. *NONEWPARA*"; +const char *report_http_impact2 = "*NOTEXTSTART*This issue is made more serious with the enable password being used for authentication as this would give the attacker full administrative access to the device with the captured credentials. *NONEWPARA*"; +const char *report_http_impact3 = "*NOTEXTSTART*However, this issue is mitigated slightly by employing an access list to restrict network access to the device."; +const char *report_http_ease1 = "Network packet and password sniffing tools are widely available on the Internet. Once authentication credentials have been captured it is trivial to use the credentials to log in using the captured credentials. *NONEWPARA*"; +const char *report_http_ease2 = "Furthermore, it may be possible for an attacker to masquerade as the administrators host in order to bypass configured network access restrictions."; +const char *report_http_rec1 = "*COMPANY* recommends that, if not required, the *ABBREV*HTTP*-ABBREV* service be disabled. If a remote method of access to the device is required, consider using *ABBREV*HTTPS*-ABBREV* or *ABBREV*SSH*-ABBREV*. The encrypted *ABBREV*HTTPS*-ABBREV* and *ABBREV*SSH*-ABBREV* services may require a firmware or hardware upgrade. The *ABBREV*HTTP*-ABBREV* service can be disabled with the following *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*no ip http server*-COMMAND**NEWLINE*If it is not possible to upgrade the device to use the encrypted *ABBREV*HTTPS*-ABBREV* or *ABBREV*SSH*-ABBREV* services, additional security can be configured. *NONEWPARA*"; +const char *report_http_rec2 = "*NOTEXTSTART*An access list can be configured to restrict access to the device. An access list can be specified with the following command:*NEWPARA**COMMAND*ip http access-class *CMDREQUIRE**CMDUSER*access list number*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_http_rec3 = "The authentication method can be changed using the following command (where the authentication method is either local, enable, tacacs or aaa):*NEWPARA**COMMAND*ip http authentication *CMDOPTION**CMDUSER*authentication method*-CMDUSER**-CMDOPTION**-COMMAND*"; +const char *report_http_context = "clear-text remote web-based administration was enabled using HTTP"; +const char *report_http_rectext = "Disable HTTP access to the device"; + +// SNMP +const char *report_snmp_title = "Simple Network Management Protocol"; +const char *report_snmp_obs = "*COMPANY* determined that *ABBREV*SNMP*-ABBREV* protocol version *SINGULA*1 was configured on *DEVICENAME**-SINGULA**PLAURAL*2c was configured on *DEVICENAME**-PLAURAL**NEGATIVE*3 was configured without Auth and Priv authentication*-NEGATIVE*."; +const char *report_snmp_pix_obs = "*DEVICETYPE* devices support only *ABBREV*SNMP*-ABBREV* protocol versions 1 and 2c. *COMPANY* determined that *POSITIVE**ABBREV*SNMP*-ABBREV* was configured on *DEVICENAME*.*PLAURAL* Furthermore, *DEVICENAME* was configured to send *ABBREV*SNMP*-ABBREV* traps to other hosts.*-PLAURAL**NEGATIVE**DEVICENAME* was configured to send *ABBREV*SNMP*-ABBREV* traps to other hosts.*-NEGATIVE*"; +const char *report_snmp_css_obs = "*DEVICETYPE* devices support only *ABBREV*SNMP*-ABBREV* protocol versions 1 and 2c. *COMPANY* determined that *ABBREV*SNMP*-ABBREV* was configured on *DEVICENAME*.*NEGATIVE* Furthermore, *COMPANY* determined that *DEVICENAME* was configured to send *ABBREV*SNMP*-ABBREV* traps to other hosts.*-NEGATIVE*"; +const char *report_snmp_impact = "Due to the unencrypted nature of *ABBREV*SNMP*-ABBREV* protocol versions 1 and 2c, an attacker who was able to monitor network traffic could capture device configuration settings, including authentication details."; +const char *report_snmp_ease = "Network packet monitoring and capture tools are widely available on the Internet and *ABBREV*SNMP*-ABBREV* tools are included as standard with some operating systems."; +const char *report_snmp_rec = "*COMPANY* recommends that, if possible, *ABBREV*SNMP*-ABBREV* version *SINGULA*1 be disabled. Furthermore, *COMPANY* recommends that, if *ABBREV*SNMP*-ABBREV* is required, protocol version *-SINGULA**PLAURAL*2c be disabled. Furthermore, *COMPANY* recommends that, if *ABBREV*SNMP*-ABBREV* is required, protocol version *-PLAURAL*3 be configured with Auth and Priv authentication. *SINGULA**ABBREV*SNMP*-ABBREV* protocol version 1 can be disabled with the following command for each community string:*NEWPARA**COMMAND*no snmp-server community *CMDREQUIRE**CMDUSER*Community String*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDOPTION*RO*-CMDOPTION* *CMDOR* *CMDOPTION*RW*-CMDOPTION**-CMDREQUIRE**-COMMAND**NEWLINE**-SINGULA**PLAURAL**ABBREV*SNMP*-ABBREV* protocol version 2c can be disabled with the following command for each community string:*NEWPARA**COMMAND*no snmp-server community *CMDREQUIRE*Community String*-CMDREQUIRE* *CMDREQUIRE**CMDOPTION*RO*-CMDOPTION* *CMDOR* *CMDOPTION*RW*-CMDOPTION**-CMDREQUIRE**-COMMAND**NEWLINE**-PLAURAL**ABBREV*SNMP*-ABBREV* version 3 Auth and Priv access can be configured with the following commands:*NEWPARA**COMMAND*snmp-server group *CMDREQUIRE**CMDUSER*Group Name*-CMDUSER**-CMDREQUIRE* v3 priv*-COMMAND**NEWLINE**COMMAND*snmp-server user *CMDREQUIRE**CMDUSER*Username*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*Group Name*-CMDUSER**-CMDREQUIRE* v3 auth md5 *CMDREQUIRE**CMDUSER*Auth Keyword*-CMDUSER**-CMDREQUIRE* priv *CMDREQUIRE**CMDOPTION*3des*-CMDOPTION* *CMDOR* *CMDOPTION*aes 128*-CMDOPTION* *CMDOR* *CMDOPTION*aes 192*-CMDOPTION**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*Priv Keyword*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_snmp_pix_rec = "On *DEVICETYPE* devices, *ABBREV*SNMP*-ABBREV* version 3 with auth and priv authentication cannot be configured. Therefore, *COMPANY* recommends that, if not required, *ABBREV*SNMP*-ABBREV* be disabled. *NEGATIVE*Additionally, *COMPANY* recommends that, if not required, the sending of *ABBREV*SNMP*-ABBREV* traps to other hosts be disabled. *-NEGATIVE**ABBREV*SNMP*-ABBREV* access to *DEVICENAME* can be disabled with the following command:*NEWPARA**COMMAND*no snmp-server enable*-COMMAND*"; +const char *report_snmp_pix2_rec = "On *DEVICETYPE* devices, *ABBREV*SNMP*-ABBREV* version 3 with auth and priv authentication cannot be configured. Therefore, *COMPANY* recommends that, if not required, the sending of *ABBREV*SNMP*-ABBREV* traps to other hosts be disabled."; +const char *report_snmp_css_rec = "On *DEVICETYPE* devices, *ABBREV*SNMP*-ABBREV* version 3 with auth and priv authentication cannot be configured. Therefore, *COMPANY* recommends that, if not required, *ABBREV*SNMP*-ABBREV* be disabled. *NEGATIVE*Additionally, *COMPANY* recommends that, if not required, the sending of *ABBREV*SNMP*-ABBREV* traps to other hosts be disabled. *-NEGATIVE**ABBREV*SNMP*-ABBREV* access to *DEVICENAME* can be disabled with the following command:*NEWPARA**COMMAND*restrict snmp*-COMMAND*"; +const char *report_snmp_sos_rec = "On *DEVICETYPE* devices, *ABBREV*SNMP*-ABBREV* version 3 with auth and priv authentication cannot be configured. Therefore, *COMPANY* recommends that, if not required, *ABBREV*SNMP*-ABBREV* be disabled. *NEGATIVE*Additionally, *COMPANY* recommends that, if not required, the sending of *ABBREV*SNMP*-ABBREV* traps to other hosts be disabled. *-NEGATIVE**ABBREV*SNMP*-ABBREV* access to *DEVICENAME* can be disabled with the following command:*NEWPARA**COMMAND*unset snmp *CMDREQUIRE**CMDUSER*community*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_snmp_context = "clear-text remote administration was enabled using SNMP"; +const char *report_snmp_rectext = "Disable SNMP or configure SNMP v3 with auth and priv authentication"; +const char *report_snmp_css_rectext = "Disable SNMP"; + +// Telnet +const char *report_telnet_title = "Telnet"; +const char *report_telnet_obs = "Telnet is widely used to provide remote command-based access to a variety of devices and is commonly used on network devices for remote administration. However, Telnet is a clear-text protocol and is vulnerable to various packet capture techniques.*NEWPARA**COMPANY* determined that Telnet was enabled on *DEVICENAME*."; +const char *report_telnet_impact = "An attacker who was able to monitor network traffic could capture sensitive information or authentication credentials."; +const char *report_telnet_ease = "Network packet and password sniffing tools are widely available on the Internet and some of the tools are specifically designed to capture clear-text protocol authentication credentials. However, in a switched environment an attacker may not be able to capture network traffic destined for other devices without employing an attack such as *ABBREV*ARP*-ABBREV* spoofing."; +const char *report_telnet_rec1 = "*COMPANY* recommends that, if possible, Telnet be disabled. If remote administrative access to the device is required, *COMPANY* recommends that *ABBREV*SSH*-ABBREV* be configured.*SINGULA* An *ABBREV*IOS*-ABBREV* upgrade may be required to add support for *ABBREV*SSH*-ABBREV* to *DEVICENAME*. Cisco introduced *ABBREV*SSH*-ABBREV* into *ABBREV*IOS*-ABBREV* releases starting with *ABBREV*IOS*-ABBREV* version 12.0.5.S.*-SINGULA* The Telnet service can be disabled on individual lines with the following command:*NEWPARA**COMMAND*transport input none*-COMMAND**NEWLINE*The following Cisco *ABBREV*IOS*-ABBREV* command can be used to disable Telnet on individual lines, but enable *ABBREV*SSH*-ABBREV*:*NEWPARA**COMMAND*transport input ssh*-COMMAND*"; +const char *report_telnet_rec2 = "Furthermore, if Telnet or *ABBREV*SSH*-ABBREV* are used for remote administration, *COMPANY* recommends that inbound *ABBREV*ACL*-ABBREV* be configured to restrict access."; +const char *report_css_telnet_rec = "*COMPANY* recommends that, if possible, Telnet be disabled. If Telnet is required, *COMPANY* recommends that filtering be implemented to restrict access. Telnet can be disabled with the following command:*NEWPARA**COMMAND*restrict telnet*-COMMAND*"; +const char *report_telnet_context = "clear-text remote administration was enabled using Telnet"; +const char *report_telnet_rectext = "Disable Telnet access"; + +// ICMP Redirects +const char *report_redirects_title = "ICMP Redirects"; +const char *report_redirects_obs = "*ABBREV*ICMP*-ABBREV* redirect messages allow systems to change the route that network traffic takes. On networks with functional network routing, disabling *ABBREV*ICMP*-ABBREV* redirects will have little to no effect. *ABBREV*ICMP*-ABBREV* redirects are usually enabled by default on Cisco devices.*NEWPARA**COMPANY* determined that the device *DEVICENAME* had support for *ABBREV*ICMP*-ABBREV* redirects enabled*SINGULA* on the network interface *NONEWPARA**-SINGULA**PLAURAL* on the network interfaces listed in Table *TABLEREF**-PLAURAL*."; +const char *report_redirects_impact = "An attacker could use *ABBREV*ICMP*-ABBREV* redirect messages to route network traffic through their own router, possibly allowing them to monitor network traffic."; +const char *report_redirects_ease = "Tools are widely available that can send *ABBREV*ICMP*-ABBREV* redirect messages."; +const char *report_redirects_rec = "*COMPANY* recommends that, if not required, *ABBREV*ICMP*-ABBREV* redirects be disabled on all network interfaces. *ABBREV*ICMP*-ABBREV* redirects can be disabled on each individual network interface using the following command:*NEWPARA**COMMAND*no ip redirects*-COMMAND*"; +const char *report_redirects_rec2 = "*COMPANY* recommends that, if not required, *ABBREV*ICMP*-ABBREV* redirects be disabled. *ABBREV*ICMP*-ABBREV* redirects can be disabled with the following command:*NEWPARA**COMMAND*set ip redirect disable*-COMMAND*"; +const char *report_redirects_context = "ICMP redirects were not disabled for all network interfaces"; +const char *report_redirects_rectext = "Disable ICMP redirects on all network interfaces"; +const char *report_redirects_table = "Interfaces with ICMP redirects enabled"; + +// Default Firewall Policy +const char *report_defaultpolicy_title = "Default Policy"; +const char *report_defaultpolicy_obs = "The *DEVICETYPE* has a default policy to determine if network traffic is permitted or denied when no rules exist that match the network traffic, or if no rules exist at all. *COMPANY* determined that the default policy was to allow the network traffic."; +const char *report_defaultpolicy_impact = "If the default policy allows network traffic, a device with no rules could enable an attacker to access devices and services which they should not be able to access. If the device was configured with rules, the attacker could access services or devices for which no blocking rule exists."; +const char *report_defaultpolicy_ease = ""; +const char *report_defaultpolicy_rec = "*COMPANY* recommends that the default policy denies all network traffic. On *DEVICETYPE* the manufacturer default is to deny traffic by default, to return the device to its default setting use the following command:*NEWPARA**COMMAND*unset policy default-permit-all*-COMMAND*"; +const char *report_defaultpolicy_context = "the device was configured to default to allowing all traffic"; +const char *report_defaultpolicy_rectext = "Set the device to deny all traffic by default"; + +// Insecure FW-1 Policy Collections +const char *report_fw1policy_title = "Policy Collections"; +const char *report_fw1policy_obs = "Policy collections are used to determine which network traffic is allowed or dropped in the different networks controlled by *DEVICETYPE*. *COMPANY* *NEGATIVE*determined that no policy collections were configured.*-NEGATIVE**POSITIVE*identified *NUMBER* security-related issue*PLAURAL*s with the policy collection rules, these are listed in Table *TABLEREF*.*-PLAURAL**SINGULA* with the policy collection rules. *NONEWPARA**-SINGULA**-POSITIVE*"; +const char *report_fw1policy_impact = "*NEGATIVE*If no policy collections are configured the *DEVICETYPE* is redundant and simply provides the attacker with an additional network device to attack.*-NEGATIVE**POSITIVE*If policy collections are not sufficiently restrictive, an attacker may be able to access services or network devices that should not be accessible. Furthermore, an attacker who had compromised a device could install a backdoor which could listen on a network port that was not filtered.*-POSITIVE*"; +const char *report_fw1policy_ease = ""; +const char *report_fw1policy_rec1 = "*COMPANY* recommends that *NEGATIVE*policy collections be configured on the *DEVICETYPE*. However, if it is not required, *COMPANY* recommends that the firewall be decommisioned. If policy collections are configured, *COMPANY* recommends that:*-NEGATIVE**POSITIVE*the policy collections be reviewed and, where possible, modified to ensure that:*-POSITIVE**NONEWPARA*"; +// Rec2 is used by ScreenOS, PIX and CSS as well +const char *report_fw1policy_rec2 = "*NOTEXTSTART*However, in certain circumstances, such as a public web server, a more relaxed configuration may be required to allow any host to access specific hosts and services."; +const char *report_fw1policy_context = "insecure policy collection rules were configured"; +const char *report_fw1policy_rectext = "Review the insecure policy collection rules and reconfigure"; +// Descriptions below are used for ScreenOS/Cisco/Passport devices (except denylog and bypass)... +const char *report_fw1policy_denylog = "policy collection does not end with a deny all and log."; +const char *report_fw1policy_anysrc = "allows access from any source to "; +const char *report_fw1policy_netsrc = "allows access from a network source to "; +const char *report_fw1policy_anysvcsrc = "allows access from any source port to "; +const char *report_fw1policy_std_anysrc = "allows access from any source."; +const char *report_fw1policy_std_netsrc = "allows access from a network source."; +const char *report_fw1policy_std_anysvcsrc = "allows access from any source port."; +const char *report_fw1policy_anydst = "allows access from "; +const char *report_fw1policy_netdst = "allows access from "; +const char *report_fw1policy_netdstsvc = "allows access from "; +const char *report_fw1policy_nolog = "does not log."; +const char *report_fw1policy_nologdenied = "does not log denied access."; +const char *report_fw1policy_reject = "responds to denied network access."; +const char *report_fw1policy_default = "was set to the default action."; +const char *report_fw1policy_bypass = "bypasses the remaining policy collection rules."; +const char *report_fw1policy_disabled = "was disabled."; +const char *report_fw1policyt_denylog = "Policy collection does not end with a deny all and log."; +// Descriptions below are used for ScreenOS/Cisco/Passport devices (except denylog and bypass)... +const char *report_fw1policyt_anysrc = "Allows access from any source to "; +const char *report_fw1policyt_netsrc = "Allows access from a network source to "; +const char *report_fw1policyt_anysvcsrc = "Allows access from any source port to "; +const char *report_fw1policyt_std_anysrc = "Allows access from any source."; +const char *report_fw1policyt_std_netsrc = "Allows access from a network source."; +const char *report_fw1policyt_std_anysvcsrc = "Allows access from any source port."; +const char *report_fw1policyt_anydst = "Allows access from "; +const char *report_fw1policyt_nolog = "Does not log."; +const char *report_fw1policyt_nologdenied = "Does not log denied access."; +const char *report_fw1policyt_reject = "Responds to denied network access."; +const char *report_fw1policyt_bypass = "Bypasses the remaining policy collection rules."; +const char *report_fw1policyt_default = "Was set to the default action."; +const char *report_fw1policyt_disabled = "Was disabled."; +const char *report_fw1policy_table = "Insecure policy collection rules"; +struct tableHeading report_fw1policy_heading2 = {false, 5, "Description", 0}; +struct tableHeading report_fw1policy_heading1 = {false, 1, "Rule", &report_fw1policy_heading2}; +struct tableHeading report_fw1policy_heading = {false, 2, "Collection", &report_fw1policy_heading1}; +struct tableHeading report_fw1issues_heading12 = {false, 1, "policy collections end with a deny all and log", 0}; +struct tableHeading report_fw1issues_heading11 = {false, 1, "logging be enabled for all policy rules", &report_fw1issues_heading12}; +struct tableHeading report_fw1issues_heading10 = {false, 1, "policy rules should not have a default action", &report_fw1issues_heading11}; +struct tableHeading report_fw1issues_heading9 = {false, 1, "policy rules should not be bypassed", &report_fw1issues_heading10}; +struct tableHeading report_fw1issues_heading8 = {false, 1, "policy rules should not reject packets", &report_fw1issues_heading9}; +struct tableHeading report_fw1issues_heading7 = {false, 1, "disabled policy rules are removed", &report_fw1issues_heading8}; +struct tableHeading report_fw1issues_heading6 = {false, 1, "policy rules log denied access", &report_fw1issues_heading7}; +struct tableHeading report_fw1issues_heading5 = {false, 1, "policy rules do not allow access to any destination port", &report_fw1issues_heading6}; +struct tableHeading report_fw1issues_heading4 = {false, 1, "policy rules do not allow access to entire destination networks", &report_fw1issues_heading5}; +struct tableHeading report_fw1issues_heading3 = {false, 1, "policy rules do not allow access to any destination", &report_fw1issues_heading4}; +struct tableHeading report_fw1issues_heading2 = {false, 1, "policy rules do not allow access from any source port", &report_fw1issues_heading3}; +struct tableHeading report_fw1issues_heading1 = {false, 1, "policy rules do not allow access from entire source networks", &report_fw1issues_heading2}; +struct tableHeading report_fw1issues_heading = {false, 1, "policy rules do not allow access from any source", &report_fw1issues_heading1}; + +// Insecure ScreenOS Policy Lists +const char *report_policy_title = "Policy Lists"; +const char *report_policy_obs = "Policy lists are used to determined which network traffic is allowed and which is dropped between different zones (interzone), between interfaces in the same zone (intrazone) and the global zone. If a policy has not been configured, any network traffic is blocked by default.*NEWPARA**COMPANY* *POSITIVE*identified *NUMBER* insecure policy list rule*-POSITIVE**PLAURAL*s, these are listed in Table *TABLEREF**-PLAURAL**NEGATIVE*determined that no policies were configured*-NEGATIVE*.*SINGULA* *NONEWPARA**-SINGULA*"; +const char *report_sospolicy_denylog = "policy list does not end with a deny all and log."; +const char *report_sospolicy_bypass = "bypasses the remaining policy list rules."; +const char *report_sospolicyt_denylog = "Policy list does not end with a deny all and log."; +const char *report_sospolicyt_bypass = "Bypasses the remaining policy list rules."; +// All the other descriptions are the same as FW1 ones. +const char *report_nopolicy_impact = "With no policies configured the default policy for *DEVICETYPE* will take effect. *NEGATIVE*The default policy will allow all network traffic, enabling an attacker to access devices and services which they should not be able to access.*-NEGATIVE**POSITIVE*The default policy on *DEVICETYPE* denies all network traffic.*-POSITIVE*"; +const char *report_policy_impact = "If policy lists are not sufficiently restrictive, an attacker may be able to access services or network devices that should not be accessible. Furthermore, an attacker who had compromised a device could install a backdoor which could listen on a network port that was not filtered.*PLAURAL* Additionally, network traffic that is rejected instead of denied makes an attackers scans quicker as the attacker will receive a *ABBREV*TCP*-ABBREV* reset. If the traffic were denied instead, the attackers scans would be slower as they wait for a response and eventually timeout.*-PLAURAL*"; +const char *report_policy_ease = ""; +const char *report_nopolicy_rec1 = "*COMPANY* recommends that policies be configured to ensure that:*NONEWPARA*"; +const char *report_nopolicy_rec2 = "If *DEVICENAME* is not required, *COMPANY* recommends that it be decommissioned."; +const char *report_policy_rec1 = "*COMPANY* recommends that the policy lists be reviewed and, where possible, modified to ensure that:*NONEWPARA*"; +const char *report_nopolicy_context = "no policy lists were configured"; +const char *report_nopolicy_rectext = "Configure a policy or decommission the device"; +const char *report_policy_context = "insecure policy lists were configured"; +const char *report_policy_rectext = "Review the insecure policy list rules and reconfigure"; +const char *report_policy_table = "Insecure policy list rules"; +struct tableHeading report_policy_heading4 = {false, 4, "Description", 0}; +struct tableHeading report_policy_heading3 = {false, 1, "ID", &report_policy_heading4}; +struct tableHeading report_policy_heading2 = {false, 1, "Global Zone", &report_policy_heading3}; +struct tableHeading report_policy_heading1 = {false, 2, "To Zone", &report_policy_heading2}; +struct tableHeading report_policy_heading = {false, 2, "From Zone", &report_policy_heading1}; +struct tableHeading report_issues_heading12 = {false, 1, "policy lists end with a deny all and log", 0}; +struct tableHeading report_issues_heading11 = {false, 1, "logging be enabled for all policy rules", &report_issues_heading12}; +struct tableHeading report_issues_heading10 = {false, 1, "policy rules should not be have a default action", &report_issues_heading11}; +struct tableHeading report_issues_heading9 = {false, 1, "policy rules should not be bypassed", &report_issues_heading10}; +struct tableHeading report_issues_heading8 = {false, 1, "policy rules should not reject packets", &report_issues_heading9}; +struct tableHeading report_issues_heading7 = {false, 1, "disabled policy rules are removed", &report_issues_heading8}; +struct tableHeading report_issues_heading6 = {false, 1, "policy rules log denied access", &report_issues_heading7}; +struct tableHeading report_issues_heading5 = {false, 1, "policy rules do not allow access to any destination port", &report_issues_heading6}; +struct tableHeading report_issues_heading4 = {false, 1, "policy rules do not allow access to entire destination networks", &report_issues_heading5}; +struct tableHeading report_issues_heading3 = {false, 1, "policy rules do not allow access to any destination", &report_issues_heading4}; +struct tableHeading report_issues_heading2 = {false, 1, "policy rules do not allow access from any source port", &report_issues_heading3}; +struct tableHeading report_issues_heading1 = {false, 1, "policy rules do not allow access from entire source networks", &report_issues_heading2}; +struct tableHeading report_issues_heading = {false, 1, "policy rules do not allow access from any source", &report_issues_heading1}; + +// SonicOS Access Rules +const char *report_sonicosrules_title = "Access Rules"; +const char *report_sonicosrules_obs = "*DEVICETYPE* access rules are sequential lists of allow, deny and discard rules that specify whether network traffic should be allowed or dropped. Both the deny and discard actions block the traffic that matches the rule, but a deny will notify the sender that the packet was blocked. Access rules are used to restrict access to services and network devices, preventing access to services and devices that should not be accessible.*NEWPARA**COMPANY* identified *NUMBER* security-related issue*PLAURAL*s*-PLAURAL* with the configured access rules*PLAURAL*, these are listed in Table *TABLEREF*.*-PLAURAL**SINGULA*. *NONEWPARA**-SINGULA*"; +const char *report_sonicosrules_impact = "If access rules are not sufficiently restrictive, an attacker may be able to access services or network devices that should not be accessible. Furthermore, an attacker who had compromised a device could install a backdoor which could listen on a network port that was not filtered."; +const char *report_sonicosrules_ease = ""; +const char *report_sonicosrules_rec = "*COMPANY* recommends that the access rules be reviewed and, where possible, modified to ensure that:*NONEWPARA*"; +const char *report_sonicosrules_context = "insecure access rules were configured"; +const char *report_sonicosrules_rectext = "Configure all access rules to only allow access to the hosts and services required"; +struct tableHeading report_sonicosrules_heading12 = {false, 1, "access rule lists end with a deny all and log", 0}; +struct tableHeading report_sonicosrules_heading11 = {false, 1, "logging be enabled for all access rules", &report_sonicosrules_heading12}; +struct tableHeading report_sonicosrules_heading10 = {false, 1, "access rules should not be have a default action", &report_sonicosrules_heading11}; +struct tableHeading report_sonicosrules_heading9 = {false, 1, "access rules should not be bypassed", &report_sonicosrules_heading10}; +struct tableHeading report_sonicosrules_heading8 = {false, 1, "access rules should not deny packets", &report_sonicosrules_heading9}; +struct tableHeading report_sonicosrules_heading7 = {false, 1, "disabled access rules are removed", &report_sonicosrules_heading8}; +struct tableHeading report_sonicosrules_heading6 = {false, 1, "access rules log denied access", &report_sonicosrules_heading7}; +struct tableHeading report_sonicosrules_heading5 = {false, 1, "access rules do not allow access to any destination port", &report_sonicosrules_heading6}; +struct tableHeading report_sonicosrules_heading4 = {false, 1, "access rules do not allow access to entire destination networks", &report_sonicosrules_heading5}; +struct tableHeading report_sonicosrules_heading3 = {false, 1, "access rules do not allow access to any destination", &report_sonicosrules_heading4}; +struct tableHeading report_sonicosrules_heading2 = {false, 1, "access rules do not allow access from any source port", &report_sonicosrules_heading3}; +struct tableHeading report_sonicosrules_heading1 = {false, 1, "access rules do not allow access from entire source networks", &report_sonicosrules_heading2}; +struct tableHeading report_sonicosrules_heading = {false, 1, "access rules do not allow access from any source", &report_sonicosrules_heading1}; +struct tableHeading report_sonicosaccess_heading3 = {false, 4, "Description", 0}; +struct tableHeading report_sonicosaccess_heading2 = {false, 1, "Rule", &report_sonicosaccess_heading3}; +struct tableHeading report_sonicosaccess_heading1 = {false, 2, "To", &report_sonicosaccess_heading2}; +struct tableHeading report_sonicosaccess_heading = {false, 2, "From", &report_sonicosaccess_heading1}; +const char *report_sonicosaccess_table = "Insecure access rules"; +const char *report_sonicosrules_denylog = "policy list does not end with a deny all and log."; +const char *report_sonicosrulest_denylog = "Policy list does not end with a deny all and log."; + +// PIX/IOS Access-Lists +const char *report_accesslist_title = "Access Control Lists"; +const char *report_accesslist_obs1 = "*ABBREV*ACL*-ABBREV* are sequential lists of allow and deny *ABBREV*ACEs*-ABBREV* that specify whether network traffic should be allowed or dropped. *ABBREV*ACLs*-ABBREV* are used to restrict access to services and network devices, preventing access to services and devices that should not be accessible.*NEWPARA**COMPANY* *NEGATIVE*determined that no *ABBREV*ACL*-ABBREV* were configured on *DEVICENAME*.*-NEGATIVE**POSITIVE*identified *NUMBER* security-related issue*PLAURAL*s*-PLAURAL* with the configured *ABBREV*ACL*-ABBREV**PLAURAL*, these are listed in Table *TABLEREF**-PLAURAL*.*SINGULA* *NONEWPARA**-SINGULA**-POSITIVE*"; +const char *report_accesslist_impact = "*NEGATIVE*With no *ABBREV*ACL*-ABBREV* configured*-NEGATIVE**POSITIVE*If *ABBREV*ACEs*-ABBREV* are not sufficiently restrictive*-POSITIVE*, an attacker may be able to access services or network devices that should not be accessible. Furthermore, an attacker who had compromised a device could install a backdoor which could listen on a network port that was not filtered."; +const char *report_accesslist_noacl_pix_impact = "If no *ABBREV*ACL*-ABBREV* are configured the *DEVICETYPE* is redundant and simply provides the attacker with an additional network device to attack."; +const char *report_accesslist_ease = ""; +const char *report_accesslist_rec = "*COMPANY* recommends that *NEGATIVE**ABBREV*ACL*-ABBREV* be configured to restrict access to devices and services. Furthermore, *COMPANY* recommends that:*-NEGATIVE**POSITIVE*the *ABBREV*ACLs*-ABBREV* be reviewed and, where possible, modified to ensure that:*-POSITIVE**NONEWPARA*"; +const char *report_accesslist_context = "insecure ACL were configured"; +const char *report_accesslist_rectext = "Configure all ACL to only allow access to the hosts and services required"; +const char *report_accesslist2_rectext = "Configure all ACL to only allow access to the hosts and services required and log all blocked traffic"; +struct tableHeading report_aclrec_heading12 = {false, 1, "ACL end with a deny all and log", 0}; +struct tableHeading report_aclrec_heading11 = {false, 1, "logging be enabled for all ACE", &report_aclrec_heading12}; +struct tableHeading report_aclrec_heading10 = {false, 1, "ACE should not have a default action", &report_aclrec_heading11}; +struct tableHeading report_aclrec_heading9 = {false, 1, "ACL should not be bypassed", &report_aclrec_heading10}; +struct tableHeading report_aclrec_heading8 = {false, 1, "ACE should not reject packets", &report_aclrec_heading9}; +struct tableHeading report_aclrec_heading7 = {false, 1, "disabled ACE are removed", &report_aclrec_heading8}; +struct tableHeading report_aclrec_heading6 = {false, 1, "ACE log denied access", &report_aclrec_heading7}; +struct tableHeading report_aclrec_heading5 = {false, 1, "ACE do not allow access to any destination port", &report_aclrec_heading6}; +struct tableHeading report_aclrec_heading4 = {false, 1, "ACE do not allow access to entire destination networks", &report_aclrec_heading5}; +struct tableHeading report_aclrec_heading3 = {false, 1, "ACE do not allow access to any destination", &report_aclrec_heading4}; +struct tableHeading report_aclrec_heading2 = {false, 1, "ACE do not allow access from any source port", &report_aclrec_heading3}; +struct tableHeading report_aclrec_heading1 = {false, 1, "ACE do not allow access from entire source networks", &report_aclrec_heading2}; +struct tableHeading report_aclrec_heading = {false, 1, "ACE do not allow access from any source", &report_aclrec_heading1}; +const char *report_accesslist_table1 = "Insecure Access Control Entries"; +const char *report_accesslist_denylog = "ACL does not end with a deny all and log."; +const char *report_accesslist_std_denylog = "ACL does not end with a deny and log."; +const char *report_accesslist_bypass = "bypasses the remaining ACEs."; +const char *report_accesslistt_bypass = "Bypasses the remaining ACEs."; +const char *report_accesslist_old = "The ACL"; +const char *report_accesslist_std = "The standard ACL"; +const char *report_accesslist_ext = "The extended ACL"; +struct tableHeading report_accesslist_heading3 = {false, 65, "Description", 0}; +struct tableHeading report_accesslist_heading2 = {false, 15, "Type", &report_accesslist_heading3}; +struct tableHeading report_accesslist_heading1 = {false, 10, "Line", &report_accesslist_heading2}; +struct tableHeading report_accesslist_heading = {false, 10, "ACL", &report_accesslist_heading1}; +struct tableHeading report_accesslists_heading2 = {false, 4, "Description", 0}; +struct tableHeading report_accesslists_heading1 = {false, 1, "Line", &report_accesslists_heading2}; +struct tableHeading report_accesslists_heading = {false, 2, "ACL", &report_accesslists_heading1}; + +// Cisco CSS ACL... +const char *report_accesslist_css_obs = "*ABBREV*ACL*-ABBREV* are sequential lists of allow, deny and bypass clauses that determine whether network traffic is permitted or dropped. All *ABBREV*ACLs*-ABBREV* have a hidden deny all clause as the final clause, clause 255. *ABBREV*ACLs*-ABBREV* are used to restrict access to services and network devices, preventing access to services and devices that should not be accessible.*NEWPARA**COMPANY* *NEGATIVE*determined that no *ABBREV*ACL*-ABBREV* were configured*-NEGATIVE**SINGULA*identified *NUMBER* insecure *ABBREV*ACL*-ABBREV* clause, *NONEWPARA**-SINGULA**PLAURAL*identified *NUMBER* insecure *ABBREV*ACL*-ABBREV* clauses, these are listed in Table *TABLEREF**-PLAURAL*."; +const char *report_accesslist_css_impact = "*POSITIVE*If *ABBREV*ACL*-ABBREV* clauses are not sufficiently restrictive*-POSITIVE**NEGATIVE*With no *ABBREV*ACL*-ABBREV* configured*-NEGATIVE*, an attacker may be able to access services or network devices that should not be accessible. Furthermore, an attacker who had compromised a device could install some backdoor software which could listen on a network port that was not filtered."; +const char *report_accesslist_css_bypass = "bypasses the remaining clauses."; +const char *report_accesslistt_css_bypass = "Bypasses the remaining clauses."; +const char *report_accesslist_css_table = "Insecure ACL Clauses"; +struct tableHeading report_aclrec_css_heading12 = {false, 1, "ACL end with a deny all and log", 0}; +struct tableHeading report_aclrec_css_heading11 = {false, 1, "logging be enabled for all clauses", &report_aclrec_css_heading12}; +struct tableHeading report_aclrec_css_heading10 = {false, 1, "clauses should not have a default action", &report_aclrec_css_heading11}; +struct tableHeading report_aclrec_css_heading9 = {false, 1, "ACL should not be bypassed", &report_aclrec_css_heading10}; +struct tableHeading report_aclrec_css_heading8 = {false, 1, "clauses should not reject packets", &report_aclrec_css_heading9}; +struct tableHeading report_aclrec_css_heading7 = {false, 1, "disabled clauses are removed", &report_aclrec_css_heading8}; +struct tableHeading report_aclrec_css_heading6 = {false, 1, "clauses log denied access", &report_aclrec_css_heading7}; +struct tableHeading report_aclrec_css_heading5 = {false, 1, "clauses do not allow access to any destination port", &report_aclrec_css_heading6}; +struct tableHeading report_aclrec_css_heading4 = {false, 1, "clauses do not allow access to entire destination networks", &report_aclrec_css_heading5}; +struct tableHeading report_aclrec_css_heading3 = {false, 1, "clauses do not allow access to any destination", &report_aclrec_css_heading4}; +struct tableHeading report_aclrec_css_heading2 = {false, 1, "clauses do not allow access from any source port", &report_aclrec_css_heading3}; +struct tableHeading report_aclrec_css_heading1 = {false, 1, "clauses do not allow access from entire source networks", &report_aclrec_css_heading2}; +struct tableHeading report_aclrec_css_heading = {false, 1, "clauses do not allow access from any source", &report_aclrec_css_heading1}; +struct tableHeading report_accesslist_css_heading2 = {false, 4, "Description", 0}; +struct tableHeading report_accesslist_css_heading1 = {false, 1, "Clause", &report_accesslist_css_heading2}; +struct tableHeading report_accesslist_css_heading = {false, 1, "ACL", &report_accesslist_css_heading1}; +const char *report_accesslist_noacl_title = "Access Control Lists Disabled"; +const char *report_accesslist_noacl_context = "ACL are disabled"; +const char *report_accesslist_noacl_rectext = "Enable ACL to restrict access to hosts and services"; +const char *report_accesslist_disabled_css_obs = "*ABBREV*ACLs*-ABBREV* are used to restrict access to services and network devices, preventing access to services and devices that should not be accessible. However, without enabling *ABBREV*ACL*-ABBREV* all network traffic is allowed.*NEWPARA**COMPANY* determined that*POSITIVE*, although *ABBREV*ACL*-ABBREV* have been configured,*-POSITIVE* *ABBREV*ACL*-ABBREV* are disabled on *DEVICENAME*."; +const char *report_accesslist_disabled_css_impact = "With *ABBREV*ACLs*-ABBREV* disabled, an attacker could gain access to hosts and services for which they should not be able to access."; +const char *report_accesslist_disabled_css_rec = "*COMPANY* recommends that *ABBREV*ACL*-ABBREV* be enabled. Once enabled, all traffic is denied by default, so an *ABBREV*ACL*-ABBREV* should be configured to permit traffic to the device prior to enabling *ABBREV*ACL*-ABBREV*. *ABBREV*ACL*-ABBREV* can be enabled with the following *DEVICETYPE* command:*NEWPARA**COMMAND*acl enable*-COMMAND*"; + +// Passport filters... +const char *report_pasfilter_title = "IP Traffic Filters"; +const char *report_pasfilter_obs = "*DEVICETYPE* *ABBREV*IP*-ABBREV* filter sets are sequetial lists of filters that determine whether network traffic is permitted or denied. *ABBREV*IP*-ABBREV* Filter sets are applied to *DEVICETYPE* ports, which can also be configured with a default action to drop or forward network packets. *ABBREV*IP*-ABBREV* Filter sets are used restrict access to services and network devices, preventing access to services and devices that should not be accessible.*NEWPARA**COMPANY* *NEGATIVE*determined that no filter sets were configured on *DEVICENAME*.*-NEGATIVE**POSITIVE*identified *NUMBER* insecure filter*SINGULA*.*NONEWPARA**-SINGULA**PLAURAL*s, these are listed in Table *TABLEREF*.*-PLAURAL**-POSITIVE*"; +const char *report_pasfilter_impact = "*POSITIVE*If *ABBREV*IP*-ABBREV* filter sets are not sufficiently restrictive*-POSITIVE**NEGATIVE*If filter sets are not configured*-NEGATIVE*, an attacker may be able to access services or network devices that should not be accessible. Furthermore, an attacker who had compromised a device could install some backdoor software which could listen on a network port that was not filtered."; +const char *report_pasfilter_ease = ""; +const char *report_pasfilter_rec = "*COMPANY* recommends that *NEGATIVE*filter sets be configured on *DEVICENAME*. Furthermore, *COMPANY* recommends*-NEGATIVE**POSITIVE*the *ABBREV*IP*-ABBREV* filter sets be reviewed and, where possible, modified to ensure*-POSITIVE* that:*NONEWPARA*"; +const char *report_pasfilter_context = "insecure filters were configured"; +const char *report_pasfilter_rectext = "Configure all filters to only allow access to the hosts and services required"; +const char *report_pasfilter_denylog = "IP filter set does not end with a deny all and log."; +const char *report_pasfilter_bypass = "bypasses the remaining filters."; +const char *report_pasfiltert_bypass = "Bypasses the remaining filters."; +struct tableHeading report_pasfilter_heading12 = {false, 1, "IP filter sets end with a deny all and log", 0}; +struct tableHeading report_pasfilter_heading11 = {false, 1, "logging be enabled for all filters", &report_pasfilter_heading12}; +struct tableHeading report_pasfilter_heading10 = {false, 1, "filters should not have a default action", &report_pasfilter_heading11}; +struct tableHeading report_pasfilter_heading9 = {false, 1, "IP filter sets should not be bypassed", &report_pasfilter_heading10}; +struct tableHeading report_pasfilter_heading8 = {false, 1, "filters should not reject packets", &report_pasfilter_heading9}; +struct tableHeading report_pasfilter_heading7 = {false, 1, "disabled filters are removed", &report_pasfilter_heading8}; +struct tableHeading report_pasfilter_heading6 = {false, 1, "filters log denied access", &report_pasfilter_heading7}; +struct tableHeading report_pasfilter_heading5 = {false, 1, "filters do not allow access to any destination port", &report_pasfilter_heading6}; +struct tableHeading report_pasfilter_heading4 = {false, 1, "filters do not allow access to entire destination networks", &report_pasfilter_heading5}; +struct tableHeading report_pasfilter_heading3 = {false, 1, "filters do not allow access to any destination", &report_pasfilter_heading4}; +struct tableHeading report_pasfilter_heading2 = {false, 1, "filters do not allow access from any source port", &report_pasfilter_heading3}; +struct tableHeading report_pasfilter_heading1 = {false, 1, "filters do not allow access from entire source networks", &report_pasfilter_heading2}; +struct tableHeading report_pasfilter_heading = {false, 1, "filters do not allow access from any source", &report_pasfilter_heading1}; +struct tableHeading report_pasfilter_table_heading2 = {false, 4, "Description", 0}; +struct tableHeading report_pasfilter_table_heading1 = {false, 1, "Filter ID", &report_pasfilter_table_heading2}; +struct tableHeading report_pasfilter_table_heading = {false, 1, "Filter Set", &report_pasfilter_table_heading1}; +const char *report_pasfilter_table = "Insecure filters"; + +// Remote SSH Management Hosts +const char *report_sshman_title = "Remote SSH Management Hosts"; +const char *report_sshman_obs = "It is possible to configure *ABBREV*SSH*-ABBREV* on *DEVICETYPE* to restrict remote administrative access to specific management addresses. However, *COMPANY* determined that the remote management of *DEVICENAME* using *ABBREV*SSH*-ABBREV* was not restricted to individual remote management *ABBREV*IP*-ABBREV* addresses."; +const char *report_sshman_impact = "If an attacker were able to determine the authentication credentials for *DEVICENAME*, due to relaxed remote management configuration they may be able to gain access using *ABBREV*SSH*-ABBREV*. Additionally, if a vulnerability were to exist in the *ABBREV*SSH*-ABBREV* service, an attacker may be able to gain access to the device due to the weak remote access restrictions."; +const char *report_sshman_ease = ""; +const char *report_sshman_rec = "*COMPANY* recommends that remote management access using *ABBREV*SSH*-ABBREV* be restricted to the individual *ABBREV*IP*-ABBREV* addresses required. Access can be restricted using the following command:*NEWPARA**COMMAND*ssh *CMDREQUIRE**CMDUSER*ip address*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*net mask*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*interface*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_sshman_context = "entire networks are allowed remote management access using SSH"; +const char *report_sshman_rectext = "Restrict remote SSH management to specific hosts"; + +// Flood Guard +const char *report_floodguard_title = "Flood Guard"; +const char *report_floodguard_obs = "The Flood Guard feature enables a *DEVICETYPE* to reclaim system resources if the circumstances occur whereby resources have been exhausted. *COMPANY* determined that the Flood Guard feature was not enabled on *DEVICENAME*."; +const char *report_floodguard_impact = "An attacker could perform a *ABBREV*DoS*-ABBREV* attack against *DEVICENAME* by consuming the *DEVICETYPE* resources with a flood of connection attempts."; +const char *report_floodguard_ease = "Tools are available on the Internet that can perform a *ABBREV*DoS*-ABBREV* attack."; +const char *report_floodguard_rec = "*COMPANY* recommends that the Flood Guard feature be enabled. Flood Guard can be enabled with the following command:*NEWPARA**COMMAND*floodguard enable*-COMMAND*"; +const char *report_floodguard_context = "the flood guard feature was not enabled"; +const char *report_floodguard_rectext = "Enable Flood Guard"; + +// Cisco Express Forwarding / Unicast Reverse Packet Forwarding +const char *report_urpf_title = "Unicast Reverse Packet Forwarding Verification"; +const char *report_urpf_obs = "Any configured network packet filtering will have an impact on a device's performance and the more filtering configured, the greater the impact. Typically, additional filtering is configured to perform sanity checks on network traffic to ensure that traffic being routed through the network originates from a valid *ABBREV*IP*-ABBREV* address, this ensures that traffic entering a network does not originate from an internal *ABBREV*IP*-ABBREV* address range. Cisco provides *ABBREV*uRPF*-ABBREV* verification to perform network traffic sanity checks without the performance impact of *ABBREV*ACL*-ABBREV* network filtering. *ABBREV*uRPF*-ABBREV* verification must be enabled on each interface on which sanity checks should be performed and will automatically adjust to topology changes. *ABBREV*uRPF*-ABBREV* verification makes use of *ABBREV*CEF*-ABBREV*, which must be enabled.*NEWPARA**COMPANY* determined that *NEGATIVE**ABBREV*CEF*-ABBREV* was not enabled*-NEGATIVE**SINGULA**ABBREV*uRPF*-ABBREV* verification was not enabled on interface *NONEWPARA**-SINGULA**PLAURAL**ABBREV*uRPF*-ABBREV* verification was not enabled on the interfaces listed in Table *TABLEREF**-PLAURAL*."; +const char *report_urpf_pix_obs = "Any configured network packet filtering will have an impact on a device's performance and the more filtering configured, the greater the impact. Typically, additional filtering is configured to perform sanity checks on network traffic to ensure that traffic being passed through the *DEVICETYPE* originates from a valid *ABBREV*IP*-ABBREV* address, this ensures that traffic entering a network does not originate from an internal *ABBREV*IP*-ABBREV* address range. Cisco provides *ABBREV*uRPF*-ABBREV* verification to perform network traffic sanity checks without the performance impact of *ABBREV*ACL*-ABBREV* network filtering. *ABBREV*uRPF*-ABBREV* verification must be enabled for each interface on which sanity checks should be performed and will automatically adjust to topology changes.*NEWPARA**COMPANY* determined that *ABBREV*uRPF*-ABBREV* verification was not enabled on the interface*SINGULA**NONEWPARA**-SINGULA**PLAURAL*s listed in Table *TABLEREF**-PLAURAL*."; +const char *report_urpf_impact = "A network packet with a spoofed source address could be routed by the device, bypassing any configured *ABBREV*ACLs*-ABBREV*."; +const char *report_urpf_ease = ""; +const char *report_urpf_rec = "*COMPANY* recommends that, where possible, *ABBREV*uRPF*-ABBREV* verification be enabled on all network interfaces. *ABBREV*uRPF*-ABBREV* verification can be enabled on each network interface with the following command:*NEWPARA**COMMAND*ip verify unicast reverse-path*-COMMAND**NEWPARA**NEGATIVE**ABBREV*CEF*-ABBREV* can be enabled with the following command on routers without *ABBREV*VIPs*-ABBREV*:*NEWPARA**COMMAND*ip cef*-COMMAND**NEWLINE*On routers with *ABBREV*VIPs*-ABBREV* the following command will enable *ABBREV*CEF*-ABBREV*:*NEWPARA**COMMAND*ip cef distributed*-COMMAND**NEWLINE**-NEGATIVE*It is worth noting that not all devices support *ABBREV*uRPF*-ABBREV* verification and it is best implemented only on edge routers. Furthermore, *ABBREV*uRPF*-ABBREV* verification should not be used if any of the router's interfaces participate in asymmetric routes. If it is not possible to implement *ABBREV*uRPF*-ABBREV* verification, then *COMPANY* recommends that *ABBREV*ACL*-ABBREV* be configured on edge routers to perform sanity checks on network traffic."; +const char *report_urpf_pix_rec = "*COMPANY* recommends that, where possible, *ABBREV*uRPF*-ABBREV* verification be enabled for all outside network interfaces. *ABBREV*uRPF*-ABBREV* verification can be enabled for each network interface with the following command:*NEWPARA**COMMAND*ip verify reverse-path interface *CMDREQUIRE**CMDUSER*interface*-CMDUSER**-CMDREQUIRE**-COMMAND**NEWLINE*If it is not possible to implement *ABBREV*uRPF*-ABBREV* verification, then *COMPANY* recommends that *ABBREV*ACL*-ABBREV* be configured on edge devices to perform sanity checks on network traffic."; +const char *report_urpf_context = "uRPF verification was not enabled on all interfaces"; +const char *report_urpf_rectext = "Enable uRPF verification on all outside interfaces"; +const char *report_urpf_table = "Interfaces without Unicast Reverse Packet Forwarding verification"; + +// Management IP +const char *report_mngrip_title = "Remote Management IP Address"; +const char *report_mngrip_obs = "Network devices will commonly provide management services to enable remote management by network administrators. It is quite common for a modern network device to provide several different methods of securing administrative services, ranging from service configuration options to firewall rules. ScreenOS devices provide a manager-ip configuration setting that defines which hosts or networks are allowed to manage the device.*NEWPARA**COMPANY* determined that the manager-ip setting on *DEVICENAME* was configured to allow any network address to manage the device. However, it should be noted that although the manager-ip setting was not restricting access to the *DEVICENAME* administrative services, other network restrictions could still limit access to those services."; +const char *report_mngrip_impact = "An attacker who was able to connect to the management services provided by *DEVICENAME* are offered a wide variety of options that should be closed to them. The attacker could use the service to help identify the device type and version in order to identify a vulnerability or the attacker could attempt to brute-force the authentication credentials in an attempt to gain access to the device."; +const char *report_mngrip_ease = ""; +const char *report_mngrip_rec = "*COMPANY* recommends that the manager-ip setting be configured to restrict remote administrative access to device services. The manager-ip setting can be configured using the following command:*NEWPARA**COMMAND*set admin manager-ip *CMDREQUIRE**CMDUSER*ip address*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*net mask*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_mngrip_context = "the remote administration IP addresses were not defined"; +const char *report_mngrip_rectext = "Configure the remote administration IP addresses"; + +// Trunking +const char *report_trunking_title = "Switch Port Trunking"; +const char *report_trunking_obs1 = "*DEVICETYPE* devices are able to transfer *ABBREV*VLAN*-ABBREV* packets to different network devices, extending a *ABBREV*VLAN*-ABBREV* across different physical devices. In order to extend a *ABBREV*VLAN*-ABBREV* to a different physical device, a trunk has to be created between the devices. *DEVICETYPE* devices default to allowing a trunk to be negotiated on a particular switch port if the connected device will also allow the trunk and supports a common trunking protocol.*NEWPARA**COMPANY* determined that *NUMBER* switch port*PLAURAL*s*-PLAURAL* allowed a trunk to be negotiated*PLAURAL*, these are listed in Table *TABLEREF**-PLAURAL*.*SINGULA* The switch port *NONEWPARA**-SINGULA*"; +const char *report_trunking_obs2 = " allowed trunking."; +const char *report_trunking_impact = "An attacker who was able to create a trunk would gain direct access to all the *ABBREV*VLANs*-ABBREV* extended over the trunk. This would allow an attacker to bypass any network filtering between the *ABBREV*VLANs*-ABBREV*."; +const char *report_trunking_ease = "The attacker would require knowledge of network trunking. However, tools are available on the Internet that can exploit trunking vulnerabilities."; +const char *report_trunking_rec = "*COMPANY* recommends that, where possible, all switch ports be configured to provide no trunking. If trunking is required on a specific switch port, *COMPANY* recommends that the switch port be configured to trunk only the required *ABBREV*VLANs*-ABBREV*. Switch ports can be configured to provide no trunking on each interface with the following commands:*NEWPARA**COMMAND*switchport mode access*-COMMAND**NEWLINE**COMMAND*switchport nonegotiate*-COMMAND*"; +const char *report_trunking_context = "trunk negotiation was not disabled on all switch ports"; +const char *report_trunking_rectext = "Disable trunk negotiation on all switch ports"; +const char *report_trunking_table = "Switch ports that allow trunking"; + +// Switch Port Security +const char *report_portsecurity_title = "Switch Port Security"; +const char *report_portsecurity_obs1 = "Switch port security enables a *DEVICETYPE* to help prevent unauthorised access to the network by limiting the *ABBREV*MAC*-ABBREV* addresses allowed on specific ports. *ABBREV*MAC*-ABBREV* addresses can either be specified for a particular switch port or can be learned by the *DEVICETYPE*. When port security is configured a variety of actions can be taken when a violation occurs, such as automatically disabling the port.*NEWPARA**COMPANY* identified *NUMBER* switch port*PLAURAL*s*-PLAURAL* that had no port security configured*PLAURAL*, these are listed in Table *TABLEREF*.*-PLAURAL**SINGULA*. Switch port *NONEWPARA**-SINGULA*"; +const char *report_portsecurity_obs2 = "*NOTEXTSTART* was configured with no port security."; +const char *report_portsecurity_impact = "A switch port with no configured port security could allow an attacker to attach an unauthorised device and scan other network attached devices. Depending on the security of the network attached devices, this issue could allow an attacker to perform information gathering, or potentially, gain access to vulnerable devices."; +const char *report_portsecurity_ease = "An attacker would have to gain access to a switch port with no security configured. If the switch port is not directly patched to a wall socket, the attacker would have to gain physical access to the *DEVICETYPE*."; +const char *report_portsecurity_rec = "*COMPANY* recommends that, where possible, port security be enabled on all switch ports. Furthermore, *COMPANY* recommends that all switch ports that are not used be shutdown. Switch port security with *ABBREV*MAC*-ABBREV* address learning and port shutdown on a violation can be configured on each interface with the following commands:*NEWPARA**COMMAND*switchport port-security*-COMMAND**NEWLINE**COMMAND*switchport port-security violation shutdown*-COMMAND**NEWLINE**COMMAND*switchport port-security mac-address sticky*-COMMAND**NEWLINE*Unused interfaces can be disabled with the following interface command:*NEWPARA**COMMAND*shutdown*-COMMAND*"; +const char *report_portsecurity_context = "port security was not enabled on all switch ports"; +const char *report_portsecurity_rectext = "Enable switch port security on all switch ports"; +const char *report_portsecurity_table = "Switch ports with no port security"; + +// Logging +const char *report_logging_title = "Logging"; +const char *report_logging_obs1 = "Logging is an essential component of a secure network configuration. Logging not only assists network administrators to identify issues when troubleshooting, but enables network administrators to react to intrusion attempts or Denial-of-Service attacks. It is therefore critical that logs be monitored, allowing administrators to take immediate action when an attack has been identified. Furthermore, system logs are a key component of a forensic investigation into past intrusions or service disruptions."; +const char *report_logging_obs2 = "*COMPANY* determined that logging had not been configured on *DEVICENAME*."; +const char *report_logging_obs3 = "*COMPANY* determined that logging had been disabled on *DEVICENAME*."; +const char *report_logging_obs4 = "*COMPANY* determined that, although logging was enabled on *DEVICENAME*, both Syslog and Buffered logging were not configured."; +const char *report_logging_obs5 = "*COMPANY* determined that, although logging was enabled on *DEVICENAME*, Syslog logging was not configured."; +const char *report_logging_obs6 = "*COMPANY* determined that, although logging was enabled on *DEVICENAME*, Buffered logging was not configured."; +const char *report_logging_impact = "An attacker could attempt to map and bypass any configured *ABBREV*ACL*-ABBREV* or to gain access to the *DEVICETYPE* without network administrators being alerted to the attempts. Furthermore, after an unauthorised intrusion into the network had been detected, it would be more difficult for an investigation to identify the source of the attack or the entry point without access to logs."; +const char *report_logging_ease = ""; +const char *report_logging_rec1 = "*COMPANY* recommends that Syslog and Buffered logging be configured on *DEVICENAME*. Logging can be enabled with the following command:*NEWPARA**COMMAND*logging on*-COMMAND*"; +const char *report_logging_rec2 = "To configure Syslog logging, four things need to be set; a source interface for the Syslog messages to be sent from, one or more Syslog hosts to send messages to, the Syslog logging message severity level and the Syslog facility. The following commands can be used to configure Syslog logging:*NEWPARA**COMMAND*logging source-interface *CMDREQUIRE**CMDUSER*Interface*-CMDUSER**-CMDREQUIRE**-COMMAND**NEWLINE**COMMAND*logging host *CMDREQUIRE**CMDUSER*Syslog IP address or hostname*-CMDUSER**-CMDREQUIRE**-COMMAND**NEWLINE**COMMAND*logging trap *CMDREQUIRE**CMDUSER*Logging message severity level*-CMDUSER**-CMDREQUIRE**-COMMAND**NEWLINE**COMMAND*logging facility *CMDREQUIRE**CMDUSER*Syslog facility*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_logging_rec3 = "It is worth noting that older *ABBREV*IOS*-ABBREV* versions do not exclude the host parameter when specifying a host to send Syslog messages to. For older *ABBREV*IOS*-ABBREV* versions you would use the following command:*NEWPARA**COMMAND*logging *CMDREQUIRE**CMDUSER*Syslog IP address or hostname*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_logging_rec4 = "Buffered logging can be configured with the following command:*NEWPARA**COMMAND*logging buffered *CMDREQUIRE**CMDUSER*Buffer Size*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*Logging message severity level*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_logging_context = "insufficient logging was configured"; +const char *report_logging_rectext = "Configure Syslog and Buffered logging"; + +// Proxy ARP +const char *report_proxyarp_title = "Proxy ARP"; +const char *report_proxyarp_obs = "*ABBREV*ARP*-ABBREV* is a protocol that network hosts use to translate network addresses into media addresses. Under normal circumstances, *ABBREV*ARP*-ABBREV* packets are confined to the sender's network segment. However, a Cisco router with Proxy *ABBREV*ARP*-ABBREV* enabled on network interfaces can act as a proxy for *ABBREV*ARP*-ABBREV*, responding to queries and acting as an intermediary.*NEWPARA**COMPANY* identified *NUMBER* interface*PLAURAL*s*-PLAURAL* that had Proxy *ABBREV*ARP*-ABBREV* enabled*SINGULA*, *NONEWPARA**-SINGULA**PLAURAL*. These are listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_proxyarp_impact = "A router that acts as a proxy for *ABBREV*ARP*-ABBREV* requests will extend layer two access across multiple network segments, breaking perimeter security."; +const char *report_proxyarp_ease = "A Cisco device with Proxy *ABBREV*ARP*-ABBREV* enabled will proxy *ABBREV*ARP*-ABBREV* requests for all hosts on those interfaces."; +const char *report_proxyarp_rec = "*COMPANY* recommends that, if not required, Proxy *ABBREV*ARP*-ABBREV* be disabled on all interfaces. Proxy *ABBREV*ARP*-ABBREV* can be disabled on each interface with the following Cisco *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*no ip proxy-arp*-COMMAND*"; +const char *report_proxyarp_context = "ARP request proxying was not disabled on all network interfaces"; +const char *report_proxyarp_rectext = "Disable Proxy ARP on all network interfaces"; +const char *report_proxyarp_table = "Interfaces with Proxy ARP enabled"; + +// SSH Protocol Version +const char *report_sshproto_title = "SSH Protocol Version"; +const char *report_sshproto_obs = "The *ABBREV*SSH*-ABBREV* service is commonly used for encrypted command-based remote device management. There are multiple *ABBREV*SSH*-ABBREV* protocol versions and *ABBREV*SSH*-ABBREV* servers will often support multiple versions to maintain backwards compatibility. Although flaws have been identified in implementations of version 2 of the *ABBREV*SSH*-ABBREV* protocol, fundamental flaws exist in *ABBREV*SSH*-ABBREV* protocol version 1.*NEWPARA**COMPANY* determined that support for version 1 of the *ABBREV*SSH*-ABBREV* protocol was supported on *DEVICENAME*."; +const char *report_sshproto_impact = "An attacker who was able to intercept *ABBREV*SSH*-ABBREV* protocol version 1 traffic would be able to perform a man-in-the-middle style attack. The attacker could then capture network traffic and possibly authentication credentials."; +const char *report_sshproto_ease = "Although vulnerabilities are widely known, exploiting the vulnerabilities in the *ABBREV*SSH*-ABBREV* protocol can be difficult."; +const char *report_sshproto_rec1 = "*COMPANY* recommends that the *ABBREV*SSH*-ABBREV* service be configured to support only version 2 of the *ABBREV*SSH*-ABBREV* protocol. Version 2 of the *ABBREV*SSH*-ABBREV* protocol can be configured with the following command:*NEWPARA**COMMAND*ssh version 2*-COMMAND**NEGATIVE**NEWLINE*However, it is worth noting that this command was introduced with *DEVICETYPE* software version 7.0(1) and therefore a software upgrade may be required.*-NEGATIVE*"; // PIX +const char *report_sshproto_rec2 = "*COMPANY* recommends that the *ABBREV*SSH*-ABBREV* service be configured to support only version 2 of the *ABBREV*SSH*-ABBREV* protocol. Version 2 of the *ABBREV*SSH*-ABBREV* protocol can be configured with the following command:*NEWPARA**COMMAND*ip ssh version 2*-COMMAND**SINGULA**NEWLINE*It is worth noting that *ABBREV*SSH*-ABBREV* protocol version 2 support was introduced by Cisco into *ABBREV*IOS*-ABBREV* starting with *ABBREV*IOS*-ABBREV* version 12.1(19)E. Therefore a software upgrade may be required to implement *ABBREV*SSH*-ABBREV* protocol version 2 support.*-SINGULA*"; // IOS +const char *report_sshproto_sos_rec = "*COMPANY* recommends that the *ABBREV*SSH*-ABBREV* service be configured to support only version 2 of the *ABBREV*SSH*-ABBREV* protocol. Version 2 of the *ABBREV*SSH*-ABBREV* protocol can be configured with the following command:*NEWPARA**COMMAND*set ssh version v2*-COMMAND*"; +const char *report_sshproto_context = "SSH protocol version 1 was configured"; +const char *report_sshproto_rectext = "Configure SSH to support only protocol version 2"; + +// CDP +const char *report_cdp_title = "Cisco Discovery Protocol"; +const char *report_cdp_obs = "*ABBREV*CDP*-ABBREV* is a proprietary protocol that is primarily used by Cisco, but has been used by others. *ABBREV*CDP*-ABBREV* allows some network management applications and *ABBREV*CDP*-ABBREV* aware devices to identify each other on a *ABBREV*LAN*-ABBREV* segment. Cisco devices, including switches, bridges and routers are configured to broadcast *ABBREV*CDP*-ABBREV* packets by default.*SINGULA* The devices can be configured to disable the *ABBREV*CDP*-ABBREV* service or disable *ABBREV*CDP*-ABBREV* on individual network interfaces.*-SINGULA**PLAURAL* The devices can be configured to disable the *ABBREV*CDP*-ABBREV* service or disable *ABBREV*CDP*-ABBREV* on individual network interfaces.*-PLAURAL**NEWPARA**COMPANY* determined that *NEGATIVE**ABBREV*CDP*-ABBREV* was enabled.*-NEGATIVE**SINGULA*even though *ABBREV*CDP*-ABBREV* had been disabled on all active interfaces, the *ABBREV*CDP*-ABBREV* service had not been disabled.*-SINGULA**PLAURAL*the *ABBREV*CDP*-ABBREV* service had not been disabled, and additionally, had not been disabled on all the active network interfaces.*-PLAURAL*"; +const char *report_cdp_impact = "*ABBREV*CDP*-ABBREV* packets contain information about the sender, such as hardware model information, operating system version and *ABBREV*IP*-ABBREV* address details. This information would allow an attacker to gain information about the configuration of the network infrastructure."; +const char *report_cdp_ease = "*ABBREV*CDP*-ABBREV* packets are broadcast to an entire network segment. An attacker could use one of the many publicly available tools to capture network traffic and view the leaked information."; +const char *report_cdp_rec1 = "*COMPANY* recommends that, if not required, the *ABBREV*CDP*-ABBREV* service be disabled on the Cisco device *DEVICENAME*. If *ABBREV*CDP*-ABBREV* is required, *COMPANY* recommends that *ABBREV*CDP*-ABBREV* be disabled on all interfaces except those that are explicitly required.*NEWPARA*The *ABBREV*CDP*-ABBREV* service can be disabled by issuing the following Cisco *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*no cdp run*-COMMAND**NEWLINE**ABBREV*CDP*-ABBREV* can be disabled on individual interfaces using the following command:*NEWPARA**COMMAND*no cdp enable*-COMMAND**NEWLINE*In some configurations with *ABBREV*IP*-ABBREV* phones, deployed using either Auto Discovery or *ABBREV*DHCP*-ABBREV*, the *ABBREV*CDP*-ABBREV* service may need to be enabled. In this situation *ABBREV*CDP*-ABBREV* should be disabled on all network interfaces for which it is not required."; +const char *report_cdp_rec2 = "*COMPANY* recommends that, if not required, *ABBREV*CDP*-ABBREV* be disabled. *ABBREV*CDP*-ABBREV* can be disabled with the following command:*NEWPARA**COMMAND*set cdp disable*-COMMAND**NEWLINE**ABBREV*CDP*-ABBREV* can be disabled on individual module ports using the following command:*NEWPARA**COMMAND*set cdp disable*-COMMAND**NEWLINE*In some configurations with *ABBREV*IP*-ABBREV* phones, deployed using either Auto Discovery or *ABBREV*DHCP*-ABBREV*, the *ABBREV*CDP*-ABBREV* service may need to be enabled. In this situation *ABBREV*CDP*-ABBREV* should be disabled on all module ports for which it is not required."; +const char *report_cdp_context = "CDP was not disabled"; +const char *report_cdp_rectext = "Disable CDP"; + +// IP Classless Routing +const char *report_classless_title = "Classless Routing"; +const char *report_classless_obs = "Classless routing is enabled by default on Cisco routers. If a router has classless routing enabled and it receives a network packet for which there is no configured route, the router will forward the packet to the best destination. With classless routing disabled, the router would discard any network traffic for which no route is defined.*NEWPARA**COMPANY* determined that classless routing was enabled on *DEVICENAME*."; +const char *report_classless_impact = "Network traffic that should not be routed by the router may be routed when classless routing is enabled."; +const char *report_classless_ease = ""; +const char *report_classless_rec = "*COMPANY* recommends that, if possible, classless routing be disabled. Classless routing can be disabled with the following command:*NEWPARA**COMMAND*no ip classless*-COMMAND*"; +const char *report_classless_context = "classless routing was enabled"; +const char *report_classless_rectext = "Disable classless routing"; + +// Minimum Password Length +const char *report_passlength_title = "Minimum Password Length"; +const char *report_passlength_obs = "Cisco introduced an option from *ABBREV*IOS*-ABBREV* version 12.3(1) which forces user, enable, secret and line passwords to meet a minimum length. This setting was introduced to help prevent the use of short passwords such as \"cisco\".*NEWPARA**NEGATIVE**COMPANY* determined that the minimum password length functionality was disabled*-NEGATIVE**POSITIVE**COMPANY* determined that a minimum password length of *NUMBER* character*PLAURAL*s*-PLAURAL* was configured*-POSITIVE*."; +const char *report_passlength_impact = "*NEGATIVE*With no password length checking*-NEGATIVE**POSITIVE*With a small minimum password length configured*-POSITIVE*, it would be possible for a short password to be used. If an attacker were able to gain a password through dictionary-based guessing techniques or by a brute-force method, the attacker could gain a level of access to *DEVICENAME*."; +const char *report_passlength_ease = "A number of dictionary-based password guessing and password brute-force tools are available on the Internet."; +const char *report_passlength_rec = "*COMPANY* recommends that a minimum password length of at least *NUMBER* character*PLAURAL*s*-PLAURAL* be configured. The minimum password length can be configured with the following command:*NEWPARA**COMMAND*security passwords min-length *CMDREQUIRE**CMDUSER*length*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_passlength_context = "an inadequate minimum password length was configured"; +const char *report_passlength2_context = "no minimum password length was configured"; +const char *report_passlength_rectext = "Configure a secure minimum password length"; + +// Bootp +const char *report_bootp_title = "BOOTP"; +const char *report_bootp_obs = "*ABBREV*BOOTP*-ABBREV* is a datagram protocol that allows compatible hosts to load their operating system over the network from a *ABBREV*BOOTP*-ABBREV* server. Cisco routers are capable of acting as *ABBREV*BOOTP*-ABBREV* servers for other Cisco devices and the service is enabled by default. However, *ABBREV*BOOTP*-ABBREV* is rarely used and may represent a security risk.*NEWPARA**COMPANY* determined that *ABBREV*BOOTP*-ABBREV* was not disabled. However, it is worth noting that not all Cisco devices support *ABBREV*BOOTP*-ABBREV*."; +const char *report_bootp_impact = "An attacker could use the *ABBREV*BOOTP*-ABBREV* service to download a copy of the router's *ABBREV*IOS*-ABBREV* software."; +const char *report_bootp_ease = "Tools are available on the Internet to access *ABBREV*BOOTP*-ABBREV* servers."; +const char *report_bootp_rec = "*COMPANY* recommends that, if not required, the *ABBREV*BOOTP*-ABBREV* service be disabled. The following command can be used to disable *ABBREV*BOOTP*-ABBREV*:*NEWPARA**COMMAND*no ip bootp server*-COMMAND*"; +const char *report_bootp_context = "BootP was enabled"; +const char *report_bootp_rectext = "Disable BootP"; + +// TCP & UDP Small Servers +const char *report_small_title = "TCP and UDP Small Servers"; +const char *report_small_obs1 = "Cisco devices provide a set of simple servers which are collectively known as *ABBREV*TCP*-ABBREV* small servers and *ABBREV*UDP*-ABBREV* small servers. The services provide little functionality and include chargen, echo and daytime. Cisco *ABBREV*IOS*-ABBREV* version 11.2 and older enable these services by default; newer *ABBREV*IOS*-ABBREV* versions explicitly require them to be started."; +const char *report_small_obs2 = "*COMPANY* determined that the version of *ABBREV*IOS*-ABBREV*, on the Cisco device *DEVICENAME*, enables these servers by default and they have not been explicitly disabled."; +const char *report_small_obs3 = "*COMPANY* determined that both the *ABBREV*TCP*-ABBREV* and *ABBREV*UDP*-ABBREV* small servers were not disabled."; +const char *report_small_obs4 = "*COMPANY* determined that the *ABBREV*TCP*-ABBREV* small servers were not disabled."; +const char *report_small_obs5 = "*COMPANY* determined that the *ABBREV*UDP*-ABBREV* small servers were not disabled."; +const char *report_small_impact = "Each running service increases the chances of an attacker being able to identify the device and successfully compromise it. It is good security practice to disable all unused services."; +const char *report_small_ease = "Tools are widely available to query these services and some operating systems install these tools by default."; +const char *report_small_rec = "*COMPANY* recommends that, if not required, *ABBREV*TCP*-ABBREV* and *ABBREV*UDP*-ABBREV* small servers be explicitly disabled. *ABBREV*TCP*-ABBREV* and *ABBREV*UDP*-ABBREV* small services are rarely used and are disabled by default in newer versions of Cisco *ABBREV*IOS*-ABBREV*."; +const char *report_small_rec_tcp = "*ABBREV*TCP*-ABBREV* small servers can be disabled with the following *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*no service tcp-small-servers*-COMMAND*"; +const char *report_small_rec_udp = "*ABBREV*UDP*-ABBREV* small servers can be disabled with the following *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*no service udp-small-servers*-COMMAND*"; +const char *report_small_context = "all small servers have not been disabled"; +const char *report_small_rectext = "Disable all small servers"; + +// ICMP IP Unreachables +const char *report_icmpunreach_title = "IP Unreachables"; +const char *report_icmpunreach_table = "Interfaces with IP unreachables enabled"; +const char *report_icmpunreach_obs = "*ABBREV*ICMP*-ABBREV* *ABBREV*IP*-ABBREV* unreachable messages can be generated by a Cisco device when a host attempts to connect to a non-existent host, network, or use an unsupported protocol. *ABBREV*ICMP*-ABBREV* *ABBREV*IP*-ABBREV* unreachable messages will let the connecting host know that the host, network or protocol is not supported or cannot be contacted. Therefore, the host does not have to wait for a connection time-out. *ABBREV*ICMP*-ABBREV* *ABBREV*IP*-ABBREV* unreachable messages are normally enabled by default on Cisco devices and must be explicitly disabled.*NEWPARA**COMPANY* determined that the Cisco device *DEVICENAME* had *ABBREV*ICMP*-ABBREV* *ABBREV*IP*-ABBREV* unreachable messages enabled*SINGULA* on the interface *NONEWPARA**-SINGULA**PLAURAL* on the interfaces listed in Table *TABLEREF**-PLAURAL*."; +const char *report_icmpunreach_impact = "An attacker who was performing network scans to determine what services were available would be able to scan a device more quickly."; +const char *report_icmpunreach_ease = "Tools are available on the Internet that can perform a wide variety of scan types."; +const char *report_icmpunreach_rec1 = "*COMPANY* recommends that, if not required, *ABBREV*IP*-ABBREV* unreachables be disabled on all network interfaces. However, whilst disabling *ABBREV*IP*-ABBREV* unreachables will not stop scans, it does make it more difficult for an attacker. The *ABBREV*IP*-ABBREV* unreachables option is disabled or enabled individually for each network interface. It can be disabled with the following command:*NEWPARA**COMMAND*no ip unreachables*-COMMAND*"; +const char *report_icmpunreach_rec2 = "*COMPANY* recommends that, if not required, *ABBREV*IP*-ABBREV* unreachables be disabled. However, whilst disabling *ABBREV*IP*-ABBREV* unreachables will not stop scans, it does make it more difficult for an attacker. The *ABBREV*IP*-ABBREV* unreachables option can be disabled with the following command:*NEWPARA**COMMAND*set ip unreachable disable*-COMMAND*"; +const char *report_icmpunreach_context = "IP unreachables have not been disabled on all interfaces"; +const char *report_icmpunreach_rectext = "Disable IP unreachables on all interfaces"; + +// ICMP Mask Reply +const char *report_maskreply_title = "ICMP Mask Reply"; +const char *report_maskreply_table = "Interfaces with ICMP mask reply enabled"; +const char *report_maskreply_obs = "*ABBREV*ICMP*-ABBREV* mask reply messages inform network hosts of the *ABBREV*TCP*-ABBREV*/*ABBREV*IP*-ABBREV* network mask for a network segment. This protocol can now be regarded as legacy as it has been superseded by protocols such as *ABBREV*DHCP*-ABBREV*, or hosts will already be configured with this information.*NEWPARA**COMPANY* determined that the Cisco device *DEVICENAME* had the *ABBREV*ICMP*-ABBREV* mask reply option enabled on the interface*SINGULA* *NONEWPARA**-SINGULA**PLAURAL*s listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_maskreply_impact = "An attacker could use the *ABBREV*ICMP*-ABBREV* mask reply feature to gain additional information about the network configuration."; +const char *report_maskreply_ease = "Tools are available on the Internet that can perform *ABBREV*ICMP*-ABBREV* mask requests."; +const char *report_maskreply_rec = "*COMPANY* recommends that, if not required, *ABBREV*ICMP*-ABBREV* mask reply be disabled on all network interfaces. *ABBREV*ICMP*-ABBREV* mask reply can be disabled on each individual network interface using the following command:*NEWPARA**COMMAND*no ip mask-reply*-COMMAND*"; +const char *report_maskreply_context = "ICMP Mask Reply is not disabled on all interfaces"; +const char *report_maskreply_rectext = "Disable ICMP Mask Reply on all interfaces"; + +// Enable Secret Password +const char *report_enablesec_title = "Enable Secret"; +const char *report_enablesec_obs = "Cisco IOS-based device enable passwords can be stored using an iterated *ABBREV*MD5*-ABBREV* hash, which is far stronger than the easily reversible Cisco type-7 encryption.*NEWPARA**COMPANY* identified *NUMBER* enable password*SINGULA* that was*-SINGULA**PLAURAL*s that were*-PLAURAL* not stored using the *ABBREV*MD5*-ABBREV* hash."; +const char *report_enablesec_impact = "An attacker could use an enable password from a Cisco device to access the device and possibly modify its configuration."; +const char *report_enablesec_ease = "An attacker who had access to the Cisco configuration file would easily be able to retrieve passwords that are stored in clear-text or using the Cisco type-7 encryption. However, an attacker who had access to a Cisco configuration file could brute-force any stronger *ABBREV*MD5*-ABBREV* passwords."; +const char *report_enablesec_rec = "*COMPANY* recommends that all enable passwords be stored using the *ABBREV*MD5*-ABBREV* hash. Enable passwords can be stored using the *ABBREV*MD5*-ABBREV* hash with the following Cisco *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*enable secret*-COMMAND*"; +const char *report_enablesec_context = "the enable password is not stored using the MD5 hash"; +const char *report_enablesec_rectext = "Store the enable password using the MD5 hash"; + +// Password Encryption +const char *report_passenc_title = "Service Password Encryption"; +const char *report_passenc_obs = "Cisco service passwords are stored by default in their clear-text form rather than being encrypted. However, it is possible to have these passwords stored using the reversible Cisco type-7 encryption.*NEWPARA**COMPANY* determined that the Cisco device *DEVICENAME* was not running the password encryption service that helps provide a basic level of encryption to passwords that otherwise would be stored in clear-text."; +const char *report_passenc_impact = "If a malicious user were to see a Cisco configuration that contained clear-text passwords, they could use the passwords to access the device. However, an attacker who had access to a Cisco configuration file would easily be able to reverse the passwords."; +const char *report_passenc_ease = "Even though it is trivial to reverse Cisco type-7 passwords, they do provide a greater level of security than clear-text passwords. Tools are widely available on the Internet that reverse Cisco type-7 passwords."; +const char *report_passenc_rec = "*COMPANY* recommends that the Cisco password encryption service be enabled. The Cisco password encryption service can be started with the following Cisco *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*service password-encryption*-COMMAND*"; +const char *report_passenc_context = "the service passwords are stored in clear-text"; +const char *report_passenc_rectext = "Configure the passwords to be stored using the Cisco type-7 algorithm"; + +// Banner +const char *report_banner_title = "Login Banner"; +const char *report_banner_obs = "A banner message can be shown to users who connect to one of the remote management services, such as Telnet. Typically banner messages will include information on the law with regard to unauthorised access to the device, warning users who do not have the authority to access the device about the consequences.*NEWPARA**COMPANY* determined that no login banner was configured."; +const char *report_banner_impact = "Attackers who have gained access to a device could avoid legal action if no banner is configured to warn against unauthorised access."; +const char *report_banner_ease = ""; +const char *report_banner_rec = "*COMPANY* recommends that a banner be configured that warns against unauthorised access. Banners are configured on Cisco devices using a delimiter character. A delimiter character is specified in the banner command and is used again to mark the end of the banner. The Cisco command to add a login banner, that is presented to users prior to authentication, is:*NEWPARA**COMMAND*banner login *CMDREQUIRE**CMDUSER*delimiter*-CMDUSER**-CMDREQUIRE* *CMDUSER*The banner text*-CMDUSER* *CMDREQUIRE**CMDUSER*delimiter*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_banner_context = "no login banner has been configured"; +const char *report_banner_rectext = "Configure a login banner"; + +// IP Domain Lookup +const char *report_lookup_title = "Domain Lookups"; +const char *report_lookup_obs = "Cisco *ABBREV*IOS*-ABBREV*-based devices support name lookups using the *ABBREV*DNS*-ABBREV*. However, if a *ABBREV*DNS*-ABBREV* server has not been configured, then the *ABBREV*DNS*-ABBREV* request is broadcast.*NEWPARA**COMPANY* determined that name lookups had not been disabled*SINGULA* and no *ABBREV*DNS*-ABBREV* servers had been configured*-SINGULA*."; +const char *report_lookup_impact = "An attacker who was able to capture network traffic could monitor *ABBREV*DNS*-ABBREV* queries from the *DEVICETYPE*. Furthermore, Cisco devices can connect to Telnet servers by supplying only the hostname or *ABBREV*IP*-ABBREV* address of the server. A mistyped Cisco command could be interpreted as an attempt to connect to a Telnet server and broadcast on the network."; +const char *report_lookup_ease = "It would be trivial for an attacker to capture network traffic*SINGULA* broadcast*-SINGULA* from a *DEVICETYPE*. Furthermore, network traffic capture tools are widely available on the Internet."; +const char *report_lookup_rec = "*COMPANY* recommends that domain lookups be disabled. Domain lookups can be disabled with the following command:*NEWPARA**COMMAND*no ip domain-lookup*-COMMAND**SINGULA**NEWLINE*If domain lookups are required, *COMPANY* recommends that *ABBREV*DNS*-ABBREV* be configured. *ABBREV*DNS*-ABBREV* can be configured with the following command:*NEWPARA**COMMAND*ip name-server *CMDREQUIRE**CMDUSER*IP address*-CMDUSER**-CMDREQUIRE**-COMMAND**-SINGULA*"; +const char *report_lookup_context = "domain lookups were enabled"; +const char *report_lookup_rectext = "Disable domain lookups"; + +// PAD +const char *report_pad_title = "Packet Assembler / Disassembler"; +const char *report_pad_obs = "The *ABBREV*PAD*-ABBREV* service enables X.25 connections between network systems. The *ABBREV*PAD*-ABBREV* service is enabled by default on most Cisco *ABBREV*IOS*-ABBREV* devices but it is only required if support for X.25 links is necessary.*NEWPARA**COMPANY* determined that the *ABBREV*PAD*-ABBREV* service had not been disabled."; +const char *report_pad_impact = "Running unused services increases the chances of an attacker finding a security hole or fingerprinting a device."; +const char *report_pad_ease = ""; +const char *report_pad_rec = "*COMPANY* recommends that, if not required, the *ABBREV*PAD*-ABBREV* service be disabled. Use the following command to disable the *ABBREV*PAD*-ABBREV* service:*NEWPARA**COMMAND*no service pad*-COMMAND*"; +const char *report_pad_context = "the PAD service was enabled"; +const char *report_pad_rectext = "Disable the PAD service"; + +// Maintenance Operations Protocol (MOP) +const char *report_mop_title = "Maintenance Operations Protocol"; +const char *report_mop_obs = "*ABBREV*MOP*-ABBREV* is used with the DECnet protocol suite. *ABBREV*MOP*-ABBREV* is enabled by default on ethernet interfaces in some versions of *ABBREV*IOS*-ABBREV*.*NEWPARA**COMPANY* determined that *ABBREV*MOP*-ABBREV* had not been disabled on all ethernet interfaces."; +const char *report_mop_impact = "Running unused services increases the chances of an attacker finding a security hole or fingerprinting a device."; +const char *report_mop_ease = ""; +const char *report_mop_rec = "*COMPANY* recommends that, if not required, *ABBREV*MOP*-ABBREV* be disabled on all ethernet interfaces. *ABBREV*MOP*-ABBREV* can be disabled on each interface with the following command:*NEWPARA**COMMAND*no mop enabled*-COMMAND*"; +const char *report_mop_context = "MOP had not been disabled on all interfaces"; +const char *report_mop_rectext = "Disable MOP on all interfaces"; + + +// ---------------------------------------------------------------------------------- +// Configuration Text... + +// Introduction +const char *report_config_intro_fw1 = "This section details the configuration settings of the *DEVICETYPE* firewall."; +const char *report_config_intro = "This section details the configuration settings of the *DEVICETYPE* device *DEVICENAME*."; +const char *report_config_title = "Device Configuration"; + +// General +const char *settings_general_title = "General"; +const char *settings_general_table = "General device settings"; + +// General Configuration Table Headings... +struct tableHeading settings_general_heading1 = {false, 7, "Setting", 0}; +struct tableHeading settings_general_heading = {false, 3, "Description", &settings_general_heading1}; + +// DNS Settings +const char *settings_dns_title = "Domain Name Settings"; +const char *settings_dns_table = "Domain name settings"; + +// Time Zone Settings +const char *settings_timezone_title = "Time Zone Settings"; +const char *settings_timezone_table = "Time zone settings"; + +// Administrative Settings +const char *settings_admin_title = "Administrative Settings"; +const char *settings_admin_table = "Administrative settings"; +const char *settings_admins_table = "Administrative users"; +struct tableHeading settings_admins_heading3 = {false, 1, "Trustee", 0}; +struct tableHeading settings_admins_heading2 = {false, 2, "Privilege", &settings_admins_heading3}; +struct tableHeading settings_admins_heading1 = {true, 2, "Encrypted Password", &settings_admins_heading2}; +struct tableHeading settings_admins_heading = {false, 2, "Username", &settings_admins_heading1}; + +// Authentication Servers +const char *settings_authservers_title = "Authentication Servers"; +const char *settings_authservers_table = "Authentication servers"; +struct tableHeading settings_authservers_heading8 = {true, 3, "Secret / Key", 0}; +struct tableHeading settings_authservers_heading7 = {false, 3, "Interface", &settings_authservers_heading8}; +struct tableHeading settings_authservers_heading6 = {false, 2, "Forced Timeout", &settings_authservers_heading7}; +struct tableHeading settings_authservers_heading5 = {false, 2, "Timeout", &settings_authservers_heading6}; +struct tableHeading settings_authservers_heading4 = {false, 3, "Backup(s)", &settings_authservers_heading5}; +struct tableHeading settings_authservers_heading3 = {false, 3, "Server", &settings_authservers_heading4}; +struct tableHeading settings_authservers_heading2 = {false, 3, "Type", &settings_authservers_heading3}; +struct tableHeading settings_authservers_heading1 = {false, 3, "Server Name", &settings_authservers_heading2}; +struct tableHeading settings_authservers_heading = {false, 1, "ID", &settings_authservers_heading1}; + +// User Accounts and Privilages +const char *settings_users_title = "User Accounts and Privilages"; +const char *settings_passwords_title = "Passwords"; +struct tableHeading settings_passwords_heading1 = {true, 1, "Encrypted Password", 0}; +struct tableHeading settings_passwords_heading = {false, 1, "Login", &settings_passwords_heading1}; +const char *settings_enable_table = "Enable Passwords"; +struct tableHeading report_enable_heading2 = {false, 1, "Encryption", 0}; +struct tableHeading report_enable_heading1 = {true, 2, "Password", &report_enable_heading2}; +struct tableHeading report_enable_heading = {false, 1, "Level", &report_enable_heading1}; +struct tableHeading report_enablepix_heading1 = {true, 2, "Encrypted Password", 0}; +struct tableHeading report_enablepix_heading = {false, 1, "Level", &report_enablepix_heading1}; +const char *settings_users_table = "User Accounts"; +struct tableHeading report_users_heading3 = {false, 1, "Encryption", 0}; +struct tableHeading report_users_heading2 = {true, 1, "Password", &report_users_heading3}; +struct tableHeading report_users_heading1 = {false, 2, "Privilage", &report_users_heading2}; +struct tableHeading report_users_heading = {false, 1, "Username", &report_users_heading1}; +struct tableHeading report_userspix_heading3 = {true, 2, "Encrypted Password", 0}; +struct tableHeading report_userspix_heading2 = {false, 1, "Encryption", &report_userspix_heading3}; +struct tableHeading report_userspix_heading1 = {false, 1, "Level", &report_userspix_heading2}; +struct tableHeading report_userspix_heading = {false, 2, "Username", &report_userspix_heading1}; +const char *settings_logon_password = "The configured logon password was encrypted as"; +const char *settings_privs_desc = "IOS-based Cisco devices have sixteen privilage levels between 0 and 15. The enable privilage level is 15 and user exec mode is level 1. *ABBREV*IOS*-ABBREV* commands are assigned to privilage levels 1 or 15 by default. However, *ABBREV*IOS*-ABBREV* commands can be moved to other privilage levels."; +const char *settings_privs_table = "Privilages"; +struct tableHeading report_privs_heading1 = {false, 2, "Command", 0}; +struct tableHeading report_privs_heading = {false, 1, "Privilage Level", &report_privs_heading1}; +const char *settings_banner_desc = "Login banners should provide a warning against unauthorised access to the device. The configured banner on *DEVICENAME* was:"; + +// Services +const char *settings_services_title = "Services"; +const char *settings_services_table = "Device services"; +struct tableHeading report_services_heading1 = {false, 1, "Status", 0}; +struct tableHeading report_services_heading = {false, 2, "Service", &report_services_heading1}; + +// Switch Configuration +const char *settings_switch_title = "Switch Configuration"; +const char *settings_switch_table = "General switch settings"; + +// Logging +const char *settings_logging_title = "Logging"; +const char *settings_logging_table = "Logging configuration"; + +// CDP +const char *settings_cdp_title = "Cisco Discovery Protocol"; +const char *settings_cdp_table = "Cisco Discovery Protocol configuration"; + +// SNMP +const char *settings_snmp_title = "Simple Network Management Protocol"; +const char *settings_snmp_desc = "*ABBREV*SNMP*-ABBREV* is used to assist network administrators in monitoring and managing a wide variety of network devices. There are three main versions of *ABBREV*SNMP*-ABBREV* in use. Versions 1 and 2 of *ABBREV*SNMP*-ABBREV* are both secured with a community string and authenticate and transmit network packets without any form of encryption. *ABBREV*SNMP*-ABBREV* version 3 provides several levels of authentication and encryption. The most basic level provides a similar protection to that of the earlier protocol versions. However, *ABBREV*SNMP*-ABBREV* version 3 can be configured to provide encrypted authentication (auth) and secured further with support for encrypted data communications (priv).*NEGATIVE* However, *DEVICETYPE* currently only support *ABBREV*SNMP*-ABBREV* versions 1 and 2.*-NEGATIVE*"; +const char *settings_snmp_table = "General SNMP service configuration"; +const char *settings_snmp_sos_table = "SNMP configuration"; +const char *settings_snmpstring_table = "SNMP community strings"; +struct tableHeading settings_snmp_css_heading1 = {false, 1, "Access Type", 0}; +struct tableHeading settings_snmp_css_heading = {true, 1, "Community", &settings_snmp_css_heading1}; +struct tableHeading settings_snmpstring_heading4 = {false, 1, "Enabled", 0}; +struct tableHeading settings_snmpstring_heading3 = {false, 2, "Access-List", &settings_snmpstring_heading4}; +struct tableHeading settings_snmpstring_heading2 = {false, 2, "View", &settings_snmpstring_heading3}; +struct tableHeading settings_snmpstring_heading1 = {false, 2, "Access", &settings_snmpstring_heading2}; +struct tableHeading settings_snmpstring_heading = {true, 3, "Community", &settings_snmpstring_heading1}; +struct tableHeading settings_snmpcomm_heading2 = {false, 1, "Access Type", 0}; +struct tableHeading settings_snmpcomm_heading1 = {true, 1, "Community String", &settings_snmpcomm_heading2}; +struct tableHeading settings_snmpcomm_heading = {false, 1, "Community Type", &settings_snmpcomm_heading1}; +const char *settings_snmpview_table = "SNMP View"; +struct tableHeading settings_snmpview_heading1 = {false, 1, "Access", 0}; +struct tableHeading settings_snmpview_heading = {false, 3, "SNMP MIB", &settings_snmpview_heading1}; +const char *settings_snmpgroups_table = "SNMP groups"; +struct tableHeading settings_snmpgroups_heading6 = {false, 1, "ACL", 0}; +struct tableHeading settings_snmpgroups_heading5 = {false, 1, "Context", &settings_snmpgroups_heading6}; +struct tableHeading settings_snmpgroups_heading4 = {false, 1, "Notify View", &settings_snmpgroups_heading5}; +struct tableHeading settings_snmpgroups_heading3 = {false, 1, "Write View", &settings_snmpgroups_heading4}; +struct tableHeading settings_snmpgroups_heading2 = {false, 1, "Read View", &settings_snmpgroups_heading3}; +struct tableHeading settings_snmpgroups_heading1 = {false, 1, "SNMP Version", &settings_snmpgroups_heading2}; +struct tableHeading settings_snmpgroups_heading = {false, 1, "Name", &settings_snmpgroups_heading1}; +const char *settings_snmpgroup_table1 = "SNMP v1 group "; +const char *settings_snmpgroup_table2 = "SNMP v2c group "; +const char *settings_snmpgroup_table3 = "SNMP v3 (No Auth) group "; +const char *settings_snmpgroup_table4 = "SNMP v3 (Auth) group "; +const char *settings_snmpgroup_table5 = "SNMP v3 (Auth and Priv) group "; +const char *settings_snmpgroup_table6 = "SNMP users not in a group"; +struct tableHeading settings_snmpnoauth_heading1 = {false, 1, "ACL", 0}; +struct tableHeading settings_snmpnoauth_heading = {false, 1, "Username", &settings_snmpnoauth_heading1}; +struct tableHeading settings_snmpauth_heading3 = {false, 1, "ACL", 0}; +struct tableHeading settings_snmpauth_heading2 = {false, 1, "Auth Encryption", &settings_snmpauth_heading3}; +struct tableHeading settings_snmpauth_heading1 = {true, 1, "Auth Password", &settings_snmpauth_heading2}; +struct tableHeading settings_snmpauth_heading = {false, 1, "Username", &settings_snmpauth_heading1}; +struct tableHeading settings_snmppriv_heading5 = {false, 1, "ACL", 0}; +struct tableHeading settings_snmppriv_heading4 = {false, 1, "Priv Encryption", &settings_snmppriv_heading5}; +struct tableHeading settings_snmppriv_heading3 = {true, 1, "Priv Password", &settings_snmppriv_heading4}; +struct tableHeading settings_snmppriv_heading2 = {false, 1, "Auth Encryption", &settings_snmppriv_heading3}; +struct tableHeading settings_snmppriv_heading1 = {true, 1, "Auth Password", &settings_snmppriv_heading2}; +struct tableHeading settings_snmppriv_heading = {false, 1, "Username", &settings_snmppriv_heading1}; +const char *settings_snmphost_table = "SNMP hosts"; +struct tableHeading settings_snmphost_heading2 = {true, 1, "Community String", 0}; +struct tableHeading settings_snmphost_heading1 = {false, 1, "SNMP Version", &settings_snmphost_heading2}; +struct tableHeading settings_snmphost_heading = {false, 1, "SNMP Host", &settings_snmphost_heading1}; +struct tableHeading settings_snmphosts_heading5 = {false, 1, "Index", 0}; +struct tableHeading settings_snmphosts_heading4 = {false, 1, "Owner", &settings_snmphosts_heading5}; +struct tableHeading settings_snmphosts_heading3 = {false, 1, "Port", &settings_snmphosts_heading4}; +struct tableHeading settings_snmphosts_heading2 = {false, 1, "Version", &settings_snmphosts_heading3}; +struct tableHeading settings_snmphosts_heading1 = {true, 1, "Community", &settings_snmphosts_heading2}; +struct tableHeading settings_snmphosts_heading = {false, 1, "Host", &settings_snmphosts_heading1}; +struct tableHeading settings_snmpPIXhosts_heading5 = {false, 1, "Access", 0}; +struct tableHeading settings_snmpPIXhosts_heading4 = {false, 1, "UDP Port", &settings_snmpPIXhosts_heading5}; +struct tableHeading settings_snmpPIXhosts_heading3 = {false, 1, "Version", &settings_snmpPIXhosts_heading4}; +struct tableHeading settings_snmpPIXhosts_heading2 = {true, 1, "Community", &settings_snmpPIXhosts_heading3}; +struct tableHeading settings_snmpPIXhosts_heading1 = {false, 1, "Address", &settings_snmpPIXhosts_heading2}; +struct tableHeading settings_snmpPIXhosts_heading = {false, 1, "Interface", &settings_snmpPIXhosts_heading1}; +const char *settings_snmptrap_table = "SNMP traps"; +struct tableHeading settings_snmptrap_heading = {false, 1, "SNMP Trap", 0}; +struct tableHeading settings_snmptraps_heading1 = {false, 1, "Trap", 0}; +struct tableHeading settings_snmptraps_heading = {false, 1, "Status", &settings_snmptraps_heading1}; +struct tableHeading settings_snmpPIXtraps_heading1 = {false, 1, "Trap", 0}; +struct tableHeading settings_snmpPIXtraps_heading = {false, 1, "Type", &settings_snmpPIXtraps_heading1}; +struct tableHeading settings_snmpstring_sos_heading4 = {false, 1, "Traffic Traps", 0}; +struct tableHeading settings_snmpstring_sos_heading3 = {false, 1, "Traps", &settings_snmpstring_sos_heading4}; +struct tableHeading settings_snmpstring_sos_heading2 = {false, 2, "Access", &settings_snmpstring_sos_heading3}; +struct tableHeading settings_snmpstring_sos_heading1 = {false, 1, "SNMP Version", &settings_snmpstring_sos_heading2}; +struct tableHeading settings_snmpstring_sos_heading = {true, 2, "Community", &settings_snmpstring_sos_heading1}; +struct tableHeading settings_snmphost_sos_heading3 = {false, 2, "Interface", 0}; +struct tableHeading settings_snmphost_sos_heading2 = {false, 1, "SNMP Version", &settings_snmphost_sos_heading3}; +struct tableHeading settings_snmphost_sos_heading1 = {false, 2, "Community", &settings_snmphost_sos_heading2}; +struct tableHeading settings_snmphost_sos_heading = {false, 2, "Host", &settings_snmphost_sos_heading1}; + +// SSH +const char *settings_ssh_title = "Secure Shell"; +const char *settings_ssh_table = "SSH configuration"; +const char *settings_sshman_table = "SSH remote management hosts"; +struct tableHeading settings_sshman_heading2 = {false, 1, "Interface", 0}; +struct tableHeading settings_sshman_heading1 = {false, 1, "Netmask", &settings_sshman_heading2}; +struct tableHeading settings_sshman_heading = {false, 1, "Host", &settings_sshman_heading1}; +const char *settings_sshint_table = "SSH server network interfaces"; +struct tableHeading settings_sshint_heading = {false, 1, "Network Interface", 0}; + +// NTP +const char *settings_ntp_title = "Network Time Protocol"; +const char *settings_ntp_table = "NTP configuration"; +const char *settings_ntpserv_table = "NTP servers"; +struct tableHeading settings_ntpserv_heading1 = {false, 1, "NTP Key Number", 0}; +struct tableHeading settings_ntpserv_heading = {false, 1, "NTP Server", &settings_ntpserv_heading1}; +const char *settings_ntppeer_table = "NTP peers"; +struct tableHeading settings_ntppeer_heading1 = {false, 1, "NTP Key Number", 0}; +struct tableHeading settings_ntppeer_heading = {false, 1, "NTP Peer", &settings_ntppeer_heading1}; +const char *settings_ntpkeys_table = "NTP keys"; +struct tableHeading settings_ntpkeys_heading2 = {true, 2, "Key", 0}; +struct tableHeading settings_ntpkeys_heading1 = {false, 1, "Trusted", &settings_ntpkeys_heading2}; +struct tableHeading settings_ntpkeys_heading = {false, 1, "NTP Key Number", &settings_ntpkeys_heading1}; +const char *settings_ntpaccess_table = "NTP access groups"; +struct tableHeading settings_ntpaccess_heading1 = {false, 1, "Access-List Number", 0}; +struct tableHeading settings_ntpaccess_heading = {false, 1, "Access Type", &settings_ntpaccess_heading1}; + +// FTP +const char *settings_ftp_title = "File Transfer Protocol"; +const char *settings_ftp_table = "FTP client configuration"; +const char *settings_ftpint_table = "FTP client source network interfaces"; + +// HTTP +const char *settings_http_title = "HyperText Transfer Protocol"; +const char *settings_http_table = "HTTP configuration"; +const char *settings_httphosts_table = "Allowed HTTP clients"; +struct tableHeading settings_httphosts_heading2 = {false, 2, "Net Mask", 0}; +struct tableHeading settings_httphosts_heading1 = {false, 1, "IP Address", &settings_httphosts_heading2}; +struct tableHeading settings_httphosts_heading = {false, 1, "Interface", &settings_httphosts_heading1}; + +// TACACS +const char *settings_tacacs_title = "Terminal Access Controller Access Control System"; +const char *settings_tacacs_table = "TACACS configuration"; +const char *settings_tacacsserv_table = "TACACS servers"; +struct tableHeading settings_tacacsserv_heading = {false, 1, "TACACS Server", 0}; + +// AAA +const char *settings_aaa_title = "Authentication, Authorization and Accounting"; +const char *settings_aaa_table1 = "AAA servers for user"; +const char *settings_aaa_table2 = "using RADIUS"; +const char *settings_aaa_table3 = "using TACACS"; +const char *settings_aaa_table4 = "using Kerberos"; +struct tableHeading settings_aaa_heading4 = {false, 1, "Key Encryption", 0}; +struct tableHeading settings_aaa_heading3 = {true, 1, "Key", &settings_aaa_heading4}; +struct tableHeading settings_aaa_heading2 = {false, 1, "Acct Port", &settings_aaa_heading3}; +struct tableHeading settings_aaa_heading1 = {false, 1, "Auth Port", &settings_aaa_heading2}; +struct tableHeading settings_aaa_heading = {false, 1, "Server", &settings_aaa_heading1}; + +// NAT & PAT +const char *settings_natpat_title = "NAT and PAT"; +const char *settings_nat_title = "NAT"; +const char *settings_natpat_desc = "*ABBREV*NAT*-ABBREV* is used to map an *ABBREV*IP*-ABBREV* address to an alternative *ABBREV*IP*-ABBREV* address and is commonly used to map internal network *ABBREV*IP*-ABBREV* addresses to Internet visible *ABBREV*IP*-ABBREV* addresses.*SINGULA* *ABBREV*PAT*-ABBREV* is similar to *ABBREV*NAT*-ABBREV*, except *ABBREV*PAT*-ABBREV* is used to map network protocols and ports. There are two different types of *ABBREV*NAT*-ABBREV* and *ABBREV*PAT*-ABBREV*, static and dynamic. Static *ABBREV*NAT*-ABBREV* and *ABBREV*PAT*-ABBREV* create a fixed translation, whereas with dynamic *ABBREV*NAT*-ABBREV* and *ABBREV*PAT*-ABBREV* each host uses a different address or port for each translation. Static *ABBREV*NAT*-ABBREV* and *ABBREV*PAT*-ABBREV* can allow a remote host to initiate a connection.*-SINGULA**PLAURAL* There are four different types of *ABBREV*NAT*-ABBREV* on *DEVICETYPE* devices, dynamic *ABBREV*NAT*-ABBREV*, static *ABBREV*NAT*-ABBREV*, port static *ABBREV*NAT*-ABBREV* and network static *ABBREV*NAT*-ABBREV*. Static *ABBREV*NAT*-ABBREV* translates one specific *ABBREV*IP*-ABBREV* address into another specific *ABBREV*IP*-ABBREV* address. Dynamic *ABBREV*NAT*-ABBREV* translates an *ABBREV*IP*-ABBREV* address into one of a pool of *ABBREV*IP*-ABBREV* addresses. Port static *ABBREV*NAT*-ABBREV* translates a specific *ABBREV*IP*-ABBREV* address and port to another specific *ABBREV*IP*-ABBREV* address and port. Finally, network static *ABBREV*NAT*-ABBREV* translates a specific network subnet to another specific network subnet.*-PLAURAL*"; +struct tableHeading settings_natstatic_heading3 = {false, 1, "To", 0}; +struct tableHeading settings_natstatic_heading2 = {false, 1, "From", &settings_natstatic_heading3}; +struct tableHeading settings_natstatic_heading1 = {false, 1, "IPSec-ESP", &settings_natstatic_heading2}; +struct tableHeading settings_natstatic_heading = {false, 1, "Source", &settings_natstatic_heading1}; +const char *settings_nat_dynamic_table = "Dynamic NAT"; +struct tableHeading settings_natdynamic_heading4 = {false, 1, "To", 0}; +struct tableHeading settings_natdynamic_heading3 = {false, 1, "To Type", &settings_natdynamic_heading4}; +struct tableHeading settings_natdynamic_heading2 = {false, 1, "From", &settings_natdynamic_heading3}; +struct tableHeading settings_natdynamic_heading1 = {false, 1, "From Type", &settings_natdynamic_heading2}; +struct tableHeading settings_natdynamic_heading = {false, 1, "Source", &settings_natdynamic_heading1}; +const char *settings_nat_portstatic_table = "Port static NAT"; +struct tableHeading settings_natportstat_heading5 = {false, 1, "To Port", 0}; +struct tableHeading settings_natportstat_heading4 = {false, 1, "To", &settings_natportstat_heading5}; +struct tableHeading settings_natportstat_heading3 = {false, 1, "From Port", &settings_natportstat_heading4}; +struct tableHeading settings_natportstat_heading2 = {false, 1, "From", &settings_natportstat_heading3}; +struct tableHeading settings_natportstat_heading1 = {false, 1, "Protocol", &settings_natportstat_heading2}; +struct tableHeading settings_natportstat_heading = {false, 1, "Source", &settings_natportstat_heading1}; +const char *settings_nat_netstatic_table = "Network static NAT"; +struct tableHeading settings_natnetstatic_heading3 = {false, 1, "Network Mask", 0}; +struct tableHeading settings_natnetstatic_heading2 = {false, 1, "To Network", &settings_natnetstatic_heading3}; +struct tableHeading settings_natnetstatic_heading1 = {false, 1, "From Network", &settings_natnetstatic_heading2}; +struct tableHeading settings_natnetstatic_heading = {false, 1, "Source", &settings_natnetstatic_heading1}; +const char *settings_nat_static_table = "Static NAT"; +struct tableHeading settings_nat_static_heading9 = {false, 1, "Max UDP", 0}; +struct tableHeading settings_nat_static_heading8 = {false, 1, "Max Embrionic", &settings_nat_static_heading9}; +struct tableHeading settings_nat_static_heading7 = {false, 1, "Max TCP", &settings_nat_static_heading8}; +struct tableHeading settings_nat_static_heading6 = {false, 1, "Nailed", &settings_nat_static_heading7}; +struct tableHeading settings_nat_static_heading5 = {false, 1, "Rand. Seq. No.", &settings_nat_static_heading6}; +struct tableHeading settings_nat_static_heading4 = {false, 1, "DNS Update", &settings_nat_static_heading5}; +struct tableHeading settings_nat_static_heading3 = {false, 2, "Mapped IP", &settings_nat_static_heading4}; +struct tableHeading settings_nat_static_heading2 = {false, 2, "Mapped Interface", &settings_nat_static_heading3}; +struct tableHeading settings_nat_static_heading1 = {false, 3, "Source", &settings_nat_static_heading2}; +struct tableHeading settings_nat_static_heading = {false, 2, "Interface", &settings_nat_static_heading1}; +const char *settings_pat_static_table = "Static PAT"; +struct tableHeading settings_pat_static_heading10 = {false, 1, "Max UDP", 0}; +struct tableHeading settings_pat_static_heading9 = {false, 1, "Max Embrionic", &settings_pat_static_heading10}; +struct tableHeading settings_pat_static_heading8 = {false, 1, "Max TCP", &settings_pat_static_heading9}; +struct tableHeading settings_pat_static_heading7 = {false, 1, "Nailed", &settings_pat_static_heading8}; +struct tableHeading settings_pat_static_heading6 = {false, 1, "Rand. Seq. No.", &settings_pat_static_heading7}; +struct tableHeading settings_pat_static_heading5 = {false, 1, "DNS Update", &settings_pat_static_heading6}; +struct tableHeading settings_pat_static_heading4 = {false, 2, "Mapped IP", &settings_pat_static_heading5}; +struct tableHeading settings_pat_static_heading3 = {false, 2, "Mapped Interface", &settings_pat_static_heading4}; +struct tableHeading settings_pat_static_heading2 = {false, 3, "Source", &settings_pat_static_heading3}; +struct tableHeading settings_pat_static_heading1 = {false, 2, "Interface", &settings_pat_static_heading2}; +struct tableHeading settings_pat_static_heading = {false, 1, "Protocol", &settings_pat_static_heading1}; + +// Routing +const char *settings_routing_title = "Routing"; +const char *settings_routing_desc = "A network device's routing tables can be configured with static routes or updated dynamically. Routing protocols are used by network routing devices to dynamically update the routing tables that devices use to forward network traffic to their destination. Router protocols can be split into two different categories; *ABBREV*IGPs*-ABBREV* and *ABBREV*EGPs*-ABBREV*. *ABBREV*IGPs*-ABBREV* are usually used in situations where the routing devices are all controlled by a single entity, such as within a company. *ABBREV*EGPs*-ABBREV* are usually used in situations where routing devices are managed by a number of entities, such as the Internet. Typically routing devices support a number of standard routing protocols."; +const char *settings_static_route_table = "Static routes"; +struct tableHeading settings_routeIOS_heading2 = {false, 1, "Gateway", 0}; +struct tableHeading settings_routeIOS_heading1 = {false, 1, "Net Mask", &settings_routeIOS_heading2}; +struct tableHeading settings_routeIOS_heading = {false, 1, "IP Address", &settings_routeIOS_heading1}; +struct tableHeading settings_route_heading6 = {false, 1, "Tunelled", 0}; +struct tableHeading settings_route_heading5 = {false, 1, "Tracking", &settings_route_heading6}; +struct tableHeading settings_route_heading4 = {false, 1, "Metric", &settings_route_heading5}; +struct tableHeading settings_route_heading3 = {false, 2, "Gateway", &settings_route_heading4}; +struct tableHeading settings_route_heading2 = {false, 2, "Net Mask", &settings_route_heading3}; +struct tableHeading settings_route_heading1 = {false, 2, "IP Address", &settings_route_heading2}; +struct tableHeading settings_route_heading = {false, 2, "Interface", &settings_route_heading1}; +const char *settings_routemap_desc = "Route maps can be configured to implement policy-based routing or to redistribute a route from one routing protocol into another routing protocol. Multiple route maps can be configured with the same map tag (name) and a sequence number used to determine their sequence."; +const char *settings_routemap_table = "Route maps"; +struct tableHeading settings_routeMap_heading2 = {false, 1, "Access", 0}; +struct tableHeading settings_routeMap_heading1 = {false, 1, "Sequence", &settings_routeMap_heading2}; +struct tableHeading settings_routeMap_heading = {false, 1, "Map Tag", &settings_routeMap_heading1}; + +// VRRP +const char *settings_vrrp_desc = "*ABBREV*VRRP*-ABBREV* is used to provide router load balancing and redundancy against a single point of failure. A *ABBREV*VRRP*-ABBREV* master router will send advertisements to other routers in the same *ABBREV*VRRP*-ABBREV* group. If the master *ABBREV*VRRP*-ABBREV* router fails, the other routers in the *ABBREV*VRRP*-ABBREV* group hold an election to determine which router will become the new master."; +const char *settings_vrrp_table = "VRRP configuration"; +struct tableHeading settings_vrrp_interface_heading9 = {false, 1, "Active", 0}; +struct tableHeading settings_vrrp_interface_heading8 = {true, 2, "Password", &settings_vrrp_interface_heading9}; +struct tableHeading settings_vrrp_interface_heading7 = {false, 2, "Authentication", &settings_vrrp_interface_heading8}; +struct tableHeading settings_vrrp_interface_heading6 = {false, 1, "Priority", &settings_vrrp_interface_heading7}; +struct tableHeading settings_vrrp_interface_heading5 = {false, 2, "Secondary IP", &settings_vrrp_interface_heading6}; +struct tableHeading settings_vrrp_interface_heading4 = {false, 2, "IP Address", &settings_vrrp_interface_heading5}; +struct tableHeading settings_vrrp_interface_heading3 = {false, 3, "Description", &settings_vrrp_interface_heading4}; +struct tableHeading settings_vrrp_interface_heading2 = {false, 1, "VRRP", &settings_vrrp_interface_heading3}; +struct tableHeading settings_vrrp_interface_heading1 = {false, 1, "VRRP Group", &settings_vrrp_interface_heading2}; +struct tableHeading settings_vrrp_interface_heading = {false, 2, "Interface", &settings_vrrp_interface_heading1}; + +// RIP +const char *settings_rip_desc = "*ABBREV*RIP*-ABBREV* is an *ABBREV*IGP*-ABBREV* and calculates routes using a distance vector. *ABBREV*RIP*-ABBREV* is only suitable for small networks, routing updates are sent every 30 seconds and contain the entire routing table. Furthermore, *ABBREV*RIP*-ABBREV* has a maximum distance of 15 hops. If *ABBREV*RIP*-ABBREV* routes have not been updated within three minutes the route is marked as unusable. Routes not updated within four minutes are removed."; +const char *settings_rip_table = "RIP configuration"; +const char *settings_rip_interface_table = "RIP network interface configuration"; +struct tableHeading settings_rip_interface_heading8 = {false, 1, "Triggered", 0}; +struct tableHeading settings_rip_interface_heading7 = {false, 1, "v2 Broadcast", &settings_rip_interface_heading8}; +struct tableHeading settings_rip_interface_heading6 = {false, 1, "Receive Version", &settings_rip_interface_heading7}; +struct tableHeading settings_rip_interface_heading5 = {false, 1, "Send Version", &settings_rip_interface_heading6}; +struct tableHeading settings_rip_interface_heading4 = {false, 1, "Key Chain", &settings_rip_interface_heading5}; +struct tableHeading settings_rip_interface_heading3 = {false, 1, "Authentication", &settings_rip_interface_heading4}; +struct tableHeading settings_rip_interface_heading2 = {false, 1, "IP Address", &settings_rip_interface_heading3}; +struct tableHeading settings_rip_interface_heading1 = {false, 1, "Description", &settings_rip_interface_heading2}; +struct tableHeading settings_rip_interface_heading = {false, 1, "Interface", &settings_rip_interface_heading1}; +const char *settings_rip_neightbor_table = "RIP neighbors"; +struct tableHeading settings_rip_neightbor_heading = {false, 1, "RIP Neighbor", 0}; +const char *settings_rip_networks_table = "RIP networks"; +struct tableHeading settings_rip_networks_heading = {false, 1, "RIP Network", 0}; + +// EIGRP +const char *settings_eigrp_desc = "*ABBREV*EIGRP*-ABBREV* is an *ABBREV*IGP*-ABBREV* and is a distance vector based protocol like *ABBREV*RIP*-ABBREV*, but incorporates some features from link state protocols such as *ABBREV*OSPF*-ABBREV*. *ABBREV*EIGRP*-ABBREV* was developed by Cisco as an enhanced version of *ABBREV*IGRP*-ABBREV*. Unlike *ABBREV*RIP*-ABBREV*, *ABBREV*EIGRP*-ABBREV* transmits changes to network routes to its neighbors and is suitable for larger networks."; +struct tableHeading settings_eigrp_interface_heading7 = {false, 1, "Bandwidth", 0}; +struct tableHeading settings_eigrp_interface_heading6 = {false, 2, "Key Chain", &settings_eigrp_interface_heading7}; +struct tableHeading settings_eigrp_interface_heading5 = {false, 1, "MD5 Auth", &settings_eigrp_interface_heading6}; +struct tableHeading settings_eigrp_interface_heading4 = {false, 1, "Passive", &settings_eigrp_interface_heading5}; +struct tableHeading settings_eigrp_interface_heading3 = {false, 1, "Active", &settings_eigrp_interface_heading4}; +struct tableHeading settings_eigrp_interface_heading2 = {false, 2, "IP Address", &settings_eigrp_interface_heading3}; +struct tableHeading settings_eigrp_interface_heading1 = {false, 2, "Description", &settings_eigrp_interface_heading2}; +struct tableHeading settings_eigrp_interface_heading = {false, 2, "Interface", &settings_eigrp_interface_heading1}; + +// BGP +const char *settings_bgp_desc = "*ABBREV*BGP*-ABBREV* is an *ABBREV*EGP*-ABBREV*. *ABBREV*BGP*-ABBREV* route updates are sent from defined *ABBREV*BGP*-ABBREV* peers using *ABBREV*TCP*-ABBREV* connections."; +struct tableHeading settings_bgp_heading5 = {false, 1, "TTL Hops", 0}; +struct tableHeading settings_bgp_heading4 = {false, 2, "Autonomous Number", &settings_bgp_heading5}; +struct tableHeading settings_bgp_heading3 = {false, 3, "Password Encryption", &settings_bgp_heading4}; +struct tableHeading settings_bgp_heading2 = {true, 3, "Password", &settings_bgp_heading3}; +struct tableHeading settings_bgp_heading1 = {false, 5, "Description", &settings_bgp_heading2}; +struct tableHeading settings_bgp_heading = {false, 2, "Neibhbor", &settings_bgp_heading1}; +struct tableHeading settings_bgp_interface_heading4 = {false, 1, "Passive", 0}; +struct tableHeading settings_bgp_interface_heading3 = {false, 1, "Active", &settings_bgp_interface_heading4}; +struct tableHeading settings_bgp_interface_heading2 = {false, 2, "IP Address", &settings_bgp_interface_heading3}; +struct tableHeading settings_bgp_interface_heading1 = {false, 2, "Description", &settings_bgp_interface_heading2}; +struct tableHeading settings_bgp_interface_heading = {false, 2, "Interface", &settings_bgp_interface_heading1}; + +// OSPF +const char *settings_ospf_desc = "*ABBREV*OSPF*-ABBREV* protocol is an *ABBREV*IGP*-ABBREV*. *ABBREV*OSPF*-ABBREV* packets are sent when the network configuration changes, such as when a route goes down, and the packets only contain the change. Since the information sent in *ABBREV*OSPF*-ABBREV* packets is limited to any network changes, the protocol is well suited to complex network configurations.*NEWPARA*For *ABBREV*OSPF*-ABBREV* to work on a network interface it must be included within an *ABBREV*OSPF*-ABBREV* network area."; +struct tableHeading settings_ospf_network_heading2 = {false, 1, "Area ID", 0}; +struct tableHeading settings_ospf_network_heading1 = {false, 2, "Network Mask", &settings_ospf_network_heading2}; +struct tableHeading settings_ospf_network_heading = {false, 2, "Network", &settings_ospf_network_heading1}; +struct tableHeading settings_ospf_area_heading2 = {false, 1, "Authentication", 0}; +struct tableHeading settings_ospf_area_heading1 = {false, 1, "Default Cost", &settings_ospf_area_heading2}; +struct tableHeading settings_ospf_area_heading = {false, 1, "Area ID", &settings_ospf_area_heading1}; +struct tableHeading settings_ospf_interface_heading7 = {false, 1, "OSPF Mode", 0}; +struct tableHeading settings_ospf_interface_heading6 = {false, 1, "Flood Reduction", &settings_ospf_interface_heading7}; +struct tableHeading settings_ospf_interface_heading5 = {false, 1, "Key Encryption", &settings_ospf_interface_heading6}; +struct tableHeading settings_ospf_interface_heading4 = {true, 1, "Authentication Key", &settings_ospf_interface_heading5}; +struct tableHeading settings_ospf_interface_heading3 = {false, 1, "Authentication", &settings_ospf_interface_heading4}; +struct tableHeading settings_ospf_interface_heading2 = {false, 1, "IP Address", &settings_ospf_interface_heading3}; +struct tableHeading settings_ospf_interface_heading1 = {false, 1, "Description", &settings_ospf_interface_heading2}; +struct tableHeading settings_ospf_interface_heading = {false, 1, "Interface", &settings_ospf_interface_heading1}; +struct tableHeading settings_ospf_neighbor_heading4 = {false, 1, "Database Filter", 0}; +struct tableHeading settings_ospf_neighbor_heading3 = {false, 1, "Cost Number", &settings_ospf_neighbor_heading4}; +struct tableHeading settings_ospf_neighbor_heading2 = {false, 1, "Poll Interval", &settings_ospf_neighbor_heading3}; +struct tableHeading settings_ospf_neighbor_heading1 = {false, 1, "Priority", &settings_ospf_neighbor_heading2}; +struct tableHeading settings_ospf_neighbor_heading = {false, 2, "Host", &settings_ospf_neighbor_heading1}; + +// Keys and Key Chains +const char *settings_keys_title = "Key Chains and Keys"; +const char *settings_keys_table = "Key chains and keys"; +struct tableHeading settings_keys_heading2 = {true, 2, "Key", 0}; +struct tableHeading settings_keys_heading1 = {false, 1, "Key Number", &settings_keys_heading2}; +struct tableHeading settings_keys_heading = {false, 1, "Key Chain", &settings_keys_heading1}; + +// Lines +const char *settings_lines_title = "Lines"; +const char *settings_lines_text = "The Cisco line configuration settings are used to configure administrative access to the device. The console line type is used for accessing the Cisco device directly through a cable attached to the device's console port. The auxiliary lines are used for remote access to the device, typically through attached modems. The *ABBREV*VTY*-ABBREV* lines are used for access to the device through a remote access service such as *ABBREV*SSH*-ABBREV* or Telnet."; +const char *settings_lines_table = "Line configuration"; +struct tableHeading settings_lines_heading14 = {false, 3, "Password Encryption", 0}; +struct tableHeading settings_lines_heading13 = {true, 4, "Password", &settings_lines_heading14}; +struct tableHeading settings_lines_heading12 = {false, 3, "Absolute Timeout", &settings_lines_heading13}; +struct tableHeading settings_lines_heading11 = {false, 3, "Session Timeout", &settings_lines_heading12}; +struct tableHeading settings_lines_heading10 = {false, 3, "Exec Timeout", &settings_lines_heading11}; +struct tableHeading settings_lines_heading9 = {false, 2, "Timeout", &settings_lines_heading10}; +struct tableHeading settings_lines_heading8 = {false, 1, "SSH", &settings_lines_heading9}; +struct tableHeading settings_lines_heading7 = {false, 1, "Telnet", &settings_lines_heading8}; +struct tableHeading settings_lines_heading6 = {false, 3, "Accounting", &settings_lines_heading7}; +struct tableHeading settings_lines_heading5 = {false, 3, "Authorization", &settings_lines_heading6}; +struct tableHeading settings_lines_heading4 = {false, 2, "Exec", &settings_lines_heading5}; +struct tableHeading settings_lines_heading3 = {false, 2, "Logins", &settings_lines_heading4}; +struct tableHeading settings_lines_heading2 = {false, 1, "End Line", &settings_lines_heading3}; +struct tableHeading settings_lines_heading1 = {false, 1, "Start Line", &settings_lines_heading2}; +struct tableHeading settings_lines_heading = {false, 1, "Line Type", &settings_lines_heading1}; + +// VLANS +const char *settings_vlan_title = "VLAN Configuration"; +const char *settings_vlan_table = "VLAN configuration"; +struct tableHeading settings_vlan_heading8 = {false, 1, "All Routes Hops", 0}; +struct tableHeading settings_vlan_heading7 = {false, 1, "Spanning Tree Hops", &settings_vlan_heading8}; +struct tableHeading settings_vlan_heading6 = {false, 1, "MTU", &settings_vlan_heading7}; +struct tableHeading settings_vlan_heading5 = {false, 1, "SAID", &settings_vlan_heading6}; +struct tableHeading settings_vlan_heading4 = {false, 1, "Firewall Module", &settings_vlan_heading5}; +struct tableHeading settings_vlan_heading3 = {false, 2, "Type", &settings_vlan_heading4}; +struct tableHeading settings_vlan_heading2 = {false, 1, "Active", &settings_vlan_heading3}; +struct tableHeading settings_vlan_heading1 = {false, 2, "Name", &settings_vlan_heading2}; +struct tableHeading settings_vlan_heading = {false, 1, "VLAN", &settings_vlan_heading1}; + +// VTP +const char *settings_vtp_title = "VTP Configuration"; +const char *settings_vtp_table = "VTP configuration"; + +// Switchport +const char *settings_switchport_title = "Switchport Configuration"; +const char *settings_switchport_table = "Switchport configuration"; +struct tableHeading settings_switchport_heading6 = {false, 1, "Security Violation", 0}; +struct tableHeading settings_switchport_heading5 = {false, 1, "Port Security", &settings_switchport_heading6}; +struct tableHeading settings_switchport_heading4 = {false, 1, "Mode", &settings_switchport_heading5}; +struct tableHeading settings_switchport_heading3 = {false, 1, "VLAN", &settings_switchport_heading4}; +struct tableHeading settings_switchport_heading2 = {false, 2, "Description", &settings_switchport_heading3}; +struct tableHeading settings_switchport_heading1 = {false, 1, "Active", &settings_switchport_heading2}; +struct tableHeading settings_switchport_heading = {false, 1, "Interface", &settings_switchport_heading1}; + +// Ports +const char *settings_ports_title = "Port Configuration"; +struct tableHeading settings_ports_heading10 = {false, 1, "STP Guard", 0}; +struct tableHeading settings_ports_heading9 = {false, 1, "VLAN Trunk", &settings_ports_heading10}; +struct tableHeading settings_ports_heading8 = {false, 1, "Trunk", &settings_ports_heading9}; +struct tableHeading settings_ports_heading7 = {false, 1, "CDP", &settings_ports_heading8}; +struct tableHeading settings_ports_heading6 = {false, 1, "Port Security", &settings_ports_heading7}; +struct tableHeading settings_ports_heading5 = {false, 1, "Duplex", &settings_ports_heading6}; +struct tableHeading settings_ports_heading4 = {false, 1, "Speed", &settings_ports_heading5}; +struct tableHeading settings_ports_heading3 = {false, 1, "VLAN", &settings_ports_heading4}; +struct tableHeading settings_ports_heading2 = {false, 1, "Status", &settings_ports_heading3}; +struct tableHeading settings_ports_heading1 = {false, 2, "Name", &settings_ports_heading2}; +struct tableHeading settings_ports_heading = {false, 1, "Port", &settings_ports_heading1}; + + +// Interfaces +const char *settings_inter_title = "Interfaces"; +const char *settings_inter_table = "Interfaces"; +struct tableHeading settings_interIOSswitch_heading10 = {false, 4, "MOP", 0}; +struct tableHeading settings_interIOSswitch_heading9 = {false, 4, "CDP", &settings_interIOSswitch_heading10}; +struct tableHeading settings_interIOSswitch_heading8 = {false, 4, "NTP", &settings_interIOSswitch_heading9}; +struct tableHeading settings_interIOSswitch_heading7 = {false, 11, "IP Direct Broadcast", &settings_interIOSswitch_heading8}; +struct tableHeading settings_interIOSswitch_heading6 = {false, 7, "IP Mask Reply", &settings_interIOSswitch_heading7}; +struct tableHeading settings_interIOSswitch_heading5 = {false, 6, "IP Redirect", &settings_interIOSswitch_heading6}; +struct tableHeading settings_interIOSswitch_heading4 = {false, 10, "IP Unreachable", &settings_interIOSswitch_heading5}; +struct tableHeading settings_interIOSswitch_heading3 = {false, 6, "Proxy ARP", &settings_interIOSswitch_heading4}; +struct tableHeading settings_interIOSswitch_heading2 = {false, 15, "IP Address", &settings_interIOSswitch_heading3}; +struct tableHeading settings_interIOSswitch_heading1 = {false, 6, "Active", &settings_interIOSswitch_heading2}; +struct tableHeading settings_interIOSswitch_heading = {false, 15, "Interface", &settings_interIOSswitch_heading1}; +struct tableHeading settings_interIOS_heading11 = {false, 4, "MOP", 0}; +struct tableHeading settings_interIOS_heading10 = {false, 4, "uRPF", &settings_interIOS_heading11}; +struct tableHeading settings_interIOS_heading9 = {false, 4, "CDP", &settings_interIOS_heading10}; +struct tableHeading settings_interIOS_heading8 = {false, 4, "NTP", &settings_interIOS_heading9}; +struct tableHeading settings_interIOS_heading7 = {false, 11, "IP Direct Broadcast", &settings_interIOS_heading8}; +struct tableHeading settings_interIOS_heading6 = {false, 7, "IP Mask Reply", &settings_interIOS_heading7}; +struct tableHeading settings_interIOS_heading5 = {false, 6, "IP Redirect", &settings_interIOS_heading6}; +struct tableHeading settings_interIOS_heading4 = {false, 10, "IP Unreachable", &settings_interIOS_heading5}; +struct tableHeading settings_interIOS_heading3 = {false, 6, "Proxy ARP", &settings_interIOS_heading4}; +struct tableHeading settings_interIOS_heading2 = {false, 15, "IP Address", &settings_interIOS_heading3}; +struct tableHeading settings_interIOS_heading1 = {false, 6, "Active", &settings_interIOS_heading2}; +struct tableHeading settings_interIOS_heading = {false, 15, "Interface", &settings_interIOS_heading1}; +struct tableHeading settings_interSOS_heading12 = {false, 1, "Web", 0}; +struct tableHeading settings_interSOS_heading11 = {false, 1, "Telnet", &settings_interSOS_heading12}; +struct tableHeading settings_interSOS_heading10 = {false, 1, "SSL", &settings_interSOS_heading11}; +struct tableHeading settings_interSOS_heading9 = {false, 1, "SSH", &settings_interSOS_heading10}; +struct tableHeading settings_interSOS_heading8 = {false, 1, "SNMP", &settings_interSOS_heading9}; +struct tableHeading settings_interSOS_heading7 = {false, 1, "Ping", &settings_interSOS_heading8}; +struct tableHeading settings_interSOS_heading6 = {false, 1, "NS Management", &settings_interSOS_heading7}; +struct tableHeading settings_interSOS_heading5 = {false, 1, "MTrace", &settings_interSOS_heading6}; +struct tableHeading settings_interSOS_heading4 = {false, 1, "Ident Reset", &settings_interSOS_heading5}; +struct tableHeading settings_interSOS_heading3 = {false, 3, "Zone", &settings_interSOS_heading4}; +struct tableHeading settings_interSOS_heading2 = {false, 3, "IP Address", &settings_interSOS_heading3}; +struct tableHeading settings_interSOS_heading1 = {false, 1, "Active", &settings_interSOS_heading2}; +struct tableHeading settings_interSOS_heading = {false, 3, "Interface", &settings_interSOS_heading1}; +struct tableHeading settings_interpix_heading8 = {false, 10, "Out ACL", 0}; +struct tableHeading settings_interpix_heading7 = {false, 10, "In ACL", &settings_interpix_heading8}; +struct tableHeading settings_interpix_heading6 = {false, 5, "uRPF", &settings_interpix_heading7}; +struct tableHeading settings_interpix_heading5 = {false, 7, "Security", &settings_interpix_heading6}; +struct tableHeading settings_interpix_heading4 = {false, 10, "Net Mask", &settings_interpix_heading5}; +struct tableHeading settings_interpix_heading3 = {false, 10, "IP Address", &settings_interpix_heading4}; +struct tableHeading settings_interpix_heading2 = {false, 8, "Shutdown", &settings_interpix_heading3}; +struct tableHeading settings_interpix_heading1 = {false, 15, "Name", &settings_interpix_heading2}; +struct tableHeading settings_interpix_heading = {false, 11, "Interface", &settings_interpix_heading1}; + + +// Zones +const char *settings_zone_title = "Security Zones"; +const char *settings_zone_desc = "*DEVICETYPE* security zones enable the sectioning of a network in order to apply network filtering and other security options. *DEVICETYPE* must have at least two security zones configured in order to facilitate filtering between network areas and each security zone will have at least one network interface bound to it, the global zone will use mapped or virtual *ABBREV*IP*-ABBREV*."; +const char *settings_zones_table = "Security zones"; +struct tableHeading settings_zones_heading6 = {false, 2, "Virtual Router", 0}; +struct tableHeading settings_zones_heading5 = {false, 2, "Tunnel", &settings_zones_heading6}; +struct tableHeading settings_zones_heading4 = {false, 2, "Policy", &settings_zones_heading5}; +struct tableHeading settings_zones_heading3 = {false, 1, "Block", &settings_zones_heading4}; +struct tableHeading settings_zones_heading2 = {false, 1, "VLAN", &settings_zones_heading3}; +struct tableHeading settings_zones_heading1 = {false, 1, "ID", &settings_zones_heading2}; +struct tableHeading settings_zones_heading = {false, 2, "Name", &settings_zones_heading1}; +const char *settings_zone_table = "zone security settings"; + + +// Policy Collections (FW1) +const char *settings_policycol_title = "Policy Collections"; +const char *settings_policycol_table = "policy collection"; +struct tableHeading settings_policycol_heading9 = {false, 3, "Comment", 0}; +struct tableHeading settings_policycol_heading8 = {false, 1, "Log", 0}; +struct tableHeading settings_policycol_heading7 = {false, 2, "Install On", &settings_policycol_heading8}; +struct tableHeading settings_policycol_heading6 = {false, 2, "Through", &settings_policycol_heading7}; +struct tableHeading settings_policycol_heading5 = {false, 3, "Service", &settings_policycol_heading6}; +struct tableHeading settings_policycol_heading4 = {false, 3, "Destination", &settings_policycol_heading5}; +struct tableHeading settings_policycol_heading3 = {false, 3, "Source", &settings_policycol_heading4}; +struct tableHeading settings_policycol_heading2 = {false, 1, "Action", &settings_policycol_heading3}; +struct tableHeading settings_policycol_heading1 = {false, 1, "Enabled", &settings_policycol_heading2}; +struct tableHeading settings_policycol_heading = {false, 1, "Rule", &settings_policycol_heading1}; + +// Access Rules/Policies (SonicOS) +const char *settings_accessrules_title = "Firewall Filtering"; +struct tableHeading settings_accessrules_heading6 = {false, 1, "Fragments", 0}; +struct tableHeading settings_accessrules_heading5 = {false, 3, "Service", &settings_accessrules_heading6}; +struct tableHeading settings_accessrules_heading4 = {false, 3, "Destination", &settings_accessrules_heading5}; +struct tableHeading settings_accessrules_heading3 = {false, 3, "Source", &settings_accessrules_heading4}; +struct tableHeading settings_accessrules_heading2 = {false, 1, "Action", &settings_accessrules_heading3}; +struct tableHeading settings_accessrules_heading1 = {false, 1, "Enabled", &settings_accessrules_heading2}; +struct tableHeading settings_accessrules_heading = {false, 1, "Rule", &settings_accessrules_heading1}; +struct tableHeading settings_accesspolicy_heading7 = {false, 1, "Log", 0}; +struct tableHeading settings_accesspolicy_heading6 = {false, 1, "Fragments", &settings_accesspolicy_heading7}; +struct tableHeading settings_accesspolicy_heading5 = {false, 3, "Service", &settings_accesspolicy_heading6}; +struct tableHeading settings_accesspolicy_heading4 = {false, 3, "Destination", &settings_accesspolicy_heading5}; +struct tableHeading settings_accesspolicy_heading3 = {false, 3, "Source", &settings_accesspolicy_heading4}; +struct tableHeading settings_accesspolicy_heading2 = {false, 1, "Action", &settings_accesspolicy_heading3}; +struct tableHeading settings_accesspolicy_heading1 = {false, 1, "Enabled", &settings_accesspolicy_heading2}; +struct tableHeading settings_accesspolicy_heading = {false, 1, "Policy", &settings_accesspolicy_heading1}; + +// Permit Lists (NMP) +const char *settings_permit_title = "Management Service Permit Lists"; +const char *settings_permit_table = "Management service permit lists"; +struct tableHeading settings_permit_heading1 = {false, 1, "Permission List", 0}; +struct tableHeading settings_permit_heading = {false, 1, "Service", &settings_permit_heading1}; +struct tableHeading settings_permitlist_heading1 = {false, 1, "Net Mask", 0}; +struct tableHeading settings_permitlist_heading = {false, 1, "Host", &settings_permitlist_heading1}; + +// Filters (Passport) +const char *settings_filter_title = "Network Filtering"; +const char *settings_filter_table = "Filters not assigned to any filter sets"; +struct tableHeading settings_filter_heading9 = {false, 1, "Stop", 0}; +struct tableHeading settings_filter_heading8 = {false, 1, "Destination Port", &settings_filter_heading9}; +struct tableHeading settings_filter_heading7 = {false, 2, "Destination", &settings_filter_heading8}; +struct tableHeading settings_filter_heading6 = {false, 1, "Source Port", &settings_filter_heading7}; +struct tableHeading settings_filter_heading5 = {false, 2, "Source", &settings_filter_heading6}; +struct tableHeading settings_filter_heading4 = {false, 1, "Protocol", &settings_filter_heading5}; +struct tableHeading settings_filter_heading3 = {false, 1, "Action", &settings_filter_heading4}; +struct tableHeading settings_filter_heading2 = {false, 1, "Type", &settings_filter_heading3}; +struct tableHeading settings_filter_heading1 = {false, 1, "Name", &settings_filter_heading2}; +struct tableHeading settings_filter_heading = {false, 1, "ID", &settings_filter_heading1}; +struct tableHeading settings_filterset_heading8 = {false, 1, "Stop", 0}; +struct tableHeading settings_filterset_heading7 = {false, 1, "Destination Port", &settings_filterset_heading8}; +struct tableHeading settings_filterset_heading6 = {false, 2, "Destination", &settings_filterset_heading7}; +struct tableHeading settings_filterset_heading5 = {false, 1, "Source Port", &settings_filterset_heading6}; +struct tableHeading settings_filterset_heading4 = {false, 2, "Source", &settings_filterset_heading5}; +struct tableHeading settings_filterset_heading3 = {false, 1, "Protocol", &settings_filterset_heading4}; +struct tableHeading settings_filterset_heading2 = {false, 1, "Action", &settings_filterset_heading3}; +struct tableHeading settings_filterset_heading1 = {false, 1, "Name", &settings_filterset_heading2}; +struct tableHeading settings_filterset_heading = {false, 1, "ID", &settings_filterset_heading1}; + +// Policies (ScreenOS Firewall Rules) +const char *settings_policies_title = "Policy Lists"; +const char *settings_policies_text = "A policy is a set of rules that will determine whether traffic between security zones (interzone), between interfaces in the same zone (intrazone) or between addresses in the global zone are permitted or denied. Each interface can be assigned to a different security zone, and multiple interfaces can be assigned to a single security zone.*NEWPARA*The policy will be processed from the top to the bottom with the first policy rule that applies taking effect. If no rule matches, the default policy will take effect, which is set to deny by default on *DEVICETYPE*. Policies are applied in the following order:"; +struct tableHeading settings_sospolicy_heading3 = {false, 1, "Default policy (deny by default)", 0}; +struct tableHeading settings_sospolicy_heading2 = {false, 1, "Global zone policy", &settings_sospolicy_heading3}; +struct tableHeading settings_sospolicy_heading1 = {false, 1, "Zone to zone policies", &settings_sospolicy_heading2}; +struct tableHeading settings_sospolicy_heading = {false, 1, "Intrazone policies (does nothing unless block intrazone traffic is enabled on the zone)", &settings_sospolicy_heading1}; +struct tableHeading settings_policies_heading6 = {false, 1, "Log", 0}; +struct tableHeading settings_policies_heading5 = {false, 3, "Service", &settings_policies_heading6}; +struct tableHeading settings_policies_heading4 = {false, 3, "Destination", &settings_policies_heading5}; +struct tableHeading settings_policies_heading3 = {false, 3, "Source", &settings_policies_heading4}; +struct tableHeading settings_policies_heading2 = {false, 1, "Permission", &settings_policies_heading3}; +struct tableHeading settings_policies_heading1 = {false, 1, "Disabled", &settings_policies_heading2}; +struct tableHeading settings_policies_heading = {false, 1, "ID", &settings_policies_heading1}; + +// Access Lists +const char *settings_accesslists_title = "Access Control List"; +const char *settings_accesslist_table = "General ACL settings"; +const char *settings_accesslist_css = "*DEVICETYPE* device *ABBREV*ACL*-ABBREV* are sequential lists of permit, deny or bypass clauses that are applied to a VLAN circuit. An *ABBREV*ACL*-ABBREV* is processed sequentially with the first clause that matches the incoming traffic applying. If the entire *ABBREV*ACL*-ABBREV* has been processed without a clause matching, then the traffic is denied by a hidden deny all rule. However, *ABBREV*ACL*-ABBREV* have to be enabled on *DEVICETYPE* otherwise all traffic will be permitted regardless of the *ABBREV*ACL*-ABBREV*. Once enabled, any VLAN circuits without an ACL applied will be denied by the hidden deny all rule.*NEWPARA*ACL are *NEGATIVE*disabled*-NEGATIVE**POSITIVE*enabled*-POSITIVE* on *DEVICENAME*."; +const char *settings_accesslists1 = "A Cisco *ABBREV*ACL*-ABBREV* is a sequential list of apply or deny *ABBREV*ACEs*-ABBREV* that a Cisco device will apply to network traffic. The Cisco device will check network traffic against the *ABBREV*ACL*-ABBREV* and the first *ABBREV*ACE*-ABBREV* match will determine whether the packet is accepted or rejected. If the Cisco device does not have an *ABBREV*ACE*-ABBREV* that applies then the packet is denied. *NONEWPARA*"; +const char *settings_accesslists2 = "*NOTEXTSTART*When a packet is rejected after access list processing, an *ABBREV*ICMP*-ABBREV* host unreachable message is sent, unless it had been disabled.*NEWPARA*There are two different types of *ABBREV*ACLs*-ABBREV* on IOS-based Cisco devices, standard and extended. Standard *ABBREV*ACLs*-ABBREV* have an access list number between 1 and 99, extended *ABBREV*ACLs*-ABBREV* are numbered 100 or above. Standard *ABBREV*ACLs*-ABBREV* only define the source address and process the packet solely based on that. Extended *ABBREV*ACLs*-ABBREV* contain additional checks, such as destination address and network port numbers."; +const char *settings_accesslists3 = "Newer versions of Cisco firewall devices have two different types of *ABBREV*ACL*-ABBREV*, standard and extended. Standard *ABBREV*ACL*-ABBREV* are typically used to secure *ABBREV*OSPF*-ABBREV* routes, whilst extended *ABBREV*ACL*-ABBREV* are used for all other network filtering."; +const char *settings_acl_int_table = "Interfaces with ACL applied"; +struct tableHeading settings_aclinter_heading4 = {false, 1, "Out ACL", 0}; +struct tableHeading settings_aclinter_heading3 = {false, 1, "In ACL", &settings_aclinter_heading4}; +struct tableHeading settings_aclinter_heading2 = {false, 3, "IP Address", &settings_aclinter_heading3}; +struct tableHeading settings_aclinter_heading1 = {false, 1, "Active", &settings_aclinter_heading2}; +struct tableHeading settings_aclinter_heading = {false, 2, "Interface", &settings_aclinter_heading1}; +const char *settings_acl_line_table = "Lines with ACL applied"; +struct tableHeading settings_aclline_heading8 = {false, 1, "ACL Out", 0}; +struct tableHeading settings_aclline_heading7 = {false, 1, "ACL In", &settings_aclline_heading8}; +struct tableHeading settings_aclline_heading6 = {false, 1, "SSH", &settings_aclline_heading7}; +struct tableHeading settings_aclline_heading5 = {false, 1, "Telnet", &settings_aclline_heading6}; +struct tableHeading settings_aclline_heading4 = {false, 1, "Exec", &settings_aclline_heading5}; +struct tableHeading settings_aclline_heading3 = {false, 2, "Logins", &settings_aclline_heading4}; +struct tableHeading settings_aclline_heading2 = {false, 2, "End Line", &settings_aclline_heading3}; +struct tableHeading settings_aclline_heading1 = {false, 2, "Start Line", &settings_aclline_heading2}; +struct tableHeading settings_aclline_heading = {false, 2, "Line Type", &settings_aclline_heading1}; +struct tableHeading settings_acl_css_heading7 = {false, 1, "Log", 0}; +struct tableHeading settings_acl_css_heading6 = {false, 3, "Destination Service", &settings_acl_css_heading7}; +struct tableHeading settings_acl_css_heading5 = {false, 3, "Destination", &settings_acl_css_heading6}; +struct tableHeading settings_acl_css_heading4 = {false, 3, "Source Service", &settings_acl_css_heading5}; +struct tableHeading settings_acl_css_heading3 = {false, 3, "Source", &settings_acl_css_heading4}; +struct tableHeading settings_acl_css_heading2 = {false, 1, "Protocol", &settings_acl_css_heading3}; +struct tableHeading settings_acl_css_heading1 = {false, 1, "Filter", &settings_acl_css_heading2}; +struct tableHeading settings_acl_css_heading = {false, 1, "Clause", &settings_acl_css_heading1}; +const char *settings_accessstd_table = "Standard ACL"; +struct tableHeading settings_accessstd_heading3 = {false, 1, "Log", 0}; +struct tableHeading settings_accessstd_heading2 = {false, 5, "Source", &settings_accessstd_heading3}; +struct tableHeading settings_accessstd_heading1 = {false, 2, "Filter", &settings_accessstd_heading2}; +struct tableHeading settings_accessstd_heading = {false, 1, "Line", &settings_accessstd_heading1}; +struct tableHeading settings_accessstdpix_heading2 = {false, 2, "Source", 0}; +struct tableHeading settings_accessstdpix_heading1 = {false, 2, "Permission", &settings_accessstdpix_heading2}; +struct tableHeading settings_accessstdpix_heading = {false, 1, "Line", &settings_accessstdpix_heading1}; +const char *settings_accesslists_table = "ACL"; +struct tableHeading settings_accesspix_heading6 = {false, 1, "Destination Port", 0}; +struct tableHeading settings_accesspix_heading5 = {false, 2, "Destination", &settings_accesspix_heading6}; +struct tableHeading settings_accesspix_heading4 = {false, 1, "Source Port", &settings_accesspix_heading5}; +struct tableHeading settings_accesspix_heading3 = {false, 2, "Source", &settings_accesspix_heading4}; +struct tableHeading settings_accesspix_heading2 = {false, 1, "Protocol", &settings_accesspix_heading3}; +struct tableHeading settings_accesspix_heading1 = {false, 1, "Permission", &settings_accesspix_heading2}; +struct tableHeading settings_accesspix_heading = {false, 1, "Line", &settings_accesspix_heading1}; +const char *settings_accessext_table = "Extended ACL"; +struct tableHeading settings_accessext_heading8 = {false, 11, "Options", 0}; +struct tableHeading settings_accessext_heading7 = {false, 8, "Log", &settings_accessext_heading8}; +struct tableHeading settings_accessext_heading6 = {false, 11, "Destination Service", &settings_accessext_heading7}; +struct tableHeading settings_accessext_heading5 = {false, 17, "Destination", &settings_accessext_heading6}; +struct tableHeading settings_accessext_heading4 = {false, 11, "Source Service", &settings_accessext_heading5}; +struct tableHeading settings_accessext_heading3 = {false, 17, "Source", &settings_accessext_heading4}; +struct tableHeading settings_accessext_heading2 = {false, 8, "Protocol", &settings_accessext_heading3}; +struct tableHeading settings_accessext_heading1 = {false, 9, "Filter", &settings_accessext_heading2}; +struct tableHeading settings_accessext_heading = {false, 8, "Line", &settings_accessext_heading1}; +struct tableHeading settings_accessextpix_heading8 = {false, 1, "Active", 0}; +struct tableHeading settings_accessextpix_heading7 = {false, 1, "Log", &settings_accessextpix_heading8}; +struct tableHeading settings_accessextpix_heading6 = {false, 1, "Destination Port", &settings_accessextpix_heading7}; +struct tableHeading settings_accessextpix_heading5 = {false, 1, "Destination", &settings_accessextpix_heading6}; +struct tableHeading settings_accessextpix_heading4 = {false, 1, "Source Port", &settings_accessextpix_heading5}; +struct tableHeading settings_accessextpix_heading3 = {false, 1, "Source", &settings_accessextpix_heading4}; +struct tableHeading settings_accessextpix_heading2 = {false, 1, "Protocol", &settings_accessextpix_heading3}; +struct tableHeading settings_accessextpix_heading1 = {false, 1, "Permission", &settings_accessextpix_heading2}; +struct tableHeading settings_accessextpix_heading = {false, 1, "Line", &settings_accessextpix_heading1}; + +// ICMP Access +const char *settings_icmpaccess_title = "ICMP Access"; +const char *settings_icmpaccess_table = "Configured security appliance ICMP restrictions"; +struct tableHeading settings_icmpaccess_heading3 = {false, 1, "Interface", 0}; +struct tableHeading settings_icmpaccess_heading2 = {false, 1, "ICMP Message", &settings_icmpaccess_heading3}; +struct tableHeading settings_icmpaccess_heading1 = {false, 1, "Source", &settings_icmpaccess_heading2}; +struct tableHeading settings_icmpaccess_heading = {false, 1, "Action", &settings_icmpaccess_heading1}; +const char *settings_icmpaccess_desc = "The default behavior of Cisco security appliances is to allow *ABBREV*ICMP*-ABBREV* packets to the security appliances interfaces, with the exception of broadcast *ABBREV*ICMP*-ABBREV* packets. Likewise *ABBREV*ICMP*-ABBREV* packets from an outside address to a protected interface will also be denied. However, it is possible to configure additional filtering to restrict other *ABBREV*ICMP*-ABBREV* traffic to the security appliance."; + +// Protocol Inspection - fixup (old pix), inspect (new pix) +const char *settings_protoinspect_title = "Protocol Inspection"; +const char *settings_protoinspect_desc = "Cisco firewall devices are capable of inspecting protocol traffic such as *ABBREV*DNS*-ABBREV*, *ABBREV*HTTP*-ABBREV* and *ABBREV*SMTP*-ABBREV*. This allows traffic to be filtered based on the protocol and can prevent a number of attacks. For example, the *ABBREV*SMTP*-ABBREV* filter can prevent certain *ABBREV*SMTP*-ABBREV* commands from being executed."; +const char *settings_protoinspect_table = "Protocols inspected"; +struct tableHeading settings_protoinspect_heading2 = {false, 1, "Option", 0}; +struct tableHeading settings_protoinspect_heading1 = {false, 1, "Inspect", &settings_protoinspect_heading2}; +struct tableHeading settings_protoinspect_heading = {false, 1, "Protocol", &settings_protoinspect_heading1}; + +// Gateway Cluster Objects (FW1)... +const char *settings_objects_gatewaycluster_title = "Gateway Cluster Definitions"; +const char *settings_objects_gatewaycluster_table = "gateway cluster configuration"; +const char *settings_objects_gatewaycluster_int_table = "gateway cluster interfaces"; +const char *settings_objects_gatewaycluster_mem_table = "gateway cluster members"; +struct tableHeading settings_object_gatemem_heading1 = {false, 1, "Name", 0}; +struct tableHeading settings_object_gatemem_heading = {false, 1, "Member", &settings_object_gatemem_heading1}; + +// Gateway Cluster Member Objects (FW1)... +const char *settings_objects_gatewayclustermem_title = "Gateways Cluster Member Definitions"; +const char *settings_objects_gatewayclustermem_table = "gateway cluster member configuration"; +const char *settings_objects_gatewayclustermem_int_table = "gateway cluster member interfaces"; + +// Gateway Objects (FW1)... +const char *settings_objects_gateway_title = "Gateways Definitions"; +const char *settings_objects_gateway_table = "gateway configuration"; +const char *settings_objects_gateway_int_table = "gateway interfaces"; +struct tableHeading settings_object_gateinter_heading4 = {false, 1, "Net Mask", 0}; +struct tableHeading settings_object_gateinter_heading3 = {false, 1, "IP Address", &settings_object_gateinter_heading4}; +struct tableHeading settings_object_gateinter_heading2 = {false, 1, "Dynamic IP", &settings_object_gateinter_heading3}; +struct tableHeading settings_object_gateinter_heading1 = {false, 1, "Name", &settings_object_gateinter_heading2}; +struct tableHeading settings_object_gateinter_heading = {false, 1, "Interface", &settings_object_gateinter_heading1}; + +// Host Objects (FW1)... +const char *settings_objects_hosts_title = "Host Definitions"; +const char *settings_objects_hosts_table = "Host definitions"; +struct tableHeading settings_object_host_heading2 = {false, 1, "Managed", 0}; +struct tableHeading settings_object_host_heading1 = {false, 1, "IP Address", &settings_object_host_heading2}; +struct tableHeading settings_object_host_heading = {false, 1, "Host Name", &settings_object_host_heading1}; + +// Network Objects (FW1)... +const char *settings_objects_network_title = "Network Definitions"; +const char *settings_objects_network_table = "Network object definitions"; +struct tableHeading settings_object_network_heading3 = {false, 1, "Managed", 0}; +struct tableHeading settings_object_network_heading2 = {false, 1, "Net Mask", &settings_object_network_heading3}; +struct tableHeading settings_object_network_heading1 = {false, 1, "IP Address", &settings_object_network_heading2}; +struct tableHeading settings_object_network_heading = {false, 1, "Network Name", &settings_object_network_heading1}; + +// Dynamic Network Objects (FW1)... +const char *settings_objects_dynnet_title = "Dynamic Network Definitions"; +const char *settings_objects_dynamicnet_table = "Dynamic network object definitions"; +struct tableHeading settings_object_dynamicnet_heading = {false, 1, "Name", 0}; + +// Group Objects (FW1)... +const char *settings_objects_groups_title = "Group Object Definitions"; +const char *settings_objects_group_table = "object group"; +struct tableHeading settings_object_group_heading4 = {false, 1, "Managed", 0}; +struct tableHeading settings_object_group_heading3 = {false, 1, "Net Mask", &settings_object_group_heading4}; +struct tableHeading settings_object_group_heading2 = {false, 1, "IP Address", &settings_object_group_heading3}; +struct tableHeading settings_object_group_heading1 = {false, 1, "Object Type", &settings_object_group_heading2}; +struct tableHeading settings_object_group_heading = {false, 1, "Name", &settings_object_group_heading1}; + +// Machines Range Objects (FW1)... +const char *settings_objects_machrange_title = "Machines Range Definitions"; +const char *settings_objects_machrange_table = "Machines range definitions"; +struct tableHeading settings_object_machrange_heading2 = {false, 1, "Last IP", 0}; +struct tableHeading settings_object_machrange_heading1 = {false, 1, "First IP", &settings_object_machrange_heading2}; +struct tableHeading settings_object_machrange_heading = {false, 1, "Range Name", &settings_object_machrange_heading1}; + +// Objects... +const char *settings_objects_title = "Object Groups"; +const char *settings_objects_desc = "Cisco object groups can be used to group items such as *ABBREV*IP*-ABBREV* addresses, services and protocols. Object groups can be used with any Cisco security appliance command and the command will be effective for all members of the group, this can significantly simplify the devices configuration. Furthermore, object groups can be members or other object groups. There are different types of object group:"; +struct tableHeading settings_objects_heading3 = {false, 0, "ICMP Types", 0}; +struct tableHeading settings_objects_heading2 = {false, 0, "Networks", &settings_objects_heading3}; +struct tableHeading settings_objects_heading1 = {false, 0, "Protocols", &settings_objects_heading2}; +struct tableHeading settings_objects_heading = {false, 0, "Services", &settings_objects_heading1}; +const char *settings_objects_table = "object group"; +struct tableHeading settings_object_heading1 = {false, 1, "Object", 0}; +struct tableHeading settings_object_heading = {false, 1, "Object Type", &settings_object_heading1}; + +// Services (SonicOS)... +const char *settings_sonicosservices_title = "Service Definitions"; +const char *settings_sonicosservices_table = "Service definitions"; +struct tableHeading settings_sonicosservices_heading3 = {false, 0, "IP Type", 0}; +struct tableHeading settings_sonicosservices_heading2 = {false, 0, "Port(s)", &settings_sonicosservices_heading3}; +struct tableHeading settings_sonicosservices_heading1 = {false, 0, "Name", &settings_sonicosservices_heading2}; +struct tableHeading settings_sonicosservices_heading = {false, 0, "ID", &settings_sonicosservices_heading1}; + +// Service Groups (FW1)... +const char *settings_fw1servicegroup_title = "Service Groups"; +const char *settings_fw1servicegroup_table = "service group"; +struct tableHeading settings_fw1servicegroup_heading = {false, 0, "Name", 0}; + +// Services (FW1)... +const char *settings_fw1services_title = "Services"; +struct tableHeading settings_fw1services_heading3 = {false, 0, "Comments", 0}; +struct tableHeading settings_fw1services_heading2 = {false, 0, "Port", &settings_fw1services_heading3}; +struct tableHeading settings_fw1services_heading1 = {false, 0, "Protocol", &settings_fw1services_heading2}; +struct tableHeading settings_fw1services_heading = {false, 0, "Service", &settings_fw1services_heading1}; + +// Address / Name Mappings +const char *settings_namemap_title = "IP Address Name Mappings"; +const char *settings_namegroupmap_title = "IP Address Name Mapping Groups"; +struct tableHeading settings_namemapgroup_heading1 = {false, 1, "Mapping Name", 0}; +struct tableHeading settings_namemapgroup_heading = {false, 1, "Group Name", &settings_namemapgroup_heading1}; +const char *settings_namemap_table = "IP address name mappings"; +struct tableHeading settings_namemap_heading1 = {false, 1, "IP Address", 0}; +struct tableHeading settings_namemap_heading = {false, 1, "Name", &settings_namemap_heading1}; +struct tableHeading settings_namemapSOS_heading3 = {false, 1, "Comment", 0}; +struct tableHeading settings_namemapSOS_heading2 = {false, 1, "Net Mask", &settings_namemapSOS_heading3}; +struct tableHeading settings_namemapSOS_heading1 = {false, 1, "IP Address / FQDN", &settings_namemapSOS_heading2}; +struct tableHeading settings_namemapSOS_heading = {false, 1, "Name", &settings_namemapSOS_heading1}; + + +// ---------------------------------------------------------------------------------- +// Appendix Text... + +const char *appendix_title = "Appendix"; + +// Abbreviations +const char *appendix_abbrev_title = "Abbreviations"; + +// Common Ports +const char *appendix_ports_title = "Common Ports"; +const char *appendix_ports_table = "Common ports"; +struct tableHeading appendix_ports_heading1 = {false, 1, "Port", 0}; +struct tableHeading appendix_ports_heading = {false, 2, "Service", &appendix_ports_heading1}; + +// Logging Levels +const char *appendix_logging_title = "Logging Severity Levels"; +const char *appendix_logging_table = "Logging message severity levels"; +struct tableHeading appendix_logging_heading2 = {false, 3, "Description", 0}; +struct tableHeading appendix_logging_heading1 = {false, 2, "Level Name", &appendix_logging_heading2}; +struct tableHeading appendix_logging_heading = {false, 1, "Level", &appendix_logging_heading1}; + +// Time Zones +const char *appendix_timezones_title = "Time Zones"; +const char *appendix_timezones_table = "Common time zone acronyms"; +struct tableHeading appendix_timezones_heading3 = {false, 1, "UTC Offset", 0}; +struct tableHeading appendix_timezones_heading2 = {false, 4, "Time Zone", &appendix_timezones_heading3}; +struct tableHeading appendix_timezones_heading1 = {false, 1, "Acronym", &appendix_timezones_heading2}; +struct tableHeading appendix_timezones_heading = {false, 2, "Region", &appendix_timezones_heading1}; + +// Nipper Version +const char *appendix_version_title = "Nipper Details"; +const char *appendix_version_desc1 = "This report was generated using Nipper version *NONEWPARA*"; +const char *appendix_version_desc2 = "*NOTEXTSTART*. Nipper is an Open Source tool designed to assist security professionals and network system administrators securely configure network infrastructure devices. The latest version of Nipper can be found at the following URL:*NEWPARA*http://nipper.titania.co.uk."; + diff --git a/0.11.10/common/.svn/text-base/report-vulns.c.svn-base b/0.11.10/common/.svn/text-base/report-vulns.c.svn-base new file mode 100644 index 0000000..2350eef --- /dev/null +++ b/0.11.10/common/.svn/text-base/report-vulns.c.svn-base @@ -0,0 +1,219 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#define vuln_req_none 0 +#define vuln_req_telnet 1 +#define vuln_req_http 2 +#define vuln_req_ssh 3 +#define vuln_req_tacacs 4 +#define vuln_req_tftp 5 +#define vuln_req_ospf 6 + +struct vulnerability +{ + int startVersionMajor; // Vuln Version from... + int startVersionMinor; + int startVersionRevision; + int endVersionMajor; // Vuln Version to... + int endVersionMinor; + int endVersionRevision; + char *cve; // CVE + char *bid; // BID + char *description; // Description + int dos; // Is it a DoS? + int remote; // Is it remote code execution? + int require; // Requirement (e.g. vuln_req_http) + int include; // Include vulnerability? + struct vulnerability *next; +}; + +// IOS Vulnerabilities +struct vulnerability report_vuln_ios12 = {12, 0, 0, 12, 4, 0, + "CVE-2007-0480", "22211", + "Crafted IPv4 option remote code execution", + true, true, + vuln_req_none, false, 0}; +struct vulnerability report_vuln_ios11 = {9, 0, 0, 12, 4, 0, + "CVE-2007-0479", "22208", + "IPv4 TCP listener denial of service", + true, false, + vuln_req_none, false, &report_vuln_ios12}; +struct vulnerability report_vuln_ios10 = {9, 0, 0, 12, 3, 9, + "CVE-2004-1464", "11060", + "Telnet remote denial of service", + true, false, + vuln_req_telnet, false, &report_vuln_ios11}; +struct vulnerability report_vuln_ios9 = {12, 0, 0, 12, 1, 0, + "-", "10014", + "HTTP malformed request denial of service", + true, false, + vuln_req_http, false, &report_vuln_ios10}; +struct vulnerability report_vuln_ios8 = {10, 3, 3, 12, 2, 17, + "CVE-2003-0647", "8373", + "2GB HTTP GET buffer overflow", + false, true, + vuln_req_http, false, &report_vuln_ios9}; +struct vulnerability report_vuln_ios7 = {11, 1, 0, 12, 0, 7, + "CVE-2003-0100", "6895", + "OSPF neighbor buffer overflow", + true, true, + vuln_req_ospf, false, &report_vuln_ios8}; +struct vulnerability report_vuln_ios6 = {11, 1, 0, 11, 3, 0, + "CVE-2002-0813", "5328", + "TFTP server long file name buffer overflow", + true, true, + vuln_req_tftp, false, &report_vuln_ios7}; +struct vulnerability report_vuln_ios5 = {12, 0, 0, 12, 2, 0, + "CVE-2002-1024", "5114", + "SSH denial of service", + true, false, + vuln_req_ssh, false, &report_vuln_ios6}; +struct vulnerability report_vuln_ios4 = {11, 3, 0, 12, 2, 0, + "CVE-2001-0537", "2936", + "HTTP configuration arbitrary administrative access", + false, true, + vuln_req_http, false, &report_vuln_ios5}; +struct vulnerability report_vuln_ios3 = {12, 0, 0, 12, 1, 0, + "CVE-2000-0984", "1838", + "?/ HTTP request denial of service", + true, false, + vuln_req_http, false, &report_vuln_ios4}; +struct vulnerability report_vuln_ios2 = {11, 1, 0, 12, 0, 7, + "CVE-2000-0380", "1154", + "HTTP %% vulnerability", + true, false, + vuln_req_http, false, &report_vuln_ios3}; +struct vulnerability report_vuln_ios1 = {11, 3, 0, 12, 0, 7, + "CVE-2000-0268", "1123", + "Telnet option handling vulnerability", + true, false, + vuln_req_telnet, false, &report_vuln_ios2}; +struct vulnerability report_vuln_ios = {9, 1, 0, 11, 3, 1, + "-", "692", + "Remote denial of service", + true, false, + vuln_req_none, false, &report_vuln_ios1}; + +// PIX Vulnerabilities +struct vulnerability report_vuln_pix3 = {7, 2, 2, 7, 2, 2, + "CVE-2007-0962", "22562", + "Privilege escalation", + false, false, + vuln_req_none, false, 0}; +struct vulnerability report_vuln_pix2 = {6, 3, 0, 7, 0, 5, + "CVE-2007-0962", "22561", + "Multiple remote denial of service", + true, false, + vuln_req_none, false, &report_vuln_pix3}; +struct vulnerability report_vuln_pix1 = {5, 2, 0, 6, 2, 0, + "CVE-2002-1024", "5114", + "SSH denial of service", + true, false, + vuln_req_ssh, false, &report_vuln_pix2}; +struct vulnerability report_vuln_pix = {4, 0, 0, 5, 3, 0, + "CVE-2001-0375", "2551", + "TACACS+ denial of service", + true, false, + vuln_req_tacacs, false, &report_vuln_pix1}; + +// FWSM Vulnerabilities +struct vulnerability report_vuln_fwsm2 = {3, 2, 3, 3, 2, 3, + "CVE-2007-5584", "", + "******************************", + false, false, + vuln_req_none, false, 0}; +struct vulnerability report_vuln_fwsm1 = {2, 3, 0, 3, 1, 3, + "CVE-2007-0962", "22561", + "Multiple remote denial of service issues", + true, false, + vuln_req_none, false, 0}; +struct vulnerability report_vuln_fwsm = {1, 1, 2, 1, 1, 2, + "-", "9222", + "Multiple HTTP vulnerabilities", + false, true, + vuln_req_http, false, &report_vuln_fwsm1}; + +// CatOS / NMP +struct vulnerability report_vuln_nmp4 = {7, 5, 1, 7, 5, 1, + "-", "7424", + "Authentication bypass vulnerability", + false, true, + vuln_req_ssh, false, 0}; +struct vulnerability report_vuln_nmp3 = {5, 3, 1, 7, 1, 2, + "CVE-2002-1024", "5114", + "SSH denial of service", + true, false, + vuln_req_ssh, false, &report_vuln_nmp4}; +struct vulnerability report_vuln_nmp2 = {4, 5, 2, 7, 1, 0, + "CVE-2001-0554", "3064", + "Telnet buffer overflow", + false, true, + vuln_req_telnet, false, &report_vuln_nmp3}; +struct vulnerability report_vuln_nmp1 = {6, 1, 1, 6, 1, 1, + "CVE-2001-0080", "2117", + "SSH protocol mismatch denial of service", + false, false, + vuln_req_ssh, false, &report_vuln_nmp2}; +struct vulnerability report_vuln_nmp = {5, 4, 1, 5, 4, 1, + "CVE-2000-0267", "1122", + "Enable password bypass vulnerability", + false, false, + vuln_req_none, false, &report_vuln_nmp1}; + +// Check Vulnerability OS Versions +void checkVulnVersion(struct nipperConfig *nipper, struct vulnerability *vulnPointer) +{ + // Check to see if it is older... + if ((nipper->versionMajor < vulnPointer->startVersionMajor) || ((nipper->versionMajor == vulnPointer->startVersionMajor) && (nipper->versionMinor < vulnPointer->startVersionMinor))) + return; + + // Check to see if it is newer... + if ((nipper->versionMajor > vulnPointer->endVersionMajor) || ((nipper->versionMajor == vulnPointer->endVersionMajor) && (nipper->versionMinor > vulnPointer->endVersionMinor))) + return; + + if ((nipper->deviceType != type_ios_router) && (nipper->deviceType != type_ios_switch) && (nipper->deviceType != type_ios_catalyst)) + { + // Check to see if revision is older... + if ((nipper->versionMajor == vulnPointer->startVersionMajor) && (nipper->versionMinor == vulnPointer->startVersionMinor) && (nipper->versionRevision < vulnPointer->startVersionRevision)) + return; + + // Check to see if revision is newer... + if ((nipper->versionMajor == vulnPointer->endVersionMajor) && (nipper->versionMinor == vulnPointer->endVersionMinor) && (nipper->versionRevision > vulnPointer->endVersionRevision)) + return; + } + + // Set counters... + nipper->vulnIssues++; // Vuln counter + vulnPointer->include = true; // Include Vuln + if (vulnPointer->dos == true) // Is it a DoS? + nipper->vulnIssueDos = true; + if (vulnPointer->remote == true) // Is it a Remote? + nipper->vulnIssueRemote = true; +} diff --git a/0.11.10/common/.svn/text-base/report.c.svn-base b/0.11.10/common/.svn/text-base/report.c.svn-base new file mode 100644 index 0000000..f53b723 --- /dev/null +++ b/0.11.10/common/.svn/text-base/report.c.svn-base @@ -0,0 +1,694 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void generateReport(struct nipperConfig *nipper) +{ + // Variables... + int securityIssues = 0; + char tempString[nipper->maxSize]; + int tempInt = 0; + FILE *cssFile; + struct reportText *reportTextPointer = 0; + struct tableHeading *conclusionsList = 0; + struct tableHeading *conclusionsPointer = 0; + + // Table Pointers + switch (nipper->outputFormat) + { + case output_html: + nipper->tablerow_start = table_html_rowstart; + nipper->tablerow_mid = table_html_rowmid; + nipper->tablerow_end = table_html_rowend; + nipper->tablerow_itemsep = table_html_itemsep; + break; + case output_xml: + nipper->tablerow_start = table_xml_rowstart; + nipper->tablerow_mid = table_xml_rowmid; + nipper->tablerow_end = table_xml_rowend; + nipper->tablerow_itemsep = table_xml_itemsep; + break; + case output_text: + nipper->tablerow_start = table_text_rowstart; + nipper->tablerow_mid = table_text_rowmid; + nipper->tablerow_end = table_text_rowend; + nipper->tablerow_itemsep = table_text_itemsep; + break; + case output_latex: + nipper->tablerow_start = table_latex_rowstart; + nipper->tablerow_mid = table_latex_rowmid; + nipper->tablerow_end = table_latex_rowend; + nipper->tablerow_itemsep = table_latex_itemsep; + break; + } + + // Get number of security issues... + reportTextPointer = nipper->report; + while (reportTextPointer != 0) + { + if (reportTextPointer->section == section_security) + securityIssues++; + reportTextPointer = reportTextPointer->next; + } + + // Create / open file for output + if (nipper->outputFile == 0) + nipper->reportFile = stdout; + else + { + nipper->reportFile = fopen(nipper->outputFile, "w"); + if (nipper->reportFile == NULL) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_report_file; + return; + } + } + + // If CSV file specified... + if (nipper->csvFilename != 0) + nipper->csvFile = fopen(nipper->csvFilename, "w"); + + // Set output friendly hostname + outputFriendly(nipper->hostname, nipper->friendlyHostname, nipper->maxSize, nipper->outputFormat); + + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "\n\n \n "); + switch (nipper->deviceType) + { + case type_ios_switch: + fprintf(nipper->reportFile, "Cisco Switch"); + break; + case type_ios_router: + fprintf(nipper->reportFile, "Cisco Router"); + break; + case type_nmp_catalyst: + case type_cos_catalyst: + case type_ios_catalyst: + fprintf(nipper->reportFile, "Cisco Catalyst"); + break; + case type_asa_firewall: + case type_fwsm_firewall: + case type_pix_firewall: + fprintf(nipper->reportFile, "Cisco Firewall"); + break; + case type_css_filter: + fprintf(nipper->reportFile, "Cisco CSS"); + break; + case type_sos_firewall: + fprintf(nipper->reportFile, "Juniper NetScreen Firewall"); + break; + case type_passport: + fprintf(nipper->reportFile, "Nortel Passport"); + break; + case type_bayaccelar: + fprintf(nipper->reportFile, "Bay Networks Accelar"); + break; + case type_fw1_firewall: + fprintf(nipper->reportFile, "CheckPoint Firewall-1"); + break; + case type_nokiaip: + fprintf(nipper->reportFile, "Nokia IP Firewall"); + break; + case type_sonicwall: + fprintf(nipper->reportFile, "SonicWall Firewall"); + break; + } + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + { + if (nipper->fullReport == true) + fprintf(nipper->reportFile, " Security Report"); + else + fprintf(nipper->reportFile, " Configuration Report"); + } + else + { + if (nipper->fullReport == true) + fprintf(nipper->reportFile, " %s Security Report", nipper->friendlyHostname); + else + fprintf(nipper->reportFile, " %s Configuration Report", nipper->friendlyHostname); + } + fprintf(nipper->reportFile, "\n \n \n \n
\n

%s


\n

", nipper->companyName); + switch (nipper->deviceType) + { + case type_ios_switch: + fprintf(nipper->reportFile, "Cisco Switch"); + break; + case type_ios_router: + fprintf(nipper->reportFile, "Cisco Router"); + break; + case type_nmp_catalyst: + case type_cos_catalyst: + case type_ios_catalyst: + fprintf(nipper->reportFile, "Cisco Catalyst"); + break; + case type_asa_firewall: + case type_fwsm_firewall: + case type_pix_firewall: + fprintf(nipper->reportFile, "Cisco Firewall"); + break; + case type_css_filter: + fprintf(nipper->reportFile, "Cisco CSS"); + break; + case type_sos_firewall: + fprintf(nipper->reportFile, "Juniper NetScreen Firewall"); + break; + case type_passport: + fprintf(nipper->reportFile, "Nortel Passport"); + break; + case type_bayaccelar: + fprintf(nipper->reportFile, "Bay Networks Accelar"); + break; + case type_fw1_firewall: + fprintf(nipper->reportFile, "CheckPoint Firewall-1"); + break; + case type_nokiaip: + fprintf(nipper->reportFile, "Nokia IP Firewall"); + break; + case type_sonicwall: + fprintf(nipper->reportFile, "SonicWall Firewall"); + break; + } + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + { + if (nipper->fullReport == true) + fprintf(nipper->reportFile, " Security Report

\n"); + else + fprintf(nipper->reportFile, " Configuration Report

\n"); + } + else + { + if (nipper->fullReport == true) + fprintf(nipper->reportFile, " Security Report

\n

of the

\n

%s ", nipper->friendlyHostname); + else + fprintf(nipper->reportFile, " Configuration Report

\n

of the

\n

%s ", nipper->friendlyHostname); + switch (nipper->deviceType) + { + case type_ios_switch: + fprintf(nipper->reportFile, "Cisco Switch"); + break; + case type_ios_router: + fprintf(nipper->reportFile, "Cisco Router"); + break; + case type_nmp_catalyst: + case type_cos_catalyst: + case type_ios_catalyst: + fprintf(nipper->reportFile, "Cisco Catalyst"); + break; + case type_asa_firewall: + case type_fwsm_firewall: + case type_pix_firewall: + fprintf(nipper->reportFile, "Cisco Firewall"); + break; + case type_css_filter: + fprintf(nipper->reportFile, "Cisco CSS"); + break; + case type_sos_firewall: + fprintf(nipper->reportFile, "Juniper NetScreen Firewall"); + break; + case type_passport: + fprintf(nipper->reportFile, "Nortel Passport"); + break; + case type_bayaccelar: + fprintf(nipper->reportFile, "Bay Networks Accelar"); + break; + case type_sonicwall: + fprintf(nipper->reportFile, "SonicWall Firewall"); + break; + } + fprintf(nipper->reportFile, "

\n"); + } + break; + + case output_xml: + fprintf(nipper->reportFile, "\ndeviceType) + { + case type_ios_switch: + fprintf(nipper->reportFile, "Cisco Switch"); + break; + case type_ios_router: + fprintf(nipper->reportFile, "Cisco Router"); + break; + case type_nmp_catalyst: + case type_cos_catalyst: + case type_ios_catalyst: + fprintf(nipper->reportFile, "Cisco Catalyst"); + break; + case type_asa_firewall: + case type_fwsm_firewall: + case type_pix_firewall: + fprintf(nipper->reportFile, "Cisco Firewall"); + break; + case type_css_filter: + fprintf(nipper->reportFile, "Cisco CSS"); + break; + case type_sos_firewall: + fprintf(nipper->reportFile, "Juniper NetScreen Firewall"); + break; + case type_passport: + fprintf(nipper->reportFile, "Nortel Passport"); + break; + case type_bayaccelar: + fprintf(nipper->reportFile, "Bay Networks Accelar"); + break; + case type_fw1_firewall: + fprintf(nipper->reportFile, "CheckPoint Firewall-1"); + break; + case type_nokiaip: + fprintf(nipper->reportFile, "Nokia IP Firewall"); + break; + case type_sonicwall: + fprintf(nipper->reportFile, "SonicWall Firewall"); + break; + } + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + { + if (nipper->fullReport == true) + fprintf(nipper->reportFile, " Security Report\">\n"); + else + fprintf(nipper->reportFile, " Configuration Report\">\n"); + } + else + { + if (nipper->fullReport == true) + fprintf(nipper->reportFile, " %s Security Report\" device=\"%s\">\n", nipper->friendlyHostname, nipper->friendlyHostname); + else + fprintf(nipper->reportFile, " %s Configuration Report\" device=\"%s\">\n", nipper->friendlyHostname, nipper->friendlyHostname); + } + break; + + case output_text: + switch (nipper->deviceType) + { + case type_ios_switch: + fprintf(nipper->reportFile, "Cisco Switch"); + tempInt = 12; + break; + case type_ios_router: + fprintf(nipper->reportFile, "Cisco Router"); + tempInt = 12; + break; + case type_nmp_catalyst: + case type_cos_catalyst: + case type_ios_catalyst: + fprintf(nipper->reportFile, "Cisco Catalyst"); + tempInt = 14; + break; + case type_asa_firewall: + case type_fwsm_firewall: + case type_pix_firewall: + fprintf(nipper->reportFile, "Cisco Firewall"); + tempInt = 14; + break; + case type_css_filter: + fprintf(nipper->reportFile, "Cisco CSS"); + tempInt = 9; + break; + case type_sos_firewall: + fprintf(nipper->reportFile, "Juniper NetScreen Firewall"); + tempInt = 26; + break; + case type_passport: + fprintf(nipper->reportFile, "Nortel Passport"); + tempInt = 15; + break; + case type_bayaccelar: + fprintf(nipper->reportFile, "Bay Networks Accelar"); + tempInt = 20; + break; + case type_fw1_firewall: + fprintf(nipper->reportFile, "CheckPoint Firewall-1"); + tempInt = 21; + break; + case type_nokiaip: + fprintf(nipper->reportFile, "Nokia IP Firewall"); + tempInt = 17; + break; + case type_sonicwall: + fprintf(nipper->reportFile, "SonicWall Firewall"); + tempInt = 18; + break; + } + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + { + if (nipper->fullReport == true) + { + tempInt = tempInt + 16; + fprintf(nipper->reportFile, " Security Report\n"); + } + else + { + tempInt = tempInt + 21; + fprintf(nipper->reportFile, " Configuration Report\n"); + } + } + else + { + if (nipper->fullReport == true) + { + tempInt = tempInt + 17 + strlen(nipper->hostname); + fprintf(nipper->reportFile, " %s Security Report\n", nipper->hostname); + } + else + { + tempInt = tempInt + 22 + strlen(nipper->hostname); + fprintf(nipper->reportFile, " %s Configuration Report\n", nipper->hostname); + } + } + while (tempInt > 0) + { + fprintf(nipper->reportFile, "="); + tempInt--; + } + fprintf(nipper->reportFile, "\n\n"); + break; + + case output_latex: + fprintf(nipper->reportFile, "\\documentclass[%s]{%s}\n\n\\begin{document}\n\n", nipper->paperSize, nipper->documentClass); + break; + } + + // Reset Counters... + nipper->sectionCount = 0; + nipper->subSectionCount = 0; + + if ((nipper->outputFormat != output_xml) && (nipper->outputFormat != output_latex)) + { + // Contents + output_parseTitle("Contents", nipper, section_contents); + output_parseSectionIndex("About This Report", nipper); + output_parseIndex("Organisation", nipper, section_about); + output_parseIndex("Conventions", nipper, section_about); + + // ------------------------- + // Security Section Contents + // ------------------------- + if (nipper->fullReport == true) + { + output_parseSectionIndex(report_security_title, nipper); + + output_parseIndex("Introduction", nipper, section_security); + + // Output Section Titles... + reportTextPointer = nipper->report; + while (reportTextPointer != 0) + { + if (reportTextPointer->section == section_security) + output_parseIndex(reportTextPointer->sectionTitle, nipper, reportTextPointer->section); + reportTextPointer = reportTextPointer->next; + } + + output_parseIndex("Conclusions", nipper, section_security); + + // End of security index + switch (nipper->outputFormat) + { + case output_text: + fprintf(nipper->reportFile, "\n"); + break; + } + } + + // ------------------------------ + // Configuration Section Contents + // ------------------------------ + if (nipper->configReport == true) + { + output_parseSectionIndex(report_config_title, nipper); + + output_parseIndex("Introduction", nipper, section_config); + + // Output Section Titles... + reportTextPointer = nipper->report; + while (reportTextPointer != 0) + { + if (reportTextPointer->section == section_config) + output_parseIndex(reportTextPointer->sectionTitle, nipper, reportTextPointer->section); + reportTextPointer = reportTextPointer->next; + } + + switch (nipper->outputFormat) + { + case output_text: + fprintf(nipper->reportFile, "\n"); + break; + } + } + + // End of index + output_abbrevContents(nipper); + output_endsection(nipper, subsection_end); + } + + // Reset Counters... + nipper->sectionCount = 0; + nipper->subSectionCount = 0; + + +// --------------------------------------------------------------------------------------------------------- +// About this Report Section + + output_parseTitle("About This Report", nipper, section_main_abt); + + // Document Organisation... + output_parseTitle("Organisation", nipper, section_about); + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + output_parseText(report_organisation_fw1, nipper, section_none, rate_none, tempInt, 0); + else + output_parseText(report_organisation, nipper, section_none, rate_none, tempInt, 0); + conclusionsList = &report_organisation_heading; + if (nipper->fullReport == false) + conclusionsList->password = true; + conclusionsList = conclusionsList->next; + if (nipper->configReport == false) + conclusionsList->password = true; + conclusionsList = conclusionsList->next; + if ((nipper->appendix == false) || (nipper->abs == false)) + conclusionsList->password = true; + conclusionsList = conclusionsList->next; + if ((nipper->appendix == false) || (nipper->commonPorts == false)) + conclusionsList->password = true; + conclusionsList = conclusionsList->next; + if ((nipper->appendix == false) || (nipper->loggingLevels == false)) + conclusionsList->password = true; + conclusionsList = conclusionsList->next; + if ((nipper->appendix == false) || (nipper->timeZones == false)) + conclusionsList->password = true; + conclusionsList = conclusionsList->next; + if ((nipper->appendix == false) || (nipper->nipperVersion == false)) + conclusionsList->password = true; + conclusionsList = 0; + output_list(nipper, &report_organisation_heading); + + output_endsection(nipper, subsection_end); + + // Document conventions... + output_parseTitle("Conventions", nipper, section_about); + output_parseText(report_conventions, nipper, section_none, rate_none, 0, nipper->tableNum); + output_table(nipper, true, report_conventions_table, &report_conventions_heading); + fprintf(nipper->reportFile, "%s", nipper->tablerow_start); + output_parseText(report_conventions1_1, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + output_parseText(report_conventions1_2, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%s", nipper->tablerow_start); + output_parseText(report_conventions2_1, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + output_parseText(report_conventions2_2, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%s", nipper->tablerow_start); + output_parseText(report_conventions3_1, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + output_parseText(report_conventions3_2, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%s", nipper->tablerow_start); + output_parseText(report_conventions4_1, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + output_parseText(report_conventions4_2, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%s", nipper->tablerow_start); + output_parseText(report_conventions5_1, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + output_parseText(report_conventions5_2, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + output_table(nipper, false, report_conventions_table, &report_conventions_heading); + output_endsection(nipper, subsection_end); + + output_endsection(nipper, section_end); + + +// --------------------------------------------------------------------------------------------------------- +// Security Report Section + + // Security Report section + if (nipper->fullReport == true) + { + // Introduction + output_parseTitle(report_security_title, nipper, section_main_sec); + output_parseTitle("Introduction", nipper, section_security); + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + output_parseText(report_security_intro_fw1, nipper, section_none, rate_none, securityIssues, 0); + else + output_parseText(report_security_intro, nipper, section_none, rate_none, securityIssues, 0); + output_endsection(nipper, subsection_end); + + // Issue Sections... + reportTextPointer = nipper->report; + while (reportTextPointer != 0) + { + if (reportTextPointer->section == section_security) + { + output_parseTitle(reportTextPointer->sectionTitle, nipper, section_security); + reportTextPointer->writeSection(nipper); + output_endsection(nipper, subsection_end); + } + reportTextPointer = reportTextPointer->next; + } + + // Conclusions... + output_parseTitle("Conclusions", nipper, section_security); + if (securityIssues > 0) + { + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + output_parseText(report_security_concl_fw1, nipper, section_none, rate_none, securityIssues, 0); + else + output_parseText(report_security_concl, nipper, section_none, rate_none, securityIssues, 0); + reportTextPointer = nipper->report; + while (reportTextPointer != 0) + { + if (reportTextPointer->section == section_security) + conclusionsList = newListItem(conclusionsList, reportTextPointer->shortConText); + reportTextPointer = reportTextPointer->next; + } + output_list(nipper, conclusionsList); + while (conclusionsList != 0) + { + conclusionsPointer = conclusionsList->next; + free (conclusionsList); + conclusionsList = conclusionsPointer; + } + } + else + { + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + output_parseText(report_security_concl_fw1, nipper, section_none, rate_none, securityIssues, 0); + else + output_parseText(report_security_concl, nipper, section_none, rate_none, securityIssues, 0); + } + output_endsection(nipper, subsection_end); + + // End Section + output_endsection(nipper, section_end); + } + + +// --------------------------------------------------------------------------------------------------------- +// Configuration Report Section + + // Output report introduction + if (nipper->configReport == true) + { + output_parseTitle(report_config_title, nipper, section_main_con); + output_parseTitle("Introduction", nipper, section_config); + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + output_parseText(report_config_intro_fw1, nipper, section_none, rate_none, 0, 0); + else + output_parseText(report_config_intro, nipper, section_none, rate_none, 0, 0); + output_endsection(nipper, subsection_end); + + // Output Report Configuration Sections... + reportTextPointer = nipper->report; + while (reportTextPointer != 0) + { + if (reportTextPointer->section == section_config) + { + output_parseTitle(reportTextPointer->sectionTitle, nipper, section_config); + reportTextPointer->writeSection(nipper); + output_endsection(nipper, subsection_end); + } + reportTextPointer = reportTextPointer->next; + } + + // End Section + output_endsection(nipper, section_end); + } + + +// --------------------------------------------------------------------------------------------------------- +// Appendix Report Section + + // Appendix + if (nipper->appendix == true) + generateAppendix(nipper); + + // Output file end + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "\n\n\n"); + break; + + case output_latex: + fprintf(nipper->reportFile, "\\end{document}\n"); + break; + + case output_xml: + fprintf(nipper->reportFile, "\n"); + break; + } + + // If CSV file specified... + if (nipper->csvFilename != 0) + fclose(nipper->csvFile); + + // Close file + if (nipper->outputFile != 0) + fclose(nipper->reportFile); +} + diff --git a/0.11.10/common/nipper-acl.c b/0.11.10/common/nipper-acl.c new file mode 100644 index 0000000..af1990f --- /dev/null +++ b/0.11.10/common/nipper-acl.c @@ -0,0 +1,772 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains all the code for filtering... + +#define access_none 0 +#define access_old 1 +#define access_std 2 +#define access_ext 3 + +struct filterListConfig +{ + char name[64]; // List Name (or ID) + + // Cisco ACL... + int type; // access_old... + + // Cisco CSS... + char applyTo[32]; + + // ScreenOS List... + int global; + char fromZone[32]; // Also used for SonicOS + char toZone[32]; // Also ussed for SonicOS + + // Passport... + char listName[64]; + + // Filters / Rules... + struct filterConfig *filter; + + // Filter issue flags + int denyAllAndLog; + + // Next list... + struct filterListConfig *next; +}; + + +struct filterConfig +{ + int id; // Rule ID (ScreenOS), Clause No. (CSS) + int enabled; + int action; // Deny, Accept + struct filterObjectConfig *source; // Source + struct filterObjectConfig *sourceService; // Source Services + struct filterObjectConfig *destination; // Destination + struct filterObjectConfig *destinationService; // Destination Services + struct filterObjectConfig *through; // Through which devices (FW1) + struct filterObjectConfig *install; // Install onto the following devices (FW1) + int log; // Log traffic + char remark[128]; // Or name on Passport devices + + int deleteMe; // If this rule is to be terminated! (Internal only) + + // Firewall-1 + char uid[48]; + + // Cisco... + char protocol[32]; + int protocolType; // access_type_protocol... + + // Cisco IOS... + int established; // true or false + int fragments; // true or false + + // Passport... + int filterType; + int stop; + int inSet; + + // Filter issue flags + int anySource; + int networkSource; + int anySourceService; + int anyDestination; + int networkDestination; + int anyDestinationService; + int logging; + int logDeny; + struct filterConfig *next; +}; + + +struct filterObjectConfig +{ + char name[64]; + char netMask[16]; + int serviceOp; // access_oper_eq... + int type; // access_type_interface... + + struct filterObjectConfig *next; +}; + + +#define object_filter_destination 0 +#define object_filter_source 1 +#define object_filter_sourceService 2 +#define object_filter_service 3 +#define object_filter_install 4 +#define object_filter_through 5 + +// Gets the filter list (or creates one) and returns the pointer to it... +struct filterListConfig *getFilterList(struct nipperConfig *nipper, char *name, char *name2, int global) +{ + // Variables... + struct filterListConfig *filterListPointer = 0; + int init = false; + + // If this is the first, create... + if (nipper->filterList == 0) + { + nipper->filterList = malloc(sizeof(struct filterListConfig)); + filterListPointer = nipper->filterList; + init = true; + } + + // Find / Create Filter List... + else if ((nipper->deviceType != type_sos_firewall) && (nipper->deviceType != type_sonicwall)) + { + filterListPointer = nipper->filterList; + while ((filterListPointer->next != 0) && (strcmp(filterListPointer->name, name) != 0)) + filterListPointer = filterListPointer->next; + if (strcmp(filterListPointer->name, name) != 0) + { + filterListPointer->next = malloc(sizeof(struct filterListConfig)); + filterListPointer = filterListPointer->next; + init = true; + } + } + else + { + if (global == false) + { + filterListPointer = nipper->filterList; + while ((filterListPointer->next != 0) && !((strcmp(filterListPointer->fromZone, name) == 0) && (strcmp(filterListPointer->toZone, name2) == 0))) + filterListPointer = filterListPointer->next; + if (!((strcmp(filterListPointer->fromZone, name) == 0) && (strcmp(filterListPointer->toZone, name2) == 0))) + { + filterListPointer->next = malloc(sizeof(struct filterListConfig)); + filterListPointer = filterListPointer->next; + init = true; + } + } + else + { + filterListPointer = nipper->filterList; + while ((filterListPointer->next != 0) && (filterListPointer->global == false)) + filterListPointer = filterListPointer->next; + if (filterListPointer->global == false) + { + filterListPointer->next = malloc(sizeof(struct filterListConfig)); + filterListPointer = filterListPointer->next; + init = true; + } + } + } + + // Init? + if (init == true) + { + memset(filterListPointer, 0, sizeof(struct filterListConfig)); + if ((nipper->deviceType != type_sos_firewall) && (nipper->deviceType != type_sonicwall)) + strncpy(filterListPointer->name, name, sizeof(filterListPointer->name) - 1); + else + { + strncpy(filterListPointer->fromZone, name, sizeof(filterListPointer->fromZone) - 1); + strncpy(filterListPointer->toZone, name2, sizeof(filterListPointer->toZone) - 1); + } + filterListPointer->denyAllAndLog = false; + filterListPointer->global = global; + filterListPointer->type = access_none; + } + + return filterListPointer; +} + + +// Code that adds filter objects... +struct filterConfig *getFilter(struct filterListConfig *filterListPointer, int id) +{ + // Variables... + struct filterConfig *filterPointer; + int init = false; + + // if not filters exist... + if (filterListPointer->filter == 0) + { + filterListPointer->filter = malloc(sizeof(struct filterConfig)); + filterPointer = filterListPointer->filter; + init = true; + } + else + { + filterPointer = filterListPointer->filter; + while ((filterPointer->next != 0) && (filterPointer->id != id)) + filterPointer = filterPointer->next; + if (filterPointer->id != id) + { + filterPointer->next = malloc(sizeof(struct filterConfig)); + filterPointer = filterPointer->next; + init = true; + } + } + + // Init... + if (init == true) + { + memset(filterPointer, 0, sizeof(struct filterConfig)); + filterPointer->id = id; + } + + return filterPointer; +} + + +// Code that adds filter object members... +struct filterObjectConfig *getFilterMember(struct filterConfig *filterPointer, char *name, int objectType) +{ + // Variables... + struct filterObjectConfig *filterObjectPointer = 0; + int init = false; + + // Create / Get pointer to object... + switch (objectType) + { + case object_filter_destination: + if (filterPointer->destination == 0) + { + filterPointer->destination = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->destination; + init = true; + } + else + { + filterObjectPointer = filterPointer->destination; + while ((filterObjectPointer->next != 0) && (strcasecmp(filterObjectPointer->name, name) != 0)) + filterObjectPointer = filterObjectPointer->next; + if (strcasecmp(filterObjectPointer->name, name) != 0) + { + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + init = true; + } + } + break; + + case object_filter_source: + if (filterPointer->source == 0) + { + filterPointer->source = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->source; + init = true; + } + else + { + filterObjectPointer = filterPointer->source; + while ((filterObjectPointer->next != 0) && (strcasecmp(filterObjectPointer->name, name) != 0)) + filterObjectPointer = filterObjectPointer->next; + if (strcasecmp(filterObjectPointer->name, name) != 0) + { + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + init = true; + } + } + break; + + case object_filter_sourceService: + if (filterPointer->sourceService == 0) + { + filterPointer->sourceService = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->sourceService; + init = true; + } + else + { + filterObjectPointer = filterPointer->sourceService; + while ((filterObjectPointer->next != 0) && (strcasecmp(filterObjectPointer->name, name) != 0)) + filterObjectPointer = filterObjectPointer->next; + if (strcasecmp(filterObjectPointer->name, name) != 0) + { + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + init = true; + } + } + break; + + case object_filter_service: + if (filterPointer->destinationService == 0) + { + filterPointer->destinationService = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->destinationService; + init = true; + } + else + { + filterObjectPointer = filterPointer->destinationService; + while ((filterObjectPointer->next != 0) && (strcasecmp(filterObjectPointer->name, name) != 0)) + filterObjectPointer = filterObjectPointer->next; + if (strcasecmp(filterObjectPointer->name, name) != 0) + { + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + init = true; + } + } + break; + + case object_filter_install: + if (filterPointer->install == 0) + { + filterPointer->install = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->install; + init = true; + } + else + { + filterObjectPointer = filterPointer->install; + while ((filterObjectPointer->next != 0) && (strcasecmp(filterObjectPointer->name, name) != 0)) + filterObjectPointer = filterObjectPointer->next; + if (strcasecmp(filterObjectPointer->name, name) != 0) + { + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + init = true; + } + } + break; + + case object_filter_through: + if (filterPointer->through == 0) + { + filterPointer->through = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterPointer->through; + init = true; + } + else + { + filterObjectPointer = filterPointer->through; + while ((filterObjectPointer->next != 0) && (strcasecmp(filterObjectPointer->name, name) != 0)) + filterObjectPointer = filterObjectPointer->next; + if (strcasecmp(filterObjectPointer->name, name) != 0) + { + filterObjectPointer->next = malloc(sizeof(struct filterObjectConfig)); + filterObjectPointer = filterObjectPointer->next; + init = true; + } + } + break; + } + + // Init... + if (init == true) + { + memset(filterObjectPointer, 0, sizeof(struct filterObjectConfig)); + strncpy(filterObjectPointer->name, name, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->serviceOp = service_oper_eq; + } + + return filterObjectPointer; +} + + +// Insert a remark into a filter list... +void insertFilterRemark(struct filterListConfig *filterListPointer, struct filterConfig *filterPointer, int before, char *remark) +{ + // Variables... + struct filterConfig *insertFilterPointer = 0; + struct filterConfig *searchFilterPointer = 0; + + // Create new filter for the remark and init... + insertFilterPointer = malloc(sizeof(struct filterConfig)); + memset(insertFilterPointer, 0, sizeof(struct filterConfig)); + insertFilterPointer->action = filter_action_remark; + strncpy(insertFilterPointer->remark, remark, sizeof(insertFilterPointer->remark) - 1); + + // Put it in the right place in the list... + if ((before == false) && (filterPointer == 0)) + { + // if first + if (filterListPointer->filter == 0) + filterListPointer->filter = insertFilterPointer; + else + { + searchFilterPointer = filterListPointer->filter; + while (searchFilterPointer->next != 0) + searchFilterPointer = searchFilterPointer->next; + searchFilterPointer->next = insertFilterPointer; + } + } + else if ((before == true) && (filterListPointer->filter == filterPointer)) + { + insertFilterPointer->next = filterPointer; + filterListPointer->filter = insertFilterPointer; + } + else if (before == true) + { + insertFilterPointer->next = filterPointer; + searchFilterPointer = filterListPointer->filter; + while (searchFilterPointer->next != filterPointer) + searchFilterPointer = searchFilterPointer->next; + searchFilterPointer->next = insertFilterPointer; + } + else + { + insertFilterPointer->next = filterPointer->next; + filterPointer->next = insertFilterPointer; + } +} + + +// Search for network objects... +int searchForNetworkObjects(struct nipperConfig *nipper, char *name) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct objectMember *memberPointer = 0; + int foundNetwork = false; + + // Search for network objects... + objectListPointer = nipper->objectList; + while ((objectListPointer != 0) && (foundNetwork == false)) + { + objectPointer = objectListPointer->object; + while ((objectPointer != 0) && (foundNetwork == false)) + { + + // If object has been found... + if (strcmp(objectPointer->name, name) == 0) + { + // Look at the current object first... + if ((objectPointer->type == object_type_network) || (objectPointer->type == object_type_machinesrange) || (objectPointer->type == object_type_dynamicnet)) + foundNetwork = true; + + // Look at member objects next... + else + { + memberPointer = objectPointer->members; + while ((memberPointer != 0) && (foundNetwork == false)) + { + + if ((memberPointer->type == object_type_network) || (memberPointer->type == object_type_machinesrange) || (memberPointer->type == object_type_dynamicnet)) + foundNetwork = true; + else if ((memberPointer->type == object_type_group) || (memberPointer->type == object_type_object)) + foundNetwork = searchForNetworkObjects(nipper, memberPointer->name); + + // Next member... + memberPointer = memberPointer->next; + } + } + } + + // Next object... + objectPointer = objectPointer->next; + } + + // Next object list... + objectListPointer = objectListPointer->next; + } + + return foundNetwork; +} + + +// The code that looks for audit issues... +void rulesAudit(struct nipperConfig *nipper) +{ + // Variables... + struct filterObjectConfig *filterObjectPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + int tempInt = 0; + + // Disable source service checking for those devices that dont support it + switch (nipper->deviceType) + { + case type_fw1_firewall: + case type_nokiaip: + nipper->rejectRulesIssue = false; + nipper->bypassRulesIssue = false; + nipper->defaultRulesIssue = false; + nipper->anySourceServiceIssue = false; + break; + case type_sos_firewall: + nipper->anySourceServiceIssue = false; + nipper->bypassRulesIssue = false; + nipper->defaultRulesIssue = false; + break; + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + nipper->bypassRulesIssue = false; + nipper->rejectRulesIssue = false; + nipper->defaultRulesIssue = false; + break; + case type_css_filter: + nipper->rejectRulesIssue = false; + nipper->disabledRulesIssue = false; + nipper->defaultRulesIssue = false; + break; + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + nipper->bypassRulesIssue = false; + nipper->rejectRulesIssue = false; + nipper->disabledRulesIssue = false; + nipper->defaultRulesIssue = false; + break; + case type_passport: + case type_bayaccelar: + nipper->bypassRulesIssue = false; + nipper->rejectRulesIssue = false; + nipper->disabledRulesIssue = false; + nipper->logDenyRulesIssue = false; + nipper->allRulesLogIssue = false; + nipper->denyLogIssue = false; + break; + case type_sonicwall: + nipper->bypassRulesIssue = false; + nipper->defaultRulesIssue = false; + break; + } + + // Check for Any and Log issues... + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->action != filter_action_remark) + { + // Check for disabled... + if ((filterPointer->enabled == false) && (nipper->disabledRulesIssue == true)) + nipper->disabledRules++; + + // Check for reject... + if ((filterPointer->action == filter_action_reject) && (nipper->rejectRulesIssue == true)) + nipper->rejectRules++; + + // Check for bypass... + if ((filterPointer->action == filter_action_bypass) && (nipper->bypassRulesIssue == true)) + nipper->bypassRules++; + + // Check for bypass... + if ((filterPointer->action == filter_action_default) && (nipper->defaultRulesIssue == true)) + nipper->defaultRules++; + + // Check for Any source... + if ((filterPointer->action == filter_action_accept) && (nipper->anySourceIssue == true)) + { + filterObjectPointer = filterPointer->source; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->type == object_type_any) + filterPointer->anySource = true; + filterObjectPointer = filterObjectPointer->next; + } + if (filterPointer->anySource == true) + nipper->anySource++; + } + + // Check for network source... + if ((filterPointer->action == filter_action_accept) && (nipper->networkSourceIssue == true)) + { + filterObjectPointer = filterPointer->source; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->type == object_type_network) + filterPointer->networkSource = true; + else if ((filterObjectPointer->type == object_type_group) || (filterObjectPointer->type == object_type_object)) + { + tempInt = searchForNetworkObjects(nipper, filterObjectPointer->name); + if (tempInt == true) + filterPointer->networkSource = true; + } + filterObjectPointer = filterObjectPointer->next; + } + if (filterPointer->networkSource == true) + nipper->networkSource++; + } + + // If not standard ACL (for PIX, IOS...) + if (filterListPointer->type != access_std) + { + + // Check for Any source service... + if ((filterPointer->action == filter_action_accept) && (nipper->anySourceServiceIssue == true)) + { + filterObjectPointer = filterPointer->sourceService; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->serviceOp == service_oper_any) + filterPointer->anySourceService = true; + filterObjectPointer = filterObjectPointer->next; + } + if (filterPointer->anySourceService == true) + nipper->anySourceService++; + } + + // Check for Any destination... + if ((filterPointer->action == filter_action_accept) && (nipper->anyDestinationIssue == true)) + { + filterObjectPointer = filterPointer->destination; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->type == object_type_any) + filterPointer->anyDestination = true; + filterObjectPointer = filterObjectPointer->next; + } + if (filterPointer->anyDestination == true) + nipper->anyDestination++; + } + + // Check for network destination... + if ((filterPointer->action == filter_action_accept) && (nipper->networkDestinationIssue == true)) + { + filterObjectPointer = filterPointer->destination; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->type == object_type_network) + filterPointer->networkDestination = true; + else if ((filterObjectPointer->type == object_type_group) || (filterObjectPointer->type == object_type_object)) + { + tempInt = searchForNetworkObjects(nipper, filterObjectPointer->name); + if (tempInt == true) + filterPointer->networkDestination = true; + } + filterObjectPointer = filterObjectPointer->next; + } + if (filterPointer->networkDestination == true) + nipper->networkDestination++; + } + + // Check for Any destination service... + if ((filterPointer->action == filter_action_accept) && (nipper->anyDestinationServiceIssue == true)) + { + filterObjectPointer = filterPointer->destinationService; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->serviceOp == service_oper_any) + filterPointer->anyDestinationService = true; + filterObjectPointer = filterObjectPointer->next; + } + if (filterPointer->anyDestinationService == true) + nipper->anyDestinationService++; + } + + // Filters with deny and log rules... + if ((nipper->logDenyRulesIssue == true) && (filterPointer->action != filter_action_accept) && (filterPointer->log == false)) + { + nipper->logDenyRules++; + filterPointer->logDeny = true; + } + } + + // Not PIX std access lists... + if (!(((nipper->deviceType == type_pix_firewall) || (nipper->deviceType == type_asa_firewall) || (nipper->deviceType == type_fwsm_firewall)) && (filterListPointer->type == access_std))) + { + // Filters with no logging... + if ((nipper->allRulesLogIssue == true) && (filterPointer->log == false) && (filterPointer->logDeny == false)) + { + if ((filterPointer->next != 0) || (nipper->denyLogIssue == false)) + { + filterPointer->logging = true; + nipper->filtersWithNoLogging++; + } + } + + // Filters ending with deny all and log + tempInt = false; + if ((nipper->denyLogIssue == true) && (filterPointer->action != filter_action_remark)) + { + if (filterPointer->next == 0) + tempInt = true; + else if ((filterPointer->next->action == filter_action_remark) && (filterPointer->next->next == 0)) + tempInt = true; + } + if (tempInt == true) + { + tempInt = false; + if (filterPointer->action != filter_action_drop) + tempInt = true; + filterObjectPointer = filterPointer->source; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->type != object_type_any) + tempInt = true; + filterObjectPointer = filterObjectPointer->next; + } + filterObjectPointer = filterPointer->sourceService; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->serviceOp != service_oper_any) + tempInt = true; + filterObjectPointer = filterObjectPointer->next; + } + filterObjectPointer = filterPointer->destination; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->type != object_type_any) + tempInt = true; + filterObjectPointer = filterObjectPointer->next; + } + filterObjectPointer = filterPointer->destinationService; + while (filterObjectPointer != 0) + { + if (filterObjectPointer->serviceOp != service_oper_any) + tempInt = true; + filterObjectPointer = filterObjectPointer->next; + } + if (tempInt == true) + { + nipper->denyAllAndLog++; + filterListPointer->denyAllAndLog = true; + } + } + } + } + + filterPointer = filterPointer->next; + } + filterListPointer = filterListPointer->next; + } + + // Add to ACL issues... + nipper->aclIssues += nipper->anySource; + nipper->aclIssues += nipper->networkSource; + nipper->aclIssues += nipper->rejectRules; + nipper->aclIssues += nipper->bypassRules; + nipper->aclIssues += nipper->defaultRules; + nipper->aclIssues += nipper->logDenyRules; + nipper->aclIssues += nipper->anySourceService; + nipper->aclIssues += nipper->anyDestination; + nipper->aclIssues += nipper->networkDestination; + nipper->aclIssues += nipper->anyDestinationService; + nipper->aclIssues += nipper->filtersWithNoLogging; + nipper->aclIssues += nipper->denyAllAndLog; + nipper->aclIssues += nipper->disabledRules; +} + + diff --git a/0.11.10/common/nipper-base64.c b/0.11.10/common/nipper-base64.c new file mode 100644 index 0000000..a30ac01 --- /dev/null +++ b/0.11.10/common/nipper-base64.c @@ -0,0 +1,254 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// See RFC3548 for details of Base64 Encode / Decode standards + +static const char base64string[] = {62, -1, -1, -1, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, 0, -1, -1, -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51}; + + +// Base64 character check +int checkBase64Char(char inputChar) +{ + if (inputChar > 122) + return -1; + if (inputChar < 43) + return -1; + else + return base64string[inputChar - 43]; +} + + +// Base64 character strip (gets rid of odd characters at the end) +void base64StringStrip(char *inputString) +{ + // Variables... + char endChar; + + // Stripped Characters... + // 32 - Space + // 10 - Line Feed + // 13 - Carridge Return + if (strlen(inputString) != 0) + { + // Loop until characters have gone... + endChar = inputString[strlen(inputString) - 1]; + while (checkBase64Char(endChar) == -1) + { + inputString[strlen(inputString) - 1] = 0; + endChar = inputString[strlen(inputString) - 1]; + } + } +} + + +int base64DecodeChars(char *inputString) +{ + // Variables... + int stringLoop = 0; + char *outString = inputString; + int equalsReplaced = false; + int percentUsed = 0; + char inter1, inter2, inter3, inter4 = 0; + + // Strip unwanted characters from the end of the string + base64StringStrip(inputString); + + // Convert from base64 converts every 4 characters to 3. This is due to + // base64 conversion from 6bit to 8bit characters. + while (inputString[0] != 0) + { + // Decode characters + inter1 = checkBase64Char(inputString[0]); + if (inter1 == -1) + return false; + inputString++; + if (inputString[0] != 0) + { + inter2 = checkBase64Char(inputString[0]); + if (inter2 == -1) + return false; + } + else + inter2 = 0; + inputString++; + if (inputString[0] != 0) + { + inter3 = checkBase64Char(inputString[0]); + if (inter3 == -1) + return false; + } + else + inter3 = 0; + inputString++; + if (inputString[0] != 0) + { + inter4 = checkBase64Char(inputString[stringLoop]); + if (inter4 == -1) + return false; + } + else + inter4 = 0; + inputString++; + + // Convert 4 6 bit characters into 3 8 bit ones... + // First char... + outString[0] = (inter1 << 2) | (inter2 >> 4); + if ((outString[0] == '=') && (equalsReplaced == false)) + { + equalsReplaced = true; + outString[0] = ' '; + } + else if (outString[0] == '&') + { + equalsReplaced = false; + outString[0] = '\n'; + } + else if (percentUsed == 2) + { + if (strncmp(outString - 2, "%20", 3) == 0) + { + outString -= 2; + outString[0] = ' '; + } + else if (strncmp(outString - 2, "%26", 3) == 0) + { + outString -= 2; + outString[0] = '&'; + } + else if (strncmp(outString - 2, "%3a", 3) == 0) + { + outString -= 2; + outString[0] = ':'; + } + else if (strncmp(outString - 2, "%3f", 3) == 0) + { + outString -= 2; + outString[0] = '?'; + } + percentUsed = 0; + } + else if (percentUsed == 1) + percentUsed = 2; + else if (outString[0] == '%') + percentUsed = 1; + outString++; + + // Second char... + outString[0] = ((inter2 << 4) & 240) | (inter3 >> 2); + if ((outString[0] == '=') && (equalsReplaced == false)) + { + equalsReplaced = true; + outString[0] = ' '; + } + else if (outString[0] == '&') + { + equalsReplaced = false; + outString[0] = '\n'; + } + else if (percentUsed == 2) + { + if (strncmp(outString - 2, "%20", 3) == 0) + { + outString -= 2; + outString[0] = ' '; + } + else if (strncmp(outString - 2, "%26", 3) == 0) + { + outString -= 2; + outString[0] = '&'; + } + else if (strncmp(outString - 2, "%3a", 3) == 0) + { + outString -= 2; + outString[0] = ':'; + } + else if (strncmp(outString - 2, "%3f", 3) == 0) + { + outString -= 2; + outString[0] = '?'; + } + percentUsed = 0; + } + else if (percentUsed == 1) + percentUsed = 2; + else if (outString[0] == '%') + percentUsed = 1; + outString++; + + // Third char... + outString[0] = ((inter3 << 6) & 192)| inter4; + if ((outString[0] == '=') && (equalsReplaced == false)) + { + equalsReplaced = true; + outString[0] = ' '; + } + else if (outString[0] == '&') + { + equalsReplaced = false; + outString[0] = '\n'; + } + else if (percentUsed == 2) + { + if (strncmp(outString - 2, "%20", 3) == 0) + { + outString -= 2; + outString[0] = ' '; + } + else if (strncmp(outString - 2, "%26", 3) == 0) + { + outString -= 2; + outString[0] = '&'; + } + else if (strncmp(outString - 2, "%3a", 3) == 0) + { + outString -= 2; + outString[0] = ':'; + } + else if (strncmp(outString - 2, "%3f", 3) == 0) + { + outString -= 2; + outString[0] = '?'; + } + percentUsed = 0; + } + else if (percentUsed == 1) + percentUsed = 2; + else if (outString[0] == '%') + percentUsed = 1; + outString++; + } + + // String end... + outString[0] = 0; + + return true; +} + + diff --git a/0.11.10/common/nipper-cleanup.c b/0.11.10/common/nipper-cleanup.c new file mode 100644 index 0000000..c0515a8 --- /dev/null +++ b/0.11.10/common/nipper-cleanup.c @@ -0,0 +1,215 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +void cleanup(struct nipperConfig *nipper) +{ + // Program variables... + struct debugAbbrev *debugAbPointer = 0; + struct johnPassword *johnPointer = 0; + struct reportText *reportTextPointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct objectMember *memberPointer = 0; + struct hostInterfaces *fw1InterfacePointer = 0; + + // Debug Abbreviations + while (debugAb != 0) + { + debugAbPointer = debugAb->next; + free(debugAb); + debugAb = debugAbPointer; + } + + // CSS from config... + if (nipper->cssFromConfig != 0) + free(nipper->cssFromConfig); + + // Device Model from config... + if (nipper->deviceModelInt != 0) + free(nipper->deviceModelInt); + + // Dict file from config... + if (nipper->dictionaryFilename != 0) + free(nipper->dictionaryFilename); + + // If Dict file is open... + if (nipper->dictFile != 0) + fclose(nipper->dictFile); + + // Filter Lists... + while (nipper->filterList != 0) + { + while (nipper->filterList->filter != 0) + { + while (nipper->filterList->filter->source != 0) + { + filterObjectPointer = nipper->filterList->filter->source->next; + free (nipper->filterList->filter->source); + nipper->filterList->filter->source = filterObjectPointer; + } + while (nipper->filterList->filter->sourceService != 0) + { + filterObjectPointer = nipper->filterList->filter->sourceService->next; + free (nipper->filterList->filter->sourceService); + nipper->filterList->filter->sourceService = filterObjectPointer; + } + while (nipper->filterList->filter->destination != 0) + { + filterObjectPointer = nipper->filterList->filter->destination->next; + free (nipper->filterList->filter->destination); + nipper->filterList->filter->destination = filterObjectPointer; + } + while (nipper->filterList->filter->destinationService != 0) + { + filterObjectPointer = nipper->filterList->filter->destinationService->next; + free (nipper->filterList->filter->destinationService); + nipper->filterList->filter->destinationService = filterObjectPointer; + } + while (nipper->filterList->filter->through != 0) + { + filterObjectPointer = nipper->filterList->filter->through->next; + free (nipper->filterList->filter->through); + nipper->filterList->filter->through = filterObjectPointer; + } + while (nipper->filterList->filter->install != 0) + { + filterObjectPointer = nipper->filterList->filter->install->next; + free (nipper->filterList->filter->install); + nipper->filterList->filter->install = filterObjectPointer; + } + filterPointer = nipper->filterList->filter->next; + free (nipper->filterList->filter); + nipper->filterList->filter = filterPointer; + } + filterListPointer = nipper->filterList->next; + free (nipper->filterList); + nipper->filterList = filterListPointer; + } + + // Object Lists and Objects... + while (nipper->objectList != 0) + { + while (nipper->objectList->object != 0) + { + while (nipper->objectList->object->members != 0) + { + memberPointer = nipper->objectList->object->members->next; + free (nipper->objectList->object->members); + nipper->objectList->object->members = memberPointer; + } + while (nipper->objectList->object->interfaces != 0) + { + fw1InterfacePointer = nipper->objectList->object->interfaces->next; + free (nipper->objectList->object->interfaces); + nipper->objectList->object->interfaces = fw1InterfacePointer; + } + objectPointer = nipper->objectList->object->next; + free (nipper->objectList->object); + nipper->objectList->object = objectPointer; + } + objectListPointer = nipper->objectList->next; + free (nipper->objectList); + nipper->objectList = objectListPointer; + } + + // Cleanup device type structures + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + if (nipper->ios != 0) + cleanupIOS(nipper); + break; + + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if (nipper->pix != 0) + cleanupPIX(nipper); + break; + + case type_cos_catalyst: + case type_nmp_catalyst: + if (nipper->nmp != 0) + cleanupNMP(nipper); + break; + + case type_css_filter: + if (nipper->css != 0) + cleanupCSS(nipper); + break; + + case type_sos_firewall: + if (nipper->sos != 0) + cleanupSOS(nipper); + break; + + case type_bayaccelar: + case type_passport: + if (nipper->pas != 0) + cleanupPAS(nipper); + break; + + case type_nokiaip: + case type_fw1_firewall: + if (nipper->fw1 != 0) + cleanupFW1(nipper); + break; + + case type_sonicwall: + if (nipper->sonicos != 0) + cleanupSonicOS(nipper); + break; + } + + // Cleanup report text + while (nipper->report != 0) + { + reportTextPointer = nipper->report->next; + free(nipper->report); + nipper->report = reportTextPointer; + } + + // Cleanup John-the-ripper + while (nipper->john != 0) + { + johnPointer = nipper->john->next; + free(nipper->john); + nipper->john = johnPointer; + } + + // Cleanup nipper struct... + free (nipper); +} + diff --git a/0.11.10/common/nipper-cmdoptions.c b/0.11.10/common/nipper-cmdoptions.c new file mode 100644 index 0000000..03bd7bd --- /dev/null +++ b/0.11.10/common/nipper-cmdoptions.c @@ -0,0 +1,468 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains all the code to get the command-line options... + +void getCommandOptions(int argc, char *argv[], struct nipperConfig *nipper) +{ + // Variables... + int argLoop; + + // Get program parameters + for (argLoop = 1; argLoop < argc; argLoop++) + { + // Output format specified + if ((strncmp("--output-format=", argv[argLoop], 16) == 0) || (strncmp("--report-format=", argv[argLoop], 16) == 0)) + { + if (strcmp("text", argv[argLoop]+16) == 0) + nipper->outputFormat = output_text; + else if (strcmp("html", argv[argLoop]+16) == 0) + nipper->outputFormat = output_html; + else if (strcmp("latex", argv[argLoop]+16) == 0) + nipper->outputFormat = output_latex; + else if (strcmp("xml", argv[argLoop]+16) == 0) + nipper->outputFormat = output_xml; + else + nipper->nipperMode = mode_help; + } + else if (strncmp("--text", argv[argLoop], 6) == 0) + nipper->outputFormat = output_text; + else if (strncmp("--html", argv[argLoop], 6) == 0) + nipper->outputFormat = output_html; + else if (strncmp("--latex", argv[argLoop], 7) == 0) + nipper->outputFormat = output_latex; + else if (strncmp("--xml", argv[argLoop], 5) == 0) + nipper->outputFormat = output_xml; + + // Input file (defaults to stdin) + else if ((strncmp("--input=", argv[argLoop], 8) == 0) && (strlen(argv[argLoop]) > 8)) + nipper->inputName = argv[argLoop] + 8; + + // Output file (defaults to stdout) + else if (((strncmp("--output=", argv[argLoop], 9) == 0) || (strncmp("--report=", argv[argLoop], 9) == 0)) && (strlen(argv[argLoop]) > 9)) + nipper->outputFile = argv[argLoop] + 9; + + // Configuration File + else if ((strncmp("--config=", argv[argLoop], 9) == 0) && (strlen(argv[argLoop]) > 9)) + configFilename = argv[argLoop] + 9; + + // CSV File... + else if ((strncmp("--csv=", argv[argLoop], 6) == 0) && (strlen(argv[argLoop]) > 6)) + nipper->csvFilename = argv[argLoop] + 6; + + // Password output + else if (strcmp("--no-passwords", argv[argLoop]) == 0) + nipper->passwords = false; + + // Force + else if (strcmp("--force", argv[argLoop]) == 0) + nipper->force = true; + + // Do not perform a security audit + else if (strcmp("--no-audit", argv[argLoop]) == 0) + nipper->fullReport = false; + + // Do include a configuration report + else if (strcmp("--no-config", argv[argLoop]) == 0) + nipper->configReport = false; + + // Expand ACL object definitions + else if (strcmp("--expand-acl", argv[argLoop]) == 0) + nipper->expandACL = true; + + // Rule Comments + else if (strcmp("--rule-comments", argv[argLoop]) == 0) + nipper->showACLComments = true; + + // Debug output + else if (strcmp("--debug", argv[argLoop]) == 0) + nipper->debugMode = true; + else if (strcmp("--debug-lnp", argv[argLoop]) == 0) + nipper->linesnotprocessed = true; + + // Router + else if ((strcmp("--ios-router", argv[argLoop]) == 0) || (strcmp("--ios", argv[argLoop]) == 0)) + nipper->deviceType = type_ios_router; + + // Cisco Router + else if (strcmp("--ios-switch", argv[argLoop]) == 0) + nipper->deviceType = type_ios_switch; + + // Cisco Catalyst + else if (strcmp("--ios-catalyst", argv[argLoop]) == 0) + nipper->deviceType = type_ios_catalyst; + else if (strcmp("--catos", argv[argLoop]) == 0) + nipper->deviceType = type_cos_catalyst; + else if (strcmp("--nmp", argv[argLoop]) == 0) + nipper->deviceType = type_nmp_catalyst; + + // Cisco Firewall + else if (strcmp("--pix", argv[argLoop]) == 0) + nipper->deviceType = type_pix_firewall; + else if (strcmp("--asa", argv[argLoop]) == 0) + nipper->deviceType = type_asa_firewall; + else if (strcmp("--fwsm", argv[argLoop]) == 0) + nipper->deviceType = type_fwsm_firewall; + + // Cisco CSS + else if (strcmp("--css", argv[argLoop]) == 0) + nipper->deviceType = type_css_filter; + + // CheckPoint Firewall-1 + else if ((strcmp("--fw1", argv[argLoop]) == 0) || (strcmp("--firewall1", argv[argLoop]) == 0)) + nipper->deviceType = type_fw1_firewall; + + // Nokia IP + else if ((strcmp("--nokia", argv[argLoop]) == 0) || (strcmp("--nokiaip", argv[argLoop]) == 0)) + nipper->deviceType = type_nokiaip; + + // SonicWall Firewall + else if ((strcmp("--sonicwall", argv[argLoop]) == 0) || (strcmp("--sonicos", argv[argLoop]) == 0)) + nipper->deviceType = type_sonicwall; + + // Nortel Passport + else if (strcmp("--passport", argv[argLoop]) == 0) + nipper->deviceType = type_passport; + + // Bay Networks Accelar + else if (strcmp("--accelar", argv[argLoop]) == 0) + nipper->deviceType = type_bayaccelar; + + // Juniper ScreenOS + else if ((strcmp("--netscreen", argv[argLoop]) == 0) || (strcmp("--screenos", argv[argLoop]) == 0)) + nipper->deviceType = type_sos_firewall; + + // Device Model... + else if (strncmp("--model=", argv[argLoop], 8) == 0) + nipper->deviceModel = argv[argLoop] + 8; + + // Set Timeout + else if (strncmp("--timeout=", argv[argLoop], 10) == 0) + { + if (atoi(argv[argLoop] + 10) != 0) + nipper->connectionTimeout = atoi(argv[argLoop] + 10); + } + + // Dictionary supplied + else if (strncmp("--stylesheet=", argv[argLoop], 13) == 0) + nipper->cssFile = argv[argLoop] + 13; + + // Company name specified + else if (strncmp("--company-name=", argv[argLoop], 15) == 0) + strncpy(nipper->companyName, argv[argLoop] + 15, sizeof(nipper->companyName) - 1); + + // Company name specified + else if (strncmp("--device-name=", argv[argLoop], 14) == 0) + strncpy(nipper->hostname, argv[argLoop] + 14, sizeof(nipper->hostname) - 1); + + // Password Length + else if (strncmp("--pass-length=", argv[argLoop], 14) == 0) + nipper->passwordLength = atoi(argv[argLoop] + 14); + + // Password Uppers + else if (strcmp("--pass-uppers=yes", argv[argLoop]) == 0) + nipper->passwordUppers = true; + else if (strcmp("--pass-uppers=no", argv[argLoop]) == 0) + nipper->passwordUppers = false; + + // Password Lowers + else if (strcmp("--pass-lowers=yes", argv[argLoop]) == 0) + nipper->passwordLowers = true; + else if (strcmp("--pass-lowers=no", argv[argLoop]) == 0) + nipper->passwordLowers = false; + + // Password Either + else if (strcmp("--pass-either=yes", argv[argLoop]) == 0) + nipper->passwordEither = true; + else if (strcmp("--pass-either=no", argv[argLoop]) == 0) + nipper->passwordEither = false; + + // Password Numbers + else if (strcmp("--pass-numbers=yes", argv[argLoop]) == 0) + nipper->passwordNumbers = true; + else if (strcmp("--pass-numbers=no", argv[argLoop]) == 0) + nipper->passwordNumbers = false; + + // Password Specials + else if (strcmp("--pass-specials=yes", argv[argLoop]) == 0) + nipper->passwordSpecials = true; + else if (strcmp("--pass-specials=no", argv[argLoop]) == 0) + nipper->passwordSpecials = false; + + // Deny all and log filtering + else if (strcmp("--deny-log", argv[argLoop]) == 0) + nipper->denyLogIssue = true; + else if (strcmp("--no-deny-log", argv[argLoop]) == 0) + nipper->denyLogIssue = false; + + // Any Source + else if (strcmp("--no-any-source", argv[argLoop]) == 0) + nipper->anySourceIssue = false; + else if (strcmp("--any-source", argv[argLoop]) == 0) + nipper->anySourceIssue = true; + + // Network Source + else if (strcmp("--no-network-source", argv[argLoop]) == 0) + nipper->networkSourceIssue = false; + else if (strcmp("--network-source", argv[argLoop]) == 0) + nipper->networkSourceIssue = true; + + // Source Service + else if (strcmp("--no-source-service", argv[argLoop]) == 0) + nipper->anySourceServiceIssue = false; + else if (strcmp("--source-service", argv[argLoop]) == 0) + nipper->anySourceServiceIssue = true; + + // Any Destination + else if (strcmp("--no-any-destination", argv[argLoop]) == 0) + nipper->anyDestinationIssue = false; + else if (strcmp("--any-destination", argv[argLoop]) == 0) + nipper->anyDestinationIssue = true; + + // Network Destination + else if (strcmp("--no-network-destination", argv[argLoop]) == 0) + nipper->networkDestinationIssue = false; + else if (strcmp("--network-destination", argv[argLoop]) == 0) + nipper->networkDestinationIssue = true; + + // Destination Service + else if (strcmp("--no-destination-service", argv[argLoop]) == 0) + nipper->anyDestinationServiceIssue = false; + else if (strcmp("--destination-service", argv[argLoop]) == 0) + nipper->anyDestinationServiceIssue = true; + + // Log Rules + else if (strcmp("--no-log-rules", argv[argLoop]) == 0) + nipper->allRulesLogIssue = false; + else if (strcmp("--log-rules", argv[argLoop]) == 0) + nipper->allRulesLogIssue = true; + + // Disabled Rules + else if (strcmp("--no-disabled-rules", argv[argLoop]) == 0) + nipper->disabledRulesIssue = false; + else if (strcmp("--disabled-rules", argv[argLoop]) == 0) + nipper->disabledRulesIssue = true; + + // Reject Rules + else if (strcmp("--no-reject-rules", argv[argLoop]) == 0) + nipper->rejectRulesIssue = false; + else if (strcmp("--reject-rules", argv[argLoop]) == 0) + nipper->rejectRulesIssue = true; + + // Bypass Rules + else if (strcmp("--no-bypass-rules", argv[argLoop]) == 0) + nipper->bypassRulesIssue = false; + else if (strcmp("--bypass-rules", argv[argLoop]) == 0) + nipper->bypassRulesIssue = true; + + // Default Rules + else if (strcmp("--no-default-rules", argv[argLoop]) == 0) + nipper->defaultRulesIssue = false; + else if (strcmp("--default-rules", argv[argLoop]) == 0) + nipper->defaultRulesIssue = true; + + // Log Deny Rules + else if (strcmp("--no-log-deny-rules", argv[argLoop]) == 0) + nipper->logDenyRulesIssue = false; + else if (strcmp("--log-deny-rules", argv[argLoop]) == 0) + nipper->logDenyRulesIssue = true; + + // Latex paper size + else if (strncmp("--paper=", argv[argLoop], 8) == 0) + strncpy(nipper->paperSize, argv[argLoop]+8, sizeof(nipper->paperSize) - 1); + + // Latex document class + else if (strncmp("--documentclass=", argv[argLoop], 16) == 0) + strncpy(nipper->documentClass, argv[argLoop]+16, sizeof(nipper->documentClass) - 1); + + // Appendix + else if (strcmp("--no-appendix", argv[argLoop]) == 0) + nipper->appendix = false; + + // Glossary + else if (strcmp("--no-glossary", argv[argLoop]) == 0) + nipper->glossary = false; + + // Common Ports + else if (strcmp("--no-ports", argv[argLoop]) == 0) + nipper->commonPorts = false; + + // Nipper Version Appendix + else if (strcmp("--no-version", argv[argLoop]) == 0) + nipper->nipperVersion = false; + + // Edge device + else if (strcmp("--location=edge", argv[argLoop]) == 0) + nipper->deviceUse = use_edge; + + // Internal device + else if (strcmp("--location=internal", argv[argLoop]) == 0) + nipper->deviceUse = use_internal; + + // Logging Levels Appendix + else if (strcmp("--no-logging", argv[argLoop]) == 0) + nipper->loggingLevels = false; + + // Time Zone Appendix + else if (strcmp("--no-timezones", argv[argLoop]) == 0) + nipper->timeZones = false; + + // Abbreviations + else if (strcmp("--no-abbreviations", argv[argLoop]) == 0) + nipper->abs = false; + + // Show host / network names instead of IP addresses (where possible) + else if (strcmp("--no-names", argv[argLoop]) == 0) + nipper->names = true; + + // Show host / network names instead of IP addresses (where possible) + else if (strcmp("--debug-abbreviations", argv[argLoop]) == 0) + nipper->debugAbbrev = true; + + // John the ripper output + else if ((strncmp("--john=", argv[argLoop], 7) == 0) && (strlen(argv[argLoop]) > 7)) + nipper->johnFile = argv[argLoop] + 7; + + // Dictionary supplied + else if (strncmp("--dictionary=", argv[argLoop], 13) == 0) + nipper->dictionaryFile = argv[argLoop] + 13; + +#if !defined(__WIN32__) + // Remote Cisco Device IP + else if (strncmp("--cisco-ip=", argv[argLoop], 11) == 0) + strncpy(nipper->remoteIP, argv[argLoop] + 11, sizeof(nipper->remoteIP) - 1); + + // Remote Cisco Device IP (Local) + else if (strncmp("--local-ip=", argv[argLoop], 11) == 0) + strncpy(nipper->localIP, argv[argLoop] + 11, sizeof(nipper->localIP) - 1); + + // Remote Cisco Device SNMP read/write community + else if (strncmp("--snmp=", argv[argLoop], 7) == 0) + strncpy(nipper->remoteSnmp, argv[argLoop] + 7, sizeof(nipper->remoteSnmp) - 1); + + // Local TFTP server to use + else if (strncmp("--tftproot=", argv[argLoop], 11) == 0) + strncpy(nipper->remoteTftp, argv[argLoop] + 11, sizeof(nipper->remoteTftp) - 1); + + // Local Cisco Config file to save to + else if (strncmp("--cisco-file=", argv[argLoop], 13) == 0) + nipper->localSave = argLoop; + + // Cisco retrival method (old or new) + else if (strcmp("--cisco=old", argv[argLoop]) == 0) + nipper->oldCisco = true; + else if (strcmp("--cisco=new", argv[argLoop]) == 0) + nipper->oldCisco = false; +#endif + + // Version + else if (strcmp("--version", argv[argLoop]) == 0) + nipper->nipperMode = mode_version; + + // Help + else if ((strcasecmp("--help", argv[argLoop]) == 0) || (strcasecmp("/?", argv[argLoop]) == 0) || (strcasecmp("--help=general", argv[argLoop]) == 0)) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_general; + } + else if (strcasecmp("--help=devices", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_device_types; + } + else if (strcasecmp("--help=SNMP", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_snmp; + } + else if (strcasecmp("--help=devices-adv", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_device_usage; + } + else if (strcasecmp("--help=REPORT", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_report_formats; + } + else if (strcasecmp("--help=REPORT-ADV", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_report_options; + } + else if (strcasecmp("--help=REPORT-SECT", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_report_appendix; + } + else if (strcasecmp("--help=REPORT-HTML", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_report_html; + } + else if (strcasecmp("--help=REPORT-LATEX", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_report_latex; + } + else if (strcasecmp("--help=AUDIT-ACL", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_audit_acl; + } + else if (strcasecmp("--help=AUDIT-PASS", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_audit_password; + } + else if (strcasecmp("--help=AUDIT-ADV", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_audit_misc; + } + else if (strcasecmp("--help=DEBUG", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_debug; + } + else if (strcasecmp("--help=CONFIG-FILE", argv[argLoop]) == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_config_file; + } + + // If all else fails, display the help + else + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_params; + } + } +} diff --git a/0.11.10/common/nipper-common.c b/0.11.10/common/nipper-common.c new file mode 100644 index 0000000..6012c2a --- /dev/null +++ b/0.11.10/common/nipper-common.c @@ -0,0 +1,538 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Colour Console Output... +#if !defined(__WIN32__) +const char *RESET = ""; // DEFAULT +const char *COL_RED = ""; // RED +const char *COL_BLUE = ""; // BLUE +const char *COL_GREEN = ""; // GREEN +#else +const char *RESET = ""; +const char *COL_RED = ""; +const char *COL_BLUE = ""; +const char *COL_GREEN = ""; +#endif + + +// Temporary Directory... +#if !defined(__WIN32__) +const char *tmpDir = "/tmp/"; +#else +const char *tmpDir = ""; +#endif + + +// Read a line from the input... +void readLine(FILE *input, char *lineFromFile, int maxLength) +{ + // Variables... + int stripPointer = 0; + + // Read line from file... + memset(lineFromFile, 0, maxLength); + fgets(lineFromFile, maxLength, input); + + // Clear the end-of-line stuff... + stripPointer = strlen(lineFromFile) -1; + while ((lineFromFile[stripPointer] == '\r') || (lineFromFile[stripPointer] == '\n') || (lineFromFile[stripPointer] == ' ')) + { + lineFromFile[stripPointer] = 0; + stripPointer--; + } +} + + +// Checks for simple passwords +int simplePassword(char *password, struct nipperConfig *nipper) +{ + // Constants + const char passwords[][12] = {"password", "password1", "public", "private", "admin", "cisco", "default", "secret", "juniper", + "dbsnmp", "laflaf", "ILMI", "cascade", "cable-docsis", "MiniAP", "snmp-trap", "volition", + "super", "master", "netscreen", "ro", "rw", + ""}; + // Variables + int loop = 0; + char line[128]; + + if ((nipper->dictFile == 0) && (nipper->dictionaryFile != 0)) + nipper->dictFile = fopen(nipper->dictionaryFile, "r"); + + + // Check using a Dictionary File... + if (nipper->dictFile != 0) + { + // Set the dictionary at the start + rewind(nipper->dictFile); + + // Go through the dict until a match or eof + while (feof(nipper->dictFile) == 0) + { + // Read line + readLine(nipper->dictFile, line, sizeof(line)); + + if (strcmp(password, line) == 0) + return true; + } + } + + // Check using the small built-in dictionary + else + { + for (loop = 0; passwords[loop][0] != 0; loop++) + { + if (strcasecmp(password, passwords[loop]) == 0) + return true; + } + } + + return false; +} + + +// Checks password strength +int passwordStrength(char *password, struct nipperConfig *nipper) +{ + // Variables + int contUpper = false; + int contLower = false; + int contUpperOrLower = false; + int contNumber = false; + int contSpecial = false; + int loop = 0; + + // Check length first + if (strlen(password) < nipper->passwordLength) + return false; + + // Get password components + for (loop = 0; loop < strlen(password); loop++) + { + // check for lowercase + if ((password[loop] > 96) && (password[loop] < 123)) + { + contLower = true; + contUpperOrLower = true; + } + + // check for upper + else if ((password[loop] > 64) && (password[loop] < 91)) + { + contUpper = true; + contUpperOrLower = true; + } + + // check for number + else if ((password[loop] > 47) && (password[loop] < 58)) + contNumber = true; + + // check for special chars + else + contSpecial = true; + } + + // Check password components + if ((nipper->passwordLowers == true) && (contLower == false)) + return false; + + if ((nipper->passwordUppers == true) && (contUpper == false)) + return false; + + if ((nipper->passwordEither == true) && (contUpperOrLower == false)) + return false; + + if ((nipper->passwordNumbers == true) && (contNumber == false)) + return false; + + if ((nipper->passwordSpecials == true) && (contSpecial == false)) + return false; + + return true; +} + + +// Return how many chars to next space character (or end of string) +int nextSpace(char *line) +{ + // Variables... + int counter = 0; + + // The work... + while ((line[counter] != ' ') && (line[counter] != 0)) + { + counter++; + } + + // Return... + return counter; +} + + +// Make text Latex friendly +void stripQuotes(char *line, char *output, int maxSize) +{ + // Variables + int loop = 0; + int outPos = 0; + + // Init + if (strlen(line) < maxSize) + maxSize = strlen(line) + 1; + + // Check each character + for (loop = 0; (loop < strlen(line)) && (loop < maxSize -1); loop++) + { + // If it contains one of the chars + if (line[loop] != '\"') + { + // Copy + output[outPos] = line[loop]; + outPos++; + } + } + + // Null terminate + output[outPos] = 0; +} + + +// Make text Latex friendly +void latexFriendly(char *line, char *output, int maxSize) +{ + // Variables + int loop = 0; + int outPos = 0; + + // Init + if (strlen(line) < maxSize) + maxSize = strlen(line) + 1; + + // Check each character + for (loop = 0; (loop < strlen(line)) && (loop < maxSize -1); loop++) + { + // If it contains one of the chars + if ((line[loop] == '_') || (line[loop] == '$') || (line[loop] == '#') || (line[loop] == '&') || (line[loop] == '\\') || (line[loop] == '%')) + { + output[outPos] = '\\'; + outPos++; + } + + // Copy + output[outPos] = line[loop]; + + // Increment + outPos++; + } + + // Null terminate + output[outPos] = 0; +} + + +// Make text HTML friendly +void htmlFriendly(char *line, char *output, int maxSize) +{ + // Variables + int loop = 0; + int outPos = 0; + + // Init + if (strlen(line) < maxSize) + maxSize = strlen(line) + 1; + + // Check each character + for (loop = 0; (loop < strlen(line)) && (loop < maxSize -1); loop++) + { + // If it contains one of the chars + if (line[loop] == '<') + { + output[outPos] = '&'; + outPos++; + output[outPos] = 'l'; + outPos++; + output[outPos] = 't'; + outPos++; + output[outPos] = ';'; + outPos++; + } + else if (line[loop] == '>') + { + output[outPos] = '&'; + outPos++; + output[outPos] = 'g'; + outPos++; + output[outPos] = 't'; + outPos++; + output[outPos] = ';'; + outPos++; + } + else if (line[loop] == '&') + { + output[outPos] = '&'; + outPos++; + output[outPos] = 'a'; + outPos++; + output[outPos] = 'm'; + outPos++; + output[outPos] = 'p'; + outPos++; + output[outPos] = ';'; + outPos++; + } + + // Copy + else + { + output[outPos] = line[loop]; + outPos++; + } + } + + // Null terminate + output[outPos] = 0; +} + + +// Break line up into its parts +struct ciscoCommand splitLine(char *line) +{ + // Variables + int tempInt = 0; + int offset = 0; + int commandCount = -1; + int quotes = false; + struct ciscoCommand command; + + // Init + memset(&command, 0, sizeof(struct ciscoCommand)); + + // Process the line + while ((line[tempInt] != 0) && (commandCount < 40)) + { + // If the character is a space or a tab + if (((line[tempInt] == 9) || (line[tempInt] == ' ')) && (quotes == false)) + { + offset = 0; + } + + // If the character is not a space/tab or quotes are open + else + { + // Increment part counter + if (offset == 0) + commandCount = commandCount + 1; + + // If quote + if ((quotes == true) && (line[tempInt] == '"')) + quotes = false; + else if (line[tempInt] == '"') + quotes = true; + + // copy stuff + if (offset < sizeof(command.part[commandCount]) - 1) + { + command.part[commandCount][offset] = line[tempInt]; + offset = offset + 1; + command.part[commandCount][offset] = 0; + } + } + tempInt++; + } + + // return + command.parts = commandCount + 1; + return command; +} + + +// Add a password to the john the ripper list +void addJohnPassword(struct nipperConfig *nipper, char *username, char *password) +{ + // struct + struct johnPassword *johnPointer; + johnPointer = malloc(sizeof(struct johnPassword)); + memset(johnPointer, 0, sizeof(struct johnPassword)); + + // Sort out pointers + johnPointer->next = nipper->john; + nipper->john = johnPointer; + + // Copy strings + strncpy(johnPointer->username, username, sizeof(johnPointer->username) - 1); + strncpy(johnPointer->password, password, sizeof(johnPointer->password) - 1); +} + + +// Decrypt the Cisco password-7 password +int password7(char *password, char *decoded, int size, int debug) +{ + // Declarations... + const char xlat[] = { + 0x64, 0x73, 0x66, 0x64, 0x3b, 0x6b, 0x66, 0x6f, + 0x41, 0x2c, 0x2e, 0x69, 0x79, 0x65, 0x77, 0x72, + 0x6b, 0x6c, 0x64, 0x4a, 0x4b, 0x44, 0x48, 0x53, + 0x55, 0x42, 0x73, 0x67, 0x76, 0x63, 0x61, 0x36, + 0x39, 0x38, 0x33, 0x34, 0x6e, 0x63, 0x78, 0x76, + 0x39, 0x38, 0x37, 0x33, 0x32, 0x35, 0x34, 0x6b, + 0x3b, 0x66, 0x67, 0x38, 0x37, 0x64, 0x73, 0x66, + 0x64, 0x3b, 0x6b, 0x66, 0x6f, 0x41, 0x2c, 0x2e, + 0x69, 0x79, 0x65, 0x77, 0x72, 0x6b, 0x6c, 0x64, + 0x4a, 0x4b, 0x44, 0x48, 0x53, 0x55, 0x42, 0x73, + 0x67, 0x76, 0x63, 0x61, 0x36, 0x39, 0x38, 0x33, + 0x34, 0x6e, 0x63, 0x78, 0x76, 0x39, 0x38, 0x37, + 0x33, 0x32, 0x35, 0x34, 0x6b, 0x3b, 0x66, 0x67, + 0x38, 0x37}; + unsigned int seed = 0; + unsigned int i = 0; + unsigned int val = 0; + + // Output debug information? + if (debug == true) + { + int loop; + printf(" Type-7 Std: %s\n", password); + printf(" Type-7 Hex: "); + for (loop = 0; loop < strlen(password); loop++) + { + printf("%x ", password[loop]); + } + printf("\n"); + } + + if ((strlen(password) & 1) || (strlen(password) > size * 2)) + return(-1); + + seed = (password[0] - '0') * 10 + password[1] - '0'; + + if (seed > 15 || !isdigit(password[0]) || !isdigit(password[1])) + return(-1); + + for (i = 2 ; i <= strlen(password); i++) + { + if (i !=2 && !(i & 1)) + { + decoded[i / 2 - 2] = val ^ xlat[seed++]; + val = 0; + } + val *= 16; + + if (isdigit(password[i] = toupper(password[i]))) + { + val += password[i] - '0'; + continue; + } + + if (password[i] >= 'A' && password[i] <= 'F') + { + val += password[i] - 'A' + 10; + continue; + } + + if (strlen(password) != i) + return(-1); + } + + decoded[++i / 2] = 0; + return(0); +} + + +// Output text title +void printTextTitle(FILE *reportFile, const char *title) +{ + // Variables... + int loop = 0; + + // Output Title... + fprintf(reportFile, "%s\n", title); + + // Output underlining... + for (loop = 0; loop < strlen(title); loop++) + { + fprintf(reportFile, "-"); + } + fprintf(reportFile, "\n\n"); +} + + +// Output numbers as words... +void numToWord(FILE *reportFile, int value) +{ + switch (value) + { + case 1: + fprintf(reportFile, "one"); + break; + case 2: + fprintf(reportFile, "two"); + break; + case 3: + fprintf(reportFile, "three"); + break; + case 4: + fprintf(reportFile, "four"); + break; + case 5: + fprintf(reportFile, "five"); + break; + case 6: + fprintf(reportFile, "six"); + break; + case 7: + fprintf(reportFile, "seven"); + break; + case 8: + fprintf(reportFile, "eight"); + break; + case 9: + fprintf(reportFile, "nine"); + break; + case 10: + fprintf(reportFile, "ten"); + break; + case 11: + fprintf(reportFile, "eleven"); + break; + case 12: + fprintf(reportFile, "twelve"); + break; + case 13: + fprintf(reportFile, "thirteen"); + break; + case 14: + fprintf(reportFile, "fourteen"); + break; + default: + fprintf(reportFile, "%d", value); + break; + } +} + diff --git a/0.11.10/common/nipper-config.c b/0.11.10/common/nipper-config.c new file mode 100644 index 0000000..a8c9a31 --- /dev/null +++ b/0.11.10/common/nipper-config.c @@ -0,0 +1,315 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains all the code for nipper configuration... + + +// External default settings file... +#if !defined(__WIN32__) +char *configFilename = "/etc/nipper.conf"; +#else +char *configFilename = "nipper.ini"; +#endif + + +// Get setting... +// Parameters +// section : should include the square braces (E.g. "[passwords]") +// setting : is the setting that you are looking for +// default setting : will return +// size : The size of the default storage space (incl null termination). +// Returns +// True or False +// The defaultSetting is replaced by new setting +int getSettingString(char *section, char *setting, char *defaultSetting, int size) +{ + // Variables... + struct stat *fileStats = 0; + FILE *configFile = 0; + char line[LINE_SIZE + 1]; + char *tempString = 0; + + // Check that the file exists and is not empty... + fileStats = malloc(sizeof(struct stat)); + memset(fileStats, 0, sizeof(struct stat)); + stat(configFilename, fileStats); + if (fileStats->st_size != 0) + { + free(fileStats); + + // Open Config... + configFile = fopen(configFilename, "r"); + if (configFile != NULL) + { + + // Search for section... + do + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(configFile, line, LINE_SIZE); + } + while ((feof(configFile) == 0) && (strncasecmp(section, line, strlen(section)) != 0)); + + // if not found, return... + if (strncasecmp(section, line, strlen(section)) != 0) + { + fclose(configFile); + return false; + } + + // Search for setting... + do + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(configFile, line, LINE_SIZE); + } + while ((feof(configFile) == 0) && (strncasecmp(setting, line, strlen(setting)) != 0) && (line[0] != '[')); + fclose(configFile); + + // If not found, return... + if (strncasecmp(setting, line, strlen(setting)) != 0) + return false; + + // Search for the =... + tempString = strchr(line, '='); + if (tempString == NULL) + return false; + tempString++; + + // Search for the first character... + while ((tempString[0] != 0) && (tempString[0] == ' ')) + tempString++; + + // If there is a setting, return it... + if (tempString[0] != 0) + { + memset(defaultSetting, 0, size); + strncpy(defaultSetting, tempString, size - 1); + return true; + } + else + return false; + } + } + else + free(fileStats); + + return false; +} + + +// Gets the setting as Int, same as above... +// For on/off or true/false it will return true or false +// This one returns the default setting +int getSettingInt(char *section, char *setting, int defaultSetting) +{ + // Variables... + char tempString[] = "false"; + int tempInt; + + // Get Setting... + tempInt = getSettingString(section, setting, tempString, sizeof(tempString)); + + // If error, return default + if (tempInt == false) + return defaultSetting; + + // If false or off + if ((strncasecmp(tempString, "no", 2) == 0) || (strncasecmp(tempString, "off", 3) == 0) || (strncasecmp(tempString, "false", 5) == 0)) + return false; + + // If true or on + if ((strncasecmp(tempString, "yes", 3) == 0) || (strncasecmp(tempString, "on", 2) == 0) || (strncasecmp(tempString, "true", 4) == 0)) + return true; + + return atoi(tempString); +} + + +// Create the Nipper configuration structure... +struct nipperConfig *createNipperConfig() +{ + // Variables... + struct nipperConfig *nipper; + char tempString[LINE_SIZE]; + + // Reserve Memory... + nipper = malloc(sizeof(struct nipperConfig)); + memset(nipper, 0, sizeof(struct nipperConfig)); + + // nipper Program Option Defaults... + nipper->maxSize = LINE_SIZE; + nipper->tableNum = 1; + nipper->nipperMode = mode_process; + nipper->deviceUse = use_all; + nipper->doCSV = false; + nipper->showACLComments = false; + + // General + strcpy(tempString, "Cisco Router (IOS)"); + getSettingString("[General]", "Device Type", tempString, sizeof(tempString)); + if (strncasecmp(tempString, "Cisco Switch (IOS)", 18) == 0) + nipper->deviceType = type_ios_switch; + else if (strncasecmp(tempString, "Cisco Catalyst (IOS)", 20) == 0) + nipper->deviceType = type_ios_catalyst; + else if (strncasecmp(tempString, "Cisco Catalyst (NMP)", 20) == 0) + nipper->deviceType = type_nmp_catalyst; + else if (strncasecmp(tempString, "Cisco Catalyst (CatOS)", 22) == 0) + nipper->deviceType = type_cos_catalyst; + else if (strncasecmp(tempString, "Cisco Firewall (PIX)", 20) == 0) + nipper->deviceType = type_pix_firewall; + else if (strncasecmp(tempString, "Cisco Firewall (ASA)", 20) == 0) + nipper->deviceType = type_asa_firewall; + else if (strncasecmp(tempString, "Cisco Firewall (FWSM)", 21) == 0) + nipper->deviceType = type_fwsm_firewall; + else if (strncasecmp(tempString, "Cisco Content Services Switch (CSS)", 35) == 0) + nipper->deviceType = type_css_filter; + else if (strncasecmp(tempString, "Juniper ScreenOS Firewall", 25) == 0) + nipper->deviceType = type_sos_firewall; + else if (strncasecmp(tempString, "Nortel Passport", 15) == 0) + nipper->deviceType = type_passport; + else if (strncasecmp(tempString, "Checkpoint Firewall-1", 21) == 0) + nipper->deviceType = type_fw1_firewall; + else if (strncasecmp(tempString, "SonicWall SonicOS Firewall", 26) == 0) + nipper->deviceType = type_sonicwall; + else + nipper->deviceType = type_ios_router; + strcpy(tempString, "Internal"); + getSettingString("[General]", "Location", tempString, sizeof(tempString)); + if (strncasecmp(tempString, "Edge", 4) == 0) + nipper->deviceUse = use_edge; + else if (strncasecmp(tempString, "Internal", 4) == 0) + nipper->deviceUse = use_internal; + else + nipper->deviceUse = use_all; + strcpy(tempString, ""); + getSettingString("[General]", "Model", tempString, sizeof(tempString)); + if (tempString[0] != 0) + { + nipper->deviceModelInt = malloc(strlen(tempString) + 1); + strcpy(nipper->deviceModelInt, tempString); + nipper->deviceModel = nipper->deviceModelInt; + } + nipper->force = getSettingInt("[General]", "Force Type", false); + + // HTML... + strcpy(tempString, ""); + getSettingString("[HTML]", "Style Sheet File", tempString, sizeof(tempString)); + if (tempString[0] != 0) + { + nipper->cssFromConfig = malloc(strlen(tempString) + 1); + strcpy(nipper->cssFromConfig, tempString); + nipper->cssFile = nipper->cssFromConfig; + } + + // Latex Report Defaults... + strcpy(nipper->paperSize, "a4paper"); + getSettingString("[Latex]", "Paper Size", nipper->paperSize, sizeof(nipper->paperSize)); + strcpy(nipper->documentClass, "article"); + getSettingString("[Latex]", "Document Class", nipper->documentClass, sizeof(nipper->documentClass)); + + // SNMP Defaults... + strcpy(nipper->remoteSnmp, "private"); + getSettingString("[SNMP]", "Community String", nipper->remoteSnmp, sizeof(nipper->remoteSnmp)); + nipper->oldCisco = getSettingInt("[SNMP]", "Old Cisco Method", false); + strcpy(nipper->remoteTftp, "/tftproot/"); + getSettingString("[SNMP]", "TFTP Server Root", nipper->remoteTftp, sizeof(nipper->remoteTftp)); + getSettingString("[SNMP]", "Local IP Address", nipper->localIP, sizeof(nipper->localIP)); + getSettingString("[SNMP]", "Remote IP Address", nipper->remoteIP, sizeof(nipper->remoteIP)); + + // Report Defaults... + strcpy(nipper->companyName, "Nipper"); + getSettingString("[Report]", "Company Name", nipper->companyName, sizeof(nipper->companyName)); + strcpy(tempString, "HTML"); + getSettingString("[Report]", "Report Format", tempString, sizeof(tempString)); + if (strncasecmp(tempString, "text", 4) == 0) + nipper->outputFormat = output_text; + else if (strncasecmp(tempString, "latex", 5) == 0) + nipper->outputFormat = output_latex; + else if (strncasecmp(tempString, "xml", 3) == 0) + nipper->outputFormat = output_xml; + else + nipper->outputFormat = output_html; + nipper->passwords = getSettingInt("[Report]", "Show Passwords In Report", true); + nipper->expandACL = getSettingInt("[Report]", "Expand ACL In Report", false); + nipper->names = getSettingInt("[Report]", "Convert Names To IP Addresses", false); + + // Debug settings (internal only)... + nipper->debugMode = false; + nipper->linesnotprocessed = false; + nipper->debugAbbrev = false; + + // Report Section Defaults... + nipper->abs = getSettingInt("[Report Sections]", "Abbreviations", true); + nipper->appendix = getSettingInt("[Report Sections]", "Appendix", true); + nipper->loggingLevels = getSettingInt("[Report Sections]", "Logging Levels", true); + nipper->timeZones = getSettingInt("[Report Sections]", "Time Zones", true); + nipper->glossary = getSettingInt("[Report Sections]", "Glossary", true); + nipper->nipperVersion = getSettingInt("[Report Sections]", "Nipper Details", true); + nipper->commonPorts = getSettingInt("[Report Sections]", "Common Ports", true); + nipper->fullReport = getSettingInt("[Report Sections]", "Security Audit", true); + nipper->configReport = getSettingInt("[Report Sections]", "Configuration Report", true); + + // Password Audit Defaults... + strcpy(tempString, ""); + getSettingString("[Audit]", "Dictionary File", tempString, sizeof(tempString)); + if (tempString[0] != 0) + { + nipper->dictionaryFilename = malloc(strlen(tempString) + 1); + strcpy(nipper->dictionaryFilename, tempString); + nipper->dictionaryFile = nipper->dictionaryFilename; + } + nipper->passwordLength = getSettingInt("[Audit]", "Minimum Password Length", 8); + nipper->passwordUppers = getSettingInt("[Audit]", "Passwords Must Include Uppercase", false); + nipper->passwordLowers = getSettingInt("[Audit]", "Passwords Must Include Lowercase", false); + nipper->passwordEither = getSettingInt("[Audit]", "Passwords Must Include Lowercase or Uppercase", false); + nipper->passwordNumbers = getSettingInt("[Audit]", "Passwords Must Include Numbers", true); + nipper->passwordSpecials = getSettingInt("[Audit]", "Passwords Must Include Special Characters", false); + // Timeout Audit Defaults... + nipper->connectionTimeout = getSettingInt("[Audit]", "Minimum Timeout (Seconds)", 600); + // ACL Audit Defaults... + nipper->anySourceIssue = getSettingInt("[Audit]", "Check For Any Source", true); + nipper->networkSourceIssue = getSettingInt("[Audit]", "Check Source Rules Do Not Include Networks", true); + nipper->anySourceServiceIssue = getSettingInt("[Audit]", "Check For Any Source Service", false); + nipper->anyDestinationIssue = getSettingInt("[Audit]", "Check For Any Destination", true); + nipper->networkDestinationIssue = getSettingInt("[Audit]", "Check Destination Rules Do Not Include Networks", true); + nipper->anyDestinationServiceIssue = getSettingInt("[Audit]", "Check For Any Destination Service", true); + nipper->allRulesLogIssue = getSettingInt("[Audit]", "Check That All Rules Log", false); + nipper->logDenyRulesIssue = getSettingInt("[Audit]", "Check That All Deny Rules Log", true); + nipper->rejectRulesIssue = getSettingInt("[Audit]", "Check For Reject Rules", true); + nipper->bypassRulesIssue = getSettingInt("[Audit]", "Check For Bypass Rules", true); + nipper->defaultRulesIssue = getSettingInt("[Audit]", "Check For Default Rules", true); + nipper->disabledRulesIssue = getSettingInt("[Audit]", "Check For Disabled Rules", true); + nipper->denyLogIssue = getSettingInt("[Audit]", "Check Rule Lists End With Deny All And Log", true); + + return nipper; +} diff --git a/0.11.10/common/nipper-defaults.c b/0.11.10/common/nipper-defaults.c new file mode 100644 index 0000000..6c2fb10 --- /dev/null +++ b/0.11.10/common/nipper-defaults.c @@ -0,0 +1,520 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void processDefaults(struct nipperConfig *nipper) +{ + // Variables... + struct lineConfig *linePointer = 0; + struct interfaceConfig *interfacePointer = 0; + struct passiveStruct *passivePointer = 0; + struct eigrpConfig *eigrpPointer = 0; + struct eigrpAutonStruct *eigrpAutonPointer = 0; + struct bgpInterStruct *bgpInterPointer = 0; + struct bgpConfig *bgpPointer = 0; + struct ospfInterStruct *ospfInterPointer = 0; + struct ospfConfig *ospfPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterConfig *filterSearchPointer = 0; + struct filterListConfig *filterListPointer = 0; + struct filterListConfig *filterListMovePointer = 0; + struct filterObjectConfig *filterObjectPointer = 0; + struct interfaceSOS *interfaceSOSPointer = 0; + int setting = 0; + int setting2 = 0; + + // Remove Passport device, assigned filters first, doing it after would be a waste of CPU/Memory... + if ((nipper->deviceType == type_passport) && (nipper->filterList != 0)) + { + // Get unassigned list... + filterListPointer = getFilterList(nipper, "**UNASSIGNED**", "", false); + + // Move the unassigned list to being the last one... + if ((nipper->filterList == filterListPointer) && (nipper->filterList->next != 0)) + { + filterListMovePointer = nipper->filterList->next; + while (filterListMovePointer->next != 0) + filterListMovePointer = filterListMovePointer->next; + filterListMovePointer->next = filterListPointer; + nipper->filterList = filterListPointer->next; + filterListPointer->next = 0; + } + else if (nipper->filterList != filterListPointer) + { + filterListMovePointer = nipper->filterList; + while (filterListMovePointer->next != filterListPointer) + filterListMovePointer = filterListMovePointer->next; + filterListMovePointer->next = filterListPointer->next; + while (filterListMovePointer->next != 0) + filterListMovePointer = filterListMovePointer->next; + filterListMovePointer->next = filterListPointer; + filterListPointer->next = 0; + } + + // Remove all assigned filters in the unassigned set... + filterPointer = filterListPointer->filter; + filterSearchPointer = 0; + while (filterPointer != 0) + { + // If filter should be removed... + if (filterPointer->inSet == true) + { + // Sort out pointers first... + if (filterSearchPointer == 0) + filterListPointer->filter = filterPointer->next; + else + filterSearchPointer->next = filterPointer->next; + + // Free sub structures... + while (filterPointer->source != 0) + { + filterObjectPointer = filterPointer->source->next; + free (filterPointer->source); + filterPointer->source = filterObjectPointer; + } + while (filterPointer->sourceService != 0) + { + filterObjectPointer = filterPointer->sourceService->next; + free (filterPointer->sourceService); + filterPointer->sourceService = filterObjectPointer; + } + while (filterPointer->destination != 0) + { + filterObjectPointer = filterPointer->destination->next; + free (filterPointer->destination); + filterPointer->destination = filterObjectPointer; + } + while (filterPointer->destinationService != 0) + { + filterObjectPointer = filterPointer->destinationService->next; + free (filterPointer->destinationService); + filterPointer->destinationService = filterObjectPointer; + } + while (filterPointer->through != 0) + { + filterObjectPointer = filterPointer->through->next; + free (filterPointer->through); + filterPointer->through = filterObjectPointer; + } + while (filterPointer->install != 0) + { + filterObjectPointer = filterPointer->install->next; + free (filterPointer->install); + filterPointer->install = filterObjectPointer; + } + free (filterPointer); + + // Sort out pointers... + if (filterSearchPointer == 0) + filterPointer = filterListPointer->filter; + else + filterPointer = filterSearchPointer->next; + } + + // Update Pointers... + else + { + filterSearchPointer = filterPointer; + filterPointer = filterPointer->next; + } + } + + // If unset filter list has no more filters, remove it... + if (filterListPointer->filter == 0) + { + if (nipper->filterList == filterListPointer) + nipper->filterList = 0; + else + { + filterListMovePointer = nipper->filterList; + while (filterListMovePointer != filterListPointer) + filterListMovePointer = filterListMovePointer->next; + filterListMovePointer->next = 0; + } + free (filterListPointer); + } + } + + + // Add the "Any" to filters that are blank... + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + if (filterPointer->protocol[0] == 0) + strcpy(filterPointer->protocol, "Any"); + if (filterPointer->source == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_source); + filterObjectPointer->type = object_type_any; + } + if (filterPointer->sourceService == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_sourceService); + filterObjectPointer->type = object_type_any; + filterObjectPointer->serviceOp = service_oper_any; + } + if (filterPointer->destination == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_destination); + filterObjectPointer->type = object_type_any; + } + if (filterPointer->destinationService == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_service); + filterObjectPointer->type = object_type_any; + filterObjectPointer->serviceOp = service_oper_any; + } + if (filterPointer->through == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_through); + filterObjectPointer->type = object_type_any; + } + if (filterPointer->install == 0) + { + filterObjectPointer = getFilterMember(filterPointer, "Any", object_filter_install); + filterObjectPointer->type = object_type_any; + } + filterPointer = filterPointer->next; + } + filterListPointer = filterListPointer->next; + } + + switch(nipper->deviceType) + { + // Switch / Router / IOS + case type_ios_switch: + case type_ios_router: + case type_ios_catalyst: + + // CEF... + if (nipper->ios->cef == unconfigured) + { + if (nipper->deviceModel == 0) + nipper->ios->cef = false; + else if ((strncmp(nipper->deviceModel, "71", 2) == 0) && (strlen(nipper->deviceModel) > 3)) + nipper->ios->cef = true; + else if ((strncmp(nipper->deviceModel, "72", 2) == 0) && (strlen(nipper->deviceModel) > 3)) + nipper->ios->cef = true; + else if ((strncmp(nipper->deviceModel, "75", 2) == 0) && (strlen(nipper->deviceModel) > 3)) + nipper->ios->cef = true; + else if ((strncmp(nipper->deviceModel, "65", 2) == 0) && (strlen(nipper->deviceModel) > 3)) + nipper->ios->cef = true; + else if ((strncmp(nipper->deviceModel, "120", 3) == 0) && (strlen(nipper->deviceModel) > 4)) + nipper->ios->cef = true; + else + nipper->ios->cef = false; + } + + // Time Zones... + if (nipper->timeZones == unconfigured) + nipper->timeZones = true; + + // Minimum Password Length + if (nipper->ios->passwordMinLength == -1) + { + if ((nipper->versionMajor == 12) && (nipper->versionMinor > 2)) + nipper->ios->passwordMinLength = 6; + } + + // BGP Passive + if (nipper->ios->bgp != 0) + { + bgpPointer = nipper->ios->bgp; + while (bgpPointer != 0) + { + interfacePointer = nipper->ios->interface; + while (interfacePointer != 0) + { + bgpInterPointer = bgpInterfaceConfig(interfacePointer, bgpPointer->autonomousNo); + passivePointer = bgpPointer->passive; + while (passivePointer != 0) + { + if (strcmp(passivePointer->interface, interfacePointer->name) == 0) + bgpInterPointer->passive = passivePointer->passive; + passivePointer = passivePointer->next; + } + interfacePointer = interfacePointer->next; + } + bgpPointer = bgpPointer->next; + } + bgpPointer = nipper->ios->bgp; + while (bgpPointer != 0) + { + interfacePointer = nipper->ios->interface; + while (interfacePointer != 0) + { + bgpInterPointer = bgpInterfaceConfig(interfacePointer, bgpPointer->autonomousNo); + if (bgpInterPointer->passive == unconfigured) + bgpInterPointer->passive = bgpPointer->defaultPassive; + interfacePointer = interfacePointer->next; + } + bgpPointer = bgpPointer->next; + } + } + + // EIGRP Passive + if (nipper->ios->eigrp != 0) + { + eigrpPointer = nipper->ios->eigrp; + while (eigrpPointer != 0) + { + interfacePointer = nipper->ios->interface; + while (interfacePointer != 0) + { + eigrpAutonPointer = eigrpInterfaceConfig(interfacePointer, eigrpPointer->process); + passivePointer = eigrpPointer->passive; + while (passivePointer != 0) + { + if (strcmp(passivePointer->interface, interfacePointer->name) == 0) + eigrpAutonPointer->passive = passivePointer->passive; + passivePointer = passivePointer->next; + } + interfacePointer = interfacePointer->next; + } + eigrpPointer = eigrpPointer->next; + } + eigrpPointer = nipper->ios->eigrp; + while (eigrpPointer != 0) + { + interfacePointer = nipper->ios->interface; + while (interfacePointer != 0) + { + eigrpAutonPointer = eigrpInterfaceConfig(interfacePointer, eigrpPointer->process); + if (eigrpAutonPointer->passive == unconfigured) + eigrpAutonPointer->passive = eigrpPointer->defaultPassive; + interfacePointer = interfacePointer->next; + } + eigrpPointer = eigrpPointer->next; + } + } + + // OSPF Passive + if (nipper->ios->ospf != 0) + { + ospfPointer = nipper->ios->ospf; + while (ospfPointer != 0) + { + interfacePointer = nipper->ios->interface; + while (interfacePointer != 0) + { + ospfInterPointer = ospfInterfaceConfig(interfacePointer, ospfPointer->processID); + passivePointer = ospfPointer->passive; + while (passivePointer != 0) + { + if (strcmp(passivePointer->interface, interfacePointer->name) == 0) + ospfInterPointer->passive = passivePointer->passive; + passivePointer = passivePointer->next; + } + interfacePointer = interfacePointer->next; + } + ospfPointer = ospfPointer->next; + } + ospfPointer = nipper->ios->ospf; + while (ospfPointer != 0) + { + interfacePointer = nipper->ios->interface; + while (interfacePointer != 0) + { + ospfInterPointer = ospfInterfaceConfig(interfacePointer, ospfPointer->processID); + if (ospfInterPointer->passive == unconfigured) + ospfInterPointer->passive = ospfPointer->defaultPassive; + interfacePointer = interfacePointer->next; + } + ospfPointer = ospfPointer->next; + } + } + + // RIP Version and Passive + if (nipper->ios->rip != 0) + { + switch (nipper->ios->rip->version) + { + case rip_version1: + setting = rip_version1; // Send + setting2 = rip_version1; // Receive + break; + case rip_version2: + setting = rip_version2; // Send + setting2 = rip_version2; // Receive + break; + default: + setting = rip_version1; // Send + setting2 = rip_version1and2; // Receive + break; + } + interfacePointer = nipper->ios->interface; + while (interfacePointer != 0) + { + passivePointer = nipper->ios->rip->passive; + while (passivePointer != 0) + { + if (strcmp(passivePointer->interface, interfacePointer->name) == 0) + interfacePointer->ripPassive = passivePointer->passive; + passivePointer = passivePointer->next; + } + if (interfacePointer->ripSendVersion == rip_version_global) + interfacePointer->ripSendVersion = setting; + if (interfacePointer->ripReceiveVersion == rip_version_global) + interfacePointer->ripReceiveVersion = setting2; + interfacePointer = interfacePointer->next; + } + interfacePointer = nipper->ios->interface; + while (interfacePointer != 0) + { + if (interfacePointer->ripPassive == unconfigured) + interfacePointer->ripPassive = nipper->ios->rip->defaultPassive; + interfacePointer = interfacePointer->next; + } + } + + // Finger + if (nipper->ios->finger == unconfigured) + { + if (((nipper->versionMajor > 11) || ((nipper->versionMajor == 11) && (nipper->versionMinor > 2))) && ((nipper->versionMajor < 12) || ((nipper->versionMajor == 12) && (nipper->versionMinor < 1)))) + nipper->ios->finger = true; + else + nipper->ios->finger = false; + } + + // TCP Small Servers + if (nipper->ios->tcpSmallServers == unconfigured) + { + if ((nipper->versionMajor < 11) || ((nipper->versionMajor == 11) && (nipper->versionMinor < 3))) + nipper->ios->tcpSmallServers = true; + else + nipper->ios->tcpSmallServers = false; + } + + // UDP Small Servers + if (nipper->ios->udpSmallServers == unconfigured) + { + if ((nipper->versionMajor < 11) || ((nipper->versionMajor == 11) && (nipper->versionMinor < 3))) + nipper->ios->udpSmallServers = true; + else + nipper->ios->udpSmallServers = false; + } + + // Transport Input Lines Telnet... + if ((nipper->versionMajor < 11) || ((nipper->versionMajor == 11) && (nipper->versionMinor == 0))) + setting = true; + else + setting = false; + linePointer = nipper->ios->line; + while (linePointer != 0) + { + if (linePointer->telnet == unconfigured) + linePointer->telnet = setting; + linePointer = linePointer->next; + } + break; + + // Firewall / PIX + case type_pix_firewall: + case type_asa_firewall: + // SNMP + if (nipper->pix->snmp == 0) + { + nipper->pix->snmp = malloc(sizeof(struct snmpPIXConfig)); + memset(nipper->pix->snmp, 0, sizeof(struct snmpPIXConfig)); + nipper->pix->snmp->enabled = true; + nipper->pix->snmp->port = 161; + strcpy(nipper->pix->snmp->community, "public"); + modifyPIXTraps(nipper, "snmp", "authentication", true); + modifyPIXTraps(nipper, "snmp", "linkup", true); + modifyPIXTraps(nipper, "snmp", "linkdown", true); + modifyPIXTraps(nipper, "snmp", "coldstart", true); + nipper->pix->snmp->weak = true; + nipper->pix->snmp->dictionary = true; + nipper->simplePasswords++; + nipper->passwordStrengths++; + } + // SSH Version + if (nipper->pix->ssh != 0) + { + if ((nipper->pix->ssh->version == 0) && ((nipper->versionMajor < 7) || ((nipper->versionMajor == 7) && (nipper->versionMinor == 0) && (nipper->versionRevision == 0)))) + nipper->pix->ssh->version = 1; + } + case type_fwsm_firewall: + break; + + // Catalyst / NMP + case type_nmp_catalyst: + case type_cos_catalyst: + break; + + // Cisco CSS + case type_css_filter: + break; + + // ScreenOS + case type_sos_firewall: + // Set all unconfigured management services for the management and trust zones, and disabled on all others + interfaceSOSPointer = nipper->sos->interface; + while (interfaceSOSPointer != 0) + { + if ((strcasecmp(interfaceSOSPointer->zone, "MGT") == 0) || (strcasecmp(interfaceSOSPointer->zone, "Management") == 0) || (strcasecmp(interfaceSOSPointer->zone, "Trust") == 0)) + setting = true; + else + setting = false; + + if (interfaceSOSPointer->manageIdent == unconfigured) + interfaceSOSPointer->manageIdent = setting; + if (interfaceSOSPointer->manageMtrace == unconfigured) + interfaceSOSPointer->manageMtrace = setting; + if (interfaceSOSPointer->manageNsmgmt == unconfigured) + interfaceSOSPointer->manageNsmgmt = setting; + if (interfaceSOSPointer->managePing == unconfigured) + interfaceSOSPointer->managePing = setting; + if (interfaceSOSPointer->manageSnmp == unconfigured) + interfaceSOSPointer->manageSnmp = setting; + if (interfaceSOSPointer->manageSsh == unconfigured) + interfaceSOSPointer->manageSsh = setting; + if (interfaceSOSPointer->manageSsl == unconfigured) + interfaceSOSPointer->manageSsl = setting; + if (interfaceSOSPointer->manageTelnet == unconfigured) + interfaceSOSPointer->manageTelnet = setting; + if (interfaceSOSPointer->manageWeb == unconfigured) + interfaceSOSPointer->manageWeb = setting; + + interfaceSOSPointer = interfaceSOSPointer->next; + } + break; + + // Passport + case type_passport: + // Sort out hostname... + if (nipper->hostname[0] == 0) + strncpy(nipper->hostname, nipper->pas->boxType, sizeof(nipper->hostname) - 1); + break; + } +} diff --git a/0.11.10/common/nipper-defs.c b/0.11.10/common/nipper-defs.c new file mode 100644 index 0000000..826ab29 --- /dev/null +++ b/0.11.10/common/nipper-defs.c @@ -0,0 +1,180 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains common definitions... + +// Defines... +#define false 0 +#define true 1 +#define unconfigured 2 + +#define LINE_SIZE 1024 + +#define output_text 0 +#define output_html 1 +#define output_latex 2 +// 3 is reserved! +#define output_xml 4 + +#define type_ios_router 0 // Cisco IOS Router +#define type_ios_switch 1 // Cisco IOS Switch +#define type_ios_catalyst 2 // Cisco IOS Catalyst +#define type_pix_firewall 3 // Cisco PIX Firewall +#define type_asa_firewall 4 // Cisco ASA Firewall +#define type_fwsm_firewall 5 // Cisco FWSM Firewall +#define type_sos_firewall 6 // Juniper ScreenOS Firewall +#define type_fw1_firewall 7 // Checkpoint Firewall-1 +#define type_nmp_catalyst 8 // Cisco NMP Catalyst +#define type_cos_catalyst 9 // Cisco CatOS Catalyst +#define type_css_filter 10 // Cisco Content Services Switch (CSS) +#define type_passport 11 // Nortel Passport +#define type_sonicwall 12 // SonicWall Firewall +#define type_nokiaip 13 // Nokia IP Firewall +#define type_bayaccelar 14 // Bay Networks Accelar + +// Object types... +#define object_type_network 0 +#define object_type_protocol 1 +#define object_type_icmp 2 +#define object_type_service 3 +#define object_type_group 4 +#define object_type_port 5 +#define object_type_host 6 +#define object_type_machinesrange 7 +#define object_type_dynamicnet 8 +#define object_type_gateway 9 +#define object_type_gateway_cluster 10 +#define object_type_cluster_member 11 +#define object_type_servicerange 12 +#define object_type_interface 13 +#define object_type_object 14 +#define object_type_any 15 +#define object_type_notset 100 +#define object_type_delete_me 101 + +// Object service operators... +#define service_oper_eq 0 +#define service_oper_neq 1 +#define service_oper_lt 2 +#define service_oper_gt 3 +#define service_oper_range 4 +#define service_oper_object 5 +#define service_oper_ignore 6 +#define service_oper_any 6 + +// Object service protocols... +#define service_protocol_none 0 +#define service_protocol_tcp 1 +#define service_protocol_udp 2 +#define service_protocol_both 3 +#define service_protocol_other 4 +#define service_protocol_unknown 5 +#define service_protocol_dcerpc 6 +#define service_protocol_rpc 7 +#define service_protocol_icmp 8 +#define service_protocol_tcpsub 9 +#define service_protocol_gtp0 10 +#define service_protocol_gtp1 11 + +// SNMP... +#define snmp1_2 0 +#define snmp1 1 +#define snmp2c 2 +#define snmp3_no_auth 3 +#define snmp3_auth 4 +#define snmp3_priv 5 + +// Authentication... +#define auth_none 0 +#define auth_clear 1 +#define auth_md5 2 + +// Encryption... +#define encrypt_type7 0 +#define encrypt_md5 1 +#define encrypt_des56 2 +#define encrypt_none 3 +#define encrypt_unknown 4 +#define encrypt_pix 5 +#define encrypt_mschap 6 +#define encrypt_ntenc 7 + +// Filters... +#define filter_action_drop 0 +#define filter_action_reject 1 +#define filter_action_accept 2 +#define filter_action_bypass 3 +#define filter_action_default 4 +#define filter_action_remark 100 + +// Filter Types... +#define filter_type_source 0 +#define filter_type_destination 1 +#define filter_type_global 2 + +// Permissions... +#define perm_permit 0 +#define perm_deny 1 + +// Device purpose... +#define use_all 0 +#define use_edge 1 +#define use_internal 2 + +// Nipper modes... +#define mode_help 0 +#define mode_version 1 +#define mode_process 2 + +// Help modes... +#define help_general 0 +#define help_device_types 10 +#define help_device_usage 11 +#define help_report_formats 20 +#define help_report_options 21 +#define help_report_appendix 22 +#define help_report_html 23 +#define help_report_latex 24 +#define help_audit_acl 30 +#define help_audit_password 31 +#define help_audit_misc 32 +#define help_snmp 33 +#define help_debug 40 +#define help_config_file 50 +#define help_error_params 100 +#define help_error_empty_file 101 +#define help_error_wrong_type 102 +#define help_error_opening_file 103 +#define help_error_john_file 104 +#define help_error_report_file 105 +#define help_error_read_timeout 106 +#define help_error_base64_decode 107 +#define help_error_snmp_failure 108 +#define help_error_snmp_root 109 diff --git a/0.11.10/common/nipper-help.c b/0.11.10/common/nipper-help.c new file mode 100644 index 0000000..8783df0 --- /dev/null +++ b/0.11.10/common/nipper-help.c @@ -0,0 +1,433 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains all the code for the on-line help system... + + +void showHelp(int argc, char *argv[], struct nipperConfig *nipper) +{ + // Program banner... + printf("%s%s\n%s", COL_BLUE, program_banner, RESET); + + switch (nipper->helpMode) + { + // General Help... + case help_general: + printf("Nipper is a Network Infrastructure Configuration Parser. Nipper takes\n"); + printf("a network infrastructure device configuration, processes the file and\n"); + printf("details security-related issues with detailed recommendations. Nipper\n"); + printf("was previous known as CiscoParse.\n\n"); + printf("By default, input is retrieved from stdin and is output (in HTML format)\n"); + printf("to stdout.\n\n"); + + printf("%sCommand:%s\n", COL_BLUE, RESET); + printf(" %s%s [Options]%s\n\n", COL_GREEN, argv[0], RESET); + + printf("%sGeneral Options:%s\n", COL_BLUE, RESET); + printf(" %s--input=%s\n", COL_GREEN, RESET); + printf(" Specifies a device configuration file to process. For CheckPoint\n"); + printf(" Firewall-1 configurations, the input should be the conf directory.\n\n"); + printf(" %s--output= | --report=%s\n", COL_GREEN, RESET); + printf(" Specified an output file for the report.\n\n"); + printf(" %s--csv=%s\n", COL_GREEN, RESET); + printf(" Want to output the network filtering configuration to a CSV file?.\n\n"); + printf(" %s--version%s\n", COL_GREEN, RESET); + printf(" Displays the program version.\n\n"); + + printf("%sExample:%s\n", COL_BLUE, RESET); + printf(" The example below will process a Cisco IOS-based router\n"); + printf(" configuration file called ios.conf and output the report to a file\n"); + printf(" called report.html.\n\n"); + printf(" %s%s --ios-router --input=ios.conf --output=report.html%s\n\n", COL_GREEN, argv[0], RESET); + break; + + // Device Types... + case help_device_types: + printf("Nipper supports a number of different types of network device. This\n"); + printf("version contains support for the following devices:\n\n"); + printf(" CMD Option Device Type\n"); + printf(" =================================================\n"); + printf(" --ios-switch Cisco IOS-based Switch\n"); + printf(" --ios-router Cisco IOS-based Router (default)\n"); + printf(" --ios-catalyst Cisco IOS-based Catalyst\n"); + printf(" --pix Cisco PIX-based Firewall\n"); + printf(" --asa Cisco ASA-based Firewall\n"); + printf(" --fwsm Cisco FWSM-based Router\n"); + printf(" --catos Cisco CatOS-based Catalyst\n"); + printf(" --nmp Cisco NMP-based Catalyst\n"); + printf(" --css Cisco Content Services Switch\n"); + printf(" --screenos Juniper NetScreen Firewall\n"); + printf(" --passport Nortel Passport Device\n"); + printf(" --sonicos SonicWall SonicOS Firewall\n"); + printf(" --fw1 CheckPoint Firewall-1 Firewall\n"); + printf(" --nokiaip Nokia IP Firewall\n"); + printf(" --accelar Bay Networks Accelar\n\n"); + printf("Please note that the level of support for each type of device varies.\n\n"); + break; + + // Device Usage... + case help_device_usage: + printf("Nipper performs various checks to ensure that the device type that\n"); + printf("has been specified matches the configuration file. Additionally, the\n"); + printf("security issues reported by Nipper can depend on what the device is\n"); + printf("used for.\n\n"); + printf("%sAdvanced Device Options:%s\n\n", COL_BLUE, RESET); + printf(" %s--force%s\n", COL_GREEN, RESET); + printf(" Force Nipper to bypass any configuration type checks.\n\n"); + printf(" %s--location=%s\n", COL_GREEN, RESET); + printf(" Where is the device located.\n\n"); + printf(" %s--model=%s\n", COL_GREEN, RESET); + printf(" Specify a device model, such as 7200VXR for a Cisco 7200VXR.\n\n"); + break; + + // Report Formats... + case help_report_formats: + printf("Nipper supports a number of different report formats. They are:\n\n"); + printf(" CMD Option Report Format\n"); + printf(" =============================\n"); + printf(" --html HTML (default)\n"); + printf(" --latex Latex\n"); + printf(" --text Text\n"); + printf(" --xml XML\n\n"); + break; + + // Advanced Report Options... + case help_report_options: + printf("These reporting options apply to all report output.\n\n"); + printf(" %s--company-name=%s\n", COL_GREEN, RESET); + printf(" Replace the 'nipper recommends...' in the report output to something\n"); + printf(" else. So for the Acme company, it would read, 'Acme recommends...'.\n\n"); + printf(" %s--device-name=%s\n", COL_GREEN, RESET); + printf(" If a device configuration file does not contain a device name, it\n"); + printf(" can be specified using this option.\n\n"); + printf(" %s--no-names%s\n", COL_GREEN, RESET); + printf(" Convert host and network names to IP addresses where possible.\n\n"); + printf(" %s--rule-comments%s\n", COL_GREEN, RESET); + printf(" Shows CheckPoint rule comments in the rules output.\n\n"); + printf(" %s--expand-acl%s\n", COL_GREEN, RESET); + printf(" Expand an Access Control Lists / Filtering object definitions. This\n"); + printf(" option will show the reality of a filtering policy.\n\n"); + break; + + // Report Options to include report sections... + case help_report_appendix: + printf("The following report options determine which sections are included in\n"); + printf("the report output. The default is to include all sections.\n\n"); + printf(" %s--no-config%s\n", COL_GREEN, RESET); + printf(" This option disables the configuration report section.\n\n"); + printf(" %s--no-audit%s\n", COL_GREEN, RESET); + printf(" This option disables the security audit of the device configuration.\n\n"); + printf(" %s--no-appendix%s\n", COL_GREEN, RESET); + printf(" Disables the output of the entire report appendix section. By\n"); + printf(" default an appendix section is generated and added to the report.\n\n"); + printf(" %s--no-abbreviations%s\n", COL_GREEN, RESET); + printf(" Disables the output of an abbreviations section in the appendix.\n\n"); + //printf(" %s--no-glossary%s\n", COL_GREEN, RESET); + //printf(" Disables the output of a glossary section in the appendix.\n\n"); + printf(" %s--no-logging%s\n", COL_GREEN, RESET); + printf(" Disables the output of the logging levels section in the appendix.\n\n"); + printf(" %s--no-timezones%s\n", COL_GREEN, RESET); + printf(" Disables the output of the time zones section in the appendix.\n\n"); + printf(" %s--no-ports%s\n", COL_GREEN, RESET); + printf(" Disables the output of a common ports section in the appendix.\n\n"); + printf(" %s--no-version%s\n", COL_GREEN, RESET); + printf(" Disables the output of the nipper version section in the appendix.\n\n"); + break; + + // Report HTML options... + case help_report_html: + printf("These report options apply only to the HTML report file format.\n\n"); + printf(" %s--stylesheet=%s\n", COL_GREEN, RESET); + printf(" Supply an external Cascading Style Sheet (CSS) for use with the HTML\n"); + printf(" -based reports. If this option is not supplied a default CSS is\n"); + printf(" embeded. The supplied CSS file will be embeded within the report\n"); + printf(" output.\n\n"); + break; + + // Report Latex Options... + case help_report_latex: + printf("These report options apply only to the Latex report file format.\n\n"); + printf(" %s--paper=%s\n", COL_GREEN, RESET); + printf(" This option can be used to configure the Latex document paper size.\n"); + printf(" The default paper size is '%s'. Refer to the Latex\n", nipper->paperSize); + printf(" documentation for other settings.\n\n"); + printf(" %s--documentclass=%s\n", COL_GREEN, RESET); + printf(" This option can be used to configure the Latex document class. The\n"); + printf(" default document class is '%s'. Refer to the Latex\n", nipper->documentClass); + printf(" documentation for other settings.\n\n"); + break; + + // Security Auditing ACL options... + case help_audit_acl: + printf("These options only apply to the security auditing of the network\n"); + printf("filtering. Checks for logging on all rules and for any source service\n"); + printf("are disabled by default, all other rules are enabled by default.\n\n"); + printf(" %s--deny-log | --no-deny-log%s\n", COL_GREEN, RESET); + printf(" Enable/Disable checks to ensure that the rule lists end with a deny\n"); + printf(" all and log.\n\n"); + printf(" %s--any-source | --no-any-source%s\n", COL_GREEN, RESET); + printf(" Enable/Disable rule checks for any source.\n\n"); + printf(" %s--network-source | --no-network-source%s\n", COL_GREEN, RESET); + printf(" Enable/Disable rule checks for network sources.\n\n"); + printf(" %s--source-service | --no-source-service%s\n", COL_GREEN, RESET); + printf(" Enable/Disable checks for any sources services.\n\n"); + printf(" %s--any-destination | --no-any-destination%s\n", COL_GREEN, RESET); + printf(" Enable/Disable rule checks for any destination.\n\n"); + printf(" %s--network-destination | --no-network-destination%s\n", COL_GREEN, RESET); + printf(" Enable/Disable rule checks for network destionations.\n\n"); + printf(" %s--destination-service | --no-destination-service%s\n", COL_GREEN, RESET); + printf(" Enable/Disable rule checks for any destination service.\n\n"); + printf(" %s--log-rules | --no-log-rules%s\n", COL_GREEN, RESET); + printf(" Enable/Disable checks for logging on all rules.\n\n"); + printf(" %s--disabled-rules | --no-disabled-rules%s\n", COL_GREEN, RESET); + printf(" Enable/Disable checks for disabled rules.\n\n"); + printf(" %s--reject-rules | --no-reject-rules%s\n", COL_GREEN, RESET); + printf(" Enable/Disable checks for reject rules.\n\n"); + printf(" %s--bypass-rules | --no-bypass-rules%s\n", COL_GREEN, RESET); + printf(" Enable/Disable checks for bypass rules.\n\n"); + printf(" %s--default-rules | --no-default-rules%s\n", COL_GREEN, RESET); + printf(" Enable/Disable checks for default rules.\n\n"); + printf(" %s--log-deny-rules | --no-log-deny-rules%s\n", COL_GREEN, RESET); + printf(" Enable/Disable checks for deny and log rules.\n\n"); + break; + + // Security Auditing Password Options... + case help_audit_password: + printf("These options apply to the password security auditing. In addition to\n"); + printf("user passwords, other authentication strings are audited such as shared\n"); + printf("keys and SNMP community strings.\n\n"); + printf(" %s--no-passwords%s\n", COL_GREEN, RESET); + printf(" Removes passwords from the output. However, passwords are always\n"); + printf(" checked against defaults and for password strength.\n\n"); + printf(" %s--john=%s\n", COL_GREEN, RESET); + printf(" Output the Cisco type 5 passwords in a file that can then be run\n"); + printf(" through john-the-ripper.\n\n"); + printf(" %s--dictionary=%s\n", COL_GREEN, RESET); + printf(" Use a dictionary file to check the passwords and keys are not\n"); + printf(" dictionary-based words. If this option is not specified a small\n"); + printf(" number of built-in passwords are used instead. This option is\n"); + printf(" not used to break MD5 passwords, only compare passwords already\n"); + printf(" known.\n\n"); + printf(" %s--pass-length=%s\n", COL_GREEN, RESET); + printf(" Password strength checks will check that retrieved passwords have\n"); + printf(" a minimum length as specified. The default is %d characters.\n\n", nipper->passwordLength); + printf(" %s--pass-uppers=%s\n", COL_GREEN, RESET); + printf(" Password strength checks will check that retrieved passwords must\n"); + printf(" include uppercase characters. The default is "); + if (nipper->passwordUppers == false) + printf("no.\n\n"); + else + printf("yes.\n\n"); + printf(" %s--pass-lowers=%s\n", COL_GREEN, RESET); + printf(" Password strength checks will check that retrieved passwords must\n"); + printf(" include lowercase characters. The default is "); + if (nipper->passwordLowers == false) + printf("no.\n\n"); + else + printf("yes.\n\n"); + printf(" %s--pass-either=%s\n", COL_GREEN, RESET); + printf(" Password strength checks will check that retrieved passwords must\n"); + printf(" include upper or lowercase characters. The default is "); + if (nipper->passwordEither == false) + printf("no.\n\n"); + else + printf("yes.\n\n"); + printf(" %s--pass-numbers=%s\n", COL_GREEN, RESET); + printf(" Password strength checks will check that retrieved passwords must\n"); + printf(" include numbers. The default is "); + if (nipper->passwordNumbers == false) + printf("no.\n\n"); + else + printf("yes.\n\n"); + printf(" %s--pass-specials=%s\n", COL_GREEN, RESET); + printf(" Password strength checks will check that retrieved passwords must\n"); + printf(" include special characters. The default is "); + if (nipper->passwordSpecials == false) + printf("no.\n\n"); + else + printf("yes.\n\n"); + break; + + // Other Security Auditing Options... + case help_audit_misc: + printf("These options apply to the security auditing.\n\n"); + printf(" %s--timeout=%s\n", COL_GREEN, RESET); + printf(" Specify the number of seconds that connection timeouts should be\n"); + printf(" less than or equal to. If timeouts are less than this, a security\n"); + printf(" will be generated in the report. The default is %d minutes.\n\n", (nipper->connectionTimeout / 60)); + break; + +#if !defined(__WIN32__) + // Other SNMP Options... + case help_snmp: + printf("These options apply to remote SNMP configuration retrival from Cisco\n"); + printf("devices. Older Cisco devices make use of a slightly different method.\n"); + printf("The old method works with IOS devices up to version 12.x. Newer methods\n"); + printf("are supported with IOS version 12.0 (some with 11.2P). This requires a\n"); + printf("local TFTP server and the snmpget command.\n\n"); + printf(" %s--cisco-ip=%s\n", COL_GREEN, RESET); + printf(" Specify the IP address of the Cisco Device to retrieve the config\n"); + printf(" from.\n\n"); + printf(" %s--local-ip=%s\n", COL_GREEN, RESET); + printf(" The IP address of the host making the request. This is essential for\n"); + printf(" remote config retrival, else it will fail.\n\n"); + printf(" %s--cisco=%s\n", COL_GREEN, RESET); + printf(" There are two methods of retrieving the config remotely using SNMP.\n"); + printf(" The old method is supported on Cisco devices upto IOS 12.x, the\n"); + printf(" new method (default) is supported from IOS 12.0 (11.2P on some\n"); + printf(" devices).\n\n"); + printf(" %s--snmp=%s\n", COL_GREEN, RESET); + printf(" The snmp community to be used with the above. A default of 'private'\n"); + printf(" will be used if not specified.\n\n"); + printf(" %s--tftproot=%s\n", COL_GREEN, RESET); + printf(" The tftp root directory to be used for the Cisco config transfer. If\n"); + printf(" not specified a default of /tftproot/ will be used.\n\n"); + printf(" %s--cisco-file=%s\n", COL_GREEN, RESET); + printf(" Specifies a filename for the Cisco config file to be saved to. If\n"); + printf(" not specified, then the file will be left in the tftproot as a\n"); + printf(" random file name.\n\n"); + break; +#endif + + // The debug options (hidden)... + case help_debug: + printf("These are the Nipper debug options, useful for working out what has gone\n"); + printf("AWOL. These options can ouput a lot of information and disrupt the\n"); + printf("normal report output.\n\n"); + printf(" %s--debug%s\n", COL_GREEN, RESET); + printf(" Outputs additional information that most users would not find very\n"); + printf(" helpful, but is useful in understanding how the configuration is\n"); + printf(" interpreted. Using the debug option overrides all other output.\n\n"); + printf(" %s--debug-abbreviations%s\n", COL_GREEN, RESET); + printf(" Shows a list of all the abbreviations that were not processed. The\n"); + printf(" list is output to stdout and lists the number of hits each entry\n"); + printf(" has had. Not all of the items listed will be valid abbreviations.\n\n"); + printf(" %s--debug-lnp%s\n", COL_GREEN, RESET); + printf(" Output the configuration lines not processed (to screen only).\n\n"); + break; + + // External Configuration file... + case help_config_file: + printf("Nipper can be configured using an external configuration file. This file\n"); + printf("can be specified on the command line or Nipper will load configuration\n"); +#if !defined(__WIN32__) + printf("settings from '/etc/nipper.conf'.\n\n"); +#else + printf("settings from 'nipper.ini' in the current directory.\n\n"); +#endif + printf(" %s--config=%s\n", COL_GREEN, RESET); + printf(" Specifies a Nipper configuration file.\n\n"); + break; + + case help_error_params: + printf("%sERROR: Invalid command line options specified.%s\n\n", COL_RED, RESET); + break; + + case help_error_empty_file: + printf("%sERROR: The input was either an empty file or a directory.%s\n\n", COL_RED, RESET); + break; + + case help_error_wrong_type: + printf("%sERROR: Nipper has determined that you are attempting to process the\n", COL_RED); + printf("wrong type of configuration. Refer to the DEVICES section on the online\n"); + printf("help, or alternatively, use the --force option.%s\n\n", RESET); + break; + + case help_error_opening_file: + printf("%sERROR: Nipper could not open the configuration file for input.%s\n\n", COL_RED, RESET); + break; + + case help_error_snmp_failure: + printf("%sERROR: Could not get the Cisco configuration via SNMP.%s\n\n", COL_RED, RESET); + break; + + case help_error_snmp_root: + printf("%sERROR: You must be the root user to get the configuration via SNMP.%s\n\n", COL_RED, RESET); + break; + + case help_error_report_file: + printf("%sERROR: Nipper could not open the report file for output.%s\n\n", COL_RED, RESET); + break; + + case help_error_john_file: + printf("%sERROR: Nipper could not open the john-the-ripper file for output.%s\n\n", COL_RED, RESET); + break; + + case help_error_base64_decode: + printf("%sERROR: Failed to decode the base64 configuration file encoding.%s\n\n", COL_RED, RESET); + break; + + case help_error_read_timeout: + if (nipper->inputName == 0) + { + printf("%sERROR: Failed to read from stdin, please pipe a configuration in or\n", COL_RED); + printf("supply an input file using the --input= option.%s\n\n", RESET); + } + else + printf("%sERROR: A timeout occured whilst reading from the file.%s\n\n", COL_RED, RESET); + break; + } + + // Further Help... + printf("%sFor additional help:%s\n", COL_BLUE, RESET); + printf(" %s--help[=]%s\n", COL_GREEN, RESET); + printf(" Show the online help or show the additional help on the topic\n"); + printf(" specified. The help topics are; GENERAL, DEVICES, DEVICES-ADV,\n"); +#if !defined(__WIN32__) + printf(" SNMP, REPORT, REPORT-ADV, REPORT-SECT, REPORT-HTML, REPORT-LATEX,\n"); +#else + printf(" REPORT, REPORT-ADV, REPORT-SECT, REPORT-HTML, REPORT-LATEX,\n"); +#endif + printf(" AUDIT-ACL, AUDIT-PASS, AUDIT-ADV or CONFIG-FILE.\n"); +} + + +void stdinTimeout() +{ + // Program banner... + printf("%s%s\n%s", COL_BLUE, program_banner, RESET); + + printf("%sERROR: Failed to read from stdin, please pipe a configuration in or\n", COL_RED); + printf("supply an input file using the --input= option.%s\n\n", RESET); + + // Further Help... + printf("%sFor additional help:%s\n", COL_BLUE, RESET); + printf(" %s--help[=]%s\n", COL_GREEN, RESET); + printf(" Show the online help or show the additional help on the topic\n"); + printf(" specified. The help topics are; GENERAL, DEVICES, DEVICES-ADV,\n"); +#if !defined(__WIN32__) + printf(" SNMP, REPORT, REPORT-ADV, REPORT-SECT, REPORT-HTML, REPORT-LATEX,\n"); +#else + printf(" REPORT, REPORT-ADV, REPORT-SECT, REPORT-HTML, REPORT-LATEX,\n"); +#endif + printf(" AUDIT-ACL, AUDIT-PASS, AUDIT-ADV or CONFIG-FILE.\n"); + exit(0); +} + diff --git a/0.11.10/common/nipper-input.c b/0.11.10/common/nipper-input.c new file mode 100644 index 0000000..e42c8d1 --- /dev/null +++ b/0.11.10/common/nipper-input.c @@ -0,0 +1,449 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains all the code to get input from file/directory/snmp/stdin... + + +// Process a file... +int processFile(struct nipperConfig *nipper, void (processLine)(struct nipperConfig *nipper, char *line)) +{ + // Variables... + struct stat *fileStats = 0; + char line[LINE_SIZE + 1]; + + // Check the file has some contents... + fileStats = malloc(sizeof(struct stat)); + memset(fileStats, 0, sizeof(struct stat)); + stat(nipper->inputName, fileStats); + if (fileStats->st_size == 0) + { + free(fileStats); + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_empty_file; + return false; + } + free(fileStats); + + nipper->input = fopen(nipper->inputName, "r"); + if (nipper->input == NULL) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_opening_file; + return false; + } + setvbuf(nipper->input, 0, _IONBF, 0); + + if (nipper->debugMode == true) + { + printf("\n%sConfig Lines Examined\n=====================%s\n", COL_BLUE, RESET); + } + + // Read in input and process... + while (feof(nipper->input) == 0) + { + // Read line + memset(line, 0, LINE_SIZE + 1); + readLine(nipper->input, line, LINE_SIZE); + + // Process the line... + processLine(nipper, line); + } + + // Close input file... + fclose(nipper->input); + + return true; +} + + +// Process the input... +int processInput(struct nipperConfig *nipper) +{ + // Variables... + struct policyCollection *policyCollectionPointer = 0; + struct stat *fileStats = 0; + const char *dirname = 0; + char *buffer = 0; + char fullname[512]; + FILE *tempFile = 0; + char temporaryFileName[64] = ""; + int returnValue = 0; +#if !defined(__WIN32__) + const char slashChar = '/'; +#else + const char slashChar = '\\'; +#endif + int addSlash = false; + + switch (nipper->deviceType) + { + // IOS devices + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + // Create IOS Structure... + nipper->ios = malloc(sizeof(struct ciscoIOSConfig)); + + // Init... + memset(nipper->ios, 0, sizeof(struct ciscoIOSConfig)); + nipper->ios->sourceRouting = true; + nipper->ios->tcpSmallServers = unconfigured; + nipper->ios->udpSmallServers = unconfigured; + nipper->ios->finger = unconfigured; + nipper->ios->cdp = true; + nipper->ios->cef = unconfigured; + nipper->ios->servicePasswordEncryption = false; + nipper->ios->bootp = true; + nipper->ios->bootNetwork = false; + nipper->ios->serviceConfig = false; + nipper->ios->pad = true; + nipper->ios->domainLookup = true; + nipper->ios->classlessRouting = true; + nipper->ios->keepAlivesIn = false; + nipper->ios->keepAlivesOut = false; + nipper->ios->gratuitousArps = false; + nipper->ios->calendarValid = false; + nipper->ios->passwordMinLength = -1; + nipper->ios->vtpMode = vtp_mode_server; + strcpy(nipper->ios->timeZone, "UTC"); + + // Process... + return processFile(nipper, processIOSInput); + break; + + + // NMP devices + case type_nmp_catalyst: + case type_cos_catalyst: + // Create NMP/CatOS Structure... + nipper->nmp = malloc(sizeof(struct ciscoNMPConfig)); + + // Init... + memset(nipper->nmp, 0, sizeof(struct ciscoNMPConfig)); + nipper->nmp->cdp = true; + nipper->nmp->cdpInterval = 60; + nipper->nmp->cdpHoldtime = 180; + nipper->nmp->cdpVersion = 2; + nipper->nmp->timeout = 20; + nipper->nmp->portSecurityAuto = false; + + // Process... + return processFile(nipper, processNMPInput); + break; + + + // PIX devices + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + // Create PIX/ASA/FWSM Structure... + nipper->pix = malloc(sizeof(struct ciscoPIXConfig)); + + // Init... + memset(nipper->pix, 0, sizeof(struct ciscoPIXConfig)); + nipper->pix->transparent = false; + nipper->pix->floodguard = true; + nipper->pix->accessListAlertInterval = 300; + nipper->pix->accessListDenyFlowMax = 4096; + + // Process.. + return processFile(nipper, processPIXInput); + break; + + + // Cisco CSS devices + case type_css_filter: + // Create CSS Structure... + nipper->css = malloc(sizeof(struct ciscoCSSConfig)); + + // Init... + memset(nipper->css, 0, sizeof(struct ciscoCSSConfig)); + nipper->css->snmpAccess = true; + nipper->css->ftpAccess = true; + nipper->css->telnetAccess = true; + nipper->css->sshAccess = true; + nipper->css->consoleAccess = true; + nipper->css->webManagementAccess = false; + nipper->css->aclEnabled = false; + + // Process... + return processFile(nipper, processCSSInput); + break; + + + // ScreenOS devices + case type_sos_firewall: + // Create ScreenOS Structure... + nipper->sos = malloc(sizeof(struct screenOSConfig)); + + // Init... + memset(nipper->sos, 0, sizeof(struct screenOSConfig)); + nipper->sos->sshEnabled = false; + nipper->sos->sshKeyGenTime = 60; + nipper->sos->asymmetricVPN = false; + nipper->sos->accessAttempts = 3; + nipper->sos->mailAlert = false; + nipper->sos->adminFormat = adminfmt_default; + nipper->sos->httpRedirect = unconfigured; + nipper->sos->privilege = adminpriv_default; + strcpy(nipper->sos->adminIP, "0.0.0.0"); + strcpy(nipper->sos->adminNetMask, "0.0.0.0"); + strcpy(nipper->sos->name, "netscreen"); + strcpy(nipper->sos->password, ""); + nipper->sos->nameMappings = false; + nipper->sos->nameGroupMappings = false; + nipper->sos->defaultFirewallMode = true; + nipper->sos->consoleOnly = false; + + // Process... + return processFile(nipper, processSOSInput); + break; + + + // Nortel Passport Devices + case type_bayaccelar: + case type_passport: + // Create Nortel Passport Structure... + nipper->pas = malloc(sizeof(struct passportConfig)); + + // Init... + memset(nipper->pas, 0, sizeof(struct passportConfig)); + + // Process... + return processFile(nipper, processPASInput); + break; + + + // CheckPoint Firewall-1 Devices + case type_nokiaip: + case type_fw1_firewall: + // Create Structure... + nipper->fw1 = malloc(sizeof(struct firewall1Config)); + fileStats = malloc(sizeof(struct stat)); + + // Init... + memset(nipper->fw1, 0, sizeof(struct firewall1Config)); + memset(fileStats, 0, sizeof(struct stat)); + + if (nipper->showACLComments == true) + settings_policycol_heading8.next = &settings_policycol_heading9; + + // Check that the Config directory is a directory... + stat(nipper->inputName, fileStats); + + // Process as a single file... + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + free(fileStats); + return processFile(nipper, processFW1Input); + } + + // Process as a directory... + else + { + free(fileStats); + + // Set Directory name... + dirname = nipper->inputName; + + // Slash Char? +#if !defined(__WIN32__) + if (dirname[strlen(dirname) - 1] == '/') +#else + if (dirname[strlen(dirname) - 1] == '\\') +#endif + addSlash = false; + else + addSlash = true; + + // ------------------------ + // Process Objects Files... + + // Process objects_5_0.C + memset(fullname, 0, sizeof(fullname)); + if (addSlash == false) + sprintf(fullname, "%sobjects_5_0.C", dirname); + else + sprintf(fullname, "%s%cobjects_5_0.C", dirname, slashChar); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1Input); + + if (returnValue == false) + { + // Process objects.C_41 + memset(fullname, 0, sizeof(fullname)); + if (addSlash == false) + sprintf(fullname, "%sobjects.C_41", dirname); + else + sprintf(fullname, "%s%cobjects.C_41", dirname, slashChar); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1Input); + + // Process objects.C + if (returnValue == false) + { + memset(fullname, 0, sizeof(fullname)); + if (addSlash == false) + sprintf(fullname, "%sobjects.C", dirname); + else + sprintf(fullname, "%s%cobjects.C", dirname, slashChar); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1Input); + if (returnValue == false) + { + if (addSlash == false) + sprintf(fullname, "%sobjects.c", dirname); + else + sprintf(fullname, "%s%cobjects.c", dirname, slashChar); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1Input); + } + } + } + + // --------------------- + // Process Rule Files... + + // Process the Rules files... + policyCollectionPointer = nipper->fw1->policies; + while (policyCollectionPointer != 0) + { + memset(fullname, 0, sizeof(fullname)); + if (addSlash == false) + sprintf(fullname, "%s%s.W", dirname, policyCollectionPointer->name); + else + sprintf(fullname, "%s%c%s.W", dirname, slashChar, policyCollectionPointer->name); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1RuleInput); + policyCollectionPointer = policyCollectionPointer->next; + } + + // Process rules.C file... + memset(fullname, 0, sizeof(fullname)); + if (addSlash == false) + sprintf(fullname, "%srules.C", dirname); + else + sprintf(fullname, "%s%crules.C", dirname, slashChar); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1RulesInput); + if (returnValue == false) + { + if (addSlash == false) + sprintf(fullname, "%srules.c", dirname); + else + sprintf(fullname, "%s%crules.c", dirname, slashChar); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1RulesInput); + } + + // Process the Rulebase files (for comments mostly)... + memset(fullname, 0, sizeof(fullname)); + if (addSlash == false) + sprintf(fullname, "%srulebases_5_0.fws", dirname); + else + sprintf(fullname, "%s%crulebases_5_0.fws", dirname, slashChar); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1RuleInput); + + if (returnValue == false) + { + // Oh well, try this one then... + memset(fullname, 0, sizeof(fullname)); + if (addSlash == false) + sprintf(fullname, "%srulebases.fws", dirname); + else + sprintf(fullname, "%s%crulebases.fws", dirname, slashChar); + nipper->inputName = fullname; + returnValue = processFile(nipper, processFW1Input); + } + + return true; + } + break; + + // Sonic Wall devices... + case type_sonicwall: + // SonicWall configs are base64 encoded. The file needs to be decoded first... + + // Check the file has some contents... + fileStats = malloc(sizeof(struct stat)); + stat(nipper->inputName, fileStats); + if (fileStats->st_size == 0) + { + free(fileStats); + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_empty_file; + return false; + } + + // Set buffer to the size of the file... + buffer = malloc(fileStats->st_size + 1); + memset (buffer, 0, fileStats->st_size + 1); + tempFile = fopen(nipper->inputName, "r"); + fread(buffer, 1, fileStats->st_size, tempFile); + fclose(tempFile); + returnValue = base64DecodeChars(buffer); + if (returnValue == true) + { + sprintf(temporaryFileName, "%sdelete-me-%d", tmpDir, rand()); + tempFile = fopen(temporaryFileName, "w"); + fwrite(buffer, 1, strlen(buffer), tempFile); + fclose(tempFile); + nipper->inputName = temporaryFileName; + } + free(buffer); + free(fileStats); + + // If base64 decode failed... + if (returnValue == false) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_base64_decode; + return false; + } + + // Create Structure... + nipper->sonicos = malloc(sizeof(struct sonicosConfig)); + + // Init... + memset(nipper->sonicos, 0, sizeof(struct sonicosConfig)); + nipper->sonicos->enhanced = false; + + // Process... + returnValue = processFile(nipper, processSonicOSInput); + + // Cleanup + unlink(temporaryFileName); + break; + } + + return false; +} + diff --git a/0.11.10/common/nipper-namemappings.c b/0.11.10/common/nipper-namemappings.c new file mode 100644 index 0000000..b783080 --- /dev/null +++ b/0.11.10/common/nipper-namemappings.c @@ -0,0 +1,218 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void processNameMappings(struct nipperConfig *nipper) +{ + // Variables... + char tempString[nipper->maxSize]; + struct filterObjectConfig *filterObjectPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + + // Convert filters names to ip addresses + if ((nipper->filterList != 0) && (nipper->objectList != 0)) + { + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + // Source... + filterObjectPointer = filterPointer->source; + while (filterObjectPointer != 0) + { + objectListPointer = nipper->objectList; + if ((nipper->deviceType == type_sos_firewall) && (objectListPointer != 0)) + { + while ((strcasecmp(filterListPointer->fromZone, objectListPointer->name) != 0) && (objectListPointer->next != 0)) + objectListPointer = objectListPointer->next; + if (strcasecmp(filterListPointer->fromZone, objectListPointer->name) != 0) + objectListPointer = 0; + } + while (objectListPointer != 0) + { + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (strcasecmp(objectPointer->name, filterObjectPointer->name) == 0) + { + if (objectPointer->type == object_type_network) + { + sprintf(tempString, "%s %s", objectPointer->address, objectPointer->netMask); + strncpy(filterObjectPointer->name, tempString, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(tempString)] = 0; + } + else if (objectPointer->type == object_type_machinesrange) + { + sprintf(tempString, "%s - %s", objectPointer->address, objectPointer->netMask); + strncpy(filterObjectPointer->name, tempString, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(tempString)] = 0; + } + else if ((objectPointer->type != object_type_group) && (objectPointer->type != object_type_gateway_cluster)) + { + strncpy(filterObjectPointer->name, objectPointer->address, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(objectPointer->address)] = 0; + } + } + objectPointer = objectPointer->next; + } + objectListPointer = objectListPointer->next; + } + filterObjectPointer = filterObjectPointer->next; + } + + // Destination... + filterObjectPointer = filterPointer->destination; + while (filterObjectPointer != 0) + { + objectListPointer = nipper->objectList; + if ((nipper->deviceType == type_sos_firewall) && (objectListPointer != 0)) + { + while ((strcasecmp(filterListPointer->toZone, objectListPointer->name) != 0) && (objectListPointer->next != 0)) + objectListPointer = objectListPointer->next; + if (strcasecmp(filterListPointer->toZone, objectListPointer->name) != 0) + objectListPointer = 0; + } + while (objectListPointer != 0) + { + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (strcasecmp(objectPointer->name, filterObjectPointer->name) == 0) + { + if (objectPointer->type == object_type_network) + { + sprintf(tempString, "%s %s", objectPointer->address, objectPointer->netMask); + strncpy(filterObjectPointer->name, tempString, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(tempString)] = 0; + } + else if (objectPointer->type == object_type_machinesrange) + { + sprintf(tempString, "%s - %s", objectPointer->address, objectPointer->netMask); + strncpy(filterObjectPointer->name, tempString, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(tempString)] = 0; + } + else if ((objectPointer->type != object_type_group) && (objectPointer->type != object_type_gateway_cluster)) + { + strncpy(filterObjectPointer->name, objectPointer->address, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(objectPointer->address)] = 0; + } + } + objectPointer = objectPointer->next; + } + objectListPointer = objectListPointer->next; + } + filterObjectPointer = filterObjectPointer->next; + } + + // Through... + filterObjectPointer = filterPointer->through; + while (filterObjectPointer != 0) + { + objectListPointer = nipper->objectList; + while (objectListPointer != 0) + { + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (strcasecmp(objectPointer->name, filterObjectPointer->name) == 0) + { + if (objectPointer->type == object_type_network) + { + sprintf(tempString, "%s %s", objectPointer->address, objectPointer->netMask); + strncpy(filterObjectPointer->name, tempString, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(tempString)] = 0; + } + else if (objectPointer->type == object_type_machinesrange) + { + sprintf(tempString, "%s - %s", objectPointer->address, objectPointer->netMask); + strncpy(filterObjectPointer->name, tempString, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(tempString)] = 0; + } + else if ((objectPointer->type != object_type_group) && (objectPointer->type != object_type_gateway_cluster)) + { + strncpy(filterObjectPointer->name, objectPointer->address, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(objectPointer->address)] = 0; + } + } + objectPointer = objectPointer->next; + } + objectListPointer = objectListPointer->next; + } + filterObjectPointer = filterObjectPointer->next; + } + + // Installed on... + filterObjectPointer = filterPointer->install; + while (filterObjectPointer != 0) + { + objectListPointer = nipper->objectList; + while (objectListPointer != 0) + { + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + if (strcasecmp(objectPointer->name, filterObjectPointer->name) == 0) + { + if (objectPointer->type == object_type_network) + { + sprintf(tempString, "%s %s", objectPointer->address, objectPointer->netMask); + strncpy(filterObjectPointer->name, tempString, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(tempString)] = 0; + } + else if (objectPointer->type == object_type_machinesrange) + { + sprintf(tempString, "%s - %s", objectPointer->address, objectPointer->netMask); + strncpy(filterObjectPointer->name, tempString, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(tempString)] = 0; + } + else if ((objectPointer->type != object_type_group) && (objectPointer->type != object_type_gateway_cluster)) + { + strncpy(filterObjectPointer->name, objectPointer->address, sizeof(filterObjectPointer->name) - 1); + filterObjectPointer->name[strlen(objectPointer->address)] = 0; + } + } + objectPointer = objectPointer->next; + } + objectListPointer = objectListPointer->next; + } + filterObjectPointer = filterObjectPointer->next; + } + + filterPointer = filterPointer->next; + } + filterListPointer = filterListPointer->next; + } + } +} diff --git a/0.11.10/common/nipper-objects.c b/0.11.10/common/nipper-objects.c new file mode 100644 index 0000000..ede30b2 --- /dev/null +++ b/0.11.10/common/nipper-objects.c @@ -0,0 +1,303 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// This file contains all the code for objects... + + +struct objectListConfig +{ + char name[64]; + + struct objectConfig *object; + + // Next list... + struct objectListConfig *next; +}; + + +struct objectConfig +{ + char name[64]; + char address[64]; + char netMask[16]; + int type; // object_type_network... + char comment[128]; // Used by ScreenOS and is Description with PIX + + // Cisco PIX (also used by SonicOS and FW1)... + int serviceType; // object_service_tcp... + + // Used by FW1... + int firewall; // Is the object a firewall? (FW1) + int internal; // Is the object internal? (FW1) + int management; // Is management firewall? + char cpVersion[8]; // CheckPoint Version + int cpVersionMajor; // Major + int cpVersionMinor; // Minor + struct objectMember *members; // Group members + struct hostInterfaces *interfaces; // Interfaces + + struct objectConfig *next; +}; + + +struct objectMember +{ + int number; // Used for cluster members + char name[64]; + char netMask[16]; + int type; + int serviceOp; + struct objectMember *next; +}; + + +// Interface config used by Firewall-1 +struct hostInterfaces +{ + int interface; // Interface No. + int dynamicIP; + char name[16]; // Interface name + char address[16]; + char netMask[16]; + struct hostInterfaces *next; +}; + + +// Get pointer to object list (or create a new one)... +struct objectListConfig *getObjectListPointer(struct nipperConfig *nipper, char *name) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + int init = false; + + // If first object list... + if (nipper->objectList == 0) + { + nipper->objectList = malloc(sizeof(struct objectListConfig)); + objectListPointer = nipper->objectList; + init = true; + } + else + { + objectListPointer = nipper->objectList; + while ((objectListPointer->next != 0) && (strcmp(objectListPointer->name, name) != 0)) + objectListPointer = objectListPointer->next; + if (strcmp(objectListPointer->name, name) != 0) + { + objectListPointer->next = malloc(sizeof(struct objectListConfig)); + objectListPointer = objectListPointer->next; + init = true; + } + } + + // Init... + if (init == true) + { + memset(objectListPointer, 0, sizeof(struct objectListConfig)); + strncpy(objectListPointer->name, name, sizeof(objectListPointer->name) - 1); + } + + return objectListPointer; +} + + +// Get pointer to object (or create a new one)... +struct objectConfig *getObjectPointer(struct objectListConfig *objectListPointer, char *name) +{ + // Variables... + struct objectConfig *objectPointer = 0; + int init = false; + + // If first object + if (objectListPointer->object == 0) + { + objectListPointer->object = malloc(sizeof(struct objectConfig)); + objectPointer = objectListPointer->object; + init = true; + } + else + { + objectPointer = objectListPointer->object; + while ((objectPointer->next != 0) && (strcmp(objectPointer->name, name) != 0)) + objectPointer = objectPointer->next; + if (strcmp(objectPointer->name, name) != 0) + { + objectPointer->next = malloc(sizeof(struct objectConfig)); + objectPointer = objectPointer->next; + init = true; + } + } + + // Init... + if (init == true) + { + memset(objectPointer, 0, sizeof(struct objectConfig)); + strncpy(objectPointer->name, name, sizeof(objectPointer->name) - 1); + objectPointer->firewall = false; + objectPointer->internal = true; + objectPointer->management = false; + } + + return objectPointer; +} + + +// Get a pointer to an object member (or add one)... +struct objectMember *getObjectMember(struct objectConfig *objectPointer, char *member) +{ + // Variables... + struct objectMember *memberPointer = 0; + int init = false; + + // If first... + if (objectPointer->members == 0) + { + objectPointer->members = malloc(sizeof(struct objectMember)); + memberPointer = objectPointer->members; + init = true; + } + else + { + memberPointer = objectPointer->members; + while ((memberPointer->next != 0) && (strcmp(memberPointer->name, member) != 0)) + memberPointer = memberPointer->next; + if (strcmp(memberPointer->name, member) != 0) + { + memberPointer->next = malloc(sizeof(struct objectMember)); + memberPointer = memberPointer->next; + init = true; + } + } + + // Init? + if (init == true) + { + memset(memberPointer, 0, sizeof(struct objectMember)); + strncpy(memberPointer->name, member, sizeof(memberPointer->name) - 1); + memberPointer->type = object_type_notset; + } + + return memberPointer; +} + + +// Set netmask from CIDR... +void setMaskFromCIDR(char *netmask, int cidr) +{ + const char netmasks[][16] = { "0.0.0.0", "128.0.0.0", "192.0.0.0", "224.0.0.0", "240.0.0.0", + "248.0.0.0", "252.0.0.0", "254.0.0.0", "255.0.0.0", "255.128.0.0", + "255.192.0.0", "255.224.0.0", "255.240.0.0", "255.248.0.0", + "255.252.0.0", "255.254.0.0", "255.255.0.0", "255.255.128.0", + "255.255.192.0", "255.255.224.0", "255.255.240.0", "255.255.248.0", + "255.255.252.0", "255.255.254.0", "255.255.255.0", "255.255.255.128", + "255.255.255.192", "255.255.255.224", "255.255.255.240", + "255.255.255.248", "255.255.255.252", "255.255.255.254", + "255.255.255.255" }; + + strcpy(netmask, netmasks[cidr]); +} + + +// Output the ACL debug information... +void reportObjectsDebug(struct nipperConfig *nipper) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + struct hostInterfaces *fw1InterfacePointer = 0; + struct objectMember *memberPointer = 0; + + objectListPointer = nipper->objectList; + while (objectListPointer != 0) + { + printf("Object List: %s\n", objectListPointer->name); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + printf(" Object: %s\n", objectPointer->name); + printf(" Address: %s\n", objectPointer->address); + printf(" Netmask: %s\n", objectPointer->netMask); + printf(" Comment: %s\n", objectPointer->comment); + printf(" Type: %d\n", objectPointer->type); + printf(" Service Type: %d\n", objectPointer->serviceType); + printf(" Firewall: %d\n", objectPointer->firewall); + printf(" Internal: %d\n", objectPointer->internal); + printf(" Management: %d\n", objectPointer->management); + printf(" CP Version: %s\n", objectPointer->cpVersion); + printf(" CP Version Major: %d\n", objectPointer->cpVersionMajor); + printf(" CP Version Minor: %d\n", objectPointer->cpVersionMinor); + fw1InterfacePointer = objectPointer->interfaces; + while (fw1InterfacePointer != 0) + { + printf(" Interface: %d\n", fw1InterfacePointer->interface); + printf(" Name: %s\n", fw1InterfacePointer->name); + printf(" Dynamic IP: %d\n", fw1InterfacePointer->dynamicIP); + printf(" Address: %s\n", fw1InterfacePointer->address); + printf(" Net Mask: %s\n", fw1InterfacePointer->netMask); + fw1InterfacePointer = fw1InterfacePointer->next; + } + memberPointer = objectPointer->members; + while (memberPointer != 0) + { + printf(" Member: %s\n", memberPointer->name); + printf(" Number: %d\n", memberPointer->number); + printf(" Mask: %s\n", memberPointer->netMask); + printf(" Type: %d\n", memberPointer->type); + memberPointer = memberPointer->next; + } + objectPointer = objectPointer->next; + } + objectListPointer = objectListPointer->next; + } +} + + +// Report name mappings... +void nameMapConfig(struct nipperConfig *nipper) +{ + // Variables... + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + + objectListPointer = nipper->objectList; + while (strcmp(objectListPointer->name, "NAMELIST") != 0) + objectListPointer = objectListPointer->next; + + output_table(nipper, true, settings_namemap_table, &settings_namemap_heading); + objectPointer = objectListPointer->object; + while (objectPointer != 0) + { + fprintf(nipper->reportFile, "%s%s%s%s%s", nipper->tablerow_start, objectPointer->name, nipper->tablerow_mid, objectPointer->address, nipper->tablerow_end); + objectPointer = objectPointer->next; + } + output_table(nipper, false, settings_namemap_table, &settings_namemap_heading); +} + + diff --git a/0.11.10/common/nipper-remote-snmp.c b/0.11.10/common/nipper-remote-snmp.c new file mode 100644 index 0000000..27444fa --- /dev/null +++ b/0.11.10/common/nipper-remote-snmp.c @@ -0,0 +1,131 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#if !defined(__WIN32__) +void getRemoteConfig(struct nipperConfig *nipper, char *tempFile, int tempFileSize, char *localSave) +{ + // Variables... + int tempInt = 0; + int tempInt2 = 0; + struct stat *fileStats = 0; + char tempCommand[nipper->maxSize]; + + // Get remote config? + if (getuid() == 0) + { + + // Create tftp file + tempInt = rand(); + if (nipper->remoteTftp[strlen(nipper->remoteTftp) -1] != '/') + nipper->remoteTftp[strlen(nipper->remoteTftp)] = '/'; + sprintf(tempCommand, "touch %s%d.config", nipper->remoteTftp, tempInt); + system(tempCommand); + + // Set tftp file writable + sprintf(tempCommand, "chmod 666 %s%d.config", nipper->remoteTftp, tempInt); + system(tempCommand); + + // Old method? + if (nipper->oldCisco == true) + { + // http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a008009463e.shtml + // Write to SNMP server + sprintf(tempCommand, "snmpset -c %s -v 1 %s 1.3.6.1.4.1.9.2.1.55.%s s \"%d.config\"", nipper->remoteSnmp, nipper->remoteIP, nipper->localIP, tempInt); + if (nipper->debugMode == true) + printf("SNMP Command: %s\n", tempCommand); + system(tempCommand); + } + + // new method#if !defined(__WIN32__) + else + { + // http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094aa6.shtml + // Write to SNMP server + tempInt2 = rand(); + sprintf(tempCommand, "snmpset -c %s -v 1 %s .1.3.6.1.4.1.9.9.96.1.1.1.1.2.%d i 1 .1.3.6.1.4.1.9.9.96.1.1.1.1.3.%d i 4 .1.3.6.1.4.1.9.9.96.1.1.1.1.4.%d i 1 .1.3.6.1.4.1.9.9.96.1.1.1.1.5.%d a \"%s\" .1.3.6.1.4.1.9.9.96.1.1.1.1.6.%d s \"%d.config\" .1.3.6.1.4.1.9.9.96.1.1.1.1.14.%d i 4", nipper->remoteSnmp, nipper->remoteIP, tempInt2, tempInt2, tempInt2, tempInt2, nipper->localIP, tempInt2, tempInt, tempInt2); + if (nipper->debugMode == true) + printf("SNMP Command: %s\n", tempCommand); + system(tempCommand); + } + + // Wait for a couple of secs (for file to arrive) + system("sleep 3"); + + // Check the file has content + fileStats = malloc(sizeof(struct stat)); + memset(tempCommand, 0, sizeof(tempCommand)); + sprintf(tempCommand, "%s%d.config", nipper->remoteTftp, tempInt); + stat(tempCommand, fileStats); + + // Cleanup SNMP if new... + if (nipper->oldCisco == false) + { + memset(tempCommand, 0, sizeof(tempCommand)); + sprintf(tempCommand, "snmpset -c %s -v 1 %s .1.3.6.1.4.1.9.9.96.1.1.1.1.14.%d i 6", nipper->remoteSnmp, nipper->remoteIP, tempInt2); + system(tempCommand); + } + + // Exit if file has nothing in it... + if (fileStats->st_size == 0) + { + free(fileStats); + unlink(tempCommand); + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_snmp_failure; + } + else + { + + // If file is to called something... + if (nipper->localSave != 0) + { + memset(tempCommand, 0, sizeof(tempCommand)); + sprintf(tempCommand, "mv %s%d.config %s", nipper->remoteTftp, tempInt, localSave); + system(tempCommand); + memset(tempCommand, 0, sizeof(tempCommand)); + sprintf(tempCommand, "%s", localSave); + nipper->inputName = tempCommand; + } + else + { + sprintf(tempCommand, "%s%d.config", nipper->remoteTftp, tempInt); + strncpy(tempFile, tempCommand, tempFileSize); + nipper->inputName = tempFile; + } + } + free(fileStats); + } + else + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_snmp_root; + } +} +#endif diff --git a/0.11.10/common/nipper-struct.c b/0.11.10/common/nipper-struct.c new file mode 100644 index 0000000..aa7f973 --- /dev/null +++ b/0.11.10/common/nipper-struct.c @@ -0,0 +1,254 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +struct nipperConfig // Global Configuration +{ + // Program options... + int nipperMode; + int helpMode; // The help page to show, see codes above + int force; // Force configuration type (bypass type checking) + char companyName[128]; // Company name to output in a report + struct johnPassword *john; // The encrypted passwords to crack with john-the-ripper + + int sectionCount; + int subSectionCount; + + // Latex report output options + char paperSize[32]; + char documentClass[32]; + + // SNMP Options + char remoteIP[16]; // Retrival of Config remotely - IP + char localIP[16]; // Retrival of Config remotely - IP (local) + char remoteTftp[128]; // Retrival of Config remotely - TFTP root + char remoteSnmp[128]; // Retrival of Config remotely - SNMP community + int localSave; // Retrival of Config remotely - Config Save Name + int oldCisco; // Retrival of Config remotely - Old or new methods + + // Reporting + struct reportText *report; // Reporting config + + // Table Structure Pointers, used for report writing + const char *tablerow_start; + const char *tablerow_mid; + const char *tablerow_end; + const char *tablerow_itemsep; + + // Report Output Options + int outputFormat; // Output file format output_text... + int abs; // Abbreviation output + int loggingLevels; // Logging Levels output + int timeZones; // Time Zone output + int appendix; // Appendix output + int glossary; // Glossary output + int commonPorts; // Common Ports output + int fullReport; // Include Security Audit + int configReport; // Include configuration report + int expandACL; // Expand an ACL's object definitions. + int names; // Show hostnames instead of IP addresses (where possible) + int passwords; // Output passwords? + int nipperVersion; // Output nipper appendix version details + + // Debug Options + int debugMode; // Show debug output + int linesnotprocessed; // Print the lines that were not processed (true or false) + int debugAbbrev; // Output Abbreviations that were not found + + // File Handles / File Names + char *outputFile; // Argument that contains output file, if specified. + char *johnFile; // John the ripper file name + FILE *input; // Input file + char *inputName; // Input name from command line + FILE *reportFile; // Report file + char *dictionaryFilename; // The Dictionary Filename + char *dictionaryFile; // Dictionary file + FILE *dictFile; // The Dictionary File handle + char *cssFile; // HTML CSS file + char *cssFromConfig; // CSS filename from config file + int doCSV; // Do CSV? + char *csvFilename; // ACL output CSV filename + FILE *csvFile; + int showACLComments; + + // Default Password Settings + int passwordLength; + int passwordUppers; + int passwordLowers; + int passwordEither; + int passwordNumbers; + int passwordSpecials; + + // Connection settings + int connectionTimeout; // The Connection Timeout + + // Issue Counters... + int aclIssues; + int denyIssue; + int rejectIssue; + int simplePasswords; + int passwordStrengths; + int insecureTimeouts; + int vulnIssues; + int vulnIssueDos; + int vulnIssueRemote; + int ipDirectedIssues; + int switchportModeIssues; + int switchportIssues; + int proxyArpIssues; + int unreachIssues; + int maskReplyIssues; + int loggingIssue; + int enableIssues; + int vrrpIssues; + int ospfAuthMD5; + int ospfAuthNoneIssues; + int ospfAuthClearIssues; + int eigrpIssues; + int ripIssues; + int redirectsIssues; + int uRPFIssues; + int snmpIssue; + int sshIssue; + int sshManIssues; + + // Misc Variables... + int maxSize; // Maximum Variable Size + int tableNum; // Current Table Number for Report Writing + + // Device Details... + int deviceType; // type_screenos... + char *deviceModel; // Model series + char *deviceModelInt; // * Do not use * + int deviceUse; // use_edge, use_internal, use_all (default) + char hostname[128]; + char domainName[128]; + char friendlyHostname[148]; // Hostname processed for report output + char version[16]; // Version string + int versionMajor; + int versionMinor; + int versionRevision; + int versionRevisionMinor; + + // Device Specific Configuration + struct ciscoIOSConfig *ios; + struct ciscoPIXConfig *pix; + struct ciscoNMPConfig *nmp; + struct ciscoCSSConfig *css; + struct screenOSConfig *sos; + struct passportConfig *pas; + struct firewall1Config *fw1; + struct sonicosConfig *sonicos; + + // Common Device Specific Configuration + struct filterListConfig *filterList; + struct objectListConfig *objectList; + + // Filtering options + int denyLogIssue; // Check for deny all and log at the end of filtering rules + int anySourceIssue; // Any Source + int networkSourceIssue; // Network Source + int anySourceServiceIssue; // Any Source Service + int anyDestinationIssue; // Any Destination + int networkDestinationIssue; // Network Destination + int anyDestinationServiceIssue; // Any Destination Service + int allRulesLogIssue; // All Rules Log + int disabledRulesIssue; // Disabled Rules + int rejectRulesIssue; // Reject Rules + int logDenyRulesIssue; // Log Deny Rules + int bypassRulesIssue; // Bypass Rules + int defaultRulesIssue; // Default Rules + + // Filter Issue Counters + int anySource; + int networkSource; + int anySourceService; + int anyDestination; + int networkDestination; + int anyDestinationService; + int filtersWithNoLogging; + int denyAllAndLog; + int disabledRules; + int rejectRules; + int logDenyRules; + int bypassRules; + int defaultRules; +}; + + +struct host // Host +{ + char server[32]; + struct host *next; +}; + + +// Used to break each line up +struct ciscoCommand +{ + int parts; + char part[40][128]; +}; + + +// Encrypted passwords for john +struct johnPassword +{ + char username[128]; + char password[128]; + struct johnPassword *next; +}; + + +// Reporting +struct reportText +{ + int section; // Section + const char *sectionTitle; // Section Title + const char *shortConText; // Short Conculsions text + const char *shortRecText; // Short Recommendations text + // All scores are between 1 and 10 (0 is off or N/A) + int scoreOverall; // Overall Score + int scoreImpact; // Impact of issue + int scoreEase; // Ease of exploitation + int scoreRec; // How easy to fix + void (*writeSection)(struct nipperConfig *nipper); + struct reportText *next; +}; + + +// SNMP Traps +struct snmpTrap +{ + char trap[128]; + int enabled; + struct snmpTrap *next; +}; + diff --git a/0.11.10/common/report-acl.c b/0.11.10/common/report-acl.c new file mode 100644 index 0000000..20ed005 --- /dev/null +++ b/0.11.10/common/report-acl.c @@ -0,0 +1,2363 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Output a remark into the filter table... +void reportFilterRemark(struct nipperConfig *nipper, struct filterListConfig *filterListPointer, struct filterConfig *filterPointer) +{ + switch (nipper->deviceType) + { + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if (filterListPointer->type == access_old) + table_row_span(nipper, &settings_accesspix_heading, filterPointer->remark); + else if (filterListPointer->type == access_std) + table_row_span(nipper, &settings_accessstdpix_heading, filterPointer->remark); + else if (filterListPointer->type == access_ext) + table_row_span(nipper, &settings_accessextpix_heading, filterPointer->remark); + break; + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + if (filterListPointer->type == access_std) + table_row_span(nipper, &settings_accessstd_heading, filterPointer->remark); + else if (filterListPointer->type == access_ext) + table_row_span(nipper, &settings_accessext_heading, filterPointer->remark); + break; + case type_css_filter: + table_row_span(nipper, &settings_acl_css_heading, filterPointer->remark); + break; + case type_fw1_firewall: + case type_nokiaip: + table_row_span(nipper, &settings_policycol_heading, filterPointer->remark); + break; + case type_sos_firewall: + table_row_span(nipper, &settings_policies_heading, filterPointer->remark); + break; + case type_passport: + case type_bayaccelar: + if (strcmp(filterListPointer->name, "**UNASSIGNED**") == 0) + table_row_span(nipper, &settings_filter_heading, filterPointer->remark); + else if (atoi(filterListPointer->name) < 101) + table_row_span(nipper, &settings_filterset_heading, filterPointer->remark); + else if ((atoi(filterListPointer->name) > 299) && (atoi(filterListPointer->name) < 1001)) + table_row_span(nipper, &settings_filter_heading, filterPointer->remark); + break; + case type_sonicwall: + table_row_span(nipper, &settings_accessrules_heading, filterPointer->remark); + break; + } +} + + +// Report the source/destination +void reportSourceDestination(struct nipperConfig *nipper, struct filterObjectConfig *filterObjectPointer) +{ + // Variables... + char tempString[nipper->maxSize]; + + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\""); + + while (filterObjectPointer != 0) + { + outputFriendly(filterObjectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + + switch (filterObjectPointer->type) + { + case object_type_machinesrange: + fprintf(nipper->reportFile, "%s - %s", tempString, filterObjectPointer->netMask); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s - %s", tempString, filterObjectPointer->netMask); + break; + case object_type_network: + fprintf(nipper->reportFile, "%s / %s", tempString, filterObjectPointer->netMask); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s / %s", tempString, filterObjectPointer->netMask); + break; + case object_type_interface: + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + break; + case object_type_object: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "", tempString); + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + break; + case object_type_protocol: + addAbbreviation(filterObjectPointer->name, false); + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + break; + case object_type_host: + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + break; + case object_type_any: + fprintf(nipper->reportFile, "Any"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "Any"); + break; + } + + if (filterObjectPointer->next != 0) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_itemsep); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "; "); + } + + filterObjectPointer = filterObjectPointer->next; + } + + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\""); + +} + + +// Report objects one after another... +void reportSourceDestinationLine(struct nipperConfig *nipper, struct filterObjectConfig *filterObjectPointer) +{ + // Variables... + char tempString[nipper->maxSize]; + + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\""); + + while (filterObjectPointer != 0) + { + outputFriendly(filterObjectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + + switch (filterObjectPointer->type) + { + case object_type_network: + fprintf(nipper->reportFile, "%s / %s", tempString, filterObjectPointer->netMask); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s - %s", tempString, filterObjectPointer->netMask); + break; + case object_type_interface: + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + break; + case object_type_object: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "", tempString); + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + break; + case object_type_protocol: + addAbbreviation(filterObjectPointer->name, false); + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + break; + case object_type_host: + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + break; + case object_type_any: + fprintf(nipper->reportFile, "any address"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "any address"); + break; + } + + if (filterObjectPointer->next != 0) + { + if (filterObjectPointer->next->next == 0) + fprintf(nipper->reportFile, " and "); + else + fprintf(nipper->reportFile, ", "); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "; "); + } + + filterObjectPointer = filterObjectPointer->next; + } + + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\""); + +} + + +// Report the service +void reportService(struct nipperConfig *nipper, struct filterObjectConfig *filterObjectPointer) +{ + + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\""); + + while (filterObjectPointer != 0) + { + addAbbreviation(filterObjectPointer->name, false); + + if (filterObjectPointer->serviceOp == service_oper_eq) + { + fprintf(nipper->reportFile, "%s", filterObjectPointer->name); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", filterObjectPointer->name); + } + else if (filterObjectPointer->serviceOp == service_oper_neq) + { + fprintf(nipper->reportFile, "not %s", filterObjectPointer->name); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "not %s", filterObjectPointer->name); + } + else if (filterObjectPointer->serviceOp == service_oper_lt) + { + fprintf(nipper->reportFile, "less than %s", filterObjectPointer->name); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "less than %s", filterObjectPointer->name); + } + else if (filterObjectPointer->serviceOp == service_oper_gt) + { + fprintf(nipper->reportFile, "greater than %s", filterObjectPointer->name); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "greater than %s", filterObjectPointer->name); + } + else if (filterObjectPointer->serviceOp == service_oper_range) + { + fprintf(nipper->reportFile, "%s - %s", filterObjectPointer->name, filterObjectPointer->netMask); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s - %s", filterObjectPointer->name, filterObjectPointer->netMask); + addAbbreviation(filterObjectPointer->netMask, false); + } + else if (filterObjectPointer->serviceOp == service_oper_ignore) + { + fprintf(nipper->reportFile, "Any"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "Any"); + } + else + { + fprintf(nipper->reportFile, "%s", filterObjectPointer->name); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", filterObjectPointer->name); + } + + if (filterObjectPointer->next != 0) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_itemsep); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "; "); + } + + filterObjectPointer = filterObjectPointer->next; + } + + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\""); + +} + + +// Output the filter to the filter table... +void reportFilter(struct nipperConfig *nipper, int ruleNumber, struct filterListConfig *filterListPointer, struct filterConfig *filterPointer) +{ + // Variables... + struct filterObjectConfig *filterObjectPointer = 0; + struct objectListConfig *objectListPointer = 0; + struct objectConfig *objectPointer = 0; + char tempString[nipper->maxSize]; + + switch (nipper->deviceType) + { + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + // Rule No. + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterListPointer->name, ruleNumber, ruleNumber, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, ruleNumber, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", \"%d\", ", filterListPointer->name, ruleNumber); + // Action... + switch (filterPointer->action) + { + case filter_action_drop: + fprintf(nipper->reportFile, "Deny%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Deny\", "); + break; + case filter_action_accept: + fprintf(nipper->reportFile, "Permit%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Permit\", "); + break; + } + // Protocol + if (filterListPointer->type != access_std) + { + fprintf(nipper->reportFile, "%s%s", filterPointer->protocol, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", ", filterPointer->protocol); + addAbbreviation(filterPointer->protocol, false); + } + // Source + reportSourceDestination(nipper, filterPointer->source); + // Std ACL end + if (filterListPointer->type == access_std) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\n"); + } + // Old/Extended ACL + else + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Source Service + reportService(nipper, filterPointer->sourceService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Destination + reportSourceDestination(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Destination Service + reportService(nipper, filterPointer->destinationService); + if (filterListPointer->type != access_ext) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\n"); + } + else + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Log + if (filterPointer->log == true) + { + fprintf(nipper->reportFile, "Yes"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\", "); + } + else + { + fprintf(nipper->reportFile, "No"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\", "); + } + + // Active + if (filterPointer->enabled == true) + { + fprintf(nipper->reportFile, "%sYes%s", nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\"\n"); + } + else + { + fprintf(nipper->reportFile, "%sNo%s", nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\"\n"); + } + } + } + break; + + // IOS-based devices... + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterListPointer->name, ruleNumber, ruleNumber, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, ruleNumber, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", \"%d\", ", filterListPointer->name, ruleNumber); + switch (filterPointer->action) + { + case filter_action_drop: + fprintf(nipper->reportFile, "Deny%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Deny\", "); + break; + case filter_action_accept: + fprintf(nipper->reportFile, "Permit%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Permit\", "); + break; + } + if (filterListPointer->type == access_ext) + { + fprintf(nipper->reportFile, "%s%s", filterPointer->protocol, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", ", filterPointer->protocol); + addAbbreviation(filterPointer->protocol, false); + } + // Source + reportSourceDestination(nipper, filterPointer->source); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Extended ACL + if (filterListPointer->type == access_ext) + { + // Source Service + reportService(nipper, filterPointer->sourceService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Destination + reportSourceDestination(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Destination Service + reportService(nipper, filterPointer->destinationService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + } + // Log + if (filterPointer->log == true) + { + fprintf(nipper->reportFile, "Yes"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\""); + } + else + { + fprintf(nipper->reportFile, "No"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\""); + } + if (filterListPointer->type == access_std) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\n"); + } + else + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", \""); + if (filterPointer->established == true) + { + fprintf(nipper->reportFile, "Established"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "Established"); + } + if ((filterPointer->established == true) && (filterPointer->fragments == true)) + { + fprintf(nipper->reportFile, ", "); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "; "); + } + if (filterPointer->fragments == true) + { + fprintf(nipper->reportFile, "Fragments"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "Fragments"); + } + fprintf(nipper->reportFile, " %s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"\n"); + } + break; + + // Firewall-1 Filter... + case type_fw1_firewall: + case type_nokiaip: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterListPointer->name, ruleNumber, ruleNumber, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, ruleNumber, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", \"%d\", ", filterListPointer->name, ruleNumber); + if (filterPointer->enabled == true) + { + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\", "); + } + else + { + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\", "); + } + switch (filterPointer->action) + { + case filter_action_drop: + fprintf(nipper->reportFile, "Drop%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Drop\", "); + break; + case filter_action_accept: + fprintf(nipper->reportFile, "Accept%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Accept\", "); + break; + case filter_action_reject: + fprintf(nipper->reportFile, "Reject%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Reject\", "); + break; + } + // Source... + reportSourceDestination(nipper, filterPointer->source); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Destination... + reportSourceDestination(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + // Destination Service... + reportService(nipper, filterPointer->destinationService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", \""); + filterObjectPointer = filterPointer->through; + while (filterObjectPointer != 0) + { + outputFriendly(filterObjectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + if (filterObjectPointer->next != 0) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_itemsep); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "; "); + } + filterObjectPointer = filterObjectPointer->next; + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\", \""); + filterObjectPointer = filterPointer->install; + while (filterObjectPointer != 0) + { + outputFriendly(filterObjectPointer->name, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + if (filterObjectPointer->next != 0) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_itemsep); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "; "); + } + filterObjectPointer = filterObjectPointer->next; + } + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\", \""); + if (filterPointer->log == true) + { + fprintf(nipper->reportFile, "Yes"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "Yes\""); + } + else + { + fprintf(nipper->reportFile, "No"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "No\", "); + } + if (nipper->showACLComments == true) + { + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_mid, filterPointer->remark, nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", \"%s\"\n", filterPointer->remark); + } + else + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\n"); + } + break; + + // ScreenOS Filter... + case type_sos_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterPointer->id, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", \"%s\", \"%d\", ", filterListPointer->fromZone, filterListPointer->toZone, filterPointer->id); + if (filterPointer->enabled == true) + { + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\", "); + } + else + { + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\", "); + } + switch (filterPointer->action) + { + case filter_action_accept: + fprintf(nipper->reportFile, "Permit%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Permit\", "); + break; + case filter_action_drop: + fprintf(nipper->reportFile, "Deny%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Deny\", "); + break; + case filter_action_reject: + fprintf(nipper->reportFile, "Reject%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Reject\", "); + break; + } + reportSourceDestination(nipper, filterPointer->source); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportSourceDestination(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportService(nipper, filterPointer->destinationService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + if (filterPointer->log == true) + { + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\"\n"); + } + else + { + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\"\n"); + } + filterPointer = filterPointer->next; + break; + + // SonicOS... + case type_sonicwall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterListPointer->name, ruleNumber, ruleNumber, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, ruleNumber, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", \"%s\", \"%d\", ", filterListPointer->fromZone, filterListPointer->toZone, ruleNumber); + if (filterPointer->enabled == true) + { + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\", "); + } + else + { + fprintf(nipper->reportFile, "No%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\", "); + } + switch (filterPointer->action) + { + case filter_action_accept: + fprintf(nipper->reportFile, "Allow%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Allow\", "); + break; + case filter_action_reject: + fprintf(nipper->reportFile, "Deny%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Deny\", "); + break; + case filter_action_drop: + fprintf(nipper->reportFile, "Discard%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Discard\", "); + break; + } + reportSourceDestination(nipper, filterPointer->source); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportSourceDestination(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (filterListPointer->type == access_std) + { + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", \""); + objectListPointer = getObjectListPointer(nipper, "SERVICES"); + filterObjectPointer = filterPointer->destinationService; + while (filterObjectPointer != 0) + { + objectPointer = getObjectPointer(objectListPointer, filterObjectPointer->name); + outputFriendly(objectPointer->comment, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s", tempString); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "%s", tempString); + if (filterObjectPointer->next != 0) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_itemsep); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "; "); + } + filterObjectPointer = filterObjectPointer->next; + } + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\""); + } + else + reportService(nipper, filterPointer->destinationService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + if (filterPointer->fragments == true) + { + fprintf(nipper->reportFile, "Yes"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\""); + } + else + { + fprintf(nipper->reportFile, "No"); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\""); + } + if (filterListPointer->type == access_std) + { + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\n"); + } + else + { + if (filterPointer->log == true) + { + fprintf(nipper->reportFile, "%sYes%s", nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", \"Yes\"\n"); + } + else + { + fprintf(nipper->reportFile, "%sNo%s", nipper->tablerow_mid, nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", \"No\"\n"); + } + } + break; + + // Cisco CSS device... + case type_css_filter: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterPointer->id, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", \"%d\", ", filterListPointer->name, filterPointer->id); + switch (filterPointer->action) + { + case filter_action_accept: + fprintf(nipper->reportFile, "Permit%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Permit\", "); + break; + case filter_action_drop: + fprintf(nipper->reportFile, "Deny%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Deny\", "); + break; + case filter_action_bypass: + fprintf(nipper->reportFile, "Bypass%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Bypass\", "); + break; + } + outputFriendly(filterPointer->protocol, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", ", tempString); + reportSourceDestination(nipper, filterPointer->source); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportService(nipper, filterPointer->sourceService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportSourceDestination(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportService(nipper, filterPointer->destinationService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + if (filterPointer->log == true) + { + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\"\n"); + } + else + { + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\"\n"); + } + break; + + // Nortel Passport Devices... + case type_passport: + case type_bayaccelar: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid); + else + fprintf(nipper->reportFile, "%s%d%s", nipper->tablerow_start, filterPointer->id, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", \"%d\", ", filterListPointer->listName, filterPointer->id); + outputFriendly(filterPointer->remark, tempString, nipper->maxSize, nipper->outputFormat); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", ", tempString); + if (((atoi(filterListPointer->name) > 299) && (atoi(filterListPointer->name) < 1001)) || (strcmp(filterListPointer->name, "**UNASSIGNED**") == 0)) + { + switch (filterPointer->filterType) + { + case filter_type_source: + fprintf(nipper->reportFile, "Source%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Source\", "); + break; + case filter_type_destination: + fprintf(nipper->reportFile, "Dest%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Dest\", "); + break; + case filter_type_global: + fprintf(nipper->reportFile, "Global%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Global\", "); + break; + } + } + switch (filterPointer->action) + { + case filter_action_accept: + fprintf(nipper->reportFile, "Forward%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Forward\", "); + break; + case filter_action_drop: + fprintf(nipper->reportFile, "Drop%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Drop\", "); + break; + case filter_action_default: + fprintf(nipper->reportFile, "Default%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Default\", "); + break; + } + outputFriendly(filterPointer->protocol, tempString, nipper->maxSize, nipper->outputFormat); + addAbbreviation(filterPointer->protocol, false); + fprintf(nipper->reportFile, "%s%s", tempString, nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"%s\", ", tempString); + reportSourceDestination(nipper, filterPointer->source); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportService(nipper, filterPointer->sourceService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportSourceDestination(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + reportService(nipper, filterPointer->destinationService); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, ", "); + if (filterPointer->stop == true) + { + fprintf(nipper->reportFile, "Yes%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"Yes\"\n"); + } + else + { + fprintf(nipper->reportFile, "No%s", nipper->tablerow_end); + if (nipper->doCSV == true) + fprintf(nipper->csvFile, "\"No\"\n"); + } + break; + } +} + + +void outputCSVHeadings(struct nipperConfig *nipper, const char *title1, const char *title2, struct tableHeading *headings) +{ + // Variables... + struct tableHeading *headingPointer = 0; + + // first heading... + fprintf(nipper->csvFile, "\"%s\", ", title1); + + // second heading... + if (title2 != 0) + fprintf(nipper->csvFile, "\"%s\", ", title2); + + // remaining headings... + headingPointer = headings; + while (headingPointer != 0) + { + fprintf(nipper->csvFile, "\"%s\"", headingPointer->heading); + if (headingPointer->next != 0) + fprintf(nipper->csvFile, ", "); + else + fprintf(nipper->csvFile, "\n"); + headingPointer = headingPointer->next; + } +} + + +// Output the filter list table for the configuration section of the report +void reportRules(struct nipperConfig *nipper) +{ + // Variables... + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + char tempString[nipper->maxSize]; + char tempString2[nipper->maxSize]; + int ruleNumber = 0; + + if (nipper->csvFilename != 0) + nipper->doCSV = true; + + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + // Init rule number... + ruleNumber = 1; + + // Output Table Start... + switch (nipper->deviceType) + { + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if (filterListPointer->type == access_old) + { + sprintf(tempString, "%s %s", settings_accesslists_table, filterListPointer->name); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_accesspix_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "ACL", 0, &settings_accesspix_heading); + } + else if (filterListPointer->type == access_std) + { + sprintf(tempString, "%s %s", settings_accessstd_table, filterListPointer->name); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_accessstdpix_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "ACL", 0, &settings_accessstdpix_heading); + } + else if (filterListPointer->type == access_ext) + { + sprintf(tempString, "%s %s", settings_accessext_table, filterListPointer->name); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_accessextpix_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "ACL", 0, &settings_accessextpix_heading); + } + break; + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + if (filterListPointer->type == access_std) + { + sprintf(tempString, "%s %s", settings_accessstd_table, filterListPointer->name); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_accessstd_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "ACL", 0, &settings_accessstd_heading); + } + else if (filterListPointer->type == access_ext) + { + sprintf(tempString, "%s %s", settings_accessext_table, filterListPointer->name); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_accessext_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "ACL", 0, &settings_accessext_heading); + } + break; + case type_sos_firewall: + if (filterListPointer->global == true) + sprintf(tempString, "Global zone policy list"); + else if (filterListPointer->name[0] == 0) + sprintf(tempString, "Zone %s to zone %s policy list", filterListPointer->fromZone, filterListPointer->toZone); + else + sprintf(tempString, "%s policy list (zone %s to zone %s)", filterListPointer->name, filterListPointer->fromZone, filterListPointer->toZone); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_policies_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "From Zone", "To Zone", &settings_policies_heading); + break; + case type_fw1_firewall: + case type_nokiaip: + sprintf(tempString, "%s %s", filterListPointer->name, settings_policycol_table); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_policycol_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "Policy", 0, &settings_policycol_heading); + break; + case type_css_filter: + if (filterListPointer->applyTo[0] != 0) + sprintf(tempString2, "ACL %s (applied to %s)", filterListPointer->name, filterListPointer->applyTo); + else + sprintf(tempString2, "ACL %s", filterListPointer->name); + output_table(nipper, true, tempString2, &settings_acl_css_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "ACL", 0, &settings_acl_css_heading); + break; + case type_passport: + case type_bayaccelar: + if (strcmp(filterListPointer->name, "**UNASSIGNED**") == 0) + { + output_table(nipper, true, settings_filter_table, &settings_filter_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "Filter Set", 0, &settings_filter_heading); + } + else if (atoi(filterListPointer->name) < 101) + { + sprintf(tempString2, "Global filter set %s (%s)", filterListPointer->listName, filterListPointer->name); + output_table(nipper, true, tempString2, &settings_filterset_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "Filter Set", 0, &settings_filterset_heading); + } + else if ((atoi(filterListPointer->name) > 299) && (atoi(filterListPointer->name) < 1001)) + { + sprintf(tempString2, "Filter set %s (%s)", filterListPointer->listName, filterListPointer->name); + output_table(nipper, true, tempString2, &settings_filter_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "Filter Set", 0, &settings_filter_heading); + } + break; + case type_sonicwall: + + if (filterListPointer->type == access_std) + { + sprintf(tempString, "From %s to %s access rules", filterListPointer->fromZone, filterListPointer->toZone); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_accessrules_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "From", "To", &settings_accessrules_heading); + } + else + { + sprintf(tempString, "From %s to %s policies", filterListPointer->fromZone, filterListPointer->toZone); + outputFriendly(tempString, tempString2, nipper->maxSize, nipper->outputFormat); + output_table(nipper, true, tempString2, &settings_accesspolicy_heading); + if (nipper->doCSV == true) + outputCSVHeadings(nipper, "From", "To", &settings_accesspolicy_heading); + } + break; + } + + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + // Output filter?... + if (filterPointer->action != filter_action_remark) + { + reportFilter(nipper, ruleNumber, filterListPointer, filterPointer); + ruleNumber++; + } + + // Output remark/comment... + else + reportFilterRemark(nipper, filterListPointer, filterPointer); + + // Next Filter... + filterPointer = filterPointer->next; + } + + // Output Table End... + switch (nipper->deviceType) + { + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if (filterListPointer->type == access_old) + output_table(nipper, false, tempString2, &settings_accesspix_heading); + else if (filterListPointer->type == access_std) + output_table(nipper, false, tempString2, &settings_accessstdpix_heading); + else if (filterListPointer->type == access_ext) + output_table(nipper, false, tempString2, &settings_accessextpix_heading); + break; + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + if (filterListPointer->type == access_std) + output_table(nipper, false, tempString2, &settings_accessstd_heading); + else if (filterListPointer->type == access_ext) + output_table(nipper, false, tempString2, &settings_accessext_heading); + break; + case type_sos_firewall: + output_table(nipper, false, tempString2, &settings_policies_heading); + break; + case type_fw1_firewall: + case type_nokiaip: + output_table(nipper, false, tempString2, &settings_policycol_heading); + break; + case type_css_filter: + output_table(nipper, false, tempString2, &settings_acl_css_heading); + break; + case type_passport: + case type_bayaccelar: + if (strcmp(filterListPointer->name, "**UNASSIGNED**") == 0) + output_table(nipper, false, settings_filter_table, &settings_filter_heading); + else if (atoi(filterListPointer->name) < 101) + output_table(nipper, false, tempString2, &settings_filterset_heading); + else if ((atoi(filterListPointer->name) > 299) && (atoi(filterListPointer->name) < 1001)) + output_table(nipper, false, tempString2, &settings_accessrules_heading); + break; + case type_sonicwall: + if (filterListPointer->type == access_std) + output_table(nipper, false, tempString2, &settings_accessrules_heading); + else + output_table(nipper, false, tempString2, &settings_accesspolicy_heading); + break; + } + + filterListPointer = filterListPointer->next; + } + + nipper->doCSV = false; +} + + +// Code to report issues with common single filter issue text accross device types... +void reportCommonFilterIssues(struct nipperConfig *nipper, char *listName, char *lineStart, char *lineMid, struct filterConfig *filterPointer, int ruleNumber, struct filterListConfig *filterListPointer) +{ + // Variables... + int useRuleNumber = false; + + // Set if rule number is to be used... + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + case type_fw1_firewall: + case type_nokiaip: + case type_sonicwall: + useRuleNumber = true; + break; + + case type_sos_firewall: + case type_passport: + case type_bayaccelar: + case type_css_filter: + useRuleNumber = false; + break; + + case type_nmp_catalyst: + case type_cos_catalyst: + // It doesnt matter for these + break; + } + + // Bypass issue... + if ((filterPointer->action == filter_action_bypass) && (nipper->bypassRulesIssue == true)) + { + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, ruleNumber, ruleNumber, report_accesslist_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, ruleNumber, report_accesslist_bypass); + break; + case type_fw1_firewall: + case type_nokiaip: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, ruleNumber, ruleNumber, report_fw1policy_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, ruleNumber, report_fw1policy_bypass); + break; + case type_css_filter: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, filterPointer->id, filterPointer->id, report_accesslist_css_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterPointer->id, report_accesslist_css_bypass); + break; + case type_passport: + case type_bayaccelar: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, filterPointer->id, filterPointer->id, report_pasfilter_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterPointer->id, report_pasfilter_bypass); + break; + case type_sos_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, filterPointer->id, filterPointer->id, report_sospolicy_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterPointer->id, report_sospolicy_bypass); + break; + case type_nmp_catalyst: + case type_cos_catalyst: + case type_sonicwall: + // It doesnt matter for these + break; + } + } + + else if ((filterPointer->action == filter_action_reject) && (nipper->rejectRulesIssue == true)) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_reject); + } + + else if ((filterPointer->action == filter_action_default) && (nipper->defaultRulesIssue == true)) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_default); + } + + else if ((filterPointer->enabled == false) && (nipper->disabledRulesIssue == true)) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_disabled); + } + + else if (filterPointer->anySource == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_anysrc); + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "."); + } + + else if (filterPointer->networkSource == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_netsrc); + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "."); + } + + else if (filterPointer->anySourceService == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_anysvcsrc); + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "."); + } + + else if (filterPointer->anyDestination == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_anydst); + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, " to any destination."); + } + + else if (filterPointer->networkDestination == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_netdst); + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, " to a network destination."); + } + + else if (filterPointer->anyDestinationService == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_netdstsvc); + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, " to any destination service."); + } + + else if (filterPointer->logging == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_nolog); + } + + else if (filterPointer->logDeny == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_nologdenied); + } +} +void reportCommonStandardFilterIssues(struct nipperConfig *nipper, char *listName, char *lineStart, char *lineMid, struct filterConfig *filterPointer, int ruleNumber, struct filterListConfig *filterListPointer) +{ + // Variables... + int useRuleNumber = false; + + // Set if rule number is to be used... + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + case type_fw1_firewall: + case type_nokiaip: + case type_sonicwall: + useRuleNumber = true; + break; + + case type_sos_firewall: + case type_passport: + case type_bayaccelar: + case type_css_filter: + useRuleNumber = false; + break; + + case type_nmp_catalyst: + case type_cos_catalyst: + // It doesnt matter for these + break; + } + + // Bypass issue... + if ((filterPointer->action == filter_action_bypass) && (nipper->bypassRulesIssue == true)) + { + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, ruleNumber, ruleNumber, report_accesslist_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, ruleNumber, report_accesslist_bypass); + break; + case type_fw1_firewall: + case type_nokiaip: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, ruleNumber, ruleNumber, report_fw1policy_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, ruleNumber, report_fw1policy_bypass); + break; + case type_css_filter: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, filterPointer->id, filterPointer->id, report_accesslist_css_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterPointer->id, report_accesslist_css_bypass); + break; + case type_passport: + case type_bayaccelar: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, filterPointer->id, filterPointer->id, report_pasfilter_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterPointer->id, report_pasfilter_bypass); + break; + case type_sos_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterListPointer->name, filterPointer->id, filterPointer->id, report_sospolicy_bypass); + else + fprintf(nipper->reportFile, "%s %s %s %d %s", lineStart, listName, lineMid, filterPointer->id, report_sospolicy_bypass); + break; + case type_nmp_catalyst: + case type_cos_catalyst: + case type_sonicwall: + // It doesnt matter for these + break; + } + } + + else if ((filterPointer->action == filter_action_reject) && (nipper->rejectRulesIssue == true)) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + if (nipper->deviceType == type_sonicwall) + fprintf(nipper->reportFile, " %s", report_fw1policy_reject); + else + fprintf(nipper->reportFile, " %s", report_fw1policy_reject); + } + + else if ((filterPointer->action == filter_action_default) && (nipper->defaultRulesIssue == true)) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_default); + } + + else if ((filterPointer->enabled == false) && (nipper->disabledRulesIssue == true)) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_disabled); + } + + else if (filterPointer->anySource == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_std_anysrc); + } + + else if (filterPointer->networkSource == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_std_netsrc); + } + + else if (filterPointer->anySourceService == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_std_anysvcsrc); + } + + else if (filterPointer->logging == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_nolog); + } + + else if (filterPointer->logDeny == true) + { + fprintf(nipper->reportFile, "%s %s %s ", lineStart, listName, lineMid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, " %s", report_fw1policy_nologdenied); + } +} + + +// Code to report issues with common multiple filter issue table text accross device types... +void reportCommonFilterTableIssues(struct nipperConfig *nipper, char *listName, struct filterConfig *filterPointer, int ruleNumber, struct filterListConfig *filterListPointer) +{ + // Variables... + int issueFound = false; + int useRuleNumber = false; + + // Set if rule number is to be used... + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + case type_fw1_firewall: + case type_nokiaip: + case type_sonicwall: + useRuleNumber = true; + break; + + case type_sos_firewall: + case type_passport: + case type_bayaccelar: + case type_css_filter: + useRuleNumber = false; + break; + + case type_nmp_catalyst: + case type_cos_catalyst: + // It doesnt matter for these + break; + } + + // Bypass issue... + if ((filterPointer->action == filter_action_bypass) && (nipper->bypassRulesIssue == true)) + { + issueFound = true; + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, ruleNumber, ruleNumber, nipper->tablerow_mid, report_accesslistt_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, ruleNumber, nipper->tablerow_mid, report_accesslistt_bypass); + break; + + case type_fw1_firewall: + case type_nokiaip: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, ruleNumber, ruleNumber, nipper->tablerow_mid, report_fw1policyt_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, ruleNumber, nipper->tablerow_mid, report_fw1policyt_bypass); + break; + + case type_sos_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid, report_accesslistt_css_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterPointer->id, nipper->tablerow_mid, report_accesslistt_css_bypass); + break; + + case type_passport: + case type_bayaccelar: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid, report_sospolicyt_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterPointer->id, nipper->tablerow_mid, report_pasfiltert_bypass); + break; + + case type_css_filter: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid, report_accesslistt_css_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterPointer->id, nipper->tablerow_mid, report_accesslistt_css_bypass); + break; + + case type_nmp_catalyst: + case type_cos_catalyst: + case type_sonicwall: + // It doesnt matter for these + break; + } + } + + if ((filterPointer->action == filter_action_reject) && (nipper->rejectRulesIssue == true)) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_reject); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_reject); + } + } + + if ((filterPointer->action == filter_action_default) && (nipper->defaultRulesIssue == true)) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_default); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_default); + } + } + + if ((filterPointer->enabled == false) && (nipper->disabledRulesIssue == true)) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_disabled); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_disabled); + } + } + + if (filterPointer->anySource == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_anysrc); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_anysrc); + } + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "."); + } + + if (filterPointer->networkSource == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_netsrc); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_netsrc); + } + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "."); + } + + if (filterPointer->anySourceService == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_anysvcsrc); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_anysvcsrc); + } + reportSourceDestinationLine(nipper, filterPointer->destination); + fprintf(nipper->reportFile, "."); + } + + if (filterPointer->anyDestination == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_anydst); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_anydst); + } + reportSourceDestinationLine(nipper, filterPointer->source); + fprintf(nipper->reportFile, " to any destination."); + } + + if (filterPointer->networkDestination == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_anydst); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_anydst); + } + reportSourceDestinationLine(nipper, filterPointer->source); + fprintf(nipper->reportFile, " to a network destination."); + } + + if (filterPointer->anyDestinationService == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_anydst); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_anydst); + } + reportSourceDestinationLine(nipper, filterPointer->source); + fprintf(nipper->reportFile, " to any destination service."); + } + + if (filterPointer->logging == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_nolog); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_nolog); + } + } + + if (filterPointer->logDeny == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_nologdenied); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_nologdenied); + } + } + + // If issue found... + if (issueFound == true) + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); +} +void reportCommonStandardFilterTableIssues(struct nipperConfig *nipper, char *listName, struct filterConfig *filterPointer, int ruleNumber, struct filterListConfig *filterListPointer) +{ + // Variables... + int issueFound = false; + int useRuleNumber = false; + + // Set if rule number is to be used... + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + case type_fw1_firewall: + case type_nokiaip: + case type_sonicwall: + useRuleNumber = true; + break; + + case type_sos_firewall: + case type_passport: + case type_bayaccelar: + case type_css_filter: + useRuleNumber = false; + break; + + case type_nmp_catalyst: + case type_cos_catalyst: + // It doesnt matter for these + break; + } + + // Bypass issue... + if ((filterPointer->action == filter_action_bypass) && (nipper->bypassRulesIssue == true)) + { + issueFound = true; + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, ruleNumber, ruleNumber, nipper->tablerow_mid, report_accesslistt_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, ruleNumber, nipper->tablerow_mid, report_accesslistt_bypass); + break; + + case type_fw1_firewall: + case type_nokiaip: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, ruleNumber, ruleNumber, nipper->tablerow_mid, report_fw1policyt_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, ruleNumber, nipper->tablerow_mid, report_fw1policyt_bypass); + break; + + case type_sos_firewall: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid, report_accesslistt_css_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterPointer->id, nipper->tablerow_mid, report_accesslistt_css_bypass); + break; + + case type_passport: + case type_bayaccelar: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid, report_pasfiltert_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterPointer->id, nipper->tablerow_mid, report_pasfiltert_bypass); + break; + + case type_css_filter: + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterListPointer->name, filterPointer->id, filterPointer->id, nipper->tablerow_mid, report_accesslistt_css_bypass); + else + fprintf(nipper->reportFile, "%s%s%s%d%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid, filterPointer->id, nipper->tablerow_mid, report_accesslistt_css_bypass); + break; + + case type_nmp_catalyst: + case type_cos_catalyst: + case type_sonicwall: + // It doesnt matter for these + break; + } + } + + if ((filterPointer->action == filter_action_reject) && (nipper->rejectRulesIssue == true)) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_reject); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_reject); + } + } + + if ((filterPointer->action == filter_action_default) && (nipper->defaultRulesIssue == true)) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_default); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_default); + } + } + + if ((filterPointer->enabled == false) && (nipper->disabledRulesIssue == true)) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_disabled); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_disabled); + } + } + + if (filterPointer->anySource == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_anysrc); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_std_anysrc); + } + } + + if (filterPointer->networkSource == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_netsrc); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_std_netsrc); + } + } + + if (filterPointer->anySourceService == true) + { + if (issueFound == true) + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_itemsep, report_fw1policyt_anysvcsrc); + else + { + issueFound = true; + fprintf(nipper->reportFile, "%s%s%s", nipper->tablerow_start, listName, nipper->tablerow_mid); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + { + if (useRuleNumber == true) + fprintf(nipper->reportFile, "", filterListPointer->name, ruleNumber); + else + fprintf(nipper->reportFile, "", filterListPointer->name, filterPointer->id); + } + if (useRuleNumber == true) + fprintf(nipper->reportFile, "%d", ruleNumber); + else + fprintf(nipper->reportFile, "%d", filterPointer->id); + if ((nipper->outputFormat == output_html) && (nipper->configReport == true)) + fprintf(nipper->reportFile, ""); + fprintf(nipper->reportFile, "%s%s", nipper->tablerow_mid, report_fw1policyt_std_anysvcsrc); + } + } + + // If issue found... + if (issueFound == true) + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); +} + + diff --git a/0.11.10/common/report-appendix.c b/0.11.10/common/report-appendix.c new file mode 100644 index 0000000..fd2d813 --- /dev/null +++ b/0.11.10/common/report-appendix.c @@ -0,0 +1,566 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// ---------------------------------------------------------------------------------- +// Common Port Assignments... + +struct ports +{ + int add; // true or false + const char *text; + int port; // Port Number + struct ports *next; +}; + +// Current: 92 +struct ports ap_port91 = {false, "PCAnywhere-Status", 5632, 0}; +struct ports ap_port90 = {false, "PCAnywhere-Data", 5631, &ap_port91}; +struct ports ap_port89 = {false, "SecureID-UDP", 5510, &ap_port90}; +struct ports ap_port88 = {false, "AOL", 5190, &ap_port89}; +struct ports ap_port87 = {false, "CTIQBE", 2748, &ap_port88}; +struct ports ap_port86 = {false, "PPTP", 1723, &ap_port87}; +struct ports ap_port85 = {false, "H323", 1720, &ap_port86}; +struct ports ap_port84 = {false, "RADIUS-Acct", 1646, &ap_port85}; +struct ports ap_port83 = {false, "RADIUS", 1645, &ap_port84}; +struct ports ap_port82 = {false, "SQLNet", 1521, &ap_port83}; +struct ports ap_port81 = {false, "Citrix-ICA", 1494, &ap_port82}; +struct ports ap_port80 = {false, "LotusNotes", 1352, &ap_port81}; +struct ports ap_port79 = {false, "KERBEROS", 750, &ap_port80}; +struct ports ap_port78 = {false, "LDAPS", 636, &ap_port79}; +struct ports ap_port77 = {false, "KShell", 544, &ap_port78}; +struct ports ap_port76 = {false, "KLogin", 543, &ap_port77}; +struct ports ap_port75 = {false, "UUCP", 540, &ap_port76}; +struct ports ap_port74 = {false, "Timed", 525, &ap_port75}; +struct ports ap_port73 = {false, "RIPv2", 520, &ap_port74}; +struct ports ap_port72 = {false, "RIP", 520, &ap_port73}; +struct ports ap_port71 = {false, "Talk", 517, &ap_port72}; +struct ports ap_port70 = {false, "LPD", 515, &ap_port71}; +struct ports ap_port69 = {false, "Printer", 515, &ap_port70}; +struct ports ap_port68 = {false, "Syslog", 514, &ap_port69}; +struct ports ap_port67 = {false, "CMD", 514, &ap_port68}; +struct ports ap_port66 = {false, "RSH", 514, &ap_port67}; +struct ports ap_port65 = {false, "RWho", 513, &ap_port66}; +struct ports ap_port64 = {false, "Who", 513, &ap_port65}; +struct ports ap_port63 = {false, "RLogin", 513, &ap_port64}; +struct ports ap_port62 = {false, "Login", 513, &ap_port63}; +struct ports ap_port61 = {false, "RExec", 512, &ap_port62}; +struct ports ap_port60 = {false, "Exec", 512, &ap_port61}; +struct ports ap_port59 = {false, "BIFF", 512, &ap_port60}; +struct ports ap_port58 = {false, "IKE", 500, &ap_port59}; +struct ports ap_port57 = {false, "ISAKMP", 500, &ap_port58}; +struct ports ap_port56 = {false, "PIM-Auto-RP", 496, &ap_port57}; +struct ports ap_port55 = {false, "HTTPS", 443, &ap_port56}; +struct ports ap_port54 = {false, "Mobile-IP", 434, &ap_port55}; +struct ports ap_port53 = {false, "LDAP", 389, &ap_port54}; +struct ports ap_port52 = {false, "DNSIX", 195, &ap_port53}; +struct ports ap_port51 = {false, "IRC", 194, &ap_port52}; +struct ports ap_port50 = {false, "BGP", 179, &ap_port51}; +struct ports ap_port49 = {false, "XDMCP", 177, &ap_port50}; +struct ports ap_port48 = {false, "SNMP-Trap", 162, &ap_port49}; +struct ports ap_port47 = {false, "SNMP", 161, &ap_port48}; +struct ports ap_port46 = {false, "IMAP4", 143, &ap_port47}; +struct ports ap_port45 = {false, "NetBIOS-SSN", 139, &ap_port46}; +struct ports ap_port44 = {false, "NetBIOS-DGM", 138, &ap_port45}; +struct ports ap_port43 = {false, "NetBIOS-NS", 137, &ap_port44}; +//struct ports ap_port42 = {false, "SNMP", 126, &ap_port43}; +struct ports ap_port41 = {false, "NTP", 123, &ap_port43}; +struct ports ap_port40 = {false, "NNTP", 119, &ap_port41}; +struct ports ap_port39 = {false, "UUCP-Path", 117, &ap_port40}; +struct ports ap_port38 = {false, "Auth", 113, &ap_port39}; +struct ports ap_port37 = {false, "Ident", 113, &ap_port38}; +struct ports ap_port36 = {false, "SUNRPC", 111, &ap_port37}; +struct ports ap_port35 = {false, "POP3", 110, &ap_port36}; +struct ports ap_port34 = {false, "POP2", 109, &ap_port35}; +struct ports ap_port33 = {false, "X400-SND", 104, &ap_port34}; +struct ports ap_port32 = {false, "X400", 103, &ap_port33}; +struct ports ap_port31 = {false, "ISO-TSAP", 102, &ap_port32}; +struct ports ap_port30 = {false, "Hostname", 101, &ap_port31}; +struct ports ap_port29 = {false, "SUPDUP", 95, &ap_port30}; +struct ports ap_port28 = {false, "HTTP", 80, &ap_port29}; +struct ports ap_port27 = {false, "WWW", 80, &ap_port28}; +struct ports ap_port26 = {false, "Finger", 79, &ap_port27}; +struct ports ap_port25 = {false, "Gopher", 70, &ap_port26}; +struct ports ap_port24 = {false, "TFTP", 69, &ap_port25}; +struct ports ap_port23 = {false, "BOOTPC", 68, &ap_port24}; +struct ports ap_port22 = {false, "DHCP", 68, &ap_port23}; +struct ports ap_port21 = {false, "DHCP", 67, &ap_port22}; +struct ports ap_port20 = {false, "BOOTPS", 67, &ap_port21}; +struct ports ap_port19 = {false, "Domain", 53, &ap_port20}; +struct ports ap_port18 = {false, "Login", 49, &ap_port19}; +struct ports ap_port17 = {false, "TACACS", 49, &ap_port18}; +struct ports ap_port16 = {false, "Nicname", 43, &ap_port17}; +struct ports ap_port15 = {false, "Whois", 43, &ap_port16}; +struct ports ap_port14 = {false, "Nameserver", 42, &ap_port15}; +struct ports ap_port13 = {false, "RLP", 39, &ap_port14}; +struct ports ap_port12 = {false, "Time", 37, &ap_port13}; +struct ports ap_port11 = {false, "SMTP", 25, &ap_port12}; +struct ports ap_port10 = {false, "Telnet", 23, &ap_port11}; +struct ports ap_port92 = {false, "SSH", 22, &ap_port10}; +struct ports ap_port9 = {false, "FTP", 21, &ap_port92}; +struct ports ap_port8 = {false, "FTP-Data", 20, &ap_port9}; +struct ports ap_port7 = {false, "Chargen", 19, &ap_port8}; +struct ports ap_port6 = {false, "Quote", 17, &ap_port7}; +struct ports ap_port5 = {false, "Netstat", 15, &ap_port6}; +struct ports ap_port4 = {false, "Daytime", 13, &ap_port5}; +struct ports ap_port3 = {false, "Users", 11, &ap_port4}; +struct ports ap_port2 = {false, "Discard", 9, &ap_port3}; +struct ports ap_port1 = {false, "Echo", 7, &ap_port2}; +struct ports ap_port = {false, "AH", 5, &ap_port1}; + + +void addPort(char *port) +{ + // Variables + struct ports *portPointer = 0; + + // Search for abbreviation + portPointer = &ap_port; + while ((portPointer->next != 0) && (strcasecmp(portPointer->text, port) != 0)) + portPointer = portPointer->next; + + // If found, add port + if (strcasecmp(portPointer->text, port) == 0) + portPointer->add = true; +} + + +// ---------------------------------------------------------------------------------- +// Abreviations... + +struct abbrev +{ + int add; // true or false + int expanded; // true or false + const char *ab; + const char *desc; + struct abbrev *next; +}; + +// Current: 162 + +struct abbrev ab_append126 = {false,false, "XDMCP", "X Display Manager Control Protocol", 0}; +struct abbrev ab_append0 = {false,false, "WWW", "World Wide Web", &ab_append126}; +struct abbrev ab_append1 = {false,false, "WAN", "Wide Area Network", &ab_append0}; +struct abbrev ab_append92 = {false,false, "VTY", "Virtual Teletype", &ab_append1}; +struct abbrev ab_append2 = {false,false, "VTP", "VLAN Trunking Protocol", &ab_append92}; +struct abbrev ab_append150 = {false,false, "VRRP", "Virtual Router Redundancy Protocol", &ab_append2}; +struct abbrev ab_append146 = {false,false, "VRF", "VPN Routing and Forwarding", &ab_append150}; +struct abbrev ab_append3 = {false,false, "VPN", "Virtual Private Network", &ab_append146}; +struct abbrev ab_append4 = {false,false, "VoIP", "Voice over IP", &ab_append3}; +struct abbrev ab_append149 = {false,false, "VLANs", "Virtual Local Area Networks", &ab_append4}; +struct abbrev ab_append5 = {false,false, "VLAN", "Virtual Local Area Network", &ab_append149}; +struct abbrev ab_append142 = {false,false, "VIPs", "Versatile Interface Processors", &ab_append5}; +struct abbrev ab_append143 = {false,false, "VIP", "Versatile Interface Processor", &ab_append142}; +struct abbrev ab_append105 = {false,false, "UUCP", "Unix-to-Unix Copy", &ab_append143}; +struct abbrev ab_append147 = {false,false, "UTC", "Coordinated Universal Time", &ab_append105}; +struct abbrev ab_append6 = {false,false, "URL", "Uniform Resource Locator", &ab_append147}; +struct abbrev ab_append7 = {false,false, "UDP", "User Datagram Protocol", &ab_append6}; +struct abbrev ab_append91 = {false,false, "TTY", "Teletype", &ab_append7}; +struct abbrev ab_append90 = {false,false, "TTL", "Time To Live", &ab_append91}; +struct abbrev ab_append103 = {false,false, "TSAP", "Transport Service Access Point", &ab_append90}; +struct abbrev ab_append8 = {false,false, "TFTP", "Trivial File Transfer Protocol", &ab_append103}; +struct abbrev ab_append9 = {false,false, "TDP", "Tag Distribution Protocol", &ab_append8}; +struct abbrev ab_append10 = {false,false, "TCP", "Transmission Control Protocol", &ab_append9}; +struct abbrev ab_append11 = {false,false, "TAPI", "Telephony Application Programming Interface", &ab_append10}; +struct abbrev ab_append12 = {false,false, "TACACS", "Terminal Access Controller Access Control System", &ab_append11}; +struct abbrev ab_append104 = {false,false, "SunRPC", "Sun Remote Procedure Call", &ab_append12}; +struct abbrev ab_append13 = {false,false, "SSL", "Secure Sockets Layer", &ab_append104}; +struct abbrev ab_append14 = {false,false, "SSH", "Secure Shell", &ab_append13}; +struct abbrev ab_append125 = {false,false, "SQLNet", "Structured Query Language Network", &ab_append14}; +struct abbrev ab_append132 = {false,false, "SPAN", "Switch Port Analyser", &ab_append125}; +struct abbrev ab_append15 = {false,false, "SMTP", "Simple Mail Transfer Protocol", &ab_append132}; +struct abbrev ab_append89 = {false,false, "SNTP", "Simple Network Time Protocol", &ab_append15}; +struct abbrev ab_append112 = {false,false, "SNP", "Sitara Networks Protocol", &ab_append89}; +struct abbrev ab_append16 = {false,false, "SNMP", "Simple Network Management Protocol", &ab_append112}; +struct abbrev ab_append17 = {false,false, "SIP", "Session Initiation Protocol", &ab_append16}; +struct abbrev ab_append18 = {false,false, "SDP", "Session Description Protocol", &ab_append17}; +struct abbrev ab_append127 = {false,false, "SAID", "Security Association Identifier", &ab_append18}; +struct abbrev ab_append133 = {false,false, "RPF", "Reverse Path Forwarding", &ab_append127}; +struct abbrev ab_append19 = {false,false, "RPC", "Remote Procedure Call", &ab_append133}; +struct abbrev ab_append100 = {false,false, "RLP", "Resource Location Protocol", &ab_append19}; +struct abbrev ab_append99 = {false,false, "RJE", "Remote Job Entry", &ab_append100}; +struct abbrev ab_append20 = {false,false, "RIP", "Routing Information Protocol", &ab_append99}; +struct abbrev ab_append21 = {false,false, "RADIUS", "Remote Authentication Dial-In User Service", &ab_append20}; +struct abbrev ab_append22 = {false,false, "PPTP", "Point to Point Tunneling Protocol", &ab_append21}; +struct abbrev ab_append23 = {false,false, "PPPoE", "Point to Point Protocol over Ethernet", &ab_append22}; +struct abbrev ab_append24 = {false,false, "PPP", "Point to Point Protocol", &ab_append23}; +struct abbrev ab_append98 = {false,false, "POP3", "Post Office Protocol version 3", &ab_append24}; +struct abbrev ab_append97 = {false,false, "POP2", "Post Office Protocol version 2", &ab_append98}; +struct abbrev ab_append25 = {false,false, "POP", "Post Office Protocol", &ab_append97}; +struct abbrev ab_append26 = {false,false, "PKI", "Public Key Infrastructure", &ab_append25}; +struct abbrev ab_append27 = {false,false, "PIX", "Private Internet Exchange", &ab_append26}; +struct abbrev ab_append111 = {false,false, "PIM", "Protocol Independent Multicast", &ab_append27}; +struct abbrev ab_append110 = {false,false, "PCP", "Payload Compression Protocol", &ab_append111}; +struct abbrev ab_append95 = {false,false, "PAT", "Port Address Translation", &ab_append110}; +struct abbrev ab_append28 = {false,false, "PAP", "Password Authentication Protocol", &ab_append95}; +struct abbrev ab_append29 = {false,false, "PAD", "Packet Assembler / Disassembler", &ab_append28}; +struct abbrev ab_append30 = {false,false, "OSPF", "Open Shortest Path First", &ab_append29}; +struct abbrev ab_append144 = {false,false, "OID", "Object Identifier", &ab_append30}; +struct abbrev ab_append31 = {false,false, "NTP", "Network Time Protocol", &ab_append144}; +struct abbrev ab_append93 = {false,true, "NT", "New Technology", &ab_append31}; +struct abbrev ab_append109 = {false,false, "NOS", "Network Operating System", &ab_append93}; +struct abbrev ab_append32 = {false,false, "NNTP", "Network News Transfer Protocol", &ab_append109}; +struct abbrev ab_append33 = {false,false, "NMP", "Network Management Processor", &ab_append32}; +struct abbrev ab_append34 = {false,false, "NIC", "Network Interface Center", &ab_append33}; +struct abbrev ab_append158 = {false,false, "NFS", "Network File System", &ab_append34}; +struct abbrev ab_append124 = {false,false, "NetBIOS-SSN", "NetBIOS Session Service", &ab_append158}; +struct abbrev ab_append123 = {false,false, "NetBIOS-NS", "NetBIOS Name Service", &ab_append124}; +struct abbrev ab_append122 = {false,false, "NetBIOS-DGM", "NetBIOS Datagram Service", &ab_append123}; +struct abbrev ab_append35 = {false,false, "NAT", "Network Address Translation", &ab_append122}; +struct abbrev ab_append36 = {false,false, "MTU", "Maximum Transmission Unit", &ab_append35}; +struct abbrev ab_append94 = {false,false, "MS-CHAP","MicroSoft Challenge Handshake Authentication Protocol", &ab_append36}; +struct abbrev ab_append86 = {false,false, "MPP", "Management Plane Protection", &ab_append94}; +struct abbrev ab_append37 = {false,false, "MPLS", "Multi Protocol Label Switching", &ab_append86}; +struct abbrev ab_append88 = {false,false, "MOTD", "Message Of The Day", &ab_append37}; +struct abbrev ab_append38 = {false,false, "MOP", "Maintenance Operations Protocol", &ab_append88}; +struct abbrev ab_append156 = {false,false, "MIPs", "Mapped IPs", &ab_append38}; +struct abbrev ab_append155 = {false,false, "MIP", "Mapped IP", &ab_append156}; +struct abbrev ab_append39 = {false,false, "MIB", "Management Information Base", &ab_append155}; +struct abbrev ab_append148 = {false,false, "MAC", "Media Access Control", &ab_append39}; +struct abbrev ab_append40 = {false,true, "MD5", "Message Digest 5", &ab_append148}; +struct abbrev ab_append41 = {false,false, "LSA", "Link State Advertisement", &ab_append40}; +struct abbrev ab_append121 = {false,false, "LPD", "Line Printer Daemon", &ab_append41}; +struct abbrev ab_append42 = {false,false, "LDP", "Label Diretribution Protocol", &ab_append121}; +struct abbrev ab_append120 = {false,false, "LDAPS", "Lightweight Directory Access Protocol (SSL)", &ab_append42}; +struct abbrev ab_append119 = {false,false, "LDAP", "Lightweight Directory Access Protocol", &ab_append120}; +struct abbrev ab_append43 = {false,false, "LAN", "Local Area Network", &ab_append119}; +struct abbrev ab_append118 = {false,false, "ISAKMP", "Internet Security Association and Key Management Protocol", &ab_append43}; +struct abbrev ab_append44 = {false,false, "IRC", "Internet Relay Chat", &ab_append118}; +struct abbrev ab_append45 = {false,false, "IPSec", "IP Security protocol", &ab_append44}; +struct abbrev ab_append108 = {false,false, "IPinIP", "IP-in-IP encapsulation", &ab_append45}; +struct abbrev ab_append46 = {false,true, "IP", "Internet Protocol", &ab_append108}; +struct abbrev ab_append47 = {false,false, "IOS", "Internet Operating System", &ab_append46}; +struct abbrev ab_append117 = {false,false, "IMAP4", "Internet Message Access Protocol version 4", &ab_append47}; +struct abbrev ab_append157 = {false,false, "IMAP3", "Internet Message Access Protocol version 3", &ab_append117}; +struct abbrev ab_append116 = {false,false, "IMAP", "Internet Message Access Protocol", &ab_append157}; +struct abbrev ab_append48 = {false,false, "IKMP", "Internet Key Management Protocol", &ab_append116}; +struct abbrev ab_append49 = {false,false, "IKE", "Internet Key Exchange", &ab_append48}; +struct abbrev ab_append50 = {false,false, "IGRP", "Interior Gateway Routing Protocol", &ab_append49}; +struct abbrev ab_append152 = {false,false, "IGPs", "Interior Gateway Protocols", &ab_append50}; +struct abbrev ab_append51 = {false,false, "IGP", "Interior Gateway Protocol", &ab_append152}; +struct abbrev ab_append52 = {false,false, "IGMP", "Internet Group Management Protocol", &ab_append51}; +struct abbrev ab_append87 = {false,false, "IDS", "Intruder Detection System", &ab_append52}; +struct abbrev ab_append107 = {false,false, "ICMP6", "Internet Control Message Protocol for IPv6", &ab_append87}; +struct abbrev ab_append53 = {false,false, "ICMP", "Internet Control Message Protocol", &ab_append107}; +struct abbrev ab_append114 = {false,false, "ICA", "Independent Computing Architecture", &ab_append53}; +struct abbrev ab_append54 = {false,false, "IANA", "Internet Assigned Number Authority", &ab_append114}; +struct abbrev ab_append55 = {false,true, "HTTPS", "HyperText Transfer Protocol over SSL", &ab_append54}; +struct abbrev ab_append56 = {false,true, "HTTP", "HyperText Transfer Protocol", &ab_append55}; +struct abbrev ab_append57 = {false,false, "HSRP", "Hot Standby Routing Protocol", &ab_append56}; +struct abbrev ab_append134 = {false,false, "GTSM", "Generalised TTL Security Mechanism", &ab_append57}; +struct abbrev ab_append161 = {false,false, "GTP", "GPRS Tunnelling Protocol", &ab_append134}; +struct abbrev ab_append58 = {false,false, "GRE", "Generic Routing Encapsulation protocol", &ab_append161}; +struct abbrev ab_append162 = {false,false, "GPRS", "General Packet Radio Service", &ab_append58}; +struct abbrev ab_append59 = {false,false, "FWSM", "FireWall Service Module", &ab_append162}; +struct abbrev ab_append60 = {false,true, "FTP", "File Transfer Protocol", &ab_append59}; +struct abbrev ab_append106 = {false,false, "ESP", "Encapsulated Security Payload", &ab_append60}; +struct abbrev ab_append61 = {false,false, "FDDI", "Fibre Disctributed Data Interface", &ab_append106}; +struct abbrev ab_append62 = {false,false, "EIGRP", "Enhanced Interior Gateway Routing Protocol", &ab_append61}; +struct abbrev ab_append153 = {false,false, "EGPs", "Exterior Gateway Protocols", &ab_append62}; +struct abbrev ab_append63 = {false,false, "EGP", "Exterior Gateway Protocol", &ab_append153}; +struct abbrev ab_append96 = {false,false, "DOS", "Disk Operating System", &ab_append63}; +struct abbrev ab_append64 = {false,false, "DoS", "Denial of Service", &ab_append96}; +struct abbrev ab_append65 = {false,false, "DNS", "Domain Name System", &ab_append64}; +struct abbrev ab_append66 = {false,false, "DHCP", "Dynamic Host Configuration Protocol", &ab_append65}; +struct abbrev ab_append67 = {false,false, "DH", "Diffie-Hellman", &ab_append66}; +struct abbrev ab_append68 = {false,false, "DES", "Data Encryption Standard", &ab_append67}; +struct abbrev ab_append131 = {false,false, "DDoS", "Distributed Denial of Service", &ab_append68}; +struct abbrev ab_append69 = {false,false, "dCEF", "Distributed CEF", &ab_append131}; +struct abbrev ab_append160 = {false,false, "DCERPC", "Distributed Computing Environment / Remote Procedure Call", &ab_append69}; +struct abbrev ab_append159 = {false,false, "DCE", "Distributed Computing Environment", &ab_append160}; +struct abbrev ab_append140 = {false,false, "CVE", "Common Vulnerabilities and Exposures", &ab_append159}; +struct abbrev ab_append115 = {false,false, "CTIQBE", "Computer Telephony Interface Quick Buffer Encoding", &ab_append140}; +struct abbrev ab_append70 = {false,false, "CTI", "Computer Telephony Integration", &ab_append115}; +struct abbrev ab_append151 = {false,false, "CSS", "Content Services Switch", &ab_append70}; +struct abbrev ab_append71 = {false,false, "CRL", "Certificate Revocation List", &ab_append151}; +struct abbrev ab_append72 = {false,true, "CPU", "Central Processing Unit", &ab_append71}; +struct abbrev ab_append73 = {false,false, "CPP", "Combinet Propietry Protocol", &ab_append72}; +struct abbrev ab_append74 = {false,false, "CHAP", "Challenge Handshake Authentication Protocol", &ab_append73}; +struct abbrev ab_append130 = {false,false, "CEF", "Cisco Express Forwarding", &ab_append74}; +struct abbrev ab_append75 = {false,false, "CDP", "Cisco Discovery Protocol", &ab_append130}; +struct abbrev ab_append76 = {false,false, "CA", "Certificate Authority", &ab_append75}; +struct abbrev ab_append139 = {false,false, "BPDU", "Bridge Protocol Data Unit", &ab_append76}; +struct abbrev ab_append102 = {false,false, "BOOTPS", "BOOTstrap Protocol Server", &ab_append139}; +struct abbrev ab_append101 = {false,false, "BOOTPC", "BOOTstrap Protocol Client", &ab_append102}; +struct abbrev ab_append77 = {false,false, "BOOTP", "BOOTstrap Protocol", &ab_append101}; +struct abbrev ab_append141 = {false,false, "BID", "Bugtraq ID", &ab_append77}; +struct abbrev ab_append78 = {false,false, "BGP", "Border Gateway Protocol", &ab_append141}; +struct abbrev ab_append136 = {false,false, "ATM", "Asynchronous Transfer Mode", &ab_append78}; +struct abbrev ab_append79 = {false,false, "ASBR", "Autonomous System Boundry Router", &ab_append136}; +struct abbrev ab_append80 = {false,false, "ASA", "Adaptive Security Appliance", &ab_append79}; +struct abbrev ab_append81 = {false,false, "ARP", "Address Resolution Protocol", &ab_append80}; +struct abbrev ab_append113 = {false,false, "AOL", "America Online", &ab_append81}; +struct abbrev ab_append138 = {false,false, "AMP", "Active Monitor Present", &ab_append113}; +struct abbrev ab_append154 = {false,false, "ALG", "Application Layer Gateway", &ab_append138}; +struct abbrev ab_append82 = {false,false, "AH", "Authentication Header", &ab_append154}; +struct abbrev ab_append137 = {false,false, "AFI", "Authority and Format Identifier", &ab_append82}; +struct abbrev ab_append83 = {false,false, "ACLs", "Access Control Lists", &ab_append137}; +struct abbrev ab_append129 = {false,false, "ACL", "Access Control List", &ab_append83}; +struct abbrev ab_append128 = {false,false, "ACEs", "Access Control Entries", &ab_append129}; +struct abbrev ab_append84 = {false,false, "ACE", "Access Control Entry", &ab_append128}; +struct abbrev ab_append85 = {false,false, "ABR", "Area Border Router", &ab_append84}; +struct abbrev ab_append135 = {false,false, "AAL", "ATM Adaptation Layer", &ab_append85}; +struct abbrev ab_append145 = {false,false, "AAA", "Authentication, Authorization and Accounting", &ab_append135}; +struct abbrev ab_append = {false,true, "3DES", "Tripple Data Encryption Standard", &ab_append145}; + + +struct debugAbbrev +{ + char ab[20]; + int count; + struct debugAbbrev *next; +}; +struct debugAbbrev *debugAb = 0; + +// Adds an abbreviation not found to a list to be shown +// if the debug abbreviations obtion has been set. +void addAbbrevNotFound(char *abbreviation) +{ + // Variables... + struct debugAbbrev *debugAbPointer = 0; + + // If structure is empty, create + if (debugAb == 0) + { + debugAb = malloc(sizeof(struct debugAbbrev)); + memset(debugAb, 0, sizeof(struct debugAbbrev)); + debugAbPointer = debugAb; + } + else + { + + // Search for matching abbreviations + debugAbPointer = debugAb; + while ((debugAbPointer->next != 0) && (strcasecmp(abbreviation, debugAbPointer->ab) != 0)) + debugAbPointer = debugAbPointer->next; + + // If not found + if (strcasecmp(abbreviation, debugAbPointer->ab) != 0) + { + debugAbPointer->next = malloc(sizeof(struct debugAbbrev)); + memset(debugAbPointer->next, 0, sizeof(struct debugAbbrev)); + debugAbPointer = debugAbPointer->next; + } + } + + // Set information + strncpy(debugAbPointer->ab, abbreviation, sizeof(debugAbPointer->ab) - 1); + debugAbPointer->count++; +} + + +#define abbrev_notfound 0 +#define abbrev_found 1 +#define abbrev_expand 2 + + +// Add an abbreviation to the list to be shown in the +// appendix +int addAbbreviation(char *abbreviation, int expand) +{ + // Variables + struct abbrev *abbrevPointer = 0; + + // Check that it is not something silly + if ((strlen(abbreviation) > 0) && (strcmp(abbreviation, "any") != 0)) + { + + // Add Service Port + addPort(abbreviation); + + // If HTTPS is being set, then SSL also needs to be set + if (strcasecmp(abbreviation, "HTTPS") == 0) + addAbbreviation("SSL", false); + + // If LDAPS is set, the SSL also needs to be set + else if (strcasecmp(abbreviation, "LDAPS") == 0) + addAbbreviation("SSL", false); + + // If GTP is set, the GPRS also needs to be set + else if (strcasecmp(abbreviation, "GTP") == 0) + addAbbreviation("GPRS", false); + + // If IPinIP is set, the IP also needs to be set + else if (strcasecmp(abbreviation, "IPinIP") == 0) + addAbbreviation("IP", false); + + // If IPSec is set, the IP also needs to be set + else if (strcasecmp(abbreviation, "IPSec") == 0) + addAbbreviation("IP", false); + + // If GTSM is set, the TTL also needs to be set + else if (strcasecmp(abbreviation, "GTSM") == 0) + addAbbreviation("TTL", false); + + // If ICMPv6 is set, the IP also needs to be set + else if (strcasecmp(abbreviation, "ICMPv6") == 0) + addAbbreviation("IP", false); + + // If Citrix-ICA is set, then ICA needs to be set + else if (strcasecmp(abbreviation, "Citrix-ICA") == 0) + addAbbreviation("ICA", false); + + // If VTP is set, then VLAN needs to be set + else if (strcasecmp(abbreviation, "VTP") == 0) + addAbbreviation("VLAN", false); + + // If VRF is set, then VPN needs to be set + else if (strcasecmp(abbreviation, "VRF") == 0) + addAbbreviation("VPN", false); + + // If AAL is set, then ATM needs to be set + else if (strcasecmp(abbreviation, "AAL") == 0) + addAbbreviation("ATM", false); + + // If dCEF is set, then CEF needs to be set + else if (strcasecmp(abbreviation, "dCEF") == 0) + addAbbreviation("CEF", false); + + // ACL and ACE Plaural + if (strcmp(abbreviation, "ACLs") == 0) + return addAbbreviation("ACL", expand); + else if (strcmp(abbreviation, "ACEs") == 0) + return addAbbreviation("ACE", expand); + + // VIP Plaural + else if (strcmp(abbreviation, "VIPs") == 0) + return addAbbreviation("VIP", expand); + + // VLAN Plaural + else if (strcmp(abbreviation, "VLANs") == 0) + return addAbbreviation("VLAN", expand); + + // EGP Plaural + else if (strcmp(abbreviation, "EGPs") == 0) + return addAbbreviation("EGP", expand); + + // IGP Plaural + else if (strcmp(abbreviation, "IGPs") == 0) + return addAbbreviation("IGP", expand); + + // If not DOS or DoS... + else if ((strcmp(abbreviation, "DoS") != 0) && (strcmp(abbreviation, "DOS") != 0)) + { + // Search for abbreviation + abbrevPointer = &ab_append; + while ((abbrevPointer->next != 0) && (strcasecmp(abbrevPointer->ab, abbreviation) != 0)) + abbrevPointer = abbrevPointer->next; + + // If found, set enabled and expanded + if (strcasecmp(abbrevPointer->ab, abbreviation) == 0) + { + // Add to abbreviation list + abbrevPointer->add = true; + + // Expand abbreviation in the text? + if ((expand == true) && (abbrevPointer->expanded == false)) + { + abbrevPointer->expanded = true; + return abbrev_expand; + } + else + return abbrev_found; + } + } + else + { + // Search for abbreviation + abbrevPointer = &ab_append; + while ((abbrevPointer->next != 0) && (strcmp(abbrevPointer->ab, abbreviation) != 0)) + abbrevPointer = abbrevPointer->next; + + // If found, set enabled and expanded + if (strcmp(abbrevPointer->ab, abbreviation) == 0) + { + // Add to abbreviation list + abbrevPointer->add = true; + + // Expand abbreviation in the text? + if ((expand == true) && (abbrevPointer->expanded == false)) + { + abbrevPointer->expanded = true; + return abbrev_expand; + } + else + return abbrev_found; + } + } + + // Not found + addAbbrevNotFound(abbreviation); + return abbrev_notfound; + } + else + return abbrev_notfound; +} + + +// Returns the expanded abbreviation text. +const char *getAbbreviation(char *abbreviation) +{ + // Variables + struct abbrev *abbrevPointer = 0; + + // If not DOS or DoS... + if ((strcmp(abbreviation, "DoS") != 0) && (strcmp(abbreviation, "DOS") != 0)) + { + // Search for abbreviation + abbrevPointer = &ab_append; + while ((abbrevPointer->next != 0) && (strcasecmp(abbrevPointer->ab, abbreviation) != 0)) + abbrevPointer = abbrevPointer->next; + + // if found, return + if (strcasecmp(abbrevPointer->ab, abbreviation) == 0) + return abbrevPointer->desc; + else + return 0; + } + else + { + // Search for abbreviation + abbrevPointer = &ab_append; + while ((abbrevPointer->next != 0) && (strcmp(abbrevPointer->ab, abbreviation) != 0)) + abbrevPointer = abbrevPointer->next; + + // if found, return + if (strcmp(abbrevPointer->ab, abbreviation) == 0) + return abbrevPointer->desc; + else + return 0; + } +} + + +// ---------------------------------------------------------------------------------- +// Glossary... + + + diff --git a/0.11.10/common/report-debug.c b/0.11.10/common/report-debug.c new file mode 100644 index 0000000..a08a9a4 --- /dev/null +++ b/0.11.10/common/report-debug.c @@ -0,0 +1,131 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Output the ACL debug information... +void reportRulesDebug(struct nipperConfig *nipper) +{ + // Variables... + struct filterObjectConfig *filterObjectPointer = 0; + struct filterConfig *filterPointer = 0; + struct filterListConfig *filterListPointer = 0; + int ruleNumber = 0; + + filterListPointer = nipper->filterList; + while (filterListPointer != 0) + { + printf("Filter List: %s\n", filterListPointer->name); + printf(" Deny All And Log: %d\n", filterListPointer->denyAllAndLog); + ruleNumber = 1; + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + printf(" Rule: %d\n", ruleNumber); + printf(" Enabled: %d\n", filterPointer->enabled); + printf(" Action: %d\n", filterPointer->action); + printf(" Protocol: %s\n", filterPointer->protocol); + printf(" Protocol Type: %d\n", filterPointer->protocolType); + printf(" Source:\n"); + filterObjectPointer = filterPointer->source; + while (filterObjectPointer != 0) + { + printf(" Object: %s\n", filterObjectPointer->name); + printf(" Netmask: %s\n", filterObjectPointer->netMask); + printf(" Service Oper: %d\n", filterObjectPointer->serviceOp); + printf(" Type: %d\n", filterObjectPointer->type); + filterObjectPointer = filterObjectPointer->next; + } + printf(" Source Service:\n"); + filterObjectPointer = filterPointer->sourceService; + while (filterObjectPointer != 0) + { + printf(" Object: %s\n", filterObjectPointer->name); + printf(" Netmask: %s\n", filterObjectPointer->netMask); + printf(" Service Oper: %d\n", filterObjectPointer->serviceOp); + printf(" Type: %d\n", filterObjectPointer->type); + filterObjectPointer = filterObjectPointer->next; + } + printf(" Destination:\n"); + filterObjectPointer = filterPointer->destination; + while (filterObjectPointer != 0) + { + printf(" Object: %s\n", filterObjectPointer->name); + printf(" Netmask: %s\n", filterObjectPointer->netMask); + printf(" Service Oper: %d\n", filterObjectPointer->serviceOp); + printf(" Type: %d\n", filterObjectPointer->type); + filterObjectPointer = filterObjectPointer->next; + } + printf(" Destination Service:\n"); + filterObjectPointer = filterPointer->destinationService; + while (filterObjectPointer != 0) + { + printf(" Object: %s\n", filterObjectPointer->name); + printf(" Netmask: %s\n", filterObjectPointer->netMask); + printf(" Service Oper: %d\n", filterObjectPointer->serviceOp); + printf(" Type: %d\n", filterObjectPointer->type); + filterObjectPointer = filterObjectPointer->next; + } + printf(" Through Device:\n"); + filterObjectPointer = filterPointer->through; + while (filterObjectPointer != 0) + { + printf(" Object: %s\n", filterObjectPointer->name); + printf(" Netmask: %s\n", filterObjectPointer->netMask); + printf(" Service Oper: %d\n", filterObjectPointer->serviceOp); + printf(" Type: %d\n", filterObjectPointer->type); + filterObjectPointer = filterObjectPointer->next; + } + printf(" Install On:\n"); + filterObjectPointer = filterPointer->install; + while (filterObjectPointer != 0) + { + printf(" Object: %s\n", filterObjectPointer->name); + printf(" Netmask: %s\n", filterObjectPointer->netMask); + printf(" Service Oper: %d\n", filterObjectPointer->serviceOp); + printf(" Type: %d\n", filterObjectPointer->type); + filterObjectPointer = filterObjectPointer->next; + } + printf(" Log: %d\n", filterPointer->log); + printf(" Remark: %s\n", filterPointer->remark); + printf(" Admin UID: %s\n", filterPointer->uid); + printf(" Any Source: %d\n", filterPointer->anySource); + printf(" Network Source: %d\n", filterPointer->networkSource); + printf(" Any Source Service: %d\n", filterPointer->anySourceService); + printf(" Any Destination: %d\n", filterPointer->anyDestination); + printf(" Network Destination: %d\n", filterPointer->networkDestination); + printf(" Any Destination Service: %d\n", filterPointer->anyDestinationService); + filterPointer = filterPointer->next; + ruleNumber++; + } + filterListPointer = filterListPointer->next; + } +} + + diff --git a/0.11.10/common/report-functions.c b/0.11.10/common/report-functions.c new file mode 100644 index 0000000..3379559 --- /dev/null +++ b/0.11.10/common/report-functions.c @@ -0,0 +1,1818 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#define section_none 0 +#define section_obs 1 +#define section_imp 2 +#define section_ease 3 +#define section_rec 4 +#define subsection_end 5 +#define section_end 6 + +#define rate_none 0 +#define rate_low 1 +#define rate_lowmed 2 +#define rate_med 3 +#define rate_medhigh 4 +#define rate_high 5 +#define rate_noease 6 +#define rate_trivial 7 +#define rate_moderate 8 +#define rate_difficult 9 + + +// Make text format friendly +// ------------------------- +// This routing will convert the text into a version that +// is friendly to whatever format the report is to be +// output in. +void outputFriendly(char *line, char *output, int maxSize, int outputFormat) +{ + switch (outputFormat) + { + case output_xml: + case output_html: + htmlFriendly(line, output, maxSize); + break; + + case output_latex: + latexFriendly(line, output, maxSize); + break; + + default: + sprintf(output, "%s", line); + break; + } +} + + +// Insert Bullet List +void output_list(struct nipperConfig *nipper, struct tableHeading *listitems) +{ + // Variables + struct tableHeading *listPointer = 0; + int itemCount = 0; + + // Get Item Count... + listPointer = listitems; + while (listPointer != 0) + { + if (listPointer->password == false) + itemCount++; + listPointer = listPointer->next; + } + + if (itemCount > 0) + { + // Draw list start + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
    \n"); + break; + case output_latex: + fprintf(nipper->reportFile, "\\begin{itemize}\n"); + break; + case output_xml: + fprintf(nipper->reportFile, " \n"); + break; + } + + // Draw list items + listPointer = listitems; + while (listPointer != 0) + { + if (listPointer->password == false) + { + if (itemCount == 1) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
  • %s.
    • \n", listPointer->heading); + break; + case output_latex: + fprintf(nipper->reportFile, "\\item %s.\n", listPointer->heading); + break; + case output_text: + fprintf(nipper->reportFile, " * %s.\n", listPointer->heading); + break; + case output_xml: + fprintf(nipper->reportFile, " %s.\n", listPointer->heading); + break; + } + } + else + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
  • %s;
    • \n", listPointer->heading); + break; + case output_latex: + fprintf(nipper->reportFile, "\\item %s;\n", listPointer->heading); + break; + case output_text: + fprintf(nipper->reportFile, " * %s;\n", listPointer->heading); + break; + case output_xml: + fprintf(nipper->reportFile, " %s;\n", listPointer->heading); + break; + } + } + itemCount--; + } + listPointer = listPointer->next; + } + + // Draw list end + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
\n"); + break; + case output_latex: + fprintf(nipper->reportFile, "\\end{itemize}\n"); + break; + case output_text: + fprintf(nipper->reportFile, "\n"); + break; + case output_xml: + fprintf(nipper->reportFile, " \n"); + break; + } + } +} + + +void set_aclrec_list(struct nipperConfig *nipper, struct tableHeading *listitems) +{ + // Variables + struct tableHeading *listPointer = 0; + + listPointer = listitems; + + // If Any Source... + if (nipper->anySourceIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Network Source... + listPointer = listPointer->next; + if (nipper->networkSourceIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Source Service... + listPointer = listPointer->next; + if (nipper->anySourceServiceIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Any Destination... + listPointer = listPointer->next; + if (nipper->anyDestinationIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Network Destination... + listPointer = listPointer->next; + if (nipper->networkDestinationIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Destination Service... + listPointer = listPointer->next; + if (nipper->anyDestinationServiceIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Log Denied... + listPointer = listPointer->next; + if (nipper->logDenyRulesIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Disabled... + listPointer = listPointer->next; + if (nipper->disabledRulesIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Reject... + listPointer = listPointer->next; + if (nipper->rejectRulesIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Bypass... + listPointer = listPointer->next; + if (nipper->bypassRulesIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Default... + listPointer = listPointer->next; + if (nipper->defaultRulesIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Log Everything... + listPointer = listPointer->next; + if (nipper->allRulesLogIssue == false) + listPointer->password = true; + else + listPointer->password = false; + + // If Deny All and Log... + listPointer = listPointer->next; + if (nipper->denyLogIssue == false) + listPointer->password = true; + else + listPointer->password = false; +} + + +void table_row_span(struct nipperConfig *nipper, struct tableHeading *heading, char *text) +{ + // Variables... + int spanCount = 0; + char tempString[nipper->maxSize]; + struct tableHeading *headingPointer = 0; + + // Get the number of columns to span + headingPointer = heading; + while (headingPointer != 0) + { + spanCount++; + headingPointer = headingPointer->next; + } + + // Sanitise the text for the report format... + outputFriendly(text, tempString, nipper->maxSize, nipper->outputFormat); + + // Output the table row... + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "%s\n", spanCount, tempString); + break; + case output_xml: + fprintf(nipper->reportFile, " \n %s\n \n", spanCount, tempString); + break; + case output_latex: + fprintf(nipper->reportFile, "\\multicolumn{%d}{|c|}{%s} \\\\", spanCount, tempString); + break; + case output_text: + fprintf(nipper->reportFile, "%s\n", tempString); + break; + } +} + + +// Insert Start / End of Table +// --------------------------- +// This code inserts the start of end of a table into the +// report output. +void output_table(struct nipperConfig *nipper, int tableStart, const char *tableTitle, struct tableHeading *heading) +{ + // Variables + struct tableHeading *headingPointer = 0; + int tempInt = 0; + int total = 0; + int remainder = 0; + char friendlyCaption[nipper->maxSize]; + + outputFriendly((char *)tableTitle, friendlyCaption, nipper->maxSize, nipper->outputFormat); + + // Table start... + if (tableStart == true) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "\n \n \n ", nipper->tableNum, friendlyCaption); + headingPointer = heading; + while (headingPointer != 0) + { + if ((nipper->passwords == true) || (headingPointer->password == false)) + fprintf(nipper->reportFile, "\n ", headingPointer->heading); + headingPointer = headingPointer->next; + } + fprintf(nipper->reportFile, "\n \n\n \n"); + break; + + case output_xml: + fprintf(nipper->reportFile, "
Table %d: %s
%s
\n", nipper->tableNum, nipper->tableNum); + fprintf(nipper->reportFile, " \n \n", friendlyCaption); + headingPointer = heading; + while (headingPointer != 0) + { + if ((nipper->passwords == true) || (headingPointer->password == false)) + fprintf(nipper->reportFile, " %s\n", headingPointer->heading); + headingPointer = headingPointer->next; + } + fprintf(nipper->reportFile, " \n \n"); + break; + + case output_latex: + // Print start of table + fprintf(nipper->reportFile, "\\begin{table}[h!]\n"); + fprintf(nipper->reportFile, "\\begin{tabular}{|"); + headingPointer = heading; + while (headingPointer != 0) + { + if ((nipper->passwords == true) || (headingPointer->password == false)) + fprintf(nipper->reportFile, " c |"); + headingPointer = headingPointer->next; + } + fprintf(nipper->reportFile, "}\n\\hline\n"); + headingPointer = heading; + while (headingPointer != 0) + { + if ((nipper->passwords == true) || (headingPointer->password == false)) + { + if (headingPointer->next != 0) + fprintf(nipper->reportFile, "%s&", headingPointer->heading); + else + fprintf(nipper->reportFile, "%s\\\\\n", headingPointer->heading); + } + headingPointer = headingPointer->next; + } + fprintf(nipper->reportFile, "\\hline\n"); + break; + + case output_text: + total = 0; + tempInt = 0; + // Count headings length + headingPointer = heading; + while (headingPointer != 0) + { + if ((nipper->passwords == true) || (headingPointer->password == false)) + { + total += strlen(headingPointer->heading); + tempInt++; + } + headingPointer = headingPointer->next; + } + if (nipper->tableNum < 10) + remainder = 1; + else if (nipper->tableNum < 100) + remainder = 2; + else if (nipper->tableNum < 1000) + remainder = 3; + else + remainder = 4; + total += (tempInt * 2) - 2; + // Is table title or headings longest + if ((strlen(tableTitle) + 8 + remainder) > total) + total = strlen(tableTitle) + 8 + remainder; + // Print start of table + for (tempInt = 0; tempInt < total; tempInt++) + { + fprintf(nipper->reportFile, "-"); + } + fprintf(nipper->reportFile, "\n"); + headingPointer = heading; + while (headingPointer != 0) + { + if ((nipper->passwords == true) || (headingPointer->password == false)) + { + if (headingPointer->next != 0) + fprintf(nipper->reportFile, "%s, ", headingPointer->heading); + else + fprintf(nipper->reportFile, "%s", headingPointer->heading); + } + headingPointer = headingPointer->next; + } + fprintf(nipper->reportFile, "\n"); + for (tempInt = 0; tempInt < total; tempInt++) + { + fprintf(nipper->reportFile, "-"); + } + fprintf(nipper->reportFile, "\n"); + break; + } + } + + // Table end... + else + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, " \n
%s
\n 
\n\n"); + break; + + case output_xml: + fprintf(nipper->reportFile, " \n \n"); + break; + + case output_latex: + fprintf(nipper->reportFile, "\\end{tabular}\n"); + fprintf(nipper->reportFile, "\\caption{%s}\n", friendlyCaption); + fprintf(nipper->reportFile, "\\end{table}\n\n"); + break; + + case output_text: + total = 0; + tempInt = 0; + // Count headings length + headingPointer = heading; + while (headingPointer != 0) + { + if ((nipper->passwords == true) || (headingPointer->password == false)) + { + total += strlen(headingPointer->heading); + tempInt++; + } + headingPointer = headingPointer->next; + } + if (nipper->tableNum < 10) + remainder = 1; + else if (nipper->tableNum < 100) + remainder = 2; + else if (nipper->tableNum < 1000) + remainder = 3; + else + remainder = 4; + total += (tempInt * 2) - 2; + // Is table title or headings longest + if ((strlen(tableTitle) + 8 + remainder) > total) + total = strlen(tableTitle) + 8 + remainder; + for (tempInt = 0; tempInt < total; tempInt++) + { + fprintf(nipper->reportFile, "-"); + } + fprintf(nipper->reportFile, "\nTable %d: %s\n\n", nipper->tableNum, friendlyCaption); + break; + } + nipper->tableNum++; + } +} + + +// Insert New Paragrapgh +// --------------------- +// This code simply inserts a new paragraph. +void output_newPara(struct nipperConfig *nipper) +{ + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
\n 
\n"); + break; + case output_latex: + case output_text: + fprintf(nipper->reportFile, "\n\n"); + break; + } +} + + +#define section_main 0 +#define section_main_sec 1 +#define section_main_con 2 +#define section_main_app 3 +#define section_main_abt 4 +#define section_security 5 +#define section_config 6 +#define section_appendix 7 +#define section_about 8 +#define section_contents 20 + +// Report Index Parsing and Output +// ------------------------------- +// This code will output the index text and create hyperlinks (where required) for +// the different output formats. +void output_parseIndex(const char *theText, struct nipperConfig *nipper, int section) +{ + // Variables... + int textLoop = 0; + + // Increment Count... + nipper->subSectionCount++; + + switch (nipper->outputFormat) + { + case output_html: + if (section == section_security) + fprintf(nipper->reportFile, "    %d.%d. sectionCount, nipper->subSectionCount); + else if (section == section_config) + fprintf(nipper->reportFile, "    %d.%d. sectionCount, nipper->subSectionCount); + else if (section == section_appendix) + fprintf(nipper->reportFile, "    %d.%d. sectionCount, nipper->subSectionCount); + else if (section == section_about) + fprintf(nipper->reportFile, "    %d.%d. sectionCount, nipper->subSectionCount); + else + fprintf(nipper->reportFile, "    %d.%d. sectionCount, nipper->subSectionCount); + for (textLoop = 0; textLoop < strlen(theText); textLoop++) + { + if (theText[textLoop] != ' ') + fprintf(nipper->reportFile, "%c", theText[textLoop]); + } + fprintf(nipper->reportFile, "\">%s
\n", theText); + break; + + case output_text: + fprintf(nipper->reportFile, " %d.%d. %s\n", nipper->sectionCount, nipper->subSectionCount, theText); + break; + } +} + + +// Report Index Parsing and Output +// ------------------------------- +// This code will output the index text and create hyperlinks (where required) for +// the different output formats. +void output_parseSectionIndex(const char *theText, struct nipperConfig *nipper) +{ + // Variables... + int textLoop = 0; + + // Init Sub Section + nipper->sectionCount++; + nipper->subSectionCount = 0; + + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "%d. sectionCount); + for (textLoop = 0; textLoop < strlen(theText); textLoop++) + { + if (theText[textLoop] != ' ') + fprintf(nipper->reportFile, "%c", theText[textLoop]); + } + fprintf(nipper->reportFile, "\">%s
\n", theText); + break; + + case output_text: + fprintf(nipper->reportFile, "%d. %s\n", nipper->sectionCount, theText); + break; + } +} + + +// Report Title Parsing and Output +// ------------------------------- +// This code will output the section title and create a link destination (where +// required) for the different output formats. +void output_parseTitle(const char *theText, struct nipperConfig *nipper, int section) +{ + // Variables... + int textLoop = 0; + int length = 0; + char tempChar; + + // Sort out section counters... + if ((section == section_main_sec) || (section == section_main_con) || (section == section_main_app) || (section == section_main_abt) || (section == section_main)) + { + nipper->sectionCount++; + nipper->subSectionCount = 0; + } + else if (section != section_contents) + nipper->subSectionCount++; + + switch (nipper->outputFormat) + { + case output_latex: + if ((section == section_contents) || (section == section_main_sec) || (section == section_main_con) || (section == section_main_abt) || (section == section_main_app) || (section == section_main)) + fprintf(nipper->reportFile, "\\section["); + else + fprintf(nipper->reportFile, "\\subsection["); + for (textLoop = 0; textLoop < strlen(theText); textLoop++) + { + if (theText[textLoop] != ' ') + fprintf(nipper->reportFile, "%c", theText[textLoop]); + } + fprintf(nipper->reportFile, "%s]\n {%s}\n\n", nipper->hostname, theText); + break; + + case output_html: + if (section == section_contents) + fprintf(nipper->reportFile, "

reportFile, "

%d. sectionCount); + else if (section == section_security) + fprintf(nipper->reportFile, "

%d.%d. sectionCount, nipper->subSectionCount); + else if (section == section_config) + fprintf(nipper->reportFile, "

%d.%d. sectionCount, nipper->subSectionCount); + else if (section == section_appendix) + fprintf(nipper->reportFile, "

%d.%d. sectionCount, nipper->subSectionCount); + else if (section == section_about) + fprintf(nipper->reportFile, "

%d.%d. sectionCount, nipper->subSectionCount); + else + fprintf(nipper->reportFile, "

%d.%d. sectionCount, nipper->subSectionCount); + for (textLoop = 0; textLoop < strlen(theText); textLoop++) + { + if (theText[textLoop] != ' ') + fprintf(nipper->reportFile, "%c", theText[textLoop]); + } + if ((section == section_main_sec) || (section == section_contents) || (section == section_main_con) || (section == section_main_app) || (section == section_main)) + fprintf(nipper->reportFile, "\">%s

\n", theText); + else + fprintf(nipper->reportFile, "\">%s

\n", theText); + break; + + case output_xml: + if ((section == section_main) || (section == section_contents)) + fprintf(nipper->reportFile, "
reportFile, "
reportFile, "
reportFile, "
reportFile, "
reportFile, " reportFile, " reportFile, " reportFile, " reportFile, " title=\"%s\" ref=\"", theText); + for (textLoop = 0; textLoop < strlen(theText); textLoop++) + { + if (theText[textLoop] != ' ') + fprintf(nipper->reportFile, "%c", theText[textLoop]); + } + fprintf(nipper->reportFile, "%d%s\">\n", section + 48, nipper->hostname); + break; + + case output_text: + if ((section == section_main_sec) || (section == section_main_con) || (section == section_main_abt) || (section == section_main_app)) + tempChar = '~'; + else + tempChar = '-'; + length = strlen(theText); + if (section == section_contents) + fprintf(nipper->reportFile, "%s\n", theText); + else if ((section == section_main_sec) || (section == section_main_con) || (section == section_main_abt) || (section == section_main_app) || (section == section_main)) + { + fprintf(nipper->reportFile, "%d. %s\n", nipper->sectionCount, theText); + length += 3; + if (nipper->sectionCount > 9) + length++; + if (nipper->sectionCount > 99) + length++; + } + else + { + fprintf(nipper->reportFile, "%d.%d. %s\n", nipper->sectionCount, nipper->subSectionCount, theText); + length += 5; + if (nipper->sectionCount > 9) + length++; + if (nipper->sectionCount > 99) + length++; + if (nipper->subSectionCount > 9) + length++; + if (nipper->subSectionCount > 99) + length++; + } + for (textLoop = 0; textLoop < length; textLoop++) + { + fprintf(nipper->reportFile, "%c", tempChar); + } + fprintf(nipper->reportFile, "\n\n"); + break; + } +} + + +// Report End of Section +// --------------------- +// This routine outputs an end of section. +void output_endsection(struct nipperConfig *nipper, int reportSection) +{ + // Format... + switch (nipper->outputFormat) + { + case output_xml: + switch (reportSection) + { + case section_obs: + case section_imp: + case section_ease: + case section_rec: + fprintf(nipper->reportFile, " \n"); + break; + + case subsection_end: + fprintf(nipper->reportFile, " \n"); + break; + + case section_end: + fprintf(nipper->reportFile, "
\n"); + break; + } + break; + } +} + + +// Report Text Parsing and Output +// ------------------------------ +// This code outputs text to the report. The text could be a security report +// paragraph or just plain text. It will use the embeded codes to format the +// text for each output type. The current codes include: +// COMPANY - Company name +// DEVICENAME - The device name +// ABBREV ^ - Abbreviation +// COMMAND ^ - A command +// CMDOPTION ^ - A command option +// CMDREQUIRE ^ - A command requirement +// CMDOR - Command alternatives +// CMDUSER ^ - User supplied command entry +// NEWLINE - A newline +// - The data parameter is: +// SINGULA ^ - * equal to 1 +// PLAURAL ^ - * more than 1 +// POSITIVE ^ - * positive +// NEGATIVE ^ - * negative +// ZERO ^ - * zero +// TABLEREF - Insert Table Reference +// NUMBER - Insert Number (provided by data) +// NONEWPARA - No new paragraph at the end +// NEWPARA - Insert New Paragraph +// DEVICETYPE - Insert device type +// DEVICEVERSION - Device version details +// NOTEXTSTART - XML Only - Do not start with a +// DATE - Insert the current date +// INDENT - Text indentation +// TABLEITEM ^ - Text is used in a table cell +// Each code is encolsed in * and codes that have a start and end [^} use the +// same code with a - prepending it. +void output_parseText(const char *theText, struct nipperConfig *nipper, int reportSection, int rating, int data, int reference) +{ + // Variables... + int offset = 0; + int textLength = 0; + int abbreviationStatus = 0; + char *charPointer; + char tempString[nipper->maxSize]; + int dayType; + time_t tempTime; + const char *abbreviation; + + // Section... + if (strncmp(theText, "*TABLEITEM*", 11) != 0) + { + switch (reportSection) + { + case section_obs: + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, " \n "); + break; + case output_html: + fprintf(nipper->reportFile, "Observation: "); + break; + case output_latex: + case output_text: + fprintf(nipper->reportFile, "OBSERVATION: "); + break; + } + break; + + case section_imp: + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, " reportFile, "low"); + break; + case rate_lowmed: + fprintf(nipper->reportFile, "lowmed"); + break; + case rate_med: + fprintf(nipper->reportFile, "med"); + break; + case rate_medhigh: + fprintf(nipper->reportFile, "medhigh"); + break; + case rate_high: + fprintf(nipper->reportFile, "high"); + break; + } + fprintf(nipper->reportFile, "\">\n "); + break; + case output_html: + fprintf(nipper->reportFile, "Impact: "); + break; + case output_latex: + case output_text: + fprintf(nipper->reportFile, "IMPACT: "); + break; + } + break; + + case section_ease: + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, " reportFile, "noease "); + break; + case rate_trivial: + fprintf(nipper->reportFile, "trivial"); + break; + case rate_moderate: + fprintf(nipper->reportFile, "moderate"); + break; + case rate_difficult: + fprintf(nipper->reportFile, "difficult"); + break; + } + fprintf(nipper->reportFile, "\">\n "); + break; + case output_html: + if (rating == rate_noease) + fprintf(nipper->reportFile, "Ease: N/A"); + else + fprintf(nipper->reportFile, "Ease: "); + break; + case output_latex: + case output_text: + if (rating == rate_noease) + fprintf(nipper->reportFile, "EASE: N/A"); + else + fprintf(nipper->reportFile, "EASE: "); + break; + } + break; + + case section_rec: + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "Recommendation: "); + break; + case output_xml: + fprintf(nipper->reportFile, " \n "); + break; + case output_latex: + case output_text: + fprintf(nipper->reportFile, "RECOMMENDATION: "); + break; + } + break; + + default: + switch (nipper->outputFormat) + { + case output_xml: + if (strncmp(theText, "*NOTEXTSTART*", 13) != 0) + fprintf(nipper->reportFile, " "); + break; + } + break; + } + } + + // Parse the text + textLength = strlen(theText); + for (offset = 0; offset < textLength; offset++) + { + // Init... + memset(tempString, 0, sizeof(tempString)); + + // Company name... + if (strncmp("*COMPANY*", theText + offset, 9) == 0) + { + switch (nipper->outputFormat) + { + default: + fprintf(nipper->reportFile, "%s", nipper->companyName); + break; + } + offset += 8; + } + + // Table Item... + else if (strncmp("*TABLEITEM*", theText + offset, 11) == 0) + offset += 10; + else if (strncmp("*-TABLEITEM*", theText + offset, 12) == 0) + return; + + // Device name... + else if (strncmp("*DEVICENAME*", theText + offset, 12) == 0) + { + switch (nipper->outputFormat) + { + default: + fprintf(nipper->reportFile, "%s", nipper->hostname); + break; + } + offset += 11; + } + + // Device type... + else if (strncmp("*DEVICETYPE*", theText + offset, 12) == 0) + { + switch (nipper->deviceType) + { + case type_ios_switch: + fprintf(nipper->reportFile, "Cisco Switch"); + break; + case type_ios_router: + fprintf(nipper->reportFile, "Cisco Router"); + break; + case type_nmp_catalyst: + case type_cos_catalyst: + case type_ios_catalyst: + fprintf(nipper->reportFile, "Cisco Catalyst"); + break; + case type_passport: + fprintf(nipper->reportFile, "Bay Networks Accelar"); + break; + case type_bayaccelar: + fprintf(nipper->reportFile, "Nortel Passport"); + break; + case type_asa_firewall: + fprintf(nipper->reportFile, "Cisco "); + strcpy(tempString, "ASA"); + break; + case type_fwsm_firewall: + fprintf(nipper->reportFile, "Cisco "); + strcpy(tempString, "FWSM"); + break; + case type_pix_firewall: + fprintf(nipper->reportFile, "Cisco "); + strcpy(tempString, "PIX"); + break; + case type_css_filter: + fprintf(nipper->reportFile, "Cisco "); + abbreviation = getAbbreviation("CSS"); + if (nipper->outputFormat == output_xml) + { + if (addAbbreviation("CSS", true) == abbrev_expand) + fprintf(nipper->reportFile, "", abbreviation); + else + fprintf(nipper->reportFile, "", abbreviation); + } + else + { + if (addAbbreviation("CSS", true) == abbrev_expand) + fprintf(nipper->reportFile, "%s (CSS)", abbreviation); + else + fprintf(nipper->reportFile, "CSS"); + } + break; + case type_sos_firewall: + fprintf(nipper->reportFile, "Juniper NetScreen Firewall"); + break; + case type_fw1_firewall: + fprintf(nipper->reportFile, "CheckPoint Firewall-1"); + break; + case type_nokiaip: + fprintf(nipper->reportFile, "Nokia IP Firewall"); + break; + case type_sonicwall: + fprintf(nipper->reportFile, "SonicWall Firewall"); + break; + } + switch (nipper->deviceType) + { + case type_asa_firewall: + case type_pix_firewall: + case type_fwsm_firewall: + abbreviation = getAbbreviation(&tempString[0]); + if (nipper->outputFormat == output_xml) + { + if (addAbbreviation(tempString, true) == abbrev_expand) + fprintf(nipper->reportFile, " Firewall", abbreviation, tempString); + else + fprintf(nipper->reportFile, " Firewall", abbreviation, tempString); + } + else + { + if (addAbbreviation(tempString, true) == abbrev_expand) + fprintf(nipper->reportFile, "%s (%s) Firewall", abbreviation, tempString); + else + fprintf(nipper->reportFile, "%s Firewall", tempString); + } + break; + } + offset += 11; + } + + // Device type... + else if (strncmp("*DEVICEVERSION*", theText + offset, 15) == 0) + { + switch (nipper->deviceType) + { + case type_ios_switch: + case type_ios_router: + case type_ios_catalyst: + strcpy(tempString, "IOS"); + break; + case type_nmp_catalyst: + strcpy(tempString, "NMP"); + break; + case type_cos_catalyst: + strcpy(tempString, "CatOS"); + break; + case type_asa_firewall: + strcpy(tempString, "ASA"); + break; + case type_fwsm_firewall: + strcpy(tempString, "FWSM"); + break; + case type_pix_firewall: + strcpy(tempString, "PIX"); + break; + case type_css_filter: + strcpy(tempString, "CSS"); + break; + } + switch (nipper->deviceType) + { + case type_ios_switch: + case type_ios_router: + case type_ios_catalyst: + case type_nmp_catalyst: + case type_cos_catalyst: + case type_asa_firewall: + case type_fwsm_firewall: + case type_pix_firewall: + case type_css_filter: + abbreviation = getAbbreviation(&tempString[0]); + if (nipper->outputFormat == output_xml) + { + if (addAbbreviation(tempString, true) == abbrev_expand) + fprintf(nipper->reportFile, " version %s", abbreviation, tempString, nipper->version); + else + fprintf(nipper->reportFile, " version %s", abbreviation, tempString, nipper->version); + } + else + { + if (addAbbreviation(tempString, true) == abbrev_expand) + fprintf(nipper->reportFile, "%s (%s) version %s", abbreviation, tempString, nipper->version); + else + fprintf(nipper->reportFile, "%s version %s", tempString, nipper->version); + } + break; + case type_passport: + fprintf(nipper->reportFile, "Passport software version %s", nipper->version); + break; + case type_bayaccelar: + fprintf(nipper->reportFile, "Accelar software version %s", nipper->version); + break; + case type_fw1_firewall: + fprintf(nipper->reportFile, "Firewall-1 version %s", nipper->version); + break; + case type_nokiaip: + fprintf(nipper->reportFile, "Nokia IP version %s", nipper->version); + break; + case type_sonicwall: + fprintf(nipper->reportFile, "SonicOS version %s", nipper->version); + break; + } + offset += 14; + } + + // Newline... + else if (strncmp("*NEWLINE*", theText + offset, 9) == 0) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, " 
\n"); + break; + default: + fprintf(nipper->reportFile, "\n"); + break; + } + offset += 8; + } + + // New paragraph... + else if (strncmp("*NEWPARA*", theText + offset, 9) == 0) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
\n 
\n"); + break; + case output_xml: + fprintf(nipper->reportFile, "\n "); + break; + default: + fprintf(nipper->reportFile, "\n\n"); + break; + } + offset += 8; + } + + // Indentation... + else if (strncmp("*INDENT*", theText + offset, 8) == 0) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "    "); + break; + default: + fprintf(nipper->reportFile, " "); + break; + } + offset += 7; + } + + // Singula... + else if (strncmp("*SINGULA*", theText + offset, 9) == 0) + { + // If not singula, skip the entire section + if (data != 1) + { + charPointer = strstr(theText + offset, "*-SINGULA*"); + if (charPointer != 0) + offset = charPointer - theText + 9; + } + else + offset += 8; + } + else if (strncmp("*-SINGULA*", theText + offset, 10) == 0) + offset += 9; + + // Plaural... + else if (strncmp("*PLAURAL*", theText + offset, 9) == 0) + { + // If not plaural, skip the entire section + if (data < 2) + { + charPointer = strstr(theText + offset, "*-PLAURAL*"); + if (charPointer != 0) + offset = charPointer - theText + 9; + } + else + offset += 8; + } + else if (strncmp("*-PLAURAL*", theText + offset, 10) == 0) + offset += 9; + + // Positive... + else if (strncmp("*POSITIVE*", theText + offset, 10) == 0) + { + // If not positive, skip the entire section + if (data < 1) + { + charPointer = strstr(theText + offset, "*-POSITIVE*"); + if (charPointer != 0) + offset = charPointer - theText + 10; + } + else + offset += 9; + } + else if (strncmp("*-POSITIVE*", theText + offset, 11) == 0) + offset += 10; + + // Negative... + else if (strncmp("*NEGATIVE*", theText + offset, 10) == 0) + { + // If not negative, skip the entire section + if (data >= 0) + { + charPointer = strstr(theText + offset, "*-NEGATIVE*"); + if (charPointer != 0) + offset = charPointer - theText + 10; + } + else + offset += 9; + } + else if (strncmp("*-NEGATIVE*", theText + offset, 11) == 0) + offset += 10; + + // Zero... + else if (strncmp("*ZERO*", theText + offset, 6) == 0) + { + // If not zero, skip the entire section + if (data != 0) + { + charPointer = strstr(theText + offset, "*-ZERO*"); + if (charPointer != 0) + offset = charPointer - theText + 6; + } + else + offset += 5; + } + else if (strncmp("*-ZERO*", theText + offset, 7) == 0) + offset += 6; + + // Date... + else if (strncmp("*DATE*", theText + offset, 6) == 0) + { + tempTime = time(NULL); + + // Day of week... + strftime(tempString, nipper->maxSize, "%A", localtime(&tempTime)); + fprintf(nipper->reportFile, "%s ", tempString); + + // Day of month... + strftime(tempString, nipper->maxSize, "%d", localtime(&tempTime)); + dayType = tempString[1] - 48; + if (tempString[0] == '0') + { + tempString[0] = tempString[1]; + tempString[1] = 0; + } + switch (dayType) + { + case 1: + fprintf(nipper->reportFile, "%sst ", tempString); + break; + case 2: + fprintf(nipper->reportFile, "%snd ", tempString); + break; + case 3: + fprintf(nipper->reportFile, "%srd ", tempString); + break; + default: + fprintf(nipper->reportFile, "%sth ", tempString); + break; + } + + // Month + Year + strftime(tempString, nipper->maxSize, "%B %Y", localtime(&tempTime)); + fprintf(nipper->reportFile, "%s", tempString); + offset += 5; + } + + // Command... + else if (strncmp("*COMMAND*", theText + offset, 9) == 0) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
"); + break; + case output_latex: + fprintf(nipper->reportFile, "\\texttt{"); + break; + case output_xml: + fprintf(nipper->reportFile, ""); + break; + default: + fprintf(nipper->reportFile, "\""); + break; + } + offset += 8; + } + else if (strncmp("*-COMMAND*", theText + offset, 10) == 0) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
"); + break; + case output_latex: + fprintf(nipper->reportFile, "}"); + break; + case output_xml: + fprintf(nipper->reportFile, ""); + break; + default: + fprintf(nipper->reportFile, "\""); + break; + } + offset += 9; + } + + // Command Requirement... + else if (strncmp("*CMDREQUIRE*", theText + offset, 12) == 0) + { + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, ""); + break; + default: + fprintf(nipper->reportFile, "{"); + break; + } + offset += 11; + } + else if (strncmp("*-CMDREQUIRE*", theText + offset, 13) == 0) + { + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, ""); + break; + default: + fprintf(nipper->reportFile, "}"); + break; + } + offset += 12; + } + + // Command Option... + else if (strncmp("*CMDOPTION*", theText + offset, 11) == 0) + { + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, ""); + break; + default: + fprintf(nipper->reportFile, "["); + break; + } + offset += 10; + } + else if (strncmp("*-CMDOPTION*", theText + offset, 12) == 0) + { + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, ""); + break; + default: + fprintf(nipper->reportFile, "]"); + break; + } + offset += 11; + } + + // Command Alternative... + else if (strncmp("*CMDOR*", theText + offset, 7) == 0) + { + switch (nipper->outputFormat) + { + default: + fprintf(nipper->reportFile, "|"); + break; + } + offset += 6; + } + + // Command Text... + else if (strncmp("*CMDUSER*", theText + offset, 9) == 0) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, ""); + break; + } + offset += 8; + } + else if (strncmp("*-CMDUSER*", theText + offset, 10) == 0) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, ""); + break; + } + offset += 9; + } + + // Table Reference... + else if (strncmp("*TABLEREF*", theText + offset, 10) == 0) + { + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, "", reference); + break; + default: + fprintf(nipper->reportFile, "%d", reference); + break; + } + offset += 9; + } + + // Number... + else if (strncmp("*NUMBER*", theText + offset, 8) == 0) + { + numToWord(nipper->reportFile, data); + offset += 7; + } + + // No XML Text start... + else if (strncmp("*NOTEXTSTART*", theText + offset, 13) == 0) + offset += 12; + + // Abbreviation... + else if (strncmp("*ABBREV*", theText + offset, 8) == 0) + { + // Get abbreviation... + offset += 8; + charPointer = strstr(theText + offset, "*-ABBREV*"); + if (charPointer != 0) + { + strncpy(tempString, theText + offset, charPointer - theText - offset); + offset = charPointer - theText + 8; + abbreviationStatus = addAbbreviation(&tempString[0], true); + + // Process + switch (nipper->outputFormat) + { + case output_xml: + abbreviation = getAbbreviation(&tempString[0]); + if (abbreviationStatus == abbrev_expand) + fprintf(nipper->reportFile, "", abbreviation, tempString); + else + fprintf(nipper->reportFile, "", abbreviation, tempString); + break; + default: + switch (abbreviationStatus) + { + case abbrev_expand: + abbreviation = getAbbreviation(&tempString[0]); + // If ACLs or ACEs + if (strcmp(tempString, "ACLs") == 0) + sprintf(tempString, "ACL"); + else if (strcmp(tempString, "ACEs") == 0) + sprintf(tempString, "ACE"); + if (abbreviation != 0) + fprintf(nipper->reportFile, "%s (%s)", abbreviation, tempString); + else + fprintf(nipper->reportFile, "%s", tempString); + break; + default: + fprintf(nipper->reportFile, "%s", tempString); + break; + } + break; + } + } + } + else if (strncmp("*-ABBREV*", theText + offset, 9) == 0) + { + offset += 8; + } + + // No new paragraph at end + else if (strncmp("*NONEWPARA*", theText + offset, 11) == 0) + return; + + // Output text + else + { + fprintf(nipper->reportFile, "%c", theText[offset]); + } + } + + // End text + switch (nipper->outputFormat) + { + case output_xml: + fprintf(nipper->reportFile, "\n"); + break; + } + output_newPara(nipper); +} + + +// Generate Appendix +// ----------------- +// This code generates the appendix section. +void generateAppendix(struct nipperConfig *nipper) +{ + // Variables + int tempInt = 0; + struct abbrev *abbrevPointer = 0; + struct ports *portPointer = 0; + + // Check that there is something to show + if ((nipper->abs == true) || (nipper->commonPorts == true) || (nipper->loggingLevels == true) || (nipper->glossary == true) || (nipper->nipperVersion == true)) + { + + // Display Section Start + output_parseTitle(appendix_title, nipper, section_main_app); + + // Abbreviations + abbrevPointer = &ab_append; + while ((abbrevPointer->next != 0) && (abbrevPointer->add == false)) + abbrevPointer = abbrevPointer->next; + if ((nipper->abs == true) && (abbrevPointer->add == true)) + { + output_parseTitle(appendix_abbrev_title, nipper, section_appendix); + + // Display Start of abbreviations + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "\n\n"); + break; + case output_xml: + fprintf(nipper->reportFile, " \n"); + break; + case output_text: + fprintf(nipper->reportFile, "-------------\nAbbreviations\n-------------\n"); + break; + case output_latex: + fprintf(nipper->reportFile, "\\begin{quote}\n\\begin{tabular}{ll}\n"); + break; + } + + // Display Abbreviations + while (abbrevPointer != 0) + { + if (abbrevPointer->add == true) + { + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "\n", abbrevPointer->ab, abbrevPointer->desc); + break; + case output_xml: + fprintf(nipper->reportFile, " %s\n", abbrevPointer->ab, abbrevPointer->desc); + break; + case output_text: + fprintf(nipper->reportFile, " %s", abbrevPointer->ab); + if (strlen(abbrevPointer->ab) < 10) + tempInt = 10 - strlen(abbrevPointer->ab); + else + tempInt = 1; + while (tempInt != 0) + { + fprintf(nipper->reportFile, " "); + tempInt--; + } + fprintf(nipper->reportFile, ": %s\n", abbrevPointer->desc); + break; + case output_latex: + fprintf(nipper->reportFile, "%s&%s\\\\\n", abbrevPointer->ab, abbrevPointer->desc); + break; + } + } + abbrevPointer = abbrevPointer->next; + } + + // Display End of Abbreviations + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "\n
%s%s
\n 
\n\n"); + break; + case output_xml: + fprintf(nipper->reportFile, " \n"); + break; + case output_text: + fprintf(nipper->reportFile, "-------------\n\n"); + break; + case output_latex: + fprintf(nipper->reportFile, "\\end{tabular}\n\\end{quote}\n\n"); + break; + } + + // Output the end of the abbreviations section + output_endsection(nipper, subsection_end); + } + + // Common Ports + portPointer = &ap_port; + while ((portPointer->next != 0) && (portPointer->add == false)) + portPointer = portPointer->next; + if ((nipper->commonPorts == true) && (portPointer->add == true)) + { + output_parseTitle(appendix_ports_title, nipper, section_appendix); + + // Display Ports + output_table(nipper, true, appendix_ports_table, &appendix_ports_heading); + while (portPointer != 0) + { + if (portPointer->add == true) + fprintf(nipper->reportFile, "%s%s%s%d%s", nipper->tablerow_start, portPointer->text, nipper->tablerow_mid, portPointer->port, nipper->tablerow_end); + portPointer = portPointer->next; + } + output_table(nipper, false, appendix_ports_table, &appendix_ports_heading); + + // Output the end of the ports section + output_endsection(nipper, subsection_end); + } + + // Logging Levels + if (nipper->loggingLevels == true) + { + output_parseTitle(appendix_logging_title, nipper, section_appendix); + output_table(nipper, true, appendix_logging_table, &appendix_logging_heading); + fprintf(nipper->reportFile, "%s0%sEmergencies%sSystem is unstable%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%s1%sAlerts%sImmediate action is required%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%s2%sCritical%sCritical conditions%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%s3%sErrors%sError conditions%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%s4%sWarnings%sWarning conditions%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%s5%sNotifications%sSignificant conditions%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%s6%sInformational%sInformational messages%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%s7%sDebugging%sDebugging messages%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, appendix_logging_table, &appendix_logging_heading); + output_endsection(nipper, subsection_end); + } + + // Time Zones + if (nipper->timeZones == true) + { + output_parseTitle(appendix_timezones_title, nipper, section_appendix); + output_table(nipper, true, appendix_timezones_table, &appendix_timezones_heading); + fprintf(nipper->reportFile, "%sAustralia%sCST%sCentral Standard Time%s+9.5 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sAustralia%sEST%sEastern Standard/Summer Time%s+10 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sAustralia%sWST%sWestern Standard Time%s+8 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sBST%sBritish Summer Time%s+1 hour%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sCEST%sCentral Europe Summer Time%s+2 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sCET%sCentral Europe Time%s+1 hour%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sEEST%sEastern Europe Summer Time%s+3 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sEST%sEastern Europe Time%s+2 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sGMT%sGreenwich Mean Time%s %s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sIST%sIrish Summer Time%s+1 hour%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sMSK%sMoscow Time%s+3 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sWEST%sWestern Europe Summer Time%s+1 hour%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sEurope%sWET%sWestern Europe Time%s+1 hour%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sADT%sAtlantic Daylight Time%s-3 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sAKDT%sAlaska Standard Daylight Saving Time%s-8 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sAKST%sAlaska Standard Time%s-9 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sAST%sAtlantic Standard Time%s-4 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sCDT%sCentral Daylight Saving Time%s-5 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sCST%sCentral Standard Time%s-6 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sEDT%sEastern Daylight Time%s-4 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sEST%sEastern Standard Time%s-5 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sHST%sHawaiian Standard Time%s-10 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sMDT%sMountain Daylight Time%s-6 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sMST%sMountain Standard Time%s-7 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sPDT%sPacific Daylight Time%s-7 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + fprintf(nipper->reportFile, "%sUSA and Canada%sPST%sPacific Standard Time%s-3 hours%s", nipper->tablerow_start, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_mid, nipper->tablerow_end); + output_table(nipper, false, appendix_timezones_table, &appendix_timezones_heading); + output_endsection(nipper, subsection_end); + } + + // Nipper Version Details + if (nipper->nipperVersion == true) + { + output_parseTitle(appendix_version_title, nipper, section_appendix); + output_parseText(appendix_version_desc1, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", program_version); + output_parseText(appendix_version_desc2, nipper, section_none, rate_none, 0, 0); + output_endsection(nipper, subsection_end); + } + + // Output section end + output_endsection(nipper, section_end); + } +} + +// Abbreviation Contents +// --------------------- +// This code inserts abbreviation contents +void output_abbrevContents(struct nipperConfig *nipper) +{ + if ((nipper->appendix == true) && ((nipper->abs == true) || (nipper->commonPorts == true) || (nipper->loggingLevels == true) || (nipper->glossary == true) || (nipper->nipperVersion == true))) + { + output_parseSectionIndex(appendix_title, nipper); + + // Abbreviations + if (nipper->abs == true) + output_parseIndex(appendix_abbrev_title, nipper, section_appendix); + + // Common Ports + if (nipper->commonPorts == true) + output_parseIndex(appendix_ports_title, nipper, section_appendix); + + // Logging + if (nipper->loggingLevels == true) + output_parseIndex(appendix_logging_title, nipper, section_appendix); + + // Time Zones + if (nipper->timeZones == true) + output_parseIndex(appendix_timezones_title, nipper, section_appendix); + + // Nipper Version + if (nipper->nipperVersion == true) + output_parseIndex(appendix_version_title, nipper, section_appendix); + } + + // End of security index + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "
\n"); + break; + case output_text: + fprintf(nipper->reportFile, "\n\n"); + break; + } +} + + +// Add an item to a heading +struct tableHeading *newListItem(struct tableHeading *list, const char *text) +{ + // Variables... + struct tableHeading *listPointer; + + // If first one... + if (list == 0) + listPointer = malloc(sizeof(struct tableHeading)); + else + { + listPointer = list; + while (listPointer->next != 0) + listPointer = listPointer->next; + listPointer->next = malloc(sizeof(struct tableHeading)); + listPointer = listPointer->next; + } + + // Init... + memset(listPointer, 0 , sizeof(struct tableHeading)); + listPointer->password = false; + listPointer->width = 1; + listPointer->heading = text; + + // Return... + if (list == 0) + return listPointer; + else + return list; +} + + +// Add Report Section +void addReportSection(struct nipperConfig *nipper, int section, const char *sectionTitle, const char *shortConText, const char *shortRecText, int overall, int impact, int ease, int rec, void (*sectionWriter)(struct nipperConfig *nipper)) +{ + // Variables... + struct reportText *reportTextPointer = 0; + + // Create new report text struct... + if (nipper->report == 0) + { + nipper->report = malloc(sizeof(struct reportText)); + reportTextPointer = nipper->report; + } + else + { + reportTextPointer = nipper->report; + while (reportTextPointer->next != 0) + reportTextPointer = reportTextPointer->next; + reportTextPointer->next = malloc(sizeof(struct reportText)); + reportTextPointer = reportTextPointer->next; + } + + // Init... + memset(reportTextPointer, 0 , sizeof(struct reportText)); + + // Copy... + reportTextPointer->section = section; + reportTextPointer->sectionTitle = sectionTitle; + reportTextPointer->shortConText = shortConText; + reportTextPointer->shortRecText = shortRecText; + reportTextPointer->scoreOverall = overall; + reportTextPointer->scoreOverall = impact; + reportTextPointer->scoreOverall = ease; + reportTextPointer->scoreOverall = rec; + reportTextPointer->writeSection = sectionWriter; +} + + diff --git a/0.11.10/common/report-text.c b/0.11.10/common/report-text.c new file mode 100644 index 0000000..fa53dd9 --- /dev/null +++ b/0.11.10/common/report-text.c @@ -0,0 +1,1634 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +const char *table_html_rowstart = ""; +const char *table_html_rowmid = ""; +const char *table_html_rowend = "\n"; +const char *table_html_itemsep = "
"; +const char *table_xml_rowstart = " \n "; +const char *table_xml_rowmid = "\n "; +const char *table_xml_rowend = "\n \n"; +const char *table_xml_itemsep = ""; +const char *table_text_rowstart = ""; +const char *table_text_rowmid = ", "; +const char *table_text_rowend = "\n"; +const char *table_text_itemsep = " "; +const char *table_latex_rowstart = ""; +const char *table_latex_rowmid = "&"; +const char *table_latex_rowend = "\\\\\n\\hline\n"; +const char *table_latex_itemsep = " "; + + +struct tableHeading +{ + int password; // Does the field represent a password (true or false) + int width; // Proportionate column width + const char *heading; // The Heading + struct tableHeading *next; +}; + + +// HTML Cascading Style Sheet +const char *html_css = "body {font-size: 80%; margin: 0px; padding: 0px; font-family: arial, sans-serif;}\n" + " .mainbody { background-color: #EFEFEF;}\n" + " .pagebody {width: 90%; margin: 0px auto; padding: 12px; background-color: #FFFFFF; border: solid 1px rgb(100,100,100);}\n" + " .command {font-size: 95%; font-family: courier;}\n" + " caption { caption-side : bottom; font-style : italic;}\n" + " .table {clear: left; border: solid 1px rgb(150,150,150); empty-cells: show; border-collapse: collapse; background-color: rgb(233,232,244); width: 100%}\n" + " .table tr {margin: 0px; padding: 0px;}\n" + " .table td {padding: 2px 7px 2px 7px; border: solid 1px rgb(150,150,150); text-align: left; font-size: 100%;}\n" + " .table th {margin: 0px; padding: 2px 7px 2px 7px; border: solid 1px rgb(150,150,150); empty-cells: show; text-align: left; font-size: 100%; background-color: #BEB8FB;}\n"; + + +// ---------------------------------------------------------------------------------- +// About this report Text... + +// Organisation +const char *report_organisation = "This *DEVICETYPE* *DEVICENAME* report was produced by *COMPANY* on *DATE*. The report contains the following sections:"; +const char *report_organisation_fw1 = "This *DEVICETYPE* report was produced by *COMPANY* on *DATE*. The report contains the following sections:"; +struct tableHeading report_organisation_heading6 = {false, 1, "an appendix section detailing the software used to produce this report", 0}; +struct tableHeading report_organisation_heading5 = {false, 1, "a time zones appendix section that details a number of the most commonly used time zones", &report_organisation_heading6}; +struct tableHeading report_organisation_heading4 = {false, 1, "an appendix section detailing the logging severity levels used by the logging facility", &report_organisation_heading5}; +struct tableHeading report_organisation_heading3 = {false, 1, "a common ports appendix section that details the TCP and UDP port numbers for the common services outlined within the report", &report_organisation_heading4}; +struct tableHeading report_organisation_heading2 = {false, 1, "an abbreviations appendix section that expands any abbreviations used within the report", &report_organisation_heading3}; +struct tableHeading report_organisation_heading1 = {false, 1, "a configuration report section that details the configuration settings", &report_organisation_heading2}; +struct tableHeading report_organisation_heading = {false, 1, "a security audit report section that details any identified security-related issues. Each security issue includes a description of the issue, its impact, how easy it would be to exploit and a recommendation. The recommendations include, where appropriate, the command(s) to resolve the issue", &report_organisation_heading1}; + +// Conventions +const char *report_conventions = "This report makes use of the text conventions outlined in Table *TABLEREF*."; +const char *report_conventions_table = "Report text conventions"; +struct tableHeading report_conventions_heading1 = {false, 7, "Description", 0}; +struct tableHeading report_conventions_heading = {false, 3, "Convention", &report_conventions_heading1}; +const char *report_conventions1_1 = "*TABLEITEM**COMMAND*command*-COMMAND**-TABLEITEM*"; +const char *report_conventions1_2 = "*TABLEITEM*This text style represents the *DEVICETYPE* command text that has to be entered literally.*-TABLEITEM*"; +const char *report_conventions2_1 = "*TABLEITEM**COMMAND**CMDUSER*string*-CMDUSER**-COMMAND**-TABLEITEM*"; +const char *report_conventions2_2 = "*TABLEITEM*This text style represents the *DEVICETYPE* command text that the you have to enter.*-TABLEITEM*"; +const char *report_conventions3_1 = "*TABLEITEM**COMMAND**CMDOPTION* *-CMDOPTION**-COMMAND**-TABLEITEM*"; +const char *report_conventions3_2 = "*TABLEITEM*Used to enclose a *DEVICETYPE* command option.*-TABLEITEM*"; +const char *report_conventions4_1 = "*TABLEITEM**COMMAND**CMDREQUIRE* *-CMDREQUIRE**-COMMAND**-TABLEITEM*"; +const char *report_conventions4_2 = "*TABLEITEM*Used to enclose a *DEVICETYPE* command requirement.*-TABLEITEM*"; +const char *report_conventions5_1 = "*TABLEITEM**COMMAND**CMDOR**-COMMAND**-TABLEITEM*"; +const char *report_conventions5_2 = "*TABLEITEM*Divides command option or requirement choices.*-TABLEITEM*"; + + +// ---------------------------------------------------------------------------------- +// Report Text... + +// Introduction +const char *report_security_intro_fw1 = "*COMPANY* performed a security audit of the *DEVICETYPE* firewall on *DATE*. This section details the findings of the security audit together with the impact and recommendations*-POSITIVE*."; +const char *report_security_intro = "*COMPANY* performed a security audit of the *DEVICETYPE* *DEVICENAME* on *DATE*. This section details the findings of the security audit together with the impact and recommendations*-POSITIVE*."; +const char *report_security_title = "Security Audit"; + +// Conclusions +const char *report_security_concl_fw1 = "*COMPANY* performed a security audit of the *DEVICETYPE* firewall on *DATE* and identified *POSITIVE**NUMBER* security-related issue*PLAURAL*s*-PLAURAL*. *COMPANY* determined that:*-POSITIVE**ZERO*no security-related issues.*-ZERO*"; +const char *report_security_concl = "*COMPANY* performed a security audit of the *DEVICETYPE* device *DEVICENAME* on *DATE* and identified *POSITIVE**NUMBER* security-related issue*PLAURAL*s*-PLAURAL*. *COMPANY* determined that:*-POSITIVE**ZERO*no security-related issues.*-ZERO*"; + +// Interface Headings... +struct tableHeading report_interface_heading1 = {false, 7, "Description", 0}; +struct tableHeading report_interface_heading = {false, 3, "Interface", &report_interface_heading1}; +struct tableHeading report_interfacepix_heading1 = {false, 1, "Name", 0}; +struct tableHeading report_interfacepix_heading = {false, 1, "Interface", &report_interfacepix_heading1}; + +const char *endottext = "*NOTEXTSTART*"; + +// Software Versions +const char *report_osver_title = "Software Version"; +const char *report_osver_obs1 = "It is critically important that software be regularly maintained with patches and upgrades in order to help mitigate the risk of an attacker exploiting a known software vulnerability. Furthermore, additional security features and other functionality are normally added or extended with each software revision.*NEWPARA**COMPANY* determined that the *DEVICETYPE* *DEVICENAME* was running the out of date software *DEVICEVERSION*.*PLAURAL* Some of the known vulnerabilities for this software version are listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_osver_obs2 = "It is worth noting that *COMPANY* used the version number detailed in the device configuration to identify the potential vulnerabilities, and patches may have already been applied. Additionally, a specific device configuration may be required in order for the device to become vulnerable."; +const char *report_osver_obs3 = "*COMPANY* identified a potential vulnerability in *DEVICEVERSION* which is described in various vulnerability databases as *NONEWPARA*"; +const char *report_osver_impact1 = "*PLAURAL*The vulnerabilities listed in Table *TABLEREF* could allow an attacker to*-PLAURAL**SINGULA*The vulnerability outlined above could allow an attacker to*-SINGULA* *NONEWPARA*"; +const char *report_osver_impact2 = "*NOTEXTSTART*gain remote administrative access or perform a *ABBREV*DoS*-ABBREV* attack."; +const char *report_osver_impact3 = "*NOTEXTSTART*perform a *ABBREV*DoS*-ABBREV* attack."; +const char *report_osver_impact4 = "*NOTEXTSTART*gain remote administrative access."; +const char *report_osver_impact5 = "Out of date software could contain known vulnerabilities that may allow an attacker to gain remote administrative access or perform a *ABBREV*DoS*-ABBREV* attack."; +const char *report_osver_ease = "Exploit code is widely available on the Internet for known *DEVICETYPE* vulnerabilities."; +const char *report_osver_rec = "*COMPANY* strongly recommends that the software be updated and patched to the latest software version. Furthermore, *COMPANY* recommends that the current patch policy be reviewed."; +const char *report_osver_context = "the software version was out of date"; +const char *report_osver_rectext = "Update the software to the latest version"; +const char *report_osver_table = "Potential software vulnerabilities"; +struct tableHeading report_osver_heading2 = {false, 1, "Bugtraq ID", 0}; +struct tableHeading report_osver_heading1 = {false, 1, "CVE Reference", &report_osver_heading2}; +struct tableHeading report_osver_heading = {false, 4, "Description", &report_osver_heading1}; + +// Dictionary-based Password +const char *report_dict_title1 = "Dictionary-based Passwords / Keys"; +const char *report_dict_title2 = "Dictionary-based Password / Key"; +const char *report_dict_obs = "Attackers will often have dictionaries of words that contain names, places, default passwords and other common passwords. If a password or key is likely to be contained within an attacker's dictionary, they could gain access to the system.*NEWPARA*The passwords and keys of the device *DEVICENAME* were tested against a small dictionary and *NUMBER* password*SINGULA* / key was identified. *NONEWPARA**-SINGULA**PLAURAL*s / keys were identified. These are listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_dict_impact = "An attacker who was able to identify a password or key would be able to gain a level of access to the device, based on what service the password / key was used for."; +const char *report_dict_ease = "Tools are available on the Internet that can perform dictionary-based password guessing against a number of network services."; +const char *report_dict_rec = "*COMPANY* strongly recommends that the password*PLAURAL*s*-PLAURAL* identified be immediately changed to something that is more difficult to guess. *COMPANY* recommends that passwords be made up of at least *NONEWPARA*"; +const char *report_dict_context = "dictionary-based passwords / keys were in use"; +const char *report_dict_rectext = "Change dictionary-based passwords / keys for ones that are more complex"; +const char *report_dict_table = "Dictionary-based passwords / keys"; +struct tableHeading report_dict_heading3 = {true, 3, "Password", 0}; +struct tableHeading report_dict_heading2 = {false, 3, "Username", &report_dict_heading3}; +struct tableHeading report_dict_heading1 = {false, 2, "Service", &report_dict_heading2}; +struct tableHeading report_dict_heading = {false, 2, "Type", &report_dict_heading1}; + +// Password Strength +const char *report_strength_title1 = "Weak Passwords / Keys"; +const char *report_strength_title2 = "Weak Password / Key"; +const char *report_strength_obs = "Strong passwords tend to contain a number of different types of character, such as uppercase and lowercase letters, numbers and punctuation characters. Weaker passwords tend not to contain a mixture of character types. Additionally, weaker passwords tend to be short in length.*NEWPARA**COMPANY* identified *NUMBER* password*SINGULA* / key*-SINGULA**PLAURAL*s / keys*-PLAURAL* that did not meet the minimum password complexity requirements. *PLAURAL*These are listed in Table *TABLEREF*.*-PLAURAL**SINGULA**NONEWPARA**-SINGULA*"; +const char *report_strength_impact = "If an attacker were able to gain a password or key, either through dictionary-based guessing techniques or by a brute-force method, the attacker could gain a level of access to *DEVICENAME*."; +const char *report_strength_ease = "A number of dictionary-based password guessing and password brute-force tools are available on the Internet."; +const char *report_strength_rec = "*COMPANY* strongly recommends that the weak password*PLAURAL*s*-PLAURAL* be immediately changed to *PLAURAL*ones that are*-PLAURAL**SINGULA*one that is*-SINGULA* stronger. *COMPANY* recommends that passwords be made up of at least *NONEWPARA*"; +const char *report_strength_context = "weak passwords / keys were identified"; +const char *report_strength_rectext = "Change weak passwords / keys for ones that are stronger"; +const char *report_strength_table = "Weak passwords / keys"; +// Dictionary-based headings are used for the weak passwords table. + +// Configuration Auto-Loading +const char *report_configauto_title = "Configuration Auto-Loading"; +const char *report_configauto_obs = "Cisco devices are capable of loading their configuration from other network devices, rather than using a local configuration file.*NEWPARA*Although the configuration auto-loading feature is typically disabled by default on Cisco devices, *COMPANY* determined that the *DEVICENAME* had configuration auto-loading enabled."; +const char *report_configauto_impact = "The Cisco device configuration files are transmitted unencrypted over the network. An attacker who is able to monitor the network would be able to capture a copy of the device configuration. The attacker would also be able to capture any clear-text passwords or password hashes contained within the configuration file."; +const char *report_configauto_ease = "Tools are widely available on the Internet that would allow an attacker to capture network traffic and reconstruct network streams."; +const char *report_configauto_rec = "*COMPANY* recommends that, if not required, configuration auto-loading be disabled. The following Cisco *ABBREV*IOS*-ABBREV* commands can be used to disable configuration auto-loading:*NEWPARA**COMMAND*no boot network*-COMMAND**NEWLINE**COMMAND*no service config*-COMMAND*"; +const char *report_configauto_context = "configuration auto-loading was configured"; +const char *report_configauto_rectext = "Disable configuration auto-loading"; + +// IP Directed Broadcasts +const char *report_ipdirected_title = "Directed Broadcasts"; +const char *report_ipdirected_obs = "*ABBREV*ICMP*-ABBREV* echo requests can be addressed to an entire network or subnet as well as to individual hosts. Disabling directed broadcasts on each individual network interface will help prevent network ping requests. Directed broadcasts are usually enabled by default on Cisco devices running *ABBREV*IOS*-ABBREV* version 11.3 and earlier.*NEWPARA**COMPANY* determined that the device *DEVICENAME* had support for directed broadcasts enabled on the network *SINGULA*interface *NONEWPARA**-SINGULA**PLAURAL*interfaces listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_ipdirected_impact = "A *ABBREV*DoS*-ABBREV* attack exists that makes use of network echo requests, known as a smurf attack. An attacker would send an ICMP echo request with the victim hosts *ABBREV*IP*-ABBREV* address spoofed as the source. The hosts on the network would then reply to the echo request, flooding the victim host."; +const char *report_ipdirected_ease = "Tools are available on the Internet that can perform the smurf attack outlined above."; +const char *report_ipdirected_rec = "*COMPANY* recommends that directed broadcasts be disabled on all network interfaces. Directed broadcasts can be disabled on each individual network interface using the following command:*NEWPARA**COMMAND*no ip directed broadcast*-COMMAND*"; +const char *report_ipdirected_context = "directed broadcasts were enabled"; +const char *report_ipdirected_rectext = "Disable directed broadcasts on all network interfaces"; +const char *report_ipdirected_table = "Interfaces with directed broadcasts enabled"; + +// BGP Route Dampening +const char *report_bgpdamp_title = "Border Gateway Protocol Route Flapping"; +const char *report_bgpdamp_obs = "*ABBREV*BGP*-ABBREV* route flapping is a condition where routing tables are constantly being updated due to a link transitioning between up and down status. These transitions cause routing tables to be continuously updated across the infrastructure. Configuring route dampening can help mitigate against constant route flapping.*NEWPARA**COMPANY* determined that *ABBREV*BGP*-ABBREV* route dampening was not configured on *DEVICENAME*."; +const char *report_bgpdamp_impact = "Excessive route updates, caused by a link status constantly changing between up to down, can impact network routing performance. Network routing could slow with network packets being dropped, possibly causing a *ABBREV*DoS*-ABBREV* condition."; +const char *report_bgpdamp_ease = "It is possible for an attacker to send *ABBREV*BGP*-ABBREV* packets to a router to update the routing table and cause a route flapping condition. However, the attacker may need additional information in order to perform the attack, such as a *ABBREV*BGP*-ABBREV* password."; +const char *report_bgpdamp_rec = "*COMPANY* recommends that *ABBREV*BGP*-ABBREV* route dampening be configured. Additionally, there are a number of *ABBREV*BGP*-ABBREV* dampening options that can be configured. The following Cisco *ABBREV*IOS*-ABBREV* router command will enable *ABBREV*BGP*-ABBREV* route dampening:*NEWPARA**COMMAND*bgp dampening*-COMMAND*"; +const char *report_bgpdamp_context = "BGP route dampening was not configured"; +const char *report_bgpdamp_rectext = "Configure BGP route dampening"; + +// OSPF Passwords +const char *report_ospfauth_title = "OSPF Authentication"; +const char *report_ospfauth_obs1 = "*ABBREV*OSPF*-ABBREV* is an *ABBREV*IGP*-ABBREV* used by routers to update routing tables. *ABBREV*OSPF*-ABBREV* packets can be configured to use one of three levels of security; no authentication, clear-text authentication and *ABBREV*MD5*-ABBREV* authentication. The clear-text authentication method is almost as insecure as no authentication, as the key is included in the packet. Using the *ABBREV*MD5*-ABBREV* authentication method the packets are signed to prevent route tampering.*NEWPARA**COMPANY* determined that*NONEWPARA*"; +const char *report_ospfauth_obs2 = "*NOTEXTSTART*, although *ABBREV*MD5*-ABBREV* encryption was in use,"; +const char *report_ospfauth_obs3 = "*NOTEXTSTART* *ABBREV*OSPF*-ABBREV* with both no authentication and clear-text authentication was configured on *SINGULA*process ID *NONEWPARA**-SINGULA**PLAURAL*the areas listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_ospfauth_obs4 = "*NOTEXTSTART* *ABBREV*OSPF*-ABBREV* with no authentication was configured on *SINGULA*process ID *NONEWPARA**-SINGULA**PLAURAL*the areas listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_ospfauth_obs5 = "*NOTEXTSTART* *ABBREV*OSPF*-ABBREV* with clear-text authentication was configured on *SINGULA*process ID *NONEWPARA**-SINGULA**PLAURAL*the areas listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_ospfauth_impact = "An attacker who is able to update the routing tables could capture network traffic, perform a network-wide *ABBREV*DoS*-ABBREV* or a man-in-the-middle attack."; +const char *report_ospfauth_ease = "Once an attacker has established what the type of authentication in use, they could use the information to pose as a router and insert routes into the routing tables by sending specially crafted *ABBREV*OSPF*-ABBREV* packets. *ABBREV*OSPF*-ABBREV* packets can be captured using a variety of techniques, and tools are available on the Internet that can be used to exploit insecure *ABBREV*OSPF*-ABBREV* configurations."; +const char *report_ospfauth_rec = "*COMPANY* recommends that, if possible, all *ABBREV*OSPF*-ABBREV* areas be configured to use *ABBREV*MD5*-ABBREV*-based authentication. Message digest authentication needs to be configured for each *ABBREV*OSPF*-ABBREV* area and a key be specified on each *ABBREV*OSPF*-ABBREV* network interface. The Cisco *ABBREV*IOS*-ABBREV* command to enable *ABBREV*MD5*-ABBREV* authentication for an area is:*NEWPARA**COMMAND*area *CMDREQUIRE**CMDUSER*area id*-CMDUSER**-CMDREQUIRE* authentication *CMDOPTION*message-digest*-CMDOPTION**-COMMAND**NEWLINE*The command to configure the *ABBREV*MD5*-ABBREV* authentication key on an interface is:*NEWPARA**COMMAND*ip ospf message-digest-key *CMDREQUIRE**CMDUSER*key id*-CMDUSER**-CMDREQUIRE* md5*-COMMAND*"; +const char *report_ospfauth_context = "the OSPF configuration did not include MD5 authentication for all OSPF areas"; +const char *report_ospfauth_rectext = "Configure MD5 OSPF authentication on all OSPF areas"; +const char *report_ospfauth_table = "OSPF areas with insecure authentication configuration"; +struct tableHeading report_ospfauth_heading2 = {false, 2, "Authentication", 0}; +struct tableHeading report_ospfauth_heading1 = {false, 1, "Area ID", &report_ospfauth_heading2}; +struct tableHeading report_ospfauth_heading = {false, 1, "Process ID", &report_ospfauth_heading1}; + +// EIGRP +const char *report_eigrpauth_title = "EIGRP Authentication"; +const char *report_eigrpauth_obs1 = "Cisco developed *ABBREV*EIGRP*-ABBREV* as an enhanced version of *ABBREV*IGRP*-ABBREV*, an *ABBREV*IGP*-ABBREV* used by routers to dynamically update routing tables. Each interface where *ABBREV*EIGRP*-ABBREV* is used can be configured with *ABBREV*MD5*-ABBREV*-based authentication.*NEWPARA**COMPANY* determined that *NUMBER* *ABBREV*EIGRP*-ABBREV* interface*PLAURAL*s were*-PLAURAL**SINGULA* was*-SINGULA* configured with no authentication*PLAURAL*, these are listed in Table *TABLEREF*.*-PLAURAL**SINGULA*. Interface *NONEWPARA**-SINGULA*"; +const char *report_eigrpauth_obs2 = "*NOTEXTSTART* was configured with no *ABBREV*MD5*-ABBREV* authentication."; +const char *report_eigrpauth_impact = "An attacker who is able to update the routing tables could capture network traffic, perform a network-wide *ABBREV*DoS*-ABBREV* or a man-in-the-middle attack."; +const char *report_eigrpauth_ease = "Once an attacker has established the type of authentication in use, they could use the information to pose as a router and insert routes into the routing tables by sending specially crafted *ABBREV*EIGRP*-ABBREV* packets. *ABBREV*EIGRP*-ABBREV* packets can be captured using a variety of techniques and tools are available on the Internet that can be used to exploit insecure *ABBREV*EIGRP*-ABBREV* configurations."; +const char *report_eigrpauth_rec = "*COMPANY* recommends that all *ABBREV*EIGRP*-ABBREV* interfaces be configured with *ABBREV*EIGRP*-ABBREV* *ABBREV*MD5*-ABBREV*-based authentication. Furthermore, *COMPANY* recommends that all interfaces where *ABBREV*EIGRP*-ABBREV* is not required be configured as passive. *ABBREV*EIGRP*-ABBREV* *ABBREV*MD5*-ABBREV* authentication can be configured on each interface with the following commands:*NEWPARA**COMMAND*ip authentication mode eigrp *CMDREQUIRE**CMDUSER*autonomous number*-CMDUSER**-CMDREQUIRE* md5*-COMMAND**NEWLINE**COMMAND*ip authentication key-chain eigrp *CMDREQUIRE**CMDUSER*autonomous number*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*key chain*-CMDUSER**-CMDREQUIRE**-COMMAND**NEWLINE*Passive interfaces can be configured with the following *ABBREV*EIGRP*-ABBREV* router command:*NEWPARA**COMMAND*passive-interface *CMDREQUIRE**CMDUSER*interface type*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*interface number*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_eigrpauth_context = "the EIGRP configuration did not include MD5 authentication for all EIGRP interfaces"; +const char *report_eigrpauth_rectext = "Configure MD5 authentication on all EIGRP interfaces"; +const char *report_eigrpauth_table = "Interfaces with no EIGRP authentication"; + +// RIP +const char *report_rip_title = "RIP Authentication"; +const char *report_rip_obs = "*ABBREV*RIP*-ABBREV* is a routing protocol that allows network devices to dynamically adapt to changes in the network infrastructure, enabling network devices to forward traffic using the shortest route to their destination. There are two versions of *ABBREV*RIP*-ABBREV* configurable on *DEVICETYPE* devices. *ABBREV*RIP*-ABBREV* version 2 provides a mechanism where routing updates can be authenticated, however *ABBREV*RIP*-ABBREV* version 1 provides no similar mechanism. *ABBREV*RIP*-ABBREV* version 2 supports clear-text authentication and *ABBREV*MD5*-ABBREV* authentication.*NEWPARA**COMPANY* determined that *ABBREV*RIP*-ABBREV* had been configured without encrypted authentication for sent and received updates on *NUMBER* network *SINGULA*interface *NONEWPARA**-SINGULA**PLAURAL*interfaces, these are listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_rip_table = "Insecure RIP interface configurations"; +const char *report_rip_tab_desc1 = "No RIP version 2 key chain or MD5 authentication was configured."; +const char *report_rip_tab_desc2 = "No RIP version 2 key chain was configured."; +const char *report_rip_tab_desc3 = "No RIP version 2 MD5 authentication was configured."; +const char *report_rip_tab_desc4 = "The interface was not configured to send and receive only RIP version 2."; +const char *report_rip_tab_desc5 = "The interface was not configured to send RIP version 2."; +const char *report_rip_tab_desc6 = "The interface was not configured to receive only RIP version 2."; +const char *report_rip_impact = "If *ABBREV*RIP*-ABBREV* updates are sent and received without encrypted authentication an attacker may be able to inject their own route into the routing table. An attacker could modify routes in order to enable the capture of network traffic or to perform a network *ABBREV*DoS*-ABBREV*."; +const char *report_rip_ease = "An attacker would have to determine what authentication, if any, was configured. Once an attacker has identified an insecure *ABBREV*RIP*-ABBREV* configuration they could attempt to pose as a router and inject routes. Tools are available on the Internet that can transmit *ABBREV*RIP*-ABBREV* updates."; +const char *report_rip_rec = "*COMPANY* recommends *ABBREV*RIP*-ABBREV* be configured with encrypted authentication for all interfaces where *ABBREV*RIP*-ABBREV* packets will be sent and received. Furthermore, *COMPANY* recommends that all interfaces where *ABBREV*RIP*-ABBREV* will not be used be configured as passive. *ABBREV*RIP*-ABBREV* version 2 can be configured with the following router command:*NEWPARA**COMMAND*version 2*-COMMAND**NEWLINE**ABBREV*RIP*-ABBREV* authentication can be configured on each interface using the following commands:*NEWPARA**COMMAND*ip rip authentication key-chain *CMDREQUIRE**CMDUSER*Key Chain*-CMDUSER**-CMDREQUIRE**-COMMAND**NEWLINE**COMMAND*ip rip authentication mode md5*-COMMAND**NEWLINE**ABBREV*RIP*-ABBREV* can be disabled on each individual interfaces using the following router command:*NEWPARA**COMMAND*passive-interface *CMDREQUIRE**CMDUSER*interface type*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*interface number*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_rip_context = "the RIP configuration did not include MD5 authentication for all RIP interfaces"; +const char *report_rip_rectext = "Configure MD5 authentication for all RIP interfaces"; + +// VRRP +const char *report_vrrp_title = "VRRP Authentication"; +const char *report_vrrp_obs = "*DEVICETYPE* devices support *ABBREV*VRRP*-ABBREV*, which is used for router load balancing and redundancy. One *ABBREV*VRRP*-ABBREV* group router will be a master router and *ABBREV*VRRP*-ABBREV* advertisements are sent from it to group members. The advertisements contain the priority and state of the master. If the master router becomes unavailable, an election is held to determine a new *ABBREV*VRRP*-ABBREV* master router. *ABBREV*VRRP*-ABBREV* messages can be unauthenticated or authenticated. *ABBREV*VRRP*-ABBREV* authentication uses either a clear-text password or a *ABBREV*MD5*-ABBREV* password.*NEWPARA**COMPANY* determined that *ABBREV*VRRP*-ABBREV* was configured on *DEVICENAME* without *ABBREV*MD5*-ABBREV* authentication on all *ABBREV*VRRP*-ABBREV* interfaces."; +const char *report_vrrp_impact = "An attacker could transmit *ABBREV*VRRP*-ABBREV* group messages in an attempt to become the *ABBREV*VRRP*-ABBREV* master. If an attacker were able to become the *ABBREV*VRRP*-ABBREV* group master, they could modify the network traffic route in order to capture traffic or to perform a network *ABBREV*DoS*-ABBREV*."; +const char *report_vrrp_ease = "The attacker would have to monitor *ABBREV*VRRP*-ABBREV* traffic in order to determine the *ABBREV*VRRP*-ABBREV* group, priority and the authentication method in use. The attacker would then have to transmit *ABBREV*VRRP*-ABBREV* group messages with a higher priority than the *ABBREV*VRRP*-ABBREV* master in order to become the *ABBREV*VRRP*-ABBREV* master."; +const char *report_vrrp_rec = "*COMPANY* recommends that *ABBREV*MD5*-ABBREV* authentication be configured on all *ABBREV*VRRP*-ABBREV* interfaces. *ABBREV*MD5*-ABBREV* *ABBREV*VRRP*-ABBREV* key string authentication can be configured on each *ABBREV*VRRP*-ABBREV* interface with the following command:*NEWPARA**COMMAND*vrrp *CMDREQUIRE**CMDUSER*group*-CMDUSER**-CMDREQUIRE* authentication md5 *CMDREQUIRE**CMDOPTION*key-string *CMDUSER*password*-CMDUSER**-CMDOPTION* *CMDOR* *CMDOPTION*key-chain *CMDUSER*key chain*-CMDUSER**-CMDOPTION**-CMDREQUIRE**-COMMAND*"; +const char *report_vrrp_context = "the VRRP configuration did not include MD5 authentication for all VRRP interfaces"; +const char *report_vrrp_rectext = "Configure MD5 authentication for all VRRP interfaces"; + +// TCP Keep Alives In +const char *report_keepalive_title = "Inbound TCP Connection Keep Alives"; +const char *report_keepalive_obs = "Connections to a *DEVICETYPE* device could become orphaned if a connection becomes disrupted. An attacker could attempt a *ABBREV*DoS*-ABBREV* attack against a *DEVICETYPE* by exhausting the number of possible connections. *ABBREV*TCP*-ABBREV* keep alive messages can be configured to confirm that a remote connection is valid and then terminate any orphaned connections.*NEWPARA**COMPANY* determined that *ABBREV*TCP*-ABBREV* keep alive messages are not sent for connections from remote hosts."; +const char *report_keepalive_impact = "An attacker could attempt a *ABBREV*DoS*-ABBREV* by exhausting the number of possible connections."; +const char *report_keepalive_ease = "Tools are available on the Internet that can open large numbers of *ABBREV*TCP*-ABBREV* connections without correctly terminating them."; +const char *report_keepalive_rec = "*COMPANY* recommends that *ABBREV*TCP*-ABBREV* keep alive messages be sent to detect and drop orphaned connections from remote systems. *ABBREV*TCP*-ABBREV* keep alive messages can be enabled for connections from remote systems using the following command:*NEWPARA**COMMAND*service tcp-keepalives-in*-COMMAND*"; +const char *report_keepalive_context = "TCP keep alive messages are not configured for inbound connections"; +const char *report_keepalive_rectext = "Enable TCP keep alive messages for inbound connections"; + +// Timeouts +const char *report_timeout_title = "Connection Timeout"; +const char *report_timeout_obs1 = "Connection timeouts can be configured for a number of the device services. If a timeout were configured on an administrative service, an administrator that did not correctly terminate the connection would have it automatically closed after the timeout expires. However, if a timeout is not configured, or is configured to be a long timeout, an unauthorised user may be able to gain access using the administrator's previously logged-in connection.*NEWPARA**COMPANY* identified *NUMBER* connection *SINGULA*setting that was*-SINGULA**PLAURAL*settings that were*-PLAURAL* not configured to timeout within *NONEWPARA*"; +const char *report_timeout_obs2 = "*NOTEXTSTART**SINGULA*. *NONEWPARA**-SINGULA**PLAURAL*, these are listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_timeout_impact = "An attacker who was able to gain access to a connection that had not expired, would be able to continue using that connection. A connection could be a console port on the device that was not correctly terminated or a remote administrative connection."; +const char *report_timeout_ease = "The attacker would have to gain physical access to the device to use the console port, or gain remote access to an administration machine that is attached to the port. To gain access to remote connections, an attacker would have to be able to intercept network traffic between the client and *DEVICENAME*. The attacker would then have to take over the connection, which could be very difficult with some services. Tools are available on the Internet that would facilitate the monitoring of network connections."; +const char *report_timeout_rec1 = "*COMPANY* recommends that a timeout period of *NONEWPARA*"; +const char *report_timeout_rec2 = "*NOTEXTSTART* be configured for connections to the device *DEVICENAME*."; +const char *report_timeout_context = "all connections were not configured with secure connection timeout periods"; +const char *report_timeout_rectext = "Configure secure connection time periods for all connections"; +const char *report_timeout_table = "Connections with inadequate timeout periods"; +struct tableHeading report_timeout_heading1 = {false, 3, "Timeout", 0}; +struct tableHeading report_timeout_heading = {false, 1, "Connection", &report_timeout_heading1}; + +// Aux Port +const char *report_aux_title = "Auxiliary Port"; +const char *report_aux_obs = "The auxiliary port's primary purpose is to provide a remote administration capability. It can allow a remote administrator to use a modem to dial into the Cisco device.*NEWPARA**COMPANY* determined that the auxiliary port on the Cisco device *DEVICENAME* allowed exec connections and did not appear to have the callback feature configured."; +const char *report_aux_impact = "An attacker may discover the modem number for the device during a war-dial. If an attacker were able to connect to the device remotely, then they may be able to brute-force the login to gain access to the device."; +const char *report_aux_ease = "The attacker would have to first identify the telephone number of the device, probably through a war-dial. A modem attached to a telephone line would have to be attached directly to the Cisco device's auxiliary port. Then the attacker would be able to attach to the device in order to perform a brute-force of the login."; +const char *report_aux_rec = "*COMPANY* recommends that, if not required, the auxiliary port exec be disabled. Exec can be disabled on the aux port with the following command:*NEWPARA**COMMAND*no exec*-COMMAND**NEWLINE*If the auxiliary port is required for remote administration, the callback feature can be configured to dial a specific preconfigured telephone number."; +const char *report_aux_context = "the AUX port was configured to allow EXEC connections without the callback functionality"; +const char *report_aux_rectext = "Disable the AUX port or configure the callback feature"; + +// Source IP Routing +const char *report_source_title = "IP Source Routing"; +const char *report_source_obs = "*ABBREV*IP*-ABBREV* source routing is a feature whereby a network packet can specify how it should be routed through the network. Cisco routers normally accept and process source routes specified by a packet, unless the feature has been disabled.*NEWPARA**COMPANY* determined that *ABBREV*IP*-ABBREV* source routing was not disabled."; +const char *report_source_impact = "*ABBREV*IP*-ABBREV* source routing can allow an attacker to specify a route for a network packet to follow, possibly to bypass a Firewall device or an *ABBREV*IDS*-ABBREV*. An attacker could also use source routing to capture network traffic by routing it through a system controlled by the attacker."; +const char *report_source_ease = "An attacker would have to control either a routing device or an end point device in order to modify a packets route through the network. However, tools are available on the Internet that would allow an attacker to specify source routes. Tools are also available to modify network routing using vulnerabilities in some routing protocols."; +const char *report_source_rec = "*COMPANY* recommends that, if not required, IP source routing be disabled. *ABBREV*IP*-ABBREV* source routing can be disabled by issuing the following *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*no ip source routing*-COMMAND*"; +const char *report_source_context = "IP source routing was enabled"; +const char *report_source_rectext = "Disable IP source routing"; + +// Finger +const char *report_finger_title = "Finger"; +const char *report_finger_obs = "The finger service was traditionally installed by default on UNIX-based operating systems, though more recently it is disabled by default. The finger service is started by default on Cisco devices and was not explicitly disabled on *DEVICENAME*."; +const char *report_finger_impact = "A malicious user could use the finger service to gain information about users logged in to the device."; +const char *report_finger_ease = "Tools for querying the finger service are widely available on the Internet and some operating systems include the tools by default."; +const char *report_finger_rec = "*COMPANY* recommends that, if not required, the finger service be disabled. Users who do not have authenticated access to the device do not normally need to know who is logged in to the device. Users who have authenticated access to the device are able to log in and show the current users using the following Cisco *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*show users*-COMMAND**NEWLINE*The following Cisco *ABBREV*IOS*-ABBREV* commands can be used to disable the finger service:*NEWPARA**COMMAND*no ip finger*-COMMAND**NEWLINE**COMMAND*no service finger*-COMMAND*"; +const char *report_finger_context = "the finger service was enabled"; +const char *report_finger_rectext = "Disable the finger service"; + +// HTTP Redirect +const char *report_httpred_title = "Administrative HTTP Redirect"; +const char *report_httpred_obs = "The HTTP redirection setting redirects *ABBREV*HTTP*-ABBREV* administrative traffic to the security device to *ABBREV*HTTPS*-ABBREV* (on port 443 by default). This ensures that all web-based administration is performed using the secure *ABBREV*HTTPS*-ABBREV* protocol.*NEWPARA**COMPANY* determined that the ScreenOS device *DEVICENAME* was not configured with the *ABBREV*HTTP*-ABBREV* redirect setting. However, it should be noted that the *ABBREV*HTTP*-ABBREV* redirect setting is enabled by default on ScreenOS versions 5.1.0 or latter."; +const char *report_httpred_impact = "An attacker who was able to monitor network traffic could capture authentication credentials for the device *DEVICENAME*."; +const char *report_httpred_ease = "Network packet and password sniffing tools are widely available on the Internet. Once authentication credentials have been captured, an attacker with access to the devices management services could use them to gain access."; +const char *report_httpred_rec = "*COMPANY* recommends the *ABBREV*HTTP*-ABBREV* redirect administration setting be configured to force access to the device using the cryptographically secure *ABBREV*HTTPS*-ABBREV* protocol. The following command will set the administrative *ABBREV*HTTP*-ABBREV* redirect setting:*NEWPARA**COMMAND*set admin http redirect*-COMMAND*"; +const char *report_httpred_context = "administrative HTTP access does not redirect to HTTPS"; +const char *report_httpred_rectext = "Configure administrative HTTP redirect"; + +// HTTP +const char *report_http_title = "HyperText Transport Protocol Service"; +const char *report_http_obs1 = "Recent Cisco IOS-based devices support web-based administration using the *ABBREV*HTTP*-ABBREV* protocol. Cisco web-based administration facilities can sometimes be basic but they do provide a simple method of administering remote devices. However, *ABBREV*HTTP*-ABBREV* is a clear-text protocol and is vulnerable to various packet-capture techniques."; +const char *report_http_obs2 = "Even though the *ABBREV*HTTP*-ABBREV* service had not been configured, it can be enabled by default on some Cisco devices."; +const char *report_http_obs3 = "The *ABBREV*HTTP*-ABBREV* service was not configured to restrict network access to the device using an access list. Additionally, the device used the default authentication option, using the enable password to authenticate remote users."; +const char *report_http_obs4 = "The *ABBREV*HTTP*-ABBREV* service was not configured with an access-list to restrict network access to the device."; +const char *report_http_obs5 = "The *ABBREV*HTTP*-ABBREV* service was configured to use the default authentication option, using the enable password to authenticate remote users."; +const char *report_http_obs6 = "The *ABBREV*HTTP*-ABBREV* service was configured and made use of an access-list to restrict access to the device."; +const char *report_http_impact1 = "An attacker who was able to monitor network traffic could capture authentication credentials. *NONEWPARA*"; +const char *report_http_impact2 = "*NOTEXTSTART*This issue is made more serious with the enable password being used for authentication as this would give the attacker full administrative access to the device with the captured credentials. *NONEWPARA*"; +const char *report_http_impact3 = "*NOTEXTSTART*However, this issue is mitigated slightly by employing an access list to restrict network access to the device."; +const char *report_http_ease1 = "Network packet and password sniffing tools are widely available on the Internet. Once authentication credentials have been captured it is trivial to use the credentials to log in using the captured credentials. *NONEWPARA*"; +const char *report_http_ease2 = "Furthermore, it may be possible for an attacker to masquerade as the administrators host in order to bypass configured network access restrictions."; +const char *report_http_rec1 = "*COMPANY* recommends that, if not required, the *ABBREV*HTTP*-ABBREV* service be disabled. If a remote method of access to the device is required, consider using *ABBREV*HTTPS*-ABBREV* or *ABBREV*SSH*-ABBREV*. The encrypted *ABBREV*HTTPS*-ABBREV* and *ABBREV*SSH*-ABBREV* services may require a firmware or hardware upgrade. The *ABBREV*HTTP*-ABBREV* service can be disabled with the following *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*no ip http server*-COMMAND**NEWLINE*If it is not possible to upgrade the device to use the encrypted *ABBREV*HTTPS*-ABBREV* or *ABBREV*SSH*-ABBREV* services, additional security can be configured. *NONEWPARA*"; +const char *report_http_rec2 = "*NOTEXTSTART*An access list can be configured to restrict access to the device. An access list can be specified with the following command:*NEWPARA**COMMAND*ip http access-class *CMDREQUIRE**CMDUSER*access list number*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_http_rec3 = "The authentication method can be changed using the following command (where the authentication method is either local, enable, tacacs or aaa):*NEWPARA**COMMAND*ip http authentication *CMDOPTION**CMDUSER*authentication method*-CMDUSER**-CMDOPTION**-COMMAND*"; +const char *report_http_context = "clear-text remote web-based administration was enabled using HTTP"; +const char *report_http_rectext = "Disable HTTP access to the device"; + +// SNMP +const char *report_snmp_title = "Simple Network Management Protocol"; +const char *report_snmp_obs = "*COMPANY* determined that *ABBREV*SNMP*-ABBREV* protocol version *SINGULA*1 was configured on *DEVICENAME**-SINGULA**PLAURAL*2c was configured on *DEVICENAME**-PLAURAL**NEGATIVE*3 was configured without Auth and Priv authentication*-NEGATIVE*."; +const char *report_snmp_pix_obs = "*DEVICETYPE* devices support only *ABBREV*SNMP*-ABBREV* protocol versions 1 and 2c. *COMPANY* determined that *POSITIVE**ABBREV*SNMP*-ABBREV* was configured on *DEVICENAME*.*PLAURAL* Furthermore, *DEVICENAME* was configured to send *ABBREV*SNMP*-ABBREV* traps to other hosts.*-PLAURAL**NEGATIVE**DEVICENAME* was configured to send *ABBREV*SNMP*-ABBREV* traps to other hosts.*-NEGATIVE*"; +const char *report_snmp_css_obs = "*DEVICETYPE* devices support only *ABBREV*SNMP*-ABBREV* protocol versions 1 and 2c. *COMPANY* determined that *ABBREV*SNMP*-ABBREV* was configured on *DEVICENAME*.*NEGATIVE* Furthermore, *COMPANY* determined that *DEVICENAME* was configured to send *ABBREV*SNMP*-ABBREV* traps to other hosts.*-NEGATIVE*"; +const char *report_snmp_impact = "Due to the unencrypted nature of *ABBREV*SNMP*-ABBREV* protocol versions 1 and 2c, an attacker who was able to monitor network traffic could capture device configuration settings, including authentication details."; +const char *report_snmp_ease = "Network packet monitoring and capture tools are widely available on the Internet and *ABBREV*SNMP*-ABBREV* tools are included as standard with some operating systems."; +const char *report_snmp_rec = "*COMPANY* recommends that, if possible, *ABBREV*SNMP*-ABBREV* version *SINGULA*1 be disabled. Furthermore, *COMPANY* recommends that, if *ABBREV*SNMP*-ABBREV* is required, protocol version *-SINGULA**PLAURAL*2c be disabled. Furthermore, *COMPANY* recommends that, if *ABBREV*SNMP*-ABBREV* is required, protocol version *-PLAURAL*3 be configured with Auth and Priv authentication. *SINGULA**ABBREV*SNMP*-ABBREV* protocol version 1 can be disabled with the following command for each community string:*NEWPARA**COMMAND*no snmp-server community *CMDREQUIRE**CMDUSER*Community String*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDOPTION*RO*-CMDOPTION* *CMDOR* *CMDOPTION*RW*-CMDOPTION**-CMDREQUIRE**-COMMAND**NEWLINE**-SINGULA**PLAURAL**ABBREV*SNMP*-ABBREV* protocol version 2c can be disabled with the following command for each community string:*NEWPARA**COMMAND*no snmp-server community *CMDREQUIRE*Community String*-CMDREQUIRE* *CMDREQUIRE**CMDOPTION*RO*-CMDOPTION* *CMDOR* *CMDOPTION*RW*-CMDOPTION**-CMDREQUIRE**-COMMAND**NEWLINE**-PLAURAL**ABBREV*SNMP*-ABBREV* version 3 Auth and Priv access can be configured with the following commands:*NEWPARA**COMMAND*snmp-server group *CMDREQUIRE**CMDUSER*Group Name*-CMDUSER**-CMDREQUIRE* v3 priv*-COMMAND**NEWLINE**COMMAND*snmp-server user *CMDREQUIRE**CMDUSER*Username*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*Group Name*-CMDUSER**-CMDREQUIRE* v3 auth md5 *CMDREQUIRE**CMDUSER*Auth Keyword*-CMDUSER**-CMDREQUIRE* priv *CMDREQUIRE**CMDOPTION*3des*-CMDOPTION* *CMDOR* *CMDOPTION*aes 128*-CMDOPTION* *CMDOR* *CMDOPTION*aes 192*-CMDOPTION**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*Priv Keyword*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_snmp_pix_rec = "On *DEVICETYPE* devices, *ABBREV*SNMP*-ABBREV* version 3 with auth and priv authentication cannot be configured. Therefore, *COMPANY* recommends that, if not required, *ABBREV*SNMP*-ABBREV* be disabled. *NEGATIVE*Additionally, *COMPANY* recommends that, if not required, the sending of *ABBREV*SNMP*-ABBREV* traps to other hosts be disabled. *-NEGATIVE**ABBREV*SNMP*-ABBREV* access to *DEVICENAME* can be disabled with the following command:*NEWPARA**COMMAND*no snmp-server enable*-COMMAND*"; +const char *report_snmp_pix2_rec = "On *DEVICETYPE* devices, *ABBREV*SNMP*-ABBREV* version 3 with auth and priv authentication cannot be configured. Therefore, *COMPANY* recommends that, if not required, the sending of *ABBREV*SNMP*-ABBREV* traps to other hosts be disabled."; +const char *report_snmp_css_rec = "On *DEVICETYPE* devices, *ABBREV*SNMP*-ABBREV* version 3 with auth and priv authentication cannot be configured. Therefore, *COMPANY* recommends that, if not required, *ABBREV*SNMP*-ABBREV* be disabled. *NEGATIVE*Additionally, *COMPANY* recommends that, if not required, the sending of *ABBREV*SNMP*-ABBREV* traps to other hosts be disabled. *-NEGATIVE**ABBREV*SNMP*-ABBREV* access to *DEVICENAME* can be disabled with the following command:*NEWPARA**COMMAND*restrict snmp*-COMMAND*"; +const char *report_snmp_sos_rec = "On *DEVICETYPE* devices, *ABBREV*SNMP*-ABBREV* version 3 with auth and priv authentication cannot be configured. Therefore, *COMPANY* recommends that, if not required, *ABBREV*SNMP*-ABBREV* be disabled. *NEGATIVE*Additionally, *COMPANY* recommends that, if not required, the sending of *ABBREV*SNMP*-ABBREV* traps to other hosts be disabled. *-NEGATIVE**ABBREV*SNMP*-ABBREV* access to *DEVICENAME* can be disabled with the following command:*NEWPARA**COMMAND*unset snmp *CMDREQUIRE**CMDUSER*community*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_snmp_context = "clear-text remote administration was enabled using SNMP"; +const char *report_snmp_rectext = "Disable SNMP or configure SNMP v3 with auth and priv authentication"; +const char *report_snmp_css_rectext = "Disable SNMP"; + +// Telnet +const char *report_telnet_title = "Telnet"; +const char *report_telnet_obs = "Telnet is widely used to provide remote command-based access to a variety of devices and is commonly used on network devices for remote administration. However, Telnet is a clear-text protocol and is vulnerable to various packet capture techniques.*NEWPARA**COMPANY* determined that Telnet was enabled on *DEVICENAME*."; +const char *report_telnet_impact = "An attacker who was able to monitor network traffic could capture sensitive information or authentication credentials."; +const char *report_telnet_ease = "Network packet and password sniffing tools are widely available on the Internet and some of the tools are specifically designed to capture clear-text protocol authentication credentials. However, in a switched environment an attacker may not be able to capture network traffic destined for other devices without employing an attack such as *ABBREV*ARP*-ABBREV* spoofing."; +const char *report_telnet_rec1 = "*COMPANY* recommends that, if possible, Telnet be disabled. If remote administrative access to the device is required, *COMPANY* recommends that *ABBREV*SSH*-ABBREV* be configured.*SINGULA* An *ABBREV*IOS*-ABBREV* upgrade may be required to add support for *ABBREV*SSH*-ABBREV* to *DEVICENAME*. Cisco introduced *ABBREV*SSH*-ABBREV* into *ABBREV*IOS*-ABBREV* releases starting with *ABBREV*IOS*-ABBREV* version 12.0.5.S.*-SINGULA* The Telnet service can be disabled on individual lines with the following command:*NEWPARA**COMMAND*transport input none*-COMMAND**NEWLINE*The following Cisco *ABBREV*IOS*-ABBREV* command can be used to disable Telnet on individual lines, but enable *ABBREV*SSH*-ABBREV*:*NEWPARA**COMMAND*transport input ssh*-COMMAND*"; +const char *report_telnet_rec2 = "Furthermore, if Telnet or *ABBREV*SSH*-ABBREV* are used for remote administration, *COMPANY* recommends that inbound *ABBREV*ACL*-ABBREV* be configured to restrict access."; +const char *report_css_telnet_rec = "*COMPANY* recommends that, if possible, Telnet be disabled. If Telnet is required, *COMPANY* recommends that filtering be implemented to restrict access. Telnet can be disabled with the following command:*NEWPARA**COMMAND*restrict telnet*-COMMAND*"; +const char *report_telnet_context = "clear-text remote administration was enabled using Telnet"; +const char *report_telnet_rectext = "Disable Telnet access"; + +// ICMP Redirects +const char *report_redirects_title = "ICMP Redirects"; +const char *report_redirects_obs = "*ABBREV*ICMP*-ABBREV* redirect messages allow systems to change the route that network traffic takes. On networks with functional network routing, disabling *ABBREV*ICMP*-ABBREV* redirects will have little to no effect. *ABBREV*ICMP*-ABBREV* redirects are usually enabled by default on Cisco devices.*NEWPARA**COMPANY* determined that the device *DEVICENAME* had support for *ABBREV*ICMP*-ABBREV* redirects enabled*SINGULA* on the network interface *NONEWPARA**-SINGULA**PLAURAL* on the network interfaces listed in Table *TABLEREF**-PLAURAL*."; +const char *report_redirects_impact = "An attacker could use *ABBREV*ICMP*-ABBREV* redirect messages to route network traffic through their own router, possibly allowing them to monitor network traffic."; +const char *report_redirects_ease = "Tools are widely available that can send *ABBREV*ICMP*-ABBREV* redirect messages."; +const char *report_redirects_rec = "*COMPANY* recommends that, if not required, *ABBREV*ICMP*-ABBREV* redirects be disabled on all network interfaces. *ABBREV*ICMP*-ABBREV* redirects can be disabled on each individual network interface using the following command:*NEWPARA**COMMAND*no ip redirects*-COMMAND*"; +const char *report_redirects_rec2 = "*COMPANY* recommends that, if not required, *ABBREV*ICMP*-ABBREV* redirects be disabled. *ABBREV*ICMP*-ABBREV* redirects can be disabled with the following command:*NEWPARA**COMMAND*set ip redirect disable*-COMMAND*"; +const char *report_redirects_context = "ICMP redirects were not disabled for all network interfaces"; +const char *report_redirects_rectext = "Disable ICMP redirects on all network interfaces"; +const char *report_redirects_table = "Interfaces with ICMP redirects enabled"; + +// Default Firewall Policy +const char *report_defaultpolicy_title = "Default Policy"; +const char *report_defaultpolicy_obs = "The *DEVICETYPE* has a default policy to determine if network traffic is permitted or denied when no rules exist that match the network traffic, or if no rules exist at all. *COMPANY* determined that the default policy was to allow the network traffic."; +const char *report_defaultpolicy_impact = "If the default policy allows network traffic, a device with no rules could enable an attacker to access devices and services which they should not be able to access. If the device was configured with rules, the attacker could access services or devices for which no blocking rule exists."; +const char *report_defaultpolicy_ease = ""; +const char *report_defaultpolicy_rec = "*COMPANY* recommends that the default policy denies all network traffic. On *DEVICETYPE* the manufacturer default is to deny traffic by default, to return the device to its default setting use the following command:*NEWPARA**COMMAND*unset policy default-permit-all*-COMMAND*"; +const char *report_defaultpolicy_context = "the device was configured to default to allowing all traffic"; +const char *report_defaultpolicy_rectext = "Set the device to deny all traffic by default"; + +// Insecure FW-1 Policy Collections +const char *report_fw1policy_title = "Policy Collections"; +const char *report_fw1policy_obs = "Policy collections are used to determine which network traffic is allowed or dropped in the different networks controlled by *DEVICETYPE*. *COMPANY* *NEGATIVE*determined that no policy collections were configured.*-NEGATIVE**POSITIVE*identified *NUMBER* security-related issue*PLAURAL*s with the policy collection rules, these are listed in Table *TABLEREF*.*-PLAURAL**SINGULA* with the policy collection rules. *NONEWPARA**-SINGULA**-POSITIVE*"; +const char *report_fw1policy_impact = "*NEGATIVE*If no policy collections are configured the *DEVICETYPE* is redundant and simply provides the attacker with an additional network device to attack.*-NEGATIVE**POSITIVE*If policy collections are not sufficiently restrictive, an attacker may be able to access services or network devices that should not be accessible. Furthermore, an attacker who had compromised a device could install a backdoor which could listen on a network port that was not filtered.*-POSITIVE*"; +const char *report_fw1policy_ease = ""; +const char *report_fw1policy_rec1 = "*COMPANY* recommends that *NEGATIVE*policy collections be configured on the *DEVICETYPE*. However, if it is not required, *COMPANY* recommends that the firewall be decommisioned. If policy collections are configured, *COMPANY* recommends that:*-NEGATIVE**POSITIVE*the policy collections be reviewed and, where possible, modified to ensure that:*-POSITIVE**NONEWPARA*"; +// Rec2 is used by ScreenOS, PIX and CSS as well +const char *report_fw1policy_rec2 = "*NOTEXTSTART*However, in certain circumstances, such as a public web server, a more relaxed configuration may be required to allow any host to access specific hosts and services."; +const char *report_fw1policy_context = "insecure policy collection rules were configured"; +const char *report_fw1policy_rectext = "Review the insecure policy collection rules and reconfigure"; +// Descriptions below are used for ScreenOS/Cisco/Passport devices (except denylog and bypass)... +const char *report_fw1policy_denylog = "policy collection does not end with a deny all and log."; +const char *report_fw1policy_anysrc = "allows access from any source to "; +const char *report_fw1policy_netsrc = "allows access from a network source to "; +const char *report_fw1policy_anysvcsrc = "allows access from any source port to "; +const char *report_fw1policy_std_anysrc = "allows access from any source."; +const char *report_fw1policy_std_netsrc = "allows access from a network source."; +const char *report_fw1policy_std_anysvcsrc = "allows access from any source port."; +const char *report_fw1policy_anydst = "allows access from "; +const char *report_fw1policy_netdst = "allows access from "; +const char *report_fw1policy_netdstsvc = "allows access from "; +const char *report_fw1policy_nolog = "does not log."; +const char *report_fw1policy_nologdenied = "does not log denied access."; +const char *report_fw1policy_reject = "responds to denied network access."; +const char *report_fw1policy_default = "was set to the default action."; +const char *report_fw1policy_bypass = "bypasses the remaining policy collection rules."; +const char *report_fw1policy_disabled = "was disabled."; +const char *report_fw1policyt_denylog = "Policy collection does not end with a deny all and log."; +// Descriptions below are used for ScreenOS/Cisco/Passport devices (except denylog and bypass)... +const char *report_fw1policyt_anysrc = "Allows access from any source to "; +const char *report_fw1policyt_netsrc = "Allows access from a network source to "; +const char *report_fw1policyt_anysvcsrc = "Allows access from any source port to "; +const char *report_fw1policyt_std_anysrc = "Allows access from any source."; +const char *report_fw1policyt_std_netsrc = "Allows access from a network source."; +const char *report_fw1policyt_std_anysvcsrc = "Allows access from any source port."; +const char *report_fw1policyt_anydst = "Allows access from "; +const char *report_fw1policyt_nolog = "Does not log."; +const char *report_fw1policyt_nologdenied = "Does not log denied access."; +const char *report_fw1policyt_reject = "Responds to denied network access."; +const char *report_fw1policyt_bypass = "Bypasses the remaining policy collection rules."; +const char *report_fw1policyt_default = "Was set to the default action."; +const char *report_fw1policyt_disabled = "Was disabled."; +const char *report_fw1policy_table = "Insecure policy collection rules"; +struct tableHeading report_fw1policy_heading2 = {false, 5, "Description", 0}; +struct tableHeading report_fw1policy_heading1 = {false, 1, "Rule", &report_fw1policy_heading2}; +struct tableHeading report_fw1policy_heading = {false, 2, "Collection", &report_fw1policy_heading1}; +struct tableHeading report_fw1issues_heading12 = {false, 1, "policy collections end with a deny all and log", 0}; +struct tableHeading report_fw1issues_heading11 = {false, 1, "logging be enabled for all policy rules", &report_fw1issues_heading12}; +struct tableHeading report_fw1issues_heading10 = {false, 1, "policy rules should not have a default action", &report_fw1issues_heading11}; +struct tableHeading report_fw1issues_heading9 = {false, 1, "policy rules should not be bypassed", &report_fw1issues_heading10}; +struct tableHeading report_fw1issues_heading8 = {false, 1, "policy rules should not reject packets", &report_fw1issues_heading9}; +struct tableHeading report_fw1issues_heading7 = {false, 1, "disabled policy rules are removed", &report_fw1issues_heading8}; +struct tableHeading report_fw1issues_heading6 = {false, 1, "policy rules log denied access", &report_fw1issues_heading7}; +struct tableHeading report_fw1issues_heading5 = {false, 1, "policy rules do not allow access to any destination port", &report_fw1issues_heading6}; +struct tableHeading report_fw1issues_heading4 = {false, 1, "policy rules do not allow access to entire destination networks", &report_fw1issues_heading5}; +struct tableHeading report_fw1issues_heading3 = {false, 1, "policy rules do not allow access to any destination", &report_fw1issues_heading4}; +struct tableHeading report_fw1issues_heading2 = {false, 1, "policy rules do not allow access from any source port", &report_fw1issues_heading3}; +struct tableHeading report_fw1issues_heading1 = {false, 1, "policy rules do not allow access from entire source networks", &report_fw1issues_heading2}; +struct tableHeading report_fw1issues_heading = {false, 1, "policy rules do not allow access from any source", &report_fw1issues_heading1}; + +// Insecure ScreenOS Policy Lists +const char *report_policy_title = "Policy Lists"; +const char *report_policy_obs = "Policy lists are used to determined which network traffic is allowed and which is dropped between different zones (interzone), between interfaces in the same zone (intrazone) and the global zone. If a policy has not been configured, any network traffic is blocked by default.*NEWPARA**COMPANY* *POSITIVE*identified *NUMBER* insecure policy list rule*-POSITIVE**PLAURAL*s, these are listed in Table *TABLEREF**-PLAURAL**NEGATIVE*determined that no policies were configured*-NEGATIVE*.*SINGULA* *NONEWPARA**-SINGULA*"; +const char *report_sospolicy_denylog = "policy list does not end with a deny all and log."; +const char *report_sospolicy_bypass = "bypasses the remaining policy list rules."; +const char *report_sospolicyt_denylog = "Policy list does not end with a deny all and log."; +const char *report_sospolicyt_bypass = "Bypasses the remaining policy list rules."; +// All the other descriptions are the same as FW1 ones. +const char *report_nopolicy_impact = "With no policies configured the default policy for *DEVICETYPE* will take effect. *NEGATIVE*The default policy will allow all network traffic, enabling an attacker to access devices and services which they should not be able to access.*-NEGATIVE**POSITIVE*The default policy on *DEVICETYPE* denies all network traffic.*-POSITIVE*"; +const char *report_policy_impact = "If policy lists are not sufficiently restrictive, an attacker may be able to access services or network devices that should not be accessible. Furthermore, an attacker who had compromised a device could install a backdoor which could listen on a network port that was not filtered.*PLAURAL* Additionally, network traffic that is rejected instead of denied makes an attackers scans quicker as the attacker will receive a *ABBREV*TCP*-ABBREV* reset. If the traffic were denied instead, the attackers scans would be slower as they wait for a response and eventually timeout.*-PLAURAL*"; +const char *report_policy_ease = ""; +const char *report_nopolicy_rec1 = "*COMPANY* recommends that policies be configured to ensure that:*NONEWPARA*"; +const char *report_nopolicy_rec2 = "If *DEVICENAME* is not required, *COMPANY* recommends that it be decommissioned."; +const char *report_policy_rec1 = "*COMPANY* recommends that the policy lists be reviewed and, where possible, modified to ensure that:*NONEWPARA*"; +const char *report_nopolicy_context = "no policy lists were configured"; +const char *report_nopolicy_rectext = "Configure a policy or decommission the device"; +const char *report_policy_context = "insecure policy lists were configured"; +const char *report_policy_rectext = "Review the insecure policy list rules and reconfigure"; +const char *report_policy_table = "Insecure policy list rules"; +struct tableHeading report_policy_heading4 = {false, 4, "Description", 0}; +struct tableHeading report_policy_heading3 = {false, 1, "ID", &report_policy_heading4}; +struct tableHeading report_policy_heading2 = {false, 1, "Global Zone", &report_policy_heading3}; +struct tableHeading report_policy_heading1 = {false, 2, "To Zone", &report_policy_heading2}; +struct tableHeading report_policy_heading = {false, 2, "From Zone", &report_policy_heading1}; +struct tableHeading report_issues_heading12 = {false, 1, "policy lists end with a deny all and log", 0}; +struct tableHeading report_issues_heading11 = {false, 1, "logging be enabled for all policy rules", &report_issues_heading12}; +struct tableHeading report_issues_heading10 = {false, 1, "policy rules should not be have a default action", &report_issues_heading11}; +struct tableHeading report_issues_heading9 = {false, 1, "policy rules should not be bypassed", &report_issues_heading10}; +struct tableHeading report_issues_heading8 = {false, 1, "policy rules should not reject packets", &report_issues_heading9}; +struct tableHeading report_issues_heading7 = {false, 1, "disabled policy rules are removed", &report_issues_heading8}; +struct tableHeading report_issues_heading6 = {false, 1, "policy rules log denied access", &report_issues_heading7}; +struct tableHeading report_issues_heading5 = {false, 1, "policy rules do not allow access to any destination port", &report_issues_heading6}; +struct tableHeading report_issues_heading4 = {false, 1, "policy rules do not allow access to entire destination networks", &report_issues_heading5}; +struct tableHeading report_issues_heading3 = {false, 1, "policy rules do not allow access to any destination", &report_issues_heading4}; +struct tableHeading report_issues_heading2 = {false, 1, "policy rules do not allow access from any source port", &report_issues_heading3}; +struct tableHeading report_issues_heading1 = {false, 1, "policy rules do not allow access from entire source networks", &report_issues_heading2}; +struct tableHeading report_issues_heading = {false, 1, "policy rules do not allow access from any source", &report_issues_heading1}; + +// SonicOS Access Rules +const char *report_sonicosrules_title = "Access Rules"; +const char *report_sonicosrules_obs = "*DEVICETYPE* access rules are sequential lists of allow, deny and discard rules that specify whether network traffic should be allowed or dropped. Both the deny and discard actions block the traffic that matches the rule, but a deny will notify the sender that the packet was blocked. Access rules are used to restrict access to services and network devices, preventing access to services and devices that should not be accessible.*NEWPARA**COMPANY* identified *NUMBER* security-related issue*PLAURAL*s*-PLAURAL* with the configured access rules*PLAURAL*, these are listed in Table *TABLEREF*.*-PLAURAL**SINGULA*. *NONEWPARA**-SINGULA*"; +const char *report_sonicosrules_impact = "If access rules are not sufficiently restrictive, an attacker may be able to access services or network devices that should not be accessible. Furthermore, an attacker who had compromised a device could install a backdoor which could listen on a network port that was not filtered."; +const char *report_sonicosrules_ease = ""; +const char *report_sonicosrules_rec = "*COMPANY* recommends that the access rules be reviewed and, where possible, modified to ensure that:*NONEWPARA*"; +const char *report_sonicosrules_context = "insecure access rules were configured"; +const char *report_sonicosrules_rectext = "Configure all access rules to only allow access to the hosts and services required"; +struct tableHeading report_sonicosrules_heading12 = {false, 1, "access rule lists end with a deny all and log", 0}; +struct tableHeading report_sonicosrules_heading11 = {false, 1, "logging be enabled for all access rules", &report_sonicosrules_heading12}; +struct tableHeading report_sonicosrules_heading10 = {false, 1, "access rules should not be have a default action", &report_sonicosrules_heading11}; +struct tableHeading report_sonicosrules_heading9 = {false, 1, "access rules should not be bypassed", &report_sonicosrules_heading10}; +struct tableHeading report_sonicosrules_heading8 = {false, 1, "access rules should not deny packets", &report_sonicosrules_heading9}; +struct tableHeading report_sonicosrules_heading7 = {false, 1, "disabled access rules are removed", &report_sonicosrules_heading8}; +struct tableHeading report_sonicosrules_heading6 = {false, 1, "access rules log denied access", &report_sonicosrules_heading7}; +struct tableHeading report_sonicosrules_heading5 = {false, 1, "access rules do not allow access to any destination port", &report_sonicosrules_heading6}; +struct tableHeading report_sonicosrules_heading4 = {false, 1, "access rules do not allow access to entire destination networks", &report_sonicosrules_heading5}; +struct tableHeading report_sonicosrules_heading3 = {false, 1, "access rules do not allow access to any destination", &report_sonicosrules_heading4}; +struct tableHeading report_sonicosrules_heading2 = {false, 1, "access rules do not allow access from any source port", &report_sonicosrules_heading3}; +struct tableHeading report_sonicosrules_heading1 = {false, 1, "access rules do not allow access from entire source networks", &report_sonicosrules_heading2}; +struct tableHeading report_sonicosrules_heading = {false, 1, "access rules do not allow access from any source", &report_sonicosrules_heading1}; +struct tableHeading report_sonicosaccess_heading3 = {false, 4, "Description", 0}; +struct tableHeading report_sonicosaccess_heading2 = {false, 1, "Rule", &report_sonicosaccess_heading3}; +struct tableHeading report_sonicosaccess_heading1 = {false, 2, "To", &report_sonicosaccess_heading2}; +struct tableHeading report_sonicosaccess_heading = {false, 2, "From", &report_sonicosaccess_heading1}; +const char *report_sonicosaccess_table = "Insecure access rules"; +const char *report_sonicosrules_denylog = "policy list does not end with a deny all and log."; +const char *report_sonicosrulest_denylog = "Policy list does not end with a deny all and log."; + +// PIX/IOS Access-Lists +const char *report_accesslist_title = "Access Control Lists"; +const char *report_accesslist_obs1 = "*ABBREV*ACL*-ABBREV* are sequential lists of allow and deny *ABBREV*ACEs*-ABBREV* that specify whether network traffic should be allowed or dropped. *ABBREV*ACLs*-ABBREV* are used to restrict access to services and network devices, preventing access to services and devices that should not be accessible.*NEWPARA**COMPANY* *NEGATIVE*determined that no *ABBREV*ACL*-ABBREV* were configured on *DEVICENAME*.*-NEGATIVE**POSITIVE*identified *NUMBER* security-related issue*PLAURAL*s*-PLAURAL* with the configured *ABBREV*ACL*-ABBREV**PLAURAL*, these are listed in Table *TABLEREF**-PLAURAL*.*SINGULA* *NONEWPARA**-SINGULA**-POSITIVE*"; +const char *report_accesslist_impact = "*NEGATIVE*With no *ABBREV*ACL*-ABBREV* configured*-NEGATIVE**POSITIVE*If *ABBREV*ACEs*-ABBREV* are not sufficiently restrictive*-POSITIVE*, an attacker may be able to access services or network devices that should not be accessible. Furthermore, an attacker who had compromised a device could install a backdoor which could listen on a network port that was not filtered."; +const char *report_accesslist_noacl_pix_impact = "If no *ABBREV*ACL*-ABBREV* are configured the *DEVICETYPE* is redundant and simply provides the attacker with an additional network device to attack."; +const char *report_accesslist_ease = ""; +const char *report_accesslist_rec = "*COMPANY* recommends that *NEGATIVE**ABBREV*ACL*-ABBREV* be configured to restrict access to devices and services. Furthermore, *COMPANY* recommends that:*-NEGATIVE**POSITIVE*the *ABBREV*ACLs*-ABBREV* be reviewed and, where possible, modified to ensure that:*-POSITIVE**NONEWPARA*"; +const char *report_accesslist_context = "insecure ACL were configured"; +const char *report_accesslist_rectext = "Configure all ACL to only allow access to the hosts and services required"; +const char *report_accesslist2_rectext = "Configure all ACL to only allow access to the hosts and services required and log all blocked traffic"; +struct tableHeading report_aclrec_heading12 = {false, 1, "ACL end with a deny all and log", 0}; +struct tableHeading report_aclrec_heading11 = {false, 1, "logging be enabled for all ACE", &report_aclrec_heading12}; +struct tableHeading report_aclrec_heading10 = {false, 1, "ACE should not have a default action", &report_aclrec_heading11}; +struct tableHeading report_aclrec_heading9 = {false, 1, "ACL should not be bypassed", &report_aclrec_heading10}; +struct tableHeading report_aclrec_heading8 = {false, 1, "ACE should not reject packets", &report_aclrec_heading9}; +struct tableHeading report_aclrec_heading7 = {false, 1, "disabled ACE are removed", &report_aclrec_heading8}; +struct tableHeading report_aclrec_heading6 = {false, 1, "ACE log denied access", &report_aclrec_heading7}; +struct tableHeading report_aclrec_heading5 = {false, 1, "ACE do not allow access to any destination port", &report_aclrec_heading6}; +struct tableHeading report_aclrec_heading4 = {false, 1, "ACE do not allow access to entire destination networks", &report_aclrec_heading5}; +struct tableHeading report_aclrec_heading3 = {false, 1, "ACE do not allow access to any destination", &report_aclrec_heading4}; +struct tableHeading report_aclrec_heading2 = {false, 1, "ACE do not allow access from any source port", &report_aclrec_heading3}; +struct tableHeading report_aclrec_heading1 = {false, 1, "ACE do not allow access from entire source networks", &report_aclrec_heading2}; +struct tableHeading report_aclrec_heading = {false, 1, "ACE do not allow access from any source", &report_aclrec_heading1}; +const char *report_accesslist_table1 = "Insecure Access Control Entries"; +const char *report_accesslist_denylog = "ACL does not end with a deny all and log."; +const char *report_accesslist_std_denylog = "ACL does not end with a deny and log."; +const char *report_accesslist_bypass = "bypasses the remaining ACEs."; +const char *report_accesslistt_bypass = "Bypasses the remaining ACEs."; +const char *report_accesslist_old = "The ACL"; +const char *report_accesslist_std = "The standard ACL"; +const char *report_accesslist_ext = "The extended ACL"; +struct tableHeading report_accesslist_heading3 = {false, 65, "Description", 0}; +struct tableHeading report_accesslist_heading2 = {false, 15, "Type", &report_accesslist_heading3}; +struct tableHeading report_accesslist_heading1 = {false, 10, "Line", &report_accesslist_heading2}; +struct tableHeading report_accesslist_heading = {false, 10, "ACL", &report_accesslist_heading1}; +struct tableHeading report_accesslists_heading2 = {false, 4, "Description", 0}; +struct tableHeading report_accesslists_heading1 = {false, 1, "Line", &report_accesslists_heading2}; +struct tableHeading report_accesslists_heading = {false, 2, "ACL", &report_accesslists_heading1}; + +// Cisco CSS ACL... +const char *report_accesslist_css_obs = "*ABBREV*ACL*-ABBREV* are sequential lists of allow, deny and bypass clauses that determine whether network traffic is permitted or dropped. All *ABBREV*ACLs*-ABBREV* have a hidden deny all clause as the final clause, clause 255. *ABBREV*ACLs*-ABBREV* are used to restrict access to services and network devices, preventing access to services and devices that should not be accessible.*NEWPARA**COMPANY* *NEGATIVE*determined that no *ABBREV*ACL*-ABBREV* were configured*-NEGATIVE**SINGULA*identified *NUMBER* insecure *ABBREV*ACL*-ABBREV* clause, *NONEWPARA**-SINGULA**PLAURAL*identified *NUMBER* insecure *ABBREV*ACL*-ABBREV* clauses, these are listed in Table *TABLEREF**-PLAURAL*."; +const char *report_accesslist_css_impact = "*POSITIVE*If *ABBREV*ACL*-ABBREV* clauses are not sufficiently restrictive*-POSITIVE**NEGATIVE*With no *ABBREV*ACL*-ABBREV* configured*-NEGATIVE*, an attacker may be able to access services or network devices that should not be accessible. Furthermore, an attacker who had compromised a device could install some backdoor software which could listen on a network port that was not filtered."; +const char *report_accesslist_css_bypass = "bypasses the remaining clauses."; +const char *report_accesslistt_css_bypass = "Bypasses the remaining clauses."; +const char *report_accesslist_css_table = "Insecure ACL Clauses"; +struct tableHeading report_aclrec_css_heading12 = {false, 1, "ACL end with a deny all and log", 0}; +struct tableHeading report_aclrec_css_heading11 = {false, 1, "logging be enabled for all clauses", &report_aclrec_css_heading12}; +struct tableHeading report_aclrec_css_heading10 = {false, 1, "clauses should not have a default action", &report_aclrec_css_heading11}; +struct tableHeading report_aclrec_css_heading9 = {false, 1, "ACL should not be bypassed", &report_aclrec_css_heading10}; +struct tableHeading report_aclrec_css_heading8 = {false, 1, "clauses should not reject packets", &report_aclrec_css_heading9}; +struct tableHeading report_aclrec_css_heading7 = {false, 1, "disabled clauses are removed", &report_aclrec_css_heading8}; +struct tableHeading report_aclrec_css_heading6 = {false, 1, "clauses log denied access", &report_aclrec_css_heading7}; +struct tableHeading report_aclrec_css_heading5 = {false, 1, "clauses do not allow access to any destination port", &report_aclrec_css_heading6}; +struct tableHeading report_aclrec_css_heading4 = {false, 1, "clauses do not allow access to entire destination networks", &report_aclrec_css_heading5}; +struct tableHeading report_aclrec_css_heading3 = {false, 1, "clauses do not allow access to any destination", &report_aclrec_css_heading4}; +struct tableHeading report_aclrec_css_heading2 = {false, 1, "clauses do not allow access from any source port", &report_aclrec_css_heading3}; +struct tableHeading report_aclrec_css_heading1 = {false, 1, "clauses do not allow access from entire source networks", &report_aclrec_css_heading2}; +struct tableHeading report_aclrec_css_heading = {false, 1, "clauses do not allow access from any source", &report_aclrec_css_heading1}; +struct tableHeading report_accesslist_css_heading2 = {false, 4, "Description", 0}; +struct tableHeading report_accesslist_css_heading1 = {false, 1, "Clause", &report_accesslist_css_heading2}; +struct tableHeading report_accesslist_css_heading = {false, 1, "ACL", &report_accesslist_css_heading1}; +const char *report_accesslist_noacl_title = "Access Control Lists Disabled"; +const char *report_accesslist_noacl_context = "ACL are disabled"; +const char *report_accesslist_noacl_rectext = "Enable ACL to restrict access to hosts and services"; +const char *report_accesslist_disabled_css_obs = "*ABBREV*ACLs*-ABBREV* are used to restrict access to services and network devices, preventing access to services and devices that should not be accessible. However, without enabling *ABBREV*ACL*-ABBREV* all network traffic is allowed.*NEWPARA**COMPANY* determined that*POSITIVE*, although *ABBREV*ACL*-ABBREV* have been configured,*-POSITIVE* *ABBREV*ACL*-ABBREV* are disabled on *DEVICENAME*."; +const char *report_accesslist_disabled_css_impact = "With *ABBREV*ACLs*-ABBREV* disabled, an attacker could gain access to hosts and services for which they should not be able to access."; +const char *report_accesslist_disabled_css_rec = "*COMPANY* recommends that *ABBREV*ACL*-ABBREV* be enabled. Once enabled, all traffic is denied by default, so an *ABBREV*ACL*-ABBREV* should be configured to permit traffic to the device prior to enabling *ABBREV*ACL*-ABBREV*. *ABBREV*ACL*-ABBREV* can be enabled with the following *DEVICETYPE* command:*NEWPARA**COMMAND*acl enable*-COMMAND*"; + +// Passport filters... +const char *report_pasfilter_title = "IP Traffic Filters"; +const char *report_pasfilter_obs = "*DEVICETYPE* *ABBREV*IP*-ABBREV* filter sets are sequetial lists of filters that determine whether network traffic is permitted or denied. *ABBREV*IP*-ABBREV* Filter sets are applied to *DEVICETYPE* ports, which can also be configured with a default action to drop or forward network packets. *ABBREV*IP*-ABBREV* Filter sets are used restrict access to services and network devices, preventing access to services and devices that should not be accessible.*NEWPARA**COMPANY* *NEGATIVE*determined that no filter sets were configured on *DEVICENAME*.*-NEGATIVE**POSITIVE*identified *NUMBER* insecure filter*SINGULA*.*NONEWPARA**-SINGULA**PLAURAL*s, these are listed in Table *TABLEREF*.*-PLAURAL**-POSITIVE*"; +const char *report_pasfilter_impact = "*POSITIVE*If *ABBREV*IP*-ABBREV* filter sets are not sufficiently restrictive*-POSITIVE**NEGATIVE*If filter sets are not configured*-NEGATIVE*, an attacker may be able to access services or network devices that should not be accessible. Furthermore, an attacker who had compromised a device could install some backdoor software which could listen on a network port that was not filtered."; +const char *report_pasfilter_ease = ""; +const char *report_pasfilter_rec = "*COMPANY* recommends that *NEGATIVE*filter sets be configured on *DEVICENAME*. Furthermore, *COMPANY* recommends*-NEGATIVE**POSITIVE*the *ABBREV*IP*-ABBREV* filter sets be reviewed and, where possible, modified to ensure*-POSITIVE* that:*NONEWPARA*"; +const char *report_pasfilter_context = "insecure filters were configured"; +const char *report_pasfilter_rectext = "Configure all filters to only allow access to the hosts and services required"; +const char *report_pasfilter_denylog = "IP filter set does not end with a deny all and log."; +const char *report_pasfilter_bypass = "bypasses the remaining filters."; +const char *report_pasfiltert_bypass = "Bypasses the remaining filters."; +struct tableHeading report_pasfilter_heading12 = {false, 1, "IP filter sets end with a deny all and log", 0}; +struct tableHeading report_pasfilter_heading11 = {false, 1, "logging be enabled for all filters", &report_pasfilter_heading12}; +struct tableHeading report_pasfilter_heading10 = {false, 1, "filters should not have a default action", &report_pasfilter_heading11}; +struct tableHeading report_pasfilter_heading9 = {false, 1, "IP filter sets should not be bypassed", &report_pasfilter_heading10}; +struct tableHeading report_pasfilter_heading8 = {false, 1, "filters should not reject packets", &report_pasfilter_heading9}; +struct tableHeading report_pasfilter_heading7 = {false, 1, "disabled filters are removed", &report_pasfilter_heading8}; +struct tableHeading report_pasfilter_heading6 = {false, 1, "filters log denied access", &report_pasfilter_heading7}; +struct tableHeading report_pasfilter_heading5 = {false, 1, "filters do not allow access to any destination port", &report_pasfilter_heading6}; +struct tableHeading report_pasfilter_heading4 = {false, 1, "filters do not allow access to entire destination networks", &report_pasfilter_heading5}; +struct tableHeading report_pasfilter_heading3 = {false, 1, "filters do not allow access to any destination", &report_pasfilter_heading4}; +struct tableHeading report_pasfilter_heading2 = {false, 1, "filters do not allow access from any source port", &report_pasfilter_heading3}; +struct tableHeading report_pasfilter_heading1 = {false, 1, "filters do not allow access from entire source networks", &report_pasfilter_heading2}; +struct tableHeading report_pasfilter_heading = {false, 1, "filters do not allow access from any source", &report_pasfilter_heading1}; +struct tableHeading report_pasfilter_table_heading2 = {false, 4, "Description", 0}; +struct tableHeading report_pasfilter_table_heading1 = {false, 1, "Filter ID", &report_pasfilter_table_heading2}; +struct tableHeading report_pasfilter_table_heading = {false, 1, "Filter Set", &report_pasfilter_table_heading1}; +const char *report_pasfilter_table = "Insecure filters"; + +// Remote SSH Management Hosts +const char *report_sshman_title = "Remote SSH Management Hosts"; +const char *report_sshman_obs = "It is possible to configure *ABBREV*SSH*-ABBREV* on *DEVICETYPE* to restrict remote administrative access to specific management addresses. However, *COMPANY* determined that the remote management of *DEVICENAME* using *ABBREV*SSH*-ABBREV* was not restricted to individual remote management *ABBREV*IP*-ABBREV* addresses."; +const char *report_sshman_impact = "If an attacker were able to determine the authentication credentials for *DEVICENAME*, due to relaxed remote management configuration they may be able to gain access using *ABBREV*SSH*-ABBREV*. Additionally, if a vulnerability were to exist in the *ABBREV*SSH*-ABBREV* service, an attacker may be able to gain access to the device due to the weak remote access restrictions."; +const char *report_sshman_ease = ""; +const char *report_sshman_rec = "*COMPANY* recommends that remote management access using *ABBREV*SSH*-ABBREV* be restricted to the individual *ABBREV*IP*-ABBREV* addresses required. Access can be restricted using the following command:*NEWPARA**COMMAND*ssh *CMDREQUIRE**CMDUSER*ip address*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*net mask*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*interface*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_sshman_context = "entire networks are allowed remote management access using SSH"; +const char *report_sshman_rectext = "Restrict remote SSH management to specific hosts"; + +// Flood Guard +const char *report_floodguard_title = "Flood Guard"; +const char *report_floodguard_obs = "The Flood Guard feature enables a *DEVICETYPE* to reclaim system resources if the circumstances occur whereby resources have been exhausted. *COMPANY* determined that the Flood Guard feature was not enabled on *DEVICENAME*."; +const char *report_floodguard_impact = "An attacker could perform a *ABBREV*DoS*-ABBREV* attack against *DEVICENAME* by consuming the *DEVICETYPE* resources with a flood of connection attempts."; +const char *report_floodguard_ease = "Tools are available on the Internet that can perform a *ABBREV*DoS*-ABBREV* attack."; +const char *report_floodguard_rec = "*COMPANY* recommends that the Flood Guard feature be enabled. Flood Guard can be enabled with the following command:*NEWPARA**COMMAND*floodguard enable*-COMMAND*"; +const char *report_floodguard_context = "the flood guard feature was not enabled"; +const char *report_floodguard_rectext = "Enable Flood Guard"; + +// Cisco Express Forwarding / Unicast Reverse Packet Forwarding +const char *report_urpf_title = "Unicast Reverse Packet Forwarding Verification"; +const char *report_urpf_obs = "Any configured network packet filtering will have an impact on a device's performance and the more filtering configured, the greater the impact. Typically, additional filtering is configured to perform sanity checks on network traffic to ensure that traffic being routed through the network originates from a valid *ABBREV*IP*-ABBREV* address, this ensures that traffic entering a network does not originate from an internal *ABBREV*IP*-ABBREV* address range. Cisco provides *ABBREV*uRPF*-ABBREV* verification to perform network traffic sanity checks without the performance impact of *ABBREV*ACL*-ABBREV* network filtering. *ABBREV*uRPF*-ABBREV* verification must be enabled on each interface on which sanity checks should be performed and will automatically adjust to topology changes. *ABBREV*uRPF*-ABBREV* verification makes use of *ABBREV*CEF*-ABBREV*, which must be enabled.*NEWPARA**COMPANY* determined that *NEGATIVE**ABBREV*CEF*-ABBREV* was not enabled*-NEGATIVE**SINGULA**ABBREV*uRPF*-ABBREV* verification was not enabled on interface *NONEWPARA**-SINGULA**PLAURAL**ABBREV*uRPF*-ABBREV* verification was not enabled on the interfaces listed in Table *TABLEREF**-PLAURAL*."; +const char *report_urpf_pix_obs = "Any configured network packet filtering will have an impact on a device's performance and the more filtering configured, the greater the impact. Typically, additional filtering is configured to perform sanity checks on network traffic to ensure that traffic being passed through the *DEVICETYPE* originates from a valid *ABBREV*IP*-ABBREV* address, this ensures that traffic entering a network does not originate from an internal *ABBREV*IP*-ABBREV* address range. Cisco provides *ABBREV*uRPF*-ABBREV* verification to perform network traffic sanity checks without the performance impact of *ABBREV*ACL*-ABBREV* network filtering. *ABBREV*uRPF*-ABBREV* verification must be enabled for each interface on which sanity checks should be performed and will automatically adjust to topology changes.*NEWPARA**COMPANY* determined that *ABBREV*uRPF*-ABBREV* verification was not enabled on the interface*SINGULA**NONEWPARA**-SINGULA**PLAURAL*s listed in Table *TABLEREF**-PLAURAL*."; +const char *report_urpf_impact = "A network packet with a spoofed source address could be routed by the device, bypassing any configured *ABBREV*ACLs*-ABBREV*."; +const char *report_urpf_ease = ""; +const char *report_urpf_rec = "*COMPANY* recommends that, where possible, *ABBREV*uRPF*-ABBREV* verification be enabled on all network interfaces. *ABBREV*uRPF*-ABBREV* verification can be enabled on each network interface with the following command:*NEWPARA**COMMAND*ip verify unicast reverse-path*-COMMAND**NEWPARA**NEGATIVE**ABBREV*CEF*-ABBREV* can be enabled with the following command on routers without *ABBREV*VIPs*-ABBREV*:*NEWPARA**COMMAND*ip cef*-COMMAND**NEWLINE*On routers with *ABBREV*VIPs*-ABBREV* the following command will enable *ABBREV*CEF*-ABBREV*:*NEWPARA**COMMAND*ip cef distributed*-COMMAND**NEWLINE**-NEGATIVE*It is worth noting that not all devices support *ABBREV*uRPF*-ABBREV* verification and it is best implemented only on edge routers. Furthermore, *ABBREV*uRPF*-ABBREV* verification should not be used if any of the router's interfaces participate in asymmetric routes. If it is not possible to implement *ABBREV*uRPF*-ABBREV* verification, then *COMPANY* recommends that *ABBREV*ACL*-ABBREV* be configured on edge routers to perform sanity checks on network traffic."; +const char *report_urpf_pix_rec = "*COMPANY* recommends that, where possible, *ABBREV*uRPF*-ABBREV* verification be enabled for all outside network interfaces. *ABBREV*uRPF*-ABBREV* verification can be enabled for each network interface with the following command:*NEWPARA**COMMAND*ip verify reverse-path interface *CMDREQUIRE**CMDUSER*interface*-CMDUSER**-CMDREQUIRE**-COMMAND**NEWLINE*If it is not possible to implement *ABBREV*uRPF*-ABBREV* verification, then *COMPANY* recommends that *ABBREV*ACL*-ABBREV* be configured on edge devices to perform sanity checks on network traffic."; +const char *report_urpf_context = "uRPF verification was not enabled on all interfaces"; +const char *report_urpf_rectext = "Enable uRPF verification on all outside interfaces"; +const char *report_urpf_table = "Interfaces without Unicast Reverse Packet Forwarding verification"; + +// Management IP +const char *report_mngrip_title = "Remote Management IP Address"; +const char *report_mngrip_obs = "Network devices will commonly provide management services to enable remote management by network administrators. It is quite common for a modern network device to provide several different methods of securing administrative services, ranging from service configuration options to firewall rules. ScreenOS devices provide a manager-ip configuration setting that defines which hosts or networks are allowed to manage the device.*NEWPARA**COMPANY* determined that the manager-ip setting on *DEVICENAME* was configured to allow any network address to manage the device. However, it should be noted that although the manager-ip setting was not restricting access to the *DEVICENAME* administrative services, other network restrictions could still limit access to those services."; +const char *report_mngrip_impact = "An attacker who was able to connect to the management services provided by *DEVICENAME* are offered a wide variety of options that should be closed to them. The attacker could use the service to help identify the device type and version in order to identify a vulnerability or the attacker could attempt to brute-force the authentication credentials in an attempt to gain access to the device."; +const char *report_mngrip_ease = ""; +const char *report_mngrip_rec = "*COMPANY* recommends that the manager-ip setting be configured to restrict remote administrative access to device services. The manager-ip setting can be configured using the following command:*NEWPARA**COMMAND*set admin manager-ip *CMDREQUIRE**CMDUSER*ip address*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*net mask*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_mngrip_context = "the remote administration IP addresses were not defined"; +const char *report_mngrip_rectext = "Configure the remote administration IP addresses"; + +// Trunking +const char *report_trunking_title = "Switch Port Trunking"; +const char *report_trunking_obs1 = "*DEVICETYPE* devices are able to transfer *ABBREV*VLAN*-ABBREV* packets to different network devices, extending a *ABBREV*VLAN*-ABBREV* across different physical devices. In order to extend a *ABBREV*VLAN*-ABBREV* to a different physical device, a trunk has to be created between the devices. *DEVICETYPE* devices default to allowing a trunk to be negotiated on a particular switch port if the connected device will also allow the trunk and supports a common trunking protocol.*NEWPARA**COMPANY* determined that *NUMBER* switch port*PLAURAL*s*-PLAURAL* allowed a trunk to be negotiated*PLAURAL*, these are listed in Table *TABLEREF**-PLAURAL*.*SINGULA* The switch port *NONEWPARA**-SINGULA*"; +const char *report_trunking_obs2 = " allowed trunking."; +const char *report_trunking_impact = "An attacker who was able to create a trunk would gain direct access to all the *ABBREV*VLANs*-ABBREV* extended over the trunk. This would allow an attacker to bypass any network filtering between the *ABBREV*VLANs*-ABBREV*."; +const char *report_trunking_ease = "The attacker would require knowledge of network trunking. However, tools are available on the Internet that can exploit trunking vulnerabilities."; +const char *report_trunking_rec = "*COMPANY* recommends that, where possible, all switch ports be configured to provide no trunking. If trunking is required on a specific switch port, *COMPANY* recommends that the switch port be configured to trunk only the required *ABBREV*VLANs*-ABBREV*. Switch ports can be configured to provide no trunking on each interface with the following commands:*NEWPARA**COMMAND*switchport mode access*-COMMAND**NEWLINE**COMMAND*switchport nonegotiate*-COMMAND*"; +const char *report_trunking_context = "trunk negotiation was not disabled on all switch ports"; +const char *report_trunking_rectext = "Disable trunk negotiation on all switch ports"; +const char *report_trunking_table = "Switch ports that allow trunking"; + +// Switch Port Security +const char *report_portsecurity_title = "Switch Port Security"; +const char *report_portsecurity_obs1 = "Switch port security enables a *DEVICETYPE* to help prevent unauthorised access to the network by limiting the *ABBREV*MAC*-ABBREV* addresses allowed on specific ports. *ABBREV*MAC*-ABBREV* addresses can either be specified for a particular switch port or can be learned by the *DEVICETYPE*. When port security is configured a variety of actions can be taken when a violation occurs, such as automatically disabling the port.*NEWPARA**COMPANY* identified *NUMBER* switch port*PLAURAL*s*-PLAURAL* that had no port security configured*PLAURAL*, these are listed in Table *TABLEREF*.*-PLAURAL**SINGULA*. Switch port *NONEWPARA**-SINGULA*"; +const char *report_portsecurity_obs2 = "*NOTEXTSTART* was configured with no port security."; +const char *report_portsecurity_impact = "A switch port with no configured port security could allow an attacker to attach an unauthorised device and scan other network attached devices. Depending on the security of the network attached devices, this issue could allow an attacker to perform information gathering, or potentially, gain access to vulnerable devices."; +const char *report_portsecurity_ease = "An attacker would have to gain access to a switch port with no security configured. If the switch port is not directly patched to a wall socket, the attacker would have to gain physical access to the *DEVICETYPE*."; +const char *report_portsecurity_rec = "*COMPANY* recommends that, where possible, port security be enabled on all switch ports. Furthermore, *COMPANY* recommends that all switch ports that are not used be shutdown. Switch port security with *ABBREV*MAC*-ABBREV* address learning and port shutdown on a violation can be configured on each interface with the following commands:*NEWPARA**COMMAND*switchport port-security*-COMMAND**NEWLINE**COMMAND*switchport port-security violation shutdown*-COMMAND**NEWLINE**COMMAND*switchport port-security mac-address sticky*-COMMAND**NEWLINE*Unused interfaces can be disabled with the following interface command:*NEWPARA**COMMAND*shutdown*-COMMAND*"; +const char *report_portsecurity_context = "port security was not enabled on all switch ports"; +const char *report_portsecurity_rectext = "Enable switch port security on all switch ports"; +const char *report_portsecurity_table = "Switch ports with no port security"; + +// Logging +const char *report_logging_title = "Logging"; +const char *report_logging_obs1 = "Logging is an essential component of a secure network configuration. Logging not only assists network administrators to identify issues when troubleshooting, but enables network administrators to react to intrusion attempts or Denial-of-Service attacks. It is therefore critical that logs be monitored, allowing administrators to take immediate action when an attack has been identified. Furthermore, system logs are a key component of a forensic investigation into past intrusions or service disruptions."; +const char *report_logging_obs2 = "*COMPANY* determined that logging had not been configured on *DEVICENAME*."; +const char *report_logging_obs3 = "*COMPANY* determined that logging had been disabled on *DEVICENAME*."; +const char *report_logging_obs4 = "*COMPANY* determined that, although logging was enabled on *DEVICENAME*, both Syslog and Buffered logging were not configured."; +const char *report_logging_obs5 = "*COMPANY* determined that, although logging was enabled on *DEVICENAME*, Syslog logging was not configured."; +const char *report_logging_obs6 = "*COMPANY* determined that, although logging was enabled on *DEVICENAME*, Buffered logging was not configured."; +const char *report_logging_impact = "An attacker could attempt to map and bypass any configured *ABBREV*ACL*-ABBREV* or to gain access to the *DEVICETYPE* without network administrators being alerted to the attempts. Furthermore, after an unauthorised intrusion into the network had been detected, it would be more difficult for an investigation to identify the source of the attack or the entry point without access to logs."; +const char *report_logging_ease = ""; +const char *report_logging_rec1 = "*COMPANY* recommends that Syslog and Buffered logging be configured on *DEVICENAME*. Logging can be enabled with the following command:*NEWPARA**COMMAND*logging on*-COMMAND*"; +const char *report_logging_rec2 = "To configure Syslog logging, four things need to be set; a source interface for the Syslog messages to be sent from, one or more Syslog hosts to send messages to, the Syslog logging message severity level and the Syslog facility. The following commands can be used to configure Syslog logging:*NEWPARA**COMMAND*logging source-interface *CMDREQUIRE**CMDUSER*Interface*-CMDUSER**-CMDREQUIRE**-COMMAND**NEWLINE**COMMAND*logging host *CMDREQUIRE**CMDUSER*Syslog IP address or hostname*-CMDUSER**-CMDREQUIRE**-COMMAND**NEWLINE**COMMAND*logging trap *CMDREQUIRE**CMDUSER*Logging message severity level*-CMDUSER**-CMDREQUIRE**-COMMAND**NEWLINE**COMMAND*logging facility *CMDREQUIRE**CMDUSER*Syslog facility*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_logging_rec3 = "It is worth noting that older *ABBREV*IOS*-ABBREV* versions do not exclude the host parameter when specifying a host to send Syslog messages to. For older *ABBREV*IOS*-ABBREV* versions you would use the following command:*NEWPARA**COMMAND*logging *CMDREQUIRE**CMDUSER*Syslog IP address or hostname*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_logging_rec4 = "Buffered logging can be configured with the following command:*NEWPARA**COMMAND*logging buffered *CMDREQUIRE**CMDUSER*Buffer Size*-CMDUSER**-CMDREQUIRE* *CMDREQUIRE**CMDUSER*Logging message severity level*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_logging_context = "insufficient logging was configured"; +const char *report_logging_rectext = "Configure Syslog and Buffered logging"; + +// Proxy ARP +const char *report_proxyarp_title = "Proxy ARP"; +const char *report_proxyarp_obs = "*ABBREV*ARP*-ABBREV* is a protocol that network hosts use to translate network addresses into media addresses. Under normal circumstances, *ABBREV*ARP*-ABBREV* packets are confined to the sender's network segment. However, a Cisco router with Proxy *ABBREV*ARP*-ABBREV* enabled on network interfaces can act as a proxy for *ABBREV*ARP*-ABBREV*, responding to queries and acting as an intermediary.*NEWPARA**COMPANY* identified *NUMBER* interface*PLAURAL*s*-PLAURAL* that had Proxy *ABBREV*ARP*-ABBREV* enabled*SINGULA*, *NONEWPARA**-SINGULA**PLAURAL*. These are listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_proxyarp_impact = "A router that acts as a proxy for *ABBREV*ARP*-ABBREV* requests will extend layer two access across multiple network segments, breaking perimeter security."; +const char *report_proxyarp_ease = "A Cisco device with Proxy *ABBREV*ARP*-ABBREV* enabled will proxy *ABBREV*ARP*-ABBREV* requests for all hosts on those interfaces."; +const char *report_proxyarp_rec = "*COMPANY* recommends that, if not required, Proxy *ABBREV*ARP*-ABBREV* be disabled on all interfaces. Proxy *ABBREV*ARP*-ABBREV* can be disabled on each interface with the following Cisco *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*no ip proxy-arp*-COMMAND*"; +const char *report_proxyarp_context = "ARP request proxying was not disabled on all network interfaces"; +const char *report_proxyarp_rectext = "Disable Proxy ARP on all network interfaces"; +const char *report_proxyarp_table = "Interfaces with Proxy ARP enabled"; + +// SSH Protocol Version +const char *report_sshproto_title = "SSH Protocol Version"; +const char *report_sshproto_obs = "The *ABBREV*SSH*-ABBREV* service is commonly used for encrypted command-based remote device management. There are multiple *ABBREV*SSH*-ABBREV* protocol versions and *ABBREV*SSH*-ABBREV* servers will often support multiple versions to maintain backwards compatibility. Although flaws have been identified in implementations of version 2 of the *ABBREV*SSH*-ABBREV* protocol, fundamental flaws exist in *ABBREV*SSH*-ABBREV* protocol version 1.*NEWPARA**COMPANY* determined that support for version 1 of the *ABBREV*SSH*-ABBREV* protocol was supported on *DEVICENAME*."; +const char *report_sshproto_impact = "An attacker who was able to intercept *ABBREV*SSH*-ABBREV* protocol version 1 traffic would be able to perform a man-in-the-middle style attack. The attacker could then capture network traffic and possibly authentication credentials."; +const char *report_sshproto_ease = "Although vulnerabilities are widely known, exploiting the vulnerabilities in the *ABBREV*SSH*-ABBREV* protocol can be difficult."; +const char *report_sshproto_rec1 = "*COMPANY* recommends that the *ABBREV*SSH*-ABBREV* service be configured to support only version 2 of the *ABBREV*SSH*-ABBREV* protocol. Version 2 of the *ABBREV*SSH*-ABBREV* protocol can be configured with the following command:*NEWPARA**COMMAND*ssh version 2*-COMMAND**NEGATIVE**NEWLINE*However, it is worth noting that this command was introduced with *DEVICETYPE* software version 7.0(1) and therefore a software upgrade may be required.*-NEGATIVE*"; // PIX +const char *report_sshproto_rec2 = "*COMPANY* recommends that the *ABBREV*SSH*-ABBREV* service be configured to support only version 2 of the *ABBREV*SSH*-ABBREV* protocol. Version 2 of the *ABBREV*SSH*-ABBREV* protocol can be configured with the following command:*NEWPARA**COMMAND*ip ssh version 2*-COMMAND**SINGULA**NEWLINE*It is worth noting that *ABBREV*SSH*-ABBREV* protocol version 2 support was introduced by Cisco into *ABBREV*IOS*-ABBREV* starting with *ABBREV*IOS*-ABBREV* version 12.1(19)E. Therefore a software upgrade may be required to implement *ABBREV*SSH*-ABBREV* protocol version 2 support.*-SINGULA*"; // IOS +const char *report_sshproto_sos_rec = "*COMPANY* recommends that the *ABBREV*SSH*-ABBREV* service be configured to support only version 2 of the *ABBREV*SSH*-ABBREV* protocol. Version 2 of the *ABBREV*SSH*-ABBREV* protocol can be configured with the following command:*NEWPARA**COMMAND*set ssh version v2*-COMMAND*"; +const char *report_sshproto_context = "SSH protocol version 1 was configured"; +const char *report_sshproto_rectext = "Configure SSH to support only protocol version 2"; + +// CDP +const char *report_cdp_title = "Cisco Discovery Protocol"; +const char *report_cdp_obs = "*ABBREV*CDP*-ABBREV* is a proprietary protocol that is primarily used by Cisco, but has been used by others. *ABBREV*CDP*-ABBREV* allows some network management applications and *ABBREV*CDP*-ABBREV* aware devices to identify each other on a *ABBREV*LAN*-ABBREV* segment. Cisco devices, including switches, bridges and routers are configured to broadcast *ABBREV*CDP*-ABBREV* packets by default.*SINGULA* The devices can be configured to disable the *ABBREV*CDP*-ABBREV* service or disable *ABBREV*CDP*-ABBREV* on individual network interfaces.*-SINGULA**PLAURAL* The devices can be configured to disable the *ABBREV*CDP*-ABBREV* service or disable *ABBREV*CDP*-ABBREV* on individual network interfaces.*-PLAURAL**NEWPARA**COMPANY* determined that *NEGATIVE**ABBREV*CDP*-ABBREV* was enabled.*-NEGATIVE**SINGULA*even though *ABBREV*CDP*-ABBREV* had been disabled on all active interfaces, the *ABBREV*CDP*-ABBREV* service had not been disabled.*-SINGULA**PLAURAL*the *ABBREV*CDP*-ABBREV* service had not been disabled, and additionally, had not been disabled on all the active network interfaces.*-PLAURAL*"; +const char *report_cdp_impact = "*ABBREV*CDP*-ABBREV* packets contain information about the sender, such as hardware model information, operating system version and *ABBREV*IP*-ABBREV* address details. This information would allow an attacker to gain information about the configuration of the network infrastructure."; +const char *report_cdp_ease = "*ABBREV*CDP*-ABBREV* packets are broadcast to an entire network segment. An attacker could use one of the many publicly available tools to capture network traffic and view the leaked information."; +const char *report_cdp_rec1 = "*COMPANY* recommends that, if not required, the *ABBREV*CDP*-ABBREV* service be disabled on the Cisco device *DEVICENAME*. If *ABBREV*CDP*-ABBREV* is required, *COMPANY* recommends that *ABBREV*CDP*-ABBREV* be disabled on all interfaces except those that are explicitly required.*NEWPARA*The *ABBREV*CDP*-ABBREV* service can be disabled by issuing the following Cisco *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*no cdp run*-COMMAND**NEWLINE**ABBREV*CDP*-ABBREV* can be disabled on individual interfaces using the following command:*NEWPARA**COMMAND*no cdp enable*-COMMAND**NEWLINE*In some configurations with *ABBREV*IP*-ABBREV* phones, deployed using either Auto Discovery or *ABBREV*DHCP*-ABBREV*, the *ABBREV*CDP*-ABBREV* service may need to be enabled. In this situation *ABBREV*CDP*-ABBREV* should be disabled on all network interfaces for which it is not required."; +const char *report_cdp_rec2 = "*COMPANY* recommends that, if not required, *ABBREV*CDP*-ABBREV* be disabled. *ABBREV*CDP*-ABBREV* can be disabled with the following command:*NEWPARA**COMMAND*set cdp disable*-COMMAND**NEWLINE**ABBREV*CDP*-ABBREV* can be disabled on individual module ports using the following command:*NEWPARA**COMMAND*set cdp disable*-COMMAND**NEWLINE*In some configurations with *ABBREV*IP*-ABBREV* phones, deployed using either Auto Discovery or *ABBREV*DHCP*-ABBREV*, the *ABBREV*CDP*-ABBREV* service may need to be enabled. In this situation *ABBREV*CDP*-ABBREV* should be disabled on all module ports for which it is not required."; +const char *report_cdp_context = "CDP was not disabled"; +const char *report_cdp_rectext = "Disable CDP"; + +// IP Classless Routing +const char *report_classless_title = "Classless Routing"; +const char *report_classless_obs = "Classless routing is enabled by default on Cisco routers. If a router has classless routing enabled and it receives a network packet for which there is no configured route, the router will forward the packet to the best destination. With classless routing disabled, the router would discard any network traffic for which no route is defined.*NEWPARA**COMPANY* determined that classless routing was enabled on *DEVICENAME*."; +const char *report_classless_impact = "Network traffic that should not be routed by the router may be routed when classless routing is enabled."; +const char *report_classless_ease = ""; +const char *report_classless_rec = "*COMPANY* recommends that, if possible, classless routing be disabled. Classless routing can be disabled with the following command:*NEWPARA**COMMAND*no ip classless*-COMMAND*"; +const char *report_classless_context = "classless routing was enabled"; +const char *report_classless_rectext = "Disable classless routing"; + +// Minimum Password Length +const char *report_passlength_title = "Minimum Password Length"; +const char *report_passlength_obs = "Cisco introduced an option from *ABBREV*IOS*-ABBREV* version 12.3(1) which forces user, enable, secret and line passwords to meet a minimum length. This setting was introduced to help prevent the use of short passwords such as \"cisco\".*NEWPARA**NEGATIVE**COMPANY* determined that the minimum password length functionality was disabled*-NEGATIVE**POSITIVE**COMPANY* determined that a minimum password length of *NUMBER* character*PLAURAL*s*-PLAURAL* was configured*-POSITIVE*."; +const char *report_passlength_impact = "*NEGATIVE*With no password length checking*-NEGATIVE**POSITIVE*With a small minimum password length configured*-POSITIVE*, it would be possible for a short password to be used. If an attacker were able to gain a password through dictionary-based guessing techniques or by a brute-force method, the attacker could gain a level of access to *DEVICENAME*."; +const char *report_passlength_ease = "A number of dictionary-based password guessing and password brute-force tools are available on the Internet."; +const char *report_passlength_rec = "*COMPANY* recommends that a minimum password length of at least *NUMBER* character*PLAURAL*s*-PLAURAL* be configured. The minimum password length can be configured with the following command:*NEWPARA**COMMAND*security passwords min-length *CMDREQUIRE**CMDUSER*length*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_passlength_context = "an inadequate minimum password length was configured"; +const char *report_passlength2_context = "no minimum password length was configured"; +const char *report_passlength_rectext = "Configure a secure minimum password length"; + +// Bootp +const char *report_bootp_title = "BOOTP"; +const char *report_bootp_obs = "*ABBREV*BOOTP*-ABBREV* is a datagram protocol that allows compatible hosts to load their operating system over the network from a *ABBREV*BOOTP*-ABBREV* server. Cisco routers are capable of acting as *ABBREV*BOOTP*-ABBREV* servers for other Cisco devices and the service is enabled by default. However, *ABBREV*BOOTP*-ABBREV* is rarely used and may represent a security risk.*NEWPARA**COMPANY* determined that *ABBREV*BOOTP*-ABBREV* was not disabled. However, it is worth noting that not all Cisco devices support *ABBREV*BOOTP*-ABBREV*."; +const char *report_bootp_impact = "An attacker could use the *ABBREV*BOOTP*-ABBREV* service to download a copy of the router's *ABBREV*IOS*-ABBREV* software."; +const char *report_bootp_ease = "Tools are available on the Internet to access *ABBREV*BOOTP*-ABBREV* servers."; +const char *report_bootp_rec = "*COMPANY* recommends that, if not required, the *ABBREV*BOOTP*-ABBREV* service be disabled. The following command can be used to disable *ABBREV*BOOTP*-ABBREV*:*NEWPARA**COMMAND*no ip bootp server*-COMMAND*"; +const char *report_bootp_context = "BootP was enabled"; +const char *report_bootp_rectext = "Disable BootP"; + +// TCP & UDP Small Servers +const char *report_small_title = "TCP and UDP Small Servers"; +const char *report_small_obs1 = "Cisco devices provide a set of simple servers which are collectively known as *ABBREV*TCP*-ABBREV* small servers and *ABBREV*UDP*-ABBREV* small servers. The services provide little functionality and include chargen, echo and daytime. Cisco *ABBREV*IOS*-ABBREV* version 11.2 and older enable these services by default; newer *ABBREV*IOS*-ABBREV* versions explicitly require them to be started."; +const char *report_small_obs2 = "*COMPANY* determined that the version of *ABBREV*IOS*-ABBREV*, on the Cisco device *DEVICENAME*, enables these servers by default and they have not been explicitly disabled."; +const char *report_small_obs3 = "*COMPANY* determined that both the *ABBREV*TCP*-ABBREV* and *ABBREV*UDP*-ABBREV* small servers were not disabled."; +const char *report_small_obs4 = "*COMPANY* determined that the *ABBREV*TCP*-ABBREV* small servers were not disabled."; +const char *report_small_obs5 = "*COMPANY* determined that the *ABBREV*UDP*-ABBREV* small servers were not disabled."; +const char *report_small_impact = "Each running service increases the chances of an attacker being able to identify the device and successfully compromise it. It is good security practice to disable all unused services."; +const char *report_small_ease = "Tools are widely available to query these services and some operating systems install these tools by default."; +const char *report_small_rec = "*COMPANY* recommends that, if not required, *ABBREV*TCP*-ABBREV* and *ABBREV*UDP*-ABBREV* small servers be explicitly disabled. *ABBREV*TCP*-ABBREV* and *ABBREV*UDP*-ABBREV* small services are rarely used and are disabled by default in newer versions of Cisco *ABBREV*IOS*-ABBREV*."; +const char *report_small_rec_tcp = "*ABBREV*TCP*-ABBREV* small servers can be disabled with the following *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*no service tcp-small-servers*-COMMAND*"; +const char *report_small_rec_udp = "*ABBREV*UDP*-ABBREV* small servers can be disabled with the following *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*no service udp-small-servers*-COMMAND*"; +const char *report_small_context = "all small servers have not been disabled"; +const char *report_small_rectext = "Disable all small servers"; + +// ICMP IP Unreachables +const char *report_icmpunreach_title = "IP Unreachables"; +const char *report_icmpunreach_table = "Interfaces with IP unreachables enabled"; +const char *report_icmpunreach_obs = "*ABBREV*ICMP*-ABBREV* *ABBREV*IP*-ABBREV* unreachable messages can be generated by a Cisco device when a host attempts to connect to a non-existent host, network, or use an unsupported protocol. *ABBREV*ICMP*-ABBREV* *ABBREV*IP*-ABBREV* unreachable messages will let the connecting host know that the host, network or protocol is not supported or cannot be contacted. Therefore, the host does not have to wait for a connection time-out. *ABBREV*ICMP*-ABBREV* *ABBREV*IP*-ABBREV* unreachable messages are normally enabled by default on Cisco devices and must be explicitly disabled.*NEWPARA**COMPANY* determined that the Cisco device *DEVICENAME* had *ABBREV*ICMP*-ABBREV* *ABBREV*IP*-ABBREV* unreachable messages enabled*SINGULA* on the interface *NONEWPARA**-SINGULA**PLAURAL* on the interfaces listed in Table *TABLEREF**-PLAURAL*."; +const char *report_icmpunreach_impact = "An attacker who was performing network scans to determine what services were available would be able to scan a device more quickly."; +const char *report_icmpunreach_ease = "Tools are available on the Internet that can perform a wide variety of scan types."; +const char *report_icmpunreach_rec1 = "*COMPANY* recommends that, if not required, *ABBREV*IP*-ABBREV* unreachables be disabled on all network interfaces. However, whilst disabling *ABBREV*IP*-ABBREV* unreachables will not stop scans, it does make it more difficult for an attacker. The *ABBREV*IP*-ABBREV* unreachables option is disabled or enabled individually for each network interface. It can be disabled with the following command:*NEWPARA**COMMAND*no ip unreachables*-COMMAND*"; +const char *report_icmpunreach_rec2 = "*COMPANY* recommends that, if not required, *ABBREV*IP*-ABBREV* unreachables be disabled. However, whilst disabling *ABBREV*IP*-ABBREV* unreachables will not stop scans, it does make it more difficult for an attacker. The *ABBREV*IP*-ABBREV* unreachables option can be disabled with the following command:*NEWPARA**COMMAND*set ip unreachable disable*-COMMAND*"; +const char *report_icmpunreach_context = "IP unreachables have not been disabled on all interfaces"; +const char *report_icmpunreach_rectext = "Disable IP unreachables on all interfaces"; + +// ICMP Mask Reply +const char *report_maskreply_title = "ICMP Mask Reply"; +const char *report_maskreply_table = "Interfaces with ICMP mask reply enabled"; +const char *report_maskreply_obs = "*ABBREV*ICMP*-ABBREV* mask reply messages inform network hosts of the *ABBREV*TCP*-ABBREV*/*ABBREV*IP*-ABBREV* network mask for a network segment. This protocol can now be regarded as legacy as it has been superseded by protocols such as *ABBREV*DHCP*-ABBREV*, or hosts will already be configured with this information.*NEWPARA**COMPANY* determined that the Cisco device *DEVICENAME* had the *ABBREV*ICMP*-ABBREV* mask reply option enabled on the interface*SINGULA* *NONEWPARA**-SINGULA**PLAURAL*s listed in Table *TABLEREF*.*-PLAURAL*"; +const char *report_maskreply_impact = "An attacker could use the *ABBREV*ICMP*-ABBREV* mask reply feature to gain additional information about the network configuration."; +const char *report_maskreply_ease = "Tools are available on the Internet that can perform *ABBREV*ICMP*-ABBREV* mask requests."; +const char *report_maskreply_rec = "*COMPANY* recommends that, if not required, *ABBREV*ICMP*-ABBREV* mask reply be disabled on all network interfaces. *ABBREV*ICMP*-ABBREV* mask reply can be disabled on each individual network interface using the following command:*NEWPARA**COMMAND*no ip mask-reply*-COMMAND*"; +const char *report_maskreply_context = "ICMP Mask Reply is not disabled on all interfaces"; +const char *report_maskreply_rectext = "Disable ICMP Mask Reply on all interfaces"; + +// Enable Secret Password +const char *report_enablesec_title = "Enable Secret"; +const char *report_enablesec_obs = "Cisco IOS-based device enable passwords can be stored using an iterated *ABBREV*MD5*-ABBREV* hash, which is far stronger than the easily reversible Cisco type-7 encryption.*NEWPARA**COMPANY* identified *NUMBER* enable password*SINGULA* that was*-SINGULA**PLAURAL*s that were*-PLAURAL* not stored using the *ABBREV*MD5*-ABBREV* hash."; +const char *report_enablesec_impact = "An attacker could use an enable password from a Cisco device to access the device and possibly modify its configuration."; +const char *report_enablesec_ease = "An attacker who had access to the Cisco configuration file would easily be able to retrieve passwords that are stored in clear-text or using the Cisco type-7 encryption. However, an attacker who had access to a Cisco configuration file could brute-force any stronger *ABBREV*MD5*-ABBREV* passwords."; +const char *report_enablesec_rec = "*COMPANY* recommends that all enable passwords be stored using the *ABBREV*MD5*-ABBREV* hash. Enable passwords can be stored using the *ABBREV*MD5*-ABBREV* hash with the following Cisco *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*enable secret*-COMMAND*"; +const char *report_enablesec_context = "the enable password is not stored using the MD5 hash"; +const char *report_enablesec_rectext = "Store the enable password using the MD5 hash"; + +// Password Encryption +const char *report_passenc_title = "Service Password Encryption"; +const char *report_passenc_obs = "Cisco service passwords are stored by default in their clear-text form rather than being encrypted. However, it is possible to have these passwords stored using the reversible Cisco type-7 encryption.*NEWPARA**COMPANY* determined that the Cisco device *DEVICENAME* was not running the password encryption service that helps provide a basic level of encryption to passwords that otherwise would be stored in clear-text."; +const char *report_passenc_impact = "If a malicious user were to see a Cisco configuration that contained clear-text passwords, they could use the passwords to access the device. However, an attacker who had access to a Cisco configuration file would easily be able to reverse the passwords."; +const char *report_passenc_ease = "Even though it is trivial to reverse Cisco type-7 passwords, they do provide a greater level of security than clear-text passwords. Tools are widely available on the Internet that reverse Cisco type-7 passwords."; +const char *report_passenc_rec = "*COMPANY* recommends that the Cisco password encryption service be enabled. The Cisco password encryption service can be started with the following Cisco *ABBREV*IOS*-ABBREV* command:*NEWPARA**COMMAND*service password-encryption*-COMMAND*"; +const char *report_passenc_context = "the service passwords are stored in clear-text"; +const char *report_passenc_rectext = "Configure the passwords to be stored using the Cisco type-7 algorithm"; + +// Banner +const char *report_banner_title = "Login Banner"; +const char *report_banner_obs = "A banner message can be shown to users who connect to one of the remote management services, such as Telnet. Typically banner messages will include information on the law with regard to unauthorised access to the device, warning users who do not have the authority to access the device about the consequences.*NEWPARA**COMPANY* determined that no login banner was configured."; +const char *report_banner_impact = "Attackers who have gained access to a device could avoid legal action if no banner is configured to warn against unauthorised access."; +const char *report_banner_ease = ""; +const char *report_banner_rec = "*COMPANY* recommends that a banner be configured that warns against unauthorised access. Banners are configured on Cisco devices using a delimiter character. A delimiter character is specified in the banner command and is used again to mark the end of the banner. The Cisco command to add a login banner, that is presented to users prior to authentication, is:*NEWPARA**COMMAND*banner login *CMDREQUIRE**CMDUSER*delimiter*-CMDUSER**-CMDREQUIRE* *CMDUSER*The banner text*-CMDUSER* *CMDREQUIRE**CMDUSER*delimiter*-CMDUSER**-CMDREQUIRE**-COMMAND*"; +const char *report_banner_context = "no login banner has been configured"; +const char *report_banner_rectext = "Configure a login banner"; + +// IP Domain Lookup +const char *report_lookup_title = "Domain Lookups"; +const char *report_lookup_obs = "Cisco *ABBREV*IOS*-ABBREV*-based devices support name lookups using the *ABBREV*DNS*-ABBREV*. However, if a *ABBREV*DNS*-ABBREV* server has not been configured, then the *ABBREV*DNS*-ABBREV* request is broadcast.*NEWPARA**COMPANY* determined that name lookups had not been disabled*SINGULA* and no *ABBREV*DNS*-ABBREV* servers had been configured*-SINGULA*."; +const char *report_lookup_impact = "An attacker who was able to capture network traffic could monitor *ABBREV*DNS*-ABBREV* queries from the *DEVICETYPE*. Furthermore, Cisco devices can connect to Telnet servers by supplying only the hostname or *ABBREV*IP*-ABBREV* address of the server. A mistyped Cisco command could be interpreted as an attempt to connect to a Telnet server and broadcast on the network."; +const char *report_lookup_ease = "It would be trivial for an attacker to capture network traffic*SINGULA* broadcast*-SINGULA* from a *DEVICETYPE*. Furthermore, network traffic capture tools are widely available on the Internet."; +const char *report_lookup_rec = "*COMPANY* recommends that domain lookups be disabled. Domain lookups can be disabled with the following command:*NEWPARA**COMMAND*no ip domain-lookup*-COMMAND**SINGULA**NEWLINE*If domain lookups are required, *COMPANY* recommends that *ABBREV*DNS*-ABBREV* be configured. *ABBREV*DNS*-ABBREV* can be configured with the following command:*NEWPARA**COMMAND*ip name-server *CMDREQUIRE**CMDUSER*IP address*-CMDUSER**-CMDREQUIRE**-COMMAND**-SINGULA*"; +const char *report_lookup_context = "domain lookups were enabled"; +const char *report_lookup_rectext = "Disable domain lookups"; + +// PAD +const char *report_pad_title = "Packet Assembler / Disassembler"; +const char *report_pad_obs = "The *ABBREV*PAD*-ABBREV* service enables X.25 connections between network systems. The *ABBREV*PAD*-ABBREV* service is enabled by default on most Cisco *ABBREV*IOS*-ABBREV* devices but it is only required if support for X.25 links is necessary.*NEWPARA**COMPANY* determined that the *ABBREV*PAD*-ABBREV* service had not been disabled."; +const char *report_pad_impact = "Running unused services increases the chances of an attacker finding a security hole or fingerprinting a device."; +const char *report_pad_ease = ""; +const char *report_pad_rec = "*COMPANY* recommends that, if not required, the *ABBREV*PAD*-ABBREV* service be disabled. Use the following command to disable the *ABBREV*PAD*-ABBREV* service:*NEWPARA**COMMAND*no service pad*-COMMAND*"; +const char *report_pad_context = "the PAD service was enabled"; +const char *report_pad_rectext = "Disable the PAD service"; + +// Maintenance Operations Protocol (MOP) +const char *report_mop_title = "Maintenance Operations Protocol"; +const char *report_mop_obs = "*ABBREV*MOP*-ABBREV* is used with the DECnet protocol suite. *ABBREV*MOP*-ABBREV* is enabled by default on ethernet interfaces in some versions of *ABBREV*IOS*-ABBREV*.*NEWPARA**COMPANY* determined that *ABBREV*MOP*-ABBREV* had not been disabled on all ethernet interfaces."; +const char *report_mop_impact = "Running unused services increases the chances of an attacker finding a security hole or fingerprinting a device."; +const char *report_mop_ease = ""; +const char *report_mop_rec = "*COMPANY* recommends that, if not required, *ABBREV*MOP*-ABBREV* be disabled on all ethernet interfaces. *ABBREV*MOP*-ABBREV* can be disabled on each interface with the following command:*NEWPARA**COMMAND*no mop enabled*-COMMAND*"; +const char *report_mop_context = "MOP had not been disabled on all interfaces"; +const char *report_mop_rectext = "Disable MOP on all interfaces"; + + +// ---------------------------------------------------------------------------------- +// Configuration Text... + +// Introduction +const char *report_config_intro_fw1 = "This section details the configuration settings of the *DEVICETYPE* firewall."; +const char *report_config_intro = "This section details the configuration settings of the *DEVICETYPE* device *DEVICENAME*."; +const char *report_config_title = "Device Configuration"; + +// General +const char *settings_general_title = "General"; +const char *settings_general_table = "General device settings"; + +// General Configuration Table Headings... +struct tableHeading settings_general_heading1 = {false, 7, "Setting", 0}; +struct tableHeading settings_general_heading = {false, 3, "Description", &settings_general_heading1}; + +// DNS Settings +const char *settings_dns_title = "Domain Name Settings"; +const char *settings_dns_table = "Domain name settings"; + +// Time Zone Settings +const char *settings_timezone_title = "Time Zone Settings"; +const char *settings_timezone_table = "Time zone settings"; + +// Administrative Settings +const char *settings_admin_title = "Administrative Settings"; +const char *settings_admin_table = "Administrative settings"; +const char *settings_admins_table = "Administrative users"; +struct tableHeading settings_admins_heading3 = {false, 1, "Trustee", 0}; +struct tableHeading settings_admins_heading2 = {false, 2, "Privilege", &settings_admins_heading3}; +struct tableHeading settings_admins_heading1 = {true, 2, "Encrypted Password", &settings_admins_heading2}; +struct tableHeading settings_admins_heading = {false, 2, "Username", &settings_admins_heading1}; + +// Authentication Servers +const char *settings_authservers_title = "Authentication Servers"; +const char *settings_authservers_table = "Authentication servers"; +struct tableHeading settings_authservers_heading8 = {true, 3, "Secret / Key", 0}; +struct tableHeading settings_authservers_heading7 = {false, 3, "Interface", &settings_authservers_heading8}; +struct tableHeading settings_authservers_heading6 = {false, 2, "Forced Timeout", &settings_authservers_heading7}; +struct tableHeading settings_authservers_heading5 = {false, 2, "Timeout", &settings_authservers_heading6}; +struct tableHeading settings_authservers_heading4 = {false, 3, "Backup(s)", &settings_authservers_heading5}; +struct tableHeading settings_authservers_heading3 = {false, 3, "Server", &settings_authservers_heading4}; +struct tableHeading settings_authservers_heading2 = {false, 3, "Type", &settings_authservers_heading3}; +struct tableHeading settings_authservers_heading1 = {false, 3, "Server Name", &settings_authservers_heading2}; +struct tableHeading settings_authservers_heading = {false, 1, "ID", &settings_authservers_heading1}; + +// User Accounts and Privilages +const char *settings_users_title = "User Accounts and Privilages"; +const char *settings_passwords_title = "Passwords"; +struct tableHeading settings_passwords_heading1 = {true, 1, "Encrypted Password", 0}; +struct tableHeading settings_passwords_heading = {false, 1, "Login", &settings_passwords_heading1}; +const char *settings_enable_table = "Enable Passwords"; +struct tableHeading report_enable_heading2 = {false, 1, "Encryption", 0}; +struct tableHeading report_enable_heading1 = {true, 2, "Password", &report_enable_heading2}; +struct tableHeading report_enable_heading = {false, 1, "Level", &report_enable_heading1}; +struct tableHeading report_enablepix_heading1 = {true, 2, "Encrypted Password", 0}; +struct tableHeading report_enablepix_heading = {false, 1, "Level", &report_enablepix_heading1}; +const char *settings_users_table = "User Accounts"; +struct tableHeading report_users_heading3 = {false, 1, "Encryption", 0}; +struct tableHeading report_users_heading2 = {true, 1, "Password", &report_users_heading3}; +struct tableHeading report_users_heading1 = {false, 2, "Privilage", &report_users_heading2}; +struct tableHeading report_users_heading = {false, 1, "Username", &report_users_heading1}; +struct tableHeading report_userspix_heading3 = {true, 2, "Encrypted Password", 0}; +struct tableHeading report_userspix_heading2 = {false, 1, "Encryption", &report_userspix_heading3}; +struct tableHeading report_userspix_heading1 = {false, 1, "Level", &report_userspix_heading2}; +struct tableHeading report_userspix_heading = {false, 2, "Username", &report_userspix_heading1}; +const char *settings_logon_password = "The configured logon password was encrypted as"; +const char *settings_privs_desc = "IOS-based Cisco devices have sixteen privilage levels between 0 and 15. The enable privilage level is 15 and user exec mode is level 1. *ABBREV*IOS*-ABBREV* commands are assigned to privilage levels 1 or 15 by default. However, *ABBREV*IOS*-ABBREV* commands can be moved to other privilage levels."; +const char *settings_privs_table = "Privilages"; +struct tableHeading report_privs_heading1 = {false, 2, "Command", 0}; +struct tableHeading report_privs_heading = {false, 1, "Privilage Level", &report_privs_heading1}; +const char *settings_banner_desc = "Login banners should provide a warning against unauthorised access to the device. The configured banner on *DEVICENAME* was:"; + +// Services +const char *settings_services_title = "Services"; +const char *settings_services_table = "Device services"; +struct tableHeading report_services_heading1 = {false, 1, "Status", 0}; +struct tableHeading report_services_heading = {false, 2, "Service", &report_services_heading1}; + +// Switch Configuration +const char *settings_switch_title = "Switch Configuration"; +const char *settings_switch_table = "General switch settings"; + +// Logging +const char *settings_logging_title = "Logging"; +const char *settings_logging_table = "Logging configuration"; + +// CDP +const char *settings_cdp_title = "Cisco Discovery Protocol"; +const char *settings_cdp_table = "Cisco Discovery Protocol configuration"; + +// SNMP +const char *settings_snmp_title = "Simple Network Management Protocol"; +const char *settings_snmp_desc = "*ABBREV*SNMP*-ABBREV* is used to assist network administrators in monitoring and managing a wide variety of network devices. There are three main versions of *ABBREV*SNMP*-ABBREV* in use. Versions 1 and 2 of *ABBREV*SNMP*-ABBREV* are both secured with a community string and authenticate and transmit network packets without any form of encryption. *ABBREV*SNMP*-ABBREV* version 3 provides several levels of authentication and encryption. The most basic level provides a similar protection to that of the earlier protocol versions. However, *ABBREV*SNMP*-ABBREV* version 3 can be configured to provide encrypted authentication (auth) and secured further with support for encrypted data communications (priv).*NEGATIVE* However, *DEVICETYPE* currently only support *ABBREV*SNMP*-ABBREV* versions 1 and 2.*-NEGATIVE*"; +const char *settings_snmp_table = "General SNMP service configuration"; +const char *settings_snmp_sos_table = "SNMP configuration"; +const char *settings_snmpstring_table = "SNMP community strings"; +struct tableHeading settings_snmp_css_heading1 = {false, 1, "Access Type", 0}; +struct tableHeading settings_snmp_css_heading = {true, 1, "Community", &settings_snmp_css_heading1}; +struct tableHeading settings_snmpstring_heading4 = {false, 1, "Enabled", 0}; +struct tableHeading settings_snmpstring_heading3 = {false, 2, "Access-List", &settings_snmpstring_heading4}; +struct tableHeading settings_snmpstring_heading2 = {false, 2, "View", &settings_snmpstring_heading3}; +struct tableHeading settings_snmpstring_heading1 = {false, 2, "Access", &settings_snmpstring_heading2}; +struct tableHeading settings_snmpstring_heading = {true, 3, "Community", &settings_snmpstring_heading1}; +struct tableHeading settings_snmpcomm_heading2 = {false, 1, "Access Type", 0}; +struct tableHeading settings_snmpcomm_heading1 = {true, 1, "Community String", &settings_snmpcomm_heading2}; +struct tableHeading settings_snmpcomm_heading = {false, 1, "Community Type", &settings_snmpcomm_heading1}; +const char *settings_snmpview_table = "SNMP View"; +struct tableHeading settings_snmpview_heading1 = {false, 1, "Access", 0}; +struct tableHeading settings_snmpview_heading = {false, 3, "SNMP MIB", &settings_snmpview_heading1}; +const char *settings_snmpgroups_table = "SNMP groups"; +struct tableHeading settings_snmpgroups_heading6 = {false, 1, "ACL", 0}; +struct tableHeading settings_snmpgroups_heading5 = {false, 1, "Context", &settings_snmpgroups_heading6}; +struct tableHeading settings_snmpgroups_heading4 = {false, 1, "Notify View", &settings_snmpgroups_heading5}; +struct tableHeading settings_snmpgroups_heading3 = {false, 1, "Write View", &settings_snmpgroups_heading4}; +struct tableHeading settings_snmpgroups_heading2 = {false, 1, "Read View", &settings_snmpgroups_heading3}; +struct tableHeading settings_snmpgroups_heading1 = {false, 1, "SNMP Version", &settings_snmpgroups_heading2}; +struct tableHeading settings_snmpgroups_heading = {false, 1, "Name", &settings_snmpgroups_heading1}; +const char *settings_snmpgroup_table1 = "SNMP v1 group "; +const char *settings_snmpgroup_table2 = "SNMP v2c group "; +const char *settings_snmpgroup_table3 = "SNMP v3 (No Auth) group "; +const char *settings_snmpgroup_table4 = "SNMP v3 (Auth) group "; +const char *settings_snmpgroup_table5 = "SNMP v3 (Auth and Priv) group "; +const char *settings_snmpgroup_table6 = "SNMP users not in a group"; +struct tableHeading settings_snmpnoauth_heading1 = {false, 1, "ACL", 0}; +struct tableHeading settings_snmpnoauth_heading = {false, 1, "Username", &settings_snmpnoauth_heading1}; +struct tableHeading settings_snmpauth_heading3 = {false, 1, "ACL", 0}; +struct tableHeading settings_snmpauth_heading2 = {false, 1, "Auth Encryption", &settings_snmpauth_heading3}; +struct tableHeading settings_snmpauth_heading1 = {true, 1, "Auth Password", &settings_snmpauth_heading2}; +struct tableHeading settings_snmpauth_heading = {false, 1, "Username", &settings_snmpauth_heading1}; +struct tableHeading settings_snmppriv_heading5 = {false, 1, "ACL", 0}; +struct tableHeading settings_snmppriv_heading4 = {false, 1, "Priv Encryption", &settings_snmppriv_heading5}; +struct tableHeading settings_snmppriv_heading3 = {true, 1, "Priv Password", &settings_snmppriv_heading4}; +struct tableHeading settings_snmppriv_heading2 = {false, 1, "Auth Encryption", &settings_snmppriv_heading3}; +struct tableHeading settings_snmppriv_heading1 = {true, 1, "Auth Password", &settings_snmppriv_heading2}; +struct tableHeading settings_snmppriv_heading = {false, 1, "Username", &settings_snmppriv_heading1}; +const char *settings_snmphost_table = "SNMP hosts"; +struct tableHeading settings_snmphost_heading2 = {true, 1, "Community String", 0}; +struct tableHeading settings_snmphost_heading1 = {false, 1, "SNMP Version", &settings_snmphost_heading2}; +struct tableHeading settings_snmphost_heading = {false, 1, "SNMP Host", &settings_snmphost_heading1}; +struct tableHeading settings_snmphosts_heading5 = {false, 1, "Index", 0}; +struct tableHeading settings_snmphosts_heading4 = {false, 1, "Owner", &settings_snmphosts_heading5}; +struct tableHeading settings_snmphosts_heading3 = {false, 1, "Port", &settings_snmphosts_heading4}; +struct tableHeading settings_snmphosts_heading2 = {false, 1, "Version", &settings_snmphosts_heading3}; +struct tableHeading settings_snmphosts_heading1 = {true, 1, "Community", &settings_snmphosts_heading2}; +struct tableHeading settings_snmphosts_heading = {false, 1, "Host", &settings_snmphosts_heading1}; +struct tableHeading settings_snmpPIXhosts_heading5 = {false, 1, "Access", 0}; +struct tableHeading settings_snmpPIXhosts_heading4 = {false, 1, "UDP Port", &settings_snmpPIXhosts_heading5}; +struct tableHeading settings_snmpPIXhosts_heading3 = {false, 1, "Version", &settings_snmpPIXhosts_heading4}; +struct tableHeading settings_snmpPIXhosts_heading2 = {true, 1, "Community", &settings_snmpPIXhosts_heading3}; +struct tableHeading settings_snmpPIXhosts_heading1 = {false, 1, "Address", &settings_snmpPIXhosts_heading2}; +struct tableHeading settings_snmpPIXhosts_heading = {false, 1, "Interface", &settings_snmpPIXhosts_heading1}; +const char *settings_snmptrap_table = "SNMP traps"; +struct tableHeading settings_snmptrap_heading = {false, 1, "SNMP Trap", 0}; +struct tableHeading settings_snmptraps_heading1 = {false, 1, "Trap", 0}; +struct tableHeading settings_snmptraps_heading = {false, 1, "Status", &settings_snmptraps_heading1}; +struct tableHeading settings_snmpPIXtraps_heading1 = {false, 1, "Trap", 0}; +struct tableHeading settings_snmpPIXtraps_heading = {false, 1, "Type", &settings_snmpPIXtraps_heading1}; +struct tableHeading settings_snmpstring_sos_heading4 = {false, 1, "Traffic Traps", 0}; +struct tableHeading settings_snmpstring_sos_heading3 = {false, 1, "Traps", &settings_snmpstring_sos_heading4}; +struct tableHeading settings_snmpstring_sos_heading2 = {false, 2, "Access", &settings_snmpstring_sos_heading3}; +struct tableHeading settings_snmpstring_sos_heading1 = {false, 1, "SNMP Version", &settings_snmpstring_sos_heading2}; +struct tableHeading settings_snmpstring_sos_heading = {true, 2, "Community", &settings_snmpstring_sos_heading1}; +struct tableHeading settings_snmphost_sos_heading3 = {false, 2, "Interface", 0}; +struct tableHeading settings_snmphost_sos_heading2 = {false, 1, "SNMP Version", &settings_snmphost_sos_heading3}; +struct tableHeading settings_snmphost_sos_heading1 = {false, 2, "Community", &settings_snmphost_sos_heading2}; +struct tableHeading settings_snmphost_sos_heading = {false, 2, "Host", &settings_snmphost_sos_heading1}; + +// SSH +const char *settings_ssh_title = "Secure Shell"; +const char *settings_ssh_table = "SSH configuration"; +const char *settings_sshman_table = "SSH remote management hosts"; +struct tableHeading settings_sshman_heading2 = {false, 1, "Interface", 0}; +struct tableHeading settings_sshman_heading1 = {false, 1, "Netmask", &settings_sshman_heading2}; +struct tableHeading settings_sshman_heading = {false, 1, "Host", &settings_sshman_heading1}; +const char *settings_sshint_table = "SSH server network interfaces"; +struct tableHeading settings_sshint_heading = {false, 1, "Network Interface", 0}; + +// NTP +const char *settings_ntp_title = "Network Time Protocol"; +const char *settings_ntp_table = "NTP configuration"; +const char *settings_ntpserv_table = "NTP servers"; +struct tableHeading settings_ntpserv_heading1 = {false, 1, "NTP Key Number", 0}; +struct tableHeading settings_ntpserv_heading = {false, 1, "NTP Server", &settings_ntpserv_heading1}; +const char *settings_ntppeer_table = "NTP peers"; +struct tableHeading settings_ntppeer_heading1 = {false, 1, "NTP Key Number", 0}; +struct tableHeading settings_ntppeer_heading = {false, 1, "NTP Peer", &settings_ntppeer_heading1}; +const char *settings_ntpkeys_table = "NTP keys"; +struct tableHeading settings_ntpkeys_heading2 = {true, 2, "Key", 0}; +struct tableHeading settings_ntpkeys_heading1 = {false, 1, "Trusted", &settings_ntpkeys_heading2}; +struct tableHeading settings_ntpkeys_heading = {false, 1, "NTP Key Number", &settings_ntpkeys_heading1}; +const char *settings_ntpaccess_table = "NTP access groups"; +struct tableHeading settings_ntpaccess_heading1 = {false, 1, "Access-List Number", 0}; +struct tableHeading settings_ntpaccess_heading = {false, 1, "Access Type", &settings_ntpaccess_heading1}; + +// FTP +const char *settings_ftp_title = "File Transfer Protocol"; +const char *settings_ftp_table = "FTP client configuration"; +const char *settings_ftpint_table = "FTP client source network interfaces"; + +// HTTP +const char *settings_http_title = "HyperText Transfer Protocol"; +const char *settings_http_table = "HTTP configuration"; +const char *settings_httphosts_table = "Allowed HTTP clients"; +struct tableHeading settings_httphosts_heading2 = {false, 2, "Net Mask", 0}; +struct tableHeading settings_httphosts_heading1 = {false, 1, "IP Address", &settings_httphosts_heading2}; +struct tableHeading settings_httphosts_heading = {false, 1, "Interface", &settings_httphosts_heading1}; + +// TACACS +const char *settings_tacacs_title = "Terminal Access Controller Access Control System"; +const char *settings_tacacs_table = "TACACS configuration"; +const char *settings_tacacsserv_table = "TACACS servers"; +struct tableHeading settings_tacacsserv_heading = {false, 1, "TACACS Server", 0}; + +// AAA +const char *settings_aaa_title = "Authentication, Authorization and Accounting"; +const char *settings_aaa_table1 = "AAA servers for user"; +const char *settings_aaa_table2 = "using RADIUS"; +const char *settings_aaa_table3 = "using TACACS"; +const char *settings_aaa_table4 = "using Kerberos"; +struct tableHeading settings_aaa_heading4 = {false, 1, "Key Encryption", 0}; +struct tableHeading settings_aaa_heading3 = {true, 1, "Key", &settings_aaa_heading4}; +struct tableHeading settings_aaa_heading2 = {false, 1, "Acct Port", &settings_aaa_heading3}; +struct tableHeading settings_aaa_heading1 = {false, 1, "Auth Port", &settings_aaa_heading2}; +struct tableHeading settings_aaa_heading = {false, 1, "Server", &settings_aaa_heading1}; + +// NAT & PAT +const char *settings_natpat_title = "NAT and PAT"; +const char *settings_nat_title = "NAT"; +const char *settings_natpat_desc = "*ABBREV*NAT*-ABBREV* is used to map an *ABBREV*IP*-ABBREV* address to an alternative *ABBREV*IP*-ABBREV* address and is commonly used to map internal network *ABBREV*IP*-ABBREV* addresses to Internet visible *ABBREV*IP*-ABBREV* addresses.*SINGULA* *ABBREV*PAT*-ABBREV* is similar to *ABBREV*NAT*-ABBREV*, except *ABBREV*PAT*-ABBREV* is used to map network protocols and ports. There are two different types of *ABBREV*NAT*-ABBREV* and *ABBREV*PAT*-ABBREV*, static and dynamic. Static *ABBREV*NAT*-ABBREV* and *ABBREV*PAT*-ABBREV* create a fixed translation, whereas with dynamic *ABBREV*NAT*-ABBREV* and *ABBREV*PAT*-ABBREV* each host uses a different address or port for each translation. Static *ABBREV*NAT*-ABBREV* and *ABBREV*PAT*-ABBREV* can allow a remote host to initiate a connection.*-SINGULA**PLAURAL* There are four different types of *ABBREV*NAT*-ABBREV* on *DEVICETYPE* devices, dynamic *ABBREV*NAT*-ABBREV*, static *ABBREV*NAT*-ABBREV*, port static *ABBREV*NAT*-ABBREV* and network static *ABBREV*NAT*-ABBREV*. Static *ABBREV*NAT*-ABBREV* translates one specific *ABBREV*IP*-ABBREV* address into another specific *ABBREV*IP*-ABBREV* address. Dynamic *ABBREV*NAT*-ABBREV* translates an *ABBREV*IP*-ABBREV* address into one of a pool of *ABBREV*IP*-ABBREV* addresses. Port static *ABBREV*NAT*-ABBREV* translates a specific *ABBREV*IP*-ABBREV* address and port to another specific *ABBREV*IP*-ABBREV* address and port. Finally, network static *ABBREV*NAT*-ABBREV* translates a specific network subnet to another specific network subnet.*-PLAURAL*"; +struct tableHeading settings_natstatic_heading3 = {false, 1, "To", 0}; +struct tableHeading settings_natstatic_heading2 = {false, 1, "From", &settings_natstatic_heading3}; +struct tableHeading settings_natstatic_heading1 = {false, 1, "IPSec-ESP", &settings_natstatic_heading2}; +struct tableHeading settings_natstatic_heading = {false, 1, "Source", &settings_natstatic_heading1}; +const char *settings_nat_dynamic_table = "Dynamic NAT"; +struct tableHeading settings_natdynamic_heading4 = {false, 1, "To", 0}; +struct tableHeading settings_natdynamic_heading3 = {false, 1, "To Type", &settings_natdynamic_heading4}; +struct tableHeading settings_natdynamic_heading2 = {false, 1, "From", &settings_natdynamic_heading3}; +struct tableHeading settings_natdynamic_heading1 = {false, 1, "From Type", &settings_natdynamic_heading2}; +struct tableHeading settings_natdynamic_heading = {false, 1, "Source", &settings_natdynamic_heading1}; +const char *settings_nat_portstatic_table = "Port static NAT"; +struct tableHeading settings_natportstat_heading5 = {false, 1, "To Port", 0}; +struct tableHeading settings_natportstat_heading4 = {false, 1, "To", &settings_natportstat_heading5}; +struct tableHeading settings_natportstat_heading3 = {false, 1, "From Port", &settings_natportstat_heading4}; +struct tableHeading settings_natportstat_heading2 = {false, 1, "From", &settings_natportstat_heading3}; +struct tableHeading settings_natportstat_heading1 = {false, 1, "Protocol", &settings_natportstat_heading2}; +struct tableHeading settings_natportstat_heading = {false, 1, "Source", &settings_natportstat_heading1}; +const char *settings_nat_netstatic_table = "Network static NAT"; +struct tableHeading settings_natnetstatic_heading3 = {false, 1, "Network Mask", 0}; +struct tableHeading settings_natnetstatic_heading2 = {false, 1, "To Network", &settings_natnetstatic_heading3}; +struct tableHeading settings_natnetstatic_heading1 = {false, 1, "From Network", &settings_natnetstatic_heading2}; +struct tableHeading settings_natnetstatic_heading = {false, 1, "Source", &settings_natnetstatic_heading1}; +const char *settings_nat_static_table = "Static NAT"; +struct tableHeading settings_nat_static_heading9 = {false, 1, "Max UDP", 0}; +struct tableHeading settings_nat_static_heading8 = {false, 1, "Max Embrionic", &settings_nat_static_heading9}; +struct tableHeading settings_nat_static_heading7 = {false, 1, "Max TCP", &settings_nat_static_heading8}; +struct tableHeading settings_nat_static_heading6 = {false, 1, "Nailed", &settings_nat_static_heading7}; +struct tableHeading settings_nat_static_heading5 = {false, 1, "Rand. Seq. No.", &settings_nat_static_heading6}; +struct tableHeading settings_nat_static_heading4 = {false, 1, "DNS Update", &settings_nat_static_heading5}; +struct tableHeading settings_nat_static_heading3 = {false, 2, "Mapped IP", &settings_nat_static_heading4}; +struct tableHeading settings_nat_static_heading2 = {false, 2, "Mapped Interface", &settings_nat_static_heading3}; +struct tableHeading settings_nat_static_heading1 = {false, 3, "Source", &settings_nat_static_heading2}; +struct tableHeading settings_nat_static_heading = {false, 2, "Interface", &settings_nat_static_heading1}; +const char *settings_pat_static_table = "Static PAT"; +struct tableHeading settings_pat_static_heading10 = {false, 1, "Max UDP", 0}; +struct tableHeading settings_pat_static_heading9 = {false, 1, "Max Embrionic", &settings_pat_static_heading10}; +struct tableHeading settings_pat_static_heading8 = {false, 1, "Max TCP", &settings_pat_static_heading9}; +struct tableHeading settings_pat_static_heading7 = {false, 1, "Nailed", &settings_pat_static_heading8}; +struct tableHeading settings_pat_static_heading6 = {false, 1, "Rand. Seq. No.", &settings_pat_static_heading7}; +struct tableHeading settings_pat_static_heading5 = {false, 1, "DNS Update", &settings_pat_static_heading6}; +struct tableHeading settings_pat_static_heading4 = {false, 2, "Mapped IP", &settings_pat_static_heading5}; +struct tableHeading settings_pat_static_heading3 = {false, 2, "Mapped Interface", &settings_pat_static_heading4}; +struct tableHeading settings_pat_static_heading2 = {false, 3, "Source", &settings_pat_static_heading3}; +struct tableHeading settings_pat_static_heading1 = {false, 2, "Interface", &settings_pat_static_heading2}; +struct tableHeading settings_pat_static_heading = {false, 1, "Protocol", &settings_pat_static_heading1}; + +// Routing +const char *settings_routing_title = "Routing"; +const char *settings_routing_desc = "A network device's routing tables can be configured with static routes or updated dynamically. Routing protocols are used by network routing devices to dynamically update the routing tables that devices use to forward network traffic to their destination. Router protocols can be split into two different categories; *ABBREV*IGPs*-ABBREV* and *ABBREV*EGPs*-ABBREV*. *ABBREV*IGPs*-ABBREV* are usually used in situations where the routing devices are all controlled by a single entity, such as within a company. *ABBREV*EGPs*-ABBREV* are usually used in situations where routing devices are managed by a number of entities, such as the Internet. Typically routing devices support a number of standard routing protocols."; +const char *settings_static_route_table = "Static routes"; +struct tableHeading settings_routeIOS_heading2 = {false, 1, "Gateway", 0}; +struct tableHeading settings_routeIOS_heading1 = {false, 1, "Net Mask", &settings_routeIOS_heading2}; +struct tableHeading settings_routeIOS_heading = {false, 1, "IP Address", &settings_routeIOS_heading1}; +struct tableHeading settings_route_heading6 = {false, 1, "Tunelled", 0}; +struct tableHeading settings_route_heading5 = {false, 1, "Tracking", &settings_route_heading6}; +struct tableHeading settings_route_heading4 = {false, 1, "Metric", &settings_route_heading5}; +struct tableHeading settings_route_heading3 = {false, 2, "Gateway", &settings_route_heading4}; +struct tableHeading settings_route_heading2 = {false, 2, "Net Mask", &settings_route_heading3}; +struct tableHeading settings_route_heading1 = {false, 2, "IP Address", &settings_route_heading2}; +struct tableHeading settings_route_heading = {false, 2, "Interface", &settings_route_heading1}; +const char *settings_routemap_desc = "Route maps can be configured to implement policy-based routing or to redistribute a route from one routing protocol into another routing protocol. Multiple route maps can be configured with the same map tag (name) and a sequence number used to determine their sequence."; +const char *settings_routemap_table = "Route maps"; +struct tableHeading settings_routeMap_heading2 = {false, 1, "Access", 0}; +struct tableHeading settings_routeMap_heading1 = {false, 1, "Sequence", &settings_routeMap_heading2}; +struct tableHeading settings_routeMap_heading = {false, 1, "Map Tag", &settings_routeMap_heading1}; + +// VRRP +const char *settings_vrrp_desc = "*ABBREV*VRRP*-ABBREV* is used to provide router load balancing and redundancy against a single point of failure. A *ABBREV*VRRP*-ABBREV* master router will send advertisements to other routers in the same *ABBREV*VRRP*-ABBREV* group. If the master *ABBREV*VRRP*-ABBREV* router fails, the other routers in the *ABBREV*VRRP*-ABBREV* group hold an election to determine which router will become the new master."; +const char *settings_vrrp_table = "VRRP configuration"; +struct tableHeading settings_vrrp_interface_heading9 = {false, 1, "Active", 0}; +struct tableHeading settings_vrrp_interface_heading8 = {true, 2, "Password", &settings_vrrp_interface_heading9}; +struct tableHeading settings_vrrp_interface_heading7 = {false, 2, "Authentication", &settings_vrrp_interface_heading8}; +struct tableHeading settings_vrrp_interface_heading6 = {false, 1, "Priority", &settings_vrrp_interface_heading7}; +struct tableHeading settings_vrrp_interface_heading5 = {false, 2, "Secondary IP", &settings_vrrp_interface_heading6}; +struct tableHeading settings_vrrp_interface_heading4 = {false, 2, "IP Address", &settings_vrrp_interface_heading5}; +struct tableHeading settings_vrrp_interface_heading3 = {false, 3, "Description", &settings_vrrp_interface_heading4}; +struct tableHeading settings_vrrp_interface_heading2 = {false, 1, "VRRP", &settings_vrrp_interface_heading3}; +struct tableHeading settings_vrrp_interface_heading1 = {false, 1, "VRRP Group", &settings_vrrp_interface_heading2}; +struct tableHeading settings_vrrp_interface_heading = {false, 2, "Interface", &settings_vrrp_interface_heading1}; + +// RIP +const char *settings_rip_desc = "*ABBREV*RIP*-ABBREV* is an *ABBREV*IGP*-ABBREV* and calculates routes using a distance vector. *ABBREV*RIP*-ABBREV* is only suitable for small networks, routing updates are sent every 30 seconds and contain the entire routing table. Furthermore, *ABBREV*RIP*-ABBREV* has a maximum distance of 15 hops. If *ABBREV*RIP*-ABBREV* routes have not been updated within three minutes the route is marked as unusable. Routes not updated within four minutes are removed."; +const char *settings_rip_table = "RIP configuration"; +const char *settings_rip_interface_table = "RIP network interface configuration"; +struct tableHeading settings_rip_interface_heading8 = {false, 1, "Triggered", 0}; +struct tableHeading settings_rip_interface_heading7 = {false, 1, "v2 Broadcast", &settings_rip_interface_heading8}; +struct tableHeading settings_rip_interface_heading6 = {false, 1, "Receive Version", &settings_rip_interface_heading7}; +struct tableHeading settings_rip_interface_heading5 = {false, 1, "Send Version", &settings_rip_interface_heading6}; +struct tableHeading settings_rip_interface_heading4 = {false, 1, "Key Chain", &settings_rip_interface_heading5}; +struct tableHeading settings_rip_interface_heading3 = {false, 1, "Authentication", &settings_rip_interface_heading4}; +struct tableHeading settings_rip_interface_heading2 = {false, 1, "IP Address", &settings_rip_interface_heading3}; +struct tableHeading settings_rip_interface_heading1 = {false, 1, "Description", &settings_rip_interface_heading2}; +struct tableHeading settings_rip_interface_heading = {false, 1, "Interface", &settings_rip_interface_heading1}; +const char *settings_rip_neightbor_table = "RIP neighbors"; +struct tableHeading settings_rip_neightbor_heading = {false, 1, "RIP Neighbor", 0}; +const char *settings_rip_networks_table = "RIP networks"; +struct tableHeading settings_rip_networks_heading = {false, 1, "RIP Network", 0}; + +// EIGRP +const char *settings_eigrp_desc = "*ABBREV*EIGRP*-ABBREV* is an *ABBREV*IGP*-ABBREV* and is a distance vector based protocol like *ABBREV*RIP*-ABBREV*, but incorporates some features from link state protocols such as *ABBREV*OSPF*-ABBREV*. *ABBREV*EIGRP*-ABBREV* was developed by Cisco as an enhanced version of *ABBREV*IGRP*-ABBREV*. Unlike *ABBREV*RIP*-ABBREV*, *ABBREV*EIGRP*-ABBREV* transmits changes to network routes to its neighbors and is suitable for larger networks."; +struct tableHeading settings_eigrp_interface_heading7 = {false, 1, "Bandwidth", 0}; +struct tableHeading settings_eigrp_interface_heading6 = {false, 2, "Key Chain", &settings_eigrp_interface_heading7}; +struct tableHeading settings_eigrp_interface_heading5 = {false, 1, "MD5 Auth", &settings_eigrp_interface_heading6}; +struct tableHeading settings_eigrp_interface_heading4 = {false, 1, "Passive", &settings_eigrp_interface_heading5}; +struct tableHeading settings_eigrp_interface_heading3 = {false, 1, "Active", &settings_eigrp_interface_heading4}; +struct tableHeading settings_eigrp_interface_heading2 = {false, 2, "IP Address", &settings_eigrp_interface_heading3}; +struct tableHeading settings_eigrp_interface_heading1 = {false, 2, "Description", &settings_eigrp_interface_heading2}; +struct tableHeading settings_eigrp_interface_heading = {false, 2, "Interface", &settings_eigrp_interface_heading1}; + +// BGP +const char *settings_bgp_desc = "*ABBREV*BGP*-ABBREV* is an *ABBREV*EGP*-ABBREV*. *ABBREV*BGP*-ABBREV* route updates are sent from defined *ABBREV*BGP*-ABBREV* peers using *ABBREV*TCP*-ABBREV* connections."; +struct tableHeading settings_bgp_heading5 = {false, 1, "TTL Hops", 0}; +struct tableHeading settings_bgp_heading4 = {false, 2, "Autonomous Number", &settings_bgp_heading5}; +struct tableHeading settings_bgp_heading3 = {false, 3, "Password Encryption", &settings_bgp_heading4}; +struct tableHeading settings_bgp_heading2 = {true, 3, "Password", &settings_bgp_heading3}; +struct tableHeading settings_bgp_heading1 = {false, 5, "Description", &settings_bgp_heading2}; +struct tableHeading settings_bgp_heading = {false, 2, "Neibhbor", &settings_bgp_heading1}; +struct tableHeading settings_bgp_interface_heading4 = {false, 1, "Passive", 0}; +struct tableHeading settings_bgp_interface_heading3 = {false, 1, "Active", &settings_bgp_interface_heading4}; +struct tableHeading settings_bgp_interface_heading2 = {false, 2, "IP Address", &settings_bgp_interface_heading3}; +struct tableHeading settings_bgp_interface_heading1 = {false, 2, "Description", &settings_bgp_interface_heading2}; +struct tableHeading settings_bgp_interface_heading = {false, 2, "Interface", &settings_bgp_interface_heading1}; + +// OSPF +const char *settings_ospf_desc = "*ABBREV*OSPF*-ABBREV* protocol is an *ABBREV*IGP*-ABBREV*. *ABBREV*OSPF*-ABBREV* packets are sent when the network configuration changes, such as when a route goes down, and the packets only contain the change. Since the information sent in *ABBREV*OSPF*-ABBREV* packets is limited to any network changes, the protocol is well suited to complex network configurations.*NEWPARA*For *ABBREV*OSPF*-ABBREV* to work on a network interface it must be included within an *ABBREV*OSPF*-ABBREV* network area."; +struct tableHeading settings_ospf_network_heading2 = {false, 1, "Area ID", 0}; +struct tableHeading settings_ospf_network_heading1 = {false, 2, "Network Mask", &settings_ospf_network_heading2}; +struct tableHeading settings_ospf_network_heading = {false, 2, "Network", &settings_ospf_network_heading1}; +struct tableHeading settings_ospf_area_heading2 = {false, 1, "Authentication", 0}; +struct tableHeading settings_ospf_area_heading1 = {false, 1, "Default Cost", &settings_ospf_area_heading2}; +struct tableHeading settings_ospf_area_heading = {false, 1, "Area ID", &settings_ospf_area_heading1}; +struct tableHeading settings_ospf_interface_heading7 = {false, 1, "OSPF Mode", 0}; +struct tableHeading settings_ospf_interface_heading6 = {false, 1, "Flood Reduction", &settings_ospf_interface_heading7}; +struct tableHeading settings_ospf_interface_heading5 = {false, 1, "Key Encryption", &settings_ospf_interface_heading6}; +struct tableHeading settings_ospf_interface_heading4 = {true, 1, "Authentication Key", &settings_ospf_interface_heading5}; +struct tableHeading settings_ospf_interface_heading3 = {false, 1, "Authentication", &settings_ospf_interface_heading4}; +struct tableHeading settings_ospf_interface_heading2 = {false, 1, "IP Address", &settings_ospf_interface_heading3}; +struct tableHeading settings_ospf_interface_heading1 = {false, 1, "Description", &settings_ospf_interface_heading2}; +struct tableHeading settings_ospf_interface_heading = {false, 1, "Interface", &settings_ospf_interface_heading1}; +struct tableHeading settings_ospf_neighbor_heading4 = {false, 1, "Database Filter", 0}; +struct tableHeading settings_ospf_neighbor_heading3 = {false, 1, "Cost Number", &settings_ospf_neighbor_heading4}; +struct tableHeading settings_ospf_neighbor_heading2 = {false, 1, "Poll Interval", &settings_ospf_neighbor_heading3}; +struct tableHeading settings_ospf_neighbor_heading1 = {false, 1, "Priority", &settings_ospf_neighbor_heading2}; +struct tableHeading settings_ospf_neighbor_heading = {false, 2, "Host", &settings_ospf_neighbor_heading1}; + +// Keys and Key Chains +const char *settings_keys_title = "Key Chains and Keys"; +const char *settings_keys_table = "Key chains and keys"; +struct tableHeading settings_keys_heading2 = {true, 2, "Key", 0}; +struct tableHeading settings_keys_heading1 = {false, 1, "Key Number", &settings_keys_heading2}; +struct tableHeading settings_keys_heading = {false, 1, "Key Chain", &settings_keys_heading1}; + +// Lines +const char *settings_lines_title = "Lines"; +const char *settings_lines_text = "The Cisco line configuration settings are used to configure administrative access to the device. The console line type is used for accessing the Cisco device directly through a cable attached to the device's console port. The auxiliary lines are used for remote access to the device, typically through attached modems. The *ABBREV*VTY*-ABBREV* lines are used for access to the device through a remote access service such as *ABBREV*SSH*-ABBREV* or Telnet."; +const char *settings_lines_table = "Line configuration"; +struct tableHeading settings_lines_heading14 = {false, 3, "Password Encryption", 0}; +struct tableHeading settings_lines_heading13 = {true, 4, "Password", &settings_lines_heading14}; +struct tableHeading settings_lines_heading12 = {false, 3, "Absolute Timeout", &settings_lines_heading13}; +struct tableHeading settings_lines_heading11 = {false, 3, "Session Timeout", &settings_lines_heading12}; +struct tableHeading settings_lines_heading10 = {false, 3, "Exec Timeout", &settings_lines_heading11}; +struct tableHeading settings_lines_heading9 = {false, 2, "Timeout", &settings_lines_heading10}; +struct tableHeading settings_lines_heading8 = {false, 1, "SSH", &settings_lines_heading9}; +struct tableHeading settings_lines_heading7 = {false, 1, "Telnet", &settings_lines_heading8}; +struct tableHeading settings_lines_heading6 = {false, 3, "Accounting", &settings_lines_heading7}; +struct tableHeading settings_lines_heading5 = {false, 3, "Authorization", &settings_lines_heading6}; +struct tableHeading settings_lines_heading4 = {false, 2, "Exec", &settings_lines_heading5}; +struct tableHeading settings_lines_heading3 = {false, 2, "Logins", &settings_lines_heading4}; +struct tableHeading settings_lines_heading2 = {false, 1, "End Line", &settings_lines_heading3}; +struct tableHeading settings_lines_heading1 = {false, 1, "Start Line", &settings_lines_heading2}; +struct tableHeading settings_lines_heading = {false, 1, "Line Type", &settings_lines_heading1}; + +// VLANS +const char *settings_vlan_title = "VLAN Configuration"; +const char *settings_vlan_table = "VLAN configuration"; +struct tableHeading settings_vlan_heading8 = {false, 1, "All Routes Hops", 0}; +struct tableHeading settings_vlan_heading7 = {false, 1, "Spanning Tree Hops", &settings_vlan_heading8}; +struct tableHeading settings_vlan_heading6 = {false, 1, "MTU", &settings_vlan_heading7}; +struct tableHeading settings_vlan_heading5 = {false, 1, "SAID", &settings_vlan_heading6}; +struct tableHeading settings_vlan_heading4 = {false, 1, "Firewall Module", &settings_vlan_heading5}; +struct tableHeading settings_vlan_heading3 = {false, 2, "Type", &settings_vlan_heading4}; +struct tableHeading settings_vlan_heading2 = {false, 1, "Active", &settings_vlan_heading3}; +struct tableHeading settings_vlan_heading1 = {false, 2, "Name", &settings_vlan_heading2}; +struct tableHeading settings_vlan_heading = {false, 1, "VLAN", &settings_vlan_heading1}; + +// VTP +const char *settings_vtp_title = "VTP Configuration"; +const char *settings_vtp_table = "VTP configuration"; + +// Switchport +const char *settings_switchport_title = "Switchport Configuration"; +const char *settings_switchport_table = "Switchport configuration"; +struct tableHeading settings_switchport_heading6 = {false, 1, "Security Violation", 0}; +struct tableHeading settings_switchport_heading5 = {false, 1, "Port Security", &settings_switchport_heading6}; +struct tableHeading settings_switchport_heading4 = {false, 1, "Mode", &settings_switchport_heading5}; +struct tableHeading settings_switchport_heading3 = {false, 1, "VLAN", &settings_switchport_heading4}; +struct tableHeading settings_switchport_heading2 = {false, 2, "Description", &settings_switchport_heading3}; +struct tableHeading settings_switchport_heading1 = {false, 1, "Active", &settings_switchport_heading2}; +struct tableHeading settings_switchport_heading = {false, 1, "Interface", &settings_switchport_heading1}; + +// Ports +const char *settings_ports_title = "Port Configuration"; +struct tableHeading settings_ports_heading10 = {false, 1, "STP Guard", 0}; +struct tableHeading settings_ports_heading9 = {false, 1, "VLAN Trunk", &settings_ports_heading10}; +struct tableHeading settings_ports_heading8 = {false, 1, "Trunk", &settings_ports_heading9}; +struct tableHeading settings_ports_heading7 = {false, 1, "CDP", &settings_ports_heading8}; +struct tableHeading settings_ports_heading6 = {false, 1, "Port Security", &settings_ports_heading7}; +struct tableHeading settings_ports_heading5 = {false, 1, "Duplex", &settings_ports_heading6}; +struct tableHeading settings_ports_heading4 = {false, 1, "Speed", &settings_ports_heading5}; +struct tableHeading settings_ports_heading3 = {false, 1, "VLAN", &settings_ports_heading4}; +struct tableHeading settings_ports_heading2 = {false, 1, "Status", &settings_ports_heading3}; +struct tableHeading settings_ports_heading1 = {false, 2, "Name", &settings_ports_heading2}; +struct tableHeading settings_ports_heading = {false, 1, "Port", &settings_ports_heading1}; + + +// Interfaces +const char *settings_inter_title = "Interfaces"; +const char *settings_inter_table = "Interfaces"; +struct tableHeading settings_interIOSswitch_heading10 = {false, 4, "MOP", 0}; +struct tableHeading settings_interIOSswitch_heading9 = {false, 4, "CDP", &settings_interIOSswitch_heading10}; +struct tableHeading settings_interIOSswitch_heading8 = {false, 4, "NTP", &settings_interIOSswitch_heading9}; +struct tableHeading settings_interIOSswitch_heading7 = {false, 11, "IP Direct Broadcast", &settings_interIOSswitch_heading8}; +struct tableHeading settings_interIOSswitch_heading6 = {false, 7, "IP Mask Reply", &settings_interIOSswitch_heading7}; +struct tableHeading settings_interIOSswitch_heading5 = {false, 6, "IP Redirect", &settings_interIOSswitch_heading6}; +struct tableHeading settings_interIOSswitch_heading4 = {false, 10, "IP Unreachable", &settings_interIOSswitch_heading5}; +struct tableHeading settings_interIOSswitch_heading3 = {false, 6, "Proxy ARP", &settings_interIOSswitch_heading4}; +struct tableHeading settings_interIOSswitch_heading2 = {false, 15, "IP Address", &settings_interIOSswitch_heading3}; +struct tableHeading settings_interIOSswitch_heading1 = {false, 6, "Active", &settings_interIOSswitch_heading2}; +struct tableHeading settings_interIOSswitch_heading = {false, 15, "Interface", &settings_interIOSswitch_heading1}; +struct tableHeading settings_interIOS_heading11 = {false, 4, "MOP", 0}; +struct tableHeading settings_interIOS_heading10 = {false, 4, "uRPF", &settings_interIOS_heading11}; +struct tableHeading settings_interIOS_heading9 = {false, 4, "CDP", &settings_interIOS_heading10}; +struct tableHeading settings_interIOS_heading8 = {false, 4, "NTP", &settings_interIOS_heading9}; +struct tableHeading settings_interIOS_heading7 = {false, 11, "IP Direct Broadcast", &settings_interIOS_heading8}; +struct tableHeading settings_interIOS_heading6 = {false, 7, "IP Mask Reply", &settings_interIOS_heading7}; +struct tableHeading settings_interIOS_heading5 = {false, 6, "IP Redirect", &settings_interIOS_heading6}; +struct tableHeading settings_interIOS_heading4 = {false, 10, "IP Unreachable", &settings_interIOS_heading5}; +struct tableHeading settings_interIOS_heading3 = {false, 6, "Proxy ARP", &settings_interIOS_heading4}; +struct tableHeading settings_interIOS_heading2 = {false, 15, "IP Address", &settings_interIOS_heading3}; +struct tableHeading settings_interIOS_heading1 = {false, 6, "Active", &settings_interIOS_heading2}; +struct tableHeading settings_interIOS_heading = {false, 15, "Interface", &settings_interIOS_heading1}; +struct tableHeading settings_interSOS_heading12 = {false, 1, "Web", 0}; +struct tableHeading settings_interSOS_heading11 = {false, 1, "Telnet", &settings_interSOS_heading12}; +struct tableHeading settings_interSOS_heading10 = {false, 1, "SSL", &settings_interSOS_heading11}; +struct tableHeading settings_interSOS_heading9 = {false, 1, "SSH", &settings_interSOS_heading10}; +struct tableHeading settings_interSOS_heading8 = {false, 1, "SNMP", &settings_interSOS_heading9}; +struct tableHeading settings_interSOS_heading7 = {false, 1, "Ping", &settings_interSOS_heading8}; +struct tableHeading settings_interSOS_heading6 = {false, 1, "NS Management", &settings_interSOS_heading7}; +struct tableHeading settings_interSOS_heading5 = {false, 1, "MTrace", &settings_interSOS_heading6}; +struct tableHeading settings_interSOS_heading4 = {false, 1, "Ident Reset", &settings_interSOS_heading5}; +struct tableHeading settings_interSOS_heading3 = {false, 3, "Zone", &settings_interSOS_heading4}; +struct tableHeading settings_interSOS_heading2 = {false, 3, "IP Address", &settings_interSOS_heading3}; +struct tableHeading settings_interSOS_heading1 = {false, 1, "Active", &settings_interSOS_heading2}; +struct tableHeading settings_interSOS_heading = {false, 3, "Interface", &settings_interSOS_heading1}; +struct tableHeading settings_interpix_heading8 = {false, 10, "Out ACL", 0}; +struct tableHeading settings_interpix_heading7 = {false, 10, "In ACL", &settings_interpix_heading8}; +struct tableHeading settings_interpix_heading6 = {false, 5, "uRPF", &settings_interpix_heading7}; +struct tableHeading settings_interpix_heading5 = {false, 7, "Security", &settings_interpix_heading6}; +struct tableHeading settings_interpix_heading4 = {false, 10, "Net Mask", &settings_interpix_heading5}; +struct tableHeading settings_interpix_heading3 = {false, 10, "IP Address", &settings_interpix_heading4}; +struct tableHeading settings_interpix_heading2 = {false, 8, "Shutdown", &settings_interpix_heading3}; +struct tableHeading settings_interpix_heading1 = {false, 15, "Name", &settings_interpix_heading2}; +struct tableHeading settings_interpix_heading = {false, 11, "Interface", &settings_interpix_heading1}; + + +// Zones +const char *settings_zone_title = "Security Zones"; +const char *settings_zone_desc = "*DEVICETYPE* security zones enable the sectioning of a network in order to apply network filtering and other security options. *DEVICETYPE* must have at least two security zones configured in order to facilitate filtering between network areas and each security zone will have at least one network interface bound to it, the global zone will use mapped or virtual *ABBREV*IP*-ABBREV*."; +const char *settings_zones_table = "Security zones"; +struct tableHeading settings_zones_heading6 = {false, 2, "Virtual Router", 0}; +struct tableHeading settings_zones_heading5 = {false, 2, "Tunnel", &settings_zones_heading6}; +struct tableHeading settings_zones_heading4 = {false, 2, "Policy", &settings_zones_heading5}; +struct tableHeading settings_zones_heading3 = {false, 1, "Block", &settings_zones_heading4}; +struct tableHeading settings_zones_heading2 = {false, 1, "VLAN", &settings_zones_heading3}; +struct tableHeading settings_zones_heading1 = {false, 1, "ID", &settings_zones_heading2}; +struct tableHeading settings_zones_heading = {false, 2, "Name", &settings_zones_heading1}; +const char *settings_zone_table = "zone security settings"; + + +// Policy Collections (FW1) +const char *settings_policycol_title = "Policy Collections"; +const char *settings_policycol_table = "policy collection"; +struct tableHeading settings_policycol_heading9 = {false, 3, "Comment", 0}; +struct tableHeading settings_policycol_heading8 = {false, 1, "Log", 0}; +struct tableHeading settings_policycol_heading7 = {false, 2, "Install On", &settings_policycol_heading8}; +struct tableHeading settings_policycol_heading6 = {false, 2, "Through", &settings_policycol_heading7}; +struct tableHeading settings_policycol_heading5 = {false, 3, "Service", &settings_policycol_heading6}; +struct tableHeading settings_policycol_heading4 = {false, 3, "Destination", &settings_policycol_heading5}; +struct tableHeading settings_policycol_heading3 = {false, 3, "Source", &settings_policycol_heading4}; +struct tableHeading settings_policycol_heading2 = {false, 1, "Action", &settings_policycol_heading3}; +struct tableHeading settings_policycol_heading1 = {false, 1, "Enabled", &settings_policycol_heading2}; +struct tableHeading settings_policycol_heading = {false, 1, "Rule", &settings_policycol_heading1}; + +// Access Rules/Policies (SonicOS) +const char *settings_accessrules_title = "Firewall Filtering"; +struct tableHeading settings_accessrules_heading6 = {false, 1, "Fragments", 0}; +struct tableHeading settings_accessrules_heading5 = {false, 3, "Service", &settings_accessrules_heading6}; +struct tableHeading settings_accessrules_heading4 = {false, 3, "Destination", &settings_accessrules_heading5}; +struct tableHeading settings_accessrules_heading3 = {false, 3, "Source", &settings_accessrules_heading4}; +struct tableHeading settings_accessrules_heading2 = {false, 1, "Action", &settings_accessrules_heading3}; +struct tableHeading settings_accessrules_heading1 = {false, 1, "Enabled", &settings_accessrules_heading2}; +struct tableHeading settings_accessrules_heading = {false, 1, "Rule", &settings_accessrules_heading1}; +struct tableHeading settings_accesspolicy_heading7 = {false, 1, "Log", 0}; +struct tableHeading settings_accesspolicy_heading6 = {false, 1, "Fragments", &settings_accesspolicy_heading7}; +struct tableHeading settings_accesspolicy_heading5 = {false, 3, "Service", &settings_accesspolicy_heading6}; +struct tableHeading settings_accesspolicy_heading4 = {false, 3, "Destination", &settings_accesspolicy_heading5}; +struct tableHeading settings_accesspolicy_heading3 = {false, 3, "Source", &settings_accesspolicy_heading4}; +struct tableHeading settings_accesspolicy_heading2 = {false, 1, "Action", &settings_accesspolicy_heading3}; +struct tableHeading settings_accesspolicy_heading1 = {false, 1, "Enabled", &settings_accesspolicy_heading2}; +struct tableHeading settings_accesspolicy_heading = {false, 1, "Policy", &settings_accesspolicy_heading1}; + +// Permit Lists (NMP) +const char *settings_permit_title = "Management Service Permit Lists"; +const char *settings_permit_table = "Management service permit lists"; +struct tableHeading settings_permit_heading1 = {false, 1, "Permission List", 0}; +struct tableHeading settings_permit_heading = {false, 1, "Service", &settings_permit_heading1}; +struct tableHeading settings_permitlist_heading1 = {false, 1, "Net Mask", 0}; +struct tableHeading settings_permitlist_heading = {false, 1, "Host", &settings_permitlist_heading1}; + +// Filters (Passport) +const char *settings_filter_title = "Network Filtering"; +const char *settings_filter_table = "Filters not assigned to any filter sets"; +struct tableHeading settings_filter_heading9 = {false, 1, "Stop", 0}; +struct tableHeading settings_filter_heading8 = {false, 1, "Destination Port", &settings_filter_heading9}; +struct tableHeading settings_filter_heading7 = {false, 2, "Destination", &settings_filter_heading8}; +struct tableHeading settings_filter_heading6 = {false, 1, "Source Port", &settings_filter_heading7}; +struct tableHeading settings_filter_heading5 = {false, 2, "Source", &settings_filter_heading6}; +struct tableHeading settings_filter_heading4 = {false, 1, "Protocol", &settings_filter_heading5}; +struct tableHeading settings_filter_heading3 = {false, 1, "Action", &settings_filter_heading4}; +struct tableHeading settings_filter_heading2 = {false, 1, "Type", &settings_filter_heading3}; +struct tableHeading settings_filter_heading1 = {false, 1, "Name", &settings_filter_heading2}; +struct tableHeading settings_filter_heading = {false, 1, "ID", &settings_filter_heading1}; +struct tableHeading settings_filterset_heading8 = {false, 1, "Stop", 0}; +struct tableHeading settings_filterset_heading7 = {false, 1, "Destination Port", &settings_filterset_heading8}; +struct tableHeading settings_filterset_heading6 = {false, 2, "Destination", &settings_filterset_heading7}; +struct tableHeading settings_filterset_heading5 = {false, 1, "Source Port", &settings_filterset_heading6}; +struct tableHeading settings_filterset_heading4 = {false, 2, "Source", &settings_filterset_heading5}; +struct tableHeading settings_filterset_heading3 = {false, 1, "Protocol", &settings_filterset_heading4}; +struct tableHeading settings_filterset_heading2 = {false, 1, "Action", &settings_filterset_heading3}; +struct tableHeading settings_filterset_heading1 = {false, 1, "Name", &settings_filterset_heading2}; +struct tableHeading settings_filterset_heading = {false, 1, "ID", &settings_filterset_heading1}; + +// Policies (ScreenOS Firewall Rules) +const char *settings_policies_title = "Policy Lists"; +const char *settings_policies_text = "A policy is a set of rules that will determine whether traffic between security zones (interzone), between interfaces in the same zone (intrazone) or between addresses in the global zone are permitted or denied. Each interface can be assigned to a different security zone, and multiple interfaces can be assigned to a single security zone.*NEWPARA*The policy will be processed from the top to the bottom with the first policy rule that applies taking effect. If no rule matches, the default policy will take effect, which is set to deny by default on *DEVICETYPE*. Policies are applied in the following order:"; +struct tableHeading settings_sospolicy_heading3 = {false, 1, "Default policy (deny by default)", 0}; +struct tableHeading settings_sospolicy_heading2 = {false, 1, "Global zone policy", &settings_sospolicy_heading3}; +struct tableHeading settings_sospolicy_heading1 = {false, 1, "Zone to zone policies", &settings_sospolicy_heading2}; +struct tableHeading settings_sospolicy_heading = {false, 1, "Intrazone policies (does nothing unless block intrazone traffic is enabled on the zone)", &settings_sospolicy_heading1}; +struct tableHeading settings_policies_heading6 = {false, 1, "Log", 0}; +struct tableHeading settings_policies_heading5 = {false, 3, "Service", &settings_policies_heading6}; +struct tableHeading settings_policies_heading4 = {false, 3, "Destination", &settings_policies_heading5}; +struct tableHeading settings_policies_heading3 = {false, 3, "Source", &settings_policies_heading4}; +struct tableHeading settings_policies_heading2 = {false, 1, "Permission", &settings_policies_heading3}; +struct tableHeading settings_policies_heading1 = {false, 1, "Disabled", &settings_policies_heading2}; +struct tableHeading settings_policies_heading = {false, 1, "ID", &settings_policies_heading1}; + +// Access Lists +const char *settings_accesslists_title = "Access Control List"; +const char *settings_accesslist_table = "General ACL settings"; +const char *settings_accesslist_css = "*DEVICETYPE* device *ABBREV*ACL*-ABBREV* are sequential lists of permit, deny or bypass clauses that are applied to a VLAN circuit. An *ABBREV*ACL*-ABBREV* is processed sequentially with the first clause that matches the incoming traffic applying. If the entire *ABBREV*ACL*-ABBREV* has been processed without a clause matching, then the traffic is denied by a hidden deny all rule. However, *ABBREV*ACL*-ABBREV* have to be enabled on *DEVICETYPE* otherwise all traffic will be permitted regardless of the *ABBREV*ACL*-ABBREV*. Once enabled, any VLAN circuits without an ACL applied will be denied by the hidden deny all rule.*NEWPARA*ACL are *NEGATIVE*disabled*-NEGATIVE**POSITIVE*enabled*-POSITIVE* on *DEVICENAME*."; +const char *settings_accesslists1 = "A Cisco *ABBREV*ACL*-ABBREV* is a sequential list of apply or deny *ABBREV*ACEs*-ABBREV* that a Cisco device will apply to network traffic. The Cisco device will check network traffic against the *ABBREV*ACL*-ABBREV* and the first *ABBREV*ACE*-ABBREV* match will determine whether the packet is accepted or rejected. If the Cisco device does not have an *ABBREV*ACE*-ABBREV* that applies then the packet is denied. *NONEWPARA*"; +const char *settings_accesslists2 = "*NOTEXTSTART*When a packet is rejected after access list processing, an *ABBREV*ICMP*-ABBREV* host unreachable message is sent, unless it had been disabled.*NEWPARA*There are two different types of *ABBREV*ACLs*-ABBREV* on IOS-based Cisco devices, standard and extended. Standard *ABBREV*ACLs*-ABBREV* have an access list number between 1 and 99, extended *ABBREV*ACLs*-ABBREV* are numbered 100 or above. Standard *ABBREV*ACLs*-ABBREV* only define the source address and process the packet solely based on that. Extended *ABBREV*ACLs*-ABBREV* contain additional checks, such as destination address and network port numbers."; +const char *settings_accesslists3 = "Newer versions of Cisco firewall devices have two different types of *ABBREV*ACL*-ABBREV*, standard and extended. Standard *ABBREV*ACL*-ABBREV* are typically used to secure *ABBREV*OSPF*-ABBREV* routes, whilst extended *ABBREV*ACL*-ABBREV* are used for all other network filtering."; +const char *settings_acl_int_table = "Interfaces with ACL applied"; +struct tableHeading settings_aclinter_heading4 = {false, 1, "Out ACL", 0}; +struct tableHeading settings_aclinter_heading3 = {false, 1, "In ACL", &settings_aclinter_heading4}; +struct tableHeading settings_aclinter_heading2 = {false, 3, "IP Address", &settings_aclinter_heading3}; +struct tableHeading settings_aclinter_heading1 = {false, 1, "Active", &settings_aclinter_heading2}; +struct tableHeading settings_aclinter_heading = {false, 2, "Interface", &settings_aclinter_heading1}; +const char *settings_acl_line_table = "Lines with ACL applied"; +struct tableHeading settings_aclline_heading8 = {false, 1, "ACL Out", 0}; +struct tableHeading settings_aclline_heading7 = {false, 1, "ACL In", &settings_aclline_heading8}; +struct tableHeading settings_aclline_heading6 = {false, 1, "SSH", &settings_aclline_heading7}; +struct tableHeading settings_aclline_heading5 = {false, 1, "Telnet", &settings_aclline_heading6}; +struct tableHeading settings_aclline_heading4 = {false, 1, "Exec", &settings_aclline_heading5}; +struct tableHeading settings_aclline_heading3 = {false, 2, "Logins", &settings_aclline_heading4}; +struct tableHeading settings_aclline_heading2 = {false, 2, "End Line", &settings_aclline_heading3}; +struct tableHeading settings_aclline_heading1 = {false, 2, "Start Line", &settings_aclline_heading2}; +struct tableHeading settings_aclline_heading = {false, 2, "Line Type", &settings_aclline_heading1}; +struct tableHeading settings_acl_css_heading7 = {false, 1, "Log", 0}; +struct tableHeading settings_acl_css_heading6 = {false, 3, "Destination Service", &settings_acl_css_heading7}; +struct tableHeading settings_acl_css_heading5 = {false, 3, "Destination", &settings_acl_css_heading6}; +struct tableHeading settings_acl_css_heading4 = {false, 3, "Source Service", &settings_acl_css_heading5}; +struct tableHeading settings_acl_css_heading3 = {false, 3, "Source", &settings_acl_css_heading4}; +struct tableHeading settings_acl_css_heading2 = {false, 1, "Protocol", &settings_acl_css_heading3}; +struct tableHeading settings_acl_css_heading1 = {false, 1, "Filter", &settings_acl_css_heading2}; +struct tableHeading settings_acl_css_heading = {false, 1, "Clause", &settings_acl_css_heading1}; +const char *settings_accessstd_table = "Standard ACL"; +struct tableHeading settings_accessstd_heading3 = {false, 1, "Log", 0}; +struct tableHeading settings_accessstd_heading2 = {false, 5, "Source", &settings_accessstd_heading3}; +struct tableHeading settings_accessstd_heading1 = {false, 2, "Filter", &settings_accessstd_heading2}; +struct tableHeading settings_accessstd_heading = {false, 1, "Line", &settings_accessstd_heading1}; +struct tableHeading settings_accessstdpix_heading2 = {false, 2, "Source", 0}; +struct tableHeading settings_accessstdpix_heading1 = {false, 2, "Permission", &settings_accessstdpix_heading2}; +struct tableHeading settings_accessstdpix_heading = {false, 1, "Line", &settings_accessstdpix_heading1}; +const char *settings_accesslists_table = "ACL"; +struct tableHeading settings_accesspix_heading6 = {false, 1, "Destination Port", 0}; +struct tableHeading settings_accesspix_heading5 = {false, 2, "Destination", &settings_accesspix_heading6}; +struct tableHeading settings_accesspix_heading4 = {false, 1, "Source Port", &settings_accesspix_heading5}; +struct tableHeading settings_accesspix_heading3 = {false, 2, "Source", &settings_accesspix_heading4}; +struct tableHeading settings_accesspix_heading2 = {false, 1, "Protocol", &settings_accesspix_heading3}; +struct tableHeading settings_accesspix_heading1 = {false, 1, "Permission", &settings_accesspix_heading2}; +struct tableHeading settings_accesspix_heading = {false, 1, "Line", &settings_accesspix_heading1}; +const char *settings_accessext_table = "Extended ACL"; +struct tableHeading settings_accessext_heading8 = {false, 11, "Options", 0}; +struct tableHeading settings_accessext_heading7 = {false, 8, "Log", &settings_accessext_heading8}; +struct tableHeading settings_accessext_heading6 = {false, 11, "Destination Service", &settings_accessext_heading7}; +struct tableHeading settings_accessext_heading5 = {false, 17, "Destination", &settings_accessext_heading6}; +struct tableHeading settings_accessext_heading4 = {false, 11, "Source Service", &settings_accessext_heading5}; +struct tableHeading settings_accessext_heading3 = {false, 17, "Source", &settings_accessext_heading4}; +struct tableHeading settings_accessext_heading2 = {false, 8, "Protocol", &settings_accessext_heading3}; +struct tableHeading settings_accessext_heading1 = {false, 9, "Filter", &settings_accessext_heading2}; +struct tableHeading settings_accessext_heading = {false, 8, "Line", &settings_accessext_heading1}; +struct tableHeading settings_accessextpix_heading8 = {false, 1, "Active", 0}; +struct tableHeading settings_accessextpix_heading7 = {false, 1, "Log", &settings_accessextpix_heading8}; +struct tableHeading settings_accessextpix_heading6 = {false, 1, "Destination Port", &settings_accessextpix_heading7}; +struct tableHeading settings_accessextpix_heading5 = {false, 1, "Destination", &settings_accessextpix_heading6}; +struct tableHeading settings_accessextpix_heading4 = {false, 1, "Source Port", &settings_accessextpix_heading5}; +struct tableHeading settings_accessextpix_heading3 = {false, 1, "Source", &settings_accessextpix_heading4}; +struct tableHeading settings_accessextpix_heading2 = {false, 1, "Protocol", &settings_accessextpix_heading3}; +struct tableHeading settings_accessextpix_heading1 = {false, 1, "Permission", &settings_accessextpix_heading2}; +struct tableHeading settings_accessextpix_heading = {false, 1, "Line", &settings_accessextpix_heading1}; + +// ICMP Access +const char *settings_icmpaccess_title = "ICMP Access"; +const char *settings_icmpaccess_table = "Configured security appliance ICMP restrictions"; +struct tableHeading settings_icmpaccess_heading3 = {false, 1, "Interface", 0}; +struct tableHeading settings_icmpaccess_heading2 = {false, 1, "ICMP Message", &settings_icmpaccess_heading3}; +struct tableHeading settings_icmpaccess_heading1 = {false, 1, "Source", &settings_icmpaccess_heading2}; +struct tableHeading settings_icmpaccess_heading = {false, 1, "Action", &settings_icmpaccess_heading1}; +const char *settings_icmpaccess_desc = "The default behavior of Cisco security appliances is to allow *ABBREV*ICMP*-ABBREV* packets to the security appliances interfaces, with the exception of broadcast *ABBREV*ICMP*-ABBREV* packets. Likewise *ABBREV*ICMP*-ABBREV* packets from an outside address to a protected interface will also be denied. However, it is possible to configure additional filtering to restrict other *ABBREV*ICMP*-ABBREV* traffic to the security appliance."; + +// Protocol Inspection - fixup (old pix), inspect (new pix) +const char *settings_protoinspect_title = "Protocol Inspection"; +const char *settings_protoinspect_desc = "Cisco firewall devices are capable of inspecting protocol traffic such as *ABBREV*DNS*-ABBREV*, *ABBREV*HTTP*-ABBREV* and *ABBREV*SMTP*-ABBREV*. This allows traffic to be filtered based on the protocol and can prevent a number of attacks. For example, the *ABBREV*SMTP*-ABBREV* filter can prevent certain *ABBREV*SMTP*-ABBREV* commands from being executed."; +const char *settings_protoinspect_table = "Protocols inspected"; +struct tableHeading settings_protoinspect_heading2 = {false, 1, "Option", 0}; +struct tableHeading settings_protoinspect_heading1 = {false, 1, "Inspect", &settings_protoinspect_heading2}; +struct tableHeading settings_protoinspect_heading = {false, 1, "Protocol", &settings_protoinspect_heading1}; + +// Gateway Cluster Objects (FW1)... +const char *settings_objects_gatewaycluster_title = "Gateway Cluster Definitions"; +const char *settings_objects_gatewaycluster_table = "gateway cluster configuration"; +const char *settings_objects_gatewaycluster_int_table = "gateway cluster interfaces"; +const char *settings_objects_gatewaycluster_mem_table = "gateway cluster members"; +struct tableHeading settings_object_gatemem_heading1 = {false, 1, "Name", 0}; +struct tableHeading settings_object_gatemem_heading = {false, 1, "Member", &settings_object_gatemem_heading1}; + +// Gateway Cluster Member Objects (FW1)... +const char *settings_objects_gatewayclustermem_title = "Gateways Cluster Member Definitions"; +const char *settings_objects_gatewayclustermem_table = "gateway cluster member configuration"; +const char *settings_objects_gatewayclustermem_int_table = "gateway cluster member interfaces"; + +// Gateway Objects (FW1)... +const char *settings_objects_gateway_title = "Gateways Definitions"; +const char *settings_objects_gateway_table = "gateway configuration"; +const char *settings_objects_gateway_int_table = "gateway interfaces"; +struct tableHeading settings_object_gateinter_heading4 = {false, 1, "Net Mask", 0}; +struct tableHeading settings_object_gateinter_heading3 = {false, 1, "IP Address", &settings_object_gateinter_heading4}; +struct tableHeading settings_object_gateinter_heading2 = {false, 1, "Dynamic IP", &settings_object_gateinter_heading3}; +struct tableHeading settings_object_gateinter_heading1 = {false, 1, "Name", &settings_object_gateinter_heading2}; +struct tableHeading settings_object_gateinter_heading = {false, 1, "Interface", &settings_object_gateinter_heading1}; + +// Host Objects (FW1)... +const char *settings_objects_hosts_title = "Host Definitions"; +const char *settings_objects_hosts_table = "Host definitions"; +struct tableHeading settings_object_host_heading2 = {false, 1, "Managed", 0}; +struct tableHeading settings_object_host_heading1 = {false, 1, "IP Address", &settings_object_host_heading2}; +struct tableHeading settings_object_host_heading = {false, 1, "Host Name", &settings_object_host_heading1}; + +// Network Objects (FW1)... +const char *settings_objects_network_title = "Network Definitions"; +const char *settings_objects_network_table = "Network object definitions"; +struct tableHeading settings_object_network_heading3 = {false, 1, "Managed", 0}; +struct tableHeading settings_object_network_heading2 = {false, 1, "Net Mask", &settings_object_network_heading3}; +struct tableHeading settings_object_network_heading1 = {false, 1, "IP Address", &settings_object_network_heading2}; +struct tableHeading settings_object_network_heading = {false, 1, "Network Name", &settings_object_network_heading1}; + +// Dynamic Network Objects (FW1)... +const char *settings_objects_dynnet_title = "Dynamic Network Definitions"; +const char *settings_objects_dynamicnet_table = "Dynamic network object definitions"; +struct tableHeading settings_object_dynamicnet_heading = {false, 1, "Name", 0}; + +// Group Objects (FW1)... +const char *settings_objects_groups_title = "Group Object Definitions"; +const char *settings_objects_group_table = "object group"; +struct tableHeading settings_object_group_heading4 = {false, 1, "Managed", 0}; +struct tableHeading settings_object_group_heading3 = {false, 1, "Net Mask", &settings_object_group_heading4}; +struct tableHeading settings_object_group_heading2 = {false, 1, "IP Address", &settings_object_group_heading3}; +struct tableHeading settings_object_group_heading1 = {false, 1, "Object Type", &settings_object_group_heading2}; +struct tableHeading settings_object_group_heading = {false, 1, "Name", &settings_object_group_heading1}; + +// Machines Range Objects (FW1)... +const char *settings_objects_machrange_title = "Machines Range Definitions"; +const char *settings_objects_machrange_table = "Machines range definitions"; +struct tableHeading settings_object_machrange_heading2 = {false, 1, "Last IP", 0}; +struct tableHeading settings_object_machrange_heading1 = {false, 1, "First IP", &settings_object_machrange_heading2}; +struct tableHeading settings_object_machrange_heading = {false, 1, "Range Name", &settings_object_machrange_heading1}; + +// Objects... +const char *settings_objects_title = "Object Groups"; +const char *settings_objects_desc = "Cisco object groups can be used to group items such as *ABBREV*IP*-ABBREV* addresses, services and protocols. Object groups can be used with any Cisco security appliance command and the command will be effective for all members of the group, this can significantly simplify the devices configuration. Furthermore, object groups can be members or other object groups. There are different types of object group:"; +struct tableHeading settings_objects_heading3 = {false, 0, "ICMP Types", 0}; +struct tableHeading settings_objects_heading2 = {false, 0, "Networks", &settings_objects_heading3}; +struct tableHeading settings_objects_heading1 = {false, 0, "Protocols", &settings_objects_heading2}; +struct tableHeading settings_objects_heading = {false, 0, "Services", &settings_objects_heading1}; +const char *settings_objects_table = "object group"; +struct tableHeading settings_object_heading1 = {false, 1, "Object", 0}; +struct tableHeading settings_object_heading = {false, 1, "Object Type", &settings_object_heading1}; + +// Services (SonicOS)... +const char *settings_sonicosservices_title = "Service Definitions"; +const char *settings_sonicosservices_table = "Service definitions"; +struct tableHeading settings_sonicosservices_heading3 = {false, 0, "IP Type", 0}; +struct tableHeading settings_sonicosservices_heading2 = {false, 0, "Port(s)", &settings_sonicosservices_heading3}; +struct tableHeading settings_sonicosservices_heading1 = {false, 0, "Name", &settings_sonicosservices_heading2}; +struct tableHeading settings_sonicosservices_heading = {false, 0, "ID", &settings_sonicosservices_heading1}; + +// Service Groups (FW1)... +const char *settings_fw1servicegroup_title = "Service Groups"; +const char *settings_fw1servicegroup_table = "service group"; +struct tableHeading settings_fw1servicegroup_heading = {false, 0, "Name", 0}; + +// Services (FW1)... +const char *settings_fw1services_title = "Services"; +struct tableHeading settings_fw1services_heading3 = {false, 0, "Comments", 0}; +struct tableHeading settings_fw1services_heading2 = {false, 0, "Port", &settings_fw1services_heading3}; +struct tableHeading settings_fw1services_heading1 = {false, 0, "Protocol", &settings_fw1services_heading2}; +struct tableHeading settings_fw1services_heading = {false, 0, "Service", &settings_fw1services_heading1}; + +// Address / Name Mappings +const char *settings_namemap_title = "IP Address Name Mappings"; +const char *settings_namegroupmap_title = "IP Address Name Mapping Groups"; +struct tableHeading settings_namemapgroup_heading1 = {false, 1, "Mapping Name", 0}; +struct tableHeading settings_namemapgroup_heading = {false, 1, "Group Name", &settings_namemapgroup_heading1}; +const char *settings_namemap_table = "IP address name mappings"; +struct tableHeading settings_namemap_heading1 = {false, 1, "IP Address", 0}; +struct tableHeading settings_namemap_heading = {false, 1, "Name", &settings_namemap_heading1}; +struct tableHeading settings_namemapSOS_heading3 = {false, 1, "Comment", 0}; +struct tableHeading settings_namemapSOS_heading2 = {false, 1, "Net Mask", &settings_namemapSOS_heading3}; +struct tableHeading settings_namemapSOS_heading1 = {false, 1, "IP Address / FQDN", &settings_namemapSOS_heading2}; +struct tableHeading settings_namemapSOS_heading = {false, 1, "Name", &settings_namemapSOS_heading1}; + + +// ---------------------------------------------------------------------------------- +// Appendix Text... + +const char *appendix_title = "Appendix"; + +// Abbreviations +const char *appendix_abbrev_title = "Abbreviations"; + +// Common Ports +const char *appendix_ports_title = "Common Ports"; +const char *appendix_ports_table = "Common ports"; +struct tableHeading appendix_ports_heading1 = {false, 1, "Port", 0}; +struct tableHeading appendix_ports_heading = {false, 2, "Service", &appendix_ports_heading1}; + +// Logging Levels +const char *appendix_logging_title = "Logging Severity Levels"; +const char *appendix_logging_table = "Logging message severity levels"; +struct tableHeading appendix_logging_heading2 = {false, 3, "Description", 0}; +struct tableHeading appendix_logging_heading1 = {false, 2, "Level Name", &appendix_logging_heading2}; +struct tableHeading appendix_logging_heading = {false, 1, "Level", &appendix_logging_heading1}; + +// Time Zones +const char *appendix_timezones_title = "Time Zones"; +const char *appendix_timezones_table = "Common time zone acronyms"; +struct tableHeading appendix_timezones_heading3 = {false, 1, "UTC Offset", 0}; +struct tableHeading appendix_timezones_heading2 = {false, 4, "Time Zone", &appendix_timezones_heading3}; +struct tableHeading appendix_timezones_heading1 = {false, 1, "Acronym", &appendix_timezones_heading2}; +struct tableHeading appendix_timezones_heading = {false, 2, "Region", &appendix_timezones_heading1}; + +// Nipper Version +const char *appendix_version_title = "Nipper Details"; +const char *appendix_version_desc1 = "This report was generated using Nipper version *NONEWPARA*"; +const char *appendix_version_desc2 = "*NOTEXTSTART*. Nipper is an Open Source tool designed to assist security professionals and network system administrators securely configure network infrastructure devices. The latest version of Nipper can be found at the following URL:*NEWPARA*http://nipper.titania.co.uk."; + diff --git a/0.11.10/common/report-vulns.c b/0.11.10/common/report-vulns.c new file mode 100644 index 0000000..2350eef --- /dev/null +++ b/0.11.10/common/report-vulns.c @@ -0,0 +1,219 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#define vuln_req_none 0 +#define vuln_req_telnet 1 +#define vuln_req_http 2 +#define vuln_req_ssh 3 +#define vuln_req_tacacs 4 +#define vuln_req_tftp 5 +#define vuln_req_ospf 6 + +struct vulnerability +{ + int startVersionMajor; // Vuln Version from... + int startVersionMinor; + int startVersionRevision; + int endVersionMajor; // Vuln Version to... + int endVersionMinor; + int endVersionRevision; + char *cve; // CVE + char *bid; // BID + char *description; // Description + int dos; // Is it a DoS? + int remote; // Is it remote code execution? + int require; // Requirement (e.g. vuln_req_http) + int include; // Include vulnerability? + struct vulnerability *next; +}; + +// IOS Vulnerabilities +struct vulnerability report_vuln_ios12 = {12, 0, 0, 12, 4, 0, + "CVE-2007-0480", "22211", + "Crafted IPv4 option remote code execution", + true, true, + vuln_req_none, false, 0}; +struct vulnerability report_vuln_ios11 = {9, 0, 0, 12, 4, 0, + "CVE-2007-0479", "22208", + "IPv4 TCP listener denial of service", + true, false, + vuln_req_none, false, &report_vuln_ios12}; +struct vulnerability report_vuln_ios10 = {9, 0, 0, 12, 3, 9, + "CVE-2004-1464", "11060", + "Telnet remote denial of service", + true, false, + vuln_req_telnet, false, &report_vuln_ios11}; +struct vulnerability report_vuln_ios9 = {12, 0, 0, 12, 1, 0, + "-", "10014", + "HTTP malformed request denial of service", + true, false, + vuln_req_http, false, &report_vuln_ios10}; +struct vulnerability report_vuln_ios8 = {10, 3, 3, 12, 2, 17, + "CVE-2003-0647", "8373", + "2GB HTTP GET buffer overflow", + false, true, + vuln_req_http, false, &report_vuln_ios9}; +struct vulnerability report_vuln_ios7 = {11, 1, 0, 12, 0, 7, + "CVE-2003-0100", "6895", + "OSPF neighbor buffer overflow", + true, true, + vuln_req_ospf, false, &report_vuln_ios8}; +struct vulnerability report_vuln_ios6 = {11, 1, 0, 11, 3, 0, + "CVE-2002-0813", "5328", + "TFTP server long file name buffer overflow", + true, true, + vuln_req_tftp, false, &report_vuln_ios7}; +struct vulnerability report_vuln_ios5 = {12, 0, 0, 12, 2, 0, + "CVE-2002-1024", "5114", + "SSH denial of service", + true, false, + vuln_req_ssh, false, &report_vuln_ios6}; +struct vulnerability report_vuln_ios4 = {11, 3, 0, 12, 2, 0, + "CVE-2001-0537", "2936", + "HTTP configuration arbitrary administrative access", + false, true, + vuln_req_http, false, &report_vuln_ios5}; +struct vulnerability report_vuln_ios3 = {12, 0, 0, 12, 1, 0, + "CVE-2000-0984", "1838", + "?/ HTTP request denial of service", + true, false, + vuln_req_http, false, &report_vuln_ios4}; +struct vulnerability report_vuln_ios2 = {11, 1, 0, 12, 0, 7, + "CVE-2000-0380", "1154", + "HTTP %% vulnerability", + true, false, + vuln_req_http, false, &report_vuln_ios3}; +struct vulnerability report_vuln_ios1 = {11, 3, 0, 12, 0, 7, + "CVE-2000-0268", "1123", + "Telnet option handling vulnerability", + true, false, + vuln_req_telnet, false, &report_vuln_ios2}; +struct vulnerability report_vuln_ios = {9, 1, 0, 11, 3, 1, + "-", "692", + "Remote denial of service", + true, false, + vuln_req_none, false, &report_vuln_ios1}; + +// PIX Vulnerabilities +struct vulnerability report_vuln_pix3 = {7, 2, 2, 7, 2, 2, + "CVE-2007-0962", "22562", + "Privilege escalation", + false, false, + vuln_req_none, false, 0}; +struct vulnerability report_vuln_pix2 = {6, 3, 0, 7, 0, 5, + "CVE-2007-0962", "22561", + "Multiple remote denial of service", + true, false, + vuln_req_none, false, &report_vuln_pix3}; +struct vulnerability report_vuln_pix1 = {5, 2, 0, 6, 2, 0, + "CVE-2002-1024", "5114", + "SSH denial of service", + true, false, + vuln_req_ssh, false, &report_vuln_pix2}; +struct vulnerability report_vuln_pix = {4, 0, 0, 5, 3, 0, + "CVE-2001-0375", "2551", + "TACACS+ denial of service", + true, false, + vuln_req_tacacs, false, &report_vuln_pix1}; + +// FWSM Vulnerabilities +struct vulnerability report_vuln_fwsm2 = {3, 2, 3, 3, 2, 3, + "CVE-2007-5584", "", + "******************************", + false, false, + vuln_req_none, false, 0}; +struct vulnerability report_vuln_fwsm1 = {2, 3, 0, 3, 1, 3, + "CVE-2007-0962", "22561", + "Multiple remote denial of service issues", + true, false, + vuln_req_none, false, 0}; +struct vulnerability report_vuln_fwsm = {1, 1, 2, 1, 1, 2, + "-", "9222", + "Multiple HTTP vulnerabilities", + false, true, + vuln_req_http, false, &report_vuln_fwsm1}; + +// CatOS / NMP +struct vulnerability report_vuln_nmp4 = {7, 5, 1, 7, 5, 1, + "-", "7424", + "Authentication bypass vulnerability", + false, true, + vuln_req_ssh, false, 0}; +struct vulnerability report_vuln_nmp3 = {5, 3, 1, 7, 1, 2, + "CVE-2002-1024", "5114", + "SSH denial of service", + true, false, + vuln_req_ssh, false, &report_vuln_nmp4}; +struct vulnerability report_vuln_nmp2 = {4, 5, 2, 7, 1, 0, + "CVE-2001-0554", "3064", + "Telnet buffer overflow", + false, true, + vuln_req_telnet, false, &report_vuln_nmp3}; +struct vulnerability report_vuln_nmp1 = {6, 1, 1, 6, 1, 1, + "CVE-2001-0080", "2117", + "SSH protocol mismatch denial of service", + false, false, + vuln_req_ssh, false, &report_vuln_nmp2}; +struct vulnerability report_vuln_nmp = {5, 4, 1, 5, 4, 1, + "CVE-2000-0267", "1122", + "Enable password bypass vulnerability", + false, false, + vuln_req_none, false, &report_vuln_nmp1}; + +// Check Vulnerability OS Versions +void checkVulnVersion(struct nipperConfig *nipper, struct vulnerability *vulnPointer) +{ + // Check to see if it is older... + if ((nipper->versionMajor < vulnPointer->startVersionMajor) || ((nipper->versionMajor == vulnPointer->startVersionMajor) && (nipper->versionMinor < vulnPointer->startVersionMinor))) + return; + + // Check to see if it is newer... + if ((nipper->versionMajor > vulnPointer->endVersionMajor) || ((nipper->versionMajor == vulnPointer->endVersionMajor) && (nipper->versionMinor > vulnPointer->endVersionMinor))) + return; + + if ((nipper->deviceType != type_ios_router) && (nipper->deviceType != type_ios_switch) && (nipper->deviceType != type_ios_catalyst)) + { + // Check to see if revision is older... + if ((nipper->versionMajor == vulnPointer->startVersionMajor) && (nipper->versionMinor == vulnPointer->startVersionMinor) && (nipper->versionRevision < vulnPointer->startVersionRevision)) + return; + + // Check to see if revision is newer... + if ((nipper->versionMajor == vulnPointer->endVersionMajor) && (nipper->versionMinor == vulnPointer->endVersionMinor) && (nipper->versionRevision > vulnPointer->endVersionRevision)) + return; + } + + // Set counters... + nipper->vulnIssues++; // Vuln counter + vulnPointer->include = true; // Include Vuln + if (vulnPointer->dos == true) // Is it a DoS? + nipper->vulnIssueDos = true; + if (vulnPointer->remote == true) // Is it a Remote? + nipper->vulnIssueRemote = true; +} diff --git a/0.11.10/common/report.c b/0.11.10/common/report.c new file mode 100644 index 0000000..f53b723 --- /dev/null +++ b/0.11.10/common/report.c @@ -0,0 +1,694 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +void generateReport(struct nipperConfig *nipper) +{ + // Variables... + int securityIssues = 0; + char tempString[nipper->maxSize]; + int tempInt = 0; + FILE *cssFile; + struct reportText *reportTextPointer = 0; + struct tableHeading *conclusionsList = 0; + struct tableHeading *conclusionsPointer = 0; + + // Table Pointers + switch (nipper->outputFormat) + { + case output_html: + nipper->tablerow_start = table_html_rowstart; + nipper->tablerow_mid = table_html_rowmid; + nipper->tablerow_end = table_html_rowend; + nipper->tablerow_itemsep = table_html_itemsep; + break; + case output_xml: + nipper->tablerow_start = table_xml_rowstart; + nipper->tablerow_mid = table_xml_rowmid; + nipper->tablerow_end = table_xml_rowend; + nipper->tablerow_itemsep = table_xml_itemsep; + break; + case output_text: + nipper->tablerow_start = table_text_rowstart; + nipper->tablerow_mid = table_text_rowmid; + nipper->tablerow_end = table_text_rowend; + nipper->tablerow_itemsep = table_text_itemsep; + break; + case output_latex: + nipper->tablerow_start = table_latex_rowstart; + nipper->tablerow_mid = table_latex_rowmid; + nipper->tablerow_end = table_latex_rowend; + nipper->tablerow_itemsep = table_latex_itemsep; + break; + } + + // Get number of security issues... + reportTextPointer = nipper->report; + while (reportTextPointer != 0) + { + if (reportTextPointer->section == section_security) + securityIssues++; + reportTextPointer = reportTextPointer->next; + } + + // Create / open file for output + if (nipper->outputFile == 0) + nipper->reportFile = stdout; + else + { + nipper->reportFile = fopen(nipper->outputFile, "w"); + if (nipper->reportFile == NULL) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_report_file; + return; + } + } + + // If CSV file specified... + if (nipper->csvFilename != 0) + nipper->csvFile = fopen(nipper->csvFilename, "w"); + + // Set output friendly hostname + outputFriendly(nipper->hostname, nipper->friendlyHostname, nipper->maxSize, nipper->outputFormat); + + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "\n\n \n "); + switch (nipper->deviceType) + { + case type_ios_switch: + fprintf(nipper->reportFile, "Cisco Switch"); + break; + case type_ios_router: + fprintf(nipper->reportFile, "Cisco Router"); + break; + case type_nmp_catalyst: + case type_cos_catalyst: + case type_ios_catalyst: + fprintf(nipper->reportFile, "Cisco Catalyst"); + break; + case type_asa_firewall: + case type_fwsm_firewall: + case type_pix_firewall: + fprintf(nipper->reportFile, "Cisco Firewall"); + break; + case type_css_filter: + fprintf(nipper->reportFile, "Cisco CSS"); + break; + case type_sos_firewall: + fprintf(nipper->reportFile, "Juniper NetScreen Firewall"); + break; + case type_passport: + fprintf(nipper->reportFile, "Nortel Passport"); + break; + case type_bayaccelar: + fprintf(nipper->reportFile, "Bay Networks Accelar"); + break; + case type_fw1_firewall: + fprintf(nipper->reportFile, "CheckPoint Firewall-1"); + break; + case type_nokiaip: + fprintf(nipper->reportFile, "Nokia IP Firewall"); + break; + case type_sonicwall: + fprintf(nipper->reportFile, "SonicWall Firewall"); + break; + } + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + { + if (nipper->fullReport == true) + fprintf(nipper->reportFile, " Security Report"); + else + fprintf(nipper->reportFile, " Configuration Report"); + } + else + { + if (nipper->fullReport == true) + fprintf(nipper->reportFile, " %s Security Report", nipper->friendlyHostname); + else + fprintf(nipper->reportFile, " %s Configuration Report", nipper->friendlyHostname); + } + fprintf(nipper->reportFile, "\n \n \n \n
\n

%s


\n

", nipper->companyName); + switch (nipper->deviceType) + { + case type_ios_switch: + fprintf(nipper->reportFile, "Cisco Switch"); + break; + case type_ios_router: + fprintf(nipper->reportFile, "Cisco Router"); + break; + case type_nmp_catalyst: + case type_cos_catalyst: + case type_ios_catalyst: + fprintf(nipper->reportFile, "Cisco Catalyst"); + break; + case type_asa_firewall: + case type_fwsm_firewall: + case type_pix_firewall: + fprintf(nipper->reportFile, "Cisco Firewall"); + break; + case type_css_filter: + fprintf(nipper->reportFile, "Cisco CSS"); + break; + case type_sos_firewall: + fprintf(nipper->reportFile, "Juniper NetScreen Firewall"); + break; + case type_passport: + fprintf(nipper->reportFile, "Nortel Passport"); + break; + case type_bayaccelar: + fprintf(nipper->reportFile, "Bay Networks Accelar"); + break; + case type_fw1_firewall: + fprintf(nipper->reportFile, "CheckPoint Firewall-1"); + break; + case type_nokiaip: + fprintf(nipper->reportFile, "Nokia IP Firewall"); + break; + case type_sonicwall: + fprintf(nipper->reportFile, "SonicWall Firewall"); + break; + } + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + { + if (nipper->fullReport == true) + fprintf(nipper->reportFile, " Security Report

\n"); + else + fprintf(nipper->reportFile, " Configuration Report

\n"); + } + else + { + if (nipper->fullReport == true) + fprintf(nipper->reportFile, " Security Report

\n

of the

\n

%s ", nipper->friendlyHostname); + else + fprintf(nipper->reportFile, " Configuration Report

\n

of the

\n

%s ", nipper->friendlyHostname); + switch (nipper->deviceType) + { + case type_ios_switch: + fprintf(nipper->reportFile, "Cisco Switch"); + break; + case type_ios_router: + fprintf(nipper->reportFile, "Cisco Router"); + break; + case type_nmp_catalyst: + case type_cos_catalyst: + case type_ios_catalyst: + fprintf(nipper->reportFile, "Cisco Catalyst"); + break; + case type_asa_firewall: + case type_fwsm_firewall: + case type_pix_firewall: + fprintf(nipper->reportFile, "Cisco Firewall"); + break; + case type_css_filter: + fprintf(nipper->reportFile, "Cisco CSS"); + break; + case type_sos_firewall: + fprintf(nipper->reportFile, "Juniper NetScreen Firewall"); + break; + case type_passport: + fprintf(nipper->reportFile, "Nortel Passport"); + break; + case type_bayaccelar: + fprintf(nipper->reportFile, "Bay Networks Accelar"); + break; + case type_sonicwall: + fprintf(nipper->reportFile, "SonicWall Firewall"); + break; + } + fprintf(nipper->reportFile, "

\n"); + } + break; + + case output_xml: + fprintf(nipper->reportFile, "\ndeviceType) + { + case type_ios_switch: + fprintf(nipper->reportFile, "Cisco Switch"); + break; + case type_ios_router: + fprintf(nipper->reportFile, "Cisco Router"); + break; + case type_nmp_catalyst: + case type_cos_catalyst: + case type_ios_catalyst: + fprintf(nipper->reportFile, "Cisco Catalyst"); + break; + case type_asa_firewall: + case type_fwsm_firewall: + case type_pix_firewall: + fprintf(nipper->reportFile, "Cisco Firewall"); + break; + case type_css_filter: + fprintf(nipper->reportFile, "Cisco CSS"); + break; + case type_sos_firewall: + fprintf(nipper->reportFile, "Juniper NetScreen Firewall"); + break; + case type_passport: + fprintf(nipper->reportFile, "Nortel Passport"); + break; + case type_bayaccelar: + fprintf(nipper->reportFile, "Bay Networks Accelar"); + break; + case type_fw1_firewall: + fprintf(nipper->reportFile, "CheckPoint Firewall-1"); + break; + case type_nokiaip: + fprintf(nipper->reportFile, "Nokia IP Firewall"); + break; + case type_sonicwall: + fprintf(nipper->reportFile, "SonicWall Firewall"); + break; + } + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + { + if (nipper->fullReport == true) + fprintf(nipper->reportFile, " Security Report\">\n"); + else + fprintf(nipper->reportFile, " Configuration Report\">\n"); + } + else + { + if (nipper->fullReport == true) + fprintf(nipper->reportFile, " %s Security Report\" device=\"%s\">\n", nipper->friendlyHostname, nipper->friendlyHostname); + else + fprintf(nipper->reportFile, " %s Configuration Report\" device=\"%s\">\n", nipper->friendlyHostname, nipper->friendlyHostname); + } + break; + + case output_text: + switch (nipper->deviceType) + { + case type_ios_switch: + fprintf(nipper->reportFile, "Cisco Switch"); + tempInt = 12; + break; + case type_ios_router: + fprintf(nipper->reportFile, "Cisco Router"); + tempInt = 12; + break; + case type_nmp_catalyst: + case type_cos_catalyst: + case type_ios_catalyst: + fprintf(nipper->reportFile, "Cisco Catalyst"); + tempInt = 14; + break; + case type_asa_firewall: + case type_fwsm_firewall: + case type_pix_firewall: + fprintf(nipper->reportFile, "Cisco Firewall"); + tempInt = 14; + break; + case type_css_filter: + fprintf(nipper->reportFile, "Cisco CSS"); + tempInt = 9; + break; + case type_sos_firewall: + fprintf(nipper->reportFile, "Juniper NetScreen Firewall"); + tempInt = 26; + break; + case type_passport: + fprintf(nipper->reportFile, "Nortel Passport"); + tempInt = 15; + break; + case type_bayaccelar: + fprintf(nipper->reportFile, "Bay Networks Accelar"); + tempInt = 20; + break; + case type_fw1_firewall: + fprintf(nipper->reportFile, "CheckPoint Firewall-1"); + tempInt = 21; + break; + case type_nokiaip: + fprintf(nipper->reportFile, "Nokia IP Firewall"); + tempInt = 17; + break; + case type_sonicwall: + fprintf(nipper->reportFile, "SonicWall Firewall"); + tempInt = 18; + break; + } + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + { + if (nipper->fullReport == true) + { + tempInt = tempInt + 16; + fprintf(nipper->reportFile, " Security Report\n"); + } + else + { + tempInt = tempInt + 21; + fprintf(nipper->reportFile, " Configuration Report\n"); + } + } + else + { + if (nipper->fullReport == true) + { + tempInt = tempInt + 17 + strlen(nipper->hostname); + fprintf(nipper->reportFile, " %s Security Report\n", nipper->hostname); + } + else + { + tempInt = tempInt + 22 + strlen(nipper->hostname); + fprintf(nipper->reportFile, " %s Configuration Report\n", nipper->hostname); + } + } + while (tempInt > 0) + { + fprintf(nipper->reportFile, "="); + tempInt--; + } + fprintf(nipper->reportFile, "\n\n"); + break; + + case output_latex: + fprintf(nipper->reportFile, "\\documentclass[%s]{%s}\n\n\\begin{document}\n\n", nipper->paperSize, nipper->documentClass); + break; + } + + // Reset Counters... + nipper->sectionCount = 0; + nipper->subSectionCount = 0; + + if ((nipper->outputFormat != output_xml) && (nipper->outputFormat != output_latex)) + { + // Contents + output_parseTitle("Contents", nipper, section_contents); + output_parseSectionIndex("About This Report", nipper); + output_parseIndex("Organisation", nipper, section_about); + output_parseIndex("Conventions", nipper, section_about); + + // ------------------------- + // Security Section Contents + // ------------------------- + if (nipper->fullReport == true) + { + output_parseSectionIndex(report_security_title, nipper); + + output_parseIndex("Introduction", nipper, section_security); + + // Output Section Titles... + reportTextPointer = nipper->report; + while (reportTextPointer != 0) + { + if (reportTextPointer->section == section_security) + output_parseIndex(reportTextPointer->sectionTitle, nipper, reportTextPointer->section); + reportTextPointer = reportTextPointer->next; + } + + output_parseIndex("Conclusions", nipper, section_security); + + // End of security index + switch (nipper->outputFormat) + { + case output_text: + fprintf(nipper->reportFile, "\n"); + break; + } + } + + // ------------------------------ + // Configuration Section Contents + // ------------------------------ + if (nipper->configReport == true) + { + output_parseSectionIndex(report_config_title, nipper); + + output_parseIndex("Introduction", nipper, section_config); + + // Output Section Titles... + reportTextPointer = nipper->report; + while (reportTextPointer != 0) + { + if (reportTextPointer->section == section_config) + output_parseIndex(reportTextPointer->sectionTitle, nipper, reportTextPointer->section); + reportTextPointer = reportTextPointer->next; + } + + switch (nipper->outputFormat) + { + case output_text: + fprintf(nipper->reportFile, "\n"); + break; + } + } + + // End of index + output_abbrevContents(nipper); + output_endsection(nipper, subsection_end); + } + + // Reset Counters... + nipper->sectionCount = 0; + nipper->subSectionCount = 0; + + +// --------------------------------------------------------------------------------------------------------- +// About this Report Section + + output_parseTitle("About This Report", nipper, section_main_abt); + + // Document Organisation... + output_parseTitle("Organisation", nipper, section_about); + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + output_parseText(report_organisation_fw1, nipper, section_none, rate_none, tempInt, 0); + else + output_parseText(report_organisation, nipper, section_none, rate_none, tempInt, 0); + conclusionsList = &report_organisation_heading; + if (nipper->fullReport == false) + conclusionsList->password = true; + conclusionsList = conclusionsList->next; + if (nipper->configReport == false) + conclusionsList->password = true; + conclusionsList = conclusionsList->next; + if ((nipper->appendix == false) || (nipper->abs == false)) + conclusionsList->password = true; + conclusionsList = conclusionsList->next; + if ((nipper->appendix == false) || (nipper->commonPorts == false)) + conclusionsList->password = true; + conclusionsList = conclusionsList->next; + if ((nipper->appendix == false) || (nipper->loggingLevels == false)) + conclusionsList->password = true; + conclusionsList = conclusionsList->next; + if ((nipper->appendix == false) || (nipper->timeZones == false)) + conclusionsList->password = true; + conclusionsList = conclusionsList->next; + if ((nipper->appendix == false) || (nipper->nipperVersion == false)) + conclusionsList->password = true; + conclusionsList = 0; + output_list(nipper, &report_organisation_heading); + + output_endsection(nipper, subsection_end); + + // Document conventions... + output_parseTitle("Conventions", nipper, section_about); + output_parseText(report_conventions, nipper, section_none, rate_none, 0, nipper->tableNum); + output_table(nipper, true, report_conventions_table, &report_conventions_heading); + fprintf(nipper->reportFile, "%s", nipper->tablerow_start); + output_parseText(report_conventions1_1, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + output_parseText(report_conventions1_2, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%s", nipper->tablerow_start); + output_parseText(report_conventions2_1, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + output_parseText(report_conventions2_2, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%s", nipper->tablerow_start); + output_parseText(report_conventions3_1, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + output_parseText(report_conventions3_2, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%s", nipper->tablerow_start); + output_parseText(report_conventions4_1, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + output_parseText(report_conventions4_2, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + fprintf(nipper->reportFile, "%s", nipper->tablerow_start); + output_parseText(report_conventions5_1, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_mid); + output_parseText(report_conventions5_2, nipper, section_none, rate_none, 0, 0); + fprintf(nipper->reportFile, "%s", nipper->tablerow_end); + output_table(nipper, false, report_conventions_table, &report_conventions_heading); + output_endsection(nipper, subsection_end); + + output_endsection(nipper, section_end); + + +// --------------------------------------------------------------------------------------------------------- +// Security Report Section + + // Security Report section + if (nipper->fullReport == true) + { + // Introduction + output_parseTitle(report_security_title, nipper, section_main_sec); + output_parseTitle("Introduction", nipper, section_security); + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + output_parseText(report_security_intro_fw1, nipper, section_none, rate_none, securityIssues, 0); + else + output_parseText(report_security_intro, nipper, section_none, rate_none, securityIssues, 0); + output_endsection(nipper, subsection_end); + + // Issue Sections... + reportTextPointer = nipper->report; + while (reportTextPointer != 0) + { + if (reportTextPointer->section == section_security) + { + output_parseTitle(reportTextPointer->sectionTitle, nipper, section_security); + reportTextPointer->writeSection(nipper); + output_endsection(nipper, subsection_end); + } + reportTextPointer = reportTextPointer->next; + } + + // Conclusions... + output_parseTitle("Conclusions", nipper, section_security); + if (securityIssues > 0) + { + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + output_parseText(report_security_concl_fw1, nipper, section_none, rate_none, securityIssues, 0); + else + output_parseText(report_security_concl, nipper, section_none, rate_none, securityIssues, 0); + reportTextPointer = nipper->report; + while (reportTextPointer != 0) + { + if (reportTextPointer->section == section_security) + conclusionsList = newListItem(conclusionsList, reportTextPointer->shortConText); + reportTextPointer = reportTextPointer->next; + } + output_list(nipper, conclusionsList); + while (conclusionsList != 0) + { + conclusionsPointer = conclusionsList->next; + free (conclusionsList); + conclusionsList = conclusionsPointer; + } + } + else + { + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + output_parseText(report_security_concl_fw1, nipper, section_none, rate_none, securityIssues, 0); + else + output_parseText(report_security_concl, nipper, section_none, rate_none, securityIssues, 0); + } + output_endsection(nipper, subsection_end); + + // End Section + output_endsection(nipper, section_end); + } + + +// --------------------------------------------------------------------------------------------------------- +// Configuration Report Section + + // Output report introduction + if (nipper->configReport == true) + { + output_parseTitle(report_config_title, nipper, section_main_con); + output_parseTitle("Introduction", nipper, section_config); + if ((nipper->deviceType == type_fw1_firewall) || (nipper->deviceType == type_nokiaip)) + output_parseText(report_config_intro_fw1, nipper, section_none, rate_none, 0, 0); + else + output_parseText(report_config_intro, nipper, section_none, rate_none, 0, 0); + output_endsection(nipper, subsection_end); + + // Output Report Configuration Sections... + reportTextPointer = nipper->report; + while (reportTextPointer != 0) + { + if (reportTextPointer->section == section_config) + { + output_parseTitle(reportTextPointer->sectionTitle, nipper, section_config); + reportTextPointer->writeSection(nipper); + output_endsection(nipper, subsection_end); + } + reportTextPointer = reportTextPointer->next; + } + + // End Section + output_endsection(nipper, section_end); + } + + +// --------------------------------------------------------------------------------------------------------- +// Appendix Report Section + + // Appendix + if (nipper->appendix == true) + generateAppendix(nipper); + + // Output file end + switch (nipper->outputFormat) + { + case output_html: + fprintf(nipper->reportFile, "\n\n\n"); + break; + + case output_latex: + fprintf(nipper->reportFile, "\\end{document}\n"); + break; + + case output_xml: + fprintf(nipper->reportFile, "\n"); + break; + } + + // If CSV file specified... + if (nipper->csvFilename != 0) + fclose(nipper->csvFile); + + // Close file + if (nipper->outputFile != 0) + fclose(nipper->reportFile); +} + diff --git a/0.11.10/docs/.svn/all-wcprops b/0.11.10/docs/.svn/all-wcprops new file mode 100644 index 0000000..874d5f8 --- /dev/null +++ b/0.11.10/docs/.svn/all-wcprops @@ -0,0 +1,29 @@ +K 25 +svn:wc:ra_dav:version-url +V 34 +/svn/!svn/ver/3/trunk/0.11.10/docs +END +Quickstart.txt +K 25 +svn:wc:ra_dav:version-url +V 49 +/svn/!svn/ver/3/trunk/0.11.10/docs/Quickstart.txt +END +Options.txt +K 25 +svn:wc:ra_dav:version-url +V 46 +/svn/!svn/ver/3/trunk/0.11.10/docs/Options.txt +END +Features.txt +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/docs/Features.txt +END +XML.txt +K 25 +svn:wc:ra_dav:version-url +V 42 +/svn/!svn/ver/3/trunk/0.11.10/docs/XML.txt +END diff --git a/0.11.10/docs/.svn/entries b/0.11.10/docs/.svn/entries new file mode 100644 index 0000000..4026844 --- /dev/null +++ b/0.11.10/docs/.svn/entries @@ -0,0 +1,164 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/0.11.10/docs +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +XML.txt +file + + + + +2016-02-13T06:47:11.556156Z +b9f5c1e4750bba5e80d028f9383acf2b +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +18451 + +Quickstart.txt +file + + + + +2016-02-13T06:47:11.556156Z +149ea46b0b10b2dc1c13e1d8dfe92be1 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4062 + +Options.txt +file + + + + +2016-02-13T06:47:11.556156Z +2463146c97474f6e17806dc2b4c6ef71 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +10585 + +Features.txt +file + + + + +2016-02-13T06:47:11.556156Z +af92356ea59a19b0add8134129f82b05 +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3377 + diff --git a/0.11.10/docs/.svn/text-base/Features.txt.svn-base b/0.11.10/docs/.svn/text-base/Features.txt.svn-base new file mode 100644 index 0000000..5b09912 --- /dev/null +++ b/0.11.10/docs/.svn/text-base/Features.txt.svn-base @@ -0,0 +1,70 @@ +nipper Features (LIMITED EDITION) +=============== + +nipper currently supports the following device types: + + * Cisco IOS-based Switches + * Cisco IOS-based Routers + * Cisco IOS-based Catalysts + * Cisco NMP-based Catalysts + * Cisco CatOS-based Catalysts + * Cisco PIX-based Firewalls + * Cisco ASA-based Firewalls + * Cisco FWSM-based Firewalls + * Cisco CSS-based Content Service Switches + * Juniper NetScreen ScreenOS-based Firewalls + * CheckPoint Firewall-1 (FW1) + * Nortel Passport Devices + * SonicWALL SonicOS Firewalls + +nipper performs a security audit of a device and produces a report which +can include the following sections: + + * Security Related Issues + > Introduction + > The issues + * Configuration Report + > Introduction + > The configuration + * Appendix Section + > Abbreviations + > Timezones + > Common Ports + > Logging Severity Levels + > Version Details + +Reports can be output in HTML (default), XML, Latex and plain text formats. + +nipper will decode Cisco type 7 passwords, other passwords can be output to +a john-the-ripper file for further testing. + + +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ \ No newline at end of file diff --git a/0.11.10/docs/.svn/text-base/Options.txt.svn-base b/0.11.10/docs/.svn/text-base/Options.txt.svn-base new file mode 100644 index 0000000..f322f0e --- /dev/null +++ b/0.11.10/docs/.svn/text-base/Options.txt.svn-base @@ -0,0 +1,289 @@ + _ ____ + _ __ (_)_ __ _ __ ___ _ __ / ->/| + | '_ \| | '_ \| '_ \ / _ \ '__| /<-_/ | + | | | | | |_) | |_) | __/ | | | / + |_| |_|_| .__/| .__/ \___|_| |___|/ + |_| |_| + + Version 0.11.4 + by Ian Ventura-Whiting (Fizz) + + +Nipper is a Network Infrastructure Configuration Parser. Nipper takes +a network infrastructure device configuration, processes the file and +details security-related issues with detailed recommendations. Nipper +was previous known as CiscoParse. + +By default, input is retrieved from stdin and is output (in HTML format) +to stdout. + +Command: + nipper [Options] + +General Options: + --input= + Specifies a device configuration file to process. For CheckPoint + Firewall-1 configurations, the input should be the conf directory. + + --output= | --report= + Specified an output file for the report. + + --version + Displays the program version. + +Example: + The example below will process a Cisco IOS-based router + configuration file called ios.conf and output the report to a file + called report.html. + + nipper --ios-router --input=ios.conf --output=report.html + +Nipper supports a number of different types of network device. This +version contains support for the following devices: + + CMD Option Device Type + ================================================= + --ios-switch Cisco IOS-based Switch + --ios-router Cisco IOS-based Router (default) + --ios-catalyst Cisco IOS-based Catalyst + --pix Cisco PIX-based Firewall + --asa Cisco ASA-based Firewall + --fwsm Cisco FWSM-based Router + --catos Cisco CatOS-based Catalyst + --nmp Cisco NMP-based Catalyst + --css Cisco Content Services Switch + --screenos Juniper NetScreen Firewall + --passport Nortel Passport Device + --sonicos SonicWall SonicOS Firewall + --fw1 CheckPoint Firewall-1 Firewall + +Please note that the level of support for each type of device varies. + +Nipper performs various checks to ensure that the device type that +has been specified matches the configuration file. Additionally, the +security issues reported by Nipper can depend on what the device is +used for. + +Advanced Device Options: + + --force + Force Nipper to bypass any configuration type checks. + + --location= + Where is the device located. + + --model= + Specify a device model, such as 7200VXR for a Cisco 7200VXR. + +Nipper supports a number of different report formats. They are: + + CMD Option Report Format + ============================= + --html HTML (default) + --latex Latex + --text Text + --xml XML + +These reporting options apply to all report output. + + --company-name= + Replace the 'nipper recommends...' in the report output to something + else. So for the Acme company, it would read, 'Acme recommends...'. + + --device-name= + If a device configuration file does not contain a device name, it + can be specified using this option. + + --no-names + Convert host and network names to IP addresses where possible. + + --expand-acl + Expand an Access Control Lists / Filtering object definitions. This + option will show the reality of a filtering policy. + +The following report options determine which sections are included in +the report output. The default is to include all sections. + + --no-audit + This option disables the security audit of the device configuration. + + --no-appendix + Disables the output of the entire report appendix section. By + default an appendix section is generated and added to the report. + + --no-abbreviations + Disables the output of an abbreviations section in the appendix. + + --no-logging + Disables the output of the logging levels section in the appendix. + + --no-timezones + Disables the output of the time zones section in the appendix. + + --no-ports + Disables the output of a common ports section in the appendix. + + --no-version + Disables the output of the nipper version section in the appendix. + +These report options apply only to the HTML report file format. + + --stylesheet= + Supply an external Cascading Style Sheet (CSS) for use with the HTML + -based reports. If this option is not supplied a default CSS is + embeded. The supplied CSS file will be embeded within the report + output. + +These report options apply only to the Latex report file format. + + --paper= + This option can be used to configure the Latex document paper size. + The default paper size is 'a4paper'. Refer to the Latex + documentation for other settings. + + --documentclass= + This option can be used to configure the Latex document class. The + default document class is 'article'. Refer to the Latex + documentation for other settings. + +These options only apply to the security auditing of the network +filtering. Checks for logging on all rules and for any source service +are disabled by default, all other rules are enabled by default. + + --deny-log | --no-deny-log + Enable/Disable checks to ensure that the rule lists end with a deny + all and log. + + --any-source | --no-any-source + Enable/Disable rule checks for any source. + + --network-source | --no-network-source + Enable/Disable rule checks for network sources. + + --source-service | --no-source-service + Enable/Disable checks for any sources services. + + --any-destination | --no-any-destination + Enable/Disable rule checks for any destination. + + --network-destination | --no-network-destination + Enable/Disable rule checks for network destionations. + + --destination-service | --no-destination-service + Enable/Disable rule checks for any destination service. + + --log-rules | --no-log-rules + Enable/Disable checks for logging on all rules. + + --disabled-rules | --no-disabled-rules + Enable/Disable checks for disabled rules. + + --reject-rules | --no-reject-rules + Enable/Disable checks for reject rules. + + --bypass-rules | --no-bypass-rules + Enable/Disable checks for bypass rules. + + --default-rules | --no-default-rules + Enable/Disable checks for default rules. + + --log-deny-rules | --no-log-deny-rules + Enable/Disable checks for deny and log rules. + +These options apply to the password security auditing. In addition to +user passwords, other authentication strings are audited such as shared +keys and SNMP community strings. + + --no-passwords + Removes passwords from the output. However, passwords are always + checked against defaults and for password strength. + + --john= + Output the Cisco type 5 passwords in a file that can then be run + through john-the-ripper. + + --dictionary= + Use a dictionary file to check the passwords and keys are not + dictionary-based words. If this option is not specified a small + number of built-in passwords are used instead. This option is + not used to break MD5 passwords, only compare passwords already + known. + + --pass-length= + Password strength checks will check that retrieved passwords have + a minimum length as specified. The default is 8 characters. + + --pass-uppers= + Password strength checks will check that retrieved passwords must + include uppercase characters. The default is no. + + --pass-lowers= + Password strength checks will check that retrieved passwords must + include lowercase characters. The default is no. + + --pass-either= + Password strength checks will check that retrieved passwords must + include upper or lowercase characters. The default is yes. + + --pass-numbers= + Password strength checks will check that retrieved passwords must + include numbers. The default is yes. + + --pass-specials= + Password strength checks will check that retrieved passwords must + include special characters. The default is no. + +These options apply to the security auditing. + + --timeout= + Specify the number of seconds that connection timeouts should be + less than or equal to. If timeouts are less than this, a security + will be generated in the report. The default is 10 minutes. + +These options apply to remote SNMP configuration retrival from Cisco +devices. Older Cisco devices make use of a slightly different method. +The old method works with IOS devices up to version 12.x. Newer methods +are supported with IOS version 12.0 (some with 11.2P). This requires a +local TFTP server and the snmpget command. + + --cisco-ip= + Specify the IP address of the Cisco Device to retrieve the config + from. + + --local-ip= + The IP address of the host making the request. This is essential for + remote config retrival, else it will fail. + + --cisco= + There are two methods of retrieving the config remotely using SNMP. + The old method is supported on Cisco devices upto IOS 12.x, the + new method (default) is supported from IOS 12.0 (11.2P on some + devices). + + --snmp= + The snmp community to be used with the above. A default of 'private' + will be used if not specified. + + --tftproot= + The tftp root directory to be used for the Cisco config transfer. If + not specified a default of /tftproot/ will be used. + + --cisco-file= + Specifies a filename for the Cisco config file to be saved to. If + not specified, then the file will be left in the tftproot as a + random file name. + +Nipper can be configured using an external configuration file. This file +can be specified on the command line or Nipper will load configuration +settings from '/etc/nipper.conf' (UNIX) or 'nipper.ini' in the current +directory (Windows). + + --config= + Specifies a Nipper configuration file. + +For additional help: + --help[=] + Show the online help or show the additional help on the topic + specified. The help topics are; GENERAL, DEVICES, DEVICES-ADV, + SNMP, REPORT, REPORT-ADV, REPORT-SECT, REPORT-HTML, REPORT-LATEX, + AUDIT-ACL, AUDIT-PASS, AUDIT-ADV or CONFIG-FILE. diff --git a/0.11.10/docs/.svn/text-base/Quickstart.txt.svn-base b/0.11.10/docs/.svn/text-base/Quickstart.txt.svn-base new file mode 100644 index 0000000..40f7547 --- /dev/null +++ b/0.11.10/docs/.svn/text-base/Quickstart.txt.svn-base @@ -0,0 +1,82 @@ +Quick Start Guide +================= + +NOTE: Tutorials are available at http://nipper.titania.co.uk + +If you haven't already installed nipper, follow the procedures outlined +in the INSTALL file. + +Before using nipper you will need the configuration of your network +device saved to a text file. Typically for Cisco devices the +procedure for obtaining this would be: + + 1. Logon to Cisco device + 2. Enter Enable mode + 3. Type "show run" + 4. Capture the output to a file + 5. Logout + +Once you have the configuration file and nipper is installed you are +ready. nipper does not (currently) automatically detect what type of +device you are about to perform an audit of, so it must be told. + +For a Cisco IOS Switch with a configuration file stored in +/home/fred/switch.txt and output to an XML file the command would be: + + nipper --ios-switch --input=/home/fred/switch.txt --xml --output=audit.xml + +The device types currently supported by nipper are specified using the +following command line parameters: + + CMD Option Device Type + ================================================= + --ios-switch Cisco IOS-based Switch + --ios-router Cisco IOS-based Router (default) + --ios-catalyst Cisco IOS-based Catalyst + --pix Cisco PIX-based Firewall + --asa Cisco ASA-based Firewall + --fwsm Cisco FWSM-based Router + --catos Cisco CatOS-based Catalyst + --nmp Cisco NMP-based Catalyst + --css Cisco Content Services Switch + --screenos Juniper NetScreen Firewall + --passport Nortel Passport Device + --sonicos SonicWall SonicOS Firewall + --fw1 CheckPoint Firewall-1 Firewall + +The order in which the options are specified is irrelevent. To get a full +list of options, use the following command: + + nipper --help + + + +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ \ No newline at end of file diff --git a/0.11.10/docs/.svn/text-base/XML.txt.svn-base b/0.11.10/docs/.svn/text-base/XML.txt.svn-base new file mode 100644 index 0000000..f0ea9d4 --- /dev/null +++ b/0.11.10/docs/.svn/text-base/XML.txt.svn-base @@ -0,0 +1,448 @@ +nipper XML Output Documentation +=============================== + +This document describes the XML output format that nipper produces. + + +Abbreviation +------------ + + Tag : + Tag Data : expand (enum) - Should the abbreviation be expanded + "true" or "false" + long (string) - the expanded abbreviation + short (string) - the abbreviation + Description: Used to describe an abbreviation used within the text. + Example : + History : Introduced with nipper 0.9.1. + + +Caption +------- + + Start Tag : + End Tag : + Description: A caption is used to specify a table caption. + Example : + + + Column 1 Heading + Column 2 Heading + + + + Column 1 Row 1 Data + Column 2 Row 1 Data + + + Column 1 Row 2 Data + Column 2 Row 2 Data + + +
A table full of data
+ History : Introduced with nipper 0.9.2. + See Also : Table, Table Headings, Table Heading, Table Body, + Table Row, Table Entry, Reference. + + +Command +------- + + Start Tag : + End Tag : + Description: Used to describe a device command. + Example : ip name-server IP address + History : Introduced with nipper 0.9.2. + See Also : Text, Command Option. + + +Command Option +-------------- + + Start Tag : + End Tag : + Description: Used to describe a device command option. + Example : ip name-server IP address + History : Introduced with nipper 0.10.3. + See Also : Text, Command. + + +Document +-------- + + Start Tag : + End Tag : + Tag Data : title (string) - The report title + device (string) - The name of the device audited + Description: Used to describe the report document. + Example : + History : Introduced with nipper 0.9.0. + See Also : Text. + + +Item +---- + + Start Tag : + End Tag : + Description: Used to describe an item in a table cell. + Example : Item 1Item 2 + History : Introduced with nipper 0.11.0. + See Also : Caption, Table Headings, Table Heading, Table Body, + Table Row, Table Entry, Reference, Table. + + +List +---- + + Start Tag : + End Tag : + Description: List tags are used to create a list and will contain + one or more list items. + Example : + Item 1 + Item 2 + + History : Introduced with nipper 0.9.0 + See Also : List Items + + +List Items +---------- + + Start Tag : + End Tag : + Description: List items are used within the list tags to specify a + list item. + Example : + Item 1 + Item 2 + + History : Introduced with nipper 0.9.0. + See Also : List + + +Reference +--------- + + Tag : + Tag Data : name (string) - the reference string + Description: Used to reference a table within the text. It will match the + ref data used within the table tag. + Example : See Table for more details. + History : Introduced with nipper 0.9.4. + + +Section +------- + + Start Tag :
+ End Tag :
+ Tag Data : type (enum) - the report section + "security", "configuration" or "appendix" + title (string) - a title for the section + ref (string) - a unique section reference + rate (enum) - A security rating for a subsection + "low", "lowmed", "med", "medhigh" or "high" + Description: The section tag is used to contain a defined + part of the report. + Example :
+ + This is some appendix text. + +
+ History : Introduced with nipper 0.9.0. + Reference added with 0.9.2 release. + See Also : Subsection + + +Subsection +---------- + + Start Tag : + End Tag : + Tag Data : type (enum) - the report section + "security", "configuration", "appendix" or "report" + title (string) - a title for the subsection + ref (string) - a unique section reference + Description: The subsection tag is used to contain a defined + subsection of the report. + Example :
+ + This is some appendix text. + +
+ History : Introduced with nipper 0.9.0. + Reference added with 0.9.2 release. + "report" type added with 0.10.0 release. + See Also : Section + + +Table +----- + + Start Tag : + End Tag :
+ Tag Data : number (int) - the table number + ref (string) - a table reference + Description: Table is used to describe a table within the XML document + and will contain a number of other XML tags. The table tag + has two parameters, number and ref. + Example : + + + Column 1 Heading + Column 2 Heading + + + + Column 1 Row 1 Data + Column 2 Row 1 Data + + + Column 1 Row 2 Data + Column 2 Row 2 Data + + +
A table full of data
+ History : Introduced with nipper 0.9.0. + Table reference was added with nipper 0.9.3. + See Also : Caption, Table Headings, Table Heading, Table Body, + Table Row, Table Entry, Reference, Item. + + +Table Body +---------- + + Start Tag : + End Tag : + Description: Table Body contains the content of the table, + enclosed in a number of table row tags. + Example : + + + Column 1 Heading + Column 2 Heading + + + + Column 1 Row 1 Data + Column 2 Row 1 Data + + + Column 1 Row 2 Data + Column 2 Row 2 Data + + +
A table full of data
+ History : Introduced with nipper 0.9.0. + See Also : Table, Caption, Table Headings, Table Heading, + Table Row, Table Entry, Reference, Item. + + +Table Entry +----------- + + Start Tag : + End Tag : + Description: Table entry specifies the content of a table cell. + Example : + + + Column 1 Heading + Column 2 Heading + + + + Column 1 Row 1 Data + Column 2 Row 1 Data + + + Column 1 Row 2 Data + Column 2 Row 2 Data + + +
A table full of data
+ History : Introduced with nipper 0.9.0. + See Also : Table, Caption, Table Headings, Table Heading, + Table Row, Table Body, Reference, Item. + + +Table Heading +------------- + + Start Tag : + End Tag : + Description: Table Heading is used to specify a table column title. + Example : + + + Column 1 Heading + Column 2 Heading + + + + Column 1 Row 1 Data + Column 2 Row 1 Data + + + Column 1 Row 2 Data + Column 2 Row 2 Data + + +
A table full of data
+ History : Introduced with nipper 0.9.0. + See Also : Table, Caption, Table Headings, Table Body, Table Row, + Table Entry, Reference, Item. + + +Table Headings +-------------- + + Start Tag : + End Tag : + Description: Table Headings is used to contain one or more column + headings for a table, specified using the tableheading + tag. + Example : + + + Column 1 Heading + Column 2 Heading + + + + Column 1 Row 1 Data + Column 2 Row 1 Data + + + Column 1 Row 2 Data + Column 2 Row 2 Data + + +
A table full of data
+ History : Introduced with nipper 0.9.0. + See Also : Table, Caption, Table Heading, Table Body, Table Row, + Table Entry, Reference, Item. + + +Table Row +--------- + + Start Tag : + End Tag : + Description: Table row tags contain a number of table entry tags + equivilent to the number of table headings. + Example : + + + Column 1 Heading + Column 2 Heading + + + + Column 1 Row 1 Data + Column 2 Row 1 Data + + + Column 1 Row 2 Data + Column 2 Row 2 Data + + +
A table full of data
+ History : Introduced with nipper 0.9.0. + See Also : Table, Caption, Table Heading, Table Headings, + Table Row, Table Entry, Reference, Item. + + +Text +---- + + Start Tag : + End Tag : + Description: Define a paragraph of text content. + Example :
+ + + Classless routing is... + nipper determined that... + + + Network traffic... + + + + + + nipper recommends that... + + +
+ History : Introduced with nipper 0.9.0. + See Also : Text Section. + + +Text Section +------------ + + Start Tag : + End Tag : + Tag Data : type (enum) - Define a type of text section + "observation", "impact", "ease" or "recommendation" + rate (enum) - A rating, based on the type + for "impact" type... + "low", "lowmed", "med", "medhigh" or "high" + for "ease" type... + "noease", "trivial", "moderate" or "difficult" + Description: Used to group a section of text and possibly tables. + Example :
+ + + Classless routing is... + nipper determined that... + + + Network traffic... + + + + + + nipper recommends that... + + +
+ History : Introduced with nipper 0.9.0. + See Also : Text. + + + +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ \ No newline at end of file diff --git a/0.11.10/docs/Features.txt b/0.11.10/docs/Features.txt new file mode 100644 index 0000000..5b09912 --- /dev/null +++ b/0.11.10/docs/Features.txt @@ -0,0 +1,70 @@ +nipper Features (LIMITED EDITION) +=============== + +nipper currently supports the following device types: + + * Cisco IOS-based Switches + * Cisco IOS-based Routers + * Cisco IOS-based Catalysts + * Cisco NMP-based Catalysts + * Cisco CatOS-based Catalysts + * Cisco PIX-based Firewalls + * Cisco ASA-based Firewalls + * Cisco FWSM-based Firewalls + * Cisco CSS-based Content Service Switches + * Juniper NetScreen ScreenOS-based Firewalls + * CheckPoint Firewall-1 (FW1) + * Nortel Passport Devices + * SonicWALL SonicOS Firewalls + +nipper performs a security audit of a device and produces a report which +can include the following sections: + + * Security Related Issues + > Introduction + > The issues + * Configuration Report + > Introduction + > The configuration + * Appendix Section + > Abbreviations + > Timezones + > Common Ports + > Logging Severity Levels + > Version Details + +Reports can be output in HTML (default), XML, Latex and plain text formats. + +nipper will decode Cisco type 7 passwords, other passwords can be output to +a john-the-ripper file for further testing. + + +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ \ No newline at end of file diff --git a/0.11.10/docs/Options.txt b/0.11.10/docs/Options.txt new file mode 100644 index 0000000..f322f0e --- /dev/null +++ b/0.11.10/docs/Options.txt @@ -0,0 +1,289 @@ + _ ____ + _ __ (_)_ __ _ __ ___ _ __ / ->/| + | '_ \| | '_ \| '_ \ / _ \ '__| /<-_/ | + | | | | | |_) | |_) | __/ | | | / + |_| |_|_| .__/| .__/ \___|_| |___|/ + |_| |_| + + Version 0.11.4 + by Ian Ventura-Whiting (Fizz) + + +Nipper is a Network Infrastructure Configuration Parser. Nipper takes +a network infrastructure device configuration, processes the file and +details security-related issues with detailed recommendations. Nipper +was previous known as CiscoParse. + +By default, input is retrieved from stdin and is output (in HTML format) +to stdout. + +Command: + nipper [Options] + +General Options: + --input= + Specifies a device configuration file to process. For CheckPoint + Firewall-1 configurations, the input should be the conf directory. + + --output= | --report= + Specified an output file for the report. + + --version + Displays the program version. + +Example: + The example below will process a Cisco IOS-based router + configuration file called ios.conf and output the report to a file + called report.html. + + nipper --ios-router --input=ios.conf --output=report.html + +Nipper supports a number of different types of network device. This +version contains support for the following devices: + + CMD Option Device Type + ================================================= + --ios-switch Cisco IOS-based Switch + --ios-router Cisco IOS-based Router (default) + --ios-catalyst Cisco IOS-based Catalyst + --pix Cisco PIX-based Firewall + --asa Cisco ASA-based Firewall + --fwsm Cisco FWSM-based Router + --catos Cisco CatOS-based Catalyst + --nmp Cisco NMP-based Catalyst + --css Cisco Content Services Switch + --screenos Juniper NetScreen Firewall + --passport Nortel Passport Device + --sonicos SonicWall SonicOS Firewall + --fw1 CheckPoint Firewall-1 Firewall + +Please note that the level of support for each type of device varies. + +Nipper performs various checks to ensure that the device type that +has been specified matches the configuration file. Additionally, the +security issues reported by Nipper can depend on what the device is +used for. + +Advanced Device Options: + + --force + Force Nipper to bypass any configuration type checks. + + --location= + Where is the device located. + + --model= + Specify a device model, such as 7200VXR for a Cisco 7200VXR. + +Nipper supports a number of different report formats. They are: + + CMD Option Report Format + ============================= + --html HTML (default) + --latex Latex + --text Text + --xml XML + +These reporting options apply to all report output. + + --company-name= + Replace the 'nipper recommends...' in the report output to something + else. So for the Acme company, it would read, 'Acme recommends...'. + + --device-name= + If a device configuration file does not contain a device name, it + can be specified using this option. + + --no-names + Convert host and network names to IP addresses where possible. + + --expand-acl + Expand an Access Control Lists / Filtering object definitions. This + option will show the reality of a filtering policy. + +The following report options determine which sections are included in +the report output. The default is to include all sections. + + --no-audit + This option disables the security audit of the device configuration. + + --no-appendix + Disables the output of the entire report appendix section. By + default an appendix section is generated and added to the report. + + --no-abbreviations + Disables the output of an abbreviations section in the appendix. + + --no-logging + Disables the output of the logging levels section in the appendix. + + --no-timezones + Disables the output of the time zones section in the appendix. + + --no-ports + Disables the output of a common ports section in the appendix. + + --no-version + Disables the output of the nipper version section in the appendix. + +These report options apply only to the HTML report file format. + + --stylesheet= + Supply an external Cascading Style Sheet (CSS) for use with the HTML + -based reports. If this option is not supplied a default CSS is + embeded. The supplied CSS file will be embeded within the report + output. + +These report options apply only to the Latex report file format. + + --paper= + This option can be used to configure the Latex document paper size. + The default paper size is 'a4paper'. Refer to the Latex + documentation for other settings. + + --documentclass= + This option can be used to configure the Latex document class. The + default document class is 'article'. Refer to the Latex + documentation for other settings. + +These options only apply to the security auditing of the network +filtering. Checks for logging on all rules and for any source service +are disabled by default, all other rules are enabled by default. + + --deny-log | --no-deny-log + Enable/Disable checks to ensure that the rule lists end with a deny + all and log. + + --any-source | --no-any-source + Enable/Disable rule checks for any source. + + --network-source | --no-network-source + Enable/Disable rule checks for network sources. + + --source-service | --no-source-service + Enable/Disable checks for any sources services. + + --any-destination | --no-any-destination + Enable/Disable rule checks for any destination. + + --network-destination | --no-network-destination + Enable/Disable rule checks for network destionations. + + --destination-service | --no-destination-service + Enable/Disable rule checks for any destination service. + + --log-rules | --no-log-rules + Enable/Disable checks for logging on all rules. + + --disabled-rules | --no-disabled-rules + Enable/Disable checks for disabled rules. + + --reject-rules | --no-reject-rules + Enable/Disable checks for reject rules. + + --bypass-rules | --no-bypass-rules + Enable/Disable checks for bypass rules. + + --default-rules | --no-default-rules + Enable/Disable checks for default rules. + + --log-deny-rules | --no-log-deny-rules + Enable/Disable checks for deny and log rules. + +These options apply to the password security auditing. In addition to +user passwords, other authentication strings are audited such as shared +keys and SNMP community strings. + + --no-passwords + Removes passwords from the output. However, passwords are always + checked against defaults and for password strength. + + --john= + Output the Cisco type 5 passwords in a file that can then be run + through john-the-ripper. + + --dictionary= + Use a dictionary file to check the passwords and keys are not + dictionary-based words. If this option is not specified a small + number of built-in passwords are used instead. This option is + not used to break MD5 passwords, only compare passwords already + known. + + --pass-length= + Password strength checks will check that retrieved passwords have + a minimum length as specified. The default is 8 characters. + + --pass-uppers= + Password strength checks will check that retrieved passwords must + include uppercase characters. The default is no. + + --pass-lowers= + Password strength checks will check that retrieved passwords must + include lowercase characters. The default is no. + + --pass-either= + Password strength checks will check that retrieved passwords must + include upper or lowercase characters. The default is yes. + + --pass-numbers= + Password strength checks will check that retrieved passwords must + include numbers. The default is yes. + + --pass-specials= + Password strength checks will check that retrieved passwords must + include special characters. The default is no. + +These options apply to the security auditing. + + --timeout= + Specify the number of seconds that connection timeouts should be + less than or equal to. If timeouts are less than this, a security + will be generated in the report. The default is 10 minutes. + +These options apply to remote SNMP configuration retrival from Cisco +devices. Older Cisco devices make use of a slightly different method. +The old method works with IOS devices up to version 12.x. Newer methods +are supported with IOS version 12.0 (some with 11.2P). This requires a +local TFTP server and the snmpget command. + + --cisco-ip= + Specify the IP address of the Cisco Device to retrieve the config + from. + + --local-ip= + The IP address of the host making the request. This is essential for + remote config retrival, else it will fail. + + --cisco= + There are two methods of retrieving the config remotely using SNMP. + The old method is supported on Cisco devices upto IOS 12.x, the + new method (default) is supported from IOS 12.0 (11.2P on some + devices). + + --snmp= + The snmp community to be used with the above. A default of 'private' + will be used if not specified. + + --tftproot= + The tftp root directory to be used for the Cisco config transfer. If + not specified a default of /tftproot/ will be used. + + --cisco-file= + Specifies a filename for the Cisco config file to be saved to. If + not specified, then the file will be left in the tftproot as a + random file name. + +Nipper can be configured using an external configuration file. This file +can be specified on the command line or Nipper will load configuration +settings from '/etc/nipper.conf' (UNIX) or 'nipper.ini' in the current +directory (Windows). + + --config= + Specifies a Nipper configuration file. + +For additional help: + --help[=] + Show the online help or show the additional help on the topic + specified. The help topics are; GENERAL, DEVICES, DEVICES-ADV, + SNMP, REPORT, REPORT-ADV, REPORT-SECT, REPORT-HTML, REPORT-LATEX, + AUDIT-ACL, AUDIT-PASS, AUDIT-ADV or CONFIG-FILE. diff --git a/0.11.10/docs/Quickstart.txt b/0.11.10/docs/Quickstart.txt new file mode 100644 index 0000000..40f7547 --- /dev/null +++ b/0.11.10/docs/Quickstart.txt @@ -0,0 +1,82 @@ +Quick Start Guide +================= + +NOTE: Tutorials are available at http://nipper.titania.co.uk + +If you haven't already installed nipper, follow the procedures outlined +in the INSTALL file. + +Before using nipper you will need the configuration of your network +device saved to a text file. Typically for Cisco devices the +procedure for obtaining this would be: + + 1. Logon to Cisco device + 2. Enter Enable mode + 3. Type "show run" + 4. Capture the output to a file + 5. Logout + +Once you have the configuration file and nipper is installed you are +ready. nipper does not (currently) automatically detect what type of +device you are about to perform an audit of, so it must be told. + +For a Cisco IOS Switch with a configuration file stored in +/home/fred/switch.txt and output to an XML file the command would be: + + nipper --ios-switch --input=/home/fred/switch.txt --xml --output=audit.xml + +The device types currently supported by nipper are specified using the +following command line parameters: + + CMD Option Device Type + ================================================= + --ios-switch Cisco IOS-based Switch + --ios-router Cisco IOS-based Router (default) + --ios-catalyst Cisco IOS-based Catalyst + --pix Cisco PIX-based Firewall + --asa Cisco ASA-based Firewall + --fwsm Cisco FWSM-based Router + --catos Cisco CatOS-based Catalyst + --nmp Cisco NMP-based Catalyst + --css Cisco Content Services Switch + --screenos Juniper NetScreen Firewall + --passport Nortel Passport Device + --sonicos SonicWall SonicOS Firewall + --fw1 CheckPoint Firewall-1 Firewall + +The order in which the options are specified is irrelevent. To get a full +list of options, use the following command: + + nipper --help + + + +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ \ No newline at end of file diff --git a/0.11.10/docs/XML.txt b/0.11.10/docs/XML.txt new file mode 100644 index 0000000..f0ea9d4 --- /dev/null +++ b/0.11.10/docs/XML.txt @@ -0,0 +1,448 @@ +nipper XML Output Documentation +=============================== + +This document describes the XML output format that nipper produces. + + +Abbreviation +------------ + + Tag : + Tag Data : expand (enum) - Should the abbreviation be expanded + "true" or "false" + long (string) - the expanded abbreviation + short (string) - the abbreviation + Description: Used to describe an abbreviation used within the text. + Example : + History : Introduced with nipper 0.9.1. + + +Caption +------- + + Start Tag : + End Tag : + Description: A caption is used to specify a table caption. + Example : + + + Column 1 Heading + Column 2 Heading + + + + Column 1 Row 1 Data + Column 2 Row 1 Data + + + Column 1 Row 2 Data + Column 2 Row 2 Data + + +
A table full of data
+ History : Introduced with nipper 0.9.2. + See Also : Table, Table Headings, Table Heading, Table Body, + Table Row, Table Entry, Reference. + + +Command +------- + + Start Tag : + End Tag : + Description: Used to describe a device command. + Example : ip name-server IP address + History : Introduced with nipper 0.9.2. + See Also : Text, Command Option. + + +Command Option +-------------- + + Start Tag : + End Tag : + Description: Used to describe a device command option. + Example : ip name-server IP address + History : Introduced with nipper 0.10.3. + See Also : Text, Command. + + +Document +-------- + + Start Tag : + End Tag : + Tag Data : title (string) - The report title + device (string) - The name of the device audited + Description: Used to describe the report document. + Example : + History : Introduced with nipper 0.9.0. + See Also : Text. + + +Item +---- + + Start Tag : + End Tag : + Description: Used to describe an item in a table cell. + Example : Item 1Item 2 + History : Introduced with nipper 0.11.0. + See Also : Caption, Table Headings, Table Heading, Table Body, + Table Row, Table Entry, Reference, Table. + + +List +---- + + Start Tag : + End Tag : + Description: List tags are used to create a list and will contain + one or more list items. + Example : + Item 1 + Item 2 + + History : Introduced with nipper 0.9.0 + See Also : List Items + + +List Items +---------- + + Start Tag : + End Tag : + Description: List items are used within the list tags to specify a + list item. + Example : + Item 1 + Item 2 + + History : Introduced with nipper 0.9.0. + See Also : List + + +Reference +--------- + + Tag : + Tag Data : name (string) - the reference string + Description: Used to reference a table within the text. It will match the + ref data used within the table tag. + Example : See Table for more details. + History : Introduced with nipper 0.9.4. + + +Section +------- + + Start Tag :
+ End Tag :
+ Tag Data : type (enum) - the report section + "security", "configuration" or "appendix" + title (string) - a title for the section + ref (string) - a unique section reference + rate (enum) - A security rating for a subsection + "low", "lowmed", "med", "medhigh" or "high" + Description: The section tag is used to contain a defined + part of the report. + Example :
+ + This is some appendix text. + +
+ History : Introduced with nipper 0.9.0. + Reference added with 0.9.2 release. + See Also : Subsection + + +Subsection +---------- + + Start Tag : + End Tag : + Tag Data : type (enum) - the report section + "security", "configuration", "appendix" or "report" + title (string) - a title for the subsection + ref (string) - a unique section reference + Description: The subsection tag is used to contain a defined + subsection of the report. + Example :
+ + This is some appendix text. + +
+ History : Introduced with nipper 0.9.0. + Reference added with 0.9.2 release. + "report" type added with 0.10.0 release. + See Also : Section + + +Table +----- + + Start Tag : + End Tag :
+ Tag Data : number (int) - the table number + ref (string) - a table reference + Description: Table is used to describe a table within the XML document + and will contain a number of other XML tags. The table tag + has two parameters, number and ref. + Example : + + + Column 1 Heading + Column 2 Heading + + + + Column 1 Row 1 Data + Column 2 Row 1 Data + + + Column 1 Row 2 Data + Column 2 Row 2 Data + + +
A table full of data
+ History : Introduced with nipper 0.9.0. + Table reference was added with nipper 0.9.3. + See Also : Caption, Table Headings, Table Heading, Table Body, + Table Row, Table Entry, Reference, Item. + + +Table Body +---------- + + Start Tag : + End Tag : + Description: Table Body contains the content of the table, + enclosed in a number of table row tags. + Example : + + + Column 1 Heading + Column 2 Heading + + + + Column 1 Row 1 Data + Column 2 Row 1 Data + + + Column 1 Row 2 Data + Column 2 Row 2 Data + + +
A table full of data
+ History : Introduced with nipper 0.9.0. + See Also : Table, Caption, Table Headings, Table Heading, + Table Row, Table Entry, Reference, Item. + + +Table Entry +----------- + + Start Tag : + End Tag : + Description: Table entry specifies the content of a table cell. + Example : + + + Column 1 Heading + Column 2 Heading + + + + Column 1 Row 1 Data + Column 2 Row 1 Data + + + Column 1 Row 2 Data + Column 2 Row 2 Data + + +
A table full of data
+ History : Introduced with nipper 0.9.0. + See Also : Table, Caption, Table Headings, Table Heading, + Table Row, Table Body, Reference, Item. + + +Table Heading +------------- + + Start Tag : + End Tag : + Description: Table Heading is used to specify a table column title. + Example : + + + Column 1 Heading + Column 2 Heading + + + + Column 1 Row 1 Data + Column 2 Row 1 Data + + + Column 1 Row 2 Data + Column 2 Row 2 Data + + +
A table full of data
+ History : Introduced with nipper 0.9.0. + See Also : Table, Caption, Table Headings, Table Body, Table Row, + Table Entry, Reference, Item. + + +Table Headings +-------------- + + Start Tag : + End Tag : + Description: Table Headings is used to contain one or more column + headings for a table, specified using the tableheading + tag. + Example : + + + Column 1 Heading + Column 2 Heading + + + + Column 1 Row 1 Data + Column 2 Row 1 Data + + + Column 1 Row 2 Data + Column 2 Row 2 Data + + +
A table full of data
+ History : Introduced with nipper 0.9.0. + See Also : Table, Caption, Table Heading, Table Body, Table Row, + Table Entry, Reference, Item. + + +Table Row +--------- + + Start Tag : + End Tag : + Description: Table row tags contain a number of table entry tags + equivilent to the number of table headings. + Example : + + + Column 1 Heading + Column 2 Heading + + + + Column 1 Row 1 Data + Column 2 Row 1 Data + + + Column 1 Row 2 Data + Column 2 Row 2 Data + + +
A table full of data
+ History : Introduced with nipper 0.9.0. + See Also : Table, Caption, Table Heading, Table Headings, + Table Row, Table Entry, Reference, Item. + + +Text +---- + + Start Tag : + End Tag : + Description: Define a paragraph of text content. + Example :
+ + + Classless routing is... + nipper determined that... + + + Network traffic... + + + + + + nipper recommends that... + + +
+ History : Introduced with nipper 0.9.0. + See Also : Text Section. + + +Text Section +------------ + + Start Tag : + End Tag : + Tag Data : type (enum) - Define a type of text section + "observation", "impact", "ease" or "recommendation" + rate (enum) - A rating, based on the type + for "impact" type... + "low", "lowmed", "med", "medhigh" or "high" + for "ease" type... + "noease", "trivial", "moderate" or "difficult" + Description: Used to group a section of text and possibly tables. + Example :
+ + + Classless routing is... + nipper determined that... + + + Network traffic... + + + + + + nipper recommends that... + + +
+ History : Introduced with nipper 0.9.0. + See Also : Text. + + + +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ \ No newline at end of file diff --git a/0.11.10/install.script b/0.11.10/install.script new file mode 100644 index 0000000..485b367 --- /dev/null +++ b/0.11.10/install.script @@ -0,0 +1,22 @@ +echo -e "" +echo -e " _ ____" +echo -e " _ __ (_)_ __ _ __ ___ _ __ / ->/|" +echo -e " | '_ \\| | '_ \\| '_ \\ / _ \\ '__| /<-_/ |" +echo -e " | | | | | |_) | |_) | __/ | | | /" +echo -e " |_| |_|_| .__/| .__/ \\___|_| |___|/" +echo -e " |_| |_|" +echo -e "" +echo -e " The Network Infrastructure Parser" +echo -e "" + +#echo "Building debug nipper..." +#gcc -g -Wall -o nipper nipper.c + +echo "Building nipper..." +gcc -o nipper nipper.c + +echo "Installing nipper..." +cp nipper /usr/bin/ +cp nipper.conf /etc/ +cp man/nipper.1 /usr/share/man/man1/ +cp man/nipper.conf.5 /usr/share/man/man5/ diff --git a/0.11.10/man/.svn/all-wcprops b/0.11.10/man/.svn/all-wcprops new file mode 100644 index 0000000..2a2e267 --- /dev/null +++ b/0.11.10/man/.svn/all-wcprops @@ -0,0 +1,17 @@ +K 25 +svn:wc:ra_dav:version-url +V 33 +/svn/!svn/ver/3/trunk/0.11.10/man +END +nipper.1 +K 25 +svn:wc:ra_dav:version-url +V 42 +/svn/!svn/ver/3/trunk/0.11.10/man/nipper.1 +END +nipper.conf.5 +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/0.11.10/man/nipper.conf.5 +END diff --git a/0.11.10/man/.svn/entries b/0.11.10/man/.svn/entries new file mode 100644 index 0000000..f5b21c5 --- /dev/null +++ b/0.11.10/man/.svn/entries @@ -0,0 +1,96 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/0.11.10/man +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +nipper.conf.5 +file + + + + +2016-02-13T06:47:11.956154Z +316ab3e4e3cb9bc5dd48be430fe659cb +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6382 + +nipper.1 +file + + + + +2016-02-13T06:47:11.956154Z +a68b1cc7314344f4498ad00eebf5947a +2009-11-30T19:23:23.540519Z +2 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +1995 + diff --git a/0.11.10/man/.svn/text-base/nipper.1.svn-base b/0.11.10/man/.svn/text-base/nipper.1.svn-base new file mode 100644 index 0000000..907df5b --- /dev/null +++ b/0.11.10/man/.svn/text-base/nipper.1.svn-base @@ -0,0 +1,53 @@ +.TH nipper "1" "January 2008" +.SH NAME +nipper \- Network Infrastructure Parser. Produces reports based of network device configuration file settings. +.SH SYNOPSIS +.B nipper +[\fIOPTIONS\fR] +.SH DESCRIPTION +Nipper processes network infrastructure device configuration files, performs a security audit and produces a report based on the findings. The default report will contain sections on the security related issues identified, the configuration of the device and an appendicies with additional information. Nipper currently supports the following device types: +.P +* Cisco Switches (IOS) * Juniper NetScreen Firewall +.br +* Cisco Routers (IOS) * CheckPointer Firewall-1 +.br +* Cisco Catalyst (IOS) * Nortel Passport +.br +* Cisco Firewall (PIX) * Sonicwall Firewall +.br +* Cisco Firewall (ASA) +.br +* Cisco Firewall (FWSM) +.br +* Cisco Catalyst (CatOS) +.br +* Cisco Catalyst (NMP) +.br +* Cisco Content Service Switches +.SH OPTIONS +\fB\-\-help\fR +For help on all the options. +.SH EXAMPLES +To produce an HTML formatted report for a Juniper NetScreen device: +.P +nipper --screenos --input=config.txt --output=report.html +.P +To produce an XML formatted report for a Cisco PIX firewall: +.P +nipper --pix --xml --input=pix-config.txt --output=report.xml +.P +To produce an HTML formatted report for a CheckPoint Firewall-1: +.P +nipper --fw1 --input=/root/config-backups/fw1/conf/ --output=report.html +.P +To produce an HTML formatted report for a Cisco IOS-based router using an external configuration file: +.P +nipper --config=nipper.conf --input=router.txt --output=report.html +.SH AUTHOR +Nipper was developed by Ian Ventura-Whiting (Fizz). +.SH COPYRIGHT +Copyright \(co 2006-2008 Ian Ventura-Whiting. +.br +This is free software. You may redistribute copies of it under the terms of the GNU General Public License v3 or above . There is NO WARRANTY, to the extent permitted by law. +.SH SEE ALSO +nipper.conf(5) \ No newline at end of file diff --git a/0.11.10/man/.svn/text-base/nipper.conf.5.svn-base b/0.11.10/man/.svn/text-base/nipper.conf.5.svn-base new file mode 100644 index 0000000..0ba9f5e --- /dev/null +++ b/0.11.10/man/.svn/text-base/nipper.conf.5.svn-base @@ -0,0 +1,172 @@ +.TH nipper.conf "12" "January 2008" +.SH NAME +nipper.conf \- Configuration file for Nipper. +.SH DESCRIPTION +Nipper can be configured in three different ways. The first is through the command line options, this will override the other two configuration methods. The second is through an external configuration file, which is documented in this help document. Lastly, Nipper will fall back on its built-in default configuration settings. The main nipper.conf file is usually located at /etc/nipper.conf, though an alternative configuration file can be specified as a command line parameter. +.P +The configuration settings outlined below are case-insensitive. Furthermore, Options that require a yes/no type answer can also be answered with true/false or on/off. Comment lines start with a # character. +.SH General Section +\fBDevice Type\fR +.br +This changes the default device type. The choices are; Cisco Router (IOS), Cisco Switch (IOS), Cisco Catalyst (IOS), Cisco Catalyst (NMP), Cisco Catalyst (CatOS), Cisco Firewall (PIX), Cisco Firewall (ASA), Cisco Firewall (FWSM), Cisco Content Services Switch (CSS), Juniper ScreenOS Firewall, Nortel Passport, Checkpoint Firewall-1 or SonicWall SonicOS Firewall +.P +\fBModel\fR +.br +Specify the device model, this is useful for setting defaults. +.P +\fBLocation\fR +.br +This tells Nipper where the device is being used. Is it an "Internal" device or an "Edge" device. +.P +\fBForce Type\fR +.br +This bypasses the Nipper configuration type checks and forces Nipper to treat the configuration file as the device type specified. The choices are; yes or no. +.SH Report Section +.P +\fBCompany Name\fR +.br +This changes the company name used throughout the report. The default is to use Nipper. +.P +\fBShow Passwords In Report\fR +.br +Used to enable or disable the output of passwords (encoded or otherwise) to the report. The options are; yes or no. +.P +\fBConvert Names To IP Addresses\fR +.br +As it suggests, names are converted to IP addresses in the report output. Options are; yes or no. +.P +\fBReport Format\fR +.br +This setting changes the default report format, the built-in default is HTML. The options are; HTML, XML, LATEX or TEXT. +.SH HTML Section +.P +\fBStyle Sheet File\fR +.br +The name of the HTML stylesheet to be used with the HTML report. If not specified, Nipper will use a built-in stylesheet. +.SH Latex Section +.P +\fBPaper Size\fR +.br +The Latex paper size to use, the default is a4paper. +.P +\fBDocument Class\fR +.br +The Latex document class to use, the default is article. +.SH Report Sections Section +.P +\fBSecurity Audit\fR +.br +Output a security audit report section. Options are; on or off. +.P +\fBAppendix\fR +.br +Output an appendix section in the report. Options are; on or off. +.P +\fBAbbreviations\fR +.br +Output an abbreviations appendix section in the report. Options are; on or off. +.P +\fBCommon Ports\fR +.br +Output a common ports appendix section in the report. Options are; on or off. +.P +\fBLogging Levels\fR +.br +Output a logging levels appendix section in the report. Options are; on or off. +.P +\fBTime Zones\fR +.br +Output a time zones appendix section in the report. Options are; on or off. +.P +\fBNipper Details\fR +.br +Output a nipper details appendix section in the report. Options are; on or off. +.SH Audit Section +.P +\fBDictionary File\fR +.br +A dictionary file to use with password testing. If not specified a small built-in dictionary is used. The dictionary file must contain one password per line. +.P +\fBMinimum Password Length\fR +.br +The minimum length that passwords / authentication keys should be. The default is 8 characters. +.P +\fBPasswords Must Include Uppercase\fR +.br +Passwords / authentication keys must include uppercase characters. Options are; on or off. +.P +\fBPasswords Must Include Lowercase\fR +.br +Passwords / authentication keys must include lowercase characters. Options are; on or off. +.P +\fBPasswords Must Include Lowercase or Uppercase\fR +.br +Passwords / authentication keys must include lowercase or uppercase characters. Options are; on or off. +.P +\fBPasswords Must Include Numbers\fR +.br +Passwords / authentication keys must include numbers. Options are; on or off. +.P +\fBPasswords Must Include Special Characters\fR +.br +Passwords / authentication keys must include special / punctuation characters. Options are; on or off. +.P +\fBCheck For Any Source\fR +.br +Firewall filters should not allow access from any source. Options are; on or off. +.P +\fBCheck Source Rules Do Not Include Networks\fR +.br +Firewall filters should not allow access from a network source. Options are; on or off. +.P +\fBCheck For Any Source Service\fR +.br +Firewall filters should not allow access from any source port. Options are; on or off. +.P +\fBCheck For Any Destination\fR +.br +Firewall filters should not allow access to any destination. Options are; on or off. +.P +\fBCheck Destination Rules Do Not Include Networks\fR +.br +Firewall filters should not allow access to a network destination. Options are; on or off. +.P +\fBCheck For Any Destination Service\fR +.br +Firewall filters should not allow access to any destination service. Options are; on or off. +.P +\fBCheck That All Rules Log\fR +.br +All firewall filters should log. Options are; on or off. +.P +\fBCheck That All Rules Log\fR +.br +No disabled firewall filters should exist. Options are; on or off. +.P +\fBCheck Rule Lists End With Deny All And Log\fR +.br +All firewall filter lists shoud end with a deny everything and log. Options are; on or off. +.P +\fBCheck For Reject Rules\fR +.br +No firewall reject rules should exist, these are deny rules that inform the sender. Options are; on or off. +.P +\fBCheck For Bypass Rules\fR +.br +No firewall bypass rules should exist, these are rules that bypass filtering. Options are; on or off. +.P +\fBCheck For Default Rules\fR +.br +No firewall default rules should exist, these are rules that default to a ports filtering setting. Options are; on or off. +.P +\fBMinimum Timeout (Seconds)\fR +.br +The number of seconds that timeouts should be configured for. The default is 600. +.SH AUTHOR +Nipper was developed by Ian Ventura-Whiting (Fizz). +.SH COPYRIGHT +Copyright \(co 2006-2008 Ian Ventura-Whiting. +.br +This is free software. You may redistribute copies of it under the terms of the GNU General Public License v3 or above . There is NO WARRANTY, to the extent permitted by law. +.SH SEE ALSO +nipper(1) \ No newline at end of file diff --git a/0.11.10/man/nipper.1 b/0.11.10/man/nipper.1 new file mode 100644 index 0000000..907df5b --- /dev/null +++ b/0.11.10/man/nipper.1 @@ -0,0 +1,53 @@ +.TH nipper "1" "January 2008" +.SH NAME +nipper \- Network Infrastructure Parser. Produces reports based of network device configuration file settings. +.SH SYNOPSIS +.B nipper +[\fIOPTIONS\fR] +.SH DESCRIPTION +Nipper processes network infrastructure device configuration files, performs a security audit and produces a report based on the findings. The default report will contain sections on the security related issues identified, the configuration of the device and an appendicies with additional information. Nipper currently supports the following device types: +.P +* Cisco Switches (IOS) * Juniper NetScreen Firewall +.br +* Cisco Routers (IOS) * CheckPointer Firewall-1 +.br +* Cisco Catalyst (IOS) * Nortel Passport +.br +* Cisco Firewall (PIX) * Sonicwall Firewall +.br +* Cisco Firewall (ASA) +.br +* Cisco Firewall (FWSM) +.br +* Cisco Catalyst (CatOS) +.br +* Cisco Catalyst (NMP) +.br +* Cisco Content Service Switches +.SH OPTIONS +\fB\-\-help\fR +For help on all the options. +.SH EXAMPLES +To produce an HTML formatted report for a Juniper NetScreen device: +.P +nipper --screenos --input=config.txt --output=report.html +.P +To produce an XML formatted report for a Cisco PIX firewall: +.P +nipper --pix --xml --input=pix-config.txt --output=report.xml +.P +To produce an HTML formatted report for a CheckPoint Firewall-1: +.P +nipper --fw1 --input=/root/config-backups/fw1/conf/ --output=report.html +.P +To produce an HTML formatted report for a Cisco IOS-based router using an external configuration file: +.P +nipper --config=nipper.conf --input=router.txt --output=report.html +.SH AUTHOR +Nipper was developed by Ian Ventura-Whiting (Fizz). +.SH COPYRIGHT +Copyright \(co 2006-2008 Ian Ventura-Whiting. +.br +This is free software. You may redistribute copies of it under the terms of the GNU General Public License v3 or above . There is NO WARRANTY, to the extent permitted by law. +.SH SEE ALSO +nipper.conf(5) \ No newline at end of file diff --git a/0.11.10/man/nipper.conf.5 b/0.11.10/man/nipper.conf.5 new file mode 100644 index 0000000..0ba9f5e --- /dev/null +++ b/0.11.10/man/nipper.conf.5 @@ -0,0 +1,172 @@ +.TH nipper.conf "12" "January 2008" +.SH NAME +nipper.conf \- Configuration file for Nipper. +.SH DESCRIPTION +Nipper can be configured in three different ways. The first is through the command line options, this will override the other two configuration methods. The second is through an external configuration file, which is documented in this help document. Lastly, Nipper will fall back on its built-in default configuration settings. The main nipper.conf file is usually located at /etc/nipper.conf, though an alternative configuration file can be specified as a command line parameter. +.P +The configuration settings outlined below are case-insensitive. Furthermore, Options that require a yes/no type answer can also be answered with true/false or on/off. Comment lines start with a # character. +.SH General Section +\fBDevice Type\fR +.br +This changes the default device type. The choices are; Cisco Router (IOS), Cisco Switch (IOS), Cisco Catalyst (IOS), Cisco Catalyst (NMP), Cisco Catalyst (CatOS), Cisco Firewall (PIX), Cisco Firewall (ASA), Cisco Firewall (FWSM), Cisco Content Services Switch (CSS), Juniper ScreenOS Firewall, Nortel Passport, Checkpoint Firewall-1 or SonicWall SonicOS Firewall +.P +\fBModel\fR +.br +Specify the device model, this is useful for setting defaults. +.P +\fBLocation\fR +.br +This tells Nipper where the device is being used. Is it an "Internal" device or an "Edge" device. +.P +\fBForce Type\fR +.br +This bypasses the Nipper configuration type checks and forces Nipper to treat the configuration file as the device type specified. The choices are; yes or no. +.SH Report Section +.P +\fBCompany Name\fR +.br +This changes the company name used throughout the report. The default is to use Nipper. +.P +\fBShow Passwords In Report\fR +.br +Used to enable or disable the output of passwords (encoded or otherwise) to the report. The options are; yes or no. +.P +\fBConvert Names To IP Addresses\fR +.br +As it suggests, names are converted to IP addresses in the report output. Options are; yes or no. +.P +\fBReport Format\fR +.br +This setting changes the default report format, the built-in default is HTML. The options are; HTML, XML, LATEX or TEXT. +.SH HTML Section +.P +\fBStyle Sheet File\fR +.br +The name of the HTML stylesheet to be used with the HTML report. If not specified, Nipper will use a built-in stylesheet. +.SH Latex Section +.P +\fBPaper Size\fR +.br +The Latex paper size to use, the default is a4paper. +.P +\fBDocument Class\fR +.br +The Latex document class to use, the default is article. +.SH Report Sections Section +.P +\fBSecurity Audit\fR +.br +Output a security audit report section. Options are; on or off. +.P +\fBAppendix\fR +.br +Output an appendix section in the report. Options are; on or off. +.P +\fBAbbreviations\fR +.br +Output an abbreviations appendix section in the report. Options are; on or off. +.P +\fBCommon Ports\fR +.br +Output a common ports appendix section in the report. Options are; on or off. +.P +\fBLogging Levels\fR +.br +Output a logging levels appendix section in the report. Options are; on or off. +.P +\fBTime Zones\fR +.br +Output a time zones appendix section in the report. Options are; on or off. +.P +\fBNipper Details\fR +.br +Output a nipper details appendix section in the report. Options are; on or off. +.SH Audit Section +.P +\fBDictionary File\fR +.br +A dictionary file to use with password testing. If not specified a small built-in dictionary is used. The dictionary file must contain one password per line. +.P +\fBMinimum Password Length\fR +.br +The minimum length that passwords / authentication keys should be. The default is 8 characters. +.P +\fBPasswords Must Include Uppercase\fR +.br +Passwords / authentication keys must include uppercase characters. Options are; on or off. +.P +\fBPasswords Must Include Lowercase\fR +.br +Passwords / authentication keys must include lowercase characters. Options are; on or off. +.P +\fBPasswords Must Include Lowercase or Uppercase\fR +.br +Passwords / authentication keys must include lowercase or uppercase characters. Options are; on or off. +.P +\fBPasswords Must Include Numbers\fR +.br +Passwords / authentication keys must include numbers. Options are; on or off. +.P +\fBPasswords Must Include Special Characters\fR +.br +Passwords / authentication keys must include special / punctuation characters. Options are; on or off. +.P +\fBCheck For Any Source\fR +.br +Firewall filters should not allow access from any source. Options are; on or off. +.P +\fBCheck Source Rules Do Not Include Networks\fR +.br +Firewall filters should not allow access from a network source. Options are; on or off. +.P +\fBCheck For Any Source Service\fR +.br +Firewall filters should not allow access from any source port. Options are; on or off. +.P +\fBCheck For Any Destination\fR +.br +Firewall filters should not allow access to any destination. Options are; on or off. +.P +\fBCheck Destination Rules Do Not Include Networks\fR +.br +Firewall filters should not allow access to a network destination. Options are; on or off. +.P +\fBCheck For Any Destination Service\fR +.br +Firewall filters should not allow access to any destination service. Options are; on or off. +.P +\fBCheck That All Rules Log\fR +.br +All firewall filters should log. Options are; on or off. +.P +\fBCheck That All Rules Log\fR +.br +No disabled firewall filters should exist. Options are; on or off. +.P +\fBCheck Rule Lists End With Deny All And Log\fR +.br +All firewall filter lists shoud end with a deny everything and log. Options are; on or off. +.P +\fBCheck For Reject Rules\fR +.br +No firewall reject rules should exist, these are deny rules that inform the sender. Options are; on or off. +.P +\fBCheck For Bypass Rules\fR +.br +No firewall bypass rules should exist, these are rules that bypass filtering. Options are; on or off. +.P +\fBCheck For Default Rules\fR +.br +No firewall default rules should exist, these are rules that default to a ports filtering setting. Options are; on or off. +.P +\fBMinimum Timeout (Seconds)\fR +.br +The number of seconds that timeouts should be configured for. The default is 600. +.SH AUTHOR +Nipper was developed by Ian Ventura-Whiting (Fizz). +.SH COPYRIGHT +Copyright \(co 2006-2008 Ian Ventura-Whiting. +.br +This is free software. You may redistribute copies of it under the terms of the GNU General Public License v3 or above . There is NO WARRANTY, to the extent permitted by law. +.SH SEE ALSO +nipper(1) \ No newline at end of file diff --git a/0.11.10/nipper b/0.11.10/nipper new file mode 100644 index 0000000000000000000000000000000000000000..6e262c4aa3483e192e77c2f6fc4a2a797e6e0432 GIT binary patch literal 827915 zcmc${4S-c+{s(@hZZ$HwgNdv#m?%OKva&nq5{j`JvXv&isNLSw9YUkw&fU6B!|clb zVq=Tg*w(hYA**3Zx>=SG#%>r4?lHs8u2F-b|L604o^$VW&pmgVcKiSTL+3s(pYPlA ze4p2I&T|%qMqZGUlViDmU97GaVvXUegX3MZ!6;bN4+S6|N28nf5_&)Ld5yc&Aa^L@MJ_Y{#^P~W=y~K zlo^vxnlXJ=`TUdT%|7{5MGMiQ`-PX53N7^@&3^btn@`3++D1DnPqYddKL!8zH{ggR zeb-#_QQdW=6Uip+?+G2d2*d{=e7cUaj2XW~$KTfR$rOUW-{K$hb(Bd~A^u&*0RG5Wy{((BbQ0JehHJqz)Vfi}|ES|`eRt9Ln~_d=PwM=;H2y^$KUC-U*7!a; zf40sK>HG_Hem@-_r1R-FBoBI0dEzBOUObu(wr znlLXsac+3R1Pje?5}Vx_)`W{LL+a$|vnG_!n=;v&7oIz5&P~>o`P0MJyg75H&k9eq zrp}%-WfpU0F>BuR>t;=yVU^E9+x@vUr#w7q+QhlY1q*BHbyLD~X3rybYIyq0Dc0O6 zH%^~5*_t|KHrUKlnFP(VW=@%jIFb0@3ePT|GiQphnOz>Xrjo5(1xT?|C(W2W4-6-Q z-OPzIX3U;M+DQ}VO_?-v4$PYrzG=>s3D-_w#>5#D=gzd|-83&eWu^sb<G=dz_joef?N5E4!e!NaME`Eg3elrUv%gJ{`Rn}T>j=_?BOpu`F#HN#Mr}M z3{QRdn`c>l`3ubp`Fnt674bKS@rS=KWFUXhSq$PY8psg-Vn7_q-vY}T#^2tSRm|T* z&{p`1#yEn%eJpDve-Fc$%wII7(fmE!vc~YYuVszn?-7<&#@{0?YchY2vaD(REwro| z{5{&T=I|GtTA07bTGo92qSINxUo_@Q{vKypRs2O~x|qNH(Vz1donj4tPq3_|{6%NC zjK2ddYdL>UvaHhB$C2jT#1Sak#429yx;WQ*@p)_a>5VAi-Te}{vYvMLV~tE>&}rC> zzkaNlY0PuBNt`t_jV|ESNt`t`4JBbYYbDMan^ws93W;0LU>Y>FoEnJ-7>5T~PNl?i z86V2{9Es;KUd(uz#Pb;+!FY+p3m7k9yjbFW7$3vqU!T1V^7c;(^ z@fwK_XM8Q=l@cGp_KH!xl( z@iN8}jOR;yGUF|bTN0nfcpKv_-_iaVjHCU-eu>XvJeTop5)U(;&v>20=QGaX$XP4# z1&kLmzCz-ajC0E8)JVLF@j;ANN_;WnLm8hV@g_Iz3I{Vn_Mc9cu>^>DYukpPVu`{MI8@~5$t=L9}S<0=2~`aHP)Nx8Ue zZ0k}zX7@@9>1REE!%@}i&~hy+QkU}(lXe$G3DVg&Cbo1VgPh3bz}WH6SBH;e+TS76SXl14T^Ry$y<}c5R1p7l+y_E81_qb-#G1jegy9ETShYOhyZW z&xYC~i4%iQR<3w6FE{vXT`bgQhuU6z9xSekG#7$L@JXwxE?Bh`a_rLF$Y(i7dz#E* zp@c|pw<{9=c|5jt*S1I^r#jFD1dBu8HkEqOjV`*;L~qGt+u#BlOrT;5g};pjiV}xG zfk@l#@O_cZg%ie$x>w%TOu~4mk!1ocp@r9%6VhEmic)Ib*w7`mDfndQtGc$p zew*x2VsSn$uwd9Z<$WR*%~ttAC>=Bj6iH%>Rp^XGSR;;;JX$Y#J)IvTFH+IcB^c#g z6N!;Tmsn_9JoIu4{3agSiqXSrx68NL6))SPwto3Y@c%Xie^nQIt^dZ@R%jiqD-T9y zCc0=*am87fY>tQOT7}65&1AD(QD=|Z&@q$aoZAg1>*JwyZNg-&X0qO{SZ9w~>&GN7 zsmTwUid|dQ#6zpwg#$-I+Oo#3SZ$A5<;S6ClEaU+Yc&<3cyh|ovRXJ(YB~^nS=Rl^ zdmxFW90?_IP%mF?YzV|Qt#5(<9nI?5S=ZL3Q`IxGgX+0FSv|)a)w3cVTCS>RnKo&K zU9sFAwam{XvwGe!N_J^HRHLeAiDt6YuBfp`E$NuaagKBt+EEtALshDJDm9bEc14vv zs?v{%Sv^0|)e~KS@`^|2<0_RD4I`vjJ;5xymRWW+ll^%94;8j^V?%dTSRFVYy)Cw> zXX!5Jw5PW8PzRN@C|OzKQiaHLebLFl z$D?JqN+m|eA*9(d%dTaXUCrc<*&gRSVz30Ix@2jBMl?$K6-^eNkw{w-$_LZ!!JiR7b(4NYvxok9%>iOLV0%O9CSkHa|c7V zT{%M{;i6&Yeu~IamfIGPvsAmfCkWB2-rwZ{*Pl@CPTM~If3VF({homBBaegO5P7}tSR+2+w?A)2#HrI@8 z$tl)Zn}WAr$reVJSqgI^Z8;dUD-sq*HL92b9pMW z#mH2ixgwR>YGlHOdfH%z>LZ&6Du<6WqcFtVn*vhvp>|!mg<&)$9YN)Ph=^O?eY4f6 zcN!~onvdE%HdSCglUK~#VjtL)%+K6rHTAG(kT-=3q5J7d=rL8Hp zK2u%D-5;F@I)<}DtqUKOdX^}AC;fs%jG(gFq2Eubty%TD?i_t#YB_EOfxdajEGiE|D)TQwet=J0#_j` z;?~X;w>1wbkRA;7qa%}58Cnpka<}d+tD}h~j!5eR0CGU(U_~^Cmn*)&s_oB+*r8@U zLheUzb0dZ22SqB{EUw*zwRF9hm|NxOCR%flms5_O(uE(x{;7@3n+nWSbUAIR%V~+U z-FjoOJ*w3n-{Ki^r#-yp0hQl{-gq^xwr)ETQF?5+NCYYyls-Vr8t1@w;7pQ zYE@mhXQZO__~4yqiU+r{9}%PNQMuLk(E6n9vC$Y-^NJGBe9qF$y=^l~Z|wL@0ksX# zAB+9~6ixgF^xKcE|Gv zn<2QgJ@Q#)DpTe+tc@r#Rp)vownv8f4yTcdf}HaC(48Ei?qisCBt}9Tgf}o;%&@Ah zrb0W^l3M60f|m$793Uy-Qq+PwhV5|2upP!2Hg^LUW6Re{>_S1N!1XS;J_(LA}kT*awLu2E{^+ zk&4FPjh7_ep*EN@a@0pQNU%}zlofocuAh}FJ2=NDo^UZqE}1a8w$g+*l`wa}pouLC zTrg6138NoLz%I~5Vw z@q<7Rd%o*6_~`W{|s9rU4u_{)!KJY*B)I*3g0! zU|}Y~nXyoF(}}6-@R_5W9ZF!QOBFyE3E9B0LMb;d0Q~LFvVp^EC+%OpP=XH-GDuIV&KnA z>^dkHWzu374~$~__%ZRs7Rr7W=#>Q1b=+mBgTz><6$7IctXd3kb@X4~$~+(k>UjlT z0yL;|aX-=pf)~bL^1q^mU9kk82M&GVa9FMS_-G@T>W-q8;bdPy5n86Ol46?lDd~gJ z*)meQJQ@rh40p`qDB&R!WNO#&F;tHxK*rK@eg{wN(9|;Gvza>WUrAHzfrF`+CA**K z4ns|bv#KdO74xO2!olE^Qt-pZ24(L^7vu@xp5k0@aAvq;&PQs_hSh8@tbIQCp{+;J z^lqdNw8;!EXrLoNv2*2GPc}y|hH@5#`6UA?=5DDQ0r{>H9JT++;x!0!8O! zKBUDzaw`H=U^N|`64=z6ZVX5P6iOxAQfrul!Rg#(X#bU!XjHM#&frtsst}qQ3w;B_ z^4J4ZhjuEdGMmy3FV;>Q+ane2Rymh>81tNe0L&_e*Gs9~1V$u=1|LEL?2P<~*>3N+ zAeH^R%07zOZl_3vH1#UU<|J3{f;5FqHor*W78p`oCGJRNk2j>icG0mqmHnfX6e-CA zwDe!2fMFhH8)-dFpePJg6A8)X%_ejzOkr6;KMIge<+=~)a&7U-J~SN366uQwr7$AT zBuMH&LUd~70-E4P*p=|FI@$(Dja%nWpEoI99GG4BliBg&-16|0x$)w>!u}UsHZ@+H zf5m_;#Rt*6Jk_y~#8vB8Fc=-;1Ncd7{zkP)K08B|SFvD& z2#X&Rc%gYFjpiE|n?^&mojecCwltb8UK)-R4);nZ2ahF)oR8CJe&waXQxcZ5O4GQy zwWrZsHxn$#zs6DTj4i@8&eo6{cu5B^0^V)g^c_jbNmgfZnQgb(^AU57^N5*Y0&gyYgMTcVpOL zYeN@4T~X@snggXfUNf8=YPf1fV_W$?nkZH@ZLymE&>R6<0*VQ{d(K5(dQbWil_lUJ zfLVJiR#ry6q0cdB-il|5Zq`}N_(+kp;wSMqwz;#Jk#*Xk&G-it)Mm^_VTu_Hq?-|N z&Cr-wO;~}uEu$IM#36Gg!Y}yf8#t&$_(mZz-EQn#rEvFuK;iG?=0saJmM@6shNpvg z(u^rWEQucC13(3r65={dJfH2;!lP|BfOsOFgQH|g1aYMy`3OaPG9^bqY?l7%M&2s; zsxFFl@Fu%9QSg-T)G)1^J9{=d>)h}uTZ((8vOUr+FgW(sswT(=xO_vas|?)d*oUIH zdLP_01NVZ$Me6e6)}_nuV@UcMJqtglsWje@MZGf+M-Puzwn`U!-8e07HStD@Ra$ z{7Gb_87a{bQ@5`bw;umQZ46Cu>jS6>I}G{ob%7n2f)#mS#~85B;Ah&>z8=_M1NM9h zR_K8ZGhoY8u>Kxc$bglnV8cDI(FW|&6l|aeHqn3`pMnkYz~&e*D+L<@m~zFeon%x| z-h-b+?BCft$*k)t-AO+2PO^NbK`N@-u3vdnRF|nE%+7dbxsyJ}Jq0bp; zS-Q@aXc%3Iu=NHkn1b={7ahfg?J!`8FO%GsdSKQL@h2&SjVahN4Rc%0AOm(^3dS2} zrqB`tHZKKRp|O)* zIUHL%(jX6PtpVGTf(`Y+;s)%uDcCR%?0o|^KLs1;fwdX1%TusCz|e5aRqR!Ga873P z>Rz$48&4)<*^jM8?3UWt3~D^~J+5&Z;-MWJI`L>!qg~NpkJ{n$7)JQVX{7Z-gmim6 zv`v%NaItM&Ecd-=C)_7<$ zmmnzDm+gwJ_NdK1g~R2fY4(*~W_6bfvkmdkdd;lPuGnCYTHi4MnU1Rx-wz5Djr$^=OeS#cEu`t)QXOoNeRyOGFv`X zm@SKkma+#1v*mWhGJDigKV}ygdgyyRHJsOitfD5hl4#4lp|63gF2PPweypYp<~Uzq zwPxhSLrZ3h0(_#4YiB61#I9IukE-%fAbepOY2{5MH6CTt3@Yu~1>9h)o{y^!oAQwc z8@(?sO5o zPl6jwf)Osk1HJ^GlHdZ9fYW$UX{Im1mn7&d1mUAH6|mk%_Rd!g6S-$2WpacszwRV> z!Al?tG-D?%Q^LU{Sn4H!(w6g#FTpV+nB*mp?YBF82~Hrvsa^thdd}6p1cOMB<0YWo zPJds5Gf1%Q6;CNizq<>&TA4-?6JWI7B%iUw&gr@cG|qq94CW%zj0(^#Dsh=|z5DVKX$d1ZI-p{;d3NV)m_Ge%#4( z9`@xIA;Bmw0XG+&urI-#BbsoUH^_G5cl7HcEiKt@9<`cr!{M zE)V(s5%^eiB>GVGsID4>pD00sUCU&&Y#Wo-eTgf>lSQi_*Exe^YaJ4EkIeIbUOA-{29C z4uz!WMWG=G#iN68rI$bw4$7bdh?X+6|eBR{&M_UNFJt>R!72udrS**lL0U z8$fWsmjK0NIh%b6jv>JelVGVU;cj1oAtX54OCS=i^(6?Apr=W|Jq590urI+?BzOn) zkTjYEB7tx5W*R+>1glK~ZbyiOSK*wQ1h2UFCIPozM8bu>1mBb3Ut0{LNgxsq@g)d;0D@;t0`A&~gpbkRWg2}f397vW zB4M2`!4MLRGYPoiBN8IM1Q(IuL@$9z_=zvUSQ32mf?+iGibTTEz64 zO#*JIiG(wK2?mnj{pSs%Ngxus`x2Z@g2zn)?#79PH!&f}ETv0HP~jyI39Ebwt|7rl zlYpCyB4M5{!CVp??j;Zj=cNl38{wlkI9I`}w8MUL2n=rfY&lEyKp{QV-AWQV*H? zkAZT|QY^BJ!i`58Ksrhk+ksF#T8}FREGotAi{2;YoQ zJX(jV7S1fYmdSQClRGOs;UnC62Eqq>g>L}Yc_Ms0Lhqi~Z7CAF0d>uAY(kx#KuD6KrH3-F{t8vwqGs~`JvR%#OJquUG-li=#S6Ki0D}*CDwwwoi$=)Z~4gO?Dlk7TQvL=%K z*q@A^<#6jbQ_1g1mg`T3JtXXZpwcqQ@)|+*8ty;%6bUxpEN7E1*^wl>&z}t2l9prp zk_{%=B!4n&;abjUU$WsO8|Y8ghh#_il8qtRSL=Ok!vRf}^9e4QMKYaa&-#;bhUEOw zm+TgjEmCB7);P_%3PHj5Y?B)rx^*of%@zJM{YhiqYtl6LlIAFXno~)0ut)f0B+5Ig zq1LnUs?w6LKG?ncw#~dbtY4DB`zR}4=5zkN>v-+89ajj;!;5OUv5|6rWDSM>>?!mn zp?teIpdNOf8C+Dz9jDTEJ8;jC-o5bt3T~yWBQyy85Vk%>xT^|}WOx@?AblCbO)9*B z;rCUz+b0OWfw0y`Ym&=X=0J8Jvm2j;7QIAY-pRIm*Hhh*P!~g$1|CJ=GXVPYIfL2D zQ`y2HMLm+)708Cj$qb*Xv|G#Y=_&0zWNpm8K#>)Fig3@Y(4R2-a0Q*l@cUVnS;DdeLd5RGEOOeM0LrfV)hP(|EyX38{tQ? zl3mX1rxe*VhHuFVUBm1p3c8iylC032{~&v!g7#rp+cTNr!$9Wr!VCRZ#0Igb&LK9l`7q6ts-tFA(-GjaAIvy;e+I&+zkEq3z7xuAl`w5ncwU zvjnpw6#6(OEXqoIzu*<^28PE03bNc?2$!hvXoiQY@cj%AMc5gr_^)BY@ksDDqebvq zw>CiA5yt2#4{+|KTjWF>21_74?VpKlTV9$|k8 zBbXgj(D@9%krld@*^Q4&Av7?&IxDnKJF=fv(2)#RWQA5S`%VR|WB4aoq3z6`q@Y8; zL-_ct(D}?Bs-PO72eM93t7o}hSg#8U^WcF~yI?xs2TtGQvuH@}X-AYTCaTGxQJeD%sQasi%yjg{<0K$pi zYks_=i51%cDCkp}L3^6=5Id8xUuNZA%zF>!<<1+ECijn!k<$H5#QaO9gV{Lq`!i6DQVutG`UC9 zxZjwS`!I4@Y;Yf`xR)_~j?0~QFv0ymx7?2h$T=K4Qf|>7!i1hGp@yX0vPyi8*@q~J zI~e|l3it1huxrm^d8`|6LM>jr7?1ewa;gJ8W1BX9(+%g9v>g?DZ2*p9)Q%M<-Ihlo z{|@YCK%w_ePgLOq!=(uOmw!PnvZsPSSPy0R1Vwfm!$)Q% zTf*#96xmvazf|FNhCfBvU)sR^klnUgq>W^FgCbkT@LCmaWO$VdpVSlKWm(w`WA>wp z-57>vDza4!Ps~cTmDzI@S%Tp+6xopd5k4U+*&Jq{t;m)#yjz7E82(a)2jn6ADZ=_z|DoV%vq$QwKIH)tC((I zBMwC3RFa;MmHh%@&LgIKR?KE%jwI$o%-#Ie3>*Z^HxC2zY*tJOF>eubUsg;FF@FZ8 z=_Y?c^#uHqfHBg2mZ=VIpjk472Lm$`7-6AHV;U33knkvf&Z`JG)1|U|dp0XRV0NEW zwr8#QEwjH~C3WAY0O49dQA?8<{*wx?W%ywgZfE#jgypsL&hBU}gMbW6BTVG}l4eU7D|HecBC({ntTs^!9#}@6dLpzd*j8^Q3RWv3ZdWbuu z!RSlaaZgNzWE`;!Zt{XA_FNhF9-@S^7vwxW9DG#Oh4(9lof5`lYH2jylYSJz7KJ|r zr&QgxiIn!JMw}poqL%GO+-?dqAJQwA=VSeRC5QAzKKRwZV0Mb{HN{yeipM30BH`@{ z9(p)e=vi>~sNCB&)-y0Z_qOMGtB3EthzA4?U_UBJR2r}lyB5fvUojgN;JJQb!CKGc|Y;70b+p9Lmz zp4o3%NhrzWX)$j)J(ORv5-@GLJPTi`4AzQN#(1z$MvjJ4j8qk|fI|8fC9b3p*&4=WMY*v*2J3ImkQfhf*h&QLcIwrDM5=6*;wc#^?954S^B$RZWCTAX}62>)S+_-pl}Xj zQb~XcYZF$1JL+b@@6mdJ`ukx?)B(!C!d3+NHp%HyU`hSgKse7!W8~JD1`#a zz)vRrO*9PR|I$Cn|M5)xx5!NlA^u^Ff4W~1e`_ZGZR92b#FuOQ11bEaS@3*z!3k-+ zozmyXO#HD&fIshhJ3P*w`d^(Y#V?j;*em*kiT{`d27Lci`8=D6f9rVgA5Q!e8vo0~ zllI=3iNCNf@CC$2HU8}s{u+fpgkq7)`r3)yMB{gyiZS)WlatH`XM%rv62MOpd?LYH zPDp|S3S3}t4i5zQ4uF|9ImP!;1wEV{2y&pqt;kI9YaAH1oUz(%ex0JYF@xgIq&Qhq z4A2zU!F27bp$rO}<s)sYR*_@*3legPs8lX;X!)d4OR`AYZc_0T< z-~#v>Rw0p!hA!c=a1Dg7!Iio$gjBn7GV?K?N3|u-FB2~f6vf^-AU81&%J4*V50sCQ zvZgikE<#5TIv@kehi(k$3PO(nl-7pYoM*v8+Y^kgMubHfjBW>&uu=x_5Z9dWF}yC^ zA6F|p)#11M5bP2@4c9=p!kMaB@$F$(Upy5-;lGDePA%5`8a+JEZKX&b+|wGjgt$Yp z<2GyDWa7RMU48leUE_ukw_$PU6a5Dq)P%Feq<^KQ5Y zj8?)#99A0ZA^BoQ z=a771DH~FI%TR9mH0y3#oP~!cW^C|au7P!Bqp`umD2`v%%P-|@O}*4{o7$t;wU>WR zrifE*1&TKyr=`3o96oDuC3tg4oQYg-^#^(WTA z-;rULD#1hwFSkJ5EtOUl5^D9!yI8B3el$1Xa|7sMis1>^;|gOX-z<{?^xw^XL)+Q^ zR2=>!9Ga!?W-o1(Kb4ZG`(T{;VRng^fHW~3bk5P#6=G{#MHjmPHIpzlfu?DB=Te?B z&&5ckF4g%*|JN36)g0cxlV#GeMaQRG)Iy8?4|L9D@@&34UC{R9K}pm8K09c?Nbvyi zPOAw#k-%aBN)=t?UqzW?5SNw47<3N#v{ie}`cp?N?mW`f37yEt_k;XgRRjQqe;}=e!Ej^%q=p6V~oM%3pWP zqfyiD2LraQ2VcB4QL$CM@*(@ytvK1ACt1q}AxyXUgRrE>M%wn1Z!n@IT1{sf$&(}* zZOUR-gu)~GoKJC)4E$RBrcWCy3_Ex^b@+l_4!W#R{?phj!Ag9ytI=jdqc&(HhuXB_ zO9rTY7hLCp>pb8{9gcg#U?6u3ny`FJ`5mV-Cqa5*=o0imVq*)wQ?uZoUXaXr4hBdU z=+6X@(O+D=M`yT3*Yk}woPmo(yN2D9st7*BOHcV}%!6^VtJplgo`OM5@&8}%-X@VKI>QA z1+j~e-D2D)kl}C&j#yJ4y~4J=K$L@W%OEFw0IsrVZMVWF?RjneKI^!75t?4+umR6B z-9f%yu@O+2j9!I%kb|^OU_OaYiUBQp;!AT3OQO<@>uWTZKgrAlEA4Jhg9P)tl@BE> ziCQRwy`=TyF^pJ`3n@&EC|l+ zG-;(Ky^o})byD71O*92Wx`dlf#mqJN3ACeyk?JLND!$s{_LaAStaBeCoBNo-h?_(* zb@~UzV?O*z6gvOVU*}~?IBD`BH+gR^L0a6KdknOZ&4b1!zi2ijxoCl_u$Em{(KQ|y z|3SLxH(XV~Z~iP5hTV*Aa`Lxm10h|@W5Ky!<|_=F1*cPuf(ub;eu2RJ zl3t_R`cq#u#z$U!3$Dj|s^I=mg@VIO0?y^CDQg|HRc?l%yhPi>2*+CIR=^{hhv=e0 zvnozsbim5+#Oe|yoh2tF3_gKfh-8)MWj8q(wtz`X}Xni zdBIj2#1z)qh8dRZhA|OK3%IA%q|$*AAn zcBL~lb$3$lbyxZeO}+ItQ15kD`ddwX2dMY5D_yTiFC%GZyVBP*(GNiMU%1R^Aj@zW z|L>ALmTUtB(oDOgwE?Vz&>N&WP3ZtWp>pVGD=O&^nDhIAzS5vE1YHCW;Uf}+LEu;CIStA&CL{m9@Y)KHWq7U6 z2l8YbOLlal@*^AZ>c8868H4)4R0rM7n-wU;E!vR`Cs$)p*YfULLc4Bl3gC*t&+TA+ zo)^PYMJS|#a^FVb?#4}{ur98!)bN)+w#YYWlbxhrN9~TXeZUXvzOG^+hh;3%Z`Gf5 zgv}~tQt-~Zn1yw(^9ux|a@@&ma&nq&@^d)L36q~cED%xMIu>OJr-XEMRLUfUaa{ll zbzM8bXG?csDj|1{?-FV90m`#OEnKL(Rj9X{{HF2W+yWIh7wh?%xsHgm1u)NgSQ)SG zLv{;?u&C&^5c3Y)JX;b&UK8(0b`Ov7xzFd>-8v41lCU9e&ufvh2rVNtb1mYT2V6|( z>42)W$d&l;D31`~mhCniV+{?lUTsi6jr@^P;bwU(w89Rp$k?&PhSn-Ow944AU1gW9 zit*t$?3FB!hn8IhkvNr@_j5Wtl{i>+7B~IM^JC>Tk%}7Z$ntqVhIntWCMSHPvj%&* z2zCutt%cGEVMg^Xx_0Mo+3ZFAsddxpNX6=$a0#!ZU2TQuIy;1RwQM)6W>vl9(wNhx zlOfXRHz%{Wy5Eczb-y3FART=-(e*b0J=+iM*(F#_^kYPy>!OwRYa$hEFrU0$+VC3L zG+BfBA8Ab6f8GJh*>OLm49yF@XM1Mf^-+`v1d!Qc12|^zv6gRXzP)w9fuFZtrNNDCb z0XHzAt%QyQG=rz78onm*SOA^BLa_`q4{k9^p~nY6e|00!OZ?Ee>F7g=juU;2i&j;< zHd3(`RXkqmaIIAFT2%2LS;eOTifmNz3YE<&KGLN(tN567X@!(_HKf@U1+j`Hk%}cf z!k6>PHn607_y^8&AV4rTJO$VNf>rFQ{j1Yc@aL2D_c!=frw4iop>GhHS)HEZxq{Hu zgl1N!XQ?xe&kSzV$I&PzW3F9(s z@XT+2O$jGc!V7-r!Rh6*mS~IU|MNq8O7laaUk{^JXNVe9or7Z+e)JY&0#Asa^`l-G z6DnDE7!wxT6;<}AN}uy}!kLcYd2r=RN}CL6$(fU!Bd<3fWY)kuf=AJ}w`ZRAc26%(82z@mkG?O8sQ*2ZlYJ zF$TjjAag$?!*K}3qhoO8EC9+gYfq=dcXK8f%tnKvw=gRaW+PL~m}S>8*{)`?pLWM5 z9Wl8v;7-5lPj~3&qb!V1c%VfKn$v)zO(fJq!L?n-^ zj)m4oD%Rs0!9Qi^S-##5Jh9k+sPjycPJsrA{JHRVvPqi2JtzzXxgPW|qCZ5{I{$&E zXP`Yd87?Av9nqWp(4HB^7@~hc^soKUp23Nq=1YtrdYT{F)62{x?-PJVBZyn)UU9DF z4DKx1m#91;yWpxTM)6Z!&Q7iR)d`l8eSz&U2k5yA5PmWWRJG9x>hjZQjyr zk)qbUOZg;YkQUH;uff0Cx}+_Z_*RANAcSE%Tjbf`>YS~0(Ax}2&?*f&gdje3<`r>E zMiXHBu1EXJ@C^7?2Fv@1_MKp%m6+&vS$i{p_L*Su&?!ULHbT!OG;>7uY_lEk z5uk?$I%Zd5_9@CRZ;jb zI~EOk*N}VT>Ma85~IlgmM zHbg2m^t^GRUA_VR*Jj;+p}}5s*%ek3?h+$->8KKmU%f`~{E1IAHedL93Y zD(bVO>)*_td6ZPJYy+TzD<=zK)QKHS*U$ zHqArR@MpM6!)6mUGArz_8a9G3?jZSddqu;J1`NaV0nT@5_ju`1=0$_xvmX!;9f(jo z+8sD6|cdgo&Kn8;@>9TrZ@UW!JvUYc-So z6jBSRpuuo6kPF1ZI)viU4Y+CxnPt~9*{)`?A4ArmHQ%ViMcTr*rWh7JfHkm>g^Q3Z z7T(Hy-TkhIBw-@w^TwlV5!V(n%dTC=Yc-So6jBzRWH98xx_66(s}YJvSK-PzJ30?$ z*|kiztC{S_P%Jdt;eFb|*2#v28?atVx3D|w@L?pw!fwuT=4%UAK$0+#b9m#?Wr%Zs z2?{aGu3gS+HIw}mqJ`a^OALlffqYObtU)LqU4pB&kXd#ulkI9I`!EbfH*ng|lbG;i z-^pUt_Uh1f_BC^^g^hU872PMd$1%6zoE3vt?xU2)n+%w+-V7Q&)pX|!GNE0gOX{za z@Y!R<@TjZ|kFUpr)|%k}G7QxRpDfP7E&50TXA@*KaA# z!NRvW_QYb?7pdiyuX#wIYxpu1;7B|b;EY-BTIz_I$|2CPX|f;UNsVZQ>P_eQAvS2l z>qHd#AvS5mS|D^u^q!clXtxrqOX4V~l^l&x#*z+ouPc)gr<-#=8msGARWSV(5=Sc$ zibogVs{3PR*|kiztC{TU2V39($)Pe9+8U|Y+9f;;*Fbn8u6)GiHWy;9fIUmGdZ>_i z66W!>nbd?v+{Uvx`URmjp~Ewv)ZCaR?IN^{(2Qx)F?8IAk%g9#>kI~=TO#veYR)Gt zkuXBo5%ptC{R$e%e%)Tbr3vSu!(}JdsLnnBb@6Ei^SpDY?H>jsDJ6vJBFPijw0H!d4!x z=)S2Wv#^!NYc-SqJ0;1?Q1SvQd8n_FQXk`x1xLzr5~xU5$|Y&s~(k@ zg)Kr}tC{@YDd|}hlu^mK*Z7s>SeE2d$bynRo%0PPM?m@vQF1s!*jU6>S2we;vB+yR zlm9yd|i)g4j9WwVKI( zN*?2FLklQrHI$HHk*|okbv6hr?i5J_5yCl3kx}3tC{R430-~Ksv&dz;@R6; z#^QK(oM@8kJjT5MJ>nNZ#B$N35FxDAaMj%qv#?s@wVKKQohF_|$?vGi5T(g}PNAVm zABb2ZniL>}l@zX86J}v0#cMT_{WKYClnHwTsSUlQ*cW4y4EyWJA7j+>W8oQvr0^nS ztOsHx5U95OoC;1ZbYbN|_S>RjE<#v0;i?yV%)+{f*J>vFsc1gM*~c9&|2Rhk^>7Ld zK^8dh9!)IT{v8Fi;i@|xW??;q1gwW}^%KN-Sf2B|Y-B0dZUwSIG;cu&>mgjV=FGx+ zh}UW+`!K{?{FsME6?-}xL^wcbFYsuzjRULEjNKRvy@{TqyTd67Lg0EbS9iPX! zJ(Yd)vIskE#6C#u?Zo1B#I`P&Uhp&|EqH$=SS!oJD5&gFCvFctUx1dO_3A-4?L}u(4D!T8~gXx*bLoT^C4{Vn z1=xbNr))D$5t4JsM#e)46cZl5X;wci{J~vKtS{iz+%X#_F@8yjG3@X1MJOFBlvsZq zJ4j-~RV)}?&+W0^iI0QqgmT$8Bj0Ta&%KU<3pKk(Zs5%Y$)Sd?@2PROsQ|M!-_@Q}>klUa!sl0^fGl}M@iW$65NJp0u zy&utUNJI3zJ#uLAxb$r%S7>-w~vve;Tb-W+f@D}fM1=z3 zGo33nmy$eIzzFnwu6*MO!?h4fpPEOxMV+Cj*A(ZH;y*Bf+(BBY>jbjg2?BkhkTtes^Lecqn zptyH$LdysZ0m@c@37|B5ILwc63l;DCxkr}a1UQ@-fjg=Us7Bwy*Oqmo*IiC9`jv1% zmNfcL8SC9*w)#}JG7YzXR<^3VyxdRZC`hR});!dv+rG3BHe5%kWLPeSug{aF*`l3t zajuSz3DDNHfwYFZpr{XenF0*#`LS_$LnN%GSqoq_`H%Yvt5zGw!LIynUzMPdtI|-Y zsHqhudw7Whn6=3V=OS&?RT-o9WqLNoj7vVCCY ze9dh2zF@XmGaCzLzP@O9`~}Zuc>K|CD1#~s;po!TmviT+cZt8pSNsi9Mr)5>?C3SsM8^ZR3rX?rYAuP0Hhr*yo&wYtGM)+SfYI*PN&CbIz+Z=iol) z+@Lu>F>+s*Mt-xZ!Lj?C^9ap3XPUa(`<(O3n)8KIc46bN=|EeO(&MG-rFCb8gg}2k&#vgQvlZLXuevh07i0I{s*m<()~@r&Z^hp6TL^xhW!9RlDv9?9_4@E$Bt!3*$Cy zDhpS=oFp{MQu6OERL{c+%`yjn(1mIzAT)~u+~`8ph6j&7v3OdioRyln`M`Y}Ru$Ln z*h9Ms&YJiVb?&qIfO;{Z^3>W^K=mnnco{Xbb9&c z5GdH!iQR;g9b??)NuK41gC6;Z2VT{WxNW>xyjYHbWHJNlkY9dg73Z6tho||V2)5MP zd1704k>8AMA@x#Zq`4q@=mvbtf>qcx?*~=-gInT4tqP8nVU|=S13Uv3-&58UjA82( zhjA7mr~=?ZgM>?t=F%1`DKcSr9YqdIm+i9H#@Mzme=o;sDFh?Q#n&&$iCm6kNhL*S)Fy%rkKH z8dn@RYg0ux=S(lMI1dc&D)dYCa>zex)2-bcwU>nA;zP&yc!q5KO8Lpdwq#!0H8LymB*glj;3a>05RB_~-d85}a2uhp*jk*YDek5Z_ZN zaVY;cAlwi^Tb5np@{a^M8Z>Cs2im>cn{|OrrU@4%bJ=lz z)v6{AN1mhlFcd3Mf?)t0*u+#<#z1jkI_u{`oP8#sN&$t@PoPd2F}ZFXmgHKcxz@1W z1+1P-!&gBDu{H2pErZb5_@ElbIQcL&AGohwrAH*?FMMlCj>=pw{<0qaaxr>TX9jv= zWWirfQ6ap2y)zdXS0F0lXbl+4<4nJR3C6I|hC)befUW{m?-}sb2E1p$Z;03xc)g)E z|7-OoGR!ntu{$?d$?I9ygOxs|x?{Awo^?LaHI&05G zfcCj9(K}sfd3h*6Xy(ko@8zL)e&{@D4s<75eosO>*Ye*#1JKMHl720J9iT~X zh_rcI{?8;Yd&}pSkBpZ85PU2#5iFg*@h(Nuz4btJbUM0@=+lUndm3gRlfCgb(v8vh z_ot278-Kwr1#3Lrun&jN;^iTXbIaN5S8T>Ox484(9s?_XkMxX+GR}=9+Seof#<`P- z_Vq{)TE@BELxA@6NWXFJHKKhz(r=u52xuRV^c&>n6PoFfek0r{LObV?#{in)Ii3=} z5Vf25`ZU;eEpGW{pogaW*=V9)0$PBo+v8*7?u4gwE4sbSop*#v3Ra)xaQkoV;2t%_ z5q?5+r@Or(G0JaJ;^zoEPX%vZC-ZZJtwj4enV%!vN3^e#`T4>OqJ5pr&mDdQw2zZ{ zW(G3hIhfE)C-a-|BnEfd$!Y;jdc)p#d!C1xs_9@q154)(S?YScqEEUzt|WRG(GR<5 zw}Tyuu^WdrGMOI`lt8i*H6AwF02Z7{bSIYygm;dvLDRi52z1B0(p8J#YXfKzBQTx8 zLI3C)t#3NL1egVWSOU}iogQS6RJwzPah5^!dM7+y76buB#Kz#<-w7h=FJC=H)Dxm< zenft)Bl2rZ zTNDwqny$^z&96-@RTRu>8k9ldH>0>#Q7}vJ{!5CvlIQyUsgY14-jedP8;?G@ZD=XD$AK6tABIinm>DT#0yl7|RB%z@NrTrI@d;Sq}u>=BQX>oRHm! zQ|Tjh2lBaNX=;Oqo{UK@b5D zudD%*e-fd~@lQy(S%Gtff>piTwy#pKKk+T93KPU!`YEtnLcsu=74zEfgt1Oq%A~s= zksA-W*vc@_k1%T_c1Fl3J?k&b8tiVG=*q=YwxsX9_zATW1eu&Mo}rn$&)z9jo+F2U zJ*0;NcgJaPa>waNhTxlc@H2qj8rh2@Lp&M&v{0FQQ7=-%bp9`s|6MMBmJ60^UHE=f zs=|_Q(f{H^t;Y~4Q9R9izgV(rbDAYH9#&=H-k&in>E}xFTGG9|155t(Amyf6lC0Pc z)P4H|RfBN<#K)qN`C#MJ$0aw5O)t_XBP;5Xu?-1Hb;sJtkITdUd95`>hAll|z6hW`v^iKIHnzuayU-Hhlvy0)8S7 z$3NW4 zcLFOi1e!KHC@d%M9m^9kSeiCmMwVG^7%T#(?VZ4&_ZFuik7R!viV>va0rD=mr zmRW6>DFWy0oxrai^|CZ=_<^tt?;XnrGgz87#EBGHDCw4ucG*)MEWo)XQzOvFN0lTze4%ZPh`utz4V z7|-cJ@%Ok$Xp!{foyS+1iNa6?llXZITKvGB0JLh#d4(+WRuIcu4-HP$zO}s$v!cDW z-3F1T8rQGNXb=x0N&F=_8@+_<;NF~#vWn3<%m$IOTr~){Nugv=^U@$b`Avrn;!HdQ zrFeFB*!>$+YdRgzI_(|V-P%aQed`{|(kQx@8;!!SiH+hAv8RJZ@iXD-Z4_p2Gs2Zy zgkt1vwf(gl-4NFbajk%}!1+l;ewlcie3=+uPW1aSvFA|PdM-NNITB@*xpU^(foLK0 zaY8e)b`mowB`pN?Y>O_Wt_$ zp5$je(LJ#X!i;qwyk`VlEKvrLeBuaq>zO428Nky#AY-@8^DQ)C>S>?h?$bWQp{9Hi zx|AQTk-1(4SVF|xeBLLOdYz<(i(J8M?5)bI(e)Mlu!Os^qJlebv_6Oe%d zprYOaxR_@87C_4nqyXZTeL%)PFo{?8MTBvQ6sB^rms2HozO|#2fiiKXRvM0y+!SZP zD6kvFQFNkyENq-Eu;OtjEiBCO209+>O8Uy>;0h_*GctxshPaD}Uk{75yNmpoJ8Jl;TAb2U>xQmJ-vK&MV;>fc?g91elRW`zxldbU6%#+(<>6RbIt!1WW7S!<=P!xDp<%Ngg4|EFo!6>bIVWSF6NG-Ea+k znW^V%Xz^&B`W{nHa#P{r^3-bieIiqJKdq69Rx22Nc^CU%|ANxN1K!)xG@j0` z-tipO64_YHsCvP(9J9Jydp%b^(ja888jZJEN8)YPad?|Gj7PKKSUEzQ2-FYnXQm>YPnBF$tpd;KwXck%3g#;?%?CBwcNc zbq`i0H+5A?p8CFkNvns87Pdw>D*mrzICHqT0`j4cXSg^=Qq^Y@Tuq-o#O?lS$STRx z(DY{g1XKyFNp}C{j1g=#c9m2r9jTjBbm`r<5P?lX3lFmGzelnk6dZ zC?A^ZB};wn+qLEM-g~m8X-emcvnM3l#gkF6*rQjWa*nc6xxd(>7)~>SQFX!>#}1OY z&W@l=H5v}4H=-@5?O1xXiYmYBjo z%5ijI>qPAX|@T3fnq6l*hvg(ETDLQyLL-m=@FK&JHwPN{r0u@FX$|TKaL% zobJYhq)b>!U4ZhRneg*m!A0N8y`p^is!QN|_eN@Q0qhbD5Ns`WKy68Z^GQD0>gH?wcn${vsPyI5>^gp_PF79J$dWR;#yuOdrJ{~Sl zYN`(7hf6TA6J`2tzMrOXNmbu3a?AAKjx-(NYFcP&+5k4X_6tSRLPOKuNs`WKdYZ4M zM`%s?7m_8-t4MR8wf%C(ZTs54TU_7zS0rZjDul}zbGfi4O973d9;Dl>kO zw*~QR)h?aMd1zqhObGV&+9wg^Al5W z6K;Ltd^hSqBUAvV!P6in?)74cpL>*XEa>B8qoLMt}CBW;s|RmZr|0NOAW7i zrlg`kgCew#7Romjl{(UJRqz0Ik><^XvENFol|e-*?b4?!t(M`;ODR3vP?}+B`o&bb zYPigZRNc8H#)d>5Kg>%h zU1BKBa8hYqL`6zrT_Knex=p2(`(M71`XIGAL$ygxmRibY6eT-7Y;(QxGEYSX1`V~o$7cnH0f#FeL(gMmnm+x$V5Q9|EUUOftoUvx`HJi8nXhy* zs?x_9rO7aAPp$Y>c_-&7ddKf+v;tPJ>?P^BMKJm+NyYZtYQ6rdWY?Lq33VS!rX>TF z?4q(}PVOjkMn{<(9I~>dLubt#(NQLQnXHs-%~>^z#YhR z>k{uL<&PyIF9R{`pGm}7M0_TFjVWc?dr8EhL~IoVpTiA|LD_QJy?+;3P9nR_v^#ewjO{1Cn(pAa|VTZtK;pGK$EV22uvcjFuQXbX1*F&Zp@v!Uw^ zM%U@xqRJ|ya9M(7>@l!9aR=0Oeywx8?@hPa<9R=hyOYUxrGI%HI~%y+Xgo@dr=Wwu zMgJ0)ZiGwME0^X+Ka1^AN(a5OpZrqTDqS^oyT1n`Q_0^6ACp$JHJ*-kX{$i%%+G*( zMXk}IN;5n){PA6hHD2r+_d9W+Ho@M5TI@*TkPRx8oA52QN&P4>x1=(D=bu=~Wwy-as#B zNval~L_P(ibG2l`HY~kz%C7>WBvbUKG9jLUQs$g%k;iF*(Y~6PW2f#EQxq6GOX-8V zWO!2&y7)_&rzP~uknmSc?3ExCknrVBNVvz4(A8f;rIzqK@M2)H3dUrSAQT+`DM7sv zscZ<8SD=(+qLo%w856CmJhE_PR2rR>n9n5ZD51;4b4KPMzvwDV7=I5pkV&BIgw+5-0X&k% zXzBV`X`_^^+V$6G3=KSm(@~r;bkF>pVD9b)LFkdAe2m2OM6mo~#?%RiXpZ z)ewf4YKsi(Kjuu;<-}i^CfYN*WxtHl>3@8Qx~i>C+?_4L43b!(NxTX;$<#(~ar;|l zqko_1ZZH`NSxp|b92z1TbGq#tp_X$%$opg;m1`GP`)6IM!W@w?T9(`* zh>vj^BenM@YiJe|LwbohuCWEW31hIhsU+A6*0SiqC~65PLk*^+B-S&%Wr&JJCs?%$ zQrL{e-V~{#LZu96ctG9qsSD$We4E`8MQKwH=IG?oy|Z;9WAhN{EtT zS^AW2?fKl~&0e-tEmaO#vbg>V;Xqe8<{TmMHgp^830l9*M|kV55l;O}s?Lpu=;O41 z{_(%^QJRzPQWeiOl!84$ue^0StZS71BckY>!+tI#z6ggMaxr_-#WbL3kq-Ne5EV=7 z2+e5@B8AOgW^BUu?eGduUsD>t1sOo+bDi>7Hn964hBpe5Ysz zR<&iDcg*=5h{RTdF=}W~c_v%RZ75n`=z5-}a#ao$t0Y5lzywm+7e(_)@@h?DyATPB zBtz)yiGKMfx={p2jJto5uj~8cN7*8?Pzo8A^zP>xO2JO{>5ubKICoyKGcCG0QKb{wZFE{4ZTdGw_0 z$S@;n9++)00JWz;r3+4({qSMIYK2rKF8wKyJJF+B{KjR>86Z1dgEI#-E7VGk7u{Ky zPN++F+4xQpI*3uqJ1f3N^w)2~;_Dq|#45gjen7Dl7T@m7Td6cOTu$Td=1vr)9j5bvrG6^r0PLF5clIMNiGinhhTMNTD8LrNZ0S_a9QiICxyO#fmM%f4ZcVq=$dv^&N?q?xPtGxz2cyk0U z*wTY@Wb;;KTU5-c(eP#x(hn|QC$>{fu8AbZh+`O{E2yS@R1ek1?a8REpIa+asl}bV zl-XR=w-1Q5V?T@kolYX+oJJ{y=g-!Jq$TsYDE;>P*|n-Yl$?~gRb^8aOHXxnS^W8n z1dYfIH;CaFXfHFR{IC}Kt%3#(vQUI!y8m-RbR&k}wh&-D6wTK!njq%;kislY(H6ig zkYcC`A`IRD>PHyMyK~xlc}dN$3Pc!YPWieJ0}&BMsB@Nijg;>KG7)f_z=|y1=^g}hIf1gS_eHw zf&TI+*wjg`9xm7)2-%uxr7H_>}kPas8?Z<1$<(Y?kFw@F%aPsLlXcmpmcgC z6fM#xmgG<=+9y8oc792|rYmwU;0j1GG+*;BD{-n63;D!H-pc0_f3l(=C7Vy|cuRY# zpiev|FQvb|$s&59E#_RW$I)gMz|w)*hDKL{Fz0+eMSUS5#$>xc#j_wC+HqpQ^qCB` z(`wSSgCN}&5@a<+Y8geXp7K1;4u!{3vxeEnQYBK6j4RCAe&CO|-g|@9Ej$=_OyC08 ziraqhE74olSZWJBmhvS!SelTINd3)%x1nS^j+KSFnGgP+ubK4fG?&tKz96CsOyU){ z!Z$r6;fT>hs5g)a<5N(y$kD{W5EV-c42@T0!uSgjMG+ImD_gQnE9T7Vt$U_`P8gu2 z*8`__qvS#@(kFLz>F|<}hGNb^A!;%=8H&_Cr`yF}G^ z!xen4S9S%3WT;E|h9u{qsCS!zHXZeUX%KS~h;@AsvrVX$Y$j?DlQFMA2QAxD;Bwv* z?W9RrRZMm!`JfnY8#+& zdf^n{L}o=t`aQ8_DP6CNSv+^2DbI65OW1S&wT=D;vl<*r;n zpS`2dY?0YaphI2k@vr9doh{1?R@>IaCSGMRPztV74t+Zxr3<=7X%|B&*qLATNK zUhYzzo_IyqDLB9xpEqo{y=#e*zRb1kWyW1#=bF0(&~b=_rt5Z2iN#$`@f zJQwzwk*dXU&enx(=8n0#u&sZ0P$z7?GR#8g0$ zD(OyFl^RK|D%_o(pcyzS#6W~3L*uJzGV%4Yf|4`~fPV*Qu$mFW?NB%-3xJI%nr{kn zoUX_dW+(-_+1K-S=o^-HiPFLsSqyawcC)d(b(+yNN+%jh!ESba z-VS}=u2E_ep~J`V7%!JrikM1l4k;?aG;BR>Es7R1m3VfDgvB&$UF`NOc7AK}{54sZ zMy^AbC4E+7W>QXK2NM*24&m`Cry8_r%rGb@wx=wpWg=o+Ah3>i4y|)XaRNgfib1C) zpbNBV-z%W}*gMWHs8dLK$Y|SOBJKE06w#l#36C!C^RcPJ=q0uF=9KYho<3NaeUFfE zWj%8Y-j})98Id`5u*|JqmZ(nWEwbFjQb(r9a<_VUqPipap?Q6`HSd~8$?OFhlL%a2 zSGmTUj-et-`047117{0yvi?L&=(*J`IO5RIT^(^)qfXXmZiMPPp%wE*Rh$#@4-h;} zVdDTn#bRa7VTagZSzn*F4_#0Py8B){rf*cN`C>=?#evF6nOT^a^Jh4DQvmuV5h zl64k{VEr8&dhwP^SgNFsdjXpC&%UiF7s2{V&lS)5_8HcBeSwAb>j#IWeyC=h1tM7Q zPu8~yu#RhmijjJ(6Re*#&~Gq<>{4%*-ZePzm;~2Hsk1-?>*H`gk#{QKOoM^cf3AP# zlltht7BBT#d-<&MS_g~Nd*rbGJlrZ-XMqUT|L`4H{~h3j_3`X9_QynNs^sSrE2aHop){dgj7YJi?6IH;pL=jVo#PdH1mAs8hs`0 zn)s57LM^Si8<>WDk8Ofy#9U}L=o(r#&oBjsAgwHc#g+Y0f-bEXk8s_dzLa<^g+)pq z?iX&G_hMd=Qepv0X?#a-{x6+?|Da1ZQjbeqyjsA`p8FnbsCrGPa>jYZ7ZuOyYw|54 z@c_JI!@}y299F-?2#2h)09iH8YjbS2)U3XR6DQtFfD^q`3~y+z!KJQiaIv+p-2pnj z&n<<6rcRbW3!Ur;C|pQq_}Gbg*e)?2dD_SFvJjIU@Ucntjl94P!V@%`ED&Tf;A8hE zo4YGEDQt67$VX5%&a$2}d)g`~+l%*gScvw^A^J9^Z73TS2omjH=F8^kZ$R`>z@e&C z>m5)RuY9{TuDyHpnkh@>^1UicPP=J2&3VR`1#cp;ur+1haO*l!v&8}tZ0$z2cF3@` z9wL|9Ok&f!Wm5miR1R@tx3)w2qAfeS!!)~JJ?*m_A;mYO0}XmReyg{D6tDam>|Uf< zP`6n*e^COAHvf|}PveBA;*9wbeBDSlJzmRV5%;z^{I`G+^3MVk_xt}*#@vek+Cm=x z3jB+fLry3S3chVzq8XmQuy~VRx2wd+cvqWsdUfgF9J*P# z$t+RHS#m^kcd-FhuRt`{41w^#s*dJr@s;wN$P2a?j-07x z9eSMIqVnPJ9(YO|-ejY@pce}idzQuIE;ZwQ<*APEY(`9G=Odb(D8Fy zrX38(5B@WPlMX_1G%V&N+Rx z_0@+hgpf-TOJYw}t$Oq0MDst+_$)#{ce=WLd93Vf_EXZFXO?DlQ@E5r73 zCYvMM_|YH6++Y2ZuQgyU11Z>4$Q@X43I2e09UU3MsCS;gblJ|NtS|!I)bTJcgk0D} zNOU+z9)V*Iu*pE-H^lKSJ^(H}npy80j!U1}BpmNSYQG}2zJjqU9DlR`IQ9y2JU&at zr@DP7J_nAWNO@p$rbv6C7Ed|0LH5Ts$bR@5MzoAX&cgRMJ##w9{ubl<9ownpjat< z2e5XQ@281nLmBy2<_zP#L>w=~KiHVFx*Y`33tL8{wG5%PAap(-IJ3l{_FEX!J{{l0 z>xQ|o>T&{!Eh;lDdl^u4u|!Bc>4u(x0j7rllf^x*M+K*)jtAc+3h>8^aH2^Iv_>+mSfZ+EJbKe!g zzx!thzJz`_O7JN_c)hpQf-mJ7ncv_CbxrOyK$+EKx+?d5fv8BimjJY|+~0e&u-u;n zOcwWDk^49xncXv=+)o08Hv==MG(U60cFeh1JDcKM%a&nYyDI6$j}$HGI{{i)(i4fW zKnouUn2nb7H}im`Zwq}(*oB!BqHP4BKWA7|3NXgN7tfa`KoVpcvJs#;eSb1M)PshIHqEo?DI5Mcp}*)hz0SA5e8 zf23ko=2OgL1PNQrA&*2TW(AHxDB&(`jwV)~>D$;^>188AIt@}e^MXdx(7WZATpg58A?Z~I7i9#o&DD!dq zEJf{@t*A?=sNGQ7y9SZ8xH|pqg3emhXAg#|+Eqo(0iq%mbuB;(E9w*?EMQRwgt_mE zqTZWBMXk=Ks1!lMu5RSqY*!}(oBr8~a;T_lQQCV=MuD&>euP1Sh0YBShYJgv!1aCq zK+%e70cc@GJxqiJ6m=6|Hrk>N1d`cnsHdoL$}WKL&X+C)k{)a%eTt;`L)?goD>D>- z@BR?4T{Vf@fT&25xB#GqC0#*;1ti@+%zal(A~hS5UYk$SPXHpmbfnpB^S?A>I-C;( zGGp2b>kHkRIaXSsnV8sgGo}yDLd$!JBjm2nn2sZkn`D$7u=5;_H_?pgf9?ade!_8= zXH5T094pLemB^XLO*muvGg3U46od1yot?q^=J&wTzaZa%xy^n&hF{Lc)3upihZG;? zNPc5xOphd%@iHF}XdyW>y@9#Sjph55dqMF_>_&C_2C#Nk-ZvA=JYr!d%Fmz0ocpv> z&diu5JLRT-0-RZ0N>|^gw+Ch|@`JtmJAnP5$I#T)CYWY*fHSMUUDehwAS$v`-3FkAwblOH!rDp!CX4&7 zXzSNNl7E_YEFe5bHWR{3Hpw(=?=a_GmHX1Wi{s53<@!C~Mp9w@ow(tW0T3FIs5McpHe|lGl`>wR`Mj)BJDqq+* z2@u``STT?>t3PkrxuMXZVP3l`>D6}@E$J5kT3FKe5n%yIUk{k9cG49|?+GNcTk}b} z4hG5AVOfJ;ZBQ zCH)u>6)EYP0b00Ck0ZhYZTe?n?zqGCt^Y4pnIHGG9yO{oXRtq6;LTwF3QU`GdlYb}8xqcz3(@AAn{h(-t5wd!Zl?j*&Qq>7 zZ(suzCyx4Ib59>^?lHTk5;v&r68%BmMH#Fb-rb01dIlK_5d`I#hT8m6nGnp3C;NjG z7$S{6pyA`MQTUGm{sguR4I}b(W~-PPa_7`^D3_Ist?B&E*R*;*cdh*SRxoopndzHN za8uOuWFp@-RMVLA8`BQ7USrM_ru43nZCSpA%iO`dvt}p)jYQ=FiXwAQAVn|VVL@w> zeI}KQAp8N4dO0-PA1dwVRxLnM9|*=M0$*)0TVq7m)r%;BN2Y_xOQ}j>AW_vEAXUaa zVm?Pb-E5t^mCZodA0%X(S00^@AQ97W%m%M$NsN&VQ$Af^64m_@)k_2Hq4r7=%b2Jo zu{>82OLHW#EL#%GDTxP?VDdZ;;d?K{PP0T+OMp}%NwgFxi6cnl2h##{>&H=ilVWUr zQgnNu6jlUS^QEvdAca-AQdp5Ag_YS-SVbw^I}JX3tZ59b0Xl_5&|0Jj4hIFcY(0&# zm=dS@{EcUSMoPS{qg(C4Zr>rs4e%?6nfe7z&X~(I+FVGs21Ns|*0-2~-vN?aHnA1) z_rM}#jAM%ET*dS1ZEW;-IosH(fry=J8Mmy(PqbS2|ahNHT)=%~l*ufPEwQUkOpAPfWD<`tFzbnE)-U&mlxuK%Zq{?z^JTXQxu1zTgY$^LK=&eaifeuTFoP zTu_}AMXR$CST|ms8*bi2>UP2%>K;ZUeSN_fRCj+N8dCS{nv?Fib(qUf-k7<{e);p-H$aysQV-h zo!Ni*S-_bOELz=9)o%)QUjZyx0_&=}2Le%%>Rvy&78;FWj z{||M=sDCA(3aNhqU^ZI)za)}QsQ*YI8dCq#dW-sP8z#TFL95^2E7>*mKMgz^ul_5A zn@ynpeSoM)^>4Vo81=sks6y(00x%n`{;@>T3H4V9(UAIIm}F7EZ5!s7*J<_pJ1~Po zu|Y*U|7U<_K{iWeSN_fbpA&PQMhk^ zV`or-gNs(+x7Tb61wIZeSt96a?|lgn6{)}@0a{prKO({cL$R-}4sqX=-g_32^z{W_ zP=WP;mzl{QQ*fEjD+a%(Go}_WOK-^9So%M{@-*##X60#@tI)FlTPsgXpqc-fm8XNr z%zta;X=M$N|F5q+{e(>Zw^yECy%I!xyY|;xqSoNJ@I%wqtDOIzR-X1IlmG3Nr=`CJ zk^kkDr`^Hee|P0+@fGYd5Pqo*y#CboMy@}HbFe~_lZS!$MXSNxI4au z2n%$_7XT(JnCMD(ybY0bV&&(oLaG2UxNM($#2r7!Vby&TRl%*gV@O6jo;n zFj?Gp#XNsaB%N4!I$4MYSDu2y9e)9&;L84%z_ao8xb#;c5p-37*8@?J3LFK{!V27n z2n+bv&BNSxMS*|0gbM6$#+iOt6t%K{8{s+K=&vOO73eQ%6jb1Gz_alR+)TLH1P=9? zi;Gs^tpF{oz>A5nfC4K4v(Xl~`XVZ@yl4fs5S|M3w@(KZ=r2+fRNz$L*?0vWE!=DZ z1%7*B(F%MOpoJAUmk0|eumLa|t-u3_r0;;D6&Mrtu@x%MghTsyR53H*5bx-xH@K!M z*I-*2FE3aB{LAF^-R5h(J7s&l+@y(%VU}SUApNroSk1L=J-5nojRG0(GGhQTQkCnl z+=P8t$WJrBa*a1kaIDjyUl8=$^N9mDAeQRX^-TT5r1Gv%qTRX&QeRQ2JyvDN{g~-b zXy|%!tqTlh#y!YD;h*z;tS}2gz3_>>_H)$bpG18MbAK%;R>zwwbouj{I!2|s6{B?O zbxb|hq>k39AFSWHXL_(n#b?9St)ce-`5i3qsbqn4nT_-}&$gm57U}0qY8L4?NV>+5#+T`HN#CRjhDc8|=(1{krb*2rJ=~;bk^Tose=Aw2 zb-9i7R;pl#^jGKFYW<-}%_99blbRtd<}*OI#jnZ4909`J)&q6wW}72*x=QUaFJmR! zG5so)u6F(C0(&y!Y?Hx0U1uD|jNvAOeTB|AnHl?<4BmO8GcIGswkCtCkvijMW_&wN z*?&FPsdUC1X0)0N^}*aVarl#X-I|h^^9*j47q`N#`H9N4@w&B09g9@?UW6RaAC{`5 z)8PhB_0QkN-`L;mvYsnDnbS?!zdIVcpK(bju7~L*;Mh+IcDRX@Eb)fV%l<(=(IK&v zoR~WY5Ry`gJ^T2wr}q;i=u1#>NvrXCY41+KgpXiiDq(!hWai23&^3qRT5`)pyH47#l8>H> zLVlU4E$*Dua>c$`Dx{ZENKgUq;R7}8dldn=Z`v;K+6Jk;7Iw^eQ`k3c0-p`QF$pdb z%%HAd;(M%;9dZDi8uN3OwT#_2JxrPKSJ~b;|QMI5tzO24m`1Y3=FKFx9Uf zwes0)ZKE4%he@8;dEeErbF>_8m7t#yTL(g32}PL-1GIH)pS}?k)n~H>6D~F?zU;9m z3zR%-VCr<`N4f%vku?@%xPeL-Aw%F9{0Sr9q9l=-WVG--vyrW}AOj9ThF~j*Y@SB8 zj5eyS{5yG>!XHR_cBy7o++^Qo90mk8eZWPT#_M}X{thrZQsXyd!R)oI3^#`b*0-i~ zEE+~H$q)|zTGhWc{=*H;Zv6~}8liehf|MQ2~T}xuOHz!^nxHz#a_Sa@! zBf2$CyMxh@D3YFy3W;&AN-SB(6jG$F@mj)0ST0nvYRujIs}iF|WUAJvYPu@X9XY9r z;VhhVSeG6RFrkDq2fU=5S$LNIAKJfj58l|=z%sMkCT6)wCRDJX zOvX1Ptwa+6H9q25YR)6UyZ&0={P3Z$H=cy23r8}J6fk!5DNP0VtW zOt#_OLh#c36xMiiJ&wz{B9z6g|CcQ7?pCjgFDZqrdsYC-*xJO?RSRq6H>D`ysbhcy zu2hVL%>_+iKEfDpfZP|Cr?KvF#t&#q3(022mY?MGK&GWJH>agd0}qDl(u7kFn3Qt^ zo;!&ouE87bu%RTF_SGl8x zyOphpMn+u_6yJ|#%8L|AYpS9g!2;m$HbB22%2b&>=7Kj3CpUlLrxcPs4E_%WdMs*` zPN3>ms-qmQMjaoW3fENGMm>6yVHEfbAGDWP;)|zSOTwu^%~Q@qJoga+O~4zj@}Pj2 zGqIektA}Qx|JdY4wM&k{z6b7^0CT6)wCR=!k zIem#(%mnSb`O zVP~k?8_$-61|tzZ!0-dcMMv+R-HK18Dvc%^8zhTDhK=IX(o(TX;gDj8OL*{|>=rpqqB`mzh~DW)SzteDWY)VFKc!UUam{gX$-mL~<7!#g?M z6v%f2a-b5E00%TS6~y;qO}@cggtu9cG!+%aetgNmFz?Twl0grP^PVE-GwAoxoa4>i z4_#6_(wBJ#x6K!}TF{TrM&EvxkBi+?0TEe=*j2FZWT^%P4y7E8W=rXO4cVc)Y)}n? z>X7ef)m*IzyVX2ECoSUXv*A+_Enqqh?sx&3RB{vyx>ur+@4_^S#4?TyynnsAmPNP+VMZNx}2jul+iuN{^poJEXj$yU~X^GcHLXGL&P~Dth>v8m+fi94tSWXw1_yq;G zirt8a90C929^N*%=1!SM54H-lmR=$pnAP@!F+N7?0Xu9wPag)3F`pz&~-`smg+rYCp}7`cQ(m$b(1_#v=?)p1h~&vZ2Cj^Y4D>2`b*P& zZOdxt3Y1Pd3tFV*wErCA$#6HuUbc!J!ao;kzM58bl9)#T?X#o6ePz0v@zd$ak3v{1 zOAi4G!ZrV+O04d?N8yV#Z{qSd-IrQ=JJ$1JUC-;mw)&Q5PG?83i5hIQfW@5axz69;M;-|EGN%@0Y|KPm>`1u)jC8i`yCF2EJpMIU3D3*T8-b�t ztKh(Nhy@oW3Z^XKXom{g1^-P8DFLUM{xvJGp{Q%Ms6Dg+&>tQRDl=8YN~u8Qb%)ae zR$~GqRWW*V&7}7=+o!#%)d#?WQ1DT31X2f*Q%a9)y!Hb>5+``~2;zl3O69%Z3tlAw ze3)`Q((PozY`!gq8e-G5Ys4Rwc7_wqLb#2TvjETQAR~;*@J7=`oWm@)iCJ!v$+kGB zp~KFiTfI8Iq=I#4-Hevb9Le^?$$3g+l4<`UsT%kV${65E7Ps3m8+itF^zNaeqX?zi zS$XXQ8!LaSGVRl-o9-;g7R^rP8*7j9#XIRhyOK&NQnrO(E3`m`rapkJ!Al~rwUokO z7?Q?d7|-dVkU4mxp+F(ba+{dtCYfweNZzJRGy$>QKQz;{M=_5A^cwMIWo#BGV#tf< zZNk`0ylKXmG6SLeTlQ)vFToAzJKa+{dtCYijEjO`F)tg!zY0*WbTFrLbP4Z@rDU(9lw znB^v!Y-22+{|dFSN%%av3I9fQ+J9YgjP_pv!?`0W5*r9^Q_cW9XNx~8#~bcFraxnr z+r%t4$z)rlwqbA~;kl8Y)ja#7c*^OA=OaR;58m_~8?)RdX1PfwM^j?mUV}AyRgBgT5n3mHs2vK8ytmq_UJ;0S`VC;Vn z3ad4NLQ@B`2r0`8f#Q-V3k#i{I#>*;r2l!8%$`#cnc4GeFaVdSgXOYLvkK93xnBsf?XV=G~g_a69Q6g=T*6I|Qo3Mkk{&hI2ETj=DuYV+Qa z?5GM%4qb9QrvHY>w;(YsW0^t`Ieb__In1SmGjf>7=?ktRC^;}UM-IobpvWQK%w-OL zbbl`dgwg%3S(#=`UoV-sU=H27KT=01;E(D54YV6OrvDRhbaqU?y~q?TUk2~K(_n8P zKO|ZIP-FV63YwApeV~o{M2zIkC~33W19f9)Aj+uG`_V`E%M<+IZ5w?{#^k9S$ev3S zGoc~1N~U5yE{Exuk6DFQ$wD!okC<^4X$FD|XWxwD&%}ItqJ3H!%Pg}o_CwGQZnT3d zW|=K&mSBUJmLAso5#lWHY9x$Vf(>?QSt>POp%Zr}O_O=f!)!t6P_zuy%%Xx)FMFQAXWvr&zu>dz=*+WYWxs%(t%nY` zu{HZ=h1l}-Q;Y2(7TMN7fNHT#$(E~Xy1_83&|+J-^U|{txCQky`Bs93VrF$s1?F5v z(_v;Yt84jehiC$}a~wXF?gvfGlQ1)TV!;=C!pSVPsla@6hOr`++QKs)K4Lb25M%T4 zp>v-xN?RDqo>=h9C!A4WB;}06Qw8QDGK?|HZDN+2WU?*5=!C>}2r>q~Y=L=zvEiVY zaw_mtf%!1J>Bhq>w~1M9lF1v%*d%-b-Io|$q)04#Vj;lTP*6-cL-16A`Cz>1z?@lb z6SLeTlWmNJ0&^d+MU|iK5nwDgF!zhvt@`yt!V?RAfrK*%+@+j>c&bij0N!*b!z{On zS#FZawo2qvJ5?Jnl=46&GM&t!@;L#E1($SX%iO{<+*ZWFWIB$I87Nhd=N zAkN@4#BZ_p!033i-^o0V$!?41qAEhQI8&AHlv^G3Q=3~oerO@L>h-s?m2mo?)+wh9 zPvzcv;Z3_YX1Ptwa+6H938x~0eb$#U4ruL?-81r%c?U0!Hg1ts!s!WWDW?=q<=RT{ zrkP@v+r%t4$>fb>>aE=ZOp#&lbF^72Q|p$HskL}2x3&gvnkicf2bt=$JL~=v41s=t4z0CV3HDOX3Ov=sLJQvX!~(P2 zCT6)wCfjPUtv^N(Vciu)W;x2IoMm{bnT4fz(=!Xqa+{dtCYc;fhNBN5GdPM&Gs>r& zMR=;fX(8TpLt&QN#4I<-WDA+#R6@YzF90;wzVK923G?u#d1sc}#4I<-WDC;TSY|50 zyBh3U)Igv6i5>`_2X%2v#yx0!5upFpphE?;rZxiXKN@Ts1$JTt*!LRjUk8zJ&0Y~; zoA*=$_2&hwb_?n2xhfw4-&@1~CO_I8G}r`%c5|TZ-hK*1CP$Abm|Zo*@d^SbEOUB4 ziy!`Y=YS!DONmWfe_V6xTi6ofeSq|=0j$}C@WFwi1ZR#9Ae$iq+XLN- z(SpWzRbwoEuHIA;dxn4WFo`P<+ooVM^{| z!HThJqAZ8v&bbtq1#t1*$JGt9P-|T7@0Fco=kCXrg;_qSi!`8o`+(;n81y&+6V+x8 zVVl`mkirNug2T+f0W4!St&5mv04_?*?VNuTsLKgOt`peK%+YhHMGG(lEk(`^8+G&D zuX((=8|OC5eRO5ShKGObpn6cJgz>wBIo}x4{%yd4$|@&d%(Y`*@n8)v;v@*n@GLcN zJ*8u)7@-`|DqxGlDc2W(CdU>}#cYh&Vh5UGge?wYL5BdCoueDSc4aSVt8v9`nLfUy znP}fSb2^q?ygP$MvD&D1SYrJG{z`NUr5xR-{S<{e*~pjxU}`HX>0GG0i=7mmoRW55 z`3TsRBW>_gLy8vBl@!ta`&dNu6U+=1644ecXcN&`(OoS>w1(ym$w=P<5v`$Y{DW_- zHO*d2xmyeCA2;n6Wo3?U>O5D)l(La&>I_x4=}WsznTa0&EY*-bZg55EN6#;Xs*H$3O0cvrE6QRE)G|YT9>z zP0$WC!-|M5drv^SXRlL-E724OOH-6qAZ%N@%!k+pe++T^^>XW{qDo=+HvnnrI{}x7 zGdlzg|JIJP2fhO(2-9%H1MaU}xj(!B>u2zig6udVQ(m&%2g`95dt=yMsN>$Sr+C3c zYTYxSTe6VRbz*U%PUO1N%WYzon`E*L@%~YW;eB?1wAq58LrO3Msm@^Z3ZB7W#~yFu z6K62~Oi9QOIfKDeoWbY~9NtNIh{R;k2ynD2a|R>ni0%s?z<3E!4+dk~6O--qg#``H zKE(f3PZOyJRYr$gB`w_@;nRgdp71UVZWP)_cB3h@#?$p6Bu4Tnl!L0$smBqec>mF4 z>L~|~!L4=I$C2uhZ#X{LM@{cMk7#DFx@g;or*PZ?JG;>!v(cK95Cl}QfCcl~T@BN~ z+>U(%8Vv){e1f(jx5#>?!cX^a4p_{9_@T$^fnJ@gxB_p1qY>vKN-1!xf>y6}7AQCd zF(sVwZsN18XDaAAST5_}!zuBOkvh_nk`}+%0Y#=?k*fIJ!A#)cP)fPHOibMf0_mfm zutc07f>K4`{E3a@1TZZGDRSKMFXcfuT2IJSeLVmSyricB*pa zcXSVxE6M=8&aGYL)~$4_R@htu&Yt&-FF_cdRX^Wy^f=|EUC1VIx1=hUZ?y$+FYBjp zx43o7-Ku3a+}D}jabHMKO`Kc0wGe5yaT+RvNCGF|GFgpEq^lD*s@$IO=6+bQAfM&n z!`RDi;M2QWW+}nq(gEN!QQ4fTT%-lD)U9iFs}@<9jX4#nSiHFmt&>O1VA6H1aB$Cq z0NxI%iQx&?b{6>a9up?Bg(ivvu;@p*xook*MToe!%{phMz0)T$&r-8Trqa?JP{!i* z6q*od54Q2J>S8~JNG3*ci}Y}7+E{|W-#MpACmYFGh+Cd?m`f z)3nx^+!{Bp8|%*54A4#iMK?Dg#Dc=DTwazcH&zC}?Vlq9#i;KLr$Q~9+I%Uu#()(6 z7;AVWH#6B-uM$m@AB0GaUUPq`Tkc`Bta_#D=_xEq&q3Q00WEy0!kX(-Ls;pUh&Ahb zrtyvn;mP7x4~Ai;Yeh(~(=}CMr>k+^>qkHWhqcD7TkTeLSnRa6udhSQnvkZ~A_4)P z^o4?_4F~)+p0r!nhEq<3@UZ_Z@fhdB$>ElODS~Gu9B6-}<#(W%_1D7CvpDU?2$GiH z3zFsVlp0AMPnq$*=7i7E3V(ZDyrVoyj?aQddcU2-IYW*w3rWgxTg7)CIR^QrD=*P} zr#}!R6e6Q&R6dUogM4$8fCf;m`Bu{_IYXd5F%*};e~kqGoY~BoyIl7pZ9SHj^EqpL z_>P<{AcoL{%0UnXT5YgygQRXjMhB5meP>S|*>1iiD7`MMpc7exNMUEBK(@VIuaLUaOj0%m7o<@RJEgD0hL z$q3KoZx26PXmYFrxROp9%^jVXn&MLTY@pj5i^^(-D&PUwm$e^`8Hn(77=+YI;V|Oj zaZjBBJg4^sADB~f^~}?n$E9QLHfqKq&26tL9BM`I^3#s z{w~6;7epF6+yUL=9|X@TZ53^9U8`HQsyIC03Y7#N_Av_uPYVXv^tLPAx)p9!iw(~p ziGVU4pyDdt%rU3BR76KWJN2PtfS$e2D}sLM_6q%Sw{DqRwbX(><_v?;qgcFo2Ng88 zNy&wby}($rTerxqT4*U*yHi*V6{RfXwc}wBE=X0*PYc3%YG*+00=I6yTQ#ppgmg&W zZvzPDrYh&i6)=^vHb*izoa@%jajRz85aOn@tOkfSA@j&14SV;bDra)oo~pbq_mX>Qe23!<2FjS+e8L}f#&vR*{)+hT zoGZgq-N`c^Z%T?!Fw1RXmYZa=RXub)8n^QzP4wgQ5{af)pUGGRIYO? z*F_u+f2|C*SPg()ye(;+UQLj16@*Va(P@}rF~_>&)L_3nqfK6##N zUuVv>lNt4n*%ln7UFVh@UfHYmee)J;xD9wrrEc9uRcf6%@1BJxqEg?*HhrbQo^&d5 zJ8VV~Ger@#CxTzvQ~E>5lN}zEz%0DD^?XrE$XXlLv2>R7mDytsDpQOd{yJQfs4(Cq zOKhJQvDF-FSQw*OSeF=uX}(O+;)qAo^PW&Wzk!H#J((p8^Q8;*)Wteo&l=6b#?|w* zct;<7!LL+;(_rZT$3vP!sL-u56=jwWgDW<1-KIZbggYPfI*41146&xQI3$i_l)>8| zI&^s(co5#a>GBh5mU*|zwXFVHw_>ouix;KlwaPl6X7yHchGDFBYo&p;iBW@tMZ3%r zki?hvF{h@mKr?R`>V#uccVK@AdTKC?g_`B+Ukm?9KV!K-MGjFla!aJcXW$f+B+Bh) ziK?XtE)=qr>fb6KrzKYV9-UVDqh47t)j|}2uCn$Htbv@-?oh5VVQT-H9y zk_HF0%&q6*Eg<}N;O4~}f^u`BgkdjBG!o2*0X)tlVVsDTVJ1CVF?AqObF+*hnVU0; zd~z#RWf?pe(VM8365v|EQ06);j(sS#dnM&nZ){q|cxo^K_0-(UTVigi83`JU^A3P1 zjcuj&fjtYUp*8Ii%Kov=zDKfa4-RB=@t4FE#j2&44CCiEW%a<^!}7uwSX2E;k%i<_ z_qZyq5ry2!rEaxU;($OUHb*5Oj~*(LJ@N9(&VLcxPLPtSXDdOK)DN~5{UhN_W6P9V z@%Bb#)Nvg(El|v@c(I0C6xQGonL`E9H9)N5qhcRk<9 z3!MeQ?n6|TM!@>D_x69{m#TX!UVK5Y>-B$_u2-7&ic*Yh*KRqff8f_vwL8nNm6EsF zWJRn)Q$?xN%=X=T6}4ZLi5L;OcBBzKKcUN_kN8C$GdYU76a`l&-c&&!ytRc zOg5v8pScFZ{eYigZjPThkp-0}$===bU{9HhD)YVYDvFA`d#Dk3dU3~DMNiTm;}R(v zbLO(L+DmndO}`sIgMOoWS$xT0I;+XZFwW}7n~Mi{krYG)vbv||1H|F+h#(vU%3>sl zVmUWJozTNL5expmA~RmuikSi;JG`=W@+@yVd&Ej<{x}jh|7TCIYe?}H`$EeSgCF0s3j^MtCn5v72qm6Bo*UFh) zvq5pF;t>)#wA4t%PUVltmnCy8l(xyg^?v9VDU=IzEpLRbD3qmsWy~%v3I`VwQi4}% z;A#P`Jw&wtb912vl=`m)8a9Ut{5Q=Z2F|=I!HOv+(h}io{8wrGUqMo2=GXvm128E~ z$qlBE@u3iQn8u$r1C3a8b+6MDej^lW&oiuKVP{pRXuwMp;9&+Zhv$R_JW2s>gX+7L zD-t)-je5=whH2ByVwza(2)k34+agqsJ)l<=U2c{x_d2ABpv9-x%5r_9%RQpY-5n~| z#&YjtPA0+(p3>#Uh03uT@*a#Xw?voQJ5-Jxk9TQwxwmw=FQ7@bfu{j)grB3OHVwQ~ z15XP8=V?5){u46vP3$2FSmR&WJ{U+D7@WSdRa)bA+;c!U9L2m-P~PlCNb z{XYIu>gQsPPTzF(YM)5fzt!BFEJR|?jrmwN9PObvI>T_3r5bWHAe*C6iX#J_Q-QBa zRDixbF>0WyZ$ICv*9Mg#**HV(dBm5<(?0fW7z5aUsNqmD=w9$SWLt+RwzSIOcAA@$P|rj^O$pF5P(AW z_6w#Up~TxsQmlc@FirhFsEAgux-5(RrJ&08VF*UEe~uu~4UNTw{n63NwKnjlxDwmy<-1BfLhxoC4H<0ep~}z1A4+72M1)=lq|&$zg4s3 z8M@@Px+EvA4RAvcSmK+pO0!wv?g8J638dt34r|3IU+*zoHsyK7+*X8HTX6JM&toy; zgK<2DCChrSpl#!g&I)Wldl<1qzI|(GV~oRr54U7Q8GZu-E08_96k|& z_eX%4`s7ISEG^A_*NHv*p1(Lre)?@dl0j}$CAjkXGAx$`^=LKj8!A^;T zfA8UZC8z6>gQR54sS5ySX_21iP7S;Piu3z%&MAnQ{o9v`Wk5Dd7hM`IN=bSP@)b2R zh6z}qSWN;y2LV+P zj2bDmmo(b9zLr`Zs4`{dmf5fB>?c*W3Nuy$6aTz#F+Z7w?QIQyvw+8(_W>2c_>l$~ zuR(YaM1!zlkm$cP$Wa>Pt_%pZPLOXk$d7}3nW;N(oX?lJwXC#zZzYw_z6w|b3y4Jw z&MmN&F0e=n#GKv$k%q}aVhi8n98`p|j2tE_YR9VzhGsQb4v?&(>zW9R7l)rMDf)c)*B{}0Wsp zfMvWkwEmDn%XNW?;Q}H@-Z2s?Fi;mbGF(7ny&H229IOj$tqSPa)IWd5U_F0Gy#aoZ3RT-|LF)pMCBjpJy`{+=OkJc5aQrWwk(jZ4; zKK0A>X8njJ;7txw|G6&TTQfYw2M}8(j%|qp!azOv^V1JGMsEr6VFs)(0GRD%8%R9B z3x#P0iT4W#Z)k79!auk&fHIv?-4b6i7T{U)b-!G_euMWqKtm|afb}Fz^-+K*v}_@U zMZA-~8CmWYq(3G=zX5=*mHvnS27TUi7D72vOYgNWRIT?12o4%h(S}n^+{Azn3S{j* z1`!7ZR+1A)Qr$nmj;sfnV=c_!V2mcoy%+&nKsIH`Y@~%n*dO>Ll;&K&B8eSUQx+2z z+LezMRPdeKrLbmpu}qZI{1W1fH;=Uj{VhFoVF`8S?bI6!{}RtUfcb;=J+is7Xf^RU zSqe1*HdDJq&Q##!268Y5Xhx%Hpusgf$Z83%dY||mD#5K7gHSWp;Q0B0aYiYEqI`j9 zOG>_%3zjtQK-uqgKs87ZTcc+bZ$nWQ_j&-#C>;r`f?3$O4XUBduuC(8)l$ES_yS?S z+jA6PO!R-;XJ{gi0GW|AUR7`@I}&$A z+$_tdFwGn$mIBrrm|>z+SI#VPEC3e>gMLj#XFfjV&rj@^#XH(=FI7Hkxq|$7OHq$7 zFlTTnmEer$PY4|7`VB*;XT{@H z9{`uMYkStgk%3*PU{y%j0yx6b2=jig<{k9PVyWh+{!yqANCs}!_<0**!w0!TB6xUf zO2_bFkVhpWHvC(|f4<4HnQy08@vysKEToa{3B);@(eK7MxzOg@%iA@J>MR!nJL(vC z2jVq73V8KyWOHH{@v_;e!uqR|`q*&HqSz9w_pIoByp*}+Ak!KDB2~baqfm+W8z~CI z%P^7IsXV~!R2~4vxKmjedkTD0$=InpKsF)|@b|3*8N?1{UA`#37JEUy3hMV8bhTcY z@fwz;SJBM`R5m$d83zHGrPuWsrUrDw+?=J?H^Gg6@hV$P-bx$p{P^NAFsv|?0Rc?tMe>LHKZdiAyp74qb<~_{eajfH5x5C+t$7F%ygNhQPt4kccApc z-`(UaO|Vhf_6<$?r%{`Bar`7Q8x{3Q(N~!Etc;PPQgD9&t7P`G&w?P*2LnD4XSUQf z15MKn?vWx0)38TswOfA=%4&<2ci`q8DM9%$cvD8*NU#t*+99FB?Xc<}+Ga63BxO<+ zWdLL8R0WoC^c$9M)muHCDn}6nsK17w=7$;bNKQR+n5jKk172x^aozd+0lX@$u1*O$ zuPGP!W(|C85SU24##~@m1CJD7ZnyH=KMCKev-eZDaP<=iLsz(oDg=4AhTP1K=w6-O z2Em~QJP)F_c4{>A*=!JPpBioOOP_M{$lB7FGgYRY6l)stnG9r4?;<~6H?Rjay&6Ri zlR{98sK^@@hBa5mj8L%qhiYa}?VW`RGAQxBfZJEln(V`x?0PVVYKBp9w>WG0fy!1~ z^`bnzKSZH=%#O;8n0}LmN(QQDMWMPd3s!1yKp55t<8TFA7ZQf4V1Jd3?c|WFF@kt= zf7r_}fH-U~JAWef5^uf~0QDAtbssB(@(snCA#+C30@R!l?|q=~X16Jy@jc{*tFtEJ z>MZ$+W!4P}vd1Oo28CVFcJyrpFhklT|L98e>c;B$^ZkuN)yHPZfSR{8s~b{3y}EIu zOo8x2mbgi%zh#&cg$x~Ke95H@KI_4O=|`UY2z`4En50;RKfLqDra*oMkPE6yjdtjT zQF#jW0L)-`-zj2>GMiFf?)#H_t!x=FtZg*}&;@&P&{kV;cYe)V*QoP&X9e-LpYCJg z&}0+I=4XZkE9DOk4?&|u@6@oROu11BdT{uy%*!w#(3gLWFe2Y*5cQu4b!IdgDEpZX zu6XQ5dbZqH0L6JQg2laS0cLa~^Qp#a9q1T-Cv3IGbS_ZY+G;bLL|E;G9~y;5SnaV2 zAk$#H4`l)U3j8-#()a<| z>QzyMZnP6JJF?D;AapRK5hk=33H1&WYSK0Ok;0^$ct6q0M`)5(y?h2iS^5Km>Q$Ak zQK70O-ko7oFKV*)3oJfC4vGP3vE8<4kjWaP9f&ZHWB(#X!{~y4^25X(-d`jo=X4_x zzO51NulU1mQnW&1AtE0Of3#nMNLx=4Xzi=rVee@a?T{rTAXTg;NRHj~QaWeN(`O%U4u3 z7CKN*65^kCdl=hix>CPa;NeO=v?{Vv4cV0%3d~X|riUsuPOzv-G27cJ%!aAd4)#hJ zF4qDP>Z~e7Oj4;PpQ4VLzSEWZn*tA4>W#lgR*GvP0ZpC9pVSo7LzS8)SX8B$?fuk; z(QKGX9j(|1YszrBd$3Z(B$Z0znWgtFw^qT*8qkFdu-DDkJDcD7_aZCBHJ3o8rUSE7 zis_+BJtbIFrI_75K8puaqlt=#a4>3E{DsO^mPs`Hi?~4UQ&438q&}A8v?4e%Uismb zIxF98n}8B1(Z>z zd*nJYhtI(2o=jq*64wbxP*`C0YbPi-y(Rb+YHAQV2gEs&{T0;*Cd{yPCeqWB0Go&t zBvbvISYvi)Pxz+kO7ULdodXbqGSj~A>V>-eo|V6KDI zC{$0kpEmh!f+XgsAkj=PHY)A&c2QSI%T1Kmp>xT;95M@~S@wAp?E#yp_JSkOeQXxk zPc`M61uW|XvuYUq!F-9gh3d&{7|g!D%KU_m)`Wf>Nr>|CW74?d!(b*cqmiY<&QiFZ+mNYSSOefuF@EW<|lNG2HPf*5KUOmvs>G( zS&V#bMc&46lO{A*z-s&D_!aR_?fYfYXDVaMABODe@$Qa?{f+5n{jS)_ZBqT=oW?5v7j1eBM2<;o;6pRt>E@1e$pkOq; zTfOdQ*p+)1L=!X9!0)$EE-|M@x+H@o(???N*Eh`_fUbx>@)kiEDJWx}=LwjljrA1s zd>BXRA|znUbJzTYjCp?dT7>F*ig_LtO~{z%LctJOBV(SoMG_M8Tq&zMdCl{r{Dh2o z4vZuu=6QKEA!DBZcr~vdFy{H3fZ22;=DB$^A!D9(`3V{GJT;P#nCHE+v)L*-W1fBT z6Ef!c8CKsASmt&LJ;gkSL=!UR`6t0pQ^-6U1T5x!j5+yCf2hqX<$3jPY%?Wb7AcjBZEhXSxUo$qKOtkA=R^_`+k6l! zL=jHF*k=Fygp6%|^>T#X%f&Xi6cs_pbe)e2hDax1Y;#&9A+gOjvCI=e$k^ub`3V`@ z+&z+z*ybhCgp6%|^itl&U~Kal0kbs*vCVGLgp6%olb?{W&0jHXxqGBV~OfIdj-1ARp``;Fwc_&Wn>#O<~dNn zEE+)vjc)&P5Q}JI#ytPAEU)T~c|Ip#HbP>an@1Be=2@4YkTK6wBMFIl-V2>X)X11; zpZtW3d486P@B?LHo|UP7>>kpfD_@XCflm|gLnb*MhMQ8dxQI6o!g#djkuWydW{bhB^E_6lzJ_Wo5fe$AX)6e@@r^ilriEb(M_F zxcK9Y8>i86JsFL|oNC!G4~|CS_;oanTlANSJm?BBpqlm0=A*lJP;~hhbUps4${%f) zaBgE6KpnAHF^%Q)#Sqxv;MpPs_NpdSA%tQLSHjyyfWD(a`)be;(V(Ab(0@T)oZsI$ z8Z@mzpVOdUg82vrOmBFH22DkS{zqfIScBdZ4Z2Q)9wDIo@?nluvSpRV)Z)$#3hcxP zFf$>%8gkDwpJT?ve-kkM$%TJ=jGSF&6PZZ|~j z(FzaG*q2O}VK>|WJGN%;709R{t7?wAUFMFKGB1Hjl&1ZJUx(^JIe}Zz$CNWv09mq2+v$D&nt$>TGkw^*EKSHer;O zg1nc;!_W^Q+etwmZ*;1&Ptvs3q3UQPyM(e&(b?}yb}e_OVkry0zodO~h|p;o^sy{Z zil=>a2y~1Fy*UdM9F?^19RfA77^6V9R15%;Lg$AF<>QiZ`K)AV?B-vwTbjXdOuD5r zZUC7Lt)UuSplNR<2r)0HP$`|0Tf+b`G1lN|9~HwuH9XwB_?e8ULFxiDG7NN22B-l* zoXCIrS-(ln0v)W;VMtiw$<8Ug+71!eX;x*>QTle80|5lA>_WYBfhtgQJJxTW&eQ~0 z+4e5c;^_dhXs-B39?XG_J|LQgNDlr0gx)^^YDh;y-Vh+I<#RXK*CsoQRk$yJC)8R` zRNSd80LBV=K^&OnPyPk;$ckOAE4G~~I#^(7v!RMnQ?U#u5^(j+aN(zqx^*nxjWeRkq=YfAmE7*P;Hc=0EZ6mad`^nn_Op*8%6x>T>FV zJO#Up{`j441#BWtkWdMpC@V>nVUaw~BUC15YXb4Y#}QQ+w4$d<#WlgLxVrE6U>qmT zFek>F$6MXHRc_Tv+vU?ch7l1B?(vW@Cy=d3Rkl1V$d=P30NDz+uEnidZbKHF+SI(V z343Q5Y|HS~qbCGgvu16XTZgl6%@%AmFmN!iC{?*|u@qUrum%h)a_bhlRSPUdV$N-# zhkkY-Ak(AKK(G(RtxWrY5v!oSRw%gVrz+abDaiN$36Y<&8z!Iu#?{G(9u{8>uSvX9kc8uUs@vUg0A0s4YOu#Q-v2VuUPxj0* ztR)OacC?9d*2(z)1#ohoiPdBZy~x%QQJ@h8f&>zkb5fPFUKV-Z!-fWV&vEN!xmEXA zWP&cr(4xQN=oEZUctW`rRJPn3O91L|Ca$h;5xk9M3hzv}?hd!A(SkQ?hC($YwbHY# z!8R>bIrSsK)_~jX$mKM*ZmL_=V8Ir1#;8`oP&|DExvOl$C5wo(m=cb(njX(FcXt%d zL$zT$BfvBEqP5+YIGVY>UAEyXMu6iVlLLEupo1MKpe-<{FpAwl$<63U^7n;O=$qRT zWuhCH6=myIx9Kjw9=MIlUww=kWDYnpiBBSe$hUu5vqj?s8GNE4uz&gyiN<2iAK2qF zLeAYkt*a=uJz2n@;QEw&7~orKMQ-)iYOZ&i_Zu)<5vj72iZW3U#8pOd z^@l5_UH8*rYvRuZoZUY z9k_ZYnAU9RR$syh1QrhLUvCQ5ZDGX}7T<*7T5VP9t7Ii&<4s6Bia>%*=;11I1N zE!?1QKQ*GrL|tUdtRm9xcDEFvbJzf8bUiE7W_B`hc;%Ydt+bSg0P$kzi~?1AZ{cWl z)ed|_r{~*vyBKi=tN?xSu<*v)UBL|}=5FT!Q49Vl#2?soTf|4Bk7MKXG+#RWXol3o zO=uX>(&H$NII{!Ig+F3N_w_N>eQU6w` ze=GS<~1r|IM-~f-ns>wcM>3g;({WZAy?egI&5S zTv9tK0OofNf@8@-!iGbNJ^sk5FJ~uHa#U^2fVS>JnB>iq zb$Ha!qWEc4d@o>3&fpgp0qAe_Q^Or`U`mG1R6D#T{BwOP)XM6}car7YX{+^~$>7IVR20c@OVm6eR z{1&%FXCJPzF+_rDD#(F%8c;>hH%NO(DQs~-0d?UpTGen=Yp5CEvi`a;!M8Kl_prf% zu4Lf5C!;kCUeQFC$;}$e)QfJSY&PkgHP&S^v=uPh)gh)lZ#IW?%H8T!viL~}VDa++ zOYL0s)sNuHL)jnDLXO9@pc0)~>(sZ#bFI_d?C0yqt)6FF>-_11G>>@}8uO6j{X?c8 za*)w6yrk81$3x07s2giYFT_sJi(DwcwU^E6%95(T(igm zIy?h3#QT{riiQ%hS8qUc4UB7h1BjqXT)`i~{hPX~e^h{e+aBt@C<`W5`55dqg|MeJ z_7g(bhj|wj#=gBObao`~KWOZqL7k}N5CfPcbNkin4?lnw(1uRU(wu@yySavY|5lk(BqOPAY6 z%Eg>t09c&jKn_N|qvfZy4Gz&IS3{Ff{zZnh29(Rv&fyv`r2vl%Xhyn6?|q2Vl+IEB zeg0qW_sw;H_c$OU8q5eyWt>onIaja^pqCL3%S(B7fsY;z-qNpSFpgBYm{aAAKJd!8 zpJxSK@d~%10RwGLpwb(b+`64H!#vy{^rUw+Ab+Ly1ekbWPT z-VP+4TU8p7S%Z85(qNp|0ZI9~84=XYPXM8vGsehJ2!_%vS~v0v-L!~qTGUHWH(x^n zEZicx$$&-Z=0d5GMK>*B(XRi!){Qvv!z))!!c?-YphY%|QC6ZdhQ~?g9w^rgZBI2> z`NHdepzqgFba-fcEGodE?SWsj!I+_Q7KsNy!uzb8n!#iih8BY`W=J^$@%#l0Cglvk z8*H3I3ud`Z%yN@Vwhk?(XNTwf0FSef7~Kf#KmtT8H!k?j$5L;LvX5M!@IpbxfCHM}8g z)Nj4iTY(6?FTxaWCq#oH7)u0R4aKByxt9_6MSrGd{g2q~gyDZ60%vYc1pdW65fS(Z z)Bpl15P_>|>tNdW)ZS7w=6o&j4g}PPR{T3u7jAJO>^^-x*iBT<-ldk;#PuI&d1^l8z$fC=K&+8jwHE$e(;BM<_2s4a`@+M zg%?qJA27vP>iKT{0;DMx)jRet{MfCYAK=C8B>OQc14;eOo?9Zhv4)30$W;FZ2%U{> zexi|NGW6`i`0Te*L!YMr51<*A$7BV)5%MrYM+7@{eqgVfwo?vEPdWYZF-isXTG49Lys#ahmp^M`) z&nTJmov}}53YJJJr+|w3suocmUdgX&-GWxDIb?K^aQdJwDW?oi-W-#1df|;$3?IlW zw~1M9lF8O8KLbyWtC1hm6mzW7FB8wvc+H!?-SO9kf3Iq_lmzyiF`W%$4XryGv&Ye-avsOWJV{(lQ3mZUt2%&rf4!MQ-U;m8LZZY6&j& ztYEz=E-c<2K#8{E-G@BWd^f8dmV>E*wXtFvk&THrE77O0=@qDSyjfk2#U`Y7_(n?f zlRHHM6d`16uHAhfa%RU|24aeqzFCP~tx5>2?%ji!C*R5-{2v`#Mq7chzd<-kU;GC_ zjE**UWe~;bBw5^>3^1btBqW@kXtXJ(6wgZ}94Nt?TGM}mS#A@v+$57NrcjGrf)tWW z1ykdtkh%7QblF}kOmE#yq_-B&8lkraZ|pWx=a^!eKSVZ+MUZQqW0DLt$7Ejf%`rVa zL)H5K%N*0Z-@r3)|FhC%Xi}#$QrUsPoJYC9x_D4TDoogtKC&Pp@aE0ZntOThw>Ez_)+p#38JPCo%k zi8w)oflLVmbp$Xz9MgR7e85!Wxx^FvVNyUFFAfA?I|4Duz#*C=U%mv4NWj@WWJgaC?}jPknR1 z+XZMN_%e=aEo#k{RF77z2J=}B!L1mNs-KzB`AosDH-epj!ii(XXL6-sqKws*g%R_U z;bSdj3rwTG-T42}#rM7=Y1H^MbPIS;`<~NKT`K4Ss6NyR zp4K2kG)O%_Lh>~3N}3P8{~VjXl~2e&G+_2sblj>)rAvKM5^7^el%>0Pvjnz7LCy@e zW}|lAe3Xl5ZqI906GEc4T4oP(o2@tv?;^otNJ@*diyu9}=@4Gxm=WHPXxeXR+P(AB z=C+y*UWW<6#B1fJy$Y3195d2eC}nbHl4z(OXxg`dO&C&Cy+=WmCEmnN&>kzaM|s1d zX}4?IeHCr1>ly9whS~_FnU6NE04*?ICrS&T5o=dng(vrkODhZ62&G_-*18H&E(&(3 z-W9@$QM*QtG%V^x^JpeF1`Fz#vssiM8)Nrl1AsprpGHMu2UZqwd{)EvV~nQF{?;6z z%B2=RHYR~&glbFWu+dWW0v`OsMq868OlzqeHWDzi92lhLm(OWm__zgxn>GEs<1H}5 zy&-}KjhZRk?x0Pl@&l@6_4;G;NUPeVw8rL0Yiu#n8cVU*$`+7TD{8i>rPVQ2#c2AX zz~H3r6qA)N#@hygR>Y+46$ue=!!N#3L6C*St03X^!z4|}tD7%yo`V`wM_-vqMioab zgUXO<5lg&MLf7E*RD_ z%WYzon`E+eSgXFE0qJAph!71WF;yx0c^y1z{Xmq2NK`I#D;E}}pFo3is~6ITlmWGw z;(Obn3KrrfdL*JP;jNGO=eOjirbXAb(B-T>$>K###4ZfrHnG7B@CvcL23nTft0lMQ zdQ-D+Zc;T{C@n8TViVMCU4y-5nk%+a_EzTB`uD*J_&x#k)7SF*Q&_R-A7!Q^8+5sy zp<@n8ACz*K)G;i7QOyQAhn=-V{j`doujlGcyq<&Ca|o4BOCs(UMQqK<^q3|XX{MR*=6 zUTq=Xv{z%6+r%t4$z+Sj_|Y$pWkX>i+xj$csVm;kQ!6kQ@(X}B<;=&EpSwyq^YErM z#w@pqS#FZaog?2nL%z)8RqK`@D&fop-jp*3&m*Mvv+%}7jRwOkw~1M9lF6MTKYfZ{ z`##>2q7qB(?*ZPFGZW8|LjDfCan~=%Gs|samYZaENp>JOPQob0arBv#mCx8hXg2GOM=tb0^5`*0oVjHVwo_j;Df z#@s6d3S##zw(A8A-k*EjLrTS*BLJ#`TbO50kn!hUe^c+9CssL_>)Tdvf1hNixmWWF zyEXgsOk5IY#8LI|;8q#+bh5sDB(ek?P7EW_l? zp>c}VhOAJ8kTnRgwWb;-Oe=OU7;CIy=a{i(ce6VP-{&NzWPX~>PmB3!H9u|Ur-MJj4td57ac7hG-gR?F7x%4>)o`=7{O?4$1F?Z6 zvwOFvpjo!v3HImSwStgI-*b12!^QV(p!t*76yNjP8`#;AKwFCSJ;xjA!S~!~N)&SI zvokoI4>E}RDi+#~6Iu|~b~kuSxjlo_m>wp9e|mT`uq2W*;}24%oS&6IIWoQrqT^Bk zo*r}GBSRXVRp^=c5_)kT3EA3_!3BuUBNkE65Q`E$Mn#JdWvP%=?Y2!Xno9G zuSeH@XE^Rvio1myw|@%mbatF>+}D2t+{40gZ&2K4ASCdMleL!91uU;GX#sjj;%AIs{4W4P39upTlH@0s>Ee}DOk%cz$v5)g z1uv4vM_`?0Y^t6|vLt!Dc2_=}m@DsnYkZwna>#25J72s=u#*7u2Qe zx_gfydrrv~2pQiOX~L^C$VR-FHo0J1LlBskc+Yd?wg+mZLX8usNNfY#^S~Cf4nPnW zhHADc+1A1yvh99|BV~ffv=*l1o>`n9v`JNsZ44@>(YBIC=UXdB;Ey0YDyOk}9-FR1 zV>aMI8A#<Hy4TpfgNh5GNAVo1PZ({6{9(BE4PNmDe+BoyHNO~A&pHiEf1$QQi@AWw9A1v2ssUwm6>j9 z3{3Tz@^g$Q6^fdthZX`;**kFiDr+1Fn*5+_d7-xC3(f2UR0ZUUSH;OAy7LbdwNn6cb{;(j*)XeK3lZQc@^UH1#Y=;bp!?d*hb8 zC_PezL;6(IXl;?Jx1)2Fu8#ySGfeirgzv)hWAoh>Ygr-PB+^c2+Qiqgn3cjmwc@{8 z`U@^MaKDDMDXzG(0w^Pv6lzNG2bE$G*aX{XTP^C__+HcTSmL~G&9M8+OWmoY zZM_DW1#rf^@-@|RNo9@_q+!jrshG)xq6TYhQ|;43aO)FWsNk~=c(@bTGHXpW z%IC)~AwEwmhv09c_=7UQe}m!kZ#BgSx5P6`_2nPjT932si!M-ySWY6 z4i9d;E}&Ma0M^EhL~-HCo)SW4jaq+0HY9}1TCsmX4y;?=rWHbJGhQpCG_DX^6@)`! z@pai0B_z9+kGcL-w6E>MLsD6`PBW?cIC)t|A~7FdA&K`?ecjO{#_WUpX0g-46IvVn zDXN6RSPmAQoUQv4l4%5s(6at5X;nH@9W<8kat>2gFE^=7Ihl$p*&$W{I+VP+(mndv z@qAdBYr{>vwK6@mc;i4Ck_T(fTAIIHKxveRSsIesZfB{GMq+DC`!nicd!G=&4ObD& zG})NiVgsaFC5{rLK+PJV2@muqq-G_!Q9UHb!!_Y|kQWM;%&~w8-@<<(36IuK`o5mWj$Q@HR!InJ2#VY4=s#7OKJErJTl5_$A`$vm;unqBwhWNO3L123%xmsX^h2zw_&}MCox~o3AFmb=dt*ghn zu;8vF=fJItSJcMGt;`r#u2_8O9O4!vN-gdRT!pnzaBIx6eff%b#c~`T48pwvMZ{_( z8N7l(7(rCD^e8L9|2@lgZa+9#oJy@GWRsWhOTN1?LNzaDiS?l9hR;K02#M zAqs^afa{6bz>0uv8`#LR(J1St*!u`iV^bR0O;dUm1!?Ow&C`^Y0+UV2lsMUxXe`>U z0c~}ZBuVDvZg{v)B=EaWe?Kb)`?Zv`^_6mREETlAQjQY^MaX^!i9kzfeh=lqvIyD? z9+*tuW+Jfy>EI#7ZE#{S@~2v(I5^h&N2G=F98wm+|2WWEf&wLI%Y0?6uav$=*_urg z<)bhQv%D{ewNwd8TT9!@OiS5rz6AAoDTiHC7I!K2Xj`R&sPpinr=nLkEyz(Lk{T|- zy`Qf`XT}fLk85=Z}aqz+3o% zCa&mA+#Q-BtUH7>D?&u^ADWV>2TD@7s?X*SP1#cookx3Y!u6|6B$Kbzj56fYHK#K)yQD zR|SSi$>#=882-s31ac%>lVl^&pXFYHWyqQ%AZ(=*M{t$wG@8rcAdY0luCh{d&wm6 zerij!y>f2M)P^}e&u`tg;x_hE%o6FIG6%y84O(cpQ*C@0n9R;li2m9>?KIfcn-C$A zCX3|qe~16yQ>ptcy$K5@*fhA_OB;ncZ{Rdl4|ndgPSJ7cgOr1kU}Fg8)cv`6KEB6HrI^qBr6S7Dg|WXkMr%so5<-+w*Pe3KN~& zg@(l*6brAzfY1lIpXPX6`Wy!b=V()J6_6t(DHF@S91qqU-$(J&lyQYbr%3S}QvOcLjpo6!PLJp|7LN1lH?oCslurjjF??`|d*F4bW6;p}foBKgogE|Uo$4#t~8UAMQig74rvX8`8ga0rVE+Gs1q-CKFCXp=2mDp;TzaLM#R?wSqY@j;< zfwf(LElUWpQ543$$ekohk%UI?MBoI)&qh4%_#^3h6j0HcfR@-vk_3vnLPh->Fu;-M zGPDV~WIecMVoH93ke43>MgnVQA;q#C*dT#AaTrk#Ow5x_7=f&;QS7gg40bmZyOG#0 z8v(kohbM-IWB*gJf7cCmet%$}m4ZDY(S(x~A=Q9}oG2mU9mOGt#OUzc&(x0ZVbD>nuf)`A8nwPg znJp9Ya-X11-VH^4U-lFPD(>}~`e2hfRB>Z0YLAqn4oh4gj=fm1KSVM#3Lj@bZ3)f} z4^RD+re0`LhjO-xoLxB1UkM`!c-toZXiIXAg&`eqTB38JId=jMV3c zr~XV+*MVh7CA5S1n&rAMBZp#AQ> zoiPssGU4?zGq) zD0B@(2%QKof%STCHH5wrY_%Us@FkY~LIgF|mOn7{MF+C{;i*ryzGH7x^s;4ixMKn`5(tY zB_ET&11-ndiocoQM`Eqeu{6echLXPzSlaU6fjm?_uTskG zI`hi=3mNB{>Pw~o9&eeV!(gB+ZrR*CEs|aSbO7MGj>OAKo$RZYN{EQ#6A&d9$lrnD zuv?4&3%XPj{|ugtOPmp&`W`LtOM$6JbRhM>@YMEQ%IgDDzjr87{}oaRX$y-q@52LA z|89GvUKF1CHC?6u=~yZESyswbkiTR1XmTFYY~C}3p}p9XtkcEE_>9J=zKNZ}nXvuq zZw$6i*Qfsb$Da}(qlX9)z^j`X+deWd_3Eh*z=Pqb?MU)Ru$)@)Pk)Wn=Y*#|LSIs< zHK|KN#rKkm@1DSHhMkUVzLP2OK<#`*Q=cA~`pyMNy)rztz0hf=z|{NCN9r5HQ@^Hp ze_R?QplB;nmxQNo-O^OfgMq2fZ$s7g3{U-rYUeqDsc(rR?>eW0PU+_wmGj+A>We}v z=MnXyz8ft?bZXIKYS;+=s)%nJLZ71UJOum<59g;ZMdPR8ZE=|3?N!<@-)iplaZUCO}st9RcKWftEqeVK0hl}BrJ1Un^n%G>|k+@0>KnMTW5UtqIqwGxl-!oFh7fkS#SJpeR z5}%9bH())Gd$053edh6dYAb}?7js30SQ_PX!TG(mM|&7p-1ha6SP;SANXA=ScHE&) zLECW;V=n3H#S1b=dEATg@{U01MU-KS7iNxf9#B~BdHtj%s?6f!+Q>h7=cG8VEC%0C zFC{G>L@jJV4vb&iUL@$N(W4FeqcKWd=2zEidMo%onuPv79 z;Gc4A4A1Ko$zee7Dm3GyiWkUxWURR9q%12gs=lFkAYRbL=YV*56Mp(3ufFn}%@o6M zA?pFo!)Ya^?3J`(oTSEinN&%T+vwUseuf`Ja0rBpI4}&v^j|2chYj)0rbRe zX-SKfbh=k*t}lkt{CN?S=0quaU^as_?I5IW$AMLdD3ES{rOUI0r8$Hi(7}tu{w)U$ zQj`Z=TjhEGDOH{^Xm`g!Y&(0uF^` zjl57veyZfk1O9a=BvVyeW;VIvb-+p<;RiL(WR(9|1a|xW2wFVPuu|BF-+=bEWSLPy zwOX2IVjbW;*%vxJx6X_h{;U#X_NHxe3Ek_*CUMVJo+cS*~{H&p|%an@>zT`EPagR5n> z{qzg50TalAQECx}!}3I9D~{5F4{R-uePKLU(g?P4U!f-rom(#<8E>B6i^c<|;a-T9km#}Agi7ag3fJ7G$Uh+k&(Hu zE2%1uw%Ux&N@kSS79VUf@|eX)Z1DH6#X$xU<+HYUt4GM9nC0hw{UdgCjXrZKmxH-a zwPdMwfGI_)&IOi61&_in$@{uuwMl8VOGIw{5G#2d|cCMmzlonaaFX-4>EYh zODLI$sSb|MbgWY{nTwjgg>En`1IzSBg&mLr8>upvl{wJJ>PBn`vQ+^u3*((35L4R_ zPvY?tlSJC_zM;81JKW1WoQ|8ec5y#3+VxXKN*-4+k9u!Xl#{!Yyv!7l@PSmq>B%g{ zo7Ii!bkUT#ca*vQzJz|}CWkXOSd-2pu4G14LFzLMKrd9vY40b>Uxv^LEoVZ!spV>x#}iOIq}-4tf>!v57e8K%)BCWan#&^EJ)+;*05q zZie$U)A_o>`6_e1cnZy=xWRsvR!Tr=mHC-%e&(1TdMnrk!T}_H7MP!f=4X-lSz>;c znjcPffResDewLdbjwSFH=Qi+DYkum?4@-=|2J^GQ{4|=MCi6oV5F{<;r`7zlnV$~x z(`kO#Er61qI(|0EPk!-CR7l&NXa#nL0fwWRVWWn59IFQzwy%bv0dYd*MTYH&u*D6F zF%i?h5&z3P1{xQl8yNllexiH5hhcgLaSZ>F;h$+ZSNb%(a0i6Hso{0`PWa9Yf6j!* z=W(BhG-GZbp`Fmw`;uy|QW*5bDKutDvBi^+U+_J9`qZzT%MwkH~4G`u>+XwQk zPScvoNp_cz;o;6AGkcm>{#R)uCKW9WeUDoF`hqbeG%zv3oaoJs>Eb2%N^v(Sh6YjC zHt{SewhW@ME#pm6v<-1Khx7Dg);dW%J4hXHM(L|m#S zrzm*?ku)kvo09DJW$2|QG+Jv}E@J3umUfJ0K8&G9Sz4=3r3@XSw3X}xlzajswlNXC z*(+%H1q}agFiVRY(H12mu4criHeyLK;tocvvk~kz6zV}nJZ&S`k!ZwnM%-;9*tKZH z>x`(d5v)p$Xkx^48^P|!%nD!{@CD3%xD+msV*euM%j*Aj+>QE{6v+LJIkyji^j!EhW6gMpPvu{z9lrO+>PU zQuNbIsO-;om;6Wz!;>WLV()1qxTRbpq|AM6#C%4SRz)kSpjJb@MO`FCo!x#wymU6a zQBD6P`CGpii#l6_eqzweCP+vAZ<5GI^3F` zk6Y8D70dH*U(^y4{ zK|vHnT9$W6u~{kwE|679j&ylGxQQ0ip8JCXhmaQ`LnJZIMTojS>hfvU!1gZn!-m+I!uzbV)MEJ zZe-|=CNy4R3$j%aLi26tAf?@dq5s&OqG*km*h)Nvp-nc_`koURy2geMSA;T#F0-N5 z-<;3TyKSiTCRZ@D(uQ)Ki`J$?k(wEMuEciWLM{#6#L%%OlxE4SjnUeGVLWf&Nr+A* z?zbz5e<{SBK8P($s6fb?oI;Go6el5C6k-G+ns=i_TBvcR>P}PD%zjfonmw~bD{%^=#fg0?Z)E8oP>b8V=#LU%KCtPL$xex79L!8VlBwC*yz z#@GQ8>n}r38|p3tn7~^MOA_W8j3t`KXGD2tS4v_@@1e;qrHkP&oA9KB2JVK?B_=d! zRYo!NcExacRFfHgwV(Q0hE7vtvsi4ze-9&$wGqWhUY0XrUmLM38PUXu{x*UYprzWx zh)qROD*Isdl4!+}yhyBvbchfJ-g1$(NW5C=t0ngPw8SGTOW ze-Z+x>lsRl>w+k3rH>-TX{i)=Z%&JGIw=lHrHGe|QHnBBY#T%|Rw?F?;-9~yD14lb zSBk}?cq@ovqEf6N#Zy5PcG%WLig*wO9tLZsv2Rwaf0FVXp==go&!rTvu{VO8=1bVC z7zqbukZ`)Mq4Zb-UiR(lW>YU0yf=M5cq#jy%J7xvD zh!tAc38X9&$`#RC>n~i$(6el)wLUj9bc_j=_hwc^D^_^B2r?wYwUx|drDn2#2_uql zC1Xu%TE@_CcV?*(YWu$p4E@Z8q6w@F$pogNw!I9mMJQY+6FwmcYm=E2?19kvHq>S^ zh@m&yQ0u>pW9SSUYW<#>3_Zn$79rPYMQvXBE%JaI_^XRn)S=Z@c$+9kXKbRJWpnAZ zYtZ&P;(j;KqxOtWy5A3zqA8UkUg;XNyh5Vqf{3^!NM-XeiEa-fat)0(k?5izqCz5- z&SN8)r--}k3F47LJWm?QylBNdZzJJ2lp;9LYo!(l$A?J@Qe^FNOlAj486~W7Ax(Y42_x4XsvZW9%Ja`CR8r# zSLzoSewt#qJA$_uafFRh6G7oi%IGRtBq)C|r3`qIglh_k`INeRI=QSQ*nR>=lH~lwdPZ#L zL?oT8W=8xlfJJ8tjNXB&a{o8uK6S-Wh8kBm2yw5v;>>J_!-B>BkxJn10+fiK z%HL#yzPKGr#86sCQ=%D+c)*FkHMbgZ10!NiMDJ>%n>2Sa>f*qt#~F1}GK%+!YO2+Y z8lH?An~ZvwQ9C$MdW)}c8eJtzY?0VLK}FsmMds35f`?qzt0v^5$FUz@R2 z%jLvGRQTtoW_U6|^97Wltg;xFAn_om{3_Wrl6~BdWn^r;vXU|}CHW2GR=eV=7$!*``S?36o)bNyKR`mGMPeH7Ohy8SN?m+u(-N(X|!S~xW%ag zH@6EQQd)E4J2}>z!OHnb#C=F`J<&xIEA?h9?gE(4h>vZAY?(7DmNTNxM!0nG&y0A|MwlJ6HPMP1G@?5-N=fwC&T-g zaP1&Wc}f_u@fVc9BDKUO;$%jAWFthMO~e#Ntg#U-$-FOQ#N#%iH5qXuBj(wNwq(Se zjJU=|bR;7lW5iiD!c~)N7*T2?T>8A85kqZ+^x%fw4;ZnnjaZZvNrDmI^^ubIUXl#| zk>P(c;ql74WW=`nA>wr#u`U@ggb_71q9GY^3?uHb5gU>bXENeO8_}4IxQY?y+lYCL zz#B5y``YGM{#!^gN=Vw0mj6D64mF|4+3r6ubUPb5NR^?Mp?NlRsD{ei?w5s>N1M#9 z$QIG^Dp3q+8rVNRocm#|QvHQED;VbIOE)=CKM-mUNwg^`oX9YQMoehDWU?|^%+PPQ zVu3fsOQvY(NQQo9LZh|QH1s5ft~a5*7bg{UI>Vn=j7pczM;WouM!0nT_l$@tl1t@Z zVE82(UYOK~28K_tKtq!e9gH~4M!1Ih`THYcR~s>$DM~j*D>lIry)ENTWu}NS?@E)*Mg8g?37F}tp zODo%PrlV4;T~@f?6N1X5|02uMwI)>O!b&Tn6_t7AugYyt<{n!20Ye?zLXmJTAickpz$Pl^) z1L5?&GR=YYHe8fv_rQ+p2rlyq-Re648>;)^6cp~v>V)J9ah6a{9h}FEMi#eikBrQX z=Q#0LWEbWh46HaXLvE;|UtbNudk(NgI|k{_M<2rw<`#%yQQ9}h2U>$E(?C>cy#H8e z2pH=JGln0&gkH#e@LQmzN3a}h+j~xOC#AA+YFxG7V2w}3A_lQESBv#A5^`6j4Mvf+ z^kPj+#lmG5f(5=s4$9YW70U(#>rc0N_?n!G1qi{)_hOYQmJJ5hmB5mQ$$j@FY?rNi zLQn)9*e)@#9@s8BU3J4jk6wfOG{mrYXhYhj`a_vEHG9Z*Hgm?gQXix=Q5+VA&dDzD zBQDi+(w4>vc@|CdI&Bb__g0DOIoC++W+Sa{)T=nM z1!+)_Ul7E~G+U5P1$n(!u7L7ox}b2 zk#_Mg)$c3b6oVsH&{`NYvz-CzQ)N4R-q?OQWBlDxXME~Le}^>wVuNA?Xc|ZQvkvxD z>g_$566@A5!m@5%9uH*MC5MZDjU?x{&ON_N_wk#PIm=*eXhuU$<_u@5WdBhxYxOW# z8-`@jEDzJ_YU&|i=)mg$f)0F~7n-42LZ6_}6$aX#@EMqEr#wyZ_5ogQ2P@_%LVKQ( zTqU>1N4pB`dot*sxpO|+)iZMYLq<(4*Hd!kdWGhB4f1RspA;&p$!x$MGbKy8HY?&D zwiHFM-)J2%KGI4o-PoTi#|6Vp3x4&dO*zVWkRn8ZkYuQ200diJ%7ARm(yg8xet{e?jytg;yDx>j=a0d`XMz&Qx>Q&c%xw2TM8SI-g ziwhN@dX5byKkv!WhV{BC!>=6pn%Pm1|_KEA8}=VdiHH`*K5Z2D69{3vR2GM-sYHG z(jZit<%W&iXpUPsI4jLll(<-=3y&lq#7w&xrwGHEE=-B^Y|m+cex%B7*Kc!`{zOIi zq)XeYRrTBdX~eGGs1yo}9@$-SIhXZ+RoofM>;Yglw>I({Mdu4pe{7eHsIgeKESCE|mlABm+6ybyaczQNm z9MQrdU!;m-L45TrGlRe5b1rbb=5#r7%DKQT3NjcVxfS>uMQHoRQ{a4ik6X0wr5ZuS4VA{^skx1?{b z9d)zf{pVk~a`X>HSPq0_#g+`p`HFy_6!5&9S?W7N{a+vi_SL9d>pK*lk?&ZZmy}V&nO#AgI^gD(p?;jbK@jPe? zj)1tSA;HE1JF_}ZW>z^>D$_xFg_+!7h>5DN zPBZ!Ig=I3Kn%NZ7kWQnBdV9vk_?UszOP%)F7{6kGsHv_Tq+G?an<`K1*MtFU!!c83 zJ~)jq7+Y-urQp)36=$jJDEhhMO|vl4ZwZmUP0h)6NWU1<(1{&bU$)|q_wDvRnaWh$ z*357lu1eOA*>dgF&rYabkyB>%GwxKBagtPv=l-T4D!xblq2e20-W%GTA{_4#y(rHC zN?-1y$1|B=ZJX3!$k@mQwj17LV2}dkQ@o zhNyx9L*{PaQ$XAH`d5Lf@QU4lO^HSEN>nPF1zxlZ{|+{<7c^v>T8kNK$7VV+%)&!5 zT&X%xr#q#QQ&-qpMQW+JwE1*JW$9Twf(|aSkaflalur`8b^4dwjuudc4j(#rlqDek zl3CU8Q9w^TWWun6LqSJ}u-us$=vP=MHPeWdmQ8Uh0@&P`8RC6Fq@Iy`=-DwtV5Y~6 z^MoD9VdQXxnZa5>UR}PtLIl2_<^@^UYMpX`X|vU?pVSxlGg{)6Q_kL+ZsqlBwEBVEmI z^xCBAzzZTu*d~VQ$i$e#r2DC$@jikRU}W6&0n1gSjM`vS@;F_03;-QN=3Jmm<*yfj zz6k`D-c>JMm_1}E13<_6K!fTBpjRuXt9~9%0iA;^<9){a5Q8cSh{cNNs-%;F=&2-Q z3#Yp(MZv-<SbG=|! z1b_v}4q$DZef27Me*~%QJll87tmc+C8Xr;TIQ4}Soyxz7n|V}Xw*RS2!;BTK8kIAV zGq&~hC_mCA=BhO5StyX&9XvZBed1daW>;GaIJB0g{U6Tv zfGr3B3(?r9g1I!d#tXJE04zjf4+a>Oq|AL=rc{DkZi~_Y`n2YAu#y6pQV~ls2b>Q; zUz=KuttbKZXqavS19f+f-jNFGs@<7(e~U40!vnxVYWH7A>8ssedcj5nfZ^dK=_PD6 zYO8%j!E7+}?w#{IsxmSFETncPE11ic#{d=}yBTRft&o(%UJ7c1!Qn73hcg4fLS**> zQu<`~*}0zLUJ(EmBD;$e%q6?Ky~8ea2}y#2A^o z#d4o+o-_hZ21LE?<6LJ;FH?kDfRHqj&YfqnCkhKIJEErW!hr0m+sMn+k23*y&E#>2 z3Q@hvj@L(QvfnT=TbbwqCK6u*kDO$?>*N^)S=sDaGn0oO_B;Ze3NMJy1$cu3pXUXZ zS5wv>j^3pt7t~Hg?E_Sw;Bn<{0WR9lX#rxup++NK_y`(tDuHWc2Pg-tNtK&BzCd{9 zD1jd-Pobndd@@#X&jRk^ART9e0Ti|IxZ_RpWf0~lWGZ>dNKPf&n{U12$qg%#e!Qd! z_v060K9>x;%7Q_G+tp}H14eN2s5a{)fF;I4k$s3bP6ALfyOfj}4#@kmYRWvTR?NUA zJ~i39nNJ06&K&d(f^r=zi2pLTztoaB=wSeDcX#uxnWy~`+frz^AyTUgL+nl!(}A`H zfYC4`m4C$gj7^!W0xayG5>(dmt0dH9(UB$#6Ol#xA(A$`Dbq1cDUFtkbM_$} zmv)-A?5T{-%o%(N`(bio@Ui!WLAJ(oPD<%a@5X)-m&7&(Fcjiu4zwF|+?5ik3Q)p; zf_DYv!x~}b`)X!6IBdVdQ#0qvU(;c+(0*mkJ!mrf5AVV53U)9yv!A7R)(OT z_&P)oPI{Y?K19;=ugBb}q}PBn-Rm(6mF^_crFlJOnbPe=x;?{Ld`{_pdRr@%Cnvk9 zRQqVmn@E!m+dk&erGqAiV&t_6O9<0 zGC2F)17E#GjllbVwwaq@fiV}I**=^0AkcKYk|lzDHf^fmNA4A%&C5H?n3iu4PMdd% z7&P$P*u7b@8oUL$O4B;527mfzl|@VD*iRu%CfG5H-I_V}$r)nrZL!-j$Npx0W_+&) zo#;nL=GgZV8>d-OOH2iSBu(F8g+IL;hR*3>6k()gs3~)X3cA6zJhU`OVX@z{zO=bF zG_St2iC*BQczH{_qB%aU>EDk=?pYJLv$p!}L946RMgCNaF~fm8gj?EJU%G)EG#(#e ze~l!K@rn)caSZ`U%7=uT>R+hBPXsTC%cPrw96PnJX%bp(--!wBLsQP9NuK`Nmbddw zkZvh?*v^=PU$P#_meZeM;++UETDAl_9(mJDuwW^2f;uUrAakT+TRfcz;J83faMQRQz z?p#N-GNUqqousYYw%4HtRVLH8>~T*PI545rwWpCVU2km_?N-tm3mk}N895ttB6QPR z%Vp4!*lyqIbx&#gQm}8k?!88Y_N6YW9-xvg24R>-k`p3R27AI}+v6B-m~5FG?hX5C zcQ^t?-mvdq!RDtzghlJdo_W^U@+6aS5A+rWwrT0LgWr!1I_*8Kx!PO}kX*cNkagBJ zZp3gc2NN1)^BlIvI_t`@>OL?P>Npa!@A&FyPaTT(E2S2!&7UlP(L;bO$6^=ET~mE& zqtVO_s+mpkipKc34MCcj+y;j&bnt3qL&#OHrq*@&Y;kUM6wXVJsLX8(>ZM^)ssF{P zRz3;0I1k%IP{hI|+!&NPtlItHKu>9qwWwOQNX*zj^?=a&VrKafWo)P~U1!Qzr)6x2 zSFDSVs|zS&q-qT~6$@!M6iT(mQD3QVO8>NvVNU%ux$PmdVcFrY85`w4w#;0jYllGx zJXdMhcYgFL4avyb_msy6KMkmnNbJwp_7^B@l-D-67lxZ=1L4}B-yWy(*J-nWokAh| zaJE0*fI&qq*k~_UX8>5pjM5uO$wm&h(SrSVjEA$00bn4O=EI&Gb!t_%Lcwe>^zjLT zd9KWmHa_!z+Qv6X8!uUtQ5$cv#bYXIwBI23P^}h9r?zE#9*;re=kj zn%a29%J{eyfu_c>P|NW)o)Pjg74q_UMNNF%vcP27Sg5Icn<8azq3)BafIk^v2LmkB z#z7{dv=+*~R)1t*H7}rr3aTPopJ=E3hNW1juSaXnVxj2x8toY4(+*0OeW|ra?7yHL zSCpohsry3^$NCUi#YD75NfCEZL>mmYPY6LA??YrsiD)g8A~qm7g7a-K5WnSg&U)Wn{2!53FV} zSV2`}>l5wtydfzD>xdG+!7|!0)2AIF2J00hr!la044HK3bYilDG>BLD5JL>srHbe> zSicWJEb}3kbSPY)+4%B5?jMTG5Hg{Xfth2&xQM>*@`!Be4bn;!JwoHnWij zsCJ6^2B{w%{^HW8)QOwZzzC*VCWtSW&9Jeoh}e?~;&!{i}(QBSKAyVo8r(Qw+E4uxigxb3h*0#ogyQ{XV{dif?>;w^-Z8;Vl zb$t`l8aO@ImD0j)dQs|?d!h+!Qj4z1LQ>ggvg`B-{_k0rE^uu%MdPKk3kiVV0{(6L zY?N(p6vVS3#+_DcDlF|+how~ijtFv9f1!&JWgx8j7b%#l`qv-o0qYw87E=8a6wFoq zm0qxZ0bo`{ww|GkYzCVtm<@(v9tbem75RTKqt*-w#QUruf8EchU2IFmRN}mvVYRb| zOlQ;*w@bCdsl^)NF_WiFW+u`{QxvayvUa-0VFcysl)S3ac4sA$D&TKG>*`HvZ&f)*SOtgrZ zXeOiGn~9@s@t7(jGtq|9W@aWntofgsiI1Mj%1mr}+A$NS?q$tH6QqJV2{RM7?vmb2 zXxXzc6YqfwPGLH(@c*5eIC{HW&BUxfh^R818T+um$tWW;v4>y>y29O<2|l;S_Tw@W z@7noH<3qLtG{z7!ai(sNahZwPUa-~xun;rx3k7qTiC=la+5*5r%*1M>^qGl&U{26$ zCcGQRtI{0Yu+mZ^be^KyU>Ko!L}$lpgg83@EJTRgDVR%$M|;8M1b~H{PkCJ@K3zim z4@M0x&gKPxg$VHm1#{Wj#{uS?Pq7!c(8I>wWH!%j@Nk}(&J_t@gTxJBBzMty+p z!PxMGX|R9RuBw2AYxl<0BW6ILo1)9@55(sZ}(*Y^B zZI4+>K5#z>9#z)YZ+DZW4V1Om8Tayy+(5}`EzpzevjbJ$b-A!vt+E@|`p-6k@5dx) zEzXcp|K>ap*|W4&U3V~u6Q@FvVK26waxg1=32nc#2neO*2zoc@S5pL90KCF zn_s+IdnFG6^+)@_XV0=@@jouu{u2livW1hiKo5nIn(ePnN4O_$4~9_aEgr}AhINMX zOwyg9>E4Fe6Z0}pH$&6ii*z(KNXd-_H|&JX0ll`wFi-9f$$;@I6llB`Xggk{^zs%) zoC?z!ACoWo;@2#@5w=it2a3YuC296y9i@A7n;*kg4cU&H%%LD{4o@Hj$1)|jD6bap z!1gFRp8vBNYxBysOFRuR;In7hnfSj~Sw%N{WGl4r6UYc&nQ>LMZ9Xzda;wq}Azhk1 zvh$R#7wOXM0$iYUA3dtY!PDLHj&0d6yk^@2ms6(6#BPXr0EyFOVmHKGZ8O1(z4C?( zGg+5mCWmI2$<~^Qd3&q0AzIOp$9x(x%;)V#GAqpEpp(HYFZrx4-4LzVAo*;_FrSMu z%;zYZkJ;1R7_DfOd>S*%r$>hQe6WP&v7H7qdjZ!&7*b=5PG@`tH#tkIUCaEBKxUyYH>^ZLQ|SFn=+)_yuzz;T~}IJ0Q% zS6~urzXmc%nyqGo6?)@Csx+~Zp&ZYl8-JW zK50X>-o7^w6~jCA`yk``O8!M{SUd=KQzP%N_c8kY!sCT5A>(4waykZmu$twkAAqre z;L%rDqvSldk$ykl35swj5Jc%sWeQ)F^f_5`Iq^1Kk+;p6w>gUN_Wh~6@$7P>sucR{ z=h|GOk`v3zHN$DhFgI~FD#9*7EaN7SpK^O@qDx`x7jh&3RZA%}ZX%{1vU%jzUo(1A zBhQu{ZO@ivs};q+G9#ALm|v0Rmo3O-1=)rmAE9yNqMx%BWc_^rxjRRYl?pPOASdSt z(xD(n6QnRlkfM=Bus{ADAoa#-W!+{cE67U(xj9FWc?wbnklb{AjUpTX1iwDYjm>PK zG586&)O(A9zk6>gI3F=;idHm1*@ud4G7kyXxmI_z*$v3n3CS3RAk zAT0|3lB=H1Q;_=zlB=H9D#)n>$yHA~6=Z9IS)5$JZdj!Wb8C`QoRZe^Q(mZU~2Gmp$C45nydBXx@QH<*vj&BC9npyLJ9@$^M+OYmk; zq-tZ31J*BRpYbNm@RQ%=s?G});eH_a)Hz;)x4wSL&6#~gVUHnWf%grGP|QW!&NO@X z_YE~E?mzAfV0U27{^CZ3y$7(t{vzMj#cL^!zu1f}bWqM+XiZs~3i7w# z0wh;|u}VSiCrGaS@Nxy2Opsjr;Z_CNmLR$I!~Kpjg8lP6faKZ_k5!Orf>>jotv6q# zAfo}2n>Be}5qbh4rD<|nAQH1fn{1hDROrX<2!O`?c?(|4aa6qpsy-%XRqxWQMk1@6 zReks!&{EdZBf`Ski`4EF< zej(lm6cM7ZO7f;o8~Q73i4QSo^92ycDxz!p_qq_or9MRPkTRPN#P6JWOsZK|ep#Rh zmxX{46atd@T7W%e!SpKV8!=T3y*GaqmXDRccrkRW_NKsmYBI~G)aFBNk9PG6W_o#M zU|oGuCYkp@P;xi$NIeg)sJgVHeaCodhq-PH6Yrgvc<+c;n!Ujt(Ta|| za&(nAym0#jWU_d~pUqtM(Dg7q$cS_5X!TYp$NbmR+iDJpFU2sJOd_!j`j<>3AH zVB5#_p-7tD2KFYf%a~D`MR|L(*fD~gI-+Zf zPwj}VrG54sdw=jBMna~@lffSA$39xHQG2$S zBbjD_ng8#I&s)Tba%VXOn~PkFvNd?Shcdnj*|zT^GB&dt>A4&&TzZuz5-a3cmmqZk z6INYz_y#Mop?V47Q)N(JWn0g!&y9Q5^HRYqUU!bKWoeNq*CH4>y#)@PLNUIETnS^w3Zg|Z%= z7CS{*?-p!m%@XJX+oW7O>sSKM3jQi(|HG*AlZjeB1>*K;qQzWDmFA-jP0UuEg2ogy z`*w1Ir1UHPi$6f|gLKfP_(lIpr}*gWj2`w1(e_V_wqHwapQqa18m#Rv{L_d`Cm5}^ zM_k(8D-zrIb4>E+n{!a{2okZFmCLpIaj%PWWpf91u^201cdIme>M=Q;;;mV`Z>78$ zTUb(Va^9d7K7STQ0zIX~8MlPCwk%r0fyltcZ%2I07`OI0y8!J*xL%e%Gc!NM@?s79 zY%46Y!V3ohqO=VtWeaJGieYZ0)_|+8kHr2??G4f?m-e3fbw=8opI&?WPaM%-X)Gd0Y5VmtNuCKd&^BZXz$5LBsCmZV=0~f6JNL$!rcSAdSBb=e{*9x z>=ZkCVm8?Kroo=ImW%s-pW^G!m77dV?qLG&H;AXu69}qkmr6yxLN=-AVywg5M$-Dy z%=~6dWTyDdrA@eLb#c|3X?J4W)?v!3+9s_^x~81A4kWal?NI>*E1|YzJBQVy)cCxg z-H^)H&)Czjqr%PsY;KJ0s|d#jF($8@YxrJYPwgbwA zYX5BxkhCmo9041%c(&@#Li`3;tK)$vrq_(GM1M-KjkYcE4)P7M7p?KBZT=Ql@i&8_ z2LoCqUB1VIv4;Y5E9QN9Mo<3u8>Vc-N)ML_jN54Xh-7ylu8-YmcpDPvj%q{K79Ue2 zCGd|(Y*#heW`WK9^3HW6R?N-)L6ULFdRQVrG6T3=^e<2?US`{6uw4J89iF>gmf#Y) zw!|%2$aRlT4G+3W)D~6yOcC=6ub3wm58(b+Y>Dj)f1(guVnup4B+M{r>~$*cq%5wW zEP_hok_FB>rfLbEjmAs%>XX>5w2|2FsdXDvIvazf)A;uwJPhm;`zoHgOC52!?JoW9 zFFOXj{92-#A-ma?Ya9xUt2n^`b>u{YjQw$tAP*YYHWW$PQ(s=yDJ@I7kq^Z75Oio| z+T$x|9YI6rDW8BfT$N3W>h=Eudeg_QG13V>zEWLoN-6u=ATrK(L}KgMVFgLuRf}h7 zx9ic#Le}D^th0PGK~p#YzX6t_C@?io3YANp$>9^O#`P$>j{oz-LUUf(E{So7#wT8% zc?!(n3x`kmZjAE+jULIv#%noz;q3YA{%Fy)YCFrXhI{-uFvakgZa)XOn8NKzIQs%k z?%e%O;oe7$@v;PX?m4sesA9#X_HjI9jB`?H7OOs}@?2GaUMrL))mM>=^=j%%Ye|aR zQO(af^V48{HkcnC00Rk6hvA2N+40k2emFwIU)g#*OXH1oQFvqBL!O*ujIiAkMs~W$Am>&dL+nP-j-T>MnkI<7 z)x|0~?Z+4#r_b7=s@@W>ET)*05I@qLj@W$mvhK`8{Q}veU zTC;=CRRR6ULr$tb0okUjfCDcjGNiPe^)6ctPys$w=NvsNfRZE|S^*5kq?bqJ;>mmB zXPX>$1$R9u6B^4 znf?(%ODEL7UZQnvy0c{{F2(nOS9}cS!QIBh3lh;7FBy&LfW%$$S5v%ln2}tv*F)G) z6Bdb`#}DcCP8WKYG8f%2i-`=O4~K-!rfsy1bHq5Ivfzoy z;mJs>#A~lOm}Y$+q7|bW&0riR!tvh3wh~i|ZWv)6dxfysCd{}qri$NZQg?$%3cEI7 z;qHrfR3urplcTjhcCq?vhdep9llLINbOL^12Khvhjl);Vqt21oXI^Q}N7*UOjn*MD zjf%nX%60f3SBxhv5`i|L1tq1qL%b9LC1QJcd9xAafm$i4ZcBO_GC^h2Q+32h9@Zvg{4%2j$@JLZRS2qyW6>o^HE%Nhl+grJcc^$-Xclib(%tYHN{roI$ z$hDe2K{ceSrdQ52$l5QOyG%L~=mYt9PF?GfH+l0BxAJUacXPsayK#a?d ze+>M#H_w9%ZW2rGCe8PfenHYjB%RnDX*)^FNt)V`_)t4ZdOS#FQWQ6q+_)dV_?$4- zcV({4x?#@x?l(xo{WQBX2i)Qbau1>SYrT#&L_gXJw4GF#0mYQ)K)(S!?u}ga>Q-c% zPOmPUW{Rvwv2}*@ajX)HaE;%v0yTis1Bv6MnPTKg&Ejn4?h=6O9oj&VZ1Ye*gmI=z z)bF4C5cT^zzWAIKqH!QRgZU%eQUO_{tZ^5rP#-@>TSa$5#S10V{6gKhE?1!*fNawV zb(^z^3=tS7SZ{dvi`Y>AxP2Kz&##$#{ziMP177ef<3_?2^`&&xFj?4Oety>MqTY$6 zmmWyvaLJFS*D>d$7#KlV?05h}L8m(xB@As}(f_7$clt>U|F@1zH zv)HDp*%mOfh%jenF(cJXSv@~;tzWiFl=-JlXN*g>VX6uLI%Tr3ZH6c5(RzKUPnoFTg!+<#iASA+zX}IWoN<1AN#CNuM~$j4={M?>(o^e81`M8f)Y0`N1CKg-!r=On zqJ54Ug}7ow;jckOmz;lHeaXJ~Z)%1)D0m#s-6QROoG}RZD40`GVXXpF=qb~L z@4V7Y{TvGP^sQohQiRmc_mc<@X&N`F1xNN^Zf2{S#JNIU+qlqcf#zsMPV!bHgJrI8 zU1EQUSr;%@h_Kn96TkE)eu!WC4U?8;*HliNI37)9Fd7M(ifKQ^gV9LPRIWoKK^qx* zRncoD`+D0+nE2NPOi51oQ#ay&d180sUqFfw@!x7*_&;x`rouDDNzO*fzEGC-IkJ^WNjc)9f38@7; zRO22-9H&T=?#mdBsg@X5A90e$Y$f~jMt?)AU)fDv>`R8yx_*TLEZYvE^Ay52+UY`_ zBVU?Y7k0X^N$x1+OuKKo5CLYou*1>rG_GIDvco5TwB@v}-?b{cal)cYc44ZF1&1QP z_+~q>A^q#uCwC{l^`r<<pK`P3`BCP;&OrZ`@ZA$}3ZuiOT~ftqg` z5CLWyaE&8F`i-P?4-(d?WDbvtl&^!@?CMK&(~;FOoFY^*YN zsmNX@eF~Enlw2KsC_gHc^La%b|!|iBiEyFPHz~$IH$J}2hUL9W{*=}ah#xc zoRA!GJUSTc-#BX=YPDD?C)N7gtK&$80sjb4dGs*MDB_;(lv%y2UI@{>35x#V*f8Cj zNeXm>D@ftfy_m)=L>&3oslAQSijA;~v7o8F)`XdX$Iy@3S6$kb_+DxdcQm%K;W*Rz z=#CNQOzpkSNNMAo`juUqU9gexMRhw2MLJ)Lvz0L9YP4a(>I#^xJLdUrg!R-3-3cpB ziV$I4jyNfr@kQlI%1G>cv5WozaU(+~)uL$qP-sqL_toD*{Vm`x^a6?{?+E?rZJ?jO zB0hCf^77G5O5-{Tznsmy&zQ_!)V`RQG=WTo3c7LX;%P_;ZVKm{hlNF-QJumG=BaN( zC(QbA1^x1U?1v0WW($C16OgQZTVKM7?LYakcHl}QM}f{Y2Bth?edXy5Y@l(S-H{QR z((jR+nb=_DT>n-u;&>n8=8DLz$X4n=9HWRf7>MN|h!cH?01_U#O5j5Lk4-*@HAUge zLWS-$yi?}VZJ;i6>}rri=-5f!h_=x7x8t?yc>4+4))u&2m9^5IeD4b|^EFoQOGU_n zl#qofA&XK%Y%Uc^j+HszYWjc3Tq&5tRjfVrNWQMb@NuT0;IQo$M7Qrpg7R(`ReGEN zyl;*J-le?o)m5Z!S=o$9UuM#9R=!7cR;*m?X2r@fm6g4{Ro0KJ?3bREE3#$flQAx- z*h)-gg@(koJk-DuWMv7HhD+shL}w+HiEdV`_H@h2v1Db3^sJnbEi11d8z2>4w;Qh{ zV|eIrFZqLYhl_;euy!S-XI~glGTuClG%nrUm%94~-~*NdX|-KK9?y~;2~xr6C(S88 zK-qnDbK&1{@S(sYl8MW!+x zKpj#d&#(@l8ht2PLV3lifu&vEMh6g-%tdnwl9>*`6*%GZln!73ibt6xI{;Ij8ee%r zI)HnToZO)_mb=$p4@O+>Lk#Hvj#Wfg2T&G*xFQ76)}G4z8=E|^1Ng1XpC=Vhj?x5m z0H2Q5sq<=L|G*HJF1WY+;a%%tH`X+?BaQkmdpCA$t_KzdeA&z6;SM+Hdb zf7b!L4)}l$U@KT0S{@o$^s-ag0UQC+96Er_O)_=>t1-1eRBJ*I^dGF>X$N4=>N&1* zn^^v?wHVfQf8*EXSV*<}f=6by5Xi!=AokxxAm8J=QaYdCjUnW23g$AqCwam0>Qcdi zEH1#_MM`q!vba6HVEF-H>{gJ<|GwgE1#=1T`L$jF>bnU2(tx^qO>lUig4$rnZW=&c zvKtTp79zVZkdno9$!=RO*uVg=5ZT?UU@qCcw#LI*Q2?TC`Drje8_Z9m`DrpgoZ|Xgu+~Ja(|GSb);Pd>yx_nu@|NOVaRmyY(ziGABgqg^z zMIkvu%41@S7Z|9*mH4$2l`i$#c3DbNZb;n=BrJu0nQv))YRZm+#g@(1-C)18yT zs3V*`sBdA~B~aGXI7pIa@UbTh|GG>?C1y3%Q`Y@QZpf<2x4_!!;u4dla5{bi>h_S- z{CIAC@9?@!+0k(6Lx$z->-NdRm=areOYHE+cVbd^C)o#zt_Qv6fi;|wFOi1iuVH%~ zz;QN*(M}FhdCuTUb7<6?#dcs0X`Vo;Q@Vd1s+?nuS2shfXYB?_+f}=-FV))ZfWc+G zJ_hp^?_ZW(z3z{J+2U)pUJKt2tk<(`PNuojCRUf$B(`9Fr8Rbzv?K9180(NmT;p$B zRf`PwT1g#o%tPCqnFPED9u1qvbx4x#9x?k! z+{pqRXq&J-HDwL!i3i;!>!xLYbBKqyW7g^p(|(=FG-rdYy)tKwBz#N~3mV)^?X4Y+2jfJ2Wm?iJwLTvQY5QbZ&zzE81MDMd*DytzYY%TySAgCwUw z^JMRG{0-8iGf(zz$WsIxEz2wh=%(m?o464ZIhx&ZHPMP1tfzeSJ?vJHH33`H95%bH zwfojyiOv+Q*TP?bqW?fxAo!4(IwDtLO>}XQNfY+u)MD*vUHO^Y4NEDbY_BP*R+Shz z9D4Z&Q!2abk3}JL&)hEAU#QTZ9*ByOOZI&%_bM;Rh2^Iew;H%i??(L@H!H1E*aOIJ zPK&P7p)%R-4cDa689HE+_%)PvSfYh){D90xrW-IJ@fDL})LDYNv7*Rpn+jRfL!=sA3 zm9kso7^S3;;^XCx-f)$oK0nL|AsBUhmb^A8>e-6wX(-_@ zMj;CTo0~!wE5d90h1ff2nzgUbJmAp_dTX?=V=>TPT&$*YX|SVrb!t*NdY{P~(b~HJ zEB2ZR=*_V*NBnvEKHK|Xk9j?6;;Umr(filO2I2qSAgPz@v$#^QDgHd8;;R@HpUYdd z{{3j=o;8s>YpdTLw7Pm-YWY zMAr`UchxKIQgUe(-FSSx(qPY8ONsj7PtOK^$v)%-b+rf*tB#F?WTUJ2f6ub%=A&2H zR_3Ee+2HnT*+SBLV5a~v-2>3p{TfWVG;cFor>iIF(l}k#XZ>)flmve65)>sfFY8gH zX+K-a#HA`RA)FV9qf(~U%vwt%zj(jw)`@saM7;dJXW7)~D*3qS7v`f! zS&>{TV*ct?Hp6`6>p{RF000o@FDWtN76iPln3}A9zml6u4!&2=M7N!E)R+IK3uVb~k`dbb6f#eT;C( z|3&EXL80>_DRllNLgzq4Pt8&W{X*{^Z`7 z2|Y@>G|kTn{Y=oAA%zHiyl}|>^U4m4uHr|A&wX#xO@?-u{pBFdut74MC>ip9$&eq( z3>_ar`~#hLv5&tm22i?zjm_{no1te2vn`*V4(cb-ve>jZggNmZV=_Gc0mht>Do+2h z{dr@s+jQ{??Rr-RcfH@EvueLwnr^D)>h#;JW9~2v=mlZobY?aMTD2EbVoz_8Zh@v&FEhxxW9@pdgnLB-i(!Iuv9OLF}|zwi63| zPc(ys&rsPpzyCB^K^`E;%}`U;UACN*Dah#n$!)l@L=mAk+XniDAbdH%B{BMD8faS znUOg&Q=?G3Rwc?yfi=X+HEc3C_z#cBXbU>2n#c z0TfB{;dnBmzeRrh31^rnu%My1-zyq+3-gA-lW}-93&WS~Vp0a>5-{Mek12U31O9E& zUfcV#c~-vc)c;LLlWq)Pr~Xe9Y#gE!`)$?~0)cIUJ-Y$64E#8d z0t9d|O-%;C>yaQG#}@bz1B^zJpV^E-8G)rEFtZ@zn$&l)f=gL{8zoslBTYZj6dxn} zr_f)oO>7&X_pg-TnZlrU;%a4y+bAO#k@3zofggRtM9%1fgAMwjcVS8`-hVop8=76F ze&`5YfYoM5EZ&2+J+W{Hh}#dX(zZQ$2Xd5R8C-4qAmQ10+Q!4F|B{=0J3%93xPUp{ zCslxN@5pR%VP1aD{nD!nbqkm)x@gwd9n+}9`aPBtCKw-9G;%|o*GUE;{_#s1}f!+cLAv2!uZ?+!32 z0}S)>S!=l-?ayn7=B3S9hQ=vv)2^jot?MkH$$<^U%kq1Fdvw}dIQy}XLQ4+Y;}RU?8QN^|LGbJxP~l0&0IP#E08a zyvyU2%P5YnpUT{?(Jhb9X0RAToda?VwcW3CF96bIWG9+`Z8NGd8Kql1w{u5_6WhGZ zXu1I~#N=riDzF(X2c~D2luiT_-$kt>WE%4d-TM?v5r-{~m`nyynF7T9|&bUQ^Q=K-!3rL{Afppd_ zx?O<%KFAMAAH=OYF3mgtW=aNKFD^pUTU$T*uQ}>MD$I{{aDMEmGLI42eP@K-i!f;o zW_f{|W$CLNhVA9?{sW+@S@x-m}RGjMAG#U1-h}QP4j!lG0;xfcPq=LRiXce$Q)%|Jv5%Y(>0e7`Ta6tbqBrR5D5_4j8rO zW0CfV>ggFV$s0VIi3{cxQ=N+Gl87UwnZaTj6Nrn4I1)FDZCM$|UDdG};4iw0|M!Sg z-3G4AA2^<$aQ@(Suu`?2D;z~OLY*n)TNxkUk0Ml4vr;O->p@bKt4Iw22HunSr3!Ht z6d>`Qkx$&8-4$77N9wTbzSr!wL3ZsIlVN{eWm)A#>ae`FImLARk4mLM@My0qqZKQm zA7yfCTlB+Sk0`#?kIEZ8>TWj-{Jl3Ryvk9`eBdme*vCPDFjYDO@rYCm41JTh7?shA${uBh;{Tpl!>y=fLt`6c zW~MVGXX-%FBIjE#Z3=+e&kd(LNi}Xb=?)90vwmhF==^@>)t9N_>9)%9vjr!>^9a5G zutd9k`&*yVL_aUznH!q~5#rU9iMk2)v`)7PIlh8L1dP5j=e?RnnT(G8nPX-9LulQZHoQ(_h?S@s^zdntFG@0e;Zs1bqge(m>c= zrQYl+G5(cZg%9tfD)+5sSAXdaF1(H!*olFIiv<|$39@9IhBtBOW9Lba?C${Tzz92l z@j}f+9a}<&9m7KL^6iRFL)UMAnwiw(h>LxtFCIT#Le5c^AKQZ-~$;EZ2_oP4KrDW5lV%9bHdJl;pF z5(II14g~>vgWS#IZYbjQkT#}18t|E7ZyTfUVet+|<;?>XUnl$I(H`k}w9@udGE*lV zd0n)u4juU(ocx=$+;cZ_v`qx3$NqAj7CjWe81sn!UVV;@bJF0A%*qU$kv>$Sb?1{)HK+SgENnKeqg_;o(}P<7th_Q~w=E zb@~q>zL2x5FIgT!Nyq+XX&E4=$V_NuFTbjf2eC0()bmRRuOWq#09; zLYGD7ad0+d`gf5j?vlgcs&p1BWX6g3qTZ|xON3HU{q&Kxr2J(7Umjl($ zk1{R5=jYS7=81|7=0*FWq2B06HaY}Z8rQs&BJ;TBk$z;65MNJ0clB}jp z24^2)o-$fD+FtxWWiqb*pTf~IHhghC~oF?W?b^o*b5H^;`C2H|RFt2n9( zvL51}ts2xn??AST+sTa>7YmDzY6W1;av-6PT0vE(`lx|F@%bn-5!;d|6NiLr)f#}6 zgU}f!A!Y1)U6vX9Mod12%=N`}GU_d^HACLgO->na;}0F_?kvUH(Rz85Sl;yH>D;)~ z1?Of9N&9vCiz~i)6&tmp!R43ckYm|TTx_bRQ#3}*e$STX(bD#>|6|;L0d+w?X!dNA zO2`=dWF@4VL4=U?3+^I-ovvLXxKTaKnCao#-K2#E@3Fg%o-0g)5CNHDdv3B`iV2aQc6Yg36__3|MIFTvnR9h&A4jsZ^i% zCx?oE1H>QjdvELfVltL8ZFNzgt%f;2#8Oj0nix?PtG|jg7^?#q!#p4`_EU@=5BS40 z7?%Vvf`=402#mi)@qim_=BnbX22YqTo^TvJVYAowu#LdEx&F;QSb_kf$xURuF}^7_ z9&O$mlxCr<(|=_eCSl1UF?D*oX&uX1if*B@Z&(v(PZ;OX?w;5v`2qVzIf=qUk%Q$I z4^Hsc9`cJj`td8T!dNVz%}Jlqd6I2hVk!1Tx2LqD%VCtb1MMv2VUJLK@fOpD8ng{H zI%Qj&@eLtus6-flb}VTL&X%9IbK9fu>id6ZrR4Z~_NH6g8_L zzYP9<$Ymk^zCE!{oZPlasl=4EQo zcFH#4veFQVn^t#m%eAp?ncMYiYM9~C~GQmi60aym* z{Z~Ww(p88KJ@K7&{C5FYqDa_I%Gz9#XF87lYq~-)l_<=^5lJ)laj~{56a$FjS!qu| zp|)QVk!q>!m;6xLrm5DtbO`Mc(Hj6>S0+-uNqxPmiK_z^AXi-dJ0*moOMN2Qa4b z>4z#tv}eoqd1){<1TeCuV8$2P!l(Zk#mS>5w9O^PSkdWc5n$c5M#);ug(1jnHLZ}8vr`nAO$KMz0$Fk@Z2QI+ z)VkAu&NKc-ZF#e@CU0mkkJ?(Xl*AYHfE4F$CI?K2-JY;B0rtl2ZUhO%pZ-^ZgyTL5 z^ND8tUtHfC==&3oqoOs7AOzS%x;&fXe3X#b$n__$VZ<~aap8ibm z#-9EQ5h7xvp7rz_RrcNK>7ScwnAag+4|@8q+9|-)Q3>OTkRjh>C8R?>A(S%Yvt4A3 z;0{J`k8*q$rVP~Ay1bvBZ`v;;Ym?5f+gOYJVR7?SleV=r zJ%)RCdeEA3lu)-?(^-N$*qR<=YYLM*O-{qVA=4mv?qwBMPBlXEi$5~}cH-Ci_Ln3X zWUPi(*#ztF?lK7}{_a9Bh;iTzaF;#vbtU7{$qbQbF2{vfOv&c+7w?<}&2Ul~#;4;A z`t)oWGotkz(iYYo9Go08K7Ub)W9ih{z+?z$nnyOw*&7M7#j_1tH=>>9b#qcejr-GJ z%n4w`6&iw(n5ino_`MS z-Fjv6i^%O-#cq?q?+Ux2#JI%aA;<_F6eo}kQ)E`kKsLpXY(xmMFi8U0dnn0zdnCDw zAKAzdWVV`CT3XF&MP`%1*?LSvCL_0boEfUc{D&YYZZscV-aIPC96E8Cc>Gb#Vl6D9( zTtTWSQopehpLTlJ(@RvdHxC$>AmBX=zX2dKtJ%*B6i4$=x@@xg(Fdv}yJPWefeox% zZFZ(_5i{|G5KB%~L9!#qI;5c1Si)VjvLl#3|CMBL^iLjrG&D>(-0UFRKupUo-E!lL zw;2iA9R|q=WuR;YnO2z3{Z4kXQ;9013=~?Y2=m(q@j^vhXjvaePdr2@xUE_1E3uQ^ z9`z|inrR!A-EQ@Yh<;1pQOGkGhlc5!Rs`Z~{L9Y>(YL+B;}O`K=)&V^%9)APmYUp6 zW@s@7pCN{H5)dc$QUq?}(#1;{L37XuZavv>qT^*Tg6>`0@`u0BBAW3OBVMGBmaW9T zN%r@+EQI?eCk6LS@`0j5kstpX$|Wxy68WRkwE+;Dn*>DJg@4@xI}E1)y7dMThZht_ zHW)Km(7U1P_;7-zZgFHk?g4#}pnV9My2WvKKj;$#eY@GTuP|XopC22P=ka4h)YOLDeB<+k2vUCGq;524yA+WRVwraB+Jk8EKZ}yV z6n7$LW{MC&rbhIHsh@#ZcbGcMWr~k!XJ(2JL8k6fcdeVW!yTWM)ZgFl9#hW(PVPb| zAJ-*Qga|UVqh(55QyOnKkg9vRfRw^(Xv(8`u+-f zDSo>l7k~TYEgAxl);xUghjTkvLr8qfEki$#E$Pk9fO5D=Zn1%ffxyMfiwrRo+~-eF z>Vhik0id%?4VPX0LzejlTf;wXIem;aTN&#T;1awh`;HkKlST(E6vLF==(#o z$VLQS*z@0y{x)$1`Xn))Md^)aeq;BI=j9Vz#9?ssUA3H|x4PeQs*mfc<$PA$ zWN%A8a`f9nrm(lkG1nE$2#W^XYnU87H`qw^Zms?LUKGl5*o~KD)196J0_&; zDwfUQH@9lp9Ye~_LD`=A&1c`}x!>I5Xtk2=L>$vWAk}YfL@cinM;gC5Qi6l#z!+db z2R65QwvBt|8W@B#n%rN=G0w~A%}RC@PxgihD6a;1%@RZ*8A90_bgGHH#VFOgaRKye zYbU8g-mrl3tx-mJJ)gPQ^L3GAj{?d+H}qV+hbf2M>K5mNK&pEG#L1*EX+l;uq&zEZ z2*#-x&OZKJo4#k7+0IurCZ;ablYxF{2jHqa;21<<7bxulrqPE;mhO$;-2jubQ?&=5N0SIgFO0} z5KH4?EG_L_eAbM6*;v{He1=%s7urAhER6_oaD}JaQoRCX5f2Jt_+e^h(#uWn!4&i5 zudv>6r`)teIV@AUFqCUgwNE71vuabfw%XHb#x-?kE9U)ng;Q4VslZ&Upga8wxU(tb zY?kE$CeLkzm!LSCKiZ^q5=-o|WB}vf07fpgiko108n)CIcaVXak*^pVt~HOZ${e3Z;D>7`tTt>MZOQRo@+S6S4i1gB zepfa*@}>dyE7{TFHq3Wn7tk`K=%Lb5FxG|*K7Cua={2ZJk1!pQvk9IkA|6?8*eNGk3+9GMUH9HAMaTuud-DMHPU z6?cR`R1tTkcLckmyNCO_qd3uJZf*9h-aplmc!xYx(Ge}{$ihPvVfFJ!>}mFWvs$WV zb)I|P^yeqV{+4peB40X`mNeVftRqwRzZa)*@!cjvCnxHHV{+4;!59xJR3F_ zIg=K}CK=XUUnFN$`w!$fqmTgHI!5(Hf47T{E8ySiixr z8MqCWnO#J>K>91#y9 z_PoU-^3ljf0Uta|?l^NGEjTLJ7ePQ`9fm~GpCc;6%@Q^GQ|_TabpIXZRadK@ET`^q z{o>;5E!aY7)C$HQ!iEJq%YrTPg7JqBY`6uh@PhG&53HYp!OJg=mM!g5avJ~A%P-|M zfxm^A@D+#FqvqQVC6f~Os5u3iy)GIY3vF;#Y{zx*lxB`S8#NTFVyy}{PT}7FJ>bmE zd!cYs6z(a)nfm}k;Vx9T#efsx=U{T#oEJ9Rq&l3jcx=PA8BYv&jh3893No{=aeap~ z72#utGr?2N_MTdc>$L1ZrK&nEJ(K0ijf%Lf6+etxOGn8MqZQoW!ywTP((KZv7}ZUR z`Ptv01)qoIN!QT<7mbI0|2v}34rd_~y6{8GoZ@9+?QU7LY*|+6kH}VLG=4uMO#VWd z{5F~7=CQ7^7$>mYDPA7N4AOhRhBJOS!Wnl5&PwIRdFDUgM2kByymrN&S8*~V6fNt_ znx8sF2lMpq6ZD7bMYYplD+l6~)Kl`PA5A=y>9y*jKi+`45Yn-Ptt zO6b?PByBb$79-i!xMnnr8Kgt984-BcaK^9pN_K>D^UhNq$r|s_W64H= zLwI5NE+o4K?+t`ihAZS&vKi5Ms$?a5uGVE&@R5{kMl43MYjM$c7&AzRWHTc0u;Gkf z>y>PYa#QxCl`LE>dm!lqywl+4{?^D%r{ZJ?o>zHvCuYLKx_fvF;$SB?q7dEvMA>zP z;k)VXzp_2Aank9!`?oC^o1_~R@Q3iXLZgDmEEw&}1>+AN*g^|NVYy)Z;RCxs!O-3F z&g?#TsTY6Q-LK=IZZzQW72Q3LF5(-8cfZ27!~ue+y*_K$X{S%Dk7O55op@G#Bxm9Y zXX01xu!)z>s*mIkzUU`c)<+7i`N?ej8aR0NWmjHY9~m?&E5UIgraHSQJ?w-rC_U!P z;>jpIZ1TjjQFz$FOdMm!AeffraWyK+`m z>#<$)c|qx1@Ojzn%Ps()S6?@nEDa({-$f;11&lior{G(*gF(jlcEp%&7qyH=iP`ba z)rd84XApu52{8aW9>XnOFq1FvIGDl#?0tmCvCK_?C$x<(q`S89#Zi)D?5K3O{4i!v zx-Vy#Cy@ie_875Y|K|0;mY9T?!k@kBZ@WqMxyTNSHVVZGy6T@zldi@6vSCfSme<0T zo=PS&M;o!%hvIScR0(cW2|o20>R?QuOH?urtHUL;VH_d7O9UQXoauGAa@QzHdz2<+ z=>V|g_Krp!b|Wm}4ut()U7Xisg#FQ@>aHP>mDpTBvuTkZ_Q(S2mW~ zfYtY~Dl|mP8mv$=qw!S4E7WOPgIq9^6l!KvBGfH75EaG|(jnB$2t2&-XjVX|<;v1^ zt2{zAzM^ZP7NL-Ezye)ZY9pS!3#)?cU(n{C8I7kRUZJkm8a(~5SE!j$iBP%b7se6N zA=JzWJiIv5n}R}ZP?ie8lH2^vs-A`t@8cmEcrrNj0`yrNYhWrtK6CYxQyTEboVSw` z-<6mervHbeB^j~C6Wrf1VDMU*e@MXtXD*ZG9Lsp{9IJS2GVok3cnZ_t37dRJkMS7_ zksr_G`~HGwNE$p~L-?_C>sqfzSctR3jBmQIp=NBz4bxaNr=YiS;_O4rzDh*IK#+EY zO63IRlVsxTNZQvnPn?y9kqMhPYk0`;(;a!VU>jGMJdo~AoV6eVmWi{kWwzDMc7#_{ zCeBU+2Q|aH&?2?zOybO_Apa2ava|-PTv%0sOx0ptY-{qkes8X{#mW424uaI$ybbYe z%$k~?Sc{O#nq_J3tLH4p&d_B|+Y4r5F8@VzWg72zTF*@beY4*zip>HE-nS?AXy%Ao zur#VEf!VFVywB=y(0ilWgCA6TvP(Fjr)0zKki9bBFr+(qO})e_JyTQmlbUfhB;Dy2+`YmV6}>}RSI_U%ZK9TkIibA z&EaYgd|uvf2jyqJMBBXi-cuK2b&b0T6~v@+O(Z@HJj1sd&Fh*#n}t)K+3^$#0n z<&OK(M?zU4>p;lXb)uh@X5_GS{gzE+Kzq-s{+l7bY7rOqKndq;X}ItkLmJs>v?;sf zutWp$B~#i=cyE?-4yslDYuMR+VbB`bNJIr8>`v%20o{5n5$nWIJKl)2_aD?~%OgKn z$HAs7nXUINxoOm8k?u{TU)=|!-}Z7#q3;5o;$uLMqd;z@lG}Dmqn;{nj+Sli!(&~W zvr7){deiBCBvwsgsWaMvh-Mf;X8{z{sL6f51L^xNUQX_x6NY-U&!MAc(A&nhrr9dD z%kExfb8jz0xIQKR9R&x%j*yJWr#m4le8c3^>-d()RUh2b9R-J>)~xM3Xfjc+Hqlcg zV-?AfM6zHTkxW-4pDc&Aq+>bJzJ;nnQ$Oe&yy>erb4h$_Ha?!>gBf zll(@3-eG>B{L;L-$vzPuI``48Fk<#pa4oAd|vhSnzXa$5I>LS?E@iQq4=7XIwmoZe7rI2T>F zybx1PI#L-gnWF7O<}#3x%B*!OQ!ABOCzV;DROX%7tIF(u zFp=|Cscom!wnc0E(S}~tcI4S!IhWJxVC@8zb%zj4!jwK0FtujT(`UZ*-G~Ypzd6>LPbASmFBNLUiH}n_cL?>z+ zD?%$0p$%4{{VUolp_Tb>!=q1TAZqTJa8;+aD|=Wx2AfxD?pAJ0xm`2+S8}`N^xo0gFZ>{bG?tp8}U|pi@Y(zXCUxxIIYJ>cB@CS{4V(;P>5$7 zOY4J8Ag}U7bFro)&yk2cmx(-=iag6zo=?ibjGg;Q;3mv7CJ_2$NVk?Jsu{na-B6k>919Stp1`%i>wsa$wDo*`leDBEb0(rn-2VnC4utv;`KmliFq*|zd3z5HI?k&{`|<=+2f7YO&{K!f zTAp7(yjmiR&k@F_DdQVI?3LT#XREP;H8UKp8RSV5ULUXRtti8Qg!rH?}Gm;CU zQ)^ZUos~joiPAaYzFyVsp$TD1SuLKJ_bhe5qOw}|@hFUW<__4MG#ip$aon#-IghTVm;?pk%!wx08+OOHAScXT4z#_1jBrj-r zsNxoTo57Z7*%mZN^Mttz58X#Zx}!z9`S{BQdFpe$vav@`3)8)AkOeKCd=$sc=10xE`xqe;x0YO?2vE&OmhFh)&U!wcram?z)>_RPE{J zm)93BGu`}B?dF%`0b^(U()8VYHgswID!&JNzr4yHTffR|@v93(AQd8z*(#8&zwDJ7 zKQ#Bpazua20&OoVtsl>NmW^`jdN#@y{H57kJY+|H(tT~q@cmjt&rW6Rnzy)JWDjdK z9x<=-&o*H=Xh0cxm4C1)W*}LBHUK+9d*o>=wt>XMJ_tJk)a4=QwFCJm)wNomTL)+J6^wKINEdbN@xt5$wbRqJf4R%VN59*Bcq&VT~`?ca&V7bxaE?&_6V z^Yu1cE7S@$Opn*HVe#)J83LMzrpn=n*(UD>b$OLl1|n9xu)es$2%}tuvCt{2aK@L1 z3F92pJ61UlRjn6ybnQ{7R%Ho(V}=R??I)S#tQSvJ#pEy~CID%GHCl=Cd#Xf_Aujqy zW=lhvDiWP25*>}dl;|5T^vZKQi^GOOM9s9~qi~5DTZI4_ltH4E(&Z(?WL$%x60MvA zzUwP#4%~;6m>eb^BjcIKt*_+EHb%zN@J(gREN8tudQ-*ZFeFCC zTRbx6_f#1VB`(UC*&^e4BICIt;~6UB=*zv5@i{o!=rPh25R}{0TR;~)e3LNp1Scj0 zB#`3=V-Kx6dHrDJCI%=yFhInK(50A;m~`+zs};Nb!b>ON(15dA4+z2uGSf#B8I@r` z@I%`BI+5I3kz9pJ&iSfWk{gT@pdLPK^R5xvFvczTBCa%QQyTCEmBv|@)FJHZm^eXW zU{fLVdYLaVRyqN{)k>M=te2^jDki5lutwC~He!BHHLyv1mv{Nx=TBP9}{Cu9hKkjn-w(6}8`gpVIyl<~t)JQ`Rd;w{0J zTGxn}ghezCi80-P-irr`QQ53kV=VTk6w#UfQp~zjCg2l1$t;yAM;n(cmJ+MV!jl!~ ztVLYSDz3L*=v6QBvRuPzE5KLN5laphI)nJPe>VQox1RE5uhep(pUw!1KQKxfEmTJd z)k39u{k^@aU7H?y7QFodH45D!Q(+87&Ky&a3Q}tE{Z> zxXN+xVfB?`@z=P@B79R<$t-6*vz#g>r+1Z2P_A{A{GP#8GFx0_gNSLfh-tNoDe_jY z#Pq6O^%@u{y(xYNJxbh)=}DVndX&6M>5;WpiB(2W+4{=S_?vY!W57}P#^pT3fXs5% zGs~%Ba+pj^AH*5Y`pOabYXmzS-&C;7a@I4;sbX>%5)WK$?CI8QS7skmt2kJCK2u%}0W0lao3wlLpk)O~I<4NZUp}9h6rV{$- zp0EANKMr{oE0Awkq&M-$Dn>q68j`8?PXKD<%>IQLaGmsan9D;^XUs;I1ru_}Z zH*J5+a@I4;sbX?i`$G`Z2qVe<0XX1H!{9RFwsWyy#J9Y0I{1cd5)oFp3TyFu zy%N^v$6))~O2u`+LW2u@$z+Cp4%E*A{mj?TTz=YZx_nyL;T^ ziitHN%q>!dZ`E!WGA;f);TBn;l`EMWa<>baGC!H6mdp@y0Zd_^itVDCz5HZWTQVb+ z%&=A4h0J4exvOgeD=nEhO6Gg@+eK(&{bW`dGM9Op5|cRp0rOj=v>!NWyHs(rx%Iog zoGY;W=b@^d3!@geZ!QOe0~56n+QzT^E)X6EUuvQjGkdcIXyGo*fQQidakYoeW|M!u zC#k_Cjq@bcnWUpUNt;ZP*ALa2B(EP@CrJ=p^=rmKe0l12QQK{Lm#lkLs$7_(p>(4q zI&O<0`ttkRMPGv~Q6pM*_hJ?mN~XMdyO4R3m(;l>tgFZedY{WjD6cB%Vq zw)<_4`;99CrtDnz+dTWNxLmS|E6m42^TBQldvFW3V+Thz4%=*CFV~3Ho>n{5Ycj$5kQdj@qVRGFhwLt6sr#QgCbQ+36> zCAL6HB*n^~;A&Otah}pNCx`c;_HXGX-TW5}n8> zyjSi)$wZ?3*Ok7CZ;mYx@FYt9BuY=&)smD~@iaaI$wYY%P$tX+>aJzbnLtubWE>t( z@|4kZ7P~|_F_A^J%s$qD5Swba05MH9_@r3)lP>cg zaG4&a>r8URP^?DzxMqeEnI_uD^$M;YG@Uf>`>{_bl7mU7F=nm91hWcGu0znzNP~U` z(Vv(G{frcDW~4zsGezcxotZ@6a(M{%kU91S2P!)=Aaf#-`U69v-QVf2rPy>@Y(?t? z4=$6#UE59sd$8L=vxxRoKVwo3CwLY}(Ijt4d|>a65K>EpRF1t^(&)pKVirj?U*?m6 zA=MFEAVq_un3#qXw`Ahn0(Jza)Jk@1f>dc3sdjWdEE*)mL?LxnN*22{r+g&-#)`Lw z=CWctg;CoYTOg%_)R+irO9I%4=ebLbfV5eyh%GQOaxH{E*{r_6!*AxU4?(mUNxZ*6RW6iIT-pWyYE9;B-zDX-!^d?xrKkmrDpA}g|GVVR`- z)+Jt3C>K0%Kg;}anO3Ncb@GSUCkhrZgdxir={1qTq{8c1aMBYfq{S7@CV z;L~UN%)q<`|3(JKimN@Sl37Ifw~M{?t(MGU#4S=ZDeq(vp4+! zHsxb%r7$LkOUanm*pgX9IL?Q#S~825#1`0dscJFFLIK8@K|I;O6C9Fk61kuc+~jk{ zCK){xa%w$w)O2EdYL-u2l2csk@1YbN{P=ynNzWCxw=M;JF40d3L%%LICN~v44f+Dn zcU=m60nvBP4B@`c-+db{xu3`zZZTEruNc%3Y>F)q_@trmCmjKYBpxP~n&gTULuH1! zvQ-#g9w=k7NO`oMcPUrAJhs3+7+@TG5?{a`m_a-p7kOnMZ+p^E9}ODnA~J@sPgVqC zG6&${O>>Fx*FJ>Rk|W@LtI!hQ>R09-0X1Ng4z(4=DmlH7LPRuoTo@68`<182K;-Ta zA_LPC8OWOa@j|a?v?hkgz!bK4SRsrE?0alXwgRRU5fd*7Bf{Afzm=Ps>)= zheQ`J@+!tKdOO<#FJ8x|U86<4GT8W;(~ zRwLQEO|B%eFO}-aHqdl1tmFb8Wz#8D3l1sj?^%5mz`}wwm|KoX6zR9F0@4r@+AQj1=ow2MPcRZO;z|Eq?ZF#_i zQ^y@n8Lr%H3t2iZy~Zidb;`$LWrW)YxOSoUp*#X4@qd%tq@3tR>`(+)TXt4fzZT%c zT4&C_tesv9^4fH=<%O`T*!4hz9I|>hCW;a@C?#CRUllI#GF5Yb!)4qlYjMUmhjDpj zIxd^Y~pj{)P-<4)W;Cnt!?_^;h8HcK zTYy18dpEGmQc4W>oaBO5{1mVmi!$3~(?IhU4uC}f%a0s>q=2AUN@65CG&P5*Rkt_3 zBQ{BW@_N(PF(VOe%dV>GX#M6Jle;#%z{o)KhznRBnD(DX3rj_Fw z)DqRgQFFh%xWXYv%>&6jkm3=PVi8COaED599pL^CrN~*6uB7mdf=cYFvc9E%bpP=eQ~WX1BMwb>c|1j^KB!Knuk!MlW}<}&P+6@wnb(fbEJp}NJF`nqOfp|>>fg>mw`~h< z+8A~wrXzBaiTQ~~5m_qnY*dAg>;3+QzY`7dZ-*4@oA_yJxeK9gc2~Qaa@eMyN-!sJ zY-+)GmEapwjX=Hwkg&q}i7dBpw6?qo4{3-THZ<>4mEG6N`a;1}GQ!j>9QJLcI!&pr zfLzhzjKoL0aSH4S7r7R9#Ok+-4XtHg8`}_T`1E0quAE67ZjY|L#aEMHwyK^TOAqwO z7QoSsg9*>*!uBqIAiOK7a?v4Q2^b7}usvR`0Iw5?FzANBit_cC`( zA`Au!^e3mmaz>zF{2r(?h8L#tW7W*U7X#zABSv(l9VPSRo+@0OPtu7KP|UhHw{&q^ zDSpbtE^*+bINu>29m(Vd;G?99=09s_V+hY>|jte%1hgP`VVYb03K;D{j*~+kA7O{9wSG;Y4S88q@l2?#Pk*E}% zNo^dFpeI1q5LM7PFdYBtOv5QK4l%j0jcb`>LwbD8V%S@91`U(NwI#r{-;7!C#CTCq zC*j2#gcL@u?%B%>XZmbaLTt$aPF^c+-F*t)p8Y`r(Zuto0S4#&DI z@F!So*$NgP0)C4*S21_SCIGmT?1fi2DwsPRf*H&LY`Otpz6F>$A)*yK*%Ejdf}-xx zVp%dhf&GO*Qb1%En{+Txgt&64td3}1q1~)A6>V1>Lr7$G2_vgt0G;k^sk(iwf6THE z=3gYh+9ClKb5q7FpPtSrkpTU&sZw-c{q{0l_*hhlp$Vgo#GClT&E~~TtvF=Yh)X(f zTTey5ssH@u8(h}|#k)U8A5!{0e!gfjvlMv+%2Pf~=%gh+0N=c$$e>Dt_PbuR2m7fE zFMZ9I%lN1nL?k|H#wXeBf{B|@c^oZtJuj`_DUP#O#w|)@^UE(W&rsZMC4}Gzcdkb_ zW(Pa`+|wXx+&`IDc|Ry;u9Z(%!+pYPJvCY!hitXSPvz(GZt^p4ysOrr3hBxNGBmX`I`FXnCbrkhg)N zcF1`ZmEbv$3_sqwvv?@6X$Dd9ov~;xrbcKSC!}n1~3HZdLQY&_+Kv zwW~Hd880C)CgAIvU^rsh;VqEnwztDWx@dD|W2*;>rNMBsfRwtn`v57Z?cSA9sXiCgEq{K@DXukk zvq}6HY~`twyRwyGpZWAQ;(uW)Pj&cdrm>YT#-_KGGwGLK#hIpnrpFYRuKI3NoL#lo z7}VEUbGlwY{x`<(161YzymNo>q^^u%pHF>?8U4R7h6g|K(@bLwZ9nS57&c(KJ75fz z+6z~s;xvXIr}k=&f?OdWNn;q23c6T9$0R`kl$H3(<8Rc&ey*V3N`hjFCM)qqD(D>w z%K9M`pld=!vJ(GI*R;I&{{w5>TbRfcYTnxJvy8(3g*EOSpqa)R&nxP}8V~c>4?7uj zW4~5S_eI5NjhrL32CH`Skb?Xf=+zjI6KXe)Dd?IcDCqom?dH-G|39#szmDn3i%t2+ zXE#Is7k2Yk4EsDG*N`-J^F1)1F8pDaCQGk3wvEj&$Xx@)#~(d`gIuolV_|NSe~>#0 zBYPR-Hp(EExhaF(-B7-&k^t`Xe4QH9MPSj`o=mPMj3@Mg-qM&WQ`)1Fpkk)R6Z$~s zDQN#BsK*ofKpT{S55Su;;PHeq!JjZeS`!bKV9?!!fngH|-A!$F(Cz*-gYG7bcbSQX zCbT%B=b*b;2i?Dnh%qUuG-xsCPNJ0{E%{Rh-N~N^bKKIxhRAVC3-yD-T`;k`FoBsV z-yl~nua9%kT?s{Tx``u@_Sl$FxX2g-YZK6m5Yljts5Qx(46I#VS`pB<1qaq%n!5*R zrjg*p<7v@t4Cn*u$g6ZMddg(1kj;ZpXF75u^$(fVnYITEe*JM=FAGfPoQBbLSJOF# zDCkPoDIWygz_@T6Be_LW(T0dSJQK1m21$j>MK{{@4K+v`pQ-KwkJ^G zrVwU1>zUi|bAlK!bNsT)7bi83&b|&0* z449Q1h=o&EoVQ(NLb3e>PZ3Fq%+>;noc_&?Rr7nRAykBX#qPmzIASyv+F0Phl&0KI z@hzNM6l7~W$oM_+6&x5RoGVwt2ndMY5ImA{ghgmJIbb=}s|xvEN}AAHwtm>(7am6Q8l_3QF0+04WnUt|e5^0KYoQH+|=w z7I*^qfFC?3DAvLj{Bis^I!jJ{35V znkg&Uwxw-sU=qT#&SqWN^|sDWk7Vm)4k~4(yqk$)(K=DjV4DP=^^qCkCD1zg9o(UH z25{Vg5W`ez!c5jWGLu`-aL6AhgDn$=fJU1oi#AX_mdaxrjbFi@h&~N8uVK0$;Vc*c zWH-!YSE@(7$iJ3S4frz_sG4PK39Lux)1s#G)L{u4B+zK+Z*W9BsP))k0nt7dha>z=b_ zRNLdj#-hHEs9+M9j6Z;Cqzi)&g~RVE4BiRltCEo+)qaImej4h=QQ9%|=>~*znFQIG zZxnfyfN;oeBIS_q_Zr2vTM{%~_&ZlY{|cU>UCfdVKPxy;pwgzmK zqA)exI}V2e@i3nW-BN-`gVqgyiPjVT@~0>KmE5%9FLKi{v4=2`Dg3>u*%$tf>^l4f zIkO0t6i71sB`;luzk38|S~CeqaMH+bgum!I>LWb61=o-htu3t2npJY?ENsxc`pQ`) zFJgnH0PspV1X%zb-6RnOzD0I2h3X?k`pwCzs$PCm9~QyFs_aNWY&}t$Rs(?1!nT-? zM)M(qM698hUoGY%Za!qy#=napU3)8Idpq*5kSKf;W(B07ZIDFLv}Y>_sIHvq_%_%h>@WIs3r@bnqp=KmdErAZe77zvD!3`fiP5exLyFD$lv7Fa8&?Ti)4dB!#umw zq9JcF#V$K7=8 z?~)`sd~C!(DeSQrmqtjpkD!nQAi03VBBsI=)j>S-htR{+xr__`QZ34tG_ZvN1+YUR z9gRbUh5)!6zby;?;J+c(7Zxl|@&&Xtr+ABY&a@4;bG9q;Pk|JWrwMZOh60Ou#C;hg=<-3t1;0mWdx zP2EW1eq*`#2_<#KGoT>lV{nKce$oDJ#qq+vn%>Eqm!F*VawoVzc|+W-bi zV+KVl4O^j<46b`?cAaC^Z=wqbdZ7c?q$gaE!s$8tc;&k1@+}j z=fA`VqzBNwrp>GgEW;Cg-|amWPAnUy(liVf9nArz#6RF|16Udr%P+gY@=L*zODro= zvDhKt1cSxaoGeg;UtwaBR(q()_SQTfAo!n^I8Ay2x8_VoN><{CRBBd`AAl#b&B2|r zCN-;(=OsI@vID5BRcvCpXwr=+6s;Xm2-@U`LVhMk6ec&_h=RH4n5Z2>CJ;>c8ohUNd*qg+qrrrF zQI{hMlJkrxlvOwyPN)knU5+Sf-}KY;8nj1(JAnD%gu0=g;%Io3%pbkmBPH&{%0U>z zi+5;~;JgtNQz?rzN8x&<6AM=_?xukMse5sK5uM0J8yb8Ki@j zh7DF4$SEN+%hIZ){|O!# zE{GFDUmQWaaU*>XD(jo0pQcFs@7&VFR)V<0m|6wnNNTxgW? z=vM(|$%V`?s!*Of09;H+&&A=&#XYDmgp!tv6UfD7-Qi+I2p1#Bg&B^5SuRS*I>1^p zK&2Gkr?ghe?@(!-yQ`7b=YXTxe-~{fgV|rUlL4<6aCukOL``xK_WG9)Qy!C^*c25? zEVT5+FQD{S(m{u^dXbhsHMI1c7g74T^rdHO>HeXm=hmb2jZ)ex$e&1x)a`bP`uz0x zuUGt!0FHuu4eCl~dOxO9DA_-a>4{UQgA{3V-VxoH{Wv7f>Bl_k_CjC~JB?NI0Sudk zV(x|E9}kAtt?fhTkx6L2isFTa_ZEa3lF&OQp_>4mm<8KPer;NIRegx}H=yhjV+5=3aBc5|2Vx2NHcZy|eZ_E#IA z`J2-dc~NKI-vUdhU7++5Y#>aWoW8U@@N`FL=^y_ErFTtV+D_D;9a{RQuc7oG#LPnL z{T)3(w|8jiecnguTho`mU#0dQYy$Nz@JsED+c&abniVAVAY4$+a+6VihuR&vgfSL9f?eFXFnly#0XWBnB z4JJ;wzcB4>q}6P$;kyu9@Ry@Co+U^2W}HG53Rgq*B`Jtw@%g$=o_`t|LPyE&TMik^LKgHpfGnUCPoo`Lj9D(d?U; zeThGtqZ7@(gV|&K*#*h$2bew7pKUHG(C1=hj#ch1;B8<=zR$5x#~@E_&6$7fVK4x1 z5#Y@b0IWD0hy)=X_d>}15t{oAbARE>txJlt;C$qkdUG8)SBY+;;!IRc+J@n~kUuR~ z`?K7!spaIFv-Z{>a&pvgcQ_&U6v*~y?O;v4d0(V{wKuDcc~#tj*DmwIn}YOkx1>RH z0?}-i0vZb$M)B+$3a1df&!7$vT+|JMR;p)^;JIN0bHfN88cJ~Qj0DZTo4ks8zo5;g z7wn8~#lvnbuE;MWLoa`aB5T2zMCEc7Q`eYOCsJg^%hY>p>R3%(%G8B6b)2R?%+#xG zD()yYPr_GtR3RL3heKQICpR@@dXYs)H4MzUtt zk(i77hPL8;fO!A%ZB{g%RNxt%l z|3cVnOlq`tj;4OX)aeRquD>#s&YppcBAc;9>K1%M+q4%hNnn3k;#I()cXIW(7cuk| z3>`^54rXfGKvo*3{zfVr!1Oa|2T^wW-!>mNE5An~FsqIS!O3@5y*Fi3qb8LHYK^WwXX;X$Izm&w%0}t} zn`%jCUx3uvHg$-??#a~2Hq~n70H#K4s+E6)sl#llmH+8XEwHIp{ueX#>%Cb0t;tqf z#?-h?9gFHm%eH3aRc^&PoX81hu{wDcHm~wmk_1n<2=c+i*rnkCLd&7R_)Ed4uw2i^ zzM5vO;0yZzpi}^wqw#W0{V`L|H>plJC+#>-Ue=sd`hsl6oqSfbZE(#h^9W6DEk03@ zkF!X81EXM&zqpds%W0r{n1}#!Yyz=-lR38M*oGdW ze_YYe^`nnOfFHXHgZQh)MtVr#c_r{IKY{WJSOjQbF*1e5Lgw|5%oZiHy1*wUxpp%h znH4=J^P!SC*-OUsDhT<x8TKdqvEm2XbX=Dp8Pa;xDSbVFa-DFIZE-^WZ=12@C;0Y2gL;sIvg*a zf1wc2XWL}p`7V;AFGg29Qk>8rnGl4>;z@U>|G>3SF?&>qja9X%t!yYV+(!3H@!_TC#te{iEZ5QWxv>_4W0YO-W>XTY&sT?+NugFi7D2wp*eeKL+s_D z8)Mi{!q{G(N6L(5sEPk)f)r;k=wli%M=72_62T|Mm;(x|uc#-xaGxm%M+WbPNzWE! zbj@uDnaje+@SY|QneUOzGyS_S51b@#50eMdHKcLIwCg-~1;2O{#8@*5rD+D^h$S^x`^(R?lo`8}1E;rUvFC@r z8GBdQr=1+NF>f*7h+sl>*L~{g7a4DJMXr}fc%NE}8A73xWCWF%KSW4n>}T_Uy;a@{ zGZClN0W3}W@zW=h4MSg#z3h{Tc}7=t zZ*@EnDqPMA!ado@TqjiXjyKb609j8p@{CcvJCDQi5RqBgKuJn)@62c zAakdBu7h`?+PDuDL!vJI0FR)>|FI+d!1<;S*-I_83xw=(PdtqlU&B(V-h+pFJfM%# zd&B@L0*;vOru4`BRb7BzuH11gvNOFs`g}Gtnaj>c%w-TR;JQNXP#ins3r~L%I;LB% zqS&7tW^nc|DBPF*RAiXflqu%C$_aMr#G^<)&e5S)*kJli4#~KhM8XWwB9e27 zhM=)G35ucf5}gu>ZIpNRCFTx$v`Xg&pQ4OswebEycThNzO*5`LU)*~EQK8VLnU7{H z6W!Wg%}*#%I7q6F3l&F&H_Z;YT0-Vi{Y?`JHBIwDSE2W+LXFXBbjDu9WA87~-tXMO z)VBw1@M08U8wA;L-EV^~;Amqhw*qt_PZg#&X7j<`K95=tpHC0 z@*WAWKMQnEfFER$@lM-Jbr$(;BSVIMH_ZjWthinBMps%;v&lT{o!f-ZkTJs}KT%<@ zHDYGA1v;)kbNm%P#jdig!;r8?&E+r^j#?W-@1`jq3kZgD(bu|N8ambM-^lw;!TKF8+(XC{u12FIa#02Pv<>JGfpH*GRR zw;l)+?iiAXJ)QnzpMoa4o)ow-s+#4gQ#7La(`#m+Bz$4+5@JXlKh~fpx2{szx*V6E zg%S^(L{J+mwD)fe$2cK? zF>GcB7|&OXo{`C-G#DoaFtYk!#y3U*#{Ra7ivq1iW)B|3)Fu_`>!0>Bn5?JVatb`< z7hBaxtBvZoRd_2rplmvoEh&O#iRNMt=2q;%1mdMBDa%q)mZzjxDl)z9V=fR^eop45 zfjKN`^_{=Bw=UeVG8`Pn??yIu3R z(Nk7#BtFZEm1Qa`L;bZVAS*x0%*xHk?vYeJ$91GGD^`iAtOSN-$B~uavuJt+ZAEsE zSoyJ+6>B|RvT_nx8IhTlt9r^x^A{mf!DA*ceKLkMRBYPQc7Wj()=2S#(!&p#eNwQ} z6x;m)ZTBxgAJP|d+SR%@nE3?OY%)Lvdx12k>=0uQ=;o3Scf)=vQ;Z(}k8@H+!n>8} zd~mcayaS*sclxhNO2N8Xqzb3=LRqc7%O^ zkH^{HD|ps+frmcJN)>p9u@W$=>QEQ|Vy?={{8>4i@)ykj2`57$nKE` z8A^QCulCHvfAm>KRu1VYEB6qeWu<2>{-VsRtUz{;q_U@%m7cly#*U0q`F2lPSx9_V zDm`=Y<1@3e7}-6N%2%IySg}&selGrNpbv5JxO&>_;-}NaUjtC_pFMN&qfIe7yw5S( zrth*Y1W5;7>pnw<;n`?Tr!?zKr_c(WM;T;p5b{iM%7sG3Z8b$r#-UHeXGlc<+6C&4 z%v?($dI*PIL1{6Gx#P5MPGL?w0z^=U%Rl+@o5UT)E!ve0gL+$cc^t2p^MQHW*4WR} z@!hNcQl)un9LeA2DqpXRT?@1c-W?=L^5NdrI$x@&2LbiA)%j|z^SkXKb(Vbv+oa~F zk2GqI0&RGmbGEh4FDdFFK)r2sj%uC%{xQbXVb%{F**M|#^OE5V;RN=!+lGCOq4+^W=@n zu*!HOcJK6%%CPmMiehD|C@u&q&7Ivn62+29+gTL9|7Vw?u$A$MV#%}+QLs^^iehc5 zC?qHDXw9`Y8Ex575Q)G)XX-iBeuZ;^f`;|Kqdz;gwc~3>MD{4!z(t(}YSgx@>;!AWI zh}}0N;C8+z?{eW{2EvSQvn`R$I!-uDQ zDJxb)mxel>f&7(uW8>;?OhetLm9zlOD8rQo_MBj5J7fa?r)R23$XqI*P}EG>c=kWW z759dJ5I6Q_k6;IAwqN+?V0Ausms!T;SEGQg$c4fcDBPuj7)%?ePG{`!P)6o{%itYl z87ai|ozb$!?7W-bqIaCs=w#ns4W!>Riwr`E?yE#Ug;w-l6qjGo!mHz)$|3 z8L?&HWxxsIk>(swpORB}4a5z*;%`>TUWv!h^zgNB$+`HuLrGb(QOU}($D>H2vS_a% zdDEyu;jElaC7h8{DBRVy{>kcu!p&E>|NKp>gToZM=5;IHMhbDzo<8d>={n({aoj=| z8~>zB5`;oHc+wz*e*2u{3kPoj$@tDl^Q@wAM@pn-MCQHF7i&+g`@A@tPo-|tPUy8- z?;TL@Z3~i{6~l%WN)FD=m9KQ03wa!p>F&6%>m3aF7aLE0rA2A|VESG7g<9koEn;M| zkS95DwWZmk+7!A+6`etI*mfm3zLHn@AQVXUyMr)f8|nUb>ej>%NLjJ4gJTlc{vO{&*){`Mmj-F zZqr{-`3yUY&Q-YOfFsM@*#A09i(H{aRHxj1-i0+I#!bKDI>nkZA`G$SiI@RRDzBWy zyJ^k8Ztk`<&n0NUntRIV!6`vgR+}@18Zk0l3hP%F{2dAMfk%TIFEpraGG-5lBFPz00vsrxvI@lI8Kkp!@#0yd zcx*E8{DpIy1Lmf|lV%lYw&L-u0^KQi%G2PX=*W+q!sXf;>Q$(CY%=&c19;>xhhJE0 zpYOJ?I9m%^vK4?b1k$ZDSjlz35hg53HAGl9D;|%q)(D>3Gv+ZE5!P(MvndUp zG{X8f3b9@uVHG0DJ^A9_>FeE9XnJU~O_!SlpF)jmiZm2!#AnFR{7!bt?0U^qA;iC{dY_%H{dy`@Y- z;Jyw@>6tzz(#n?7+$hXz=g{$SEE$)vWIQ>RbR#=&yy7SW8{P%i86xpJ6z)#KW#}$f zDBM+mlS#$oM%;(7`z%x=v<1|UMtt(gsTzr34mq!4Kk9Sb%VrH@4n9Nlxoc=?PP>?s z8rTn44qC}ERB)bDr23>*;n6?3RSkuEPT_6>9Mz+nZDpgpt9sL21x~8k&9>vDWG7Wg z8BhREA58&((F!KmLCgs_2Nzm-7E{sfHa0|bcvc~=;Rr*8!KgcQ-a74!)FE10McLtuy;K-f>y=AuC^Lw2u)H|?mySy*j^pE{{#S(+_Hf}5ouV><{_hew$w{K(hO z%6i1IQJ%vO7-`}KcD}TbRa5bnQEkrKp{o6?*r(bd&?lS3e(*G`@V3lE{^D(~tjBkz zb5K@x7YRIO7e^-Bo*flh1CX{iR=1)55Ct+#jGU%$yQDBum{E!EzD35t$f#)NH<@Ol zhUwJRgDBAIamFY+c2p<{tMqGygzNnQKQ<%$Nh$E7Gs1r>1wN7y{=+S*D`U6drzj)* z(*h3>p)=7rl(%qUbEuVhEcVtDeHJ@&UqpugINX;e(M*u|8x-OA z^1U4>VSt*B_vbiA*=jDcB%R9I`BQylinb4#gY0olyVL5Nnp&yMI;qSGr84WbURCCW zYPT|^BbD)zS-E}4oCh+Z854Y!Lz>>Pcr18gay}lSK^U_REXjLQIk9SfcN2xrkvJvh z3>d+`{R_;AvBF6|>y`#J~HP;+Wt!WSrHVX%X>fh6D-x)=J{z=m3^EaZ;oq;_ zE@T$@$#AO*c8X4{iI`RW!m)R37cvKW$;j<(7-;O_s;FNbDh|3AN{Ss4Otc3B3LlPb z7cTC_Y08@6D!_lO*e*Cv1x~jf_NhS#aHNts{n710rp57*VN4@>DmS4};k4gw7cymj zGF(FzGE3h!#@+9p?LuZRLx$bZRj>@58o<8Z7Pbc5(qKN?%!gcB?mt)OIRc{1-X3Fp z8!We)4&OUMc6hR?C7>u=x&;pEUor85K~yaxYCKTTHw73b`#|d{!Q==WycxTg1$z%w z+$ab9mxSSOi;c-i#RLk=Lnvh1V@>gtA~K8IFN{JwHYPh2oD>47#O=wG zV`h;dIQNT-x>D0wY!QkjbE?h3w5_o*CZI8rP&6R?>m+EoNyP$`j2=~oOeEUF6|Fwn z(-~V}FhkNwoIrSI>v0~GY!ed1$%suMCHM!*4_?xsP!JS%#Pl5?7o}-YrH^?K8fTbS z!AG20PYPtS15dEHM&=;g|Q;-II zZW{D*IqaHEKE1l!=cb^~4d|7iQhy%?xc~`{gg5$H9kQP$&$i0DuAbtOC@;Fk%9^@=LvG5G zwRd4;FZc2DK3+=#C=~$=PdSYPs`yT*iQ=GN1cUC~JbR7kFQ6z-P5<*Tc{d_J(DL&d@W8qb z#DZ6SgfW4Tt&V5o%b0B5v^^#py#j|nt+N6+EYpq;2SLfY;=rqHz>#Bd>}LqUEImMd z34_O}It=}|Q_jALY@xcmcqYE~#V_S%@OZ46SwLc7ut9^a-17^q2Tyd;o0xkT%y;18 zE2)BOw&KDQodgTORMDd<}gZW-GCPx6d$*SsKgiKGY3VO40TV29Rs z_~W!b!~`w%k%_!TBycskkBqI-(LE;f>S_-e3P8_qhe~eJA!s1r?M>(unmL%lAlt0z zYhUk%kU?0#-iwph)+aXOPa18MYWu#y;5@eb657*ChGUb~OT%ddMfA(T=>ucf*CSEs5RbRV9s&1>6MQ_`5UKpdH*SEYH&6i|MDh!!f&A4Y^2=mA(x~Z}P!PV>dwwBoXXl zd(*h2AG-;ZAUqgx}=xW2&oPC#?(n!N-Y4=HOdc;Et9y}eF;kL2nIpYHoD@2>2 zieI9EI1Ed3+_rX9UGC+{+tSGh#R@J*hjC)WJO_wPBS<3?N`gy^1esB)(Wl zZLF1AozVSSP4<#v@5Q367pI|fo65IC~x&!)zjw0znrMK~z z>Ov2dZaeF$9+TP6OQyTd`g?}V!SraTf6!U~;i05}CU)0ZzwxX{D3h}$DUXCM_L9ly ztOErP_7-Gb8m)vk&2O*M?m6kKk7b0GIWqWkeV2`trsS#K%?~D}nDkX|i02LU2i8|D zG^8^5ssO1$UQ#{wRXM*`Uv)%!-mI@`gYdfWRRP}0S9-)?m6doUz00<~>c$?E8sH`6 z`l=b}Nm*aDSC2_O^nj;U)>kDyOYecLyLuSHW-tFTK+~8lTV+6q$9Tyxk3|!BUm0d= zVvIhe!|@fv4(29@41J??o^Yr3~7gqsFJaoehOJj1G$ww1O|8) zYNa0%OnH^dM4lKvhm1-)poaKWYr8utol-+%jJrcOG*EZ2_X@CZaK1eTdp9Vq9u4;X z@st_tMRI0Bk#^{c$*B~1^8m^CCV0?XEC9+{^LHj;sDvXtZ$C*KO#q;OW$az_bij$< z@F*rAp5bl8vC5TvJ`lvRwmR$i{gX#yoBrK^mQXbTXc}M4&PNMr#P}_`aR?jR4FI)> z{{vEqW+VjExBDe#)Yb~ZiP~g-1->%E-dpouK|bU^MgsN_)eZ+-{FfpVytmD%0S_S# zq#ih4QIpIaF*jxI=x|YJPOP#Hx%HK`_&XPT z*H^B?H%u2nb5AnMSgGwnxT;ykRn6uLkp0u*h!O|dQFClUkrxb89HasB z5sSrFnd0d9ty+DA@l#bLWg!z(usWKYyjiHWywJc}6!qs|snJX~T>w!+58~1V1)lcJ zTigbW7k|}GGT%zzv!n#h$Lxjo zsN#)nsjrC&ijb!E)t)fXgG9KlflLS*$TV;nzaK!c6DPR5$l6Q0&p^0IjstIO;hUS;QKoH=UCuByuL4Ch6J zVAxS552DIrT^N>Az}^{(9{?5}mw<^Ief_uZb<^9ZY?wqIs(>n?*9ZCuw7P`ZT4r6f zuatdY?~l+TN{uqCq|OyYH;UrD7XQoD#(O8?pponeeCWRi?UAYL4SHpYWB$Yw=}Rrs zsuY=0oY_ECWN>jq8bZI;BD?#F(BNCgr74n+CmPAy`;afHeqd=l4h?4#Y@^~H47zZ%tw9}M~_ zR`x7L%w1X8lE+{<@K5bHfv%i%U|$R@UoDQawXkVSO}3NG#-B5@!)J~i(Ty@^=GFYN zN5N3iW@8&YKeYGWf;M4$Z+=hq-r0y|`;x2YRAuL(dd6To>Sam^O3P}+{UZ8Pb|;i= zHG7k->!ABY@8*?Ziiqyw^bH$gT>7xk_lU2Ost^F~mt0-fm@8JX39pjDM3%4+rs zuo)D?3&)h&5N%68SKzxnz%()+uzf3hmH?NQB~qZ)6G0mKTU z6~3v%n4H9^U6Z*;O6OIUd&HF@Tl*;P5r)*16jHfCdA;tlh76M0VHG8npIGjSkZn2C z4AugaW>8AdfPOCU(Tfz}@jwXg>?EU8i(u+AQOS58p@>BuD=vXX_sZO0_geChzX8dk zgl*hC=r8Tgrq8gm=`%o|QJ>JPdf52yw%CLj4kz7bq@kBB^aKD8>lL>n>PoQ^++h&i zI2bnXTP?cfLH32|3y2Hd*Hlr4K4)hv5JZ0vpl$zw0KaGmWQEmfI##bEO1DVezyPI^ ze?6M~}v6HJI23o!#OcG2GHrEDW zb5&o0<2?}4{&p@j;6wGNt~*STV^}0o#7+xB&Bli%!A3HvJ-U(IjBn^L{sD|e?@dBl z%yw1oSc7?AgPEZrFq;`7gd5rQSr=S+T~_M_CL6gSgl)4nqZj`b8*;h@Gg#XHp%h@yf<37QHhA}A^-O5&A3aFfcq2ICd4Em2gg zH&m)7>sR~(u){^Jdy=;d$7}h?4QN)Ba{XG{aA8)nC@-8-kjiq zAvd9XK|_ub$#Wa4*0S{Y554imD(M^8kHwO%Ig9keb}34Siq4ptsRsPO27M9uq>Yph z=OhMu8Ew+b2puW!OvD-j&|YvFyL>zeriY)MWHLQBY}M9fxMb&7FUDnP0g!JMq|i{v zNmhF>0UrMab4Kpd;f!%3#HQ}~HJlN2s_96GaW21Y&xDFjoC)06@R2TD1{rS}UbVV4eIaIZ#S&*W*u65q<~Jtj`Z;Blt6>V+N#(S}p;DHL)foYP zCIIDUBKAuGZhhFqlJ-~~8KpReds25Pg-PQ)t|imq?ERIt&THUHx1IxmrPP zPl4D#xBXN@rPK(6tv3iUk;bgaQ!kjY8h*;}L{;iL+0Bzfr(?oKDc{!HGUrrF>}`*J zRTZ?`djOK5sIORd5U>(zgLV!I6zRJ>Bkv-UjZrOzDmKEjT;wBVVXq0oLZqygV|}nY zs~$!f*gYM#^un<)0oz6R@4oZv9l6`_=n_e76;}l9$Djw4v?p8=Z*>kW z%&(papU=QzGgu@GFu3+fZ(V9W#ALj=iAr}O0>~f9Z(o4Uc#P zfSXVJw1S>_~TY-?-q^Wa5g{ZblEt?^J?R&qzA`1EVTVpLJC0hm)DH!Mz6kg=UH!OGuuV1f_v zFhJ5g65(rxx7^OA{LAY3O)x@zwe4&=z+(cCGQNVLYBC~hbruBc|7LeXF*&Hsg0=JwRAZA5eX`lyL5d*{)nQSvv$>9cx z*%8a!)}t^?-@?Fp5X4H1rm};p2%lmg?eywGCoh-Yqpi5psXoRQ#j~xg)8B#(if*J` zWTkbw;4;P5pr>Lm@wth`(IYP{yT`}oMZdy~$fjZ z;$E}fV@3<^^xqs?vE5kA_xLc(>lm6ebU-=A*?q9Gdu;LMId9uR87DcmFv0s02F9Wz z&c_=KruBU5?xrUbz}s4WdcNtteGc^@2vpxF;oAo?MnP66$YhE6;XU(XX~P)UIALQv z6z!WF=?`5dvOz62e7pIfEq#}JKB zFuZR$bKeD&v8}Nx7n%G|K6o3C_rYt(ypIBW@LLA;g}DFHndV2G>Q#t5p7Ld_m*4s% z>&r4)^7JX_BM9UM@v^%-yHtY->!=+Rk4E88SU&b=WTg-~nUY)$zqWEHUVU$4&)x=a zh&8v=fVR0S5<~}kcmD0qcgmugtVGT9lZ3o;SIk!&SLBBc4qO4_XcjNJDLa4u;VEpk zMl48)2AgUqoUP2yQy|~ zDEkT-C76;fL2@M!GN{Fh(Nk!1&_*dkO4cJqw@^#ga#;qVR^S(b16^as3v|tj!T&-z z&;h1uF{1_xClP?fxv zFbWG`eZU?ukt^KE`}`y`2C(Kj568G}PPS#iz2LzT{sG`N(Cy$0bk#tk;5N|R2df7H zT{gX$!iNRAaYhiTvonEisF2@^K)0RB)nTCfFNEn@pnC$kXUCxvfo`sXb{ObprAyG6 zK)0{Z?jX<=rRa7#(5(Yb*8|Bu1&(6DSsWRsgIZfRU zgL>(hu44-%xoI8Kf7hDL89eL*4s3GIp27VWt+h2oleorU6EALM=CN1k&JD@bh?G5F zry_U5{kt%m=?m1MUZMJBCFkLfQnLv6Y15Q|+(3{WIkM|Q0_8aY=t^DJe<=u!0Fc!( zC;+`kY2R$1G15S@M_~}3&}E|F>@wAuNecG>kt-+!VQjITmE&F3woBUL398Vx@&8#6 znygcTD)dt-=-*)jD8UFy+AJ2$ZRS;r*V|x!PTVxTbsbHreudUP`4!_H=MOSD%y~D{ zVHVRBQx4OHQLE!H%uREc)sVp`Txao4*MamNQi}YVuT^;OEN_$VEH8zk_>6VUZVqZ5 zik{U{8ZS<0e^X4w{w7Xe#78$l4QbnXceqJ=BchVAP4Usq05h+OV?pB@WJf{RnElw| z#GHDt)!jjNvwUF5y}kUM+8xBbz0GECZ?iNXoKs}OGzb4$YxD)}F|1Ox}!Octwj7X{K!iF zfIk7E_N>f!L-dMpqI}HMGl!q3jVU;ve!oLLqw4>Dqo}?yQbt9zTa1aPNlC) z1&V@+(!<@Qzv)D{`vGmfL^`{MGzA5Q_&rl=NdJ;c;nV5=k@O#Cs~^{meY|ub(jSid ze{);Q_t044T`jAwFO|{&ES6oSItn^UoPwgoh9f|F6T_uk!9F3Fup`Wj+xK)mJ2C{s zxD82YY)=}9z3s7*As$%Tyx$iXy-G{KEfN{#v|g?eH%1JXZGy{sLd4ke*t&l`F7ntQ z-|7Z=@xQ?|xVK{{ZEq9fkzM*+1GN}qA|4F}8pf?{7`L`{N0ii7!r8^q&KT`RxofH! z|J&riPY8S~-+6Ib6}t)LnW#aF%PzEIi`(Wjp#LKkEVc6-VzQUj8!XH&k<+n(){KUD2(maie)4ZmHMXq4mG)rRZEa*YCF1QOYy<~fY(?h?Jz!cM99_y z4KK~<&X+xQLuynk;T1#YLISxHWYsAk&gp?nbj8G=W1N=)((!e4#f%`OV*q4_o|y07 z;K+x_2k7kGVLLX~g)krVYdXFx3rm@N6n`)}*483y5^W#FZ-R!fj7`%4E28k1L_ppURLN4Rj@jp#;fY_;$Aj$e`F?GsIW9$Kp+?!Sy{;j0g$T= zNEjCUajrNBCu6WTpVUYc8DB_7c_A`Ps(`OE;L`wvjSzUcYLYCA9FyW&GF8iWgVD0- zGtOZ(4AUjH$+g9)6U2RLhOFNbXtWg6Wedk((qgD`qLpn~`87xIWa6qqJ=mqYKHWib z$N*#f&k@l63*u?J)NVmzEun-vlT2>f0Aq?s<+X5A*%h25j+AN*%kZ5T3RA>}Lk%fd z#2;osk-qrz>};wf1!i_o`ckS!0k2-nmV#rKCTm8;q-hs6MzSxyV0C1BR(e^gV5s;L zMm`Jzlg4>t=a)8P3cühN(Sr7mjoDNbR0697xCR%(lmU{xB)i7z*xJAo?M7MQH zELLMQnFL?HmsMTTEbhOoaHwn_ei8F?ak=c@IIzrxm4m2 z?kB{p40kdK`RW;Rut9Vl)09mgu_OPjOM}H}7XvC*_zij)=6BUl|Q&H9OgKL&QkQ-vJ_&GWiKwqcHUwlV3_}jj0rQaot9z zEH#Rjl7X>WYP;(ZBP%-OGn0H;U{Tm-c>}aG5;F>7MJrY3B|(@t8+qu5ik)*#&y6 z6)(37GW0{79#Lm~k7AW7@E2ehzmxt9eVNV1`!jx`dQ%Qw=Y@Z>hof>r(R9(5x&3Gs z26YbFcG#nQjO8iAaq)fflwP<)4Xc>q(x7xDDIH2mWW62Z^C^hWX?1LQ$CU99sCxjc zFR04-08s(EwT~y?#so%Ye;6?y3K&iU2zrrC<-TlTxYDIpJ(fVmlF#5UE^? zgBFA^FtV=&nQ@Ij_!tH_DBp5*2n{5o3!aF}PH=mgp8gAo*aa6UDz7ztI-I6wRti2` zg0HWp1U{OLRjYtlZ;%_S8t{Yv8JEy4sR_EO+dIAxbQHq$juX)pks#0s0Kz0R{4Xo{ zfaodR(k5V>0`E`kjiR7v==~;)7(mHNPV5k|t|t(aP^%A-ZA)_h4iTk6Sz-{?CDVk9 zk4@+NK06m<<~ zv8XLLAR>Xp4|Zt9L=Q|F%`-AHKAn2}7;1+)2BsME#6+q^MdkVkWnkcd*UeJ`+S8Hy#BUPUW|qe8>Z*#M|UNe3T1k4yB-Pg#4`Z zqkW^0gV>yvHlmz|QN45n+cM8CoLfOZC4hGx;d5+0XPA8sl0ZZRV;eHcMky!*EJ2n4 zn}_f2#dm-TO-zvKhRS{&P`QLuwoA&UND)QW4NesIw5%he;(W5C;$W8!>iA^p>>d$= z&4V2`5t?&0ZfC%znQ0rWi?<^H;(QpWdZ))uCnaexczTSv1`P3voPzPHVJ0nV_OG9C z*|mkR#FT3;m;xKkC@;LcF_KqNKJ#MqYI{wdvO4l}S4EiQU^Ljv5S0PZVIbz{SEfM< zgFrpW(JG0@n2qVEEAAzf5aSa4^h&_1tJ+O!ZD7g)Gykzp;|%Vc+>|F2js zzvfdgl+LKvt@WwE9@tqe;1xL9>|UPx<{I>m{{l6}!?CZ^Mag-}YzaV(GC~R#Q{Zt5 z9Cd(AkKNIN-Cc8#0-q&9xU&6bJ!CuHqhW@!*%zouzr9?%ZEV0aM`*P9$YdWu#kz~P zHrh;MKjFd4q~@761@q!!@3&$54BF_YzH*%*9?<1Mt03HUAiB^;X^)4XID=$ErZkeT7pceu>Ww0YwnlwXMX=*~*{D3v!i8Eg*7%qBT?L zR%j9bu3K;KHQ4>p--_)g#Lxq|6AcQevn^0j! z=9|FWBNY3Q_kg{3X5P)Jh<7gyQ^d7j0lV2#y}j}TA;z>DA8QZ!)==y({{`$vGGp7j zHpUq23vJa(v$efvW1s>2l?6LU1PgH*w)W7IC%|t632GS$%Nv8@YoGTwA3rnGMhIN zi?LmLce~EECsV`e9o0p8PbRr;@C3m^J)og;R1{(O$Ot-%4?u(P8(*qpc7UpkmvyTsjB}AVH-4Ks znoJ?RNyWk^M_)vxwc7itvn#N;)0+Q$)g90)7I@&Ht?}M>Py+u>r@s;(TbcHlf~a-3 zM2^-RBH<2@cn?9C&;&>GJ$3dEBK5_1V=|B~Fi4hjx6X3Ty2NmPh(z}6B3t$TP*V-%DMdl9QV4?QFZr<$v(Ci@`tN>gtC2>6tGIR zWj&v+Jga~~PpzXXcrJ_0XmQvEhf^2`Fd3Uo&8%HZ*k-g!d5dB0kQi~udUcf{P&(#* zlLwftMm&Q39&4kOYq!t8F`r3e*T%E&+yEJVlzI~6-V~qE7G0Sg6yQ`50K&=}fujZW z?pzgoNwzJ4IB{uF0p#w5N3Qc?kLa&~=E* zop*l968D0{d5~DDU!`(=M=T^a*u$S>40-hH zC_tn5wWka#Ll^XMqjH#*&VjE}B&VctaAaO$^}Z~qw>~IE0ZP#ede4i^GNoCdyt2S6 z$%V)e^>sn?CzRYXlR)kjQ_ncKv>N&aHS4NUL94kH)6=di<5}gw-cx zuO;adkPRK>a0&}~O#d&_2WUEb)ta8S8`6KK=`s~$;M-xW#CPWz1=n%%g~p$!^EvS< zP7z69;u4iX>2@hlRx66k#ArruW;|&#%{`vEhZM(N zONY16j0h283=d%7wJXg&li5XS*|q=|Gdm|O+m79DVD=a1s?V8X;FdDk4FV0{$?V3o z>;gO!)>4Z6Cz*e>P~Q}7C{&Ru_Co5df`!zGrryZZ>rJXAtt9$XlO)r}^4x31Bc2{~ zUkW%CoCnZf`6WS*XG063wOpGFm>F2|~;h858u@10u}cJ1rY?`kPxu@|>|Llvw45 z@hsHll&!=npW9TcGcnA&CRGfxIa;|ntKwNld~SlNUJIv%zD}nEGyD=v^~8Ubrn^Ci zdE!sS_)z5-yoVoY@7&)ZfOu)ZDmj9L1TlP zN#}8aYE#5}n6zdbRfa86Rymh%M!vTe2GG=u*O(Et8LLtmZ!_Z( zo3SR9@mFS?VKcZA>op*y*!$!f!EAZs>dkSm!~YU7A&7E;3zE7|M^cVSO1W}xrvCFB z7R>CmYL~rSFFT}hoy_`VPYFtL*aNg$4g}VVg0(*7L50-rLnbvYm;GqL|9lWKZnEH3 zd*X)Wn(Aq99}0A?C9*K3i$j@FY%><6GTtWjK_(;TiB$S9A{1BzQJ(St5@!7HYnFL^ z4x2y~^8%*--K59mZZyrfk{NH>jCNuaua8!)N5h(s+ig8>M*VJXxe6U<&*y(b-1&mr zoO1OAOufdW#___D5$s{6PO`8gHFX(NN7>XeO_hpygr$J%|C*zf%~=)Ij^WTBZ(_Y~ zQj|AHXgfh^N_oI1O#Me0wSh~)ZObK9^&^{#-P%pj$|irkM`tFHJk8YmZ%D+HC!ySS zz6?os3WY?Fks z%Nc&nm`;RTo58-RX3S>BKhI|A6LC3ztQj$8d}uQYQW$qL;}x61bKi>b0y7rbjJ~Oi z_n8s58HK5gHfCIDGm4l|oQPH?;8%o184gHJ{8}D5=Fh>$=$pqkg9sJ}riORd zn-2lq+k`G6Bw;c4#^+7eDP!qgT_FH?wxUW?FJ-4|oJoyWaT5#BqLu5iDqc4?pF~@S z=t8^>KD?lZ9WcGB8}h5!3`k<;Io6#3;*3!K^|zk6i6gA6?Elu5^osXbwOVG~bb6MP zB^VMAtrj|?Dt56bnK|Y9ImvA9+A-9&Q25PT^3(SBBkWFn1(f>M*JYwGZ!lzlYJ@G6 zVF!qdSNQSJ_9v?)yFFeKVd*nZcif@UkEIx6v84mRcCc?|qMf4J8IJx&=6D^aGDN$a z8sWx3Dq^QIC=NOi=vYf9BERNJI8SIPAf+wEXUl!1z`F%_L=a@_BPcZ#owqc+^uG__ zVIY$1uX359OxQ#j>-*EXE~CTlXx`u`?MpR7$Iy^8DzJ zkkc>x=tt}glD7g~kohQtNp_eA(%lw*ma1T$Yr%^+oM5!XLVeiMPA>-ur7_K1< z<{CmX`Gn8?_d#z7ohfJTpP#4|^-ruaKAmCt<-=Fi3(b^c?%d^rVJb4}!nD~<=Nn~S zce)V6Bt9oZsvF9$70m?ZfZO8}a_6p;DU-lV@QUYs!bpthf*5@cHDdfrl#UxSt2qAx zG0H`8+{%J?F)J=~+>v`;5+^M2v4swZ*F_z?tPXV*m?t+IQ>G-i!jT}m;sQqkZlg)O z_ViC6!Fwt}`)K%NB^ajIU+%EasW{(Z&uux0$WOuk3uRvc_QFo*rC33SF~L+Y*Rwhf zl$(`c5z7^^bq>)ayGqlG?_N8L96>E>r=p%Y!XF)V%$>>_*-ba~;HCV_%G)#k_ z8RQT2QfmgXcN?Z36psdA-y!=2)ens#ukyj0ja`~D*u`S2U1nfCG1Z?7mVl9i`NnW$F0$m#(J}K0|Hr>9R^qZsJH1P%&v(7l>4K=y-qAS##AzTsx zFH&8yA1>t7JKwh?S0RJV&{*-QHTrdue5IG6H9#FiB_{D-)*Pi?4(c)~FJvr>5gCZK zb&lv>AlgzQG_07?q=YD;y>k@bUgHbxCmw*%e%-^qw8Pl3ybx(EnRsmq@XDa@^Ocvi z17ghlMm1}?o;L@G>X=Yo-F5Vwr$iB>tgjrMnP?W9f{+G3&d zvvzn9nRiTPzzPvi8yRWQ&XPIVKu`$`?e{nvLFJJXPyw2aUc1ibpEBbZV8fdRXcnpj zQvmys&GBHf<$@S}Y{W`vm_CrMocOk_Hr><1BnT9A2qkzWVkAg)UW`HeW-us(cYW>D z*R=`|OFA!{Fs?re*zEF*B9-*s`9(U?((a|V3@aruT~02px}}Y+9PmNxV*#M=9KB*T z$9C~fY%qFX`;UJ=UPZMGcv9TjNTcrPH4Vh%RCHH_*Xc4V)P~)o60w@2+ zD9d)ErJSDx(t_n&KH$CBn@&0N=W~G?vnP#N15Z1>v@w!hTvj>;N482&I1^ua152mk z09UWVF=IwHMhXgNPMO&l=`-`<%P(t;^ersEczR=`aLVNs<&BY|!mH0mUjM>@r;Tll z3>rPG_)HuU7+5&{;>O63%PPvJ;NaI$GY?uFImT3MtENbHeC#F|vw)?8F@1emra@R~ zH?W&=DE8Y}A7?TYaWN-Ldlwpq5E=mJMLar4Sg-}1b|8@sEG^_gr=QR%%0P#=bppW` zUqR;yrQ^icKXdxBcmE7@RIXebI~lh?XEK>@G2obb+Jq@5*K=*$GV6F-7q@<^v!uoy zb)qm(oh5F4J#<^*){$Xs!s6DAVAENBV7{(7Odn<*kI|X8^J(1r11362xTAtf+{%Fj z^@FxxMOqU(Z|y|+ZyVAY#KW6?A;tfjBZJUPC1M zH-QYBDK^#j1u|>Fv_Hi&1;(=`@(Eu3Cg29Bx+IgvF9jfwTSGQ)LD}mq<0B z1>;>=_BiWk;~ctUbyIYCVan}8R)F>scnH-F8N5mKu^b48l?gyLZvOBn%EYIygg&*y zVeG>;A*Gy_IZmm0JqoyKiGS^u7-zjeRaD7w9Ii9ypcimoKZ{y#A;0lI(z&(A$GG3v(^^13gf)-q4xC zR0qgV%neY)uKu(Z1{6JjzWv`{X{Yd=!?l>)cpBZbL&ffb#{H<6@xG7bW-#!QOLS#nkkM>qWX4CF;Dx73We90p z-Z-=)+L0jby)A9CSlTh|=|UTmg%hDG?r_Ync^5Ntp}Ka=R9p{{0uvTPwzYTBd(>wV z^U_8kWX#sW3ZVV4%btfnklTDWC zX!J+2J9L@5fB}x!ZZHxn%X@gR7%E0rjD((K*firH&`qBn*2dY+guKhs6Nd}I^jgG@ zMRa9Z&aI*1Wkz5{b*1ZTNbjUC}TYo^@So&L_rJ7)@ zL3Yv|3uMPaNN2acaE=E-om6868S z^tRm5l@Te7tydjd{Hp_fW!V%>R;A=~s-WF%^^y-B^?2Swh!ToocO~5@DA2$nKvDx8 zRJxJ6^JxrlT5#ylRys$+QaMjkxC0DrY-8ZwI-CjZfc6QB^Y1~ReV)(`>8Q_LNlL*g zb?O~HHFa$AyTCx|e-*cJLnyqaW<3P9gWU>|o_LLN;EK9%zni;K_J9Y54J&Uqa)?ba zez3u0pMfeL-B7r({Xr>YW;aK2gM*26IP4W#&mbIWut)GQnlt(vlOXr(gRo$5c&#sO zIJa>1^QV2ZFVcD-ZL6XJ7LqdzfqQQsM`Aa$J5>q%Len!fle}|R5+W$|g||ZLkTL12+7iAx zz-M@IhW>Fl@%hHvxv?5t4@Wy^UJr_o-ZXbPw`Zry;Di*pIUGKA5y+Yia_ZHx+3>qup!-N=q(!VN+jRgg;noeYAf0jD!Ta6e0% zyUROC`x_{=Gqm3n~<0NF&ft$rT_JrYWZanfBkydM6+Yu@ z7dsW3hjqv(EjHhGlgeeRk7lTv#hBm=(!NQrgqG;fdlR#3f%;+KbS9WqTH0L*)F*e6 zc0WtI3xWC{uyJSPex1HRope4>-$v414b&4XpUwyBfgyah7^wfZP|MT#K)nJeTAt1a z>RQXk7pNQYwoYikbprLITOeV`h*~OQ=(xOecP#Vb7}kb(aOAT z<$DVQFUMS#ZjO!QVRouXV}Yr^sL0;d`;PZ%f1{Oa)?QRR`m+&qf!P$4^UG^N=CNeD zRAfcw=~V4BVhg4WXI}k{p<<6?2#rofk($PKq`eoS)|UCF^cLLnQ%%roK{bgw@7B*yvIFV$r(iPe z&E3^>b;fiRJHj1km6jbGzo@!HbF-t!6>fK@rQDyEvM?>ha*_R7KH&lfLBFMN2SPYp zbkTiw+Jw>|NSL?`*)0bXAms8ss>^x>W^%fn3VNUH271%A0Jcb56lHs&K1kHeqWm4% zT@vL?R}`zubWsNQOHn{ke$lZgWnC4ev5%t_Ys7R>xFF&v^f-!gGf^{Z+ z;flf_!r?)Bs0(WVcI{Y{v%4zF>YqDW=~@F2Cu(M`tVMR0v~sK~O4k~Itd2!Fp{t@S z`B{ioe!2$W8ITWY0N8DJTGtSEb!bb z$N&?tgITRQw*>uKeyBy*1~?XxCFnZF*t0nF&+hJgIljh}{J6haMf# zo*10{@7WdFzwVIsj3Di2%ex@=fAU;lREK%?(61dVdPTKsM{f!WraqU#^K4f(u$e~J zbk4@C3G3PdpaiEri7lqqL1`MFNtO>UKw=#=i(zK2(RN#uk=-P55E+?G5}|N*lf?Fx zwz)$|>)5rtWF*XeA%Lx8f4L3{OHD({UFCxU_mlTN3bza(Ab1llsJrYeW}0w09LuKl zLk&)*8{aP=UykAJG?u7jtG0{U%LKaZ3}r<~w5!`X?PUV5?PP=sZtI*HuN#FJFQn}( zBSgCqbqGL!XjfXssX%|iauw@3*ltFGLv1?0Yw|Z(Wm)(2Ox;Sab#^Aq> zF&_Sh9W!X6R^R38lA!-os^@{K=NLoZOvO{jAy2s`;28R9VSaT5gs(4q!wj-qY&$eV z&CCnM=9OqWYSDFJs+DT!T%3I@*GQzh09vEV#mUkFijAGuD!gZJcWYtmmbPCVE7-UW zZ4H#taX6~6_6JJKc)3H3NU7LjebtI8ldLC?HYR?52QRjS!qqAD-vdsRWuRK)^H!Pg z;myCLg}SQ+1!ZV(%McpD?o=)#D2*utky2#{#d=t=dZx+{3ipJl|lx+_5qg8*2wG=ZH#0=+U@d zy%#^tQcHzQuy^j}^XIgD+e`VJH>xWZhKlAC>@zg0(N%-SoqL|#Dr1j+<#Bzccb^wi z0UuNNa^{iacofxle+TC3N8V&Q+D@q}V$gQ)LWc(MyfcrM4(g*QnS*=K$x=Et8M;4E z=oDq3li|$cG9ZCnwlnSU`8?yn)`qB6$5Y>W0BjH#ppcz8=Qa++lYt|wxCbXdaB$}d z?nHt&8%?CzLJfK4Lo-MjY=5opRh550dCiLeT`%Faz@_@^)CS_bMEvg}B~0 zLFsto1gj0D*F)*qWY9ZC#9EVqP6jQ#4y1sVzPW+LTbqGS*kMLAL6u6!QPb~*&bkbA zGU(}WrQ_&n66mO&j%qA!6GZc*tN$4bal*kcH#$K1HG5!c9VvJ|nht>f01&g5^ZnNe%++)!ZiMNKx-FA%k$h9|+HX5$@zw(=fZNJ{Pm{ z@!r||+hYSx3`5054@Gw3zr4GNoq@i(n$Sm=$_luq$qs`I;`PQ_!YJRte>CyLTQ)zZ ze!Org6D|?_C70W$Zxfd{UqVYUMGCXj7RF^W;-_JA0oVu=y99JjeS;L{Whu-e<#NZ& zZ7R%vUi1n>K4KY{&ElVi&0Sz4g)!stQCRI8?tX9So{rhQ1^Q)(SX;vN@>m^zdx;|V z5L{Rg?>(4*dlZ<<3yKz;v`y;ybeT_X?0+gZOA5Yug?*i(Of}Ec0}$_(qi(Us3rVwD zLlkrXU!jT1f6r}PZzg?SwyzTLgKSecpV5|&-fvevUAPWH(Kx6*&yfLlGPLoXgf@HG z0^du=$71*z#KTTKzWHG;S};oF*?g-+Ij2wXc7W^i9Qr;Av&8-SpnZ?`F5urDo3wmi zoxV-woBju%9_bEp!LMz6$}e?Fh;Ba$J*TWbYb6EQEP^zdPDjx-v27Bhc`3Tji_OKx zMJFF)Xh9XyF6qC0^xx1PiR~`4HvpMgq3TGp-Q2BOH0HRUgyvAtbW{?7Wq;;JPf1dS~V}vQkS`+3<$NVHbYW+M$3Xf6dtZLCm=lmo*2Kaf5hfBx^RzvDU;n}9; z`p3CH3C}+~$@BNc7u6>#c#9HkLU8}A5jhHMbN85jTO2|Cc$}#?P zBS*h0bELbWp||f=hT@!1IT)nrWvQ{$dZAy;lZo5@$4V5BlI;hGnG4GOGs) zB|ZvVyW1QamKy*J*nJdP{{o0UYfbiE({ZpT6STF}XZP0Fu*oin*j-NVsrn-l2sSt{ z5t4b>Pi8}GSi}VZnLqNq9Z$_AaXx;r(M=(lbNysC#)g%+AZcVuWyYe(fhm>p`^hxL zhLyS?X=KXe`U{-5@Z>8anRP8b-89FBmAN1!<9!o;A>btt&261Jl+mZz1fhiar`7!9 zPWIp-_juJv?dI(QV(5eNwt!I>F(v*6a==Q`ne4YaHA6!1SylIEn z3Xep$btGb+sXxaM!2krZw_#2T7io__Y_JM4cnYNYzSSj$U&1)B!9bHKPn_Y6^5}{Y0LtA9 zy0Di1ECB(Bq4+*Bo0ZIZ2!@DK(+>ci-LRlZUjzAl;Y3HlDv6 zhnl#FLNWN2Cu7YaK*E>z8??T(wAxT6(rSy<5zK=z@Ua!k$dQi7@`6VejWG_z0AyoC zmm$)8i^kl~queVBCk*$5?CW$MVFREc*GV0KT4#OIfU<13@)hD`wd`bmQ$7-KzccXN zZl>|xi7qjYsk8WAQCfjm`ioW61AQn`+YJ9)%RhtwuBxBAVj}>8F7fUcaJTDXOt(Ci$5dIkbHCQl(16>JYM`wA3)m&r6Jy zcAHdGrJaxbq|$hH_*j zZ_muey80q`1Y+j2&fDfFmkq;t2Gnp5Ec(oZsticffDKni|9y+$3fx_{dEniY22$aw zFD#ou**09g1F4_|FIMRCH_2`+63SF1AmiUe^djOMtwUbvE;*s;aU`SY*KNGW@F zjb58Y!u;yfGlTY1(DxLy6M^m#1?@zjyIw&%5$H-3v=f1DUjf}>p!@INXrC?wx>x=h z7U*6uWI7kbJNCLB}A+tKw#YasF51u-ZnZNHbKx@Eg1K<@dv)~7nQzE$Gu9zjC;@6 z)%5-+86pKzSdM$qjfxG+P96;s8Bjm%VNmxEMa@nAH#65s;|yvm$^_@f+yGQ;xpq&k z%8dE3GJV!y2IS34#xkQmpr}_HR4hw5Oo#PqIU_?kBibSzABtDdvYXg@6m-w!terUu zhcCVN7xj>{$INYwh>s*78_dy#nUe88hsV6|F+FCD-(xrnA|BH$9>d%;kJ*!mH3SHF zOa)|v+Tk(c8tORo7;znS94VFuO6_vM@QX#I%&Mi#?XMqjBfI?>s3XOY{TWjnF!UesaX@I5Ix5gtlmx(Dx{!p(MdS8BMyuLM7QtE=C zZZkhvx6A&-x}ByFO#9KLjyD)GyZiO}jNUJkgfh^_jGuJfIJ@>rW(1CF&R2Ck0)bHg zOoO#HMoQQQwqOesf1|Wn8RGLHK;kpA=0E^Wg3WE6CQ-TxIEd2C{Ktk}K6N2Qcn`Hg z!tTb*VfRr;U0XwdK-m2+GzB>kcAF_!V{sFCFzgC5d^6dHI#r9fQc&}2#sR_r$lNNm zFhfBWDhQ`3W#ZoHfr$KwYL^zEJ-Nu0FQ+@f$L7vmu__xP!D7^(E$+|{XxrQz<}n

`@Wybt|=}R`aBMk^A0a zHLKX-LcFZa@mKi!o2O!H{=F`m=!RH|zxmJiS{4O)1e>E)zs6G&6R{Rxa#cP=yO7I52ipE0Rri^Yg82a~=ARa?K(PO09& zR0%Q?XjM~-!P07qzf+njA?WJr?j)3zd|M>2qeQJgraRDGyKXN-2GpQm0F5q+086i| zX#erY|5U zJ#Zu^O^5pXeu9^c4G$=h*;Tn19$rfxQ2YP`qP*Wjxm??J+`Xg8^`aOFqG>W&a% zp+A~m^S%LySCJJKGm?)=0=CkzKg!17bcyo0(M^-fkCKOE+d!=kEQ^&l5^u$)Z2#x- z3=PhklDQm5zR>@I-F|=}TjNz`c}32fRj@}CuVP=9z2brK-W$1DGsEK)H>;Wlt&_F{ z-82!cEn3-@m0xqZ*=R~u4JYA*M=`?$m2S&8pAYEPUjq$6y1Z!((3IA2s~w>J^*Ggx z)x$a|oTG>1Q+nv{>A^eqVD#XYd&#dt%8f-+r`#7%&Sg9wQqS_oikp~_I)IZ)+fI-j z084o8L5ejQKVq|r`o=4p@J}DHy1ibz+(fSR+k+Si^}{=13fm6~3snb7Ocumk_bYRZ zz|qj-XBrI!U2j^z^;lc!1`t!IvFgM128~HOnDFZi6x*>`*LCKwBMPASG0?#%n+#R# z9Wqed6rczUkrCnFm2sX@910&%iU%ESm^eub4p&!^%iwx9ba29rd`L*cUw@@<*+S7{ z&)`v=p*9lOqla4YhXUCi&6{T&SB~Z}4A7ZLpSreYQa%kJ>O1u2;u5w4+-l%btCl2W ze5S-#;F}#mRDirNqoa#lju zrbMiRKW_hn-P?s*8aEM8FXcmDZCW2Ry79NZ^K6B*7}Fko)1(P_cG2&ccDtt041jxq zX>*WPzqX!Rk=NrdLn4DVvezM{2tC`AqsAyCHqBNsrgrPS!kM zCkv$IWVDjH3lTl>pErbsj=H5M2QE)B>oZ?gBwNv5W8P|io>VU2z017c`}1ta_A}$lU3A8HZ=VOq znF5J@j)j_f9`PsG)FQk4agAG;c$FD0ZsxZA&5HQwKp++g;%2PCYU&ka($l2IBPE(T zgG@FxQVlr%fYIh=+$EJ&@vO|8@?pEe`X|hm_DmON3_MbsBy+?P{rJJC&lJ+TsW;GW zvWpaGERQ+NG?wp(B<$hSxAC&WXc98VR_zd>i=^kGg!GM>ARSs3R#MO;%(+LH=%)4d zEk0oWVt+Ocg?f$?8Y!sXwAyrI@)}K@4TS1Gph6+l3$q!!hB2Y5*MQuqqAy#G?R1f? zq41~QF($6c5)4saOr=^0e7HO~&oDPCpr=?P*Z~!QT)&Qp-?RuE69{r2wp|9B2 zmzKq}3H~%WH+?eFqN@tV=`9dPiQDqtDvX10O-8r!zWh5Umse(#k7y~!zun8v!r$!j zzAYElmoJ6piree2k$*SU&ys&Pw~VT<)|`2obF=0gT7QS;+^sqHYfhi~MVhl%bDl6c zB9rNPj_RQ2$=(S-8EQFK_7p}&fl%?66Men9k`Q7UdUfY3F{f8I-%qSGgjm?sn2@YM zi8;Nx6a2&`h7gk|i7t!nzG*QVfyrXpWW?3>;y|y?=#JMoK{=hd=;BH%j?=QwH|n)< zwy$Xnv3&3L*!wzyZ=u`Q6Fge3a%}73YGJ+JKEEB?zK;_6di!0#y$iSjzgRiK=NG)X zB&etiesQuAbNu2eKQZ245+s(vFE#^{k~w}cz!K}KA%-|?gNCrKq8?NO9zH|3xIse% za8D-gF^&n|kC|XmimTH}HFx@DEs3iwPN-JZSO~%_rg(mg_`p zUFYrU{bdyp!n>v_!~G@?9jM(fd&Qr=Y=G4RuP4&i8v*FE24C*0NT%;5uv^h<>+`B< zrM!#(!g#Z9Z3iIAe(JWdw|9fx^GYY!o4$KMfG>--sr>dDu|6t*9d?*uz*e`_*Jw+- z{N=4}tM66{b3h@~acuO0hhK7lh8jKXnP0=HI@fFLN^D#G2n1}zgS@ivj_+O|m25PD zG4;fT-U8W*Ni=Z)4su7KMeK`r*!D5JyM71S!+)gBalup};(dQg8-BOVi>iqVz;|?U z;erbh6rqjLmM+FyI=6W+qE%?g9VPBNP?e}r(T>a7z3aSY;hs1|U0Kwy{Q~f79RQV` zr3&}zPfBHJPZkf^duvs84dTT>(E@{AmD^t zk(-O6+ZGF;ZxeJoArG4N)bMz*iVa6jk?>k*&=Jnw$NR@ljQ!Ze7+>Zkh1!zXg=e;C-ZNQk@ySs7d^dtn;0Et8Rns&gG-F;qW}y2?Cco?Ed05$?~YZn9fw7K3H%mtH%l-_*C(4k6HN3 zG8etFO?-|AAMcRdCKp}Tkp(q|tG6_C&e&v1{9v=|kaL)O%O z7k7iq+komKua{nvvXkCdRp6NG9+asBy_Vr^}iQt=v>aC4cbtom5bXu^Ct)KWZTbF8RvSW+eW@DAP(-v)(K0gJX zyW$Q|V!_;928)(ZW_VybMpKRAhp2K{@rSt+BR*mCmMepLvk=KtCu9qT?9p)QL@H4R zVB1)wWdEfI5mJ{DtV=JVsMwdu=HBi`^6Jv?q!xH6(rKzb_3e?Zm~0ar($Ko{{_SYt#m3XBpb zkmqpO|1D7faM+;8EYETI8;<+J6Hc%om>vaqB~-n`}~?OHz(zT(~R-0dW{{7fr-^hvXMtvyzPwKZW8F8ue8Q}~n&jgbh2 zMUsl`=Lc*0HXL6MbgOM>mB#*4uF>{FsD(Sp zc_s)nqZ0(?$Q1scqFt@f$0+TCm3EGmCc^NM{1(@k8UpyrN`8q?TVkyrU+7lruYWI< z`+6&lW`C~gd)H)-H`!YKY}J0&WV%&*3Hjl_WVuM7^~>^x@T}UG0529LXmWIB$x4NK zeoZyt0@C$Y+aF>Cm=Y>ofyp$tE-=8XmiH;Ll7G&na*_; z^AVufLa2u9Ch{jA69tCLP-ik-88(W6#`iIQyf}8;fxY?_A=FD_vUI0>(oA4K0}?3e%+&Zy;THSy5(c2W#CT;~8Ow3n;S_x6ioD^|H?Z`YA1Up$m% z<|m9KSxHVKI*Mbuh*F32fa0tu3xr%~<8_^iQ*JnhHymf1Ot;3pEIb)aJy~k&m}o^n z4!dfF5YN`QHVj&lNe2c$>1tNYwg-)UtAP`+?{8Ghw*{mkT+AgV(-m{5h*^QZj+jgg zh#7IjJegt+b71h(74ziGV&1A^?$?o+JEn^{3oNpd=E%O+CNQxBF&{*SJ9%G9RkpTR zZ9Z5pJ~S(!$@^8rsL7sSvI7GHiJ`E%RycWTDTN%b#7l*r90$vCMrhs zha+ItZawEO*x$)CC$WwIHT>($Nu(0fmxDd zPjl_n=vKqt9DZSEfQx?U3H%;o2)*oS0|=PGd%TLjF?PdQ4O}vujd>+IyLE{OT=7m? z#u<`PJ`f`|5%xV4na7QAJrs%IhoPF181Gbct2m7iE0z%@I1WAdw;al~H6ly!8>{Bw z2L=Nq)@VAs_QUqgaSS24BHJlzFlxMnL4{`97;47@uYn)*zK_L5%%O(vMzR)!{F6N; zNYj=%mcpxA3o64YoRy+*GbyZ<*y^M3wo*9OP$&$@P~cH0DN5F+quaQ<`2i`yKv6?~ zhe%Kj&tU+OWV;j4#X6PaIhWAL4hV6)ll(zqi?2W%l+YzEp{X4Z>PJG)rW0yXLj8nL z`Cb8mzt-&ThR=a0`P>!Dpydu&J&*B1@}zWD**lnC$n*D`N@-34!2tmppqKrQ&I;V5 zu$urPyz5f1)zEKH@yCF-2Z#D;>(!6w+;C}NZ>hpdX&GLWpBJm+Z_nW=2|jYjB|bLK zwuSAc|A*~T2n~D)z#{XvAhUuHx#i4&0ynDym)|F@gLOs}7+6^?)_<&*ce~oCXMusl zR1Y9g88D43VK_C7{L@8eMmKOk8N$Qz4?7_&uf8`VET4^vE@8QYDi1NWM<*7nBYAH_@$_xns%Eu|?Z|)S=3zzv%Cez3~O(+krl&1;h-P0)- zE9JX8qI|ted4^Da7k@C;@HQYk~%MM0pp7 za#aV>z-Y(iW+GGd(`9+f{+Ni1q8KI1YYEb4U|4VD| zn@iA4U^q79X`I3=UQd|Du3Wm#El$!-g%0C-#cBqFa9sX6!?;vptau$d3h-IzHoT*7 zCd!_8;5LNn;w7u0^Wr-Gt(gJF{BdWQ3?#jk;@uE6r1vmQ26fC$yDsRTw@L%0Yqtc1 zD$V)(3slq7zz_|<&W+{<3$wmzmtuVwb^vgU!PqYYC0h|`4?7R&d|7P=FgbLm>;~TOK;Fe0S}wO}FDRPT zk;9soaHllQK6t2DsY|#o%}k5@!!P0f@McoVh=xoWD%TiT)MvMZ93d54F3YDhnri7f21*Z*Jpb)KGpH=Zv@&kaf1?lkd zflJZls=afh|5v>XsV^!q~T z20$)bBFJylIFBoc+{IwQXmObE%&+O0?u(VWBW5oJX;I(td~uy5Y_%`e zC_P;%$>fVwsHLjKKxpoZZT9I}obemcVi!Vly3_GuqAiAxLFnPs-gy*9NU7t^WvDq$ z_+V~Y_&BJBB|@bhkMPdcc>)s9>h<&a`ES*U7fNP+P2CS*^e{(y&U&2L!`TW=V&KOR zC{ZsgB*_)61)!C-mGfbY@I_=UB$(VZk*}{-kdpM<0?5XamGZ zUZ0uI&f$FOdYXyOmrZs@d|tePd}!R{F6n%JuL3^=C@ATeKzZ!LGNp#kFH_}-O>`EDb3)c}e8D&l_uia_-n+7R;c@3gQh=eI9MwR3Oe587?YEv^YG*F+u z8iQgpcCjOFhBCIF>I1hgRTK%h+14KsWh4*E%;Z0I|LYuaT6EzdVJRg{$}*)lY2@Rz zR9$_UV3p%YYN$wAy7~NkEx{uoYZyR*!7+l5!3)aZY$H~lV2z?!?ij&`@|ukoJ``a1 z#t1%?HHz{-v!(Fpu-l7m%@~2eoLIW$9GpWf5Xi3y?5;;8Vt*r~ z;?*HJ@iDMsQ9}4D4O37B2otP$CshV3o&XoOwOk!S1If@FHdEY8QgYV9{Dwq)n~NM0 zrIZ4b9@uGc#24lm^Jdl^# zGA>-8Y+HlBy`Ci~-#-JGt-B+$(hpA6X{H3oqpaV%)2b?nw6 zd`iczJ#)wI!Rt6kC4g5EZLHki$T>~3wL6k+b(CweQ~UH9BYmkRiFE-StD*Ja#_-Fh zM!h-)JPBb9NDPQ#+xhzi&)F=j3;9XbvH;FH4MbB7PCxR|!$49@mV=${qmUmPUeq!w zfd7f&_c!neMpDaiNPPm#jOCQN8Af; zj*cYmhT}J4M}LTv=p*v^(jtLR#kT(o&O2W-R8IX z;B*K7lbnU}Q$H5DAB)|OC)|%E?#EL1W10K$vis5Ceynmo*fHgQBFRC+>cg#RN?=^w9U;C_p~{5(s{cm*k%_@OklyXX%G96>wd_hh|Q5Z zN$p303)aW|kbq&q3R5}JRYm6Nv$?HhaG%sUaTW$8K_v`bvFywN@r0m<1kyG*W#XF( z2GYPICQ(c&NFeRt5tCmN(S5|k&h|AS0}j3;!T}4|vV+D21MEdzJ1l%g!1HUUTS}_4 zBMAkU=;iDqorD2L9E%62RID1PP_r>lV7Aw0gI$vDjFv`MOMTCH{HT%cI3wWzbEG>B zltgz12%{gy6@@JrS)>86R(HR~jQ+kZmlETBH@qM+x;46dR5*gKCBFwF7eNpmVreS> zmSWB(e=o=MD7U97yJq_v!)JVmnz)t3ozOfM)ctBY`+HH7t5%eAACR==OwLJXy`vU! zXTus7yu(5g)e#YIC;`{x$tf%vi;C%^Sbv%+ia8}rV1T*;-z4KR*RI$cM!U+m3Qr#O zPd4quwof!;8SSZzrWr;Tc7jpAG)BKNjAWZI_KrIT<&)FF(o3N?C=F-V2@@=7Uf zXN0&P;|#xfmTj`7jjkAEs|wW1cAyZ9?GDUIz)XI)W11!gs}Pfn5TiSxiC?4%ahN9r zf@kaowlm2~(s>P6Uf*890_WG9n;Tkn89H4PKZ?PEztAiH?fRtM4t0u>Um)Zwex@F9 z16#V}U%<<+p6m$Mj(RlVX3Q`atxsW8wQY5PtzDnVn zXNU`UA}=C*|8)2ogor=$qDK38x%fynP2`jgg-DHzD40*48X4?{C_Zbv`W?T{-E%&06cq8$+y$tcfQs% zO20Pn*EnWe4;22FybEa7j5%s!W{QojP0_UO{R^d;BQ(p6QxE|%W+g|G8qLfUE?Fdx zNRhDKxVMs6G2O2wcK4For^63c_}c>T>=7nEL`xq~(+Gv1WZ;i=iroYh{+IlngQhOK z55P_PSJy<4Sq_LAV6;-s4M@^V_)+Qb=PLY$Y5tNX2;Vmy{sM(xY~as!B$wVF(LR?+ zS*VyPRrtTP-VXUS=IEiXB8~UZJ5}r3$^PHad;tD7g^wC|*Sze=^S@++g9d>Zk%jiDM>>3i!rv2sXa6|) z3H}5$^M=A-9DwKWB>7}I{GSy5=m0!NFv-ev_`fRrjsbWMa+0Id;gbsg=ZpRN;W#L{ zM>_oX3jdhE=hw*N)tpO52ZY0=WDeRj~7M;y-PVi@b(S zOID>b+DRGZ8Aj)KqF1#XBL{yk=aa83qv(nme(U+Vb~h4JZc37ClIFJZ1yei8<*h7y ziTQ&qO>(_*k)7lUEb@$)Dzy;{ubdjvOnVi@{*swr^Q}0gnLC0?*r7jNm&UUNgoo)c zx#J8eMLJBZ$b(eB19$HoD#OVRWpb%w+m&5_F-0<#&g|!^^aY@U9zozyslm%INE(xl z)km?;55+oYHL&(b$2wO}DjX1sHSAeneJMWcQ^&t`;p2ZV6bX;;7c$!t{m^6w3h@0> z5WOv(sJ*;oVJOzlZvkt3I#!Vu`x1jSHXzCYntiHDn#pj-0WR^y6uPcX+cie|z*bpF zHd{)x8b9d`mgl#CPdCt+??Y0v-`uA(yGOpkU}4jkds9UASGas~PJof!uwNUB^3`8~ zVrMh0Z1#}LIiV=`qAF&18061Z62(! zIbN|oUb!wldTrR7an(Go1vET#YNsnF(+{u_cjhEx;^3vT&G88d)JxW5@1EY*-Xd%> zES|UFbD$%O)`t&*xa_hl`hXBvRE=PPDETpRD1DH2BIFL>3xqaGS^!bGWP{uA?E71z zfgozw@(Uuf)V*)M04K@h{%^fhSn%uE`4oLl#t&@A?uDBPIUg+LxG&2zA|=4hBz83Y z(%Q$~RB-N9j6+u1OX%x0)6|i@w6;Bix~Ynjb|Oh zc?w1ttQxSVihpFrR+O5ls;!9^uW{o`bY`2S7H5NCRs`j#0wN>%ThWO~0!>U>hr@(*~ZOC)3=DSa8Th4jmu7%px6g18m zYYePcBlZE=+LAoizr=6fyx92d-4lr*)w4Xjde*#42t1yQ>e-s)qqVH8`Wj$clD#WZ z57yVF_=MJ=bk8*gq;u;l5SmD6%k_1c*4K?tjIX{5e&_1z!VF4<6m8L!*+I#_TWuuQ z=Y)h&#`-!!XybzM@t((jEFKTFnR=iu{amUZxXPysLlYc&hU$}uRwht=E|luCE?9krN)shSLu*RkkVc7T5bV1I_01hW@pRJL zS^!S>;%%ml5ECanW|O1mGJ0YK-F59Y*ju2?n`3(Af5q!Q8whk4UL5#Hz2=b#eu*}V zMETV>8?C1WdWL=-=9E~|ZS)i%l4t}=FaWyAx52oLBY4WoX#`Vds%^`@dfJsy>1 zjHq1#w^em~9;q|E3%VSqM9%@yFp`T^mt7!vt&-e9Nt#t(xit$#FW#D>-=!p%j>8b) z_tw0!?jUs8W7sO4E>*(gK$wrqs@KMqYWIrB)`+`7spf#HM>D4g)?sJhKbpG$xm)WC zIkSu}Jao?gq3&zotem#Er%Vh@O_&H_T!Se^=u(M0C_)j6P(F(g!VIC9Y39&44Z|(+ zacO*pu0jaK^q~nM_jc*t8@J2g95a}E4F+A_|9|bZpR=FmJm<`r^!|SD>*sfRX0Nr^ zUTf{O*IxS@d}DObl3cJOrc#>@tf}-IFipH9t zs8Gu}9OaOAsGhFr!+r2>lX-o?)7TKu+w6K6qUHScOvtlYI-jHz?gRx-=WtVtz%krZ zNPDTCK^Sq{Vca!ZOmDZCXc;HbH@7YqD#;JWq-xis-cCN(DbeX5>Zv1I##t{`(q^^7 zR;76WXvTT9V1V%EDqx3c#+W}iV{ygl%RqFO2ppZAqG9 z2y16Cvs7s(xy4}964bxB9oIZ1`SU0=nb)))wL>Ibw#CyOi`}+2EOz*dM$GmG2yba& zx1%s$XJ$&;%+4&PR0n`+Xp9IksA&edd#`XR2v;*>HMnvx`i0t<#+E(bKvPeiIA~n% z&&TP553~Zk*fQ~WOwtoVg|Di{q<0%90cB>RhYL>Al8d$b>PMq74}WtLW&!_9IX)R>IK6+Lipr7+)Ns6QZZdc; z6K~%Ha}HZV&%SYVC-AV{1cN--Y?0u5k->P#h#p?>d+%)Mo=>_sE6E(R#xz;FC@Tjr z3(iWKEFDV?SD~e>9AZlO`4r^}S9I&tK>>zLp?2Ze(_ib5%{NoPXSusCS}f1NZs1yGN!rd3Apo7&Sp#ybE2Bq^YGO?}NWEgyb z&{>j#4pz5?4(U1kJgszWGU%*dM}F#3&_Q;g!|=!2dm;?da6)5j-D0@oqj3kq|nphO2^UDM9?vh zPgFGZ=fK&_+l3CCaS{E-=+NW`{kS)kCD!(XQ-i#@i^82-*ViCBo2!ghcz0rJ{1x!R zG=1l)H9Dq{f2Q|Y3x73-*`GPd5Da?8mguhA46Vzb}YFTzgy*1a(Ebj6FYDgmJJj|3 z2?p7FUk_{DsS2wJDeUKGH9z@Bo!c(*>|x4;q|=Vsor6`mtn~!IH8hD2;J2O zotl77BXrZTj>w%jbX3ZB68fhv4acFart& z|C8VgePF(c)6jShR(TYsnK*wCoQ8_J0!_^-LuxOR%Atv|n;n?CqfIT=)P0!xzo8Vr zA<74I*z0GNKH!<2T=pD`{|Ai8x>mMkJd_z%O2!zX1yjaxOkALe#n$dmW9q#oHDU4N zm|9^|hbe{0OugKuPSn&}nROO0%lmz|@aSYDJw@?-{Kqm`Wp8%XjKvS`*WJ3Zlo`Anvz{UjNdIDat zfQAI%HUerbAeI0;NWcsWXi5N{BH&63Xifm?2sqsWS`vW25paYBv?c&w5>RLXPG`A^ zfX)`cZK_)5d6fYC_YW#L<17X2LBQWFfU_$KIFNuk3*Zh@1r!tTgavRbsRBk4aJvO? z&!_^Ap;T!=_pvdK6O^*wm3q_Y|hyYg0#Q>c6P93Y&^+ICNg{bboh?qmI&^ zhqlDoT}Sx>s%2s#2^R|q8Ofj;uV+$UlN69_XPfGitb<9dsIy(_outq>m|DPz;u(or z5{Ca`0W%4(Z;M}Kc;<-bfDgR4k9+7V?Q&%THoZ>_AA&R-gaU66y09)ocN4EC+@zX% zV|O5&DF~Y?JhQrtsmGYqXqmL*p_?kEZOSTrLuR&4KdqvvpmzRBGdER-e?d;h^=J{$ zqm0k4e%ctd?uN-JU)C>MfbCfm9dwA99P%^dk z>EXUc)uW9W=#@GHHXqq^GCXwJd7a`_0xwhr(12CJl}}*<^~!>?&l$I3bk%22T7GTo zDxJI5J^lq0>ymvP`86Lxyw?H4Ap_4oGfVmz zv_~{YC+0}AW_8BZYX666-Av4omHEh^tW3;|l^d8N16EG8tW3&~mAw+IOv;RvZw}3j zm3rWbwkK!E%H1SvDrjcREbv4tQ!-?wjD(F= zrewy-Ng1-TuVrOwhOB(o-(zKJW~{7WjttE9e&A6nWo2;q8FF(mY2!{G&6OEL2WQC8 zc9x+^A48$NwRJEb9O5y=TpmNAnXHegWu`PM(ALLX4?K}oB04)DsKiU7XZg~O+yiN|k><>Gd%dajckSv%?Ur2se7MtZ${OMy5XXr`9Gt zamZ#?#c9Wy4s(7#$^pW|SQ4(x3)BkkXyAgntrfnr9h--vjv>z!2;ONQ z;;SPh6eA%o($}k_y?3pHB@8tuGX4|Zj zmSA(*hLl0J{mp48%1l=$`}84YjFNqW;Xkoj5^H|&gQK{^V!fW_32|zn&Jl;`)&!5~ z3|%854X7wpmbJJl*%_Ab&$OF6P|7;of9z!8pO~a}%tyTKP%#I%j`D-G+a$T>ZnukS8nf76DQOccPlvcs3G;m`NxkwtpMjM&o3>Rh|Az6 zTv2if?svQJeEw5-vli|UI96c}T- zt#vec500jA#wdlm{o;?T#ReMRh#2Mwyc2Pk9|v!fTNpd3H_Tu#JC{;)F77eHYlwkk zgnfvys~>i&!ny&L>~o(Dv|Y}`{mZ&+vr$GpD4EbKsq?F|@LkmTV~ndum&kZlFx_|%hA)KZd9J?^eH z>gSoFw(4glF;djeWWYq`gkya=P&o<5%4JojWjK>_M!l&WYZC(!i96h{UqhHcM;hH{l6LtB-1UrOye_V~V9bv&EO z@CA43ZDRHEPCc&h7}~QGnq2{?lr|?R<$xk)LulxYc$HRun-jNg;FZNVI7pF7@! z%gC*O5Fb@fdD^y{JWDH9$xRV%vu`?18$u_zRr!UGqE1M%Q}Fea4@$O@I=U zUVYr#)E(XdEJk6`F7s13qd*7H_X%Z@xl9MJ5;6=*#|pIStZV*%sRPIXb7{Qp@c_5WzbxL< zY1HlO0H!f(>JH#FfZN4NUzZg+5q7@Gt}d(t`0pNRSvjP=tUOG5L06Z|O2ElT2XJwE zR^|cRF0JhBveLc|V8iZdwX%DAS(!Q#==!gm8ZUTjX?s{1c%}hlP#1VrXU7i<0JcTYF0wr_v ziB_tcR}2e`rO11sGUn7n&4WJGO>`JhmF1?WhnR ze^5?+*#P&C!TJX^`@j-jhcB_tu!vE%lk{x4Po~Lf*wCWv`1xqCLHdq4T=^$8hqkZv z@@59T$-!PLtA`X8gxsStZN1*qm55>Hp;n?@#LU_rl-~=k#D16yor{@=mK5{wVRKyG z@Z+<#v8wt_Rqu1>W!AS($;6E;;CBb4KI`I1S6+Z=tnBkAtt#F+i$1Hl(+ujLkCjXe zOm;MLY8k`RD|TY(xY{WOOiXrFv#_RH#9GY!6cNt21LvKVqoLH!06FlIyT;fDzuhT|8Mmm4twPU5CcI7@s!+7& zW676pGifegAxfm{m31hi&C(dI%E-r68Qq`{Z`O1h>Y_hfVt2IczNF&qhccNl$*MQ2 zk;NT|j!KB<2P)wYiApH)D#4rCF_qvd{jJInrN8P^`i10XF&D&Y$52arf7oG9rIn+Q z3+denHB%K+3w!c9x~aG&gw|}A-%8AGu60^l-K`<{YU>`@N^QjcWo43&eM46P z%NCk8QF>Uk`*>5w-uxLL>;_Uf$fGfq!bZBJY;E|}&N>7mb*O-5Hh|1@r#nS)Uhx!w z#iwwoeEgSH?6}nCIckNb(=9Q!8rp+frv(D+bgxxnj$`aumgFlVQ+@R7(sZ3qO``bJrLaeG6?f7KBxC0bKwY|h!+;P+o8$yXco zSG}K?n(E5-Q$1FxZl_ceD^{yPj6L6G?G!yv$v)o=9<7*F+TNX_l}h0%PzY@xV9$EH zu{ZloF|ql9gWuXA+PpTt1ye!q&(=+s3bts-dxYlZl^%U)k!)e(^`nfn1Z$CY^kEk* zwHS%i)R}_InKXW+x&C9H>(suab2cV#r`Wxa!rs9-IgiL#;~Qn}?C2nOc67|-&W=+? zn6}XuB+}j4alGPnB3_!^TO$`F^` zIQ5x^u-$@nS{sDzuB-hm;gJc#;%|Z+Tf#q~a?@?ovV{L4Mu6H$tVX_t`wl~G&av31 zY`^C%9j^tHOUHwtzS=Qwnhv4h?NE!I6q*~`nd9#=NTkIkTVdE*=D|20yKJ=cIsEv9W0``;+`zp;%wYdrf0 zm5l74c$wILXCr*LmM2Pg0zZSWGrOv1VeHUr6y53JY%@ucxLjxl*J6tplZIJ^V^gQI zBc0GtJ)u?42JlW5+IPUld_(`9X(BG`BQ@fB6hjx^(BIA5#+<}NtBVuWdLue(Sc@y|IXzljk&tqj8!lXgXC?e zQ_w4HC%q=6cXlYf>S5Alv?F@Vzt!}Rok6cQOs7u!`u+Ik0XY~wNmqlV?;s6z)v zfo3#rW>QnQEvlwxh{ZyPrDzY`l$g^Vj_?y}3L%!FQLI4DK%;2B&Bs}52r+61xqN#F zIQ~;&jtM^kV)hcFA+z;{U z?Cq+SFZ-!e)#_!fdsh9m*NUof+$2|>A0e+*YjFUm*V?MLdM&RSy{=-~x~$TRX@%*@ z^ja>yLHj9*|4!OXbt8#ri_`)~lhh$A9dqovpMg2{2RmWTrvV9@Rm>N=h7{AqU(CKN z<}eh~b_qrw9F~UZ1L+#V@c{sRw0A-n2LVC*lYYAJT$26e}VBbkNGH>o3$bmv0{N-g=xV>-J_?Mu7&yFQi@r%o@p1|L6^K`E}YnBZ) zc-1ViiXL(tssjJg5%&5g6*B`xou~O$Az$M}lFlI04VvjrW^!*wLQ71^;a!?(EHY6M zHB_1_i&Vx7G6@SV(pE+frBNn_>FoiFs~Bj7SsV%yTScVs)nw?Wx7DIpMFwVfZGunr z6@?(__=<%PE_QW?wvFv?GHq#xT1rfPx^+CaTnJ+O_=p*M8`lnd+b3afCi2GRY8%Dg z5P9z!e;xcIp<~Ge{KDRD!QYA7u3fKK1l?Pc}!p7yToAm`7%4>cUiFa(^J0s_kR)y@G=nW+S6f0+ z`V#D^@h^XZ3~8oD>?!o+z=LjZZDb!@8(HKCZTqXheZF^+@L0hM%vrJ0DpvFf)?4g+ zQ*TC>Db{1{Mv9K-%Zrm6-^`s5tj|Sb<=vbkxCHO5 zF~8gaO&AgWqVFkxGg^GAiHkdxu-Bqe2ZLqk#Mzmi+^WsdIRYQ5RBNMqAVa#jU2F5- z|3JcCt4$Y}&Qo4iNEXcA)j(NoOf_3}?m(VQ*ts}!cGfC8{VhAQGG`|%Lw43nU1p@6 zoGKmvNET>kPUh@fg*=&P=lIOo>96eUWY~ePN;rp5!|6K6@c-F&rZqwW-rtmA{VrfG z<2pmBTXVY=co~}8xhlaZ$pUsB$XuZX8M4#bk}*3|m7O;v3)q>PIXibEPbS*ABy)D= zDLaQ+b{@@~osJo@^N(*c*3MdG=LyLI?aa%ZookRM6YZRsIXhXm8Ds8Y*_od?I}QKM zjGZOG%g~hjC_7b>1=`_WoD5sm=nUEEn>jmUm7SmdLkYkRr+YGFXBF~fQdtjL+KWIt zQg@R%S!sMjOLTKy`6*MbhmeC}YQDV_|MQhXN8v3auf9gJyw|L%;vT;YRdqk|WTL8T zgmy;kv?@ErmYpS;vy+=4I}P7tY}W-*)6AZgEHI?H%-NZSJeg=`bmr^~S9X49*;$!6 zJ70gD89S?hmtm`)s_gtxvOqh$j4?yoIX6Rg4$GXKdCE?bs0`WJC3AMRnrTe=^CoTR>%b0%jdG7i_#~^1X`V-x_*|fiFJ-GeFtNx9spVa)#_|jAzEqV&G-i-p43A5y=AWaQZSsc23EVonD!< zbFH%TeN1hSmvv^y&T{0*q_XZ4+8K51cPcvkZRYGu%#fYp%-NZ&>~yj0tk0aC zzc*y2oo9iUp?2mdJ2y!dXlFy_?3|DxJHN}Eoz=?DH=k-lZ^)dTSCJ+a0DU6lBO+>n9mkT!E5)L$aXacAu`J;56iZ}q3i zQ>@qc)4nC%x&E}y2Oy2FJ8%t6=`Gj~X@~jK$MCmHF@8~A;Y;Ut=D!8HIjpBH9QWXI8q)K5?+K>iySYnD z#8HLCaNMwQf>#b~X^gL!AzP-Ha(gV(Uf^(6ZJh|SM1*-%OIdvJZxUv=gfJ{egmH_R zw`Gc1WKTZordn>1Y4-R*=}w|sFO|+7cYBPf9fDn?(e8u!+ohY?xLSDF&A&d!mwNr5>EZThvf4dAb2hIw=yW%$$ zaxw~OoUB&b{Jxer&sJ-tlvw5~G5f0DRN_atS3FT!$-8-id$Df9@m2U(Zd9ut$xDl> zYGm&s6HR^N62481$Kz7`40d*lG^I-5)Fc(eC~D+a=$u`WLRP z_)U8F+kHMgaBv8R1e0AYWv!I57HV0q4){%FUE-D{4|Bn1d9Tg)`lyw!&5x-afIX+t z?)~}Or2xM`D*SZdZz}m4oE=Qmwz*;b5+|W2`>rvySu0rbCMkKNmON|vZz{PICD+a~ zZyXeUHp0+?lIgB{>c2ho-+cYIoBo^2f9*yH9^s_fq2Jq!G+R~~&Fpsa7NPkL4nfv# zR6f`4zeQ+X&*Pa+1A!|XRomwc!*}Pyw@4Y?{bk^4T$Itj-jp%x+AUJXv-kMqD4?;7 zs_pl-DWpsJ7Aa)7zmOaeWcY`sjGaerkuqX;`vmDGWfYoSH-%HHw@4Y4whYr>pf>8v zaooazTc$SlwgrgWEgNnECRE6IpBZJ{S+qq2d3Cm{tg>NVIb*e)zWZ#Ea!xbluwg#~ z8_=sjaE}&e%&^U!@jd=&Hve#97=O`Etz z9S#{vO;tx{yZJzAv5yisn?YG|ax=lD`0E9JO3hVA=eQ_Il)Bjw%_aw}8>O4zr?jc+ z=x#0wDS3Yr|M$Q*2QbQ;Miqg%ja8AAA7XqobR$@W0da(je^Q%TbSSJRbn{=gsz@D3 zMdjDKfy7Oe>l={WHk}>88@e-Ixi|s?$k=}1u6p)r5-|W?Bd{3b^@^tK>gx54zbbTb zHhM<(gBaGxxq;jNii{B=bgG20qbrrJ694Ax)US(_0luk#bxVHy6|Z9}GPjunDfrq7;=E`4dor{F0?HzjTFB2+sw=GdIwB7oJp1Ys$*2JRf-*(KHkHmU!Rr zGdR<(RFOSFLx z3d^E~2foi5Xo|w(V^#QRijG8sj8*X$-_Rbu@r&<5`NnS(Uh~A&Bo)hxY&|_SM>bR;(G;~T%&B@2F9 zDyFsIMTcHE_Q)D3md(1JkO({yLM{V26%w@yA%Sa!l+ScRR%+%9h5YW_ppbtwVkZfC zqpG7lLgMjTrzZ1VAvb`W3W@#*LIT$cDWBzG+gDgnU*pGZpeNc98Z)>oY2v3cc9N z1YK~}%e!HmXq@#UpbqD|Gktgoe7z=*g)~r2pXg9ty(F8%-xCin0YUaF?3LJN>x)O_ zp)tlgi(ANjna70T1s5YNYg2Su?7z=ct^Q$cMXUqfA!88-B3+Ak^KEF`G_;bf(e73e zBBc=lxa?HX1>Ezp6ebO_@?Oc07YaLQQ4O}J2Ct}!){fWx4g`V3{Lij|rg@)~=Kx-R z7PB=42E#zWS`Ou~E@A|DgLJ41GJVrFW+M7H(N!s28Rh1Hwh+(;+Jk z??*$2?ED3VhlUJ^4*3YB)nq$lAAX7sdET3>_?RNxrX>5X^4Y}G#2nr z;&&P1+(r_{OZGe08n!zb%KN6EOi~?DD>RFys&0ZM7JN7kXxtIU3AOOSK*$giKIAvV z{jgYM4{4H5K}E3xSBEsoy7g^0$-C=Yx$Kgz#eBMuEv5J^=w#R|f#pT&VR)L&4l+9JWa{h`NDDhZo+{BnM$DGL zDBT%k9Ew2#TQ0qA5d_V-SvN?g|96$BcLx&m{7?KaEkaU+uYDX6T1u;yvOq}WMLH%> zEFj8pI3!{NFRSt9fD){N2l`N{;Koq_RIA;tK2!?a*eif)Rr~33F$u(8 zR;^Kg0Bk0Xyck&KA5(evepWfA5d~2S|m8@#5^XtjjUri)as__ zQhs|e?!e_&zvjzb+8KYYGPF?p9v5te3&0q=)ZD6?b)YRJCl$5UDT?1tQF#?~xS)@= zoFU_D9BTY_sAbAH7;dS~?nnW?hQ?HY^(h75Je<`PznvmCLjVqR)HXwaz6k*~ zq!fU&k+w*FJ4IfzuUn$J5L&Mb0EM{~057 zG4qzxX8!(bG;<<|nM=Jy%UV%7I}$N;J*mA7Ff(B1IUf#2 zkE7D1K8|dGGTda0@-v3LZORWCMt(%)?42rf*i;0KqIW7$iUzabCa|%FsO~PmrMpl;jix4l;Dt zSi{hn=@}Xn%1{}u5{y47ofa)5prNh98JgYIl=uZS3l#(zvKm@#z^OF!qyYysbQ2lk z;Rv6G&enjE_Q06qW7L&ZyjI&>)zYbovMzzb2~$>`orXU!wB!!WDEYzUT-kX>+8>vQ zw3tqFC;WHE^DT{+DKEC5FSJTlNtTj51KJx@yUq8jyJ_kj-lA06s)*8`Qi1{3f z3}!@C(UgyQ*GWCl68AzPrGt>%e^$k`BVILWNMhPUOzWj-?8%Y#64SaPt#(ZJDHo(s_wyJMbeU5Jt+ahp*q2A@+AVX*20K2RD)O4!)tltH zdPFs>B@7l>VVrj%*K;8Nnh~sIB4*?2vqoQWJ|4KtzUGpPufWaqITOaOD&8)uu{&~6 zY=gyo!(Nv85If9_HI9}^P`Rc4NP~@OQBJSJW@Gq=?lpG@=nVhn^u)hP3shB8w{(O8 zCD6fijv24UDyGGFpS+I=AuL-}Tmhs4lOu18BIAA5s3&*SG?9=V*1 zak4BdMV#yE=k>!?M^9K~S@qpM8!5F*mI(&NPV;b}Muf!@ zsM0(|?UD01eLJeKCmK`_+`gS(RZ`f^tB73OPA@v+ZS+xt3$rP=GWn`xC9kClQ#k64 zMbqF;-`DIyb?V@t!;Rr5E@U(9=7B)F;h2C{2RVcqOpfO99I~@1*kly)uR-Ay=LRTp zG)ao2O#YPOc}meHgJN|GijM{;f{;*zgK{Z$Rf{6yohJw$b;FdJtC)kSwHo<2}|-D zP{{4;gAPGs0}p4tAim!rMsH8@?I2c6HvnQ?e8i|G#-G*0(0JNK?*gT_bdk%PrB}7A zo#bv%a#w&{ZJ2Ut5}-*D&fMF7IcE{eD)Tl}&or3E8NtOjR8UCvT7*!g*hE-RRClY1v!nB3jKE}e#P$@ZC(sn&H zO}D|6-OXkr%yrbw?A2h6At!w*Mp?5lAK@sK(4@(f%cMlfqO~~MTu>J+BM+>-89+hH z*eg``_oHA&_C;tdykOe6JuHXjW0i$sdDpq-M$5Qe1C;t89)%HP#l8k*oo^sW#?i8+ z1CvZcTal90h}*+8BPT_$FpPZz131?yA83i3k&0#=KD1lur}nF)&=ydw1+-L+9N=YD z(iPLpP4X>xhUgV?x>&~4%c|CX`!p{q!WwBu`I&3mr|Ub6CWJXd{?BupEz>!V>rz)gMT9DyK1xZmC$#XQ<4ii8j~b z`LKz{VD-N8muUGHq%41-Q$D{lEWapNe%;e3pErB@%74Sk5AGoU0gn8%g!dJ^!hp?m zwv1`x|A3^Sr0xkPwO&b0@sXlp<97r}ZB*Rh2KPLNE3K9Jj#l`cp;p+B`)cK>r!b3* zRU>I)YQzWsD1J8KA}2s~#znH3sO8x1X`TS{B3)qm>N8eJ$8PT-oo z*hXC6Suw3St8^#Y_OH-{*7!@fQXFf*US?^=>}R7GMWT@c(P% zGCq$w6YsCBtK^!5&*OKXb&WSZPc^MR58Eq?*}B~Au*08#xm<|jh`#cz&$~j(4=}fj zGIvT!<|aGL@jEl-zAOti{RNMMxmCC<*T>wxTK@ZB9m+Y#0KKlUpMsw=V0exgUXO%V z#s69HDM4z36}=*y+OY~A?^5F-TK*UB9i(=OqW@md^CAm?qHpa!F;HU5goR~_Cb;b(c<_5IZ*~8i-rg{C9wMeJAPJK)I z#RBk%|FK{V75HpovQk?r=y?&|0UqG>T1C0fP%H$K(V9(+0FN%BI*!J`6qZs0`m*4D zl2?XjTGN!o8ObCHg#?Hy3D!}(b25qBl|+6ri2@-};E{mFvf``3OF)phO5*)TMK!J< zxk7?dYDN%7&hbbxiFr!m_GA)0g#`AfD+y4@iXWX!;yER8Vls(tLIP71N`kjt$A87% zo`4`rltfN4iF_f!=~p8N&r8RbB$IeoNxbn$k}i4(3GQz-B+xNr#jlqgMw&8#DHnT0 z)#U%BB(D~dd6B;)n^Lo)oUAAdfD)gGpVU21;lt^Bo?eKfs%Ou+-`DeuMn~-QJcK6o zJo_u*ls(U-K)_&vJEb_7Sbzo;sE7ZmIAy?OCp^+SPY@T6g z9$Kr9oQL0Sq3!y}SbWjtY>K`>P;@Cl(P}1t`*_|x%k%E4t9rj^S=H*i*XmFweVj5J z)qYnIP;GpLYmnr|GW_mC#$szc1kYDnhM!iH%YhQ_mDYO89!zh&5yo({r%)y{8ew$! z>;j+l5}IVaw<_V3*1HM_K6|j%`xOAt)CG>F)OyFTAn2NdUVgXBdhePZP;t;|--oyG zS#7pqB;0C`6JTDXHnr831qnX?r!>vrdjaM}4sIbEF?(tA1mnIC@<)q{oy4c12A(-I z$ug70IjSZ%g^l*T2Ux+)(UHYmf|@RfP9`Y&)dU$i@Kiij8o41X>v|wF!y(g9HC+&u z48KXnl*}^EHpunG#jLFOH~3MYcLHlLGTF`J{PrX(-PnlrNQiGzUBP^bEa%(%DO)UB zBe)6ie28Fefsdpsq=#wcoa-m)iRwcnNsmV|a;eExFHBQrT{BMM&Mw9+Fg{DW5BWhf z+|oW0U|wX;|Hy2oF7lj#mk=qc%V?z&funeU!?bG|qN(~4~Dp`*oo zKVV*I6aWbHYVGs>GPr_iiqdRuHKWEQ0>dZgGD z&{5L#@UIwgOT3Y0diZZBFrJO57n(^iMS3bwSa_=G;WH31*%bkA7Nx>pcIfo*nMydU zw-Bl30HIpug9H8d9T1lR+(3zGLnn+U8I;PMJQUDyCR1dN_({Aoz+mrbG?>&1IOU%7 z3OJo1S#XYcI{HvY`Jr>fW0Y`81>6G!p8|Souy;E&1FJvN0NweLS&S;#G|*l0JJ4N* z%n{R z6vc^e6C`!Kay4CW^CIgc+6y&?a}7%6vp|Voj-S+(J$`oj%Dx0)7G}=;~q+Lp8|rfvTg8Jd$+OnhoMrZ!dWvm_`69_ZU##HaQvheuwqtv0cS8o zn?1)rbXkN^ydxl?Ndn%cgu?`!N&(*lf=@sj{MA8n7*0t*I6LW5E8vpR4p?Ku8pqiA zoq@4KX*6@#{Bu8I**!4dzWm>TPWrn)3Tx=3L+0Cagt5HH9TE<56)R~Fb5)Swqv;5~ z1P#%zjgvu4D8Ygt!PC+ayhsV|`Ey$<0;@L$B>(xYG?I5!x~rf=Z$+TIspOIl=0=CR zf58F-SEbQ=HJg7Dofz*msERBBPE>wzRfBh1L$8(9ye%$LCs6)+AWdA##HwkrRQ=&S zG_`ZUJeC9PiL1mJ#m@ksqw8ib4Nx3Cqv-sF$)zT{#SHr#XiDa1BC+zPqOLF?#|fUC2;~pebqLWu(9C(1n+Mm2jAkk&2%H1aq)N zLxv}`mzW6vo7VHvOPJ$y&;XsN^)r_kl*$_R633_QC62r!y@1C^JQi4Axe`+fj&eiS zSB5I#Faa0PvMYh$6VUb&PXj;!Z$jP12jM4m7f^P4dhR2PyMl9c&!XdVxDTD9yHyFN zf5cy0eqrYXw+(x}F%S)OuT`Rr{;~v%%^K!A8vA`>OaoMZLwK zV*Z|}Yy!a^pzfamKlp96^@9#)b{gwYp_dn_kscrx)&pD_B=~STf}aU6FH$Z&fDnu? z!>d+4rG22%ELP+jP}>24?ab|LMLC03(Jif2TskwoRa}V}BWX_aeoSCERuMXu#_ z)b%!|JoNSN>t}cdL0d*^aZ!Z0zoe%uw86&viFHfg?27%GrJt4Q&>q zm$Pv^zXPGoM6P>k_ldh0mPbd#Jf_Vk$2rA28SNQU7f^*f5DhDUb7(R%k#dXE6;rvj zPCFoi<0G)W%p*vy^Hi`QhU>_5Ki95cdkIPjHn4bYP=#9L2*vMEp++}VEHCoP7GXf$ zoIKWPh=&l*$Di6Uz~U~-V(o2WH5glX<&!--wwP|f7^c`>IDT#_Qm2QLvWs?y`A9({ zS@HZJslAn}&Vrj4*-OSTKF+K?$Eu7){K5|CrL-N;(i!O+>vF^g2 zN+lfDSbIa1*j8ZDs~zgqc0j#_d+yuu33r3uwb9vtjoQuVa2-r7l+?e#1pBgD4@9|OV%I@nB} zdOy%iKB`D#)dj+>UEBE#Mu$qptrk4W2$GtV>1^`ggX_^TP*sZ(cuME^( z>Si)SXs2x^6BH$bW-_Qez4HEmFsOQVQJznEm!V&Flt*Zi@{Ur%Vak(cQU(N{@@zAC z0)X&lGT&(?{LZYI1XTU;wjf$K>GZ}ev`kEfikZ5*~pE0482q4Nao8Z(mp-DA;h7wL$({}^GSJSqc zECnEaGr^LE+f05pDNuK*o5}e?J8d&LQc*H!COh7gUU@wb$W_nI`NF5XA?TkS=^jVmoaB7;+q?+!h zgj3e^l|b;-v~4DL1CYL%V0qAOCO=OM)LrUkGDv8rZ6-S_N(RlO>4x;m`wv5-*|FDr z%Hu49qdY>Bl=rO?PN}?uZwx5UHj^^}2yZ5jI?aUNnKhGus%!AhdfK4t_p1ZVWFkZX zL*YY-rv;d{nKaY~2=1JY;8{x0Z6=3$gLmys7HKo-tH@imJvQlhefpZ-2Jsu#@}Kh6 z^dXo%aB7;+q?+DV35V76YYe)E0U@-RTnRw>W&*L?X0mQVpzcyPlO2V2+Gf%`g~jJZ zGH51mT$f&XZ!t8Qy&5*@bj9DJi*b}kXp-{QDB&>WNzm09O!|~(o5{h#ec0G!uG38T zomn#psQQxe0aXWkldf+BtokU3lCqgp3NURmS-LVnu=(0F1P@VyPBRH|I4MZ*p>za4 z5g;xm|BP&4-Hoeaa%Dz2;!$r^@9?2brPw#!6xAEMbw#i7Tn_{Lm{MG<$h@CBd7I5G zqm6qrtvJ`dOCWb)VGD9p?;LaysF)WuTl5|ddJj$ud|Q%W2AjS?g;yS1^qvlSPol4M(B(q*;+_tA zfrDN^^w|!2fl$ZJsM5dUi_q%`eQYILm)=W-JxZf+!d9;F$4Mz&?Ul7zF7qZW?dDE)$nBv1(dV8#|sppf8&WR+4r+b-^TuG<1%+4K%5te|in(jz^@OJvt94 z>6R}iASO!M@pLCTXs7JZ9Zwf4;V>s7JDwf~LUn}PYyV=M%sT+kMNUT(FbM9ZpC!Y+GUDf-N<=dwcwS|?0WnS?zSpu`i)gj)j=+;*o&6Jr# z{&K*Y3;VHZ@W*v^+(<`|kmQH6+i;qjs11{Q19ZD#8Nbagye8b6$JrU~{#%Cp*;*57QcDXSN=*!h7_>=?jldhsR^?<*uLk{qaIK`<+yJWbPu$~v0hPfQ_`52G+JI!grhT^F)n6`RlYWNnFZbY@W~-mc0It?$hlld4XN<;N`=U zZAa*u;0zG9CdluA3Cenv*L~XANlanM5`6HHj0I=1&x6B-_m2SumS6c6Mp<40>NP$Y z{w4Jq_XAg^Z^N~Wg@R{4-@%-KBYx->gh!NcSQ~DpXZi#Po}`?Z+iJF16Z|_A$2R;J zoR2}UdhoU&yl7A=rvoLvds-*;>J{k)tYf?qJmT4eal0d6=oWsHdujCOZ*d$1NEbJT{Z&Y$f7x~=uIZGn(Qjv z1qP*ZrbolI^D>7`euuJYT4tN;vgJIGqzO z7pJqI&-AR*xm|!I+wsV8UgU|yG%_#YFYPM+Qg*{5WZF%gL(t7V{z{<4zfVe2VozU* zqp;C-m3YIf_+b*orP^)Wa9Mh@jw4!1+MCiH9kOHAp?gyrm2gV4?hSE#%CqfuFQeH( zDNMSfk#slK8M+Skfv_feCe&cV`s7W9*dIVMDR^3oh9gQ$6FfbBDH_+mF{PT?@$L;2N|$Q8 zc##Bd43C@<+9-e7p}|vcB^*|PBGn~8@O8O%7N`aQHu{~wIPaG;hwgWSCRkahrK5*S zf8%AA(8tuGw8One5Z;VtVvbmHh$b?cW3_U2@aXLL;W!4HS~1&Ql3p=+jQxV!$Pb5$ za4IEq8~OH1I7~5e8^K5*c(T#e6={!j9RM)A8x1h2HyR`0lCch0SKS_Uydb|FFW3<` zkx0Plm1wjHHMdSQK_a3wZf=ZsmPtn^Mmkve`WFxr9SISVcv~VU>_|MY@;2Aujo%J$ zyd}j1!}5HHpF=P1(@iFW;A!F$5yN_DRGrp`WBPn7@zT?pW;h$ z-YM}MIZ%wYq1H~Ko(%ZTil3TX!f<7&Fvt?>I4izaa)!~G;oFM>Ld%KrW;C&Y&}VCg z<-rVGIFG-coZ$k^aAzXFc}#70hEPcQ}_0aie48J`q5#^WsOJ2YnJvP!ajyeb8MFVaJ>v<%&}PxK4?rhHcJo=sPMO%$tjM_ zddOX9cC0BNvFRP6`y@vK*hmW z@VR-Lzs6i5Jtj>yxoLLdu*0B*(Z&mj}H=@nvUS>0>r@!xyA@%eOhEiD~`?X zEy1Pd%Ch-T6`dQV$r1-?OULu{t4U(i8|CR&Y_v(FFetd~d{#Fe?S$a20rk4!b&)2|+1K18sF zqpF(3T(6s4?om}vlVq)uX9bcfW63jt+WiLkK{UK}J8EUbzjKeOnhWb~km()fybMz# z(j0iWCB+QgQ7Eli?yXX5pRR6p4wP&*i8HqXZ&Ton0!&=D4)NH|t@|8n@&+ywKjZ~m z+42EUedXP+B#XkzvnxKGO?iiyoSq}JvZ{!QY|AwN~LA;;Rz7hqoG7mhgHT(PmD z%*x#W5Yyr%aJ*$zjVsA)rlCi41P*;<x9F)3=}Ytd9mA?=B`MTOMKTUgzWzbCH8se?6Yw|^D_ z^kxJm+3f9xe!!be!ovXQ$Qq~mSYEFr&oU&>bx7jvWsJk?WijScpw&mXdY~bi%uCCX zOthNGVIf*zQfiRgap2h5i)R^&DS*Y`(pJ630Jj(<-mo-oN#76G7YnXLz0fnkD!dm9 zq9DaIBzZ3uT&HOqC!xyZ#exfwmgdERAppaulU^+7qv_6z1ud6iswCf}Z_bMaF=#Zl z?o4C5-t7x5jitsOp?#tAOO~that&LdFYgOnV zLN69*t6W0Rifd=HNH3buE$ezY2|~J|4e<^#n}a8> zO_;V_UgT4APeQaT9|p(EEDNG|5_@z`^e(wgb4#(QzC2WCHS-_r7};#;$ptxa2z3?e6PWg;U!Q z9oG<~wvSNrZi3&y!rO6e`{}SY#tWyPp+(BO1S1+MmKC>?(ltscS13W-Jn2f^9!)|s zgs#h5jsJf7;W#WjHlf&Cl-g@hY@@K!UJ7%R!ceD7vzJo^sCh=(>iP33pJmO@Nn7)KpAxR> zu$sT}72*mT^FcJE=GQGl&FA@R9*?AEUh|cwhO>j3Z?0I89jy6}UN-1nJ1K|`-H_BJ zEaF2x=o0o*;$j=o(d-jslSAIf0F}&I+iI&ic0Uxcj8*^^<*uezP9{-Y=!D4)>4@_p z*hU?uKc^aJ)iD#Q(acsfR7`8Yg5h_ZXPL0JdP0kRZp7DW@Ra@QrD+ zgm&Q#fiC<;T$ioe2H1ti;_t`|Y|M7yow4pKDbSSDh2weK6kYgrsF&J0G2a+^WmH#E z7e4+ZQ*||gF1#T+Ze!3`7QQ6PP1A*Ux7~7p8X7|^NbLfl=5^tszjk!tx%ZeZ{EuQL z9+}wYcj3niC02?rLUF9?(ASKzJnd&@=Nm=Gs7BMP7-O!KUS(z4%BdfodFAZ*qE|Vt zi-Rj+(_)`EWodG+(k|apl)_d}yYMYZy-N8D%Dw4TOaqZfGo)8pGlIxy?Z3TODF-QE zuhQ)ARhl=eSJ~e(h+akAk?B>$U|f|u2GdEpdeppeNAlEIUZfXx6a0VRj+*)g+|eK` z0!0(IJmU3aKHMXIFC%vpJCQ@%v=;xj<1@GTy`J|hz7Fq3h4iNOxxJus3v)+*eNIa@ zk%(ApJKRw}bw}Bdks8q_s(ynzdgTOCg6(XP5yd1>`)wnN-oj5pvfnhK_(vgeSgC+t;J;Dzcy`4c>7p2q(E01)-mtAkhn>X$npJC z(b)z^6z%f;eMAn_et?}6zCW@+xzEJ+uRV^)Tg3NAKx)hT{sS$8?eYEFN{1Zu{Y!od z`hLzS_2ZmUL-4M#oD@?+Juv%&VT3a!#6J-^))rwr$@pb>__*>~^vHpjbDJW&R2pT> z*&IJ#1|L{_Gt)*}=S7au;YhIRo6zkCgSzTJn|k+J3ASp$Xp9vg1NOw`L>Kz!KtkT= zn|gx@?p_><>Kw#8W)y7lrym2~pJnpifV@uO2m*@vXUcKy34#y7txJ-TsPW@YJ{b!S z(=v7&Z~_(y69)JELAldFCY~+T)DAD%R@vRncB}3$Qj! zO->apXHWWn%K`LgF#W|~{2LNKAB(aBRrDcVhV@m^?_CE_(Yj4uWaoBxfN@WRR?+76 z7q|Sut0E!Mo+>&4dE4UwcD4A%o|-G#@Bm*P8D;{@*h<5y!7+i?*{KFiU?f9^b)oNk zdt0c}1Q1DcSff{0jYb%eCQH&B*61}=qZxF%%TO=v>9dbm{BqfC9kcO7c3$LUq}0~I zDMUx7nw5I@aIK3#v>6us?)sR)^+JvUj+#RV@h_b1F^w59jecWM5*rwrv9pKg&UAA0FN0;T!ndZS-XsD4gUVvh|C%f>LKWl_OQaRk z)^^UjwV0`+*G98vZvX?on!==U27{%E%HT3v`RWDQ3f%4t;-_ecvTBKWu=52UeA=#f zf2o?#0L}(_eUT^LTh~v+V?rD2btEcZQ4*@5l3uNnemKa~bI2l}KVM+|P~{yK2?4)5KR9It8b~bZdLgbQMnyFwJIxB z6*GaFz#4&tq+BB&! zXq#&^7qF;v(-w7~7Il~wm8sEeLFKy+sO@PK z#|81*XcRjOe)}Z-^!H$YBYFs7EUl!AiTZ*?4VCnuosA=^2I_BV6eEzoafFX0U3a&O z(Wvc(K^F3{3~lyrl$bU0dR6={{mG7R?edi$xOSNoctAR8g6lKuA2Bj`flOwrOVgz+ z#49Em(KUuDJmwgkur4ugV4j+1IeX(Fdfonrsi(oAA*5)cr(JBE$JW$k;mgo9Cu?xS zJ)%BuA1+K$L}0vwO+l|ORxy|hTLkhV8?*|`%!&G@__IjBWS7YZ^Wg$4);k+dW!zPq zQ_(uUw72v(nyv1X5~; zykZ7c6Y(#&7XN4Ugev%|R&``G!Y81^G=g13RwMg+8o{L;)CgiwYJ_!SHL!SY3Jomw zY2ZRu?_##S+FUZo=|t-V@!`(31>(x7g*~IwHe$y`53z)R`L9#e{d!QC>Uwgt8>Se@ zZri}Rxn{)a=xV_WMprcfb6gZKM;I&j^RSJ&=GgB=L(wKf`{PnjTpXZ?a8D?bGV5Fo z{9|P2sK+LQV&@bTmjoz+kWl2_BZuNlr8wYKZzub~512xnr2FTn(TF0t*O4~b1z72( zbiF3Yzb$?2+vub8ZL#3^%thGRymGMJ4*^Hep94yJvx4(JRrt2V{E#{5(HpBqH`n&~ zOy{8SFU^yxa;o#c4;sPD@l|nr729*n*ow`dGP-Jse=LrtB{62Ktdo@FX`klkxR&4? z^tSg+Ab9EkZZT;i)<26>oq;JLOl&7@o!aj%;>N&7ZcezDop~=Yz=D~?YHhq)Od&uU zT5S#46uA0M!-^SUj*CgwjJ)O6y_pkk9DDZ62L2fcJc4{Wwc8+l8u&DJp-UI9bD!UY z^|sC{nu^FmSwDC=2`IU#Us4!8;T#Yy<>U8j!eb9I z%qy+UEu+9+25w|S8B4T`ZUeVS8B0D>MHxA8ryR;ytz|rP#1<)IjK7RrBZpasDt!0E zEmB5HgHH~;-U&GhwT%0Z*&=1s_{-=iWsKD_-Ws|^%IM=Sqd>}dRLdwDwnfTV{i#n^ zg;GYoS#&CV`}i$V#&~}jIZ{TJ2|^3sJZFoPk>xKVTguQtx3J)>EmFnWxU!Bd{qLzlo8%I@+Gzhe}KD=Fl}{xASJir*0&5Cf64yqvZ_c);^cxbaN^+_1g` zV|Y2hxmb>C6Pk1%++84FF>Os&=}{oXU0Sg+kg6KGhR3XyFP42U@LRPvg7 z`v@Ms3JI%@upBJ^R7EOLRDGljzh#Kc>LXL}wLMU9cLYJvr36K*nH+L3F)y+NxZJ#6 z`a6$kMcwvP_SN8*R~4?Q>V`vT;1_yX6YUX1I}vCDSCn36(!CRycYzyH84R%LIl;V) znd8Txrwd?D*2izU`mkAMygRT(2ka-a;#=cSRHcA^!UCViPE}+IWUP;r;CGIwVluwi z=|L3)MVAs3t!8qlD((Pok}Bk;(u+|K=~W?U#Xy59j`RyB<1tzgRSAvMbzvCC5U<|6 zS0Y~{MYx+xw7GRI7?S+e_+eb$OvZiW!41oB>7%+KI#Qt2sU2CIbjs(m%TErJztYkh$&hZ10 z&#G*1d^;)|1zprfM&kE9QQ2^O;qfe*H9^s(1VyWv9HO$2irY$y1r=c#rK#$GaZM+5fxIII?4)3FFAt zqumlYegndDU{%x=g9_Ebth)(b35E*90~)S@GI;ot;dcBO{Asmx7`~ml9t`p8BLndJ zooJ~)zO=3hiY_H6TFvATEv2gKd5|W3(~!C@2U-r36!qoK!Ti3h>3s_Ru-g&eG1&?)2JSr-Fk-@WdeFpxtS~?Nmj+P1`eto0>zq^T+ zdg4o6Awkil1VyWv9IB<;QCw1s5FfV~5~Z(iLAw)ZsBgRh>N@r8LAl1@PlXb_o?E7$ z;#F{d(ifw?Y5(}s3U>v*9pQR_>-tDOeh(1gy5S3NK+Ua29T9WE zdwnDaze7aCY<#f~frtb}ml71MW^$;A4~2;+{Y`6+wnP-P_kjixPx5%ud(N^@qP^0J z-`b6GhjE?(BuwLX3~9WSI}_~PUT6h}~WDM8U{CWn#QMmemQwlS;ph_FC@ zz)oz@xZH}m*?v6UGT^5(l1&Pyb2L@}}Hg ztbo-}2L9QMAx&8p`<7yc6e4(#`#rj&mQR+5IydUx=3<99r(TB%-eKe{IK=t;zHJY2 z7J$5ei1R0qN;|~qi7dvY7@pG(ajq15nF^ckV(g_7pPM(t>B8E$1BIt|l!7)9XlQ7` zA;0Y`+mcSuCIb!9_4G7Wy1f}2)Mp)a z#r0Y76$s~0Z@w|HWIW7dYG*lEI9z z;I^UIRAa2+@Npir9b>F~`bM2P;1*j)&!a@oBk}vB=y^E4)Ws0g#uzIv!tORn&(e_k zpoTMWF`a-0Q@hwRwY9e^r}aJ>-542+O9^pU}Qc{haLX}I5{#O1GDx==Eow% z*54p}J0kW3@AZ)$_}wTX=HpB2kD%yMf}+(-4i)j_Zu<1 zHTcpYAwkil1VyWv9AbE-m%)E$e} z*y!k%isdqw<-W^v!?x5^OX5cUc%cLt6ic{X4R-1yEAhKYxUR#OPS+3=T}n{2n#q}P zy?YYZ+dEumWytl)oFLa%NSEz#y#(ykM;7C^>wPr-Mfg%(6BJ!aP_&xKAzbH0c;qjj z?+Y8#>HAobE2!@;%h>6U`N;r*6lInpmjlR<8#mhBL(*Z zl9}Bg3TyrY)ESSu+@R1p)~W|xtkAIrYHC(yBu|k3+|$uQ2wxwWkKesSNAvKdHA_%* zDM8U{CTFUnKYSU~kz2dJ6AiYlqtCaN+D+2Y$IxA}j!I-0AJoxvf}0mPU7>y*%~I$9 z19fz?FH*cFRTX&@!q-RU;`b2I(F6F>n1`U~Qi7t@Ob*de=@|hV+A|*1PZ!7fJBs#P z{jj!kwm}}Ow6*Aa50%nmd$l+RMdNyS{2nD7*5FImwFtuX@cgZ2awZ&3iv>CC=5TnP z@E_#xBGi}5;V07JdK}I~(e;rT_&rrPti%^quhQ9J9T(Kr{LPtj6t zGo_47Rm#o4i;ebpl%ABf4xVH-&ANBJE^dDoc5$$WccSIJ+5zSLAhzrX_mYyaJZTJ^|a#CN~c~y~h zFr50xTKt+B+co&o8C!zdifaPbFAx40H#+a*FJZNmuoAx}l&!;;hOz{;6@vsy`16-2 zVTCkT)mc?!iIl*gU;}hw;sy0l1ho+_lpvP(NG%jn>^nafQuFYo%o5Z_x60R8Wx7?P zyyFodr?{K`4%9`W5%NZkg4+2j!9Av5Qd~v#^ObBa*o`YEo<`)9FY6~!f_uEkzr`}- zT9mKUx*p1MiP;uWJ*g@!RMG_>9$3@R}vz6XPz0rS$i)s$v(u`ZT*9Lb%k62qZ!d^YZoWXN83zxu1+CKKR zdb+Vm?;up9J6wsdVh=feN!5DCzB{$QS+pfCh)_ZWrL#KH!Q_qZ$wl1GU1VT=1vqz#=|GN%x_ zF2Gg4J$djfI$|Af|Ba4V&(oK@nVglO$9AsN%9v(N$5$DPdD%vo^1-=P{;8LmGaOER z^u1Z@!yLR?#0C*Kc!lUk!XJ7M2o11|EuTkD+K5d?^WAupkJ#c6V(hcTeEq~OQerHN zWq{Zp{lu1p5CgIhLvQ19wu=&*VQPuQUY}r?b&`rM@G;wtBWEvzGfHlY1^v&bf!KtN z&XmyRoI2xNv2!GYe<982sjyT#w(aN;<_k?h-i+z1Fr)xDN%%#tVEoa0Z;GM2cNjd=79L z-kG4Z+cK}Y3{6UNSQighp>6ZuKPcOYBXwJsT#1SKt#9s(-wq{v#kWK2!{_#Sm3Kpc z@@Wmf;-9?A)%cBnts?o(x>4o-hrPFfv+KI*Lr;tXvSXqECO~kTL$I(UG^0;Dwk$ik zni)xhXGS-3M<2m)ovXQbG&h>LcXB@@O|ViqvLJdBgB~Tklq78ov<;B9;bFjl6P(6G zp#(_4)Fw5cg5ixSQ~bbfTrhS2|F!noXPVOuf6u#Yp=ET+H0>v z9^kBnww2RgHMGNLc;uh`(P7Bo-@=2WH;|Ypm3unx<}?I35%w@4oL>P1Ii2^%|09Ki zJi8ANE+eChjch&w+`e1<*QidCzKFbw=vq?8iMyL!*v$8%9ABQNf|61+Gi~WG_ktt1 z9FGYVcfy&dUk|u+=c$Kd6D#_(^a=9fc({-3A)}ISZxhFs?zkPA3pzz^x&s{T6#b}`|3wh zX0EfG@#0th{L9|hec(9;#a|fugmi4^5&a`hlnX((d9PAvMp4op}*y*cmby5P!{sJMaLszFulTn!JAV*NV(L zj9H9=?BkD!PJ+Gyk8{lK7<#5N>+dwp0LJmVGmmi2n!(B!Ef2v(e~syfU}fAtbMC!5 zqn=qfuNSM&oo5r=R+aPxMC6!**&!Q_#Q+~QjN$%XTbmtyzMb3iV?Ie7N;IeB^c+xcwQ z^$WWW<7~EGlh)t=JS5(MCy{UC+-?w$ML@0JcEw*86qf@6_XWja2ctMnr}^SH1jTP4 z^vywWL6nE`eDQA%ihnbUzbYt>#R{O~e4Q_TV^I7?7XPh3OK`tYisSf~FCGWQV;29h zpm;3BagwX^+qmM}vv?~6#W&KE0l18UPh0f+ll(X)j`AlV?sn8Lc^cAJ1W0 zJwQF=d4`;!r!L87{C9bif0@TntneIIH{nMPEHM0||E8)-<^%(ne?SM_bIYY^dGO?# zpF7RT`rzaI-usiU=Cyj1iMNdJI?Oxc5oEyq7^%S_-pU#f z{9-!!LNX zfYdO%DCpbMU!rZCp+^sfxcKTVgyRhqqGcR7V=IpPThP?^ZfY&z)pRmM*T{i$e!h6FK=Y~FbVd#f` z0I)6$o#)WJw9xtB!l@rx7(Jiku4kYrFd}GmtPj24dDTz7-@DY$y!cheQ>}ubqD$M- zt-kNV(1SlHt)6zRzHi~wgA1dl^I9Fqw0ib_Ec0E%pXBv2ZU4Nmv_l*xq)-FlgZTXc zVsLg2SBk{X@)g1d`THS0UJ*7kC}`O5dKqlir?HtvjSFWh`29h_<{h|l*zncDC;4jO zAwFIaHg88k!-m((VDljijwkQAvxiaR!r2M@{*Yi(#1-cd_OSSB;gfu|@DLy8VYADF zavLurC}`O5I>2VtaY#Z8isMak$z`a61STNzJt#w0@BlRcg=f3xNldv;@Vj_O$!CP%n!c7#zm%+JVxx^rT3^<_k4DWn`k9WQ9+|Z+!zjI;ek%a?~nsegX%U|Xm1@z;i3&nV0 z=!tX1RlMGH6AGU>^=Q=jO;$MlJi3Pl&YXHA>U>C`Ap!a47$dSqcsA*_p?LY;;F;lv zG~Q|aZZQ0wkgtARLrgxmP{eP=B-8Zcsir$037VjRmqRcbwWIvGVG5Nl; zV$w~ppy?FBXc*@ZjE~_VUV>m>ND*wu( zH^Cf=y$F`Z??;|;_d2=;^{*xl(V$;Y6`&_~al`sl0LtMU7q z_SavIFAP0LdEi{Om;W*DF^721KbK#dyr(1!7}?F0OAG18(#)<3Dcql)!$bd{P#C6| z&f!PSoqtkL47m~mgq}Wu=VxAA1*SRh2tDWT(A^5K(g?C-g+W536q@YU7*Zfmhzsa53jyCyuNBHhN z+Nw#~H_AJfJp1@R4MqC(Kr$`TWx*!J)nvifhpy?21hB7rPa2EZ!$!#zaPd8*^aT(I zN0*81t`@kMwJG4MJ#g*zbtxjert^A_C}jM#j^i#Pw(vP$QPm0!>2pJ$pquFv3#U)J zaRirqLb!wvzMwJzqf&t)?|gd>FIv6MyJd0>5M|QrKVEwa-6#1mfYLBJvkv{myHt`e^Ww*8#i{%J4r$_3+sOCHvW@ z?5T3cSHEYwl+imRY4;YWP7}oXScPXWAcXJ%d!WQ0(c!rC9((+P3_QgC;-wApZ1K$F zH<60}5_TG?{JZ~!vZ;-R?ahz5H@~cJ-jKZccka!L&ZywCP z;RAW|K3srYXHG3fYtDWitEtNz6s&6*JcD(u_|8wiNV@h4sTul%FTec26ORFqW$t_6 zxpk;;Vdy11lSzj^i=VoPNynrfFLAEnNp`N?2{>ek^Y0LjddY0U2i6hSmtbE&YV@%_ z26C4czQ7j9YM5qKT;Z(XU%gDne01q8!T?hE8yw`*giLnW{*)f=+<_MozjIDbzX?0? z5FZ+P6M+(tgMJiO0rdZ(FZA>8oVP5AzkcP;dm{St*7iQYxPl9#{W`$xp;0EDUV zgQ!6Axf{JE%qp4C5#`bWh0nxA|1w|`{K>i3=fFr4`h zeexst{n9Tm$e4yi^cO$roR^;+`tqhQLz*n$&;AffpZO$zzjn>{eHTLH7CyimtmG?z ziKK==98ebD1w7rriN-J!07T>aEYbe(87IbBIFR9TyK5CX#!iwC= zA!ZLu49LWJ_pM*E8k8ab-0%{3^y~*QI+uP5+>enVo{LX`)NW*+1F?mSyuirteRgE_ z{bx5aEThM(eed)U%?$RyL%ML9O7fBPBaVq52CaA+CFslvDssb$|0n~F9J$uIGR*0w zUAc(!E$GS&3N2orbVc+HIfNJJ3g2hDa_UR2D=c$i*Jd^(ZR{JVhb zSrqcpUt&Lzcnk;nO!cJh27Jmkm za`=nJCSiF2!t#BVus8j#BP`2Y*cG!OK~(Q=^4uZ!r;Fr+RFTsk!>wP|XsM4&nGn$F z7rGz4h)15Sv|^kE|LU9Y)g{WR_w@_=cS*^lUTwM?9 zzJvmwO(94X!hcEUPmgpx+LeeKMR?E^;n@7_x4p)AYvM&eHkZLK7@Ktfz4%Qawi_GK z`Wzcxc-~?#r}7p7KKyGQAi_(HS${+UZY03ZKJ5WAaTnS-%*X$pkFhgD_zh zUIa(5be1E&{wc>1??d0HRIj`6>d$>?&FYWihY+0!aS`=IBidZW#4U-n)3O&m0K1wW61f-lVox~mU7d*;8wGJe*%@yB%2mBsTN<;EBj(j(_Uh#@dlB%uFgu)T^3}aCtE7tk z{%2fXBnT?Al35e7YT z(uBP7{uBy-@>{@kBTB9L)B$ppBpD4j>z}1cKZ?>hPcTk{iVumf=Ir_9WYc-T>%#2M zQ%!#43q2@x4NQ60ZHTbrD3(L1KsNp4|1XrfAQl>>=A|7JU`~-tfksY|WX1m8H#o8H zR*oX>znYXtukCc@NK+QTqf6AxqAfNe1r9aDS4k6#$uookEka?P`=W^ZzxYY76)070 zart}b7-DX<7F8-EgMCye`#~rG|AJuj952t282a>iOaPU82tr_noyEsk?i-(ZSVBEL zpc{mmTx=1*y5Ce~_TOJ%rUiRCZm29eRrP)pH&w-JRaMxr>W$^U6VwFDKSCoiWCCB* zi9`A)_(s+0zrdx;s5fS)eGGlkvBX7m`CS;u+t@wwi?ci;>?#XQdEqSso|p=(TE0X6 z8Ui8NpE~R3^ZcK=sb&3dk}ASJEWIFC4?MvI?S1kA(?e&TYfA=iX_Tpe5YFi%I@dq( z5XB(2^fQ^aPd$0=6vEUO1qF3ty49^aNgOV48I(ZZ*eTdX(u~G1t$C0+T;u^uV8k!I zRUSNV(FV_5+8_^}Lqq{RTWf)~2O!@)gbAf#K=?B53t+4>r(THGJosO6b@^I}B^{Jv zFCf!5BHO`*Vif)QZ-@inIxPX02l|&O@{>|z&4V-uT$e8WGh8PDs!h4Wx9wguu*bE| z*%5j3qDF!O`a2hpetYpWN}l--yE4)B@)bQ&1ci~2^{cjya_ zcTasGVBE#eu6kW`Nk7l&n#H#tJ4csj_s0>C!KnT}|FvH2PN&-aytVuJY`d4=foAN0 z;i~p{aCcpMkSIL9E2mr63V6PBJ^P%s@VRUY0+EYIm&Sa}*#{-~;e`cm47%*~lky1u zM#LUDr`{Jay)mm7b|H8C;-&9gl6n3T;FWov$5j{eXq3MV$wR;$4y1&CzNq|@E_GB& zT^S2)(>hnhLO1`%UPJj2ed7rIgc16QETONCh5r4o_G))+s@=z}-N&=-UL^~CRvHdi z=rL>Iv1|)h%R;|qEOaAT$h+w&z`%LSN`wjsK=1w4NQA?m>qXYz&^K;4AGJ(tmWG4j{DigeiEIm3JDhJ3ApwaHU)6Aa00g+&;XL=* zUSxe)-?-uYxOMvD*-l^GaDH9ScE2yx?#Ha%k7e7v%Hdom;Dh1(ackknvn~8hhttK& zxkFwMp%D8pBH-_!RiSqMzv5GT#p0BHx#Y}qx4FRA6*%^DO&hn#b2)x^^`FA`!XSyK z<&wtehkk{l{q&FVl{|zQ@RXP?C!vO*JHF1}u=tD=hcUAb2AF@#8@?U0x6@%=-tg^a zdpjp@*F5+;_$$!)fF=4-;?ghMQ`%Z;U#1Lz^ z=Z{_9+x6Us_GZdUnD5CR;9u7b2E@w)e}gFdXS>QvSn#*>0DnVw@gCrP=x_#m2_yc+ z&*T#aA;sC^J;2}C1A7TOzNZIx4SxuSis7hv#EE-=k2$n2{fB()<1XxDg3ms6^9{?w zR9^}CM;&Ar@xG`TzcU3XLw{a0tFNzf6-!3Dk!QC;m_26ri<^=l(BQL#t>94q^ zWMkauVF4a0#se03*BAc!X{e!&WGYlQ_qmK50Yn*a6kr4L#G zy7XD#`;r1bed&L_eEHpi03G!ZoIJw8#`|B3{rq>x8@kx>hRGlJX8VWnW{v#kAAG$-Iv_xKB^tY`0E5GbWdGXwPrHGXUDKEH?`}Y&Q(+rk@$4_eW32T3! z)y4@CDaG2nKjTf7M<32T^dL6t(n`zk zIDZhY9{S`z$M4LJ^F_eN0`^(`v#5Wb#wGl!6z9^8d$NVbXo zNN0dE`tjpPW_@W~7}x__bGCp7^r4LY@v7B8kdBtc|MnOX4ZQdqoJ~W|Uiu4x^)z8& zuY%*?wj=Od0;NuW5+0USH-TfK#TRf*9qI63aRNshz(-&Jk(WP3x<7+D1hM!y>M)yf zXL|8>@TQlWOL~La1t3S5>gKYi#{h(`zyn}8?)`WlS-RjhdHz$GW$Uy9*;k#xKW1mI3_^mQ&UP?TGA9Pm>%tew`wk8|iz=Q)7s5&S`p z_-pn_k0D)N3$rObut1W$Q$WhM#otEBGeb{f>*;A7`a7<<|2OdR4LISo_`QO+@Ev$+ zD>?;K*!-=(kJt*HX!^(c>;fk*Um{Qzy*v9g`q-VNIQu>f_L)!eH{{`Emiz#37>e;P z^iT!5`y|Geb$?AEUBDj!i7m}3TwVGZy-f=KsC$n;se=EP-daJSUltlaS?JsBaB_5& zfJozvaluQsA7aj*`G2pXgJJy83X>t82l`1FMNPER7*An zZ2G!$fBEvIALeUC<)_~UrSrYX{oW5j#~e@YAN@1DpGxi*=b&N^CiiPz#{Hh;{=@en z$m7=JzWBQ#i5$>ikFd@>VoPa4QTh z4++Mznw}j$BqPJ$uRYO0kdltdGvTOw{99f^Fqeb&kACT|U%ouzZf^Nwym^bexiNzJ z-s)~X^%QO}`GupdeKk}uOli4!-w)u%7-!XIlyO$nr|XkGU7POH|7`=rkO@ky1Nq|V zCUk4@pF9fb#g!bK1`N!Flko<4G&wzZs2k$vAd9^j#pEScg5rVf;FO$bA*is|I(dmP z`-7jCVd3z#u)m{}20rl4a}GW51hxI!?z{J)@=KpNfBrm7fO|jlQ2RTghaS6`rDzfy zEG_;MTt4ub5B$b8(V6FNT>OilMc~_+7^WaJx?Zdwdj8X=p1%g7`s{DDzjMpW=RW(; z&$0f((Cf}zc$Lg;B+!IxRnz0;*Pr?9s@qRJ-}!?xPuwWsj0-p3e(TQ7fO{f$Ss;0yfQ6!+b=>HbW$`{SGMi{E~KY=3!&lKg%1 zefQmuT08sh+Z1b?Y~L=f=MN zO`ErD-L`h?=4kEKTcfqx%J`XzzV)8Xv-q`bi~Qa$zqigto7%H;o7nzbxz#$+Xja1O zEqsoc`r0I);<{NoUT#V#>d}OBDS7}VPYOT>)y;dk{DMIOMH_HTd zyfK3jYzRuNj1e!p8pEeDy^0 z*i7ZS?jGD%Id75(wDu%^@c6pxqDH+MwNEsn_B6T`O*J~rXsUL+8ntRCqgM4e zdRispgR5DPw=?pzeWE&pV(sZ#vrT%ird+Hg18n}$RjaT4=&IFQ@bfnOJb<5{z|R-) z^FQ(PZ4a+nJ&d1s;pd;@=hOK46a2ge^)^-8lQt(O8}+HE-iR7gQ_)m;rd5sRt1aLh zwVR!4G*~@eo2*J_qkHyN>(yp?=H6(4ycCyC)Y_BN@w(ytrSnQvhd=RO=8 zEq0egodm$1TC;khJTnuoD-IvFvdP0jsnGp!&!N(&JsoJ&LBV!hsy2yu%Og2Z0+QdQ z{2iBs!S?p8x1xlJG1P}zzooe1{$-oz`s2Yo@+u3M)#CJ&wHc&GnH5eWVG6zZd9U)JrhMC z0053R8tsU<&BVjSxKODys{l1#oo%$M;S&I#E7#}avGObs7_X8D_o5vC#z23z+y-l& zY)3Q1Ejl?n6P2bLCxl>>NUeCd9&7Pv=p;Z@;=;g4@DKw7aov^%TJc09XdLWTIC7*3 zP7?~YtbO!hk|b^28x^2F>J`kFk;c)Z=zBbZ88Xv~CTg?Q_`5N|TG8H_MypkB&PQXS zYvRFbyIeyNk_}p_h>o-(Kh+Sd&%($_NSsH2y#FOgJOneUJh1UQ1LpGtc~E=6*UyrbMnBoHZfgp#|2Dd z#T!hOeKA-?XR~ifgz@S-!IkD*?hQj5{WUT(yq#PrcE{&dD^#EgHtK$>XxjBDvIBcwCj)-&dYwLrruE0B0%2 zTDY%Nk961v`P(;BpTl*n(dugg5f}h+;~up{ySN+3R?#cC#btw_Xq@!*%|Ryg^_5#? z{GK||n#G?<2sqws;cur-cwKKCtFf5;t+8^8;+)#Xt_3jrDmnmgCnu{jW#Yw%bhS!Q zO)jMDEX6x%)Yf^!%N8YkivnI~sDibx4#CR%iYQcn%f|XDOLfG_RR=yf>qLY&?z9Z z$PAD(yg^YAl>#Cu(EXs{UiP(Ap@RSlE_eV)gj@+khqje|5;T~3;n2uDWmmi~3YyD* z3g{q#Fg%AXyvD1FoA3U8*8>!4ifHjgGPfvjM1+hlkhx_uDsFs<>^+JQF&QFGO~W+x zV2+lEu&T2^CTV`~0jifx5zF0C)46iTNkfPz=2m7x2(^putkNzbVcb1TD>ad%0??vf z*V>#+?-r#l@5(9TKpt^6u_=`!*#hruOxL9YUX$}q7C?QqIbIWs8F$SE3ZJ#7+H*~q zOG()&*k}Ik&c;l|pxjxnp1^g|%jxROT(s#ec*d(ckE)?;w>syEue_z%X4mdjU%7JJ z9*qwb_m5Ac@A?XZ2QyDfLj&1Dv?Md7MhX){hwWM6z~JyiAMCR9gJPjnN{LE1ps6O-bj{8r7VgzJP8(Xqaud_J zAH~&FYnP8b|37Hkg)yEx{6#jrgItD^Q_jPwt3qENwHqvl zw}85~Me`LEcIXl_#!_=_E52v{oEpY>%0g~o7Q4qmVbk?HNt(M1h!}uVH4p(~mPcAg zN}ysS20dv0h$&a(x`=e4A1GNKrAMc=QN~0`(VA{_uuM5pm1i8qxB}HY*={uF(M`fx z+w$g!A`7>c**143=u26{zXDns9cAo6Luo-xq5$$FOqm1-+dEXo$_gEH!$AHq<^w3m zCN48l{KnGdc%XDp`0OnKbSDT%Ucqm$)|#6s&ns7gM~^nkv*xXmQ5`y2o}HVi%0M|f zPLP4C`W)yTsY0X2U{ctAeh^}gms{+`F_zeUN3gm8^Ty7AaC-7laTVedw@^HZPEKmD8si5WQn{gGiBN0nD zE8Z8@vcTALbb`H>hmQ884Hu|U2RbQjG{qvItNcK|Z^+Zf?0T(ez9OhJbr*R_XKmO* zLCa@6NRF4RtSmJehSL&$q=?XD`J!OucOrE?5`A0zrM2M}Hm=?nmpk;b1Ov-gepTbj z?JmRX<5uc%K^HunAjO#~WJ_G9qo~dGG9@G(lQW!-;Uue;;RWPOEJ!$6Eq8`f!4`S5X++{_DZBHUx2vua{4kO;`7uubgTFm@dRC>`U0Mn85Z zYPQ8#Ma|5Ms)crUT~}Q!Bol}nV_2m0%Br_uCl@_BxNHdhpDDwu%%Q!xu6*ll*j9gk z|IOeCd7Em0t+pDo@Dy{oFKJbd!>QN42c8TpxQhs&d$T&htt;K%qa?cG7$!y7D9|$8ZzmyjiVr zLliVi)(4GCX4mvN3%0De>&VJXlLop3g+?oVQTJ?nI6^Rrl+1Mo~BvXxLpgR{zfHT$$ zbO%Ex5`0l36;RmbGzqlUKjzvD88U8N2020g6fVu5B|m# zcs&`746>o`#q*-aH$azcgC@iBhMzIJ;gfE{xqgh^Jz%pXS5mDI82Z}#rJ;LY(hA_S zY%GqamBE(9%QA4wGUZ`I=t^frIETwg;lU+n;v~PVf_lTB2y{_K5jEAe$m!Z-FtMn4M-C$L*9|lHO2_v?vRA3=hJhIG& zHi=zHK?&+Jm>1IjKuNEVo?<)L)J+pqX-1N&%XO!gm7BPQonUW+g)+$LJuyEqaZS*u zA)pWtgrOV9aRRH~XaT%2ke*Ol0-^-%(KQywH?M8o406N3z#<$JfO#%thy}Rl0X&JV z5#2ilm&6SWVG}c_%^)4I{aH>-f|MuO_0s^v;$Ob9z6wIw&I+7<2yEG(6da8md|TQW z-m$0IuIBbt$Jx&qEC!8l(gj zop|Pf9R)P$$|ZqrdY~Z*YalGD)QW8*V(H>WbfbXKp-@09Sgq@JV^R(iI^jRtvk{jY zl&amEY#Wm5o17R57H(bZHZgK$WDk>zC-Jdz#{kRpk z%SjZ}Hv*^o47Sw0Gi%X5=-Ey%etFY44d3Q#x{>r#w#0dn8M~kzE3blrEwDW2QMhGj zT?n5o4_iwokQ3P9Zll2tpDhpDc{oHWW$2=EIzyK5;Y#RlIxT6y=)z%4_Baju^wZ_> zCj=47sF+Yl^@FYKlchbBA^i4m=`e00(GaE}XwX31JNFbc31vEzdehgz28vUuBFsw*?I=C;ZPQhXAEmd| z#?BY~{)nmy(39QV#L^_Z{SpErsHnq9ypOkpSipEI+b))P?`SuXjNDqm=+z?vLP%z# zb96dp8+~}&*Az!e(0V1=Lr&vx0ER0xn}2PM!CaE=Dxs`nur@drv5bn09F13_PXfhR zz3{gnrj9()ZS;!Oo47rIL~9migTYF?Yw?i|R`J-B3F)G3i}i?w6T)uGFpE=*+`w+8 zeXT`d1tLPPd@PPf2XFDiB`ivNNL)o6_prY+bQh`Kmp#+;oM%akeA%fHFy00%`f20X z!8?n^P*?hb!0^f@JFG$5(`CfXI^HYC@JLADo;E_CrKg@)i^h($3D;IIdKMMekIhwK z6SdKSFP0jNyV;4@ocrsIR}9}-L=76g&P@_aQw$yq5u$M$q8rs4penG*qpijWWpOq5 z5-_wZ{7nB{2vIMXf-{2@R|uR_(9_mJk3!&X3=L;jq-)fSb{>`tFoKy=Bc**YSgy#D z)CILcf0ONM^gCyXH~GClPXww3gY85i22pxGDKVC63Z7r;hG3$)a>~(M($$@7!$E@d z@H^<%SGbGl*Md|7y{qr)AfB_`a1uj<(NsggTVe&de1@ooz;NpogJsL##5n|^K_qqc z-9>NA5=<)WOM>sHFO*IhLUDD})Iej?L1DD5Ox)wZTC|F891tIMpi%ZAuo>!51-yHT z9iL+$9b}TaDdW}*L+2rZl09Skwi^{$?*gwFVLP!tqEN+tldMUw7mInMA>y4mqG}$L zEnE9fqVcgRBJ5m6jZJ}gbGu&9WFAORZF3y2qibDX;t0vs;(C*(!yAP$9a_Et;BUL3sFK=Iu7a% zw~md*rbxT$Mi4+8kDy&2D%GQ1(l}_&xk1INj=|zmn60z_Fzm@mkh1unQ9CecIQ|Ve z!ofZ`c2Q(-2L!<(8)NQI$SwqUy#>!yKWrn;CE}B6pH`Xk`vCV%hQp>5)Ph5N)cyyu#GXxAnvD^b!NMk@yS)1`h&QzxmLWaR+6S4II(wj1b zodz8$u*aoA;)5TW}r#dq0L>_Vqz?#=BZtk%k<#8qaD;(NC zBGM~Vfi$8~oY8IN7+St9ZY~7tiIbRzDAdfw6155bC+;v&;6U!)=42O0dqGc^9TA_Y zZI4d+oqIUzf(FFuo8_h*deX!s)U8Rf0Cu}7l;eIcgyELx>_%9^*f+t9b)6?&J9TK6 z7S1CgBoFR7+XZu?z_y7JAF^z(BM1;%C;jmOx7SEx3=!>)x-q6svsr_iA#lRErBaID za>7=H0_?x;8?^irUL>xpe1-?nu~=oG)Fh3lk~NA6;T}oC2A2b!1<8cH7xhS&7eRmX!jBQ zZ)iW;V=p8GUwpBYeU8(eYurEpAC=?beuTYrZfneCr;|93 zNH+(>i!%ybA(2zb=qffiA(?D`i7=dLl(BLMj}sA=`NGx4xjB36?&g3dS~nA;s5)Kc zj`cBYLnc3ftZfaAkMAGf0hfYOK8>r}pY>hp2i=7qeZ2{Y3ysudsH1+{LDo5n)S+|H1SZ0En-W z=o=R&knW2oG$U3yw;G58l4>cWlqytFLbz_44oJuZ0nnf$-k}~d4#%N4v5vdzzYSF5 z!jSWcwM9=-=8<*=GL2Fem>-|seadY0IZ@%TSwa1b=Om$ulY42}?t$%wX^9S0ur$IE zId+UOtha7Y&mM(St)mdQ#fanaN#M}O5Cm6mj1gALMe`gEGJ|2$^nuuKG{O0@WhncU z%JjnE7C%zO4ul4>s>8<#_bwa?v0I(RjY(|(Q2I^dz#&}{Wzi|#T}JR)eQj$GxiV30 z{f}xBp<(>e9vhGOTyaANGD1!hL3i<-$5&iPxL| zXw~Wo{G7zk&){bOGuN{phrxAG=-+JqEDi@+xxfT_bs0M6eQ z2L_8#VgE=pFfshr-9u5aI8luDZQHsn8ZQhEA1L)9+^y}dqtaVP#*nOHpa##t$-d!% z0uF=&I84%NE4q7VeD~1!{!%nDSSXgFyK%@KZt=TE8aP=N9XK#hj3(e1t3>0&#p7G~ zJDMoZ9E(PZgHaJXDzFry(tHb>I}y$WMB}A>(fFb1M#P_S1){&lhfY=}ampRPb`S5_ z6Aj-z6b+XOcjHu7ad@<^&}ldN#?gm~31BhWI0EV4hsKCiG&oioJ{%2?4@A577Nf(1 zqri$>+Bd-r8N7;yM+?R65xTjX2L?)|F@HU{chp~xm7*~aYK*_wx4vQ-XVKC2bTo{O zs&-U5Fg9Ksh>H7*+xTm1ba?yb&3&b@LAe0J`}-zJz-S+qQd~ZwLUHhbq8%MNbST;b z#S4<`ZOp-oB1r|J-TU`X0OsI6U@g}rBq^B1o=!AT7$^(?rP`#x0?n{;8UtAMZ-IbH z{irkwgeR&q*awbEATe?k@TX6Bf(O#!gN)wV!GN->Sf90{!SXycZFGR^y=V}AuyV5! z4NYQP3j3nNF`n?WO*~qzmw~Ylj4U=A?Z#wdCOXt;!jwCNg;{*4dL%kj7>nel08JgE z75W9EgA;Fy4kFVA9jU;tN=pcD z$3f9O(ZS*vk}-6|_NB8AcEAaA12pC<4+V_K>@5ja4RFrE26J$5aS2bG;M4LIMkKdG z*b}@1#!D244h|Pl2*iY8jF{A6vi=lfiGeXgOB*0F$}C+ZI#94RCIepfY~rBdi3Ic^3A(i}xV@I0Y6_3UGj9GJ>3!^5mPq$oLVNm>7|1 z%oGwM%%UPpjB&sOs>`|UxTLWY7ANaYt4)BibT{r{m!&Yno03M*{zUmGnF+E5{sKBP zlD8BdY+x3r2KZ*c1>Ytm3dLc;a&EeTZQ=rB(%gP6%CJN5m>*4Ojj{}t1w!d?-Wed3 zeiB0{Vc8UwI(1HH`~meOe+K~L$N>*d3~&RmR2p$o6`|ad$1r;kvNcbsCZd)}M_9^E zWme+1cHk>PnflQVCXVO1QW5OqlDiZcaasVH^B9|`RO6{NOtcz?)cN5OB9$nMToE^` zWZ=UREYQaOnl;u+USbS0m32Z(3KUQ068N$N9_1hmGq@Q%9F9~8<7n>(tMC)lWc8ag zQz{G(a^4D2Bozo49_cUyjEK$}yqL{sytpSC=jJvR6O^stjO94wk3pKRQ<#l^*N|2E zuEr6>chI?FA^`_xy$j9v)rwQ9(^>BLX%KAOH(ZAk3cTW&9p`lrk>sb)sT{9hNQy|YZ0@! zSe_SO4Xi>q^OTRQT2w4d05NjB#{Dak&j@eerO11~H=P-k0EqBcvCJtL7qHJUi`eca zlD$E;U}IZvqx~f?*nYYe;PJ!xBT!V?tOl=Sv>!~mU!(W~p3I+BV-pc}tKy032d-@rZ{ z$I;qkvr%fm$quUnXJf%b@jhr~M9^T1vDe^^VqSzKnJL2=$e~wPR5V%~DMgX6Trx98 z$~evIGEq_CkM5rsj7C8QO5OcavIK{bgXiEd2v?A?&eLQ#n<`_66i6OeG)m2-UD*dqOgvVL~`}qG4l`2>FLf zBkNaIHlnrDZ3a=sdnu7C>}iHk%!K1Tm%^W29vsQ-#K5rSgT_k zhKukV!PZB-?PPhb)p3%8Z%Cy&rkr zI(p4hzFq9tMZY03^$<_NguHL$#Vas%&)3l)gagnyW*Q*T-h&OisUnH0Y`__9;8t)e zaY?Xes(x@Dt8vhtYkV$Qf@F7w2^RBc38q}NZy%Niv*mg;I0RtqJ}B3mSMyo;gv;(h zLBJMCBvcnNm4Tr>#NN|V?gxfwHAm?eejW_fkJqpPB)0yhIN!D&92i2W0y;cO95peFB1Mi~uYAv{1$3Im#Y70V2l6)7G8*`k5s0ldfh0E3Ki zqR~bBO)QuJ7$89T2$ZiVlerqyY~X7U^X5t{8V-(bOo1%4h{J`>0Q9-OO~@-cEgbr?Z!qp%p2n~olw#RdXB&x<+Z?#{wP2R z0oW*V(ZLS_lE7t#4i`rDGV7&xBFIYK`Xzool(H4!KI}LVyFK7bKMca^a5LfbUL33; zkp2nzHgk>;M@$Tr^8(L@x@ru8J29R3E?bAM=A!}#TA+W;jffGjfHo#ZVM>CCy5?3N zMWFyCN!*ieVdF2vovt79h zUmeHq;A#_ITo>&;(!5Ld+TwU;n+K+vjT3iSnreLl?3(j;?PSoyT@k>@1)#CCzPrlu z4u-Vo;ksrv#u0)`qwk2`{`TwMJ`EL%?egeIqcR_V&lE&VAJ6XXh;Q4x_722HHsS5w z5pSM5c?SZbvC&vR>h7fI6!gK&{0{8#L4zQP16*1>N>iJ<;}j6@r!Q9lV^?%e_C=5YZonfqE=~7?}%^DG>@Zj?M8sZmaRl72kIXAhgULncObZp zu_IgNPR7lnN7ilGym_PhS+6Zm>V8hD@3-HAzNb0}HUWb+r3!3u@$P&N@_NV>CIU80o_JevXoKC16-II6;vzKj8*EHkeXx@^4D26;d-QD^7#6f)5ZU!MFn-7) zr5SIaS*Re$z>tVJLM|*-Ow%`E4K7@+`h4*l- zDV@bjkVi3NUOsNXxTEo15GBS(!NR@@;@a7OMCx(M%DGvDuORxv!-Du;0giBKNzP~H zN|)r#l7&cu`D9GkjFo}0PD>AKq|CwlrLiW6i2>yMfQrFRgdEm)9nmAYETFvrAzf;5 zm;{u?8Vrum5|%NFX}`kwx9*V;x@o2l+NFp`NtG8`F)lX^IvdmCxW{oAkbt_k!BDJ2 zv)>}pNFP+uQ_FIM!8kq_5V3>EgyNOFOIFk8RMcEb{qay)(|#yid5Z8T$%akVKxCwM z$XoazlQA;I45Gr3>}ImPQ9>~h!-Ezr?+hcL8ptUyH`Bl~4pJHDay%?wqfNr_86axY z8(sDm@IbRM2hG<;i#DQwwyw3F@L_p1kZ@n#2$9D#ZAKzPmqA1Q%2-;uzd+C`!) zl^-x*6Eq0o4HJdkBSYgudp7h(tsu z!u58VJYnC`^cmmK6M=xHgV<$d0Cc+J4BQHu#Gxy0X}2;>M{H2FEBssB5Cd(yWJ7VJZ~(!F z8%SVx*&o6sgw=9wY;ite)a zYe{5Iv|(&Nl0#3FCJN&d8zOFni6wYY_i<^P4NDSZsBC%~Ap5DJu~#XXb7^OI>k*2g zSv`vVjwT9m5lJK1Sw>ifYL-Uo?amw=WRwrkk?N{}nvp=(Su}E#-Z0AWCViino-|eG!J+XI)mFcsGKl?vsqRFZ=Bf^jeU%!L3f8tR2GAZ&aib8 z3Z_)xp9Whv$)U$(=di^JI}3xD=?w-Ld}TZ~iw!1G{$)LV4ig4D>@fV8@CnD-JTLG# z091<{$c2YI7Y70p&X%*Ag0J$d63{1m6H5sS4?T5!h#eVzwsgPFd;g@(Fo=WxuN%XLy7YY z1ZF!wS21j}IN(fc=UMeeT)`6CIln_6n<|B<8aC^hf*iX08&|ISQO0 z%Z`Z{;bgx&+Q-YbOj)(UE@2Z&S5m)<~1?EZaTvfd}$|EGU7g&b9qf+ z#Vd)$MP6VcGPkA9@#8g|_{Onuwv=rmrbrINFz5CGK~zZNi$f3uh&udGw&*9kFPb42 zH?3kh?WBdk@v7$6H&aO&jg(p$sA6>PEZKzp%+|G zu3RNYg}_`oG2IYMWDbK)4l-u8CykAZo}k6#v$9HJxOrW+?=-cQemGPMT>}nq>9L(# zOeTO)CLo9y0}ve|7bY5w8H@{h)?3UdFM=aXkR`+5CWLS0C{hc^4rwxS$$3_YEXH@k z_H!B4FmDnWv7}tG29mK#)Sl6ki6=q18eCC`s%n$D85(gEk3n>wX<4ThCID?xa1>)F z5tqm^f_=EU$;vH5gZa;4Tw~_~@hvot+ZZ9lHHHipMLo%sVKkh8mJicmub824%U7e^ z=SO+8D;zxO3+6ty-%fVRq6BSaaD-l}}K>!&WV7V3#yfB*(gz_t=1RUtJsuTdiX z67Ei<33$Y7>ouk?p}fQ%P#LMP z5DnnY5NmE3^(XtaYN)C5#AvwQgG4L@nl&?*k$BC&&+=4 z0-wwhlFt`UiHwAm{D|Vc3CDy7nFkK`BC~uX-269_i>c0JWTD^LfNpT|Fu!=W3^YVl zeA!qTe0ubQMJ?hP8hs;36@b+;nsT8vs!vrPVuM+WGCWgra_TWr~tpGbehvD+sg z(G~2s5e5{eog-E=Coha@ei6>U$8EJd+v*SOvCJID#-L^wa%u!$pICx7p%jf1m9WVM zymE;71Q2_j_yo9kfkXw(Fkt{f-B!p@piI3)gF8~LKG~sz`-AQEG@=HK=FY1gEk)rYMV9aT;S!liROGZe)D`Ttl60xlRWy&~WXv zfDkNoCr7B%ZF!p&Tiz4vX%+I0c{Y)oYn!k+;)LL7#FnEu-`PYZi$fEF}G1nG1tcA zV~SjCcbZ(((A}Sr!Lsg0SR~y-F{AF|5KOXBhkSkrE>TYNXbuOg?YJ0z-$r8!oJS^w zXx6i+Dl>#l$%i3fRp{XfJ&^9(J$xUcu`!;SX-I&uR1I*s`Zcd07tkf+QYGMo!7{Ql zcYXyTl6|Cm!$v0Ih5U)*#G^^rl}*(osY)V?oxshPo=9%k&G4aQ?0!pugGue?1ZAhm z!@RORdyRU-CSvF?JdtNMa1P%~xg1~9Og+qm3 zF9j5&O%R5Mizz8jaS#0`pOXyQ)&(aJ1VSA|N27gfxr|eEl3$bwq{8Ex{qcY^SqVrx zT)|f_aa;iRWTy1CpZRXkiuBP{F&eEzqMC@#A$8I+l_yuPXh#fcT7Y%icMCeqM4qG7A#LuE8qJedj!N;tLRl8aLcdPKM@ zQm;~W`@KAJo8m#_v;U*9*6|r}YW}27)r4m8Agwg8;$%$g!9#F~VIVDAwOxJQ`_mQKJ+}8C# zU;|9o?C+j~exY2Ab1KMTX*mr*vvX3+TgrK(7SB>A!j;Q4%xJgghtq?}E3xfi?P>SL zLUl~aCyB&^+rd>&gEmHYx-c1C+PV~+^k&H3d$WoSEBepH;b?&ecR=(oFg|t4Az0I; zUx~anL~uYi=|{Sp8ZN!Txb(-Q%Z$Y1LIh%mg8?$&K#IdIoSb3gc5Pf7rQfkvGK6U` zSAeBuyyavxI+Fd}DMt{{ta)X&HkpaxgDVjIft4$K5$^3`pWl2NxmY?+075r(=SCdk z8zX>BqGNingBS@oM8F7$3<+iIdJjo@2`3uJc7_n6O6`NwOrc{x@r`-oorDAdF;u;` z@YA;Yiu=^vo&O^UuNdF2FhUms#mRlRz=70DCvrv4-A!}$n1**g6zFt~h=hW5ulne( z@r;?$>sXEBvj^omPoslN`etjD3c``y+A50n!^ohF^h%ZSzS#VP6QKt85i=QLbBX-L zEfd*mO35rp4@$e#wk)L|YlOO(b6SF8A$iO$pzf#e!QO?;bBZFAW7V__=Bk_~2c@#a z>By3O5EU5%IB4eZ}rppG_ev_gTzlF!LhVcufGNut-!U8K7eXYHHfA`zbt6o z%iDa!O_PXfgGUUy&Bu~v)^*|&GdqpKZKek?R5qk61XELnM5t8Uu4-1b*zxy@CWT19 z7E4UjXu28t$;FRj4W);Pn2CTyARji&QP*dr^vlZpnl>%`VpVnD5|)mcI2;Rc8+&Sn zozF^dc7PLvh}K#;=8n8!oV$Rbj|oj=b+JUsUDK>Tnl4CVyoW#o?=DbXw6MQeTV4vv3_p<#b)T){n-l47(2c| zUCoJ4?(n9vIxlUL(LUFKu4G9kV+8J(+N8QW&+XQA@}(Mmmlj^m0}xb8E_He3Cu@e= zjmm0(7E)mKwCnI-gfquZe@BuvAjfX?`xVuh2J^VscuD!d$`eDjYDovo*$Dg6DljX7 zFHb=gyh&cDOFM1$Rx~w$$kZMtupH(|m_xsSY%OO{g@zM}*KHV!jbyb#hRl~YD{!3p zt!#su#l`s9TT1F7O5B*bG*^6fjy z{*>*RF}(~k>wQSm%oL#>SytC`0)EA-`OFZz^+TfP^WU2?c1G1Qie5C*E3W4=n59Gr z6@5=VpVI6ZD1KH-Opw7ewl&VkRI5qK;c)M)*C$V0=YrrHO9i znc-4d6foXFvo@#nfo!olKEc|?Ml`o4$!iL?9^J_w!KCVv1DMdl>=@~aXX`6AWVE_( zy%jjca?BrR#&lHzGQ&n1w~qlmrp3~%93cmCmvv&pf_L7s&^`Q><+g={7bJU3 z5)#K4abY4hhc*yAgToVW?#Xz_dciqf`B5lmREd`^x9i5lvcV3Tr-I%cR*B3?QOyjt ztvpq)$0D&T$HG!lXJxi|)Clu)Cm1Pu^pQe>r{BGKm)p*kq#cZStAmz@Wb>Iyf%<;aea-RU%VXTcK|vXeoI3jrq0 z5$v#9u0oCQs2NWZU|=z37W`=3b z9B~I$B@_smz#_1*`!9QrK%Zcde5c&^g zYzl#UP{SYWP`!`dQ#WCHGKzN!=^~JG0XAJSi~EuDD#z&Q1(5Duo?)LNVIu5$_zuX}iK#AwxRiP5 z;U(soH&t_qmge6TEg=$%BSCEGH3X8BWmF_RpU#@kwO{WBdk@gq?_s*;b64MSr3pJ%J%py}dj^3z;KT`|3fJX1VgeD$Tqyg2uz@QmIl;m7dqVl-?cET%z zbk9=o6KgwDNZsh(&`0x$e*tDI1}OEQ7o4CF4ReUz5hi(+^oM{^cgpW>ej~0h15XNoC(mWCzntd;b89g-F&fP|%qgfdoZpd* zg$7sO^Kid>AzG5M1S`$-f({Ki!!%r;I z^NV%^r^Ybd*HC~;Qi>t$lH;5+KMv>5VF$b5sc{SYW_HJ916e;N88&Z}r?^8?vrC*k zTRB@mNDFDf3{-^h^U(TbGj`P!xQ1t3}Q3&0@bVDfSo-GMFLmiC&D?IcLt%9W?B!sIg>xbYK z8WX8t!7SZ;sPQ@pQQX(;#k#>-2(}TvuV~rVB*P>E-w^<(Csqwd1exKa3Yf@;%!}By z*APHyAFX^F8&897iSY~4%*a=`m4MP6U7uiq#j}4{Wne==(_)#q8|Gt47%fEwBy(YG zZ%vPmFjsH20)7gZAy3`~zCrK64=Ck*_%5fdk{TG_CD{|f1))ZvG zAe=!#+mJ1ol|9xb()GFN`4*3!TjDPcSu&Av2R@Z2A-2NwQr(h>Y1S|jFg>Bstyv^8 zMg~LW7t9pFhLN$ZDR!Tpfkp&a8*qDf;J7%T+b7eZ0 zlACTBcEK$!$#lUsMS{^XF)@B_@@xP;7fmxDnR)cXhx3y>3(%n=3R<$kbo`s5XhbJO zSXP$!X)&tn9JghWl+B>1_Oqe@D$1dYOkwWJpfj48G1D-*l(N5NM6j7%!2xZdsmf{t z5luLaIN&F9ROp;UhQKnv-2%1+ya~=P|B$>a61s*@3CzcHou&kBgX_UKZs!^^-)2pq z`7lx7h0u@dAnhiOkkME}2beD~rvmk%PENQB5k>=}ndj^=k-`2thka-y@&o571@CE~ zDeZ#P(_JyC6hg8Ei@Ku(LCobUKH;1iV=>!Yb{i&)$L=}M(%H({hl>1wg{2P-SgSu} zGgCuifg>NxaZJz7x^)O`5Y7b0cKCoRCqo$Vqti+kZvUGcEK@4C~WcR0S}Vd)k6abxKn~swo)|fXj9&&-)2GX+Py52l6xrUzdfK1! zafjtZwCXVlq_~BE#qt30PR=kB_b^4G&MG4A>e^Hcn-Y+_r(%~F=Nt$T^T(CB@~!m zUN$9^ab* z;VrRL?2tb=WP>klIkpYb?;IE#KJ3EM;r6401s!#sEGiT+8zl84L%bvz21FrbXh87|pMBU|O zr+3jB4a9aNpL{=OD{*IA>ISAFoTUj3{_qZS}X2#nk0q* zwV0n8kq>h6wig-Wq}7!+M~a#`4X_*>+J?V_5CI5S18iF`15wJI~T`+345Oq(THqR4_(rsy^1vtxzASc zD+5M~*tSO^in#9ay>QWgt@xJyE&ZDr^D+Z#2npFz>+`HX)dC*OHn6c*@ojclAdh5w z9DQXv5?FL%NRlXyIYJ`R2peC;4%XOgF-@_Hi6Fo9qh5bU6x70DHqIC=!Ssf zFw>yv7(49!wE?M;(=amLlW$GxdCrnj4QWzM8Zrbqm;v8LAeZtJ*8JNF!{vtg32|~6Oi*C^Fsx+ge9dqe4KLf z5h>`AU-XDB=pma!e$Nh)dN7(?Ppu$Irco8PP{QQOeToQ;A1$Y-3$myBZDr3_ozk3HqL zwP%KJdLCkr5s^Yc2G=E~Bo}NtVVRvKC;OENOSMBpcutj>6F(zoHRl!l4t^6`dnyM; zC9)9&59%O~h=yQ@6-M!Ub^R6hneRm(d%>Yy5e-&M<1~Gpgau{(b||s3aSw2!b*o<- zfb8cKvO(=8M;U(i$$nBi?Xfa`ffRE7(;ybzaCRYhZq)dbcR_~0Z;sVj1({c{PV0M|g z>86fJ78sXsGxe~kdhQu4tv^!BZFuzk?p&ZA^UN!d+}!+ zQfZ%G8mKEKIp}0%GV2#g9D5a3H%Ag@vj3_Cx`92YS@~=sn#ET=Dst_qp11jNY;T{QrCS;KQoJY6D-c}HzpZ6?N@U$kQcl%HwMc{U?c>-P~uIT5h>vefHA zd+RNO5t6K#eo5;bj0tC^rB6n#QlKY_-3XXePKlOWtq|vfNcJ1NXza4ebLb5prVv}3 z>YJRQn?CnQRfzVAPxe!12G#{ves0bf*_iM(wL`@j`N(@`LD$fbg z+B&&x9ZQ3bdAzqEU;W*dtwYwO3%7vbkhMV(8Y{y<8~S{G$ay^|qo0e;uCC~r76nc>rJ)bE2Alu8B#V&5Qr}X#|A<@HG=T8%t5O++=t{e z06B@xO9=gnH{pkXeD`-d23JLSk8iK!JY7>Jbpk6ru2(fE9)oC5(~VP{gH<%{AQ2@K0U|Jm-zihvnMw8 z7=|2S8CXCoJt8ilEBSp(8I9RN$2aXQ)2$EBh3Nge#lQqP9P}w)qmX?m(GA(^v0o97 zLn=Ev!EYS)wr*s-DJQHrsvUf4$j)ZvD1O+Pt@`X-pBkBv+Eydi_8IW6OLEvNqxS8X zQkUW6>;ZgJop!?QGrYibVK%Pn?3BR?IzMTWTujO zOH8aXT-{r?-nOD*w{H!L$#qZO6vByhx^xEs#ZLX~_eONeTwPAlz(|(;CNqhJA{i|V zp5$6MC5~nN-mJp=f`!o1I!|{+^gHdn&`GJ7#Ih{-6*0qSucR5;KeTOWRP;1@@+{o6 zwhNX6`O`UBEv2mBm5agUwTJpZgP}&=P+Ks4WsmhMGYHI+`uC&1`7H7eyj@7XtY?l? zv5)>f^7KE9F;0+Bs?w;%iYP~Zb?^xR1eCx4?$WKI*t|I`O0e7Z2-zaXzZGuaU>Vu% z)uP+P`?Pq&SQA@&R%3Yr^JZDamx2LTL^M&I!M*_ZI$RhCtR9Kef+frxlD50)NMoTx z-g#dRzhYqiBrab8k#)qSBrwr0+kvoh+~~-S!mlBwoq291aHh z5b8v%jpbWi-zzp&9`PpmDP7S5}ba%uFm5k11GovXA>>-`7Z1+fmMww7!U$n8Sf{u@UayEi`ah9tH6 zsrFDVH78tv4UX6~8@I^V;D`9tzUI6FS!67)DT&vH4z3TWPS0d}Z z|6u|{o2+%0kD4_^O&D9ytm{q=+8ZS-$;B2Jslstu0rIWZbb>o{L(1u1n~JUV9*n?n zWkI;7SYKkj1Nv#k2E)BDFp_Marg%DM$8Wj)>%>RdV{W>~E1Y-umNoW^$eBP);=U-g zR4RIFP$xDPm8xO?M$0D;v@O7bQ3`}_j(h>5gz8J96cizE2{`-|-AF!nJMQ8HahBMI zgU^%ku=u_tSB)Ng_EyXr0VmA7QWEFI^Z#O*GPe!?~26J-u--!!=$ zJ42t4P~B%RZU%?sgyYBsC?i3_J@#$--T4)cW>=`QgoJZyrZx?iVRpuu^;F6^XKa_I zhD4TnZ#~A5QTj#?KaQ9r%Yn&C7=Uu$qVOL@?*i*K&B;26e(Jpp(qI#t{q!Z8ukLS& z9#`J$D^lNF)G>RllXrI7D(IKULwgU2!n5(TM*V~ zAxUr1KK9SB%D~};%!0*i0gt6Nj*j^?yxSEK66-;BzphlY90I;k86LvX^B{@?x^e^| zJ;x{)2}%cRsrbG;vdOT6eF8z`NGGZ~#b=~CoF*M88*aywXEd4^yd>;~lyk;j$tfE2 zkg?6Ep?b>=2OidtNXtNAdb&fi8uhvo5v86Q$2tyBpE7kHIuuOpNEs$?C0#Yigc>R13Wt|8Go5Z(Vk8wPbEdMH~cLy$?;f*lj&s< z?A&zKFLJ|{R=jZ32l5JEs&LhW-GbBG;XsCyGTE*0(!!md0)IKuh8T-fOgI^fFdw|J z!AAh)<=3*9z&@<`kX?peqgJQttrKSqlEz)FsxXq7f?#nf_Z5AXHnEtzqUZq{1j#j> z`h1T#ehH~CxAUn(+!Er*$b^LF7(&5FCTz`*AV*1%8OOfj!v1?M^*;>9tmeAGxXNL1$Zbz&Vu;nQ^`X^T*_fCSz2SmttsTgri8*+L0N2 zge$ew3?(mpYCMesn*{Wjm9%hPdaGb`C%YlknJuT%fM8T%sIP@B5ExBolVK$*c0q~C zg~D2wbjS}1<92^(SfcG@e7&a1#J+$#EGjRDoaqHC+U6LBqaJuTYhiS*xnGuADian0 zku@y@TB=A?POXIqBqliRJ-`VUE&+Z=?(EH-gJQZe(_Zxi<}Oqs^Lx=kO4i$w27xvN zxKhuef)wR88u4TfrWxl`@EvS__5cEH5})v83iiobbFwqb$R%jLjox>MoDdy+!U;i@ z)gz*qt5_>A?Gvz}a5)JStos_PmFMr$R8o-P5>C&Fq*~v6pz<7(B~bpbKK%DPyBNV) zOd0t|z8V**30o{%oz0Q^T>hGnz$W8ccx1q`v>dvJObosLi12JJK^%%| zs3+PLrwjp&B5KL8E$DaAmK@u>G8tO4Ur}DUG_9rB(&f;ZJUE&5*yY@E>Gt4f=;9GoXPSO#k@$6BTNA00H z!s=#3uc&^e?d9ua#j!&+95l;6lIo|_bJ#lh>=DhSwzjVLt| zyH+N25Ad5WCMs>Q7c5PvfwT}FGEp_ZLT!mgnf+5&Des2;(u&uK&x_aVv8jQTI}%1< zMFWRB{h9t#jxEIB#VjQinq{dVnwgUK=nNA7&B%MrZ-~LCrv$d73e&EW%^a|tF34({ z*e1DXxT{kvjB5l)QO=Jny~@cdcoI`AgU|@F5KGuJ=)kf|n#2d2*rB}^Ydp)IF+lD$z+)@ac2TsntWLu}#2r0bo5{g`Go`qyO_aD} z5!vYsk7&p?f~2(dI|ttOpXjbH#oZk3_MikG8x7Yv6j!f+hbb7>geP-w#EK+bji_|R z1nzG*+?t;2x$(1anfqbxlb}MM0w*-D9pOX|i1pweG z*T6v^Ogznt8>>rRhxt~lb#VZ5uLe%D|IOZ;2U(WocYW75YC36z2^NE}jeS*$)Ks_T z)!Nm|Om&N_tgP zen*Fo)G=4L(ElNtGh6FIIkX^AThUqqz18DnOV;MrjpltPzTX3J#`f0Q-ggGoP};TuYzRI7|luC;Q$=X`q|&!n_i@EqDK(S%EpK)zJ?oqcM} znzeR#U9*CEPr;xhZzi6GASpgqWj=zrV=H^)l{8~) zzHE0;hXbi4?VbWH+lDtKxmVgRaymue0B`ka^u`6%xHd!+ko6}a^81QrW%KFyt_q7~ zzG;r8Sa@j$;{GwML`8Wbe(g-#PY8a^_^?xTk1M8MtHBx?FVx8lM4LBjV(l`R3%Kkg zvF+u&PlEiQyDHl(p_zpu{302?s%l!-3y07#JPzYV##dL+E0g8;d3g-aWGTLq<2wa} zSBo6q`7|KMcfJqFr_6d!mWKYh9Dka!i{$vzl<&3Ooxh>}_T=g4?1^oiAjhAsyn5?O z00?g*np>1kbq&zPbey!~X19mHt5-i23DZKs zyBbQFq8_@DO{!*Gp)FaiEYjOg0{t86+)L8ILSawRACR*$sFg_zseGt26|o+i6LI_* zfNLNWtSln2RcC(MSTx0lAYPOSs~l@JUln5{Qr6*^O;G(wu}v@J0Sc51_IgG#9N<@j z-xRwVG`VMIo-2dSH-T2&sW8;1=TOStsB~{dcmq54HFq;Sit>DF)}+Vpd;@hEc@Tk@ z4k@&z#aTu*FXDO@*ezC8*RT<-uGQ?yFn^;)x_nUPX?o>*CW&m3P&Vy}U|{qL)i){38%M8=!gj1U^9x@s$D?+QKPY!- z`}V1Iy^Hg*zgeO4^DM7)7$x%@b+Lck0PE3)`B3JND3LJvJ516?WS&Qc7Fo>Gl?Uds1hR*&7ZOA}5>BeRvuX z_pDRx<*Qc_X)}HOX~B!tY(|_Q8sfaN99hjzVen!iD`Z{_DVf9iwDrEUX$V2P@R1#! zsbT@V&nIj0E7qxy=a*;V{t;li>>OnFC7bR)KC&>6-+)uuTzgoW{J97!f6p3MA;VQi z9~A+b&f%63RINm?GOXpA-*+sCfh`%}k!Q75 zO@-Df23HmTLl?oz!C`s0*o1nsqa!yA`=i%s3(wYn@p>pr{4X0LN>hQN2i znFabWS56up)+0_G806uLdJiwnc+({AWXmHf0be2qyy9AcJEydL!_^j}N-ePBk8TH6 za=naLQml)AiuZ)+g*5BYJW%OyI|YE!fvWJM64Y7URPZoi|j<7j<>XBDRWY{?maE7b8RVi z1eAF_R!ON`AmQ@Kdp&R*B6%QJf&tMDW{S_Kl_TO z&dikw^7l@gCwNjU(66QXnkGHeDzv$BLa*&gv|vHA)@`uPdGbUwU&|AbHYiWT$06RE zmF)5N&a$6SW}!TBLfKw>W$Z)!nh z;Mdv^L!`Y^F6sJ!dnUxF+_IQaan45@CnMj?zSZGJD*o2bCsQI*XK7oH@EfZxr0Yb+ z$;WT1+rl{iMtM|d)k&&?nEE7Em?*VU)uAYgb=Yc;j}cr~r~C4o5t)iUJI_-EkD0AK z>Zvhb>9yw2Z@9_fqjYjAj@0D=7{@t3oRabK^&n6+dbsR3^)%bDSSddTWg2# z{7LEGvb3#>KH_GoZ9;C~m83DT)P80>olA|0=}d6q%NA1Wx?5CQ@%d@YO8Iy)eimyT zHt*!lgqNHgjtiLdeGg~nD%CK562#PYfkK_A03${_2nH1OD5BXJD+wJ{mEN{$ErQ2< zS%V-x?O^;_;v6LCLkOwwU|1Zo6&6{y&pdmnLfKt^PN_-^Vjm==o0xIeL?$Uc7P8v3 zofQFuV}uKuH@$zAlR#t zT7yY@-)=*1Z@Rdwb@`C!R45h#9R~B3U^eIZHed# zlJMDlL9EW+n*1!JWJhdEC8Z&AsBE7cPB_^wM^p=yMV*AidU4=)W`ga@G4@gix}j2y z$VV*vbZkNDi5Ix}j9Y4Q)TmnfQ+bK!WWQt0LJes%@$jS@wq*Zsn`3iylwcb2R90Ba zo$V63ZUA{}cy!d8OUjl|GlJ1PK3F+&o)6CCrcz7kaFgtC3rIyvpt&a;l=s+iIW$0& zIDT;dX4$`hMPB}T`eNmyo89RYbW5wMl}ZzC3muS9``lFaqo_15U(wGj=+!RhPNXxo z7HgS;6{Uk-T3uHkb$eOVfT@o_w0u1L)XnkHK3>x4Le}xt_o)?e3j28M?>}K1SX8nq zn9`yy+A$3DNOiRB)wMFuq2KC_6a{cz&17;8jJ{<*-FYrIcPmZ4sxJpcN zMTMU_#5H4%e~hI5;UFoUbNUB~rA{_cWs>o7XrQxEvtD>HN;qvqK=yN=#Yns$$HVp? z1K`Q0C`lubdPU5V7zOp=GaRP+=S&A@TRMTD{^8h#_glQIz){h-nw6wWFYb^o!*>0E>fU6cl*}ewb$=;>&)QYsnEb< zW^SAVaEh7B)kB-x582G|O5TjvCU1FNj?>y+}nwyjb)Ob% z)Yzgxz#J7)@OCGvb@GP(DF-I8MPEXy6ipEfJEBcub)QEUI@EgS1(}BIK3gRZ#&-Y~S-g-vqF*S7DX7+F- zB9=}IdUg0@6q0~jgNKv1;3)2d14>BK)KzjawO(n(_?$+H6!xxq6YT?D9hIHr!04&u z3ru4kDF+%*md(s5`Z(K_;&}ziF9JB2-^3M*>YCi6=5#4UQS^g$u-I0vbAqzd;|hor z(x5D=U+NH@&b4U~osFCxDdzXiHZg45q$y@dbPh2-s&Sb!hd4mZ(7gbZxss|zac* z__(BoP-g;=>D$xE&Ow`eiEEa*J$iBA>N)X&iVOe+&-cRT0)11B{G?{vO}bjm#iK(Q zq!APd<)7v3UIER9!J$i@NEV|HZr0M!Q|gt?#xKLrpH zmWg%rsUFxuiR@Op<|VB#sI9FN_5S<^XqG8#EVN6Dm2h@FF#raXAxU8xCuw#2ufhEH)zIl@Ty*2 zXtvQlGX)lLioAkZQ-w>^^`KUo)zp1>!8%YyOj7v9sV$*wAD!3hb?!}`5c9!e=dzyT z#JC^tj1SYzI_CC}?NW}}z%|~2%S`5*=OjU0^6Kr}-0^`q@=VQqkI?wIWcsBK1MnhQ`aA2E@W~87*RlUDlKEyaTsp(JBNH`29+L7 z?n(^!M4Dl1n|tozat!Nj5l0SUQgD#CM9p)^HUg_6Ehji;7KnuBDB1cTRE3b}6$kw; zR6f3OZDzWSXgHqpnddm5FoWU!1tyMK@YzdI~1yNNxpz9SuM1#kYnq!&;XZ{SiB*WF9rrhZ!o8%z+{3k5A*@mNrkD& zR1)(j1nge|FK*vD)D>?@4_gza^X*5v3c{8-Vz+D4RD4qBLcj=UlxkKCJz4emhiu#X zJ4pN9%ci`=H;W#k~ z#tLW&yV92zV!|^Ib7OMASy?R=Kr0Z>6Pi?wu@(A7lP%q%|0h9iu%F=vP~VjJWGqOh zQM+^G0GZT;5Z$ialRCmRjcYNY%N^esCwb{4)9aU<%fRA=dC7fQew z$?80WjQi^6?5xylWd^k1AEYWwZq;-p$?#zH3lUSWtbkH;dO9<8?j8a*_ zuZ!xkdh)KCtz|(yn){?vjoxYZR6D2c5ul@}lIt%B&+5qVIv2UH%oZHO#+KDPWn7EK z@v`lwrt7{6)7Op7owJv1Yj$kOJHKvCeno|nCg!JTBzMR7LqjwwskxNS;#kM-C=KZh zUmz@56JO)QVO>z~D(YxU@ar(gy-|uT z%x#26NoN4LHCIikthP6gcT(71X@~1QRpTmkEjeo>2F@{w_L#nbE)U^l_UT6+c412Z z1ry<`z0&6r7Qrk1trn!ecQOu6q$~Et0OgYEYM5RHuM0~mN z{M-Xy?M-|M#mP*Lz970`e&AXd4_9w8m!>LJvkS$+FWpFjm15>(pn`WLl0DOEOO!IZ z(TD}H%PFg(&Lwtx7ME(0S>`|_*Bu^q492St5JTTiX1M0NkoPo6h;o1%Ju?o0rt=cS z2-2JlQ2&@spMz1EgF(Ibt(YRFe&{qpS&>;TDq7M64O^2AHgv`PmHUq#5;BpWQ zzcE1J9)doZos}~_6-s&(^$zyhTW#03zkePu4@1j02&BLc2SV}wdfd_E4xve zUD4V8L^byh_dj{jt~|Kk1jO-N6k%e}vz5X5(@f=b22mJFY%CeEZM>WAAbP1;)2?QU}d$M7^rJ680xauZ9n$9aGaHj|vWUi1So*ZaR4)Q*m`F zah#m?-OtMPG(Pyj)`F5j@uJR*N*z6m`)9^&dYD3~^@eJ~1;Q^q(k`UCggRH~HKPdP z)+IIT&8d}5)8UKL>eh0XvVyEOYqH876w+#LaMTl(bu@!LNX@q!boi&pizpoO6!k0^AU2IUBrskYTI#R zh_TY$`ALp!hl6`Rd9u7q2exyDmb~=cbiH)nc?e+1T_EzZEj$M~aEJARzQHZjB94?< zRWpl5)mJ;v&671UK5sGl4wahE>7lB_UB@PFG(J2i%!TM7cqb;#vuJCCs-i!%Sm!dt zY@hHsQf&-G(=d?tRQ1vvrS~v%214?KStX4#42NBU zsUccV-LTx|HgYXO*ql1Fs~#1CO#xtJU*I&_(e|Unx~_y|{CH>l@f0NkK0-Y$10Yy@ zX-!*TZeyvP_OjGG!ry~Ej={n0>snUL45Y#v%O{x^mXxcYDP}GWA=JLgAf`i0mJ6P$ zhX$spIO_`B)mj1M`&tI>`#Bj1Z%z*2p@$$VW})g*@|!IZWgJ%z#k_gP!TOJw+tDte zC&7%5y^W3I~)L*<-TceHD>`&hfFSKA|Ogztubb2C-J0}sO23xPmo@YCx}QZBwMuC$r9jj>GJtY z=PteT+L~dWQ-g!}<=KM_3n?HwEp1p}DJJWuEk3~iu?D2)mkUxb4rhS42o4JVVH2)~ z=S(Y}h!yD|#F-i{+rCYdZ1u)~EJ-xL37}(Ft2_5%k^!P7Uv_cRg+LhZ6fo!(8QmFa z>_vPtJ2>W)fV@s)W-{SEmVNH038y zHIKlbGTjSbNMYIDC8K?=u_CTRKwnvlYT}mVZM4HC6)F_M;A9qKLW(gPVvUpsaNK2D zT^~JINvvGQvKBJc&~nsl(jW{B)`SHKJ`v3i4BtMX6y*Iem@&qnX3{tY!6epUE=~!E z2V1;Gun$kV4-?I!Hs=ct&hKW1s+Oz< z0#UHH=)n&7$UH==Iv071ntMx~w{$v?u=Oj%kTOe;53#r&9&d_Wcb<0${9=BDN(%B| zv!ifAp3>#YQDw$fwXjl-J(y+0r8V#<$Qzsa_9m#hxR|=zDU~mhBA#zgKDI@{Y2+DL zts4A-m@xyokP|_)rx8*98WDG8G@Yaz+&Yk@a1UMNaynSH*MqK32I<1`m2;IZRl8^I*p^S|&rdt3>&)h2cms}Sl(|`D%SVORpHA_@nzj!h+boP|en}KhtknXL z!!%R4T(J|5&=Tux-k;+zJV(Ps0%wcxq^iIpdb1bn0MD+YX>Fz|ITEYu%?;h{s#IpC~=xJhY-+zoN?2K^Y3n0g|Y33VTWiV+U1=#S$5Nej{b*{U#VrKH5MW zvqQv}$zc{_YxAp`4+cabP4Wed@VR-Mw($X;elr$a4}>?^Z!3g071R07+_@NRnmtl^ zqQz!06i0oXWfB;$W29|ybXxiGnHOVN9o$8~j36RsZEgEn9KJ~Qt|!N!cO$uz&8K_Y zSi;Ru6g)oe9BcLf1CH~0MvByyJ5{k1#m}v0aaq9MRB+v&b=7zzcXoL+#d*oatIQOY znRdgb zC88ty(0>Uh3o1gYD-=-2!9ulH&U?;jhGK^Z{-I7)ts=OG6OPNtTEcHyt?&_lUA+>Y57D?C)x6Pm8!GI~_8 zhpq`phdPJ5I^f3Ve9j||N?@b1%}}vA*GYCZKQY&ty|FLN#ww8xfWn6e1M5b-*4-de z`L~`#HhMHCn@^<5bovE@aRiR(G8`J4EB7G^@CHvNGIDPc*hF8p#xIWWKnmm$O?O}| z8_X`9zifrvA=9T*I01$#_od*1FCYRylk=#D>O^pwQ7x&)-9+fkoX5`9TFhsRw9lfG zVucc-t{apWwV|(iXLq!1!GywU<`Ky^r3}c%&c_$-R-&C?wx4PU8PXT_*A8T;)6vro zKxkRw!+a2^Vsa!Mye4V!97V02=DP5gkAjquoUYE7>*?B z8mtma+FWzs1TxE&4oQH|JGL*)rf*YQC75~2P9Gnm?gy*xvU7Jie+{Dv+i04nCyMi) zDb0acW?`!e{fG`6`+2y4ZiB;uZHhkpUcw46PD>7SuB|R0 z*Im<|-^c=;SZ9S#2~Z&FAxO@!__B2xY7#Q+(|e@_c-7kr*BZwdX)oK_`+g0`t+%wz zP1@?6zI7q`6cY4M?Sh&)XG0)20kTJ%2P12aBcA5URuP`4b-~W~N$uP5*8IK+;=0ph zo^lzb#qwlYIa5H_8a>?8dBdk-u875OtLMK+hT|$jsK}a_ms_iMD*BdFtF)?koMAzF z1sedWkTKcB(9p13!jC#(fD}f+P9K0c>_!3YY=oSM-i1PKe{Wd-JveV+y z6425yPVE-yhK9nepeU9<%Rc zB8Kl~adq zvz-^j1p0LMbMyn>Srdv&_p*NHdG&@dhMiXqc+pe~g~i0=CBihGg+kc(9ds;SM$>p= z3$~H9n ztBm=OpSxP*jVbD6e4ns)?24MZyAX*r*aW0o15U*vDSMEZ2TZ1(S|SlzaNXhL39dKL zcO>*3o;Tqq;LBkO_+tVdG!{va7?#FtL>)Nt9V5k5a(&P84mI`R7@8RGz$|UOP>WF5 z$J_2dmv$ffy7oCag^Sn8)UBSuE~8SdL&7V8NRp78VW7~q#V4>9Q7&A$vdh#;MYo3a zWOI8O*C0WaT;ZNQy6UNea>1_{>l6?Wv+Y*RQ|ik^B?TjisAf_tW%Qv?jlBKx!oQ>+f@|Q^_mLrj3RN{dEE0@se`vXB z-65HAR2KscAhb1)2(xa6!(^XCN=(+B#JD(kS2l_?C6H}7vAWL%t4$jX z*{NX)V`9=$h_TOycJS5M#&LNYl;7W_v*(lKv>Ele%Yx5rr=+gh5QS(njL^)p6(?L z1;rg}Sz{TGW!xKS;F_6^0_`I2PsI=VNNq&l39rKZ$^r*dFF#fg5yWc?wr1+e;V4Br*=SP}?M6~)N zB+>^=a59C(EslAavQnKX>mbuy4Ki=m9n9#^6ANmR1}vOI#^P=*@X@ZoG@2g*KWK!b z4%e5Z;V&wYIS9_10S^OG^rymaebg~3Kwo1!K~_JjoBW4>9=sG1$1F@T^cf7{T~Dh& z-g!ds+M}ntijc=Ixgo~$L2@mbzBCQN1$7&fXWzBc$+}6 zcHmg^g0W|i&&hHKgP-EW!a}0r8esbRh!tL%=qXHen%=I53-KY+t>8Yj)*lH(0AZjP z`V;JyBct*2eQqq3a7)xDbAVFVcN$7fKt||g$fS%%!_Sxe4g@e3bGU%#h0$0C6N`(-G4pj=lKYx&AIFhOsRM5L=Y)tfQy{WK$H|Jzc0jZxRj}!fFbT zI>*>iCJx2mPOIinG8hFYPYFn4$jz!%sfX)C-rrzQsXlSMCBJ2f3&3;slPa!|R3DDB zI;DU_g_pXM)!ZP=GwXAEfB)I>!L*r=OFM#|R5E6*X%)9^9XrM9w`FSyMcch|FA zSJ7ZL#dt7}AzJ`UW5`CbG7h8sF8>X+097>=ffhd>csdm-s7En)Xsw8Y60Df=!S;n$ zg^N{%X|zh$i}a{Hz0wn4gnPmkFz*1BqnH#Kbhv#+Z}El9kImMhy3(Q-*|59EMP})2 zP!A^uX*HNkWF!`R$D)bl$oW#b+4{4kVmfMVVMM{jRYZO9$q~lDML;xfE8&^I2uV0g z#~RtaBKVpZn=DxuwR5Xpj@wQ@4W;CD54x1pQ|A?PEwik_iJ1U_q1iBPaSQ7^K>+gV%P;9Llv>uVugZi zXx~|vIeox2@-zwNQDDyD@MnG2ttK&p(=v#|*+37HD^$T%x#5&JONZp0iK) z(Sk7+KB1k2yWm(YBrw=QZQ1$!+kjuui398G>xW6|ob~hskEQM3A;&{=HSFh^Bm|`Y z>OR&+-J^~SeIi?Z2=3)!{K) zfqR4Q!1R82Hl0u^#?6WaVxJyPbk~E{;3uNK0hQeO=7za3x2s8{vTil+n;+Fq{0+G= zdfTk~&6UBB-xWui(x#DU%vLV3fzwd?J(BZtK1=$3CFNWzC2G7PM&zu$^m+MBE^ju7 zaep+K5HJ)47UJ!M3j!jn-TkDYZ8#~-89oKGw-s7%&P{YC-~3u9WCikV zg=Owml!itnMsowC=oHc)(3n+Jj`CvgWBKD{D_EDMHjTk_n>+D{@&RdJ=BVD)tc5;b zv>{x&>hi7cp?+@B$4gf&qt*lW(a9#%7!P?qxIXYwL6tR9gC#Ig*@b*oYWqowoI2B? zOQK`6QuOAPz!o@YxbB2cb~#UDvbG;<>9=sc%rSzd_p2nez9{TV*M7OI%!c=4??n$9 z8lwfO4T%XNL%utGW~&uVVmPbXSEYa6AWaUnv55t)_P%~JK02PpMHhp6JFc6_dx?=) zaNcO!F@Zw~me&+g;C{q$>}Jb!bNz1ZzZry+A!<3{$b!SGE|%1d7tp;VD;h__KCuu; z&Ytw0!=jGF!r7F;r;AtTL?6m}(-I7k&|dHGTKZ0NRQukc)TaIpRTJFPsIo-t&O}!0XAJ*sf%V~0Djh5+DZi?#Nvo~&rCfCp+&`8 zHcPiNX@Kn&@gdT?i{OxmI?uM5d&zh4oVrohyaC`Dr(9cAa&_>IT#T!`AxY8&0nCzv zD>|zrC}S1f*=Cz7hc0-GGZ(cF-SA|V{?7_Q08HvdbeGAlCR80cr+1Is7t8VZ_)tuh zFH6n7r!iBB4&@o5VZ9vrPup|a{jZ6qdf%fD7UOL#B)8o0!o4C2cw(|bG_Y`ZAVY_$ zI;c{UDXW$=bEw@tWuFFG*_g(E;6J~3QnU(>ZXTj}fQHrucHkeD_pq2%;} z)|`E}r#rW#^vx8E$VdX*<*xcpn8Lab`@gp?d6MuYw8q!$1FekxlTr5CE^Fn3;2LJH zzpBz~&hAy!(hT>eIS&IC?you*8;lpC^0ZBA#g@4#_#NElW)1hXh3qsRoNt z?@e_A6oSKjcf?KgCEb%TFsctWRKCN#uITDpwz_|^s_7|$)*Vd}>X2BIjg{4v)%9NK zlo+#+Uem}|R#swu%rRb|*0?75!OD$W57*O+mr5^RoE$QN`!+W{uJlImB|WT|OLn<>I8=>$tUz8+3MQjjfY z&UO2kYn_6hAb@+hvsrpzqpCyA+p@)nx@qi|uw!g+P4CtVBKC1)rU_z zD1%V8EDa_MXMJFq3F={&Rr7@{E`2|Qe<%uI3nP=3%r4wH?V1&~dgDv?*IrLdxZ-R1 zIt@->UeKY%`<%~DTJoVBw!8s<3-T?V&X{)rq(tbr@-f)ZH84I#$fiL9M{Qq2LZ>S<;`ThQS5B`3nx zOa(EN5P!nrMV?{_J2O;zm`ff%;?XR;{YB|!slBCd-A5ZST3f&0tlQ;LO)L>pqpPTl z3%q%_zw1x;wObREr5s9XEQdYaPn^3*q%jCp?npAqN#*I?OUKK)qcYWgXZ(rI%-i3! zT|&j~!)4nW?)uGLv|y91<^ih!a8JH+zP-DT2I}s5`|tq1d_u+pS=x+pC;%&Nc!niG zr_BQ-Bt$ECz?DpcTms}a6~(uZ+;t?oBoqvA?7A5kR!jr4U>Iy0+&Hb-jFq*n=Oe0D zmS|iZVZ;M4)nAJ6d8*@|${LS(LOQu4g0Y6HkJin& zc$ks{^v~*9PEm zF9Zu5nKRpQK0sVwCe!A9mg?g%EcEf-M3WF9qw-`d2eX~ud zd7MgNEUuCOIqf-Vid~MEvC5sIV)6{OXgV9!(uRn9=d0O3ALfOHN7{|Ca76(1hY#u- znkpum5t`4Ub^H(os=Oh_JLA1g;SG6Y^8gW43|7Kef1 zCK1rIX;U+H_{Xm48*d@59pR#?TSKN=87I%4(KKUu#)fM)(aHi}DPwA9IBRNModvR$ zeXz0N!Y;#OL_`yVufK&daeYu(96tw95AxB3o$IK8bNs1$=Nqj@Pw-lSyL)bGd-I@U zHNg?=niuV@`=0-ODn2M{`k>}N$0a|c-$CZKP;b+HWR9G3u>IKINh-DMN-SXXs=uZyfr3uRafkIBxo&z z&<%(&DzGMcJ{g1ElIxNDmOruJcX=oPB+Bup`v-7QI5i9wwM9yo;be^kKnpK9w>WK20hw5%R?sxSpS+ZTD9nJ_m)lVreeBn2e| z@1&bCyO}l)x1V6d20=c*++L4h^UVW~jTtIkV2Fth#f+30t55MDOD$|adHM+Dv%TG& z_*>n0d@-)5!X<0B-tQrkMUW@J>;oAXMxu4bt~=YD3LaV|zfb^!|NbG|r-858hts(? z&Krr*lV5`Ic(~IiW=>9T-E)Zd*6-iU1iwIeZ!oeLK^`YN1SK)b>;?dVna=m%ye-=o z;B2=Q)jWJXC%QCm!I)yCy|#^=M?Vf(qn&i?X#he3SMZ}U?4{-Mox~K&0&hNP5=_xp z>-be{%=6gj_O`Gh96fDxW<#n!GrkGkRO@=ZMjBmw0<$qNcbx*(!P%{E3zPzy<|XbF zG)-DUM=>+?;Z|*rB>Hk1eq-Y{+G!MpjADOpe^;j!l7=p{nYE4yxPBxkugBSegbXp# z{LF#l0xi9wuqG2$LmS%goWK8scBY}#1X!c(P~96ohVbUt2j&pbH4stE&$p-g1oC9kgXWIFNdHk$V=(ozMtaZ%UNPP1b>s<9BSUAPGwW#aN<@{?~m-farc z2r~=)K*O0d&P=T!#d&?R5o#k%7>Yj1 zu#Fw;d+Hr3ts#&`Q($c!RG`A~@h99bCU!>6`=-flC%xBD*MY(;YvktT?XPBKSKoDw zWrna1H@=i{)lgeQjZ_2cc13D%g}~}llg`yfOkO&Y(P%+6_==vdJYv!%WrWAXx`L|$ z@$tSU4}o}Dac2pZ!GIA~@cUU-t~4}DyIdugODfbqI{OX~Fq zsC{7amZQ>jBuhKku_5cRVb`0<_eR@Tm6;bCyudnU6B|K2zjPHNU6D_e~Ttag=+ z>>f7^j4O7DG--A~0E*PVal=kV7L^EfzAT8%ImTkoYg^?|DhYHF0H|~d z&GnuA&1a1@le->xx^cY&c)$Z*0@kb8lmsm7VgLe(i}Bst1MNfmpFD*;aqaibl-%Yf)G}bi! z?D9aBKwx4N)Yi>FEq$+=n6nRS_?kI~{SL z6dQe8F~ruOL8Z0OMRjJXvLJQ3?krxu&b8`t(r9&SN!pf96~zTs)HThnO(U9Lm^QgY z&|l-fH6#UNN<0BBJV%I4SsjI=B|J^4LW|;SVpp$ef&5zL$>Yah9uufJS76z8#~^$u z3DrP~b{zFsS15{bZw0F$5n6t_!aNfBC5K6tA8Cz)WB}25WO|?_@ZK1rQESE5)zHr8 z;h}=ZO9MIAtN*p;{R%gDCd1U~i$RB_(H?c(3OMoMs1xTRJ{$^JbR2tj1;!(x0Re$S zRR&nVJiMNzBcj6wbWPcJ;X=EWePJLL+8I)z7*AMFM&jc#-Xd>dax^`z5X4%D_mg(G z_LoDgF3Vw}1@12nfGfNW#vsMC@#?8%9>%Tn3)_dANR+7a3Y*<&lJON7D{Vt`dQjz! zIY1?FvFVUZ58Dc}nYOr*EE2LNPkcB73&Ek&d_Fc;I-z#qX&6Cj(psZJgHB(AXp7$a zCKmXO+oxQ-3*xY85@Hr?5BO8|dH}1lsp~s+$w4&3t#|&f4qp;a=&TN9oLGq6<=BXCOBI#yAX`j<_N+ST;c8#pjsxf$fZE+`I{7n}{-RTBNR8o`8XO+FMGTFxYJKHF+ z6-`d`fuh#CYf;gYUe(slA)PH{XFwADOZxhgmpkvgms-+X%7H5D9ZXLF8Zic}py#e$ z&9rz-K#G_-w9MW5v-U&e!KJd8oGdnR5;iOV$+f9M?WS!QNLCi4&qjZ5?R8l5BrGJ~ ziI5!T%1^QNUax(0%ZKYRe{cIao=aP}T~j!8U`t z&M`!FARiiD+{k%kt!EP>@PQVFJ7YXJ$Po5qYF8z=PppkaTT-s&Z1yY#B;vI*HTEL# za}M?iQe-0P5Jy=KudZ~hL~rIS79zpfaDRhEA^-5?oySo)xw#|6;&5b=>YSY_M8?5s z(-ShOs6ed%ET4vKzVgvvU%OTx5$4!&^3sq$Yqf(wXYpnIPW45^o%t~+0T7BS39Op$ zE9SaFcP1@)e}p0>fN`9ictGMM9YGl*Vi88rlSrFA`D85Bw+lXly+}=Us@ufUJx0PD zE&xBgO9zroD@C|MHHhkvyB=cVC8F9yqTTXM35KwQ@SSK^cXR;kutgp+2SV-JCn#g^ ztAIE5Zvio`bnAc3kT_d#cOq|S6b$w^+MMP_J$+%@UPVt!3O?xfBIT<(^S+N_I$V86 z?HQF-rNdDSbNUBT;@9(I2}V1Oo`nKs%X8XUwosAO#UgG0k@z%-RGIPkWM!l2NUZC~ z4s3f#2QyHaS^nF5-b!6K-l+ z{@|r;45@bOipi(G@9Q39hnygo)-QB(DCuWZ=#}a%7zFb-a&?xg1_M*D?NakrW49ec z;u44E5e`7jW6)@S3$w+0h(@lVknzL}A&_H-J!3>vz*^OA2eAl2=xE+HhZe?m8pdwC z(Www+4d<%P4(s_c49;0@GOn8H;HtJCzm~nBTuFY@D_X%Xk74w4JUu ztU)8vYM4M3ZV)9kd>r$XNhAS6s26RDLeB}KkdGPINl+B#2L}iRrdt{Q6cwhNet^^( z@keS5R#qNUrqs0>tEMirH^1w~UF!v;TrB2PDpxz$w=ORfol&#Hi*zJDq_E2{3n_yi zA8Rb1x4mjd0@@>;;x$##c#{~XFLtNR!;RJU-s8vUZ5o+y?2IoeT>IKQm^_h9!+0Ga zhbXYJZpg==+|=NHICrcnt4Q2ld+z|zEU8)*odobJ$3~?@WE*ED zh~4zqZBJuPV{0=6%1Jk~or7x+s~nuIFcHwC2J^neQ9~u+? zT{GW~!~Kund({(C3Oow-)K2+pX*}01*aP*50ke!zIHg&2&6iCHO%=zxdtY7N`r222 zVDksQ_SNO-*V-?C+4^Ywn_YVP?pdqrEcIMdL>xf-y$$=ky!Clz_1c9<8QO&PBpJ=))T5o7idC-%!`hTZe{-Lo4j*Ke;qSi7mIVtN{zj@+AW zAN0-ZQ4>NHR>aG6zj((qmXtO6(Wc2NHF%3Q6RE=q5H0Cz-~04iep!Z1l5n~^WKx@U zv;BeQYp;I!=?+x+)n2ni@76-qSmV#L|1NKx=l|_B6sNW(-wK}i z<*dbQPEVQ14?20N{E&{9%m3);rSdnv?Z)rf6aXKo$IDaA%6r|xmdqC(r2@*JykBM_ zv@5=sr{hQYWqJC`fPY&8>U+wje|q`7YseN*v3Jkrl+;X4y`qLYi8jyIp3Z)-2_5=i zGdK7_Q#ACU8XmoTwSK+AYkMsXOI{iD-bvconRIfQW&f=9Xs=9A6O%n=i_&L+c>9xq zFA5)N$$55DH!Q$CUudfTsq|#%Yrii86;%C!JnS&&<>^_+M$PgT&rC~NDFFfdk^PDG zCry+ljg-+6QoZf&gHdEM~YwW@F$-af!|_}u5qvAAV=PtbXK)y9xT;v#aatXWI+!!Bh0|KZes=RA3pqCWT*XzLP`q;y~%hI>BDxDv<$A z_1dgTvwMFZNjj&EE^!e4+4dM&F{hzZ@wy8Hga+bgd(`DO+Z^JOT-sHoI?>$f&;eYi&6Y;`2Ldj6iZ2lx0o zN`Kk7WL{o@w`%zzh43%J2LE#Uh<{P{Hp|!Bv9$Z@k`IwXeYLrk(%z$)e67>93lstuUML?49vcw_DYLtkLg`tt`qPEZH%i^RFH}uG z_~71HsZ9Q$BKeC-JYdWbthTwfo$_1kTKc5-V3dLKYj9~C6_EAVnTz-a6AjLY>(iT1 zOES)+aec}CF|eN&?^_ncwyVsI+4dMv)_n8NJG1mlf9{#3J$}E1-+#&Puk!oSH=kMh zc7DH_->>?`XO@00zYqBRsek6o(%;!mGntv`)kZ9@3{$}z?RqzV^>gYW<9&JNsuljKX7R1+M%7^D2~(Nkr5cn>NLf>V(bivMgpISF)qbW^$B9jwF`AM8gO?^MLaQ)=~a_t z()iSn{SS7l;rZh7bZvK{Tbtz`v^-shj3VKq65(n}W?^UI`7SL_S9VakljRovcUufW z{?XzR+>Fh=eVm~o^YZla@^lsT5IVh`@+8fNTR5pg^kR8>g|-h5QIDj*-7L$~H+WbgmKSEbjmyJSiS7p|Y4>^ysJiV?0*R@L1r){qd%bxld z`B$xXF)B~(mAjmqVQovfYBEx>7|T#QYn@pbZ0E{QJ43}%JA?gt{|^0nU)ToQS?XBF z)QlO@doe12X0Sb5mnL(iS63?gPFYpqhMBTfG{z9SBN~3ADm+_uRYM5S&BO0@z3j?? z@@hNE_nUsRYI>mGYic_-b#6P2x$gE*S+yHw`|Xwv56<-mD*M5hdv~{i?0(@2jSRGV zM}5AdK$9}D_B&k9^id>5Ff(4pxp6cjmyQ$fv0D(Y9NNl4RY9l5dPIz47K7&815h-@MqQcYKT z>ljkZW9chOei~}teEXfNezYr2N6ss7d35pZOIMn!S1xP#&4vPPX`s|C$y%m+XO-ty zaOvXZH=3)L7@b0u%^k|6(Z#D*-fAwtbLGv(=b@u;!p-Q>_7PXX#7F#Go8C4 zK*Z%Y-_k-~=FY3$&2EDo{1`dnTW;K2ReY%S>Cx^^d;j6}+qYKRv!e?aKDx4c;lhoL z8|`<0uyN;hd+Gc|khc82E?ii{k0bXH zJHK@#qs}#bM#pe1*@aL$O6&Sw(ujqEBfX-#YTETU%fvY@1ec~=tzALdNJZG3$w}H^ zX5<-bRR%2XztE8g>AOEGrND*F>GZSGf?WHS(TG1<2mbK?(FhsKvTFbr(g?0eG71HQ zVzcU9I@Mb7aDY=>O1I=~Df`rgU#?mvhi7qULPkJC0Z8#`Mg+-mvL(niB%{L2RQPAp zRiK6*8fhm7I@8_^*=Op0<2}r{fHUuJcw5r2kbiESa|?A^y!IWR08&XU_3l|9=qxVo zkS#FIyJsJ6+#J1q_B&{BYk%`t2dFT?n+krWqte0;c19oQ=j`I2O;&4{bIGJUL&NE3 z?9b7hhDn}n)DwqVLH>F#F)TtXDA}m;sjcu^s5P#L_B?rFgL^ZGP;|nWZ1* z_icC2ENxW3|B&am?s>YteVyN*=lAPLd&KXX`2CIVLZ8F0eQ;*!ZuR>eJYQP(bbb2) ze*ZJSUrpMV`F)1pk8Ye<`j7biQxDOzRKMTM^YsrsUEjWs-+#gH7n7#+zryohg_y2|8zsK*F@&g2$i|6fsdbIy8U4FZha_ODRo%hR^-{`)-(XHX~8{P7kulCAc z?UlcJwOb$WsSnm4XzKaYhy0%UP~N={)w}hfyn7$2ck4s-Zhh#yTOUYK`?(L*yY-=d zS06g>^r3!NA3E>!q4Q23dhhfhx1ajZd8ZHE_cx%yslWF3jc$3?qWc}{-pPLzUe(?C zZsQQ*+O#$~xy4%>ky=Xv<{2U!Ju3;TX8Fn$wC1bD=PfV||E(t{FL`j4)F7fI1>~R* zsXHa5oG>kE$Os?0hZ1RS>ugIJK3?Cqe>jx8y|cYnf3endEW2cG&C#k<+vd=Vx9-=u zR@`^G&d8k5bUi68su8)V*12fF;*r&rk*`;-o};rVTT|HiNM-=E<5+j;&fKc(yW_17QXU0Gkh z_5R(p8?V3KG}nI(_$vK==vSXvir-%#?T_;NlfTw~zm@0D@ceuDDP7M{oDoYym)i^a zi?>-g4B*ZaTtuY%k7 z{cN7)dYL@)8dKp==O6zKXO?dM>)^iM)cyU|fwahTtN*={fqWg9zjsr}4 zdU?W$aiA17#NXk5!ii#eI?|!Nk$F&UX?Wyk*`(T)x&CvloU3rKxxrCLrRlHU?L6j@ zQv6A2TJBV;`O<_({!#kf{pRf5ea}IXGU7&uaVOZB7 z$l+zJ$PM(GO4MIfEYseBb;qBS_Q1}7DVIMfjo(?-bCyo&-62#BE~`T^_KI2aH#z^r*7?ljXJ$oJw;aM5`Btu2srkz5A(K zrTCN5@S#`0Mw{gyMH_U!++(!KlJ<0 zEd8}V#J>DJo~~!j1hb==_p`n{bG*TPIC)G*h2@hc{ayXuo{LN+|7&)nhJ5F63gJAR zMION1oRZ^!v7a(Pr63q~1J})bUcMwLbQRyJo`1)FbWBi;6}R)LI+omA{}bSb^!vGg z4BJ=w{r(?@$NF#JRsOX9e(isIX6fROVC(vmp04K?|6Te0@8pZ$|3UiFe-BRkAN+TL z=MVY)V&0XmXL{)WF9>CJ&yl6c8JD*@uN5Y$3pREL1_V+a7d!8X**SIgQ#ZfqZtzIf z8PhlZ$1_VqzokEWX6gUp+kf_d`|mgZPuK8oLPGJZ=YFu=kNLN3qKA|{CE9X z>3aT=pZ}S`-*5Y;KeO~hzu+@VzxSK{_xpa)XO@2FFZ5@n>p8(<&36bLwqOR%dlOz} z|49(Z2Y_Qdx5U+wX-&SKiM#Mn73DpA%t=YyL8SEA62lvxHx^}<>k;EJ!{{h6xEZ{j zD?TH+Kc|mg=?#z%fr=&h%p^oL{vn0n;Dm$%{dgKDYEpy_f3IewMV+A7e`Sa((%iKV zZ{4Vpm`(3hnHvUVp|1Mrkl}FPjuDjk&`4Fdv5Q{33+X9;#%fwqbRNw$Y%)deP{pFpgPMC!TQA0&Q7zvxqF~kds3m7L3x5tXwq7(eWL4*@l0|uDD7&=uPBxtmv*aJ zweS+UkE!AA7_hIA7@Km-`}VIWk6(R2#+jPRZb2yq|W<|`m*J! zsHzfnvdvs-RN0_d4b^wv*VABK?^9J4!`U>2rONeETx*VQuqtFq=h8AAm!36kQPt5) ziC1SaMy6fTaIKWKsx(BKt}tT9v)h2EP6p|Y(h8S$E%xu|XrJv305l%V#vb3_eu9DF zXpNe6!DDlCJS{IdbqhPd;kF$kps^+-h}26zPDHFyTz(tYhvQX^U0DP=(CN&>>11>; zCXglC?@wNg#)k)dMnE9g9yCfj*CTmN*`L#ABm9(!@a0L9tx-PVYpALkKUivH@%kDf zY*MEjRGUX&2MeD$0y9bf+R*Q2ck8PBSaTTGs#0}N<_%#J1=+j=Q15Lu`_qHRy#_}@ zi*Geon~S*J+R5nA);6I(kL-gAXm=sCHCVj%w-`rg@R(SEU{i*&x4&2QAumt0Fx>pu zY;GMidq)S%g$49zrW~L1sBMifHrvoWw;PUQCo9b~B9_G|VokaZEjPYcOoJk?rTFh$ zoqKfYE2AS1mz7Au=sAY`#{W5FUNz4`b40ZwhX*|VV#H6ZU|rx=y&hq+dd`nvg8F$t z!G_(VpCTDFGIoky0686a2c&l%5x|1Ja%qUsCMOD{H`D3U=E$sGhUo=zs>jf)UWk^X z^~~?%6w)szz#!Nev$8wfe1p(OkhpMEYCzOFk#@NO@XgbxxzbF`nW%ZAK_F64w<$Zg zat&(UY^u#C;G@;2hQa_kQFvOF#A}{r3m{6uj@B z{>+lDVJZ_2OcQO(VOq~@dvKOOJz>Vyo)vAj75MpUh5jb?y-LuE=Zt_j^=*}e8c(&b zEUH$>8zN|bMi!1Eg=gnXW7XAlztzFK!K-BV4zCipHwd-;`mJ@3)>tzY7CLw~ncnY@ z#2a8zHqs9EDdZX0F{xU6AC3neN4!y3%Z2w8b-0_Dq0(09Pym*&nhj9hklZkADc1C(C$LNJ6LnFGUysgR3PxPmd33Z>Fp`zt;^aN<2_O!| z$(|{ihRC4hZs0`C_l6kL_?o(97+^%qp<{z(c*M~b-uK{`F`SgPfyeP4B>=a;u`^AM zAv-~oJi&nMqJ~mnAk%%T&GhM*d6+g=^bfzQZ#H9|q-w{^ z07L(#nXk*Joplj17Wcv5wznH$Sapksv6=d8Y&pP_6B6Og?>(rYFc-?XXv7;z=VuOym!Oab;8%6seo!E#w&y;SXU@IvfYyu zuU!k<-nRFu!jQ_urs^_Ac(G=c>laI(ouRdk9VXE|2JA4bfIKGuHPgM_KqsODVrrOt zg*sKgvvx1(4NQ?GEw0Q7U1s`FDA`fn01y@l&(7?d5a&%CKcF zefrB3lfV9&I=?)v9E|I_$Ugh!MhcHd<$PZOdFr|Xwp43faadTMy6T_(x*(4k23~y? z-2ki;!!U*q9>xPho!}J1*q7 zJy@jL$=0jy4*e%>o+6|O_+61vZ4OT$qFUEB*iFz$)>nJG0@$J~$piR{vBeGGo=1qP zqf78)-7`9n>`273uowIRl$27|Zu-M@DFFO2Bzh%zN}yE06r|>9Z0i{WhH>2Nv- z(?6scylu$ClX^JH6I}&VL6j%=L6B4yDZ{R|zUGDN^gFQYDVayRMcDHcZ-7DDYRc_+1Q`SP}`-w-B7@AWn5j;eMF`DJztMkCpry6 z2&of+*!r~|EPK+FOudP=G(lofm_!Z!$(5_NL-@dyh1OBJ#mHKAc4zKzJcGUaj>r`- z==HSuGU7lCW`>}Jw*5!|S7kTb#ElGHy-&f%<$8^YGX-1eiK=Bg7V_OOWV=-#n!|6S@V~ zkB%R8Q&hVhJ_6)q$mU1a3q!n3G*3CAp*7-h%0Fk`cjghLw9D1)stfYbNYv5E zlTM}uW{x~T24^R|%2ALL%j5meZTAaSW7HlMM>GQqzPtJ4J(fyfa4GabgXoN}ZIyf@ zv;tm5N=%o&q=xHHbNiyoVlWf{f*7M$7s)cNh2}bC$$0_~1)7rlRZ|GBDROz~s6SGp zY(a6o_9J7r_y8U(eV>aDZGC$64^DnBPu#;qAJ`^R#dIjI5@rEjsW;N1*gh?#JIU-T zkt!y?F5x#omLj)g)N8*>+MALHf2GtLQsa24cW&$oopjS`$2wcLp{dP)s1LE|r8{Yh zl!R1f7Op#$neGTSWmASf!y|@XEV)yqz@bjnqf*VCGYwFHwfNE_^{r(L#23MN7oS zK9g7tTX_cOqx!&P#JVVTa1y)=b0bx5v zS5Ce6^R2k+RGC~l>Pf}LMP&!7uVyK7AY4n)Uw2|)HsI~4aqe80I=3?!z_caWVY37d zGrhDNaEsFY`lu~MiVpK+v5D|%&7{}m5??c1Y-7+Bm)yPI-h*+OMw{4s8?g4V1H|Crh7_g@7%iH z-Xf+!6wFyI6;i|LjgUj_+XevPneA2Dnoe0Ipyo+{F#D-9+h1J!QoH)W$}QqY`PNgy z-G_IsuRS2e=oTsU#~~?EuvvwA17yMoNQ^(Indxq`i&_q`%X zR({TU+PAq2n%ZV}xY1tVT3-*pJ|M5@^iQLq(rmzNC+-{V4?CC z*uPKkvwTn#FB|#s&b|By+gV*cmjz3bAB0y+jDa*sV|>8BrAq8ybr+wqGPG@Vr(Gn+ zopkXo&ewR2qVdD=kwno@#4iJC8>|x7ac=3d|DO3l_cr3X@{MqusS}@9R~gso9X>iF zPP(_>-pyh<$fn;llqu=9+o%i~CR}+UDTK|cD&uWuId!|TyTaZr{|$fzfHA;rD|6jJ z!x^5nN0b>~SWtZlx-@%^zKgCTjn|7Bfu?4(nzahWdH<5yo~+$2=y>u+ikvRHFxfK+nradaKrPozIZtW# z`0>Y1fg*e{Ti8XubN?xxK2P!Y^gzolQ4SkM-c=h!*l}M$QTl9f>ge~$QVc{nzw7>q zmf?QYGE7a2z8gZDD-+QQTG>eqq^d*)Oa+k=U=(5wMzJu`!QU;)=Qg~>d6JQAVLiqC zM^KMsJ<6T0%tI-SxA6gn`5&J3z=3-gv4wXx1IY%Ftb#|)LKZ*Crpgcwk{;}bDP zhD-7a=N0QND&0=+2EUgc5y9x*y^Z@A9V^3}EnQ0QfJ#a$#p|)d$zqxss3|5VGIXl! zf9%%XH)M&jb%w|Ihx43Jj|gF>qJermPgN0CV$LS*b01OPW4coneVU)IRHxuc;TB+S z0G&z(zLuf}M>Dp+UipFVr3Qv;E{44_kyvMhN$KUXlsbzHE?vywDV>$}q!~DK>*xU3 z#D`8Lkyu){xeyE#%PYH4X-n`$_IP{!_zB)yUqN@*^7`6&0M|@s+LM#R zZta~9omRRWhAEh%XvUp}Q3f-j;Nhe2$lzyJWX&&bZWl(43>#WKu5K~#Z_iZ%emZl@ zzMlcYlxtBLP3B(np*)8nl?Un22t7kbv-ga@=~@+@-oAMG{H3q7en&6wqBs13iz6t? z<}q$SyanUJ;{#l*6{y7X$d_49;!~RDU;d$2mVOt%Kg;j$^ZV@Ye`V<&KM@P-i1`uQ znHlC#OKAVwYL>V3)cuFA2!S&D#R|!FrAn+8*4D%f9LZtBv_4_(sLOi=y=WE5EYgQ! z_p%8aVW$?Y9VEgoh0ncA!4#7|*gD(G1J4Gq=BqSl&~^H!%3B3)Y|mW;GG_ZQQ~!$j zO}FPRDf=n%M6otv&a~soOA(R0Mr&&t3I`Gixw2{#(VF z6%*jOH&0tG2Z3zQy`?fUE%jg}tieM7+x<4v#o1-0wG+y8m-XcQy=6VI{_c{VTz_v# zPpp4&{fP$;mdpxz7&Hkye zx}Lt>zu%vPZh#{veEME`n~_n49pRfj{#*W7Xfq}I9|yXfvdI6Ti?cc(;P)TB;07C^ znwffM;J!@D$$1C&NVnfJ_0Q~)6Y|gOkrVRI?2!}l&+L&C^3UBPCzPAJM@}f$-y^et zQGt}!cSDCwAV_gnb=d4AveH(ptK%I|mZ``JJC%F+XV|0cixmEX7gtyh*F^ZT9r{u;j@``fQ9 zz591wS^7G^KgREy{_ZPF-^K3-`TaS5fAhy*Sz7t~uW4x09o_8xZ>gB9zScV<5uzB~H#0%zBs@ZJDwS0-Cxt>OxL^2hxyGSlW7OrN zRBW0AHG>Lqc`D^$dM~+98M{J@iHnROH0ffJRMx~SCK%6K+2TlkEk2ou>RGc%4sOH5 zR6AeeXRCD5=7OKJ5$Bd{cahPnEnUd!WosXO_Iar}X|nVjHR8-@g!ZT;So{Xxd*aYM z{BDlQ=xK+~Xco5=R)|C5vV!rqQ>zr?(w*!dADCRbrOV&9!*{l&^4@*o8{GRg=>?xW z=jYFtw_daR@o2zBtF7$F>2AUjw?4+>lVBg6JIYn(G0R7Dc4hcj6Mm3fib+(teqGs3 zIV!CZhWfmhPJP#7v)*nN2Yb7WQuBibIbZZDFv^!I*cl`5(3lg87LTuZLB}NwGey+L zv3pl9$TKr1kr$vXJ;?LIsV`1KU>RoCbS>fRoJM(|xs-o~sYOL&!dY*tg)T-#T(}|M z03CuPwSr{LO`aHme5rObK%8sXbu`$!G`~+LlvWS53Y`HCt*eHEiWetwJ?&YTFoC?y z$N-$hoUolr=R0#66Js?jPxB^HtRHR3*hd*yb7?&29X71>K6nTS>_gfD-MNW=X+xHd zJz2CdE7dkzw)MkC7Q_pfRwV7FJ=V>Xo8#%kf_pWs&f)kwbJK5P?|g)wHJ086n!!W zZMk8mL&6;%Z}5BJbZBOveAu&{wHVH`vW04l`za<;&iTn`Z$IX6px#oZJ{fKW2K!Ov z_oLpWg%k42e?YkP5%7;aRNKHIs)BJ=zf6R~R=BNqrjYR)H!0c4Vj!tz76}h;*4mud z(_$FxWDoXJNQ$bljPlzt{@aE^KDuQiIguhtKGwj7D{_f(4F_T^~ z-1^2;EQ0mIS@fWOYkAoU%U$7AyF?4Rx4()qu@C;wQ=^5pBvOXc+%?KVS+)|s+j37bz> zBm)dpu;^pIq5)6Z+>r&}`qlJ3b#oo_KJ+UP2uQFjQ^kuZLiY9z+<|rpkAi$2O@?GX zV$tS)nQbRxUq!7mRZ-UodHR(aj-Psrt@+hb@8UfDYGL$nSDs(t!tb+{1rchl*{y`S zZ-Og8biH8}1V6U#vjZI^fnIym&wKWw+U*p4&b|dUI=)LmzO# zxF?U1*oD_hR?@>ixtn@3#o`=G#;!iuDcm}KjG~Xg#^4oNY8BTw3igb^mqgmy;$kV? zEv4T@1uWVhUAoBsFE(4p2RoBbn#ackb$iN8J)wYKZ#}lF!c`&HyHa8&=G)|MJ zwqb$dq>QU!UHJ-2u{E;CkwuG(+=x2|p~x(CSn8I$dny)Ks@jq*#9l)L)CmD6i8K01 zv(CNFie}YraIIg}(I>|WyLPCcEBLM+G;&R;J|6-fd(9CZoy2?7VBlMjyok@{mo|I6 zz1^eZW;(W*a70%9g!owvP?esHFMW<4=IQ>N{@kmw5 z=KkSCVXP+TkkeE3m6~=4GG^c1Y;4a}jw);;lkOoJn+V@(Ak%y+Op^svq$;qNpjAk$ z0Ex4B0%rh(8v~h3cIR-M6pnz*iIma;*BR2bJbVga9{~BJYw|78O;BW$bEvIf&9mjX z(nR^otu1!S06ox6E?nSzliBl(K1EdmPH3%h1gsP&o&qF%kX9@wr2g4^$E(_uTvSa# z+q>1df+{t(Z8~beM(%7`&)LH$-rv9s>CFQ7qOjwRv2;$RrL%DqDed=s1S8&=P;WvC z-Oh1oOURZFZzLTB({T_ll@ivu(Y{2hwvz5+7P))?>15x6nl*t@#0wMm_0dka?u{Z{N7H@i4M=u>pE5X0JpRAO=#>*>LEi{v?0?@S|^6rqg}& ztA=aioH2g+RV42YghbQzs5#wO9a?MKdW^Ir6dc7kcwjiUym!a&zVKN2Xr6oJ)v%hS zfdWhNU-vL!jd?&g)9BQ@aN18(;Mi1 zXI!>5r6t6L`}h!bcY;r4Juz=bcC?+H_i$YiDmqc@>f3C=3MC-MRh>wMyWhLzdx)Y_ zoH6tfNl)hOAw&kA7*d`#Fx(8Wdyxf$Udk-CHlv6zj-IRNH#ev4G`PR%fBI{6H-3P% z5d7NYG;4MVdyBedIANyXptUI`By(2u)upwNIRk<6Aw0p0EXioh6TEV-RO3uzPVqu5 zCK^JfBQ&8oqD=Q)Tcgh4*Z`uyeHZXrLGql|au=c@3w=I^&3Y(L0g?(FP&w!pluH-y zJhDIeZ#-OpL$hxmz?qTdCR`eS5a{j(PsS@ps+=q1`QBc8PTY?cP0wP7^t`@tpFQ%u zzx8J>{VV)_H@`o_@9**ZHUI98EI{v5x5^0)uYrElj4c-R>N`nsvRLpdRpbPBON z5;C>t=I8UPOLhpXU!UU(M4!UJ{BgXaBa+aollogj5w+FF}AKx z>SlVb0>qaj$mJFReE021(d&1oh$9MY9dR)c5=6tQYPj1G1{bGehE7P8-*uJ z*LEHqpf3|+&C@X#_-qoRad)!)xY>G2++tSlSPsxcXT*(!=)Z>}nS4hAuR}#f*5S&k zx@6Z;B(Ks2Jd#WX%@&vQaXl6*y}vu1aG}8%c5tgnW$t&%q&vgh*`ic+kO11QAQ;(_ zDCDNXD<^gM$d}rqxyFmOe?05*f_RSV;{E3KC-`=h=G+cY-aXbgeMZP3ROHU~p2fxF z&la*yvkAM3l)}xNE)5_BfsqvfR2}fh<}UAq_=4P)Mc}GkUwDKZx}*Ktg)D8sYEN;b zD@A7#V6_4)kpOLEPIa5n`baE^RMO6KVe9D z^nDye@CX5-6SjTDGuVS&>}5}>-kc@%RquA|mt_*$opVHAbAlRAFHQT|SC{@czt5g~ zb?Fa(+p9}oUw(Dz$N9Y=Enzp>|Tse<`Yq)x%I z5p4GZB6cCiwyR}-mKriMGmuo(VTWh#jQ5D_X7`4g6at%UD48JWIV6MAvbGZet(?HU zpEM#gX1x1ssDY}W2(R;Vx;92{)r?79RB0Pi^oNo?voO&VpGq7M&arobfKa`tdW>pd zT(HZb%!nElT`qz~wEU-|Rb|$dVwLtfZD}m-LAo!;Y#@G}piPP7?1(*K(c16>%-7?D zRN{-JZninphP~Z;?ie#N+(WLfa_F_2#kNgXu&V=}Fa|%FSpbuEgxpgCeRgyfdm?7X zQ}5Y@6e+|a6jt`wl(k(#9<1@g7lg7b>o7h8zA9Y8%wFRz%zT12>vqIX+O^$B zM0eWba{HM)6@}_gkD99{*!rI)AwgW3hB~2+@nwLunT32m+ZB?h;ZU*u%Mf~;F6oP3 z;d6H*Od!ysN$_t+3h}WHd|g>znN7U;(fXa))C#?!o^dT(F)0pzO?E{;eQuI) z&2cVIJ0F5Oa}=-LEj-^p6ll9KK6HxI$h7c!P75l`+wFmn)T|ihhY|x<8;;OKTV1ZP zp0WXEkTlb3BX(ZeG~4s?g(=q1bcm=gotgE8?Ja8YD{`Cky1f{mC zEsTv`)=6f|${yfv5Mujl=^2NHU}?Hw^J?t+-bpab-(JeUQJ1^;QCMw+GS7j%Q+x;k zEjg3VlsvsI>mLiP2Iw0SPVf8?O6HFj3TTfFS%5p$W;tiS+KTI@!xsv`4ujkH74gm9 zS9A|azG01f0w#|qXpRl@x-jt|9k8spw~r@}M!QdTb$`zeUJh{TrhGr5t6U6$;3^gT z^UKY*xav%|{z&Qj`DQuTjpkdqQ~*`?PP%YWo45)jAbgm$v9?iaIwAXe{hlP}I!U{s zeg~_W$+AxSXz~cWnE8tO6Ceie(V%K2qiA%cPqThKuo>uPHkz{4%DF7iycI2k4B2o! zN7+vB020Z51>OBqr*{yA@A(1LVz|K5I|b5A1=cCjKl{g2y%|$g#l)ZY=4!Tr`FX0E zeCy$vXx(YTtR7)C?rob_YX(yFP+5W)~Tgdya}X%dFep+i`NFoe+%QbUK%IdO)N z<8!?|pO43$_a^84{a)Ue&mW(0@AbSsen0MypU=nh`FuP~J&kUzer?{n_tAxgr}kyv z*WSGeX;gVRo_T_5ypF2ou}Kw2{G2ygk5Q__z2wG*r$|j=hy8FT|M6qFNp;(~ayXT0 z6341=8bEkn2}cmf_kV)6 zK>bRB?j-DAI3*+c9XHPFD#6R%eaDZDPIXFflOGG+-f=ST{GJU64O-_ui)cFXLr}Wj*0GZYSGF78Fh=KRdrg08+q1$d0rx17U&qd@xVu@|??ld5=3i2|dLqotUd#5tp;kJ7nRi3?R*I2wW| zb-NwjxsPL=tlV9?$E^_&6{kB)sN(YpUdQ*xt+{h&`clfW!!zfpsmQ02qR=^~{OBB! zc5YwtAPjlo46P|7VtiN|qHi-oW1hW@nxu#v@qxqE0rUCB*eY47DzYq~Wd~gImA}3( zVHK0JDZ;IpsZ5o9Pdl|Zp*qud$~eyE2@iY|xl0DjzMNt_S%+9j7ok*Xm#xr*^hLj+ za^xmdu$D&9-MC7WUCkrUs06eg5owXl1$0U!$5~FPp2Ffq;`|BJ@QEA=sq&>}Ob@j( zl`eqhAJw*~iE3qo8qMGs9<-$M;*=pRK)WSdCNdrByzN%n&nVVnQ`RKLUNRf4O>S$= zf)lW#qpr`QzAzYOS#Me4KpZ}IXg`}w4=G}iS=>DcxH|dN5=CLom?a{7}CEjR8 z>SFbqvolMIm&e-!Hn!n#a8Q+`1||m#;ciZ$aek}!ruF%OIUnSIx^p)c>gnkx+>Qe6qp(UOPKzs8-n?+j z5A8Qa|I-a?Y19gZXcPJj@Y_Z{DzB@hlL5-w(V(*%2-G1>RL&e1RZl8Cwntc za(U{}g+otM0L6tzQza7N+J`<q$f7!I?i93J zp=M|<-C6y8q+1&g@Wy0_8D7VncYGt+yFPW4PI4w}9lPNTHIDe}s0(93*_}N>T_d^S z#E!ZYzu&sYTJA&gEXdD zV)Ryu2|Dchv_Vi5zO`}FMr#yK8NI=0Yq@)mrKqOoUEiO6sFJTB|f!rMw#* z-lDi;biy`9yXA!zZQ)`E2|bx*ys^vwwBo9*3_46NWZ#~ZXdhA^J&V)rA2P>g?f2d7 zr}{+C3Z`w%x^WGcui67wy3KoI>Uct<_SHDz2pcWtQFXP8<=C_j_U%ixZr;scjAb-Z zyS|UfTRb>mA3jqdeB9{^8!nT!{CCSn%pQEL!c;fOU=&xEGoma063yM?J)TD_4o!lQvkD->h1!ugNZk+p27 zyJS5zrK5Dg`XMgz=e}?ro5gw;(ei>71KzYOzADWspOQ6sN_AGaauKE_>Y0dHkLJUd zCb)>sGE|zPC6y@I>It_IcNAx68K$y2TIijTrLjQ!KLl#a&v-knaS1is0d1?^2QI}Ui#%PV;M~{xzBE2 zM3t9z(=b!kKn*d9(+4UIXqpoT8r@ARUBBffE35*PLiCh->=+)U;Ck#-O;XIn^L)WeE zk?3KfDYbN{x2@VKY&%g&sRm4%Qa)iE$N7w{K1NUI+(6;lJD&OEL2ZwP472>tt!Vfy zOL@6lpZ3dc2l?eU=WTH4(D)3WR#b%#1Xvt*uG~+&gs+u!o&?bKp0BTKR3|+2CV|4kjUYq_UOI2_Im)Myg?JH^sp!~XtI0Ra!~mN ztmsVONmo@Ohvz(F31OVR2Ra}zXo~Jc*qKI4K0eU6@*Hu5gA#6K#hn~Yv$9%u&p#4_$bR%pk#+Pk z`UJj0k@h0R=;2`*?}hS2RNs|{%92@DX=G+XY)?p*E9|&jPF0x3=^)q2BXi9Rw@O>i zC{`n@q)|10vK`){Xpg~!^U>j%?w~Oh6RXCRoyQZ?LHY`N?9?)C|A4-DLxXZ6KjrSF zaEgqTu!$}pZr_+2#|h1$>nB=$!%4LC2hJUDyt6D7)(+!3N{rKrF(0Hyc9EsK_l;xl ziX|NtOgF|?BnGj9smJE5PKRpJBBS<1i2cZ%SG&UVzqi(uY(|e_)hBj5Xewshv~&za zZNr(O4nNW2N*!hnkIl$8&)4`jya(a8aLm|KtHy8<{X3MmkAc!LRb|u88|@N}!T4$! z^KaSo{wR%_O;rznRl`;9nHmtKe1taPz4`>23D4~+-OFx_2kxuL{)sRLc!;edqwoo4 zB4_V?_DRGYp6w39`cA+`SAG@3J#GTSH5(ofL~j66=e-$=WxuN5k#}~^iyA2>i-%1! zT&8L7_~=SIKJoCmiJzIoCT?;+xMJ*>iP0t@E;sD~M$5V^Im8cK^a=t7q2KnGJL0vC zM7+2Vg~IUt>r|f@b|YIS-seochD$&=4zxdy+$SnPUV+;C$o2=4Cq>;Cv4n48@QZ!) ze}Xq1$7|B;c7E6VLhd3Ba^-axr6#uW%EhF8&w@DAMB>jUC4=Rqv7CQ$biIz>=Sz}7 z!zsyN*He?h>S4*?dw$)LP+W_$!j^F|6R)X>!okNLbZW`qgznUboi{o$gj?$AxzSI5 zAAch8{2!CS=(CeSJ)-N+-EZcIWN-=6h;+uh5V-=W;w>w>e_CMFsg>~_0WY1NghkH2yi2DX(eSAVQW+QXFd zkJCD6SwgATDjxl2S;94Q)sCT)PsPUia;t7WtC7Nqk38Zme27jO^$@@#mKL$4b{I=T zaVo=rlsNA&PTlk|Cyzd-gdVIvcA@U4O&=rXj7k#UZattZap)n39DK;ujzaB4j)qog zN@oHYS`ryJ>vjdgQbrkXcSIdlINVOCQV*a>mFo#ihdiN*3PuU**_&LD$M89vae|ha z(~xFHd3D`@dqLPZYR{j`7Y*EZDqA;cAHbA;?LA5qt@`6IYG)oNH|pm)xQYxl7PDJH z*mg>}Z`#)_xpF}Y{C{CrB;f7GzFDEJxjw9a;;;dU!wy0DiT(p}6DJNSO~jAgc>_}K z@JyPQ47?0qm<%Lu-k%IkSrq;1+RL3>bN&;LF8Lxe)Xg;B0bsH?d2IQ%kAKo4^uE*F zAXIipS#H0ieGu=|bK$|j^~{muvt*;Gas(&020e|#NX zMZV)}U1?;W7N&XJ`JuAMY|FIWtlzI(Ig|3SmE869WkVg_#QwkjJFFoYc$xQbGVt>4 zBgtUhqsic{hax!yz7alVX=JYJM^?tNifb`Q`cCNl zFLeOAgVn6ZKOfs>@#Dw2=S8~F}1$#z`tjvVI9b^U)`=>H!H;1~XsRR62%PDlolM2csn1U>le`A#zU z_P@VODY`5r=mOW)rUYI2t%g;}>hP4tul((d=x;k@?fmV7&iqzjpULkI$gW81RVjh4 zoA}+4-=4@$h!p?dUw)Y~19Q?eMQPc@Z%>%Z|G)n-iQjv=ki1-r+<`oRJcYc9e1Lq3 z{D`DplM?KP^hO3D$0KJU=O7m%*CKZy45U9Rjz`Wy&Ot6j zu0`%Z9zdQ#UPV4YzC?aRQm?~5(i<6s__Y7l??}oe=iOv*HIjHQ8FWF?kR6a+k&2e6 zF2CBdN08Vh4rLAe3kB7BPo$rX@Ktb|;~(JTD6o{jM)p6$%P8nf$0@(-5j;%=$adTv zUJB zmpCqk_k>qCJ{#@@H#;5)_kdd+kAqcF+Z+sWR!;as9AA_?Ue*|9%=Q&;nzd&^>bi4t69xipf5q=yl zcf1LH6s~ss9sF0g)^TFD9>G0uo#QU>4RF2VH26AriQ`@2YvC1+_kpj0n;rLqFM?Yg z4}i~y+Z-PTp9iPh8|D9K_*^*C@o|o`9T&q>u+MWm44w=ZIvx&Bf=eC$5w3vC9gl;@ z!_|%_!sFmt$JOvyxX$s#a2Z_hxE9v_0ZSZT<9LPRKf@*Zy#+sp=JcZbUz_kp{?)sFkabbpCj$6O}V zM)EM%wf|E&pMhDuaW@V=2U%*&X23I%CS!IZd<(MHm^HvlkTzqs8vYOo7CBuI`FHS- zNH1fyV=r`!SdXMur=+@o=TYm|X|ofXp;z>c=0#tj?G{2fu(UGG-sc z>yTx}>?imaWR)@7W%nMzZb+*!+Xvns*=)@6;Cv)`f2;$wnGu*}8MBMvOOZTdb~}6* zQe@1Yh8vL)#!PKuBW6{`Z1+8S1ldTfF*_1I2AONjRG-hltihORj4j8k(U@HYUxzds zGqsiZm~Aj-&%!StTa4LSxE0BGAl8BU<;0$((U|Q6?~e>LW`p4&NUVSOW-E-D<{}wcJ%Scvruj@hW*d#!pWt#N z@nD?aYvJpWOk<|Lei3Fl#!UVFO3d<&*%$CvNQp5^?A0SkLCTHU9`N2sjWNrI3y|5y ztPCE5%r|B;;aX&gF}n+{M^+lM7vUykjWOE@e~oN1W~qDk2-1<1hFAw0JF_tB>C71R z6NkcwBYlj!BDfeSFlHKOD=;fHW>>@4Ar;1K5!`^xFlH~puOM@bna2H(FsnCa8tcEs zY^gERd?0ln@@&lZf%iw&8neOh5TwnRje;wY;GtLte}xw!y^PuO@Jb}tn0*0nL<)`B zFK|jW{hu+*h7Uk0jaeQ%5SeMrj)9Lu>WtZFcpS3GnW;Q3f-gmu8FzEwI%JhG(>(Se z%vz1va`;7LvoX_ryA`wK!?6xD=gZiax?s!>g$E&d#!Pd|63mK>ndXDnVm88<{ROT^ zs*Ks+;YOs^nJI6p;SZ3x#@$AE6VhPJG)GMChks*s7+iof8?%XU6|%vY-3ZS`wiq+b zng5Pi#v`!~-h`WxY-9Ev{1Y1oU~KQ6(nk1?x;&qoT3*;Vkh zNU1Sf053u+jM+=@Ysd^^_95Jg%rRzr97x?m>W$fPa51vfnCbq#8nY&2b|2h;tTkq@ z!EYjM#_S9DDesv$Nno zA<4(%dT;?e6Uj1W_rUiedB$ux{323h%(TApDP|*#*(SIRsWN71{kX3{YK@uh4GzF; zt}#0bE<_rPSvfobX*6b+z?UP<#_U%3PGo~IdklU8*<#FIgWp6lmc%+(2Y-%a8?&F_ z#6k3b&P?^CFPw)IV>XiC3CJ|$Qlu7HjI2e1T<*(|U6I|8UXJ(RH_LG!ek%{A%n;Q( zgz#># z!%IVV50Ay*Fu^04qxU zNe8lDg8gKEXCQNsh63_^G;Qq|(m$B+k@?6fq`Ht_r1n_cAuWgxOKn2e`cv3HVVChl zq>mI>`Oboq$I;%A5~QGrI)qdVr7j*%_{cIu{-v9bx#lPQ6Mq4hyD(Y0N^F9w4R3~P z;h*{4=>*0XWZ;SD6R9|fwsSJ}$TH+@WD}Bi3Spdz8zfnZd*p1S3aLMxvO5De!>O-l z(jJkSNCVQ0%sLyrjX-aIg#W}Cj{L5S{2@i77<-VBqtU|{#uB8WoH)kOW-G|=1o|{Y znNwaKcGqI%{~5UC$+$kf2#3o~|ISD;bloLPyA4WY#Rke5Cps^l&ZV zA^Ts48>IfvgmFD-y8*e8c#+vi3)1tZD6cBVLU--+S`6ne-99*j-wI^e&D7gE{N2L% zcpGsd&mql7_U(*?ck~Dr-Pt4f^SmCxgNW9uR`T0;7kT>&=|VQlXMN-z<_bswGGYPY zAxrBSn->xvQjW|UMWGgcrYA0RHI;6dH9kZ+{sA@cSx*NaKpqx?Qb-9U6N zn|PcuKx+O*x}KnpJV`p1(r%t5{6^}?a>9H8`xoiAkTyi?ODQj*qnF7qlKTp}Zz6tV z#p^wS|00=hkYA*574DJzx9AVw#_S!!L+X&HktRuV)DLcam-MVA?Z{-L7Abr`vdjJu zKWnHXACV?xDY6O4{Ftzja-z!XN!*_NCUD4N!iGJ7m*Hp->PfS`IxUAA z3|GR-jQbi`Vd+odNylr9eLeOY4NJ#c3`@t!Ww8#V<6efP<35I^<9x%?aj{|Pc!Xi; zxYDq6Jj1YbJR5$ObhaWR|Lyd-iF6~GUq|^<-YVR+&+A-xr3tGMZZX^jZ!p~R8_M5s z0USIN=e->6X}A{7G293bG@SSk_1|zFJlt?4Tw%BYu5rArx}f$n*V(J=Kf?VY!)xKC z@Mrw0E~*}C4!8xb{*JtUAL(x9<{rWAKj0Qg`7zdCrMvd}n+*rg#`$l6dm4TV&M~|Z z9%wlAC-QH2A9%Roe7M4JC0t{;9-d`*6+G8)Vhi~aG{e^noDLt5t zG$2@q?XjcIS70~8g`qmVL4FKN=kp9_b|yT-hr-JY4}+TwSHWux*TWkPuZ6c5&e$$J zNH)fGpb+k5cm~|Z@wRlb2>W8=UOE{8KZ5z|$XX;bB|VtmB|XULnjT!zEj_41hNq^7 z_X2Cu(u0;HX+ny7qz5yR`H0tFqr3LJ5ng8E%Sb2xhV$VyhRflNhOdIR7+wG;m&f^U zgnJoogZmiH-9A0YH#`z9He3gfFx&)JI^LH4He)~AxbK{i9?XM#@Vf_+kIdX5($(f2 z(}P)=>A_0m2PD`zJ=lQM?t%`H8M~$j^~h3W12U@@dd`acw(y&>FL~KNJs649A@3n= z$d=xbn^}GE*Ec=L>X#mzf>a>C@1GvzA{he+8>z}m4;CRU$PY-yA*BDX^q>(*IUL<1 z<@xEsTx2Ek71D-mI+DB`MOu-R0>VMoBDx=}I3_*lIXFGod~AA9I3zvDD85fd@;I3x?X~=kOE}*Ow5phmr(~Vr=B1WAWM;;mb4;^uS^e?Ttyo| zes?u)ku|fBYp}bPaIZsm$S$*q51IGpNDtZ9leRh30pv1d4zl@1>hjIxw=O;S=Pji9 zR@&ZP%!T=_x-Ih8%I_m{(F3A&@K%1k-R9fL>mBIfPU;~t19=zu68Q#E8`phz>b&S$ zta}jkH`j#MF}~eDNCr!d{hPR7 z34hEl-a}m|OkL|wVQzpo;^u4PMq_m7fPWPC&)8+GjPuc@p7J-m1DtEP7hGU?Ke)uO z)~-gv2V;H=aw;+rsYMnbid*q^Ooz&Rt_i23{WJJoioN_wUWZp2_wwIjxTF6MalhI4 z{|XLXiSw=Sd%`yS9AmHW2f{z#&bv{Wkd*LGX41t7<0s`_`b@*=uyY>fArqc$?019b z8Qv3afPH+bBg>5a{@6Dew&gEBeX!qX>=oXY4&fzVjdgGc_Pq?N-|GV(fw|JHFpJ!^ z=Tked+T2JJMn`+~eKU>y86EtOh37kawHxJWv2iaQH^NGb?4^@c#=X+4wCPW7rI?RCej>SZ-FLvpX-;QD3j$OXy6#N-8Ejr zwEY*JjsNZoWBqn?vlDiUanp-mpXYs@dmqjLaI;C5!f1v2J9qLoxPu?{FG17x;q$oD zv8zJ#obVQY7df}m&ol1Y$Mq6ifIrXDQ3iXQ<40kZ7=94@k%kp!75q07=8Nvy#!+YdypDanVa2h;@M`Q=7*-t3 z@LCtH^7Y4{9y zhGW$&y#q1Z@M!GkIo9~4d^H$*)wN~tG~D?#Z7Ypyoge8zY20L3X-vEs=UZvaFsw9Y zIreGHHLNriIQD5QG4@L1NXLp_WmN@Vg1=eF>5s-~FL&2IFKTP^j9<022E&yd+@A+G z8T(7%HI9{bg}>3T!rx+8;U`x`x{!ONy%#(Sf44psr?ca@au0Te&Y$x509*<$;kS56 z?61sRD}2oxXPEf(EM>L{XB_V58T%=4gJGq2nPcf*_XbVIzus|NV|WJsHyZ!S-xhcl z=BGWu{0t$Ouy2^{u07uh=e!lylLhcV!;iy7h8yAGhLyJp!%BONVWoYRVWn*@{3_x2 zG_<(u&y3kO?mF>g?Czl=+db$^z1GQG18m*%wF%r?P1B&+^ag4`;O24mSJCP>=oV!!>?fP z!~wy#_)F?;_teQ_HXQWgpl(kSze^N%9zN=-Pbf93En%ts*E&qjLi^?)G4{Ax{1^UEj+H*WFT2*Tp5JXU{>LgU??!o6d{uCUV}+;hE3yn+^ZJUr_WV9P%lOm#iE|C>9oj{PH{yP&W2IB`=#|D^ z?V-ik>ppCQvDdrVo8c{lll~lI9CA3~({rl3_BH` zW0ke;$NIpJ6OKf>QJvL$p1RhbSm`Qt{=|BZw%oD44R{v6)sD5s^)_7Vm`|q?YvDS_ zdKR$}t~d5t3ti$^&oa~xtT6V{b+fToKhWxUTj~9Y@Kai%eEalg8dmzV9sBg>Irix< zbnMe#>e#2h+}JDq)sB7oYmL3qUuW!<{(8qMheTtfdtHjvrdJsIBllpP*RcA4R>OLi zz0Gh6;ibGE*X{0brr}-TY{PrNd5+a*^o9!!t2|1Ld*!Fx*egHPj-{W2@Xt^9Cq4|W zbM_hwRX+8OrSBuLUt;`g9=F1<;%|1WfQR6|)v@%gdfnz&<*D?fe6W2`g1eE(r^}=C zs2y)|*Ib5u{V#AXZasH>p8n6V%AyBcVpwf#q+zXPRvG_F%S?DD{OP@i-uxAJ}H>$py!xkCl^Yw)+pgwykdC`=#D?(iHJ zj>=f+pKrqLhy7w>ulzI`d);5HGOYZqHLP)RlVR1r#7A-dRX;NfZ!3Md&fcf5z_?fX zN{qeIH`3UL_kV`N@;9vX%rUI=%!l>fNxsvS^gsW_t@XAXUTOR_!!3q4!W#_RdgSX( z@NuLEUvGOFRz7kZEB?Zl82=5Q3>O(zx`)Gh2X#1hRY<`rw7*xG1HPUfOn)P;OSb=0 z*kS+Y!ctn)pVgbN)t@eLtTIslwF17$gn7Ta#yYI8kHQ;F7#b5c8`c;Sd=l3K&HH*f zRveo5UFmGPtYGP6S*bBw+6Ip472Tx?irY=r;q@~QD`i@R35id=QQ)%lUVbl>J! z-*zfZDW699mc4YJ=~(v4ceZ1Nr!?g`*0-I~TcNR6no1o@2dc09gnzyqs*SyLRBKr2 zsWU7c)f-lNmKaugRv4C!nhh&Gt#HblTHA{2gW8QvR{?g(b#eJCo?eF4SM`BQaF_BH z>$k|oZ^z-?=&lu}@;MhCVf-tdmGFGbmmwb@-y+_9*cS`!-j|L{YYuQcJV zch^3DU%|av=(uAS1SDNSI z=1t7k8@un#wZi@dZZu&lZ>tPz99j!^Tg^KOi2Uf!>sD!rO!&sz*vm}!d%Zr3@-J5X z?PFMTo_x43{)(JmrG2~!M_dh;AqcV^cT9rF6;BS4(Qo@F5I8+ ze=_0k+!BYcd&n$!xbfE;u5hey2f#J(v4oSaYeaGW)}QvM@qfBj9Qv!>#5*6zTts@4 zZ0k?`wEwgIpU2-Sq{aF7ZuHye(yQx^{-rCKZNXpa*R%)3$L)U;U&M8%WBR?DT>K3{ z1{(j;kNygbf87@$Drtz=1lrM?B?v1~J$dO3s={NpSo$%!% z|N2uo%l|NB1ky47#FugY<<{#}VfpL-S^mbqZ|`^wbBx|3d~39+Z_cw&q4<^DSCyx$1>|4rAwoy&fl z0n6baiGFOyAN^MNt8hE-szkrZ>;d2J=wpWVt>&E3e&Z*f*RNs}$5;1b<8C}hztvMC z8}Kh8IufYp@pQPrao{l-?5g~xLw`i)`V z_Gv^A{hTv~fCxm}o)f_oyz@`LFto_$Xm+meHzwMa)tCJL`SiNW#~qG>kUTK4&<(uJ@{(ztiAXApT9f-1MQzDciKCzCyi?~*FIjEONJxbZ%^0S zb8iOjw2zdH7fg&tG}g$S_UvoIo%ZbW;ptZ$RTbjhX^+2F+*Ob$*(-nE-344LtyqV9 z3>M>A`!o4JA8s`U-d#ES^OfUntrFq>^Uq*^a^dFe|)^xId_Vx0CxqrYk4h>I4g3VxY@Ytc{lIH?3vcC6FKqW-R0b=>=N_o zf3ng-eF^pF-PLog^vPX-yWlt6J!srz;4TAqJ`AkduNQMI9Vb)Ny&c!$t`Rf;CpVIp5g*?Cd$_mXD=jhn1n(-5$a0sj^Q-uk zzRmQ@n=8}8eIlK8dp_RAK;ikn(48^xmzw*AI(80|lhYC(dQbd%clwP>leRf6EwT3U zL_+O94^bXeXH=JMcsbvtCDu#%?$3wk+5W2k5O3#VRX-7N6tnt+h@%+P?ju(0QTvWK zDlNYU=5}F;M(s7SS5FkR%ZS5Z!aX)4RxYA;7P0Occ<+by6meR}YBv!_vtqT6h_#bh z)D9v}4_Wm+Vm&?LkNTjW?Ly5(^*3Ub3i@of*N&f2ebn!Eu7_2CDVNN`YLfY`^{`Z1XPsPNcUt=4x-U?}Y1t{QC5E zO6-_8Ru=zctt_%z1*?<6InI8Q_($$f zsfw}>H-UBONp#Lg?5vC#-VgTW(W&#!iTn=sB^`K72iACI!@C;xd$V@xyi;Nhtmipu zb30JJ_rrabM*0>%1CLk{^E2~iw{2sK5JUn zpa~B1Ze7D2ptgU+gOJME);q4n? zy-Vfo*TK0@#o<$l6Dv*rcXgf6Q1YeLlLMFI-{*G_Jn-2#yi?$urr5q5);pFyzRTdG z$GR_XV@u)d-3_Pdhs zY}&_QXTLwZ^CPLjy>xYQe<)n=LTWGtf8rvz5B~WH%X17D#U{NM!mY2z;ok;V@@}(t z{}2~?e(K|Y4SwgYuE9nZ{)h0mZZ!7C_VpZ-_io;xRllb!uKxYoq~J*+(=ef{Xn z$WdbIR~D?jw7h*E_&*J)!QM{4N5OyFD=nyT;hzlaxvJ0qIq*rHf}lS`v&!RqxQ_nJ z+g}QgF#5Y0?qkxo5Y|4NKK@7H5AII}>NgeMGqB$M@Zq(qbOs^Ns`zpsV0zn6D^D_n2ldk`M}T`KIJRbwEGVV`+B-XYVeI}TSl{yb_*-G^tK{{u3D!Or-ad_bpnVHG9{^XI@+*XwVDHPT4BlY$ zQ4Ob<`g1WnejN3Ish;Y?9Jm;Lc>njp`c}`!_cVO-q|~4j?N;vJfHRDJE4;ys2b*Di zN8tVMN<3>!eh0v9>tp*<;5svYSHP9%&-=d$*0X-k_rRM!>>6C;>hr_!Qr=zm>3Sl?=r&k?)QZ=j6M&6uX`#PY^I$^A4B0>=4W)n zA)g8B8ximSJXrg1`S>n}SD5yCD_l$dz57RCeLv^93EpyR5bQz*72n73E`Lr5#<=p> z1ZyugAO05jp60Yb^D4RT!IWL!$NKR0hv%659tsbq|MmJSftQ;6j)yn$PO$fXHQdYa zLO6x_hxfl6)_$!%J#Warv2TT2K8wR+${Rk{@birw;W{(E90=!{^d12ZG~>nTaI0~D zp4{^ut55HrVZGz&`CfR1X)nuVZ^p0HaE%G?pKycm--Uo$O!@5&`}-&9I~%Sr?I90t zG~-J#Tx!BElmE|S{ng05@qZnxXZ8Gq^N9y^Van%uSo>?X>l@bl%-;RyToju2|8ID% zsb5KMkmkG^yYCIxoA`$628wlGUp{BU<)*$=!F^17y$)Vv^m8|yZOZQn_{p)!V6kg2 z%jMpbR|{Ng()%f_Jt};Dw!o!kzOy@%fLi?f`qv-U_g~)q5LkQidHoE7wf~m4uY~7a z9|X-bV3l7DeCSJEf->5XxE9u4^4|URu=d>Wd_UafFWrNUu01Y=^IneA(*)NV|L?(i zr_lTV2Cg>!(-ye-I?hdT?LD1E$a*vW^n|r9qR&q@tmmdayaHI?XnHP#15=->;bznS z-VA4&@>vMqIXD>{#47MuFH8~pJ5-Gd`se{=wx z{Y+|jW`Oj21YE~>>;0bs&!oTi-~Oj{~)|uRoCDNSHGTx z8%%ybg%A5jYVa3V-rvFbroJXwa?ld9emx--GUd~{lz!%CR1N^I6^J@ z@%q{m);?4|{rRxI&-OeVt~Bj?8l3Y=CCYeu7)f{b~AcQSLtp>q8>3m)P`Yhr=Z%y~AMbC+_uA24@?6p9^abGM~O#aIOjO zZn$`TY`+X%YsQne;6_uQeuOK`c-Vu5EvHeqUjw#R8u-^an{=b83=?}dA(^wGId!*ieUpUi@ z|3|~Mv=8t8jBo)pkvPPquM(~^_d8d>`Zn2zcMn`-?q{Bc8_oP{wcMNhZ-n(ts`sC= zJL9vNf9(!$F!PtgVD0Dc^*b1@GvzZ0K6!cfU>VBPcyl?d_rZMl^>CxnX`nvrdtlydNa^PDoNDcnx>cb#-qp?2~&Nn;`-tNQHAdh*n(mNeq zN_xHiZ-EQU{Nf>4XV>`rJPGHT^u7WYQ~ut6E37?Xy!*tS-0vIx?+9m@_HZCv&Ns2% z{jqQ_(|$(4ZKl3l2w!-2(7wKPGpxVyuKnH%YmW*a-g3B#`LXAZ;65wj^nMKw+tfXn zNf^>cA}f)YG$JiH-i<#!VeNtF{T~DuoBBN%ZlgZ>{Evk7{kC_1F`RGi-*1C!7smGY zz~x5255i4Gzm2eeUb17NN8%+|XKDHHSINB@uRn+N9>c&yG~RwMHvP*^d(r+(ecBJ! zei%NyV`2SWjHrJ&1Fn5Pwm;X|-{TXxe>MH#K5$Q?-=koC2kpZvgWpQ)7ObEjRryYYYfXQ09jyJh zefV?X1I|ee&hHete-tiR9hdJ*@Nm=q*TFi6!u$UhtUWn={N45;eP(>$1FkXcI}iT$ z!R|p{7vFL42ZwYIF5WJRzZ9-C?PnaEZR$%EoOM<*xStBB{9Oj8{UI%w?CS3=u=W-8 z>3IY`uBc1!Wmta6L?f&{?S1;2;3wt>f%*Z3_W`VL`@H|3;6hX1(z9vLYhwGpa6aR) zcRvK)V&-?F;1TBj{$g0?jQIGkg{w{Z-UaKN3UB`aJe&HQLi)q!H*l8ePu_v`9lMYJ zKk%*p?jAhj^4ob|#=F+oz8C!ZRjI*)oum970M9Y?qZn=?JRe^LeCQM1gKn(TN#f1kmNOnOuHW4zc9x8I%Nmp60?K4G0e@f`}!Gx|FN z)_yfU{2I8P`zfE^8{uB2{w;z>T$2oLcJ=KUSm(=l{k{U{n*M(c+)8=+@V!U?;E&}$zPWo`X>|Le(?6Mr3E*I;UyCTVf~#O>MM~L3hNzp zpZ-cX-?Yyw;mnrU{vKFomU#U>49_t2s|l_%{qd)8()4FP!JCbKb~=Fe-P}F6*VWf- zxS8?5>#r}YbDn&Bhs)lKC#S$gx6vNDM*15C>u)e3{Y`^!%t;H5a{9dn)_2uDzYF0u zlb&bc#uc&sYIvE+&qlb#^#5IYGruz9@m}y1FC>HcE!&(E;FJM`(>}#U`AM;$;2vnhfmT1ty{|dI#_$$c=x}+*MAg0FHGx$KJSg~cZPNL zqj$e2tUX^m9|qssuY36ZnZiFA4orKR3^$niel?s^lnfTQ{^xF3`(*g=o`aiB{dpT+ zW%TiZ*y#U1u=ZT>{xkbB-lud44s_x7g|*MGw=aaV-;cQr{_@+Dpr30`Q{a3vzRZGk z9*eIpb+FFL@;o2THud9aSo?tc_}+ze=9qWC4%Xk@u0Qz&{^RYb!8KF>=`WRfr~QJw z|NUW|?c@FD!TJ{4+n)>vrv8qEuegNoF}g+JO@~LA@NR}H%>3hic#hHM^Kdcs&4>R! ztnYZGt@ElW~8{sCSk06)+!ss^>)^`Yg{=6@&eg1s>1+cy+_dFcd z*s^0(HJrPBry%_Uoxc6JB!SPPt)v&&q^X_kgN1FLWJ*;!1eEJr{NfZ7`c!SCBC-4kYKilAC z%i{7$9!&pf+UNdoo^k&NcrnlO@Rr!Ib24!Z++gg_gil_Q67+HN?}_l&R|LU5PCr+{ zwPrlH9S%N@^S1;ppVB4RTjA56tbl7w`q#osjsNdpouTRT-zkqd6!*ie-6Q`y!rFJm z>+c|Vu^GRQhwDvvBj9f*rv=-)_C5)oZQ{R7?oD~!4R18{eJPx0#{1{t74%m={*Php zZ|3zuG2@*N?|r!1BpRR=0n)Y)GTy6T(yWvdItKZox5bJj#Vn`CD2r&~YKGZ|lALGFWG6d!7L2(0+aT zu7Y*0r`N|#u+FgZd^cRZDJ^)!%_pCh`_E$ktHtle;r|;hd#h{kwM);BaEhrvy%-1@ z{}GP|ePHd+pVUm-l_1=L8(Eio4<^KTTK6XF|6-Mz5hGl22&p&gikz(Z%Cc~ zo`Q82q!0fkxEy_Y{~yAIWwDtZ40!40N84u%(-`OQdJ z`#F2}(_wwv?)etDkol6Yj}O8braxQ(A6J(QM!Wv+16b#1c>kN>S;l|*AFwz5%f4_P z{fT$q51wc2kAr)e{$&)r!nF4b;m^xX$F~X?W+;lR=s*zgOTT zrarz6Yfl@Wo`1pF)CZscAYZkKH3C%1x--bgrSQkU>M7uCOW zVVza&?JtCjOnBGB>C?LeYlu_s=fXO3!n=PQu3Q_Z?+tjCsec>bEtH2(f9E5J-^>TI zV0}02!^?*Yjebkv{c5@f*SPvR2Hs%$m#MJ!g7W^ahewbe&kgV#Gafw;7n=Ik0+&+X zefl=Q?=MOV_D_xS`y;%_q-WP76NxuYNCtV%zArrf{ceHYdzF5Uf@hlf+}Usq^K&2m z6j=Md`Se`{YY!sNe}(H!|Jx|{@23SHJN-Aqi%fm_0@nU_-v2MK_J8-h%TcT+JQla_ zz2RK!eR__7wYPwGKLRc?`K^MrPqw$e4(?^dO1~u+GHv{ZkI?-`CDyK7R;Yc6s+;o|}K31ecrim&2{5|EYns zzp&5G^|1CA^n4%u%*bT$qbtw9!`Y_)e;+P1 zhL7(AxYt{8dHfMxihg|gOow%5uFwDF@LJQ}?u2#Lrng@NkIqO7ikv>4gqw^$R>3n( zf4vS)G5OgDAJ;z_yz0j1lw+t5#{KSaerufmqhxR96KBCXkJ0Dvd|3NVd%hXgKKY&( z!*!;9JO$U9^sIpA(LZ>7d)a)8zc1YOeC&S^oa~Ys zJk>dJf4tbtXHJI;%y@YY+{?_@&xe~$`P~8Q>|U?``{2S`Qi5k)dX~b&P5;saYrklp zzJI_YOndqf{?qcbppTnRq!p4LqyK$iooV3x=fgcs{W~2lHubLpt~24!fL}c}8T`rR z|9be9Y2Aa}QzCub4Of`(mcp}5f8Px2Y;d37wQ$|^v|xdo-~S8N8DTzsU5@4b=*#2z z!fx>155>=44uY%9_%s9_Xv(h~ZZP_*fxo&tB^c$>e>t3G?ssp1XHg$h64Cwsy|DH` z_UU;B{_^D1;GFHE{Jsib`*K?FoeS?Hxi|IYTUh6adH*{eNB?5_*IZb8aeMod;EI{u zg2P;RXTv3CJgtJ4nf7=UJkONxZLt0rHW^RotKe)ie`tcW-n6 z^S{Fo=2usw1r6^0axZu|{h9aw2e{6p|4g`TL2N$;*7+db{l)OyXJf8|=a}>_g#R+6 zORy+Re=_kHJpF^T;7$^x@$n5fY22@cm(id2^!@_h!}EacUHNQZ#Qum^b`KUi-XBi6 zH;%tQeDq)A_0$4*t?5ro;bo@&RKl}qA3i@T@Y^)Gk9 zxu!ln2A3|3!(RsHnf~=9_}zb{w%>n!0Pi!aTQDVv%I7P%cSE<}K&S5?V4X?f)4TKW z=*P@I`ocQv-q*jwVeNzM-Jb~;nD#UozI6`oi@NY@;m2om366I8nFk;7O!r_%S6}Xf zb#}WCe+jH}9)0+4z{N(tYvF-LA8m4P%B#x>%qL8Geh2H^M<3q7u=X4Cd@?-K^#3E^ zIi~-sfH#}^d@(%3%r|d_12cbk2-aS$KKwV}Hsk*@c#TQlPjI=hPZm>u&HZ3cxWtUF zdGK75-xJ~aMjzwk->lbO4d1v=*Wg{J@40Y+sqYWMIi@^cgPYBG{~4@3lYD-*JCXZ^ z>$?QIx$yQBpU^$f7nExM{b22N>)oFWXPfnf5%5~>M|^o#z&j4>9{l9`(~ICa^jE$; z+zxLr^z;-3pQnDO~xxc_@;!8q3*8sT!IuTS9`(;xf< zYaa|PGiZG~c`_Gf{bYAodv*Kt zO#bJ=+K14G{{%eC)W0UU+T8zq0Bbed%@z z{pp+C+P~lE32UD%?>-k^WzsVYt}yFc6X3!HvHNLo*5@g~sjj_T0WUTBn+uoq?H(NG z>cfMwH}j)c;9F*N4UXI^O5X>t_Tl#F`5sPbiFv0}Nk8x7zUK0?C!A#c(6^_<;S{64 zW8pe8o}3IHPvuJf0Su z;_B-+V*UmoJ0jZ+qdzh3_kgpB&*$e5xZ1R@BDmI!UuVP3CVyk$Ec!d|zXonG{;z?x z?~!kBcfd`iydHpSO!&*-o4*W#T@Q@P=M6aD^k4sg^Gy0vN~uq@Cm;Xr@UA6k!AadB z|GDrAGyfR`*P8lN2)~??7JSh?az6~td_OLa$#5m(oe%#C`1GvQ;9*z4=D?+<{O7?> z_f7_9JN-Wjk1+k|Yp~8?@a6p#Tw%uNl+(~B(D>tLNZV%hU<-f7Q;=<-+Xv4!i^@q zZ^3iSc=Z)rY2xd2Hto^0zn$RvzsBj^9WKAFd;9k*x$v%k;`CG`BN{2TiXaGuHU&v4u7*!}J!m_M5N_aU&(H1*+~1m9nq z8f3fv_-wey?eDTf=k!Dcy!ef@Alv2Ve0YnwzqtX{IoLkD2jFs}uczU;roF!jXPfl4 z!qca84eDKc*bFauF%EC%KcWw#zrOHdQ~t-m8;t!~@LCi96!@!yy9GD6{9P#f);Rom zaHFY@OW;h?Up2xy2gT=aHLSlo5X~39aJ;wUAK;m0Jly_IEMV6f z0$#Boj_+$Y*W8c)4C_2HpPt>y5{dU-41y9De?K@me|vgs#=p)xB>n(5nDKE4yvek$ z5%9U`U4q6?f62sTcp&NX?e%K7fcGsXIQ!e+SN@a?+FX1O!5dBeehEID^+TFL*uTC9 z7n=O7g_oH6vKiLj;fTsJbz~y(*@65vD&afvX>h`@<1%$>c8K z{yOU4E8$`@pT7pyIeA`xi{L^t|9TA0Hu_%%UvP6uFgFq9=S8@|+`qKK)uz349!39a z`ini`dQ+bchO?>*>uWWfWzyRQAGmW6OlAV5@OzA=e>Caa57t>^KKvqhF6H6V z`$t%RJ0L30DR8k_54Z@7Pvd-veG_%3}~b zoc#OroDNsh9z9QlH=FT)CVbjO-Gfwj|1k&FpV!BHc%>O19)q=SwGZ!2c(Ez3_3*_D zx&`;T`t_siO@FY%SjJB?pXdWGHT~()aHi>hPk=K_{{9GmephPHWBW)y6XBI+{yh^e zGU>SuUeXe$_ffdj#QzHX%~vTw&?O4*eRw7IK7ZfA#jIzfpcCCcq>p2-x!b!1jjsOu z9xgZSHyh3{@ehRO8U39C&!m0%@Fv2!AI0%q4bPyyd;5D}oeSpEvlL$OY0RtPp41QT z{!93_A*sQxt~`H)M>0S0_P-lX`J3`M7%n&c|4>-_W)F1vJsa+2`u`eOe>AJGy<88^ zGWq>0oNw~`B&@yTefr;mt6z%wb2!V4_dmb`&G?vJLHz4t_Xolk@jZ`*3H3*Z!KHtV z?T?0Y&3wBQZZY{A56?2?dj;HT`oA0CTGRjE4kyj{vIJgyNow$et1r*P4Q77*F+9)A zzkY-ZP550IIIB!~?hZE^{T&R~nERKL;qmOh^@z*wD7e+s=ZoRZM&EVtRlKiwr|UoN zgO?clW$-+6zx6KMX6nON@D{^e&LO>KJlG4KWzs(ouCI^ve+*n_%A*+0Fz(CYTi)ps z4A?m;zl-6`ro3-}*P8bJAl%c~KL0&#ra#^fE~Pwu_(#EWNuTFZxTl$Ku&r`phN-`o!8xoSc=vPR zOq0F_c%^B7E8xXuy{84%UpAuo)K_pyLp=Za9@d#YzC3oBLi zfg5j$-)Hy)&NbuJX1LbW&(w2aGv4eDC(V5D5O|J>{{(n0eyBXGB^!+d2Ho-dU+~@xVIK${? zHQdYO?@M^UmxJKe?V|Ml2ro7DZKrAI*QDnFc(~~gj)HUOUwwRM!Ih@Hod<8E{`mHI zJv@3e_eVh#-(TQXGrlc?^H;~=JqOP<{Z|v*|A1t0t(*U@fft$j{U12R)X$(AHu>Kj zes*%#U@1CNdH05^O@0dC64O7AfM=TUCc$$)iqm%uoMO^{GrY;@>pnPP^zk%YzcBXy zB0SIN?^9UkcX@sO3}4@p8l30m8=2>kKE_Y4&m4Hst;zQ1v4_EJCj6t}a>FOUg(khH z!7EIDFNa%9e(!+0%}WWcb^3Y$e(H{t;6$hYC9uvx@blRh;X;$&58&XRKE1mp*1=m$ zemhMkKSrOs!}%uugWw|Leki=k+>e|MFE;I|3Qm~u;RblEsqgp6-mK@WfOSTZ*Y`TO z#@ugrKA-vig`Y-SQQh0_*-%ap? z*K`m5?(};vtTX3)`j*SR(N8nH$h6mg!c}Jd=|^~6PS@ZL*Z%}H)IT$x?F`Q_yce8r z=4S=)r7Pq2{Z54En()t({Y71aU0iynz&g9ir}r9ovzbra0?#n_+fTq7On#c+nPxox z1WqyK`Cqu!wCBtV=r2uwaR@w+`G$}G6u8yscRXDGQfxmHUTf;pt#Fmm_hazuholBG zC@}RG%i+X>@qFNQc(_UbC-59IK7R)1Le@)&&!?|HTw&68EZoc3m%;k`4%rc@ zf~!pXx&|IJEg1|=bNwki%gis9!mF<75*+E$zY5O#G>(5GyxZU7?;$qB)kdGcyNLMe z;`Pq`V4YR&(|-g!)3m2E;en?8Tma`WANTeB&v0j+pAQK0lT6$O7i@_8k412!oiD&E zO@7wHy-fN42ro75FJlJo&3Z>J+-$~=Bj9}cJD>hD<=&L%SXgHtdi%@Z%id)@#Ep+P z!vjruFN7~BNDC@^MEd_5oVh;szZz~e?l+1}fBYSM*rjQ~d#?R#cQN|-N34%bc!kOD z0dS3(FBihSO#X+%Iz!N>|9rU5Q?dSUfLECL`JM2+e1F}?jV}+uJxzUl2Ci+1!)t*H zxPSKL`7b!rjCb2z63u5K`&|>6u+A~}>FE!TG~pM*8_fLkEO?8tp9&AVs7o-?>E}wg zn)dDEUjXNl9v}X4xO73xufeS*eQV%6(|*2zm#vS(%ea*MnDW^TZZ_d%!;QxM(Qvs5 ze;7Q^a0R@{^e>mg0p;V&{XA+!IcDKXyL|zTs-#A9Uq^BD}@SuP4K$MqgLKE6x4>O>m*9U-!d{ z-|HUy*M+wXZZ`UO9Uf@|f*3TMW-N`5y^4-ye@Bli(6Feq0IXnfd8oVExfehvUKD;3md@pWan)zRAy5 zaJlKa?3bjDl-EH5;Z`;TwbDtIMqGVGjoZWp6+?UWTx%zJoHA2ny%`eBGpxG zRrO4dJiZu$1W6>~pg~>%LI@#B(11~+CJKmak39D0=z=wy#(+rq<=pL__7bLuU@P9 z<;wwo{EQ9Ny=O#vbpfA8@y{CpU-P*%|2qLcf$@zV9|Jt|m+AKh06$Fe-IoBLPyYV9 zfR7VCPySWd2YUa<0Y6IcC4esm{cOG~0l(r;(tJI@w?N+4L7t>O@H)U3lK*`d;2Vhk zcLV++)??#+2Jj}r=gWZKLGjb~0iPs(KjjUu-((-34R{Oba}Ds>@JBZO9>Ax7ufcV| z@_kQ(j{&|0`e*pR4e(>wuQ*rNb1UHIA)Yn(F2FaCJp2{lbIJby9pFnSp87W6Pkkbd zzy5mkoBzL!)qi_d=L6n^d<)a#YcAjUub%|`#3_6KM=KWtzJcUx zKj7yPeP0218uQuuUJLkM!slkdSCT&81^6rEzdsH5__H@v-?<^;^Hso4kbHj&@T1Uo zqt_X4g#HmePY3+i7t{P(1b%OVe+KYXB%dz@d>!F?7_fZj-SEE-@bUL2_}2k{^51cP z`%@x*@0RDue|!|M{P*Ty&nlHq0KT5=&k4ZuG~OeC-}-{})t9M0{~O>f?@ROj7vTFq z|Lqu4q9BPW=6SfM4<9B!3?UeEgr&_aV5WrvcBCf2;$(>6~ zvHAZ2@Q~!^Yk(gl|Mo4wmyo?U^9IQ4dy@QZ0=ysinmj%q@F|kdmjJ$(=y4_Bnrzy72uYk)NZ0zwyZW>U)t~3Vc1_ONgHD0{m*K zzuW`(!53|;esfcN{;vT4#n)56`4<46ggzNP9|e33$@`Oj9sY&D(bHvu2NHuYP60C1J;`JVy4 z=F=OiZ-%}KJst%7#(OtbU#IcSw*j9Z`S}mP^52i*f0Ca+883bc@?-q^Nx=6Ke|G}@ zf$P>+p92EP_y++$O7wXp;7_jKP<^(_|1rQ1-20KfaEH&vfd`hErQ(|%$@^-q+4-voR!jko?L$P3jgUI6%f;BWlg0r)YJw;8~9 zlYTY-!ss8g%fX^oT^$6fgzM1Ul6M$cS+xqIf z+QX;*2EJW)aAWm}z>iIp=K?X|; zds21h*^%DA4frOqAAbsX)1Pgu&MH2i1^gi7503}?{|Mm!b>;f%lV2F$|E@fb_wDx| zc?;x+==oy6uYmp={iguG<)-yj`3{cA&t-tmC3<%OA143&CcvM&5Bj70zZvjevL}B4 z_;)|FsrpY(iR0Y|_&DvSKLGeQQ2+ge%H!t&Uqkf&I^ZWL-aO+sK`-)GKMJ_^LuXds z@Z3253jtq1`0fJytH1Q5>SvWdmjj;R_z>{DuwO=>Hv#_MqwA_?=<{y}{6d=lqkwNF z`}kLYD)M=z$bQ{>F1L#mfwj#KL_~2Pp9!$ z0N(_EZv1-#;LT*8-wF5wdvM-W?ZF-LJn7>n0N;IU8t-ob-$nlRB;Y5AK9#qEUPO;) z0={4N2hNG~e-YqKw4Q0eS5m(Ba=_akO7pD&ejd^5TEM5sAG}9?$NaXwj{?5$_fouZ zKj2#^9{Vcb6XZ|75BL$>kI~lkZ~QIzbFv3N3Hagr)A*Bszx7jRRexROc^2?vq(7^G zn^d2;7I2m5`CEWrNb%K206$3i#sh%Yk^Vgd_+Fyd{{?&}f3*PLNA~(PfNv%H_ZGl6U_7Jm2LP{Ne$$6P2Ym9Z4SqiPZve}G z=LP+!R2~9+-kpgbrvOg_9~if8GLkKhgIifG?zY@KbgRb61HO~+c@5xiy&U}$8>2qo2>8RF z+)#Z`?cqBB-vIk>{QZ5vU-;f`EmUS+w2?p=Q{zP zNBph>K0Zj_|5^e3>Kiv!fAN`-AFl;`A+6`FfY*^d`v~CSXR)84{JIzLcB0=G0AEM* ze+%$D>F@UdfBT`c{Jw>=-ih&UOY}Sk@I3j8X8}G;^c)AgLgViPd=m6Ae#`-0d*g;` zygztTr4D%RXEs!4)c^ky;M>U_z5(!#&)__~>ib&(-$3^3Ho)f+K6e2=Melzc@E1`} ze1_8F^MKDM`*aHM-~Q41>W`^BRo(@D61~m`d;_g#0`Rx*NcqT4!1sMQt*;?4$-@fZ z3dKur27EE})AZps!0({-+#|n}JbxbWQ;)B!jw}BE0{8;L|NDSXkv}>6-N+~2zs~PZ ze>UKEKpu_$TLGU>&+h?z9>w3k0Ql8}PY3XW^nIUS0el0|=beC`_V#M^Fcu{7;vIlL zi|@-I90>3q1HOggiN6DUH`)Jx1$@sd&#FH4toZzY0zMn|-|&6rEqI^o`!>Kg!yg;{ z8h|UXAKUSNr2f$de2V6~7VsrsP2;@_@HO=NM*&w!zwZZp9?|D>fIH+Lz7F_tswb>} z5A>b<^|JvFiGE{%<-h0Sf8tN30ng8&e@E#x3-~`b zmnYU&U;NZazYha`1diP0Iz$_hU!z){yhPBFVzRme=q0>e`)-f z0DSj{lE0q@B>8uF9Uwvch^wJ^8*q7F5vx?5C8D3;1{ju zBEZ)X{SE@&OY*w}_#Wct5b!ju@7Dm|PVwPwfWL_G*8z9YmwN#ZA4u@u1Ag02RI6Xp zc>WQ<*HHX_#`_U35Wdd^{3-J9+W@z&*y#QEGk~{~KWz()_}u1y9pEc=oK^i7%@5xK zc=*}G&)Wh2{s)u2{X@VVqR-y}evs&K0`NVQUwjYnRj?N(zfZpn`3>3E{|Wd3vL`{fM4<>8>-LT5P!cP z@Fm2r{|)$2(x)#0ej)MiQNU}oo(&&>zaxB}0r+u}-!Z`V5k2+*{@%-~)jyet^Ir-0 zLb5jQ}y+_zPkaRPx^iz;Jxr4M&GXj-t@s_AHD(j zQ$%06cxV&Ne?H(_NMC*m@HO8^^t%M`2ladGazF4DfbT;5WAf7jd@<4QRe+!K{v> z;1jf-{{Z}|pHB6~vp-m={O7~#tKU?7ehl!<6#xA+;JYc_+5>q0i)sEtfIt48wEkm& zx5Hl;{oe}sxu4!t-B6AA{0`v#*URlL0&l3?0{G6Co>_g>|A@bT81T%=G~OowS1x)| z^;u`d-yZ~giu}iS0N+FLb@dMDAFcQ4fUhL_ZUKA)$=80s*VFSa2Yd_3dmr$fl)t|j z@a^>ey8vHI@z3uA{v!GJzX5!L;;pX(zK`tP_W`dF{!jZ5_EWx;==Wm4SHb@nJ$C{A z6#R+7b-=g(bE4O;0KSm)`9{EBA$fco;G0N4e;4qbM9;qg{NtT7t3ROfP+4enI`yUH zUbj9NHu}TLLVq|It}ZTKv{0$nr{)jN*7xt5o3GaaO=r+cr~Iepu-C7*n`;+s-L_+M zWudpc(rFD_O@Q0Co*4%jqjM4sH}Aw!;7|z zZy&34Tf^nX;OfCewaxNFy}r_KwY%+Mz0vPCjwuc5^+o(m|J3R>aRbi&gF7ep*AMRA zJ-2JVK0mp0|1P0O{&IMdUyT&4*J*&eFr8tmUq9Sx zGy!j~^jj;v{;)o5FSmND!+O89FlK-2^m{JA+0|9d7iE{Zn&ua|bS+sVoczbFKc7HaIiY>n^sJXe97w7Qz^+>Bqs~FnC%YHV#2zosdx``m3F^x-rA?WvydC zx!tWmO~A!^r#%=lz0xQH$YKzQ5z}^;SC;xcXjPbbJiUZJ4qN*U&e=N!YDd{{Ls!#R2X-VaE{~}44Wg67J1fjYlceF?67+K-6ai{20RB!J;Bu8a?OUs zj#r>>mtrZijqXxQWkdx5COV2i5RX~~7`Q~{PeLQxqLBqjT7?c3vn|X?D&gY{`>WlnVUnX1>%;y>71R}Yq2VGM5PeXb5B}LX7W5j% zw>M;?%}Bkg1vfE>=Or%24EcjmQDA`%mrgT;_pp3kj&zfnTRWlOdsEF zsBLpvkauo$k2PVjRSME-a~_FT)CIx=I`YC0^FGS%F=C990`nF0d$Y|r=ylr*y+Ni2 zHClej!i;<|w=hZTh4PB`4%Z%;@!*{3ZCXi~Ca32rR^~j1ziY2eLvNttjsCIBl|;!h z78!maK8SeHa^QUt6X#J0sgHQ=5J>xIPHPjC;3nOL6n=(Cuu&y;il*sXY1N3P;==V8 z*Y{a*yXiTx3?WDzN|YL>a0RL%K8m8YZChggR%d=vJVWbSI4-d%5!o-y|pzM$H;Ta)x$z1L}` z!MkACa$|+U1H;!M>zbQ^W(#Rb2a&1d3><_XYIH#}{!7W2*r;yR5cN0fFl>V(3j^E$ z<8+3wrx0UH`g>+#x7u)-WsJ;|fkjcL77|RPfs(hzY$SV@@~*V{$UZENJi3b@5(217j64GYTmZI^*~$p({$^{M zqwK%QCd!Y>tJX$<1FXaIeL@`OZ;)8x*Du{E@{0)<3HYL>{wZgXk!bU+`f z1^cvbhCP+IJon@HRG3Lx%&CbwJ1W8w$r6jEN_b^KZCvvfO2Q-Y7kV8-b=)X}T9E2f zKq6wLR2$z+c5*A;kSa+g#J(oi1(lh@y#dk{r;9G=YNUJ(N%=zL$PfqQh);O7&h`jg(Ypl&flUgMRRmfoK{oc{#Hd*UThhdl%p`E?n@IWg#h%}i}vUv<9zP%vk$MDg& zVDl#t8%oup)i-2P))oq4$}A8*uWNbnEd|i3&Cbd05XCI1Q{~~#a?D}Op7P@>tyJA} zEftZC4UvhT1;KWB=ACfhu+_A(2=&TMHkND^|SKdJ(2>^ua$&7(*1AN#a4SWzyU3#+q z6pExj{x?d-8L5V6oY%ou%+2jh>!@w^g(Pa$Dfmw5z3K1KcDFg&l#~k;Zpf8N1%XuA zQ;Sj(hf$(Q+c^hhfANx_~=^S7(F#w z;w0NuYm!2$$q+2;m#v93Nh~}S8SM*AB*23FuhIXqL#G6SGei^`SNrYZF~O(bt7A0N z#bCEha)k!+ql%1K2Bcy$l6E1Ko{Bp@O5*e=qAn`j3CTPHp&(2)nohswf<%Nt#1lo6 zrs4S($2`SXX~-ytv3yq;POM*6%<_R^5Cr?=0+$S)k-!-h#0P~RlOUsGJF{sNCAiv9 zLMwhLxF}>m1F3EyAW{c4>@OVdv*P&7LXSd*;lIV06`-NzOVNsj5d+)hh&!Zkh5b+6 zB!kJ@j|gYR2xLpj4F|crt6Rsc+UpoVe^HdPYF8mBDi^}t?zsp_87Wj?*B8wei zGapu^2r?gwZ7LXOKG26?2W*FmoK8s2K|)%G6d(!|)gf$07VJ;LB@8H52H@ddZ z$*~ZAalr|pZ+Btk7(a}SlLZv#_)jI}>bGR;-juz`ZBT!Pl~;;oZl z`s%`LY8d>FFf_v+cCuGMEHfIm$Q=|rql&bg$|bT_qA9)^&&(V`nvS%(5{3`9)@xFV zDAZXOux&eRVP{-Q6t>V9@CGS0=4_QrelF$)YDPitl$e%GYi?2y2{)Uwp%G+GclVrV z6QRB$yYn`%MYMrX*s+c~VP+lNfrRWmESJh&-x$?i5Ihv`PmC<*Q&cGOpxHiUlv&Ir1$L>>MU^XSVu;o?%FFjFT=>UmK-r~< zG*^kDVu4CX_&FAx+A!RM7RQE}A5cM%%qC%&ae$p8KOr84t<30(6UgjNE7590-=H)`Fa8tB{S|Sb15QJG~Ufj z&Q&B+q&%?{1=p9+{Lz=@53>Yra8eb`mgMuBD%d-S!JWr7Z0jjUNeQD1$*gs#W`}59 zl+uL2BHFZ7<+HkzjNDcN$6^$$L}lvW{`$`Sm+fL)Y+O7Xx9t|RG!J>7K`o~}RJ(zy z4klv$Ko6v%x(8w83Zk&0xh^*>u-}TlqZE1-HtY;L(RVB=6nRXo>qNbFQ;UW0Sk1G*3?V8g4(gxG?Y#uO_NkW7ElI!sSW1+bY-uLqTlLu_Q8f9>Drm?sh zB4E0NM%cO*n*xfq&hDB{sN}_b;`-=%<+#P3E7&h@X`HpM+ia~F`gsM8 zOnz7}1^dB=L*GJ&Xy`+9VN7{PG&(NX6I+s*8Kds3qV&2k1nKf9kqhq_K^qgmc_j9- znZUM4wOg#5qgKw;xZiXu2}Qt(!Vk~rR{Mzcg4nAr&czlN4SmyGWtnuv20tz69!Jpa z=;iEmGFT9((OY^xn!8vJ@X$^TQcyI=pbJuFO-wj_>d^wTjkIB2ngexHYi$|1P2AIR zzs0@6zO59jALj{U-oSzub$wTDiAlNRq=7@;uT3)P&1*!$GS!pJZS@@5;z2582&P;I zBU#8=jk#n$M(#_?jj42M0-=k{Hj`}SvcfQ_tz94H{h`1^r-`5$9Y;_uqJ~<}LZC$$ zQq)GTWs7r`c#v&~We9{UC@Q!AJ@kafc-FEr@FF+Li4`d+x2zOC!DlBo?qaRlwi`|Q zZcw(ncp~T!dc!AzK6BcI8*5HZe!`3i|S&m-x|d&w)7`GmGn(XXVM z=F4QiN!Q@1O-xGzt$Zn4lgd~eWa^%@1T;W*h&ovPbLxYEpqN}`g=6`>MzPi-lR4zpu@$PUp;U{``th%-xFG7Y)3^L`?wPPn& z#ZfR#`KkRixL2_<%3L(`xfVoIF`%?Es#!3w^{|yM&K7(5HkxP6=<^wr>NxS&f_Zko z;ndg?wvVMtPdRHAHXOE?YYk_R3pvpwujUZwKIi+JI1r1#XP@if^bUGqwwrtoMD zkGg}*E+Xl2vc-uKNUppduhjP)l)lq;w~jJlQv}(n=)1ZL{bRu^Wp+7kf)%|FdhTqc zK9N~)7!)#?BO+~6M(H{8VK`Q>(k5AL8d3A|f|}+TK+Piz<>727klV~^h$3!jAB5IBU&s)_^|A@c2!xQqSP=)HOzi77V8)5|)t5!*v`{rebrGdvgy5i{79 zk#daEl0+#SUiF}9cd)EBV40${h~)ZggV_0}3T6CupPgPQFAI@)+P$=ec{y70%PbA> z6>v}(95&W``RpwAf^5a!J}M^w9mk@3Epr^&OL}26@r`^iW}#z$%?^jS^#~S0+`dKO zFfqA)ewZ&`HkeBUC!8ig%?S*zM+F5f#a*Alpj5I6;80nGP#AYNrbWmG2 zXHor|7p|IH8JH~Uip_ASW%JJcERm$%EeiLt2m^{?;tO8q;_G%*YMXq)auyg9 z8MkBb`;zIty1Fj|MEUJzQgwnH&@`wnp!dt%4wRO~p-J&$ZkY4dS0Y*YCz?dc@s zgW^(_>eg{o6DuiIYMfRY6CFiG@=jsYMpdr;OviTGyyu?Q!Z@Ng+|xQ<5f_oRUyN?C z2P>-q# z7KRwaD?jIYi^HR6vmlPT+?t^LH`vntF#9`QCs`}VSjd8q^P9|u4wUHwbGcd3+ez{& zM>1Scjig|~YKgMc>kGqUE3NvWIyyhPOC`$~V^BQj%T^)QfjtoLp2V%VwdSbwitaj-7IP3?x4hxJT98CijcWIllOwy<$O6!fa0N9 z{N>}DgDSzXMqC# zQzLl&8GWu4Fi%aDT4~5a$AZ&?46%4wTB5Y zMpGhl-B5sJs!*BoB}%jtTo-r#IamFNRft7Y2xS){yE~?Vj@RA2zIua$x^u0YlQ7?D z<{DZ;l`O!hXvp;!H92BunS}5Kp)Rd|3(~^kV^t0QTWJy!BQ-Or`-do0Lscdj94AMr z?h5DNPTWx&c%@ zHhRy6y_acRY|@53N2{l(qA3LOH;Qi10W+u~t4_%r^WtonqT@ecV3M6$*Q>Po$m!1!nEq6r1 zC(WhA45}E^DriqDbfd#fOyXvz7{p~U5Hf>Yiikp`JTB>ql`itrj_Uec%qK{JNAoh> z&7c7j)mg>c9Vq*@)8(x-FP_F_hT^zb$H`f5hSH*4R_bTH&~9N}l^8XZD;G)XCGdC< z4VXyfXIsm?Vc}XVE%b-VfuD$ly|7kucV#ihh{Bc_sUg5V_y3MYxm-)4Vx;zgutXfr zUHQ3HAUH@&6!{6|Ei1J;<97HN4fHE$oS2$O%%_@dQsIx-OG^~VV!~LA3UN2I+)qs_ zYs@sHj!r!s;qMn0wZ*y^QT?ne_Q2VcQV>gvuhCDoj7(Q0m$qm#811^Y{J@Z-%|U6w zWnJa5Z|2lP0}_S+2-Z{YHzilU1e^ZLt#8#xd+Tn?DeM0;B9$GG5z=Hm8RvimMp6TXKhH9xs0B4#Mc zeX3Fz3w+*@y@F2A6j!McG{wroUHc7B=QXoSTg!)VxVW&-A1rQ=pF9d~bQ=B92ZPKi zqLdwazN2LM8X_yQI+O>I*`EF=?q*4*4=FOCA%?Dwi%h~%t4cz2eaoV->tPX*GNo|q zTkamrQ`UXQB2ynpv?vOOKa?Xm@|V>v0=TP_j#4E?IqEeuN%)GhatQ*F z!Qo3A-OQyGddNbM5fx4TDIEn-mwm`G5xv@%1S_47a=dWGs{eb!Wl_&B7IXC=NTfJe z67DyMN8@IwpGNb>(5O0}ZwZ97nd-474j^US<1|U@bwcr7+mnkh3hk{IX(mM#IIA66e$@wt3{CSg#l z%sNMnNOUo9P<t?X!sK3u&GXuI1H&{>@1tUaE9x#x!aacxB=3 zHWDN2k+AU5N&=_pFrx}d*gC+?&9)JQbZ+0wX}4drPqs+^0)`kqZWf9SjQ_$RStlMY zP;%mx%e(P3?cClOsqNx)qKS0413%tJpGI=wB6C{gsk21QiGp(? zNOTW|EIG!^iQK@ZScXeKBEo{%%L7%gEi!Q2lTF-TiL=B__K>MQ5kojtq%`yhT_5Ez zC?!>jLp{)~t2(Txcs7&F1Vyt2`p7SdG!s&92uDSHx6#zmO0;md32%@jr-#=Ec7+?W zX0SV)hOdp2qjxXpi`r`En_%zfN49UI1(i~((`d34aOGgD#xk;E2*7GPy9dWpI1G60;xr45@T%v1?OcwV)4&vnKiGGi&HC& zVK2Ks%oPHNq=so%el?{fnq?Iv^6?=%K?i~@h}Ific-HNlw@(!+g3NpmbQB-c0*hR* zp?Y-^tq`8@sr)olx@IL=59_hPnNBCKS$&r<4+Oa%l~xCF7K0lKln7(8?N-pd&557N zg#>_R>&&Z^n`WIA788IM;f$jwh+O=#KWxB9TdpJfMq=*c)hS0cF8VWy*~~EE&TktK zOUk`HqFEF;{P&pW=F|B$S#gmTnVFE-C}dxv{NiSa$wPQIv_ zfDw?v#vrsCA?+rBBX7(G-hS3WN_rRZgumn$>mbNXBisnI4PpNlba-z7*tjW=Po%= zp^F7@3%!q#S#~2EET`_97E;h~YMiqa{Rq)qxZYC!f6AAGCR0%-WjiUe=ZH3jPAL1x zi3Fuz$b;eHM4;KA4p+jymYI5enq-$$Hvem=c=_^OXWf=3(y;z{^>>T2jK9T`QPE<9 zc%8`Z&~6qCjAs_1CM9C+Tz8!bO`Q@Brb`4&Vp%!LQbL(gNiMu%jZ~F#j3kIPc#iO{Mjv98T z>I?n~olUVx^vO^~L>;&AIf@W9mDQoJPy{5lS)wFE1GO(0GLG`Aw9d@x?fTI_YKRc_ zCe#-BOIy5HpKd#mH9B@#P{^?`ZZTJUqy5BNWSnX5+^E@_fXv7T%T{DW9&}It@F-O_)+R@24 zXm~@<0NT;9#d3n{bU{0{^C2!1VJ(FZZiYtf2toRXef&Rm+jw{1RQckqg4CKJtdANN zr|3Xh9#o|uX;SX^gF7Llne8roStV9Q+kaG}segt$0#S|}TFr_AiUighTUSNC679+- zc2g8Qq7&AC)c&lnAQyH$d7iPqogG>rwYRu6`6<|!*uor^}lv@rAbsJ0AtLqMD?e701K%pr{3F6`@Ea9eK(pJeFr9wbW$IcDgh+(OcfY+>t zIH1X?$*Dqnvg?=E;&dHqqYCjdMzg5D#$xMAngl60G$KaBs_5*Lo4ZX0i2z%W_Bb!`EZw}w zLBDLR6dgl|0`aaXh}UXUvs;J?Bf;DydI~DSrNk-j`DDGU6y-!}lMV2uJOt&T$~xI> z_Ob1d))X%}4KalF)Xj-mLlcS4jmAF1!b4)-fVR{!Z+()DYbbot$e3@nGGnv((%#{& zl`blS6{zQaX-ZT94XGx?&JDUp0ie!Ur74NS{zS+Zy2;#&o|x!D^@>S)tGb4^?`!r0%mnPi2Mn z%zb7E%JNNV<-(~wv%7X3NTh}f;e?ElfOnE_5GnJ`)&w^cXAmxFxyp7!T**9IG4x%V zWm~LZs@$@<3G@i4RztgGd$7<$T`C&<^b<}jIFQ}IAg#N_jm+>RP~Y+M_iE@#58kmz zSYL^0hD9G~&K*RpP`xSnMoN_Qu9@f#V;mSdq$~{d`I2a;xN&BX963akrVlfhwnbgv zlKpmZbABWVW`9&{;PtqG?x@VPq-3;k^;&!FG6r>9&eW&8ac#Wc$yo5Nl?mGDIqe_?2rftKc}h>bkQD;!y9bkfeCF@ zisjMZk{Wr*5f@06IHuP)6|6)u&w&k27pZZVG>@7|YS_W?hbap$MJ79FgE)#aF~ytw z;DgQm>e|)okow@6LdW&#>Ldv>-Fy$)Zmt>uWjqxanOmT>6O4;(!~oX%vQLm=Po}|H zT;$eH=XB!hN2$pQ?yzmT(A|~YKd5C~;<*X2xdpBm#H%ecOeN9?Mc-J@luUzl)Y)3@ z9Cm{h^*x4m{ zfPmSEx;EKa9^k7p7Zex zFSbgJK@N`_3VDj}CR;$B%NK^Bd8JOxTwZf&`dd@SL#+hnD9 zgIn#RnV{XEgo@m7>u9B;3dP_op({R@n?Fg?0y8P8gokW4r6^NbINVyeT1qRI$1iQ= z!%-AUz9r^h#wjifk7a_13=+n{6d2QM(Q7J8UrI7Tl4hN#MUOfT6$xnurmm+fOx3{j@F~p9_1GUJF;~{Z3?6bugU0?DmHQh$a zvh~IeS$Ps_Tp;W3h7iA)xA_o;ePE1|j)pb*=r1X&DMXPbHbut!Ne`utVcM8vSU%_(Et zoKZZTnz;#fZ;NzhQkNtyvr(i|i&hpYaOYP!Cn5D07E42ng*_&y z@u-a?Kb&LMj+d;`jfJlf&-$|(9l z7$;jD;eK1g#!J5*OKPm`UMKZrh~W6NAY!U=o0alkgA`+dHjOhBwqL#|=nsa1Q#rlH zr9{gs@&SRILfIAq&>=ENWTN>?(H3b%Fp-bqjI3#4yfTz?4*i54Wg?+<%JrrZI?RgI z{Bod77z#~fCoC$P3E{yxakUAz8X9|@IvB6WE>|>M|KQJMTOnlJPD5R9*bN#jn{5=g zxj|N6lc#MZD=ly4k4REpFeov~jphVYfY$ogW?^9W$B&Zctk$B3X`L@s_{;}7M4Kk% z@P)pP@g^_3QsU06ra^e;QBYEFcuMjxwQ*Ms$gK1{ByyK!E%Y(Z>E3Xh*cr8jI;?Q_ z7~2n(R1y;0iw>rky1+GPNq8|oHAZ=iWm3k zr=nF;^u4L@^|>hXq67Xi-K}W$4KY@shDyd><0{UfhwUj)tf&R? zvyja27}as>q#d|XqU#WlZ7&HZcBb^YLvD#YuGqGq)(yS$+7w3PC~5?CxslC#-^R&m zuX1|S1|S(023ik=eo+oXv^(f_u%}b3XPkD{l*$v^<+Q}84sMbeqkz#Deic{kX8}s) z*}ZTmm$RF$Y2*|O5IQ1xfON%nD58l{`$vYN`v-@HXyBVKKCGM9+ld_|9IO6i3+F5T0dC89g`%YxzU6w~qCwJ$eCh7itj zjfA(U645a}H!yn4kDJP!F=9xH1S6{#Gv-jSPfnIzk4Y{@OVOtfUCss3?&Zb1;_<9e z_SNkt?NkPXuQmvKz%yZ|A+5&*t$4L130p1IdxNxl6M4W=Yt5laf;OzT3rms>2$ zG4jj>HL&n;FHNDF&Cof6(6iH#6mY)L2Z_>pGS$Kcx>Hvem-l<|5|it}Gu}lP1Sd?K zK3;&CQ8)Bq<9vl|6om-U8nXmS{kbSQ72M+8$RZk-lo~oxePlvd*KSs{wwcrgad@FE zwlGGq9!T$6*dOu-pIGCn%=U!KUFeQZe>gH2W|nwdn87=OjrR~Bs|yq=RH+PvYtxI>ALOILV;Jh0NC0X0Zgi8PN^Z8-yK+^j$?*?OowmBKi{h ztvn&|y95HU!Po)}q>W^fa3kECFSIKz!E6rj^(;KGNVBV4 zCS}#!xwo}aZ^>QP7H7b+fmUe{qf!bMR0$7;v#xt&>ilW74TuJef+ij6c2t{Du2FvH zbwuZ)OzmAh$?#r|FxlSpOGDveOi0GzB|x++Pn+E}w`<;BGLg#*Uj?7#Q5AH|VzOE~ z_{6ec%M7=PgakPRX%T0; zuS>XS&N>Q&szA1oELaZrQq%p;4P3n2!R@ZO?xfzeXdZn$c<#iBHks4#H8Tqm5&hpGu2s#7E`bD$IsLJ#4#(FLH!S0jygbT4NsnqH3t)+pZ65 zs8m2T4)jSzwlz^yVV#>1`J9IupW)QmgRDJo=|;CnmiCR_v*+)2q8R6c{eld~`;g#M@mgBz0+oi^ats<(<%x3>mAm*4o(yoKqg%0XkQ33^7QI zC1<4|Xt^gGV(b)|A1Z!)0|2k45Y#&2qnYRm>-+t-V#l<$)oZ~TjoBkUwrGxqOv)5n zoXS+`4ZF1}m||TvBy2w@J7XK2$(L~flp>*A3!h`oi zSKbOPsj;6)Ux^(Q!P5H$7ho!D(Ps_cv{Q6raB39MbtCD%tb290ceE>u+&6=rD7nF1 z&m-!a!F}Lo-^PT?FBAarsa%&b^gkpD1&u7pOo1LQy4qang!J%07B3Xlfw{yKJoPMO z0tGo$FI%xh?BWIJO;?VnrtwKW9UVj}@Oj`dLp*m`M&S*}>;~NiYdwK_2UM);3 zu`9S##W$D_qm}+mL)8!->7R@pHGHU{J+Xb_B7{x#68VKviPzFn;>=j(fjIVT8P#wiZP_`RBTR3)Z zTnyGoHEFWZNNgS*5x8xK_=B)%N=3(Ln+a literal 0 HcmV?d00001 diff --git a/0.11.10/nipper.c b/0.11.10/nipper.c new file mode 100644 index 0000000..ef9ff2e --- /dev/null +++ b/0.11.10/nipper.c @@ -0,0 +1,487 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +/* +The following files should be provided with this source code (as a minimum): + +* INSTALL - The compilation and installation guide +* LICENCE - The licence covering all the files +* Changelog - A listing of all source code changes +* Readme - Information about Nipper + +*/ + + +// Standard Includes... +#include +#include +#include +#include +#include +#include +#include +#include +#include + + +// Global Constants... +const char *program_banner = " _ ____\n" + " _ __ (_)_ __ _ __ ___ _ __ / ->/|\n" + " | '_ \\| | '_ \\| '_ \\ / _ \\ '__| /<-_/ |\n" + " | | | | | |_) | |_) | __/ | | | /\n" + " |_| |_|_| .__/| .__/ \\___|_| |___|/\n" + " |_| |_|\n\n" + " Version 0.11.10\n" + " http://nipper.titania.co.uk\n" + " Copyright (C) 2006-2008 Ian Ventura-Whiting\n"; +const char *program_version_banner = "nipper version 0.11.10\nhttp://nipper.titania.co.uk\nCopyright (C) 2006-2008 Ian Ventura-Whiting"; +const char *program_version = "0.11.10"; + + +// Common structure/def includes... +#include "common/nipper-defs.c" +#include "common/nipper-struct.c" + +// Program function includes... +#include "common/nipper-base64.c" +#include "common/nipper-common.c" +#include "common/nipper-config.c" +#include "common/nipper-cmdoptions.c" +#include "common/nipper-help.c" +#include "common/nipper-remote-snmp.c" + +// Reporting function includes... +#include "common/report-appendix.c" +#include "common/report-text.c" +#include "common/report-functions.c" +#include "common/report-vulns.c" +#include "common/report.c" + +// Common Device Code... +#include "common/nipper-objects.c" +#include "common/nipper-acl.c" + +// Common Reporting Code... +#include "common/report-acl.c" +#include "common/report-debug.c" + +// Cisco Common Support Code... +#include "cisco/report-acl.c" + +// Cisco IOS Support... +#include "IOS/input.c" +#include "IOS/report.c" +#include "IOS/cleanup.c" + +// Cisco NMP/CatOS Support... +#include "NMP/input.c" +#include "NMP/report.c" +#include "NMP/cleanup.c" + +// Cisco PIX/ASA/FWSM Support... +#include "PIX/input.c" +#include "PIX/report.c" +#include "PIX/cleanup.c" + +// Cisco CSS Support... +#include "CSS/input.c" +#include "CSS/report.c" +#include "CSS/cleanup.c" + +// Juniper ScreenOS Support... +#include "ScreenOS/input.c" +#include "ScreenOS/report.c" +#include "ScreenOS/cleanup.c" + +// Nortel Passport Support... +#include "Passport/input.c" +#include "Passport/report.c" +#include "Passport/cleanup.c" + +// CheckPoint Firewall-1 Support... +#include "FW1/input.c" +#include "FW1/report.c" +#include "FW1/cleanup.c" + +// SonicWall SonicOS Support... +#include "SonicOS/input.c" +#include "SonicOS/report.c" +#include "SonicOS/cleanup.c" + +// Processing includes... +#include "common/nipper-defaults.c" +#include "common/nipper-input.c" +#include "common/nipper-namemappings.c" +#include "common/nipper-cleanup.c" + + +// ---------------------------------------------------- +// PART 1: Program parameters & initialization + +int main(int argc, char *argv[]) +{ + // Program variables... + int tempInt = 0; + char buffer[LINE_SIZE]; + int sizeRead = 0; + char temporaryFileName[64] = ""; + FILE *tempFileHandle = 0; + FILE *inputFileHandle = 0; + struct debugAbbrev *debugAbPointer = 0; + struct johnPassword *johnPointer = 0; + + // Nipper Configuration... + struct nipperConfig *nipper = createNipperConfig(); + + // Get the command-line options... + getCommandOptions(argc, argv, nipper); + + // Show on-line help? + if (nipper->nipperMode == mode_help) + showHelp(argc, argv, nipper); + + // Show version? + else if (nipper->nipperMode == mode_version) + printf("%s\n\n", program_version_banner); + +// ---------------------------------------------------- +// PART 2: Process Configuration File + + else if (nipper->nipperMode == mode_process) + { + + // Get SNMP if it has been specified... +#if !defined(__WIN32__) + if ((nipper->remoteIP[0] != 0) && (nipper->localIP[0] != 0) && (nipper->inputName == 0)) + getRemoteConfig(nipper, temporaryFileName, sizeof(temporaryFileName), argv[nipper->localSave]+13); + + // Get stdin if input has not been specified... + else if (nipper->inputName == 0) +#else + if (nipper->inputName == 0) +#endif + { + // Init... + signal(14, stdinTimeout); + inputFileHandle = stdin; + + // Read stdin... + while (feof(inputFileHandle) == 0) + { + // Read... + memset(buffer, 0, LINE_SIZE); +#if !defined(__WIN32__) + alarm(2); +#endif + sizeRead = fread(buffer, 1, LINE_SIZE, inputFileHandle); +#if !defined(__WIN32__) + alarm(0); +#endif + + // Write to file... + if (tempFileHandle == 0) + { + sprintf(temporaryFileName, "%sdelete-me-%d", tmpDir, rand()); + tempFileHandle = fopen(temporaryFileName, "w"); + fwrite(buffer, 1, sizeRead, tempFileHandle); + } + else + fwrite(buffer, 1, sizeRead, tempFileHandle); + } + fclose(tempFileHandle); + nipper->inputName = temporaryFileName; + } + + // Debug Output? + if ((nipper->debugMode == true) && (nipper->nipperMode == mode_process)) + { + printf("%s\n", program_banner); + + printf("\n%sCommand Line Options\n====================%s\nCommand:", COL_BLUE, RESET); + for (tempInt = 0; tempInt < argc; tempInt++) + { + printf(" %s", argv[tempInt]); + } + printf("\n\n"); + } + + // Process input file(s)/stdin/snmp... + if (nipper->nipperMode == mode_process) + { + if (processInput(nipper) == true) + { + // Check that version has been identified for relevent configs... + nipper->nipperMode = mode_process; + if (nipper->force == false) + { + switch (nipper->deviceType) + { + case type_ios_switch: + case type_ios_router: + case type_ios_catalyst: + if (nipper->versionMajor == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_wrong_type; + } + break; + + case type_nmp_catalyst: + case type_cos_catalyst: + if (nipper->versionMajor == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_wrong_type; + } + break; + + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + if (nipper->versionMajor == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_wrong_type; + } + break; + + case type_css_filter: + if (nipper->versionMajor == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_wrong_type; + } + break; + + case type_sos_firewall: + case type_sonicwall: + if (nipper->hostname[0] == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_wrong_type; + } + break; + + case type_passport: + case type_bayaccelar: + if (nipper->pas->boxType[0] == 0) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_wrong_type; + } + break; + } + } + } + } + if (nipper->nipperMode == mode_help) + { + showHelp(argc, argv, nipper); + cleanup(nipper); + return 1; + } + + +// ---------------------------------------------------- +// PART 3: Report Pre-parsing + + // Default Settings... + processDefaults(nipper); + + // Convert Names to IP Addresses... + if (nipper->names == true) + processNameMappings(nipper); + +// ---------------------------------------------------- +// PART 4: Reporting + + // Output debug information? + if (nipper->debugMode == true) + { + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + reportIOSDebug(nipper); + break; + + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + reportPIXDebug(nipper); + break; + + case type_nmp_catalyst: + case type_cos_catalyst: + reportNMPDebug(nipper); + break; + + case type_css_filter: + reportCSSDebug(nipper); + break; + + case type_sos_firewall: + reportSOSDebug(nipper); + break; + + case type_passport: + case type_bayaccelar: + reportPASDebug(nipper); + break; + + case type_fw1_firewall: + case type_nokiaip: + reportFW1Debug(nipper); + break; + + case type_sonicwall: + reportSonicOSDebug(nipper); + break; + } + } + + // Output report & john (if specified) + else + { + // Output john? + if ((nipper->johnFile != 0) && (nipper->john != 0)) + { + // Variables + FILE *johnFile; + + // Create file + johnFile = fopen(nipper->johnFile, "w"); + if (johnFile == NULL) + { + nipper->nipperMode = mode_help; + nipper->helpMode = help_error_john_file; + } + else + { + + // Write file contents + johnPointer = nipper->john; + while (johnPointer != 0) + { + fprintf(johnFile, "%s:%s\n", johnPointer->username, johnPointer->password); + johnPointer = johnPointer->next; + } + + // Close file + fclose(johnFile); + } + } + + if (nipper->nipperMode == mode_help) + { + showHelp(argc, argv, nipper); + cleanup(nipper); + return 1; + } + + // Generate the report + switch (nipper->deviceType) + { + case type_ios_router: + case type_ios_switch: + case type_ios_catalyst: + generateIOSReport(nipper); + break; + + case type_pix_firewall: + case type_asa_firewall: + case type_fwsm_firewall: + generatePIXReport(nipper); + break; + + case type_cos_catalyst: + case type_nmp_catalyst: + generateNMPReport(nipper); + break; + + case type_css_filter: + generateCSSReport(nipper); + break; + + case type_sos_firewall: + generateSOSReport(nipper); + break; + + case type_passport: + case type_bayaccelar: + generatePASReport(nipper); + break; + + case type_fw1_firewall: + case type_nokiaip: + generateFW1Report(nipper); + break; + + case type_sonicwall: + generateSonicOSReport(nipper); + break; + } + + if (nipper->nipperMode == mode_help) + { + showHelp(argc, argv, nipper); + cleanup(nipper); + return 1; + } + + // Output Debug Abbreviations + if (nipper->debugAbbrev == true) + { + printf("\n%sUnknown Abbreviations\n=====================%s\n", COL_BLUE, RESET); + debugAbPointer = debugAb; + while (debugAbPointer != 0) + { + printf(" %s (%d)\n", debugAbPointer->ab, debugAbPointer->count); + debugAbPointer = debugAbPointer->next; + } + } + } + + +// ---------------------------------------------------- +// PART 5: Cleanup + + // Stdin temporary file... + if (temporaryFileName[0] != 0) + { + unlink(temporaryFileName); + } + } + + cleanup(nipper); + + return 0; +} diff --git a/0.11.10/nipper.conf b/0.11.10/nipper.conf new file mode 100644 index 0000000..2409b99 --- /dev/null +++ b/0.11.10/nipper.conf @@ -0,0 +1,173 @@ +# This configuration file is for Nipper +# http://www.sourceforge.net/projects/nipper + + +# Configuration File Usage +# ------------------------ +# These settings set the Nipper defaults. They can be overridden +# on the command line. If you remove a settings value or delete +# it, Nipper will return to its internal default setting. +# +# On/Off settings can be specified using "on", "off", "true", +# "false", "yes" or "no". The On/Off settings are case insensitive. +# +# A line begining with a # is a comment line and will be ignored. + + +#################### +# General Settings # +#################### + +[General] + +# This changes the default device type. The choices are: +# Cisco Router (IOS) +# Cisco Switch (IOS) +# Cisco Catalyst (IOS) +# Cisco Catalyst (NMP) +# Cisco Catalyst (CatOS) +# Cisco Firewall (PIX) +# Cisco Firewall (ASA) +# Cisco Firewall (FWSM) +# Cisco Content Services Switch (CSS) +# Juniper ScreenOS Firewall +# Nortel Passport +# Checkpoint Firewall-1 +# SonicWall SonicOS Firewall +Device Type = Cisco Router (IOS) + +# Device Model +# Model = + +# This option will bypass any device type checking +Force Type = No + +# Where is the device on the network (on the edge or internal) +# Location = Edge +Location = Internal + + +################### +# Report Settings # +################### + +[Report] + +Company Name = Nipper +Show Passwords In Report = yes +Expand ACL In Report = no +Convert Names To IP Addresses = no + +# The default report format. The options are HTML, XML, LATEX or +# TEXT. The Nipper default is HTML. +Report Format = HTML + + +############################### +# HTML Report Format Settings # +############################### +# These are the HTML report format settings. + +[HTML] + +# Style Sheet File = + + +################################ +# Latex Report Format Settings # +################################ +# These are the Latex report format settings. Refer to the Latex +# documentation for alternatives. + +[Latex] + +Paper Size = a4paper +Document Class = article + + +########################### +# Report Section Settings # +########################### +# Modify these settings to include or exclude various sections from +# the report output. However, it is worth noting that when enabled +# these sections will still only appear if they have content. + +[Report Sections] + +Configuration Report = on +Security Audit = on +Appendix = on +Abbreviations = on +Common Ports = on +Logging Levels = on +Time Zones = on +Nipper Details = on +Glossary = on + + +################################ +# Configuration Audit Settings # +################################ +# These settings determine how different elements of a +# configuration are audited. + +[Audit] + +# Dictionary to use with password strength testing. If no +# dictionary is specified, a small built-in dictionary of +# common/defaults is used. A dictionary file will contain +# one password per line. + +# Dictionary File = + +# Password / key audit options +Minimum Password Length = 8 +Passwords Must Include Uppercase = off +Passwords Must Include Lowercase = off +Passwords Must Include Lowercase or Uppercase = on +Passwords Must Include Numbers = on +Passwords Must Include Special Characters = off + +# Filtering / ACL audit options +Check For Any Source = yes +Check Source Rules Do Not Include Networks = yes +Check For Any Source Service = no +Check For Any Destination = yes +Check Destination Rules Do Not Include Networks = yes +Check For Any Destination Service = yes +Check That All Rules Log = no +Check That All Deny Rules Log = yes +Check For Disabled Rules = yes +Check Rule Lists End With Deny All And Log = yes +Check For Reject Rules = yes +Check For Bypass Rules = yes +Check For Default Rules = yes + +# Misc audit options +Minimum Timeout (Seconds) = 600 + + +################################## +# SNMP Retrival Section Settings # +################################## +# These settings will be used when connecting to an SNMP server +# to remotely retrieve a device configuration. This is only supported +# on a number of device types. + +[SNMP] + +# The read/write community string to use +Community String = private + +# Set this to yes for really old Cisco devices +Old Cisco Method = no + +# The local TFTP server root +TFTP Server Root = /tftproot/ + +# Your local IP address +# Local IP Address = + +# The remote device IP address +# Remote IP Address = + diff --git a/0.11.10/nipper.ini b/0.11.10/nipper.ini new file mode 100644 index 0000000..172556c --- /dev/null +++ b/0.11.10/nipper.ini @@ -0,0 +1,148 @@ +# This configuration file is for Nipper +# http://www.sourceforge.net/projects/nipper + + +# Configuration File Usage +# ------------------------ +# These settings set the Nipper defaults. They can be overridden +# on the command line. If you remove a settings value or delete +# it, Nipper will return to its internal default setting. +# +# On/Off settings can be specified using "on", "off", "true", +# "false", "yes" or "no". The On/Off settings are case insensitive. +# +# A line begining with a # is a comment line and will be ignored. + + +#################### +# General Settings # +#################### + +[General] + +# This changes the default device type. The choices are: +# Cisco Router (IOS) +# Cisco Switch (IOS) +# Cisco Catalyst (IOS) +# Cisco Catalyst (NMP) +# Cisco Catalyst (CatOS) +# Cisco Firewall (PIX) +# Cisco Firewall (ASA) +# Cisco Firewall (FWSM) +# Cisco Content Services Switch (CSS) +# Juniper ScreenOS Firewall +# Nortel Passport +# Checkpoint Firewall-1 +# SonicWall SonicOS Firewall +Device Type = Cisco Router (IOS) + +# Device Model +# Model = + +# This option will bypass any device type checking +Force Type = No + +# Where is the device on the network (on the edge or internal) +# Location = Edge +Location = Internal + + +################### +# Report Settings # +################### + +[Report] + +Company Name = Nipper +Show Passwords In Report = yes +Expand ACL In Report = no +Convert Names To IP Addresses = no + +# The default report format. The options are HTML, XML, LATEX or +# TEXT. The Nipper default is HTML. +Report Format = HTML + + +############################### +# HTML Report Format Settings # +############################### +# These are the HTML report format settings. + +[HTML] + +# Style Sheet File = + + +################################ +# Latex Report Format Settings # +################################ +# These are the Latex report format settings. Refer to the Latex +# documentation for alternatives. + +[Latex] + +Paper Size = a4paper +Document Class = article + + +########################### +# Report Section Settings # +########################### +# Modify these settings to include or exclude various sections from +# the report output. However, it is worth noting that when enabled +# these sections will still only appear if they have content. + +[Report Sections] + +Configuration Report = on +Security Audit = on +Appendix = on +Abbreviations = on +Common Ports = on +Logging Levels = on +Time Zones = on +Nipper Details = on +Glossary = on + + +################################ +# Configuration Audit Settings # +################################ +# These settings determine how different elements of a +# configuration are audited. + +[Audit] + +# Dictionary to use with password strength testing. If no +# dictionary is specified, a small built-in dictionary of +# common/defaults is used. A dictionary file will contain +# one password per line. + +# Dictionary File = + +# Password / key audit options +Minimum Password Length = 8 +Passwords Must Include Uppercase = off +Passwords Must Include Lowercase = off +Passwords Must Include Lowercase or Uppercase = on +Passwords Must Include Numbers = on +Passwords Must Include Special Characters = off + +# Filtering / ACL audit options +Check For Any Source = yes +Check Source Rules Do Not Include Networks = yes +Check For Any Source Service = no +Check For Any Destination = yes +Check Destination Rules Do Not Include Networks = yes +Check For Any Destination Service = yes +Check That All Rules Log = no +Check That All Deny Rules Log = yes +Check For Disabled Rules = yes +Check Rule Lists End With Deny All And Log = yes +Check For Reject Rules = yes +Check For Bypass Rules = yes +Check For Default Rules = yes + +# Misc audit options +Minimum Timeout (Seconds) = 600 + diff --git a/libnipper-0.12.6/3Com-SuperStack3-Firewall/.svn/all-wcprops b/libnipper-0.12.6/3Com-SuperStack3-Firewall/.svn/all-wcprops new file mode 100644 index 0000000..87654e7 --- /dev/null +++ b/libnipper-0.12.6/3Com-SuperStack3-Firewall/.svn/all-wcprops @@ -0,0 +1,17 @@ +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/3Com-SuperStack3-Firewall +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 75 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 73 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.h +END diff --git a/libnipper-0.12.6/3Com-SuperStack3-Firewall/.svn/entries b/libnipper-0.12.6/3Com-SuperStack3-Firewall/.svn/entries new file mode 100644 index 0000000..7333ffc --- /dev/null +++ b/libnipper-0.12.6/3Com-SuperStack3-Firewall/.svn/entries @@ -0,0 +1,96 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/3Com-SuperStack3-Firewall +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device.cpp +file + + + + +2016-02-13T06:47:11.084158Z +627c5527ac61a9c0509aae8d2f6e3c5c +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2557 + +device.h +file + + + + +2016-02-13T06:47:11.084158Z +cfa0ce25f4d5cb5b55b3de653d168694 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2540 + diff --git a/libnipper-0.12.6/3Com-SuperStack3-Firewall/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/3Com-SuperStack3-Firewall/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..dc8669e --- /dev/null +++ b/libnipper-0.12.6/3Com-SuperStack3-Firewall/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,43 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" + + +SuperStack3FirewallDevice::SuperStack3FirewallDevice() +{ + deviceMake = "3Com"; + deviceType = "SuperStack 3 Firewall"; + deviceOS = "SonicOS"; +} diff --git a/libnipper-0.12.6/3Com-SuperStack3-Firewall/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/3Com-SuperStack3-Firewall/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..911db4b --- /dev/null +++ b/libnipper-0.12.6/3Com-SuperStack3-Firewall/.svn/text-base/device.h.svn-base @@ -0,0 +1,46 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_SuperStack3Firewall_H +#define device_SuperStack3Firewall_H + + +#include "../SonicWALL-SonicOS/device.h" + + +class SuperStack3FirewallDevice : public SonicOSDevice +{ + public: + SuperStack3FirewallDevice(); +}; + + +#endif diff --git a/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp b/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp new file mode 100644 index 0000000..dc8669e --- /dev/null +++ b/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp @@ -0,0 +1,43 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" + + +SuperStack3FirewallDevice::SuperStack3FirewallDevice() +{ + deviceMake = "3Com"; + deviceType = "SuperStack 3 Firewall"; + deviceOS = "SonicOS"; +} diff --git a/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.h b/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.h new file mode 100644 index 0000000..911db4b --- /dev/null +++ b/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.h @@ -0,0 +1,46 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_SuperStack3Firewall_H +#define device_SuperStack3Firewall_H + + +#include "../SonicWALL-SonicOS/device.h" + + +class SuperStack3FirewallDevice : public SonicOSDevice +{ + public: + SuperStack3FirewallDevice(); +}; + + +#endif diff --git a/libnipper-0.12.6/BayNetworks-Accelar/.svn/all-wcprops b/libnipper-0.12.6/BayNetworks-Accelar/.svn/all-wcprops new file mode 100644 index 0000000..3dd9a4a --- /dev/null +++ b/libnipper-0.12.6/BayNetworks-Accelar/.svn/all-wcprops @@ -0,0 +1,17 @@ +K 25 +svn:wc:ra_dav:version-url +V 58 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/BayNetworks-Accelar +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 69 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/BayNetworks-Accelar/device.cpp +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/BayNetworks-Accelar/device.h +END diff --git a/libnipper-0.12.6/BayNetworks-Accelar/.svn/entries b/libnipper-0.12.6/BayNetworks-Accelar/.svn/entries new file mode 100644 index 0000000..245eff0 --- /dev/null +++ b/libnipper-0.12.6/BayNetworks-Accelar/.svn/entries @@ -0,0 +1,96 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/BayNetworks-Accelar +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device.h +file + + + + +2016-02-13T06:47:11.324157Z +4f643e4bf839ef2622f2729254dd8fac +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2536 + +device.cpp +file + + + + +2016-02-13T06:47:11.324157Z +689bed3506532f07f81abc7b53d3f4d9 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2483 + diff --git a/libnipper-0.12.6/BayNetworks-Accelar/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/BayNetworks-Accelar/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..57feee3 --- /dev/null +++ b/libnipper-0.12.6/BayNetworks-Accelar/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,41 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include "device.h" + + +BayNetworksAccelarDevice::BayNetworksAccelarDevice() +{ + deviceMake = "Bay Networks"; + deviceType = "Accelar"; + deviceOS = "AccelarOS"; +} diff --git a/libnipper-0.12.6/BayNetworks-Accelar/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/BayNetworks-Accelar/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..0da82e6 --- /dev/null +++ b/libnipper-0.12.6/BayNetworks-Accelar/.svn/text-base/device.h.svn-base @@ -0,0 +1,46 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_BayNetworksAccelar_H +#define device_BayNetworksAccelar_H + + +#include "../Nortel-Passport/device.h" + + +class BayNetworksAccelarDevice : public PassportDevice +{ + public: + BayNetworksAccelarDevice(); +}; + + +#endif diff --git a/libnipper-0.12.6/BayNetworks-Accelar/device.cpp b/libnipper-0.12.6/BayNetworks-Accelar/device.cpp new file mode 100644 index 0000000..57feee3 --- /dev/null +++ b/libnipper-0.12.6/BayNetworks-Accelar/device.cpp @@ -0,0 +1,41 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include "device.h" + + +BayNetworksAccelarDevice::BayNetworksAccelarDevice() +{ + deviceMake = "Bay Networks"; + deviceType = "Accelar"; + deviceOS = "AccelarOS"; +} diff --git a/libnipper-0.12.6/BayNetworks-Accelar/device.h b/libnipper-0.12.6/BayNetworks-Accelar/device.h new file mode 100644 index 0000000..0da82e6 --- /dev/null +++ b/libnipper-0.12.6/BayNetworks-Accelar/device.h @@ -0,0 +1,46 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_BayNetworksAccelar_H +#define device_BayNetworksAccelar_H + + +#include "../Nortel-Passport/device.h" + + +class BayNetworksAccelarDevice : public PassportDevice +{ + public: + BayNetworksAccelarDevice(); +}; + + +#endif diff --git a/libnipper-0.12.6/CMakeCache.txt b/libnipper-0.12.6/CMakeCache.txt new file mode 100644 index 0000000..f9d60ec --- /dev/null +++ b/libnipper-0.12.6/CMakeCache.txt @@ -0,0 +1,243 @@ +# This is the CMakeCache file. +# For build in directory: /home/dbryan/libnipper-0.12.6 +# It was generated by CMake: /usr/bin/cmake +# You can edit this file to change values found and used by cmake. +# If you do not want to change any of the values, simply exit the editor. +# If you do want to change a value, simply edit, save, and exit the editor. +# The syntax for the file is as follows: +# KEY:TYPE=VALUE +# KEY is the name of a variable in the cache. +# TYPE is a hint to GUI's for the type of VALUE, DO NOT EDIT TYPE!. +# VALUE is the current value for the KEY. + +######################## +# EXTERNAL cache entries +######################## + +//Path to a program. +CMAKE_AR:FILEPATH=/usr/bin/ar + +//For backwards compatibility, what version of CMake commands and +// syntax should this version of CMake allow. +CMAKE_BACKWARDS_COMPATIBILITY:STRING=2.4 + +//Choose the type of build, options are: None(CMAKE_CXX_FLAGS or +// CMAKE_C_FLAGS used) Debug Release RelWithDebInfo MinSizeRel. +// +CMAKE_BUILD_TYPE:STRING= + +//Enable/Disable color output during build. +CMAKE_COLOR_MAKEFILE:BOOL=ON + +//CXX compiler. +CMAKE_CXX_COMPILER:FILEPATH=/usr/bin/c++ + +//Flags used by the compiler during all build types. +CMAKE_CXX_FLAGS:STRING=' ' + +//Flags used by the compiler during debug builds. +CMAKE_CXX_FLAGS_DEBUG:STRING=-g + +//Flags used by the compiler during release minsize builds. +CMAKE_CXX_FLAGS_MINSIZEREL:STRING=-Os -DNDEBUG + +//Flags used by the compiler during release builds (/MD /Ob1 /Oi +// /Ot /Oy /Gs will produce slightly less optimized but smaller +// files). +CMAKE_CXX_FLAGS_RELEASE:STRING=-O3 -DNDEBUG + +//Flags used by the compiler during Release with Debug Info builds. +// +CMAKE_CXX_FLAGS_RELWITHDEBINFO:STRING=-O2 -g + +//Flags used by the linker. +CMAKE_EXE_LINKER_FLAGS:STRING= + +//Flags used by the linker during debug builds. +CMAKE_EXE_LINKER_FLAGS_DEBUG:STRING= + +//Flags used by the linker during release minsize builds. +CMAKE_EXE_LINKER_FLAGS_MINSIZEREL:STRING= + +//Flags used by the linker during release builds. +CMAKE_EXE_LINKER_FLAGS_RELEASE:STRING= + +//Flags used by the linker during Release with Debug Info builds. +// +CMAKE_EXE_LINKER_FLAGS_RELWITHDEBINFO:STRING= + +//Install path prefix, prepended onto install directories. +CMAKE_INSTALL_PREFIX:PATH=/usr/local + +//Path to a program. +CMAKE_MAKE_PROGRAM:FILEPATH=/usr/bin/gmake + +//Flags used by the linker during the creation of modules. +CMAKE_MODULE_LINKER_FLAGS:STRING= + +//Flags used by the linker during debug builds. +CMAKE_MODULE_LINKER_FLAGS_DEBUG:STRING= + +//Flags used by the linker during release minsize builds. +CMAKE_MODULE_LINKER_FLAGS_MINSIZEREL:STRING= + +//Flags used by the linker during release builds. +CMAKE_MODULE_LINKER_FLAGS_RELEASE:STRING= + +//Flags used by the linker during Release with Debug Info builds. +// +CMAKE_MODULE_LINKER_FLAGS_RELWITHDEBINFO:STRING= + +//Path to a program. +CMAKE_RANLIB:FILEPATH=/usr/bin/ranlib + +//Flags used by the linker during the creation of dll's. +CMAKE_SHARED_LINKER_FLAGS:STRING= + +//Flags used by the linker during debug builds. +CMAKE_SHARED_LINKER_FLAGS_DEBUG:STRING= + +//Flags used by the linker during release minsize builds. +CMAKE_SHARED_LINKER_FLAGS_MINSIZEREL:STRING= + +//Flags used by the linker during release builds. +CMAKE_SHARED_LINKER_FLAGS_RELEASE:STRING= + +//Flags used by the linker during Release with Debug Info builds. +// +CMAKE_SHARED_LINKER_FLAGS_RELWITHDEBINFO:STRING= + +//If set, runtime paths are not added when using shared libraries. +// +CMAKE_SKIP_RPATH:BOOL=NO + +//If true, cmake will use relative paths in makefiles and projects. +// +CMAKE_USE_RELATIVE_PATHS:BOOL=OFF + +//If this value is on, makefiles will be generated without the +// .SILENT directive, and all commands will be echoed to the console +// during the make. This is useful for debugging only. With Visual +// Studio IDE projects all commands are done without /nologo. +CMAKE_VERBOSE_MAKEFILE:BOOL=FALSE + +//Single output directory for building all executables. +EXECUTABLE_OUTPUT_PATH:PATH= + +//Single output directory for building all libraries. +LIBRARY_OUTPUT_PATH:PATH= + +//Value Computed by CMake +Nipper_BINARY_DIR:STATIC=/home/dbryan/libnipper-0.12.6 + +//Value Computed by CMake +Nipper_SOURCE_DIR:STATIC=/home/dbryan/libnipper-0.12.6 + +//Dependencies for target +nipper_LIB_DEPENDS:STATIC= + + +######################## +# INTERNAL cache entries +######################## + +//Advanced flag for variable: CMAKE_AR +CMAKE_AR-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_BUILD_TOOL +CMAKE_BUILD_TOOL-ADVANCED:INTERNAL=1 +//What is the target build tool cmake is generating for. +CMAKE_BUILD_TOOL:INTERNAL=/usr/bin/gmake +//This is the directory where this CMakeCahe.txt was created +CMAKE_CACHEFILE_DIR:INTERNAL=/home/dbryan/libnipper-0.12.6 +//Major version of cmake used to create the current loaded cache +// +CMAKE_CACHE_MAJOR_VERSION:INTERNAL=2 +//Minor version of cmake used to create the current loaded cache +// +CMAKE_CACHE_MINOR_VERSION:INTERNAL=4 +//Major version of cmake used to create the current loaded cache +// +CMAKE_CACHE_RELEASE_VERSION:INTERNAL=patch 8 +//Advanced flag for variable: CMAKE_COLOR_MAKEFILE +CMAKE_COLOR_MAKEFILE-ADVANCED:INTERNAL=1 +//Path to CMake executable. +CMAKE_COMMAND:INTERNAL=/usr/bin/cmake +//Path to ctest program executable. +CMAKE_CTEST_COMMAND:INTERNAL=/usr/bin/ctest +//Advanced flag for variable: CMAKE_CXX_COMPILER +CMAKE_CXX_COMPILER-ADVANCED:INTERNAL=1 +CMAKE_CXX_COMPILER_WORKS:INTERNAL=1 +//Advanced flag for variable: CMAKE_CXX_FLAGS +CMAKE_CXX_FLAGS-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_CXX_FLAGS_DEBUG +CMAKE_CXX_FLAGS_DEBUG-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_CXX_FLAGS_MINSIZEREL +CMAKE_CXX_FLAGS_MINSIZEREL-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_CXX_FLAGS_RELEASE +CMAKE_CXX_FLAGS_RELEASE-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_CXX_FLAGS_RELWITHDEBINFO +CMAKE_CXX_FLAGS_RELWITHDEBINFO-ADVANCED:INTERNAL=1 +//Path to cache edit program executable. +CMAKE_EDIT_COMMAND:INTERNAL=/usr/bin/ccmake +//Advanced flag for variable: CMAKE_EXE_LINKER_FLAGS +CMAKE_EXE_LINKER_FLAGS-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_EXE_LINKER_FLAGS_DEBUG +CMAKE_EXE_LINKER_FLAGS_DEBUG-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_EXE_LINKER_FLAGS_MINSIZEREL +// +CMAKE_EXE_LINKER_FLAGS_MINSIZEREL-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_EXE_LINKER_FLAGS_RELEASE +CMAKE_EXE_LINKER_FLAGS_RELEASE-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_EXE_LINKER_FLAGS_RELWITHDEBINFO +// +CMAKE_EXE_LINKER_FLAGS_RELWITHDEBINFO-ADVANCED:INTERNAL=1 +//Name of generator. +CMAKE_GENERATOR:INTERNAL=Unix Makefiles +//Start directory with the top level CMakeLists.txt file for this +// project +CMAKE_HOME_DIRECTORY:INTERNAL=/home/dbryan/libnipper-0.12.6 +//Install .so files without execute permission. +CMAKE_INSTALL_SO_NO_EXE:INTERNAL=0 +//Advanced flag for variable: CMAKE_MAKE_PROGRAM +CMAKE_MAKE_PROGRAM-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_MODULE_LINKER_FLAGS +CMAKE_MODULE_LINKER_FLAGS-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_MODULE_LINKER_FLAGS_DEBUG +CMAKE_MODULE_LINKER_FLAGS_DEBUG-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_MODULE_LINKER_FLAGS_MINSIZEREL +// +CMAKE_MODULE_LINKER_FLAGS_MINSIZEREL-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_MODULE_LINKER_FLAGS_RELEASE +// +CMAKE_MODULE_LINKER_FLAGS_RELEASE-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_MODULE_LINKER_FLAGS_RELWITHDEBINFO +// +CMAKE_MODULE_LINKER_FLAGS_RELWITHDEBINFO-ADVANCED:INTERNAL=1 +//number of local generators +CMAKE_NUMBER_OF_LOCAL_GENERATORS:INTERNAL=1 +//Advanced flag for variable: CMAKE_RANLIB +CMAKE_RANLIB-ADVANCED:INTERNAL=1 +//Path to CMake installation. +CMAKE_ROOT:INTERNAL=/usr/share/cmake +//Advanced flag for variable: CMAKE_SHARED_LINKER_FLAGS +CMAKE_SHARED_LINKER_FLAGS-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_SHARED_LINKER_FLAGS_DEBUG +CMAKE_SHARED_LINKER_FLAGS_DEBUG-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_SHARED_LINKER_FLAGS_MINSIZEREL +// +CMAKE_SHARED_LINKER_FLAGS_MINSIZEREL-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_SHARED_LINKER_FLAGS_RELEASE +// +CMAKE_SHARED_LINKER_FLAGS_RELEASE-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_SHARED_LINKER_FLAGS_RELWITHDEBINFO +// +CMAKE_SHARED_LINKER_FLAGS_RELWITHDEBINFO-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_SKIP_RPATH +CMAKE_SKIP_RPATH-ADVANCED:INTERNAL=1 +//uname command +CMAKE_UNAME:INTERNAL=/bin/uname +//Advanced flag for variable: CMAKE_USE_RELATIVE_PATHS +CMAKE_USE_RELATIVE_PATHS-ADVANCED:INTERNAL=1 +//Advanced flag for variable: CMAKE_VERBOSE_MAKEFILE +CMAKE_VERBOSE_MAKEFILE-ADVANCED:INTERNAL=1 + diff --git a/libnipper-0.12.6/CMakeFiles/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/.svn/all-wcprops new file mode 100644 index 0000000..58f5fb4 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/.svn/all-wcprops @@ -0,0 +1,53 @@ +K 25 +svn:wc:ra_dav:version-url +V 49 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles +END +Makefile2 +K 25 +svn:wc:ra_dav:version-url +V 59 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/Makefile2 +END +cmake.check_cache +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/cmake.check_cache +END +progress.make +K 25 +svn:wc:ra_dav:version-url +V 63 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/progress.make +END +CMakeOutput.log +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/CMakeOutput.log +END +CMakeSystem.cmake +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/CMakeSystem.cmake +END +CMakeDirectoryInformation.cmake +K 25 +svn:wc:ra_dav:version-url +V 81 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/CMakeDirectoryInformation.cmake +END +Makefile.cmake +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/Makefile.cmake +END +CMakeCXXCompiler.cmake +K 25 +svn:wc:ra_dav:version-url +V 72 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/CMakeCXXCompiler.cmake +END diff --git a/libnipper-0.12.6/CMakeFiles/.svn/entries b/libnipper-0.12.6/CMakeFiles/.svn/entries new file mode 100644 index 0000000..2f7765c --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/.svn/entries @@ -0,0 +1,306 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +Makefile2 +file + + + + +2016-02-13T06:47:10.988159Z +5008cd5c2aa97f8db05d6d1537f1d6f6 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3037 + +cmake.check_cache +file + + + + +2016-02-13T06:47:10.988159Z +448d8050798441c3c0911462399ba145 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +85 + +progress.make +file + + + + +2016-02-13T06:47:10.988159Z +13069be7449e705918c7daf43395bda2 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +25 + +CMakeTmp +dir + +CMakeOutput.log +file + + + + +2016-02-13T06:47:10.988159Z +2a2a11a814719b104164b18dfdac0884 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +1152 + +CMakeSystem.cmake +file + + + + +2016-02-13T06:47:10.988159Z +884604e163b1f9facf900fbb23c8f106 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +183 + +nipper.dir +dir + +CMakeDirectoryInformation.cmake +file + + + + +2016-02-13T06:47:10.988159Z +bd286df0b1cb3f1a4e1fcde459187353 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +576 + +Makefile.cmake +file + + + + +2016-02-13T06:47:10.988159Z +99d17da9805b6dfc43fe01716194702b +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +1395 + +CMakeCXXCompiler.cmake +file + + + + +2016-02-13T06:47:10.988159Z +25088d882d6be33c561ecb2d6d31af07 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +899 + diff --git a/libnipper-0.12.6/CMakeFiles/.svn/text-base/CMakeCXXCompiler.cmake.svn-base b/libnipper-0.12.6/CMakeFiles/.svn/text-base/CMakeCXXCompiler.cmake.svn-base new file mode 100644 index 0000000..aa22c72 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/.svn/text-base/CMakeCXXCompiler.cmake.svn-base @@ -0,0 +1,30 @@ +SET(CMAKE_CXX_COMPILER "/usr/bin/c++") +SET(CMAKE_CXX_COMPILER_ARG1 "") +SET(CMAKE_AR "/usr/bin/ar") +SET(CMAKE_RANLIB "/usr/bin/ranlib") +SET(CMAKE_COMPILER_IS_GNUCXX 1) +SET(CMAKE_CXX_COMPILER_LOADED 1) +SET(CMAKE_COMPILER_IS_MINGW ) +SET(CMAKE_COMPILER_IS_CYGWIN ) +IF(CMAKE_COMPILER_IS_CYGWIN) + SET(CYGWIN 1) + SET(UNIX 1) +ENDIF(CMAKE_COMPILER_IS_CYGWIN) + +SET(CMAKE_CXX_COMPILER_ENV_VAR "CXX") + +IF(CMAKE_COMPILER_IS_MINGW) + SET(MINGW 1) +ENDIF(CMAKE_COMPILER_IS_MINGW) +SET(CMAKE_COMPILER_IS_GNUCXX_RUN 1) +SET(CMAKE_CXX_IGNORE_EXTENSIONS inl;h;H;o;O;obj;OBJ;def;DEF;rc;RC) +SET(CMAKE_CXX_SOURCE_FILE_EXTENSIONS C;M;c++;cc;cpp;cxx;m;mm) +SET(CMAKE_CXX_LINKER_PREFERENCE Prefered) +IF(UNIX) + SET(CMAKE_CXX_OUTPUT_EXTENSION .o) +ELSE(UNIX) + SET(CMAKE_CXX_OUTPUT_EXTENSION .obj) +ENDIF(UNIX) +# save the size of void* in case where cache is removed +# and the this file is still around +SET(CMAKE_SIZEOF_VOID_P ) diff --git a/libnipper-0.12.6/CMakeFiles/.svn/text-base/CMakeDirectoryInformation.cmake.svn-base b/libnipper-0.12.6/CMakeFiles/.svn/text-base/CMakeDirectoryInformation.cmake.svn-base new file mode 100644 index 0000000..9fe559f --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/.svn/text-base/CMakeDirectoryInformation.cmake.svn-base @@ -0,0 +1,16 @@ +# CMAKE generated file: DO NOT EDIT! +# Generated by "Unix Makefiles" Generator, CMake Version 2.4 + +# Force unix paths in dependencies. +SET(CMAKE_FORCE_UNIX_PATHS 1) + +# The C and CXX include file search paths: +SET(CMAKE_C_INCLUDE_PATH + ) +SET(CMAKE_CXX_INCLUDE_PATH ${CMAKE_C_INCLUDE_PATH}) + +# The C and CXX include file regular expressions for this directory. +SET(CMAKE_C_INCLUDE_REGEX_SCAN "^.*$") +SET(CMAKE_C_INCLUDE_REGEX_COMPLAIN "^$") +SET(CMAKE_CXX_INCLUDE_REGEX_SCAN ${CMAKE_C_INCLUDE_REGEX_SCAN}) +SET(CMAKE_CXX_INCLUDE_REGEX_COMPLAIN ${CMAKE_C_INCLUDE_REGEX_COMPLAIN}) diff --git a/libnipper-0.12.6/CMakeFiles/.svn/text-base/CMakeOutput.log.svn-base b/libnipper-0.12.6/CMakeFiles/.svn/text-base/CMakeOutput.log.svn-base new file mode 100644 index 0000000..8f8af7e --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/.svn/text-base/CMakeOutput.log.svn-base @@ -0,0 +1,21 @@ +The system is: Linux - 2.6.18-8.1.15.el5 - i686 +Determining if the C++ compiler is GNU succeeded with the following output: +# 1 "/usr/share/cmake/Modules/CMakeTestGNU.c" +# 1 "" +# 1 "" +# 1 "/usr/share/cmake/Modules/CMakeTestGNU.c" + +void THIS_IS_GNU(); + +Determining if the CXX compiler works passed with the following output: +/usr/bin/gmake -f CMakeFiles/cmTryCompileExec.dir/build.make CMakeFiles/cmTryCompileExec.dir/build +gmake[1]: Entering directory `/home/dbryan/libnipper-0.12.6/CMakeFiles/CMakeTmp' +/usr/bin/cmake -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles 1 +Building CXX object CMakeFiles/cmTryCompileExec.dir/testCXXCompiler.o +/usr/bin/c++ -o CMakeFiles/cmTryCompileExec.dir/testCXXCompiler.o -c /home/dbryan/libnipper-0.12.6/CMakeFiles/CMakeTmp/testCXXCompiler.cxx +Linking CXX executable cmTryCompileExec +/usr/bin/cmake -P CMakeFiles/cmTryCompileExec.dir/cmake_clean_target.cmake +/usr/bin/c++ -fPIC "CMakeFiles/cmTryCompileExec.dir/testCXXCompiler.o" -o cmTryCompileExec -rdynamic +gmake[1]: Leaving directory `/home/dbryan/libnipper-0.12.6/CMakeFiles/CMakeTmp' + + diff --git a/libnipper-0.12.6/CMakeFiles/.svn/text-base/CMakeSystem.cmake.svn-base b/libnipper-0.12.6/CMakeFiles/.svn/text-base/CMakeSystem.cmake.svn-base new file mode 100644 index 0000000..a18e77c --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/.svn/text-base/CMakeSystem.cmake.svn-base @@ -0,0 +1,5 @@ +SET(CMAKE_SYSTEM "Linux-2.6.18-8.1.15.el5") +SET(CMAKE_SYSTEM_NAME "Linux") +SET(CMAKE_SYSTEM_VERSION "2.6.18-8.1.15.el5") +SET(CMAKE_SYSTEM_PROCESSOR "i686") +SET(CMAKE_SYSTEM_LOADED 1) diff --git a/libnipper-0.12.6/CMakeFiles/.svn/text-base/Makefile.cmake.svn-base b/libnipper-0.12.6/CMakeFiles/.svn/text-base/Makefile.cmake.svn-base new file mode 100644 index 0000000..4ee8dc5 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/.svn/text-base/Makefile.cmake.svn-base @@ -0,0 +1,38 @@ +# CMAKE generated file: DO NOT EDIT! +# Generated by "Unix Makefiles" Generator, CMake Version 2.4 + +# The generator used is: +SET(CMAKE_DEPENDS_GENERATOR "Unix Makefiles") + +# The top level Makefile was generated from the following files: +SET(CMAKE_MAKEFILE_DEPENDS + "CMakeCache.txt" + "CMakeFiles/CMakeCXXCompiler.cmake" + "CMakeFiles/CMakeSystem.cmake" + "CMakeLists.txt" + "/usr/share/cmake/Modules/CMakeCXXCompiler.cmake.in" + "/usr/share/cmake/Modules/CMakeCXXInformation.cmake" + "/usr/share/cmake/Modules/CMakeCommonLanguageInclude.cmake" + "/usr/share/cmake/Modules/CMakeDetermineCXXCompiler.cmake" + "/usr/share/cmake/Modules/CMakeDetermineSystem.cmake" + "/usr/share/cmake/Modules/CMakeGenericSystem.cmake" + "/usr/share/cmake/Modules/CMakeSystem.cmake.in" + "/usr/share/cmake/Modules/CMakeSystemSpecificInformation.cmake" + "/usr/share/cmake/Modules/CMakeTestCXXCompiler.cmake" + "/usr/share/cmake/Modules/CMakeUnixFindMake.cmake" + "/usr/share/cmake/Modules/Platform/Linux.cmake" + "/usr/share/cmake/Modules/Platform/UnixPaths.cmake" + "/usr/share/cmake/Modules/Platform/gcc.cmake" + ) + +# The corresponding makefile is: +SET(CMAKE_MAKEFILE_OUTPUTS + "Makefile" + "CMakeFiles/cmake.check_cache" + "CMakeFiles/CMakeDirectoryInformation.cmake" + ) + +# The set of files whose dependency integrity should be checked: +SET(CMAKE_DEPEND_INFO_FILES + "CMakeFiles/nipper.dir/DependInfo.cmake" + ) diff --git a/libnipper-0.12.6/CMakeFiles/.svn/text-base/Makefile2.svn-base b/libnipper-0.12.6/CMakeFiles/.svn/text-base/Makefile2.svn-base new file mode 100644 index 0000000..b542253 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/.svn/text-base/Makefile2.svn-base @@ -0,0 +1,85 @@ +# CMAKE generated file: DO NOT EDIT! +# Generated by "Unix Makefiles" Generator, CMake Version 2.4 + +# Default target executed when no arguments are given to make. +default_target: all + +# The main recursive all target +all: + +# The main recursive preinstall target +preinstall: + +#============================================================================= +# Special targets provided by cmake. + +# Disable implicit rules so canoncical targets will work. +.SUFFIXES: + +.SUFFIXES: .hpux_make_needs_suffix_list + +# Suppress display of executed commands. +$(VERBOSE).SILENT: + +# A target that is always out of date. +cmake_force: + +#============================================================================= +# Set environment variables for the build. + +# The shell in which to execute make rules. +SHELL = /bin/sh + +# The CMake executable. +CMAKE_COMMAND = /usr/bin/cmake + +# The command to remove a file. +RM = /usr/bin/cmake -E remove -f + +# The program to use to edit the cache. +CMAKE_EDIT_COMMAND = /usr/bin/ccmake + +# The top-level source directory on which CMake was run. +CMAKE_SOURCE_DIR = /home/dbryan/libnipper-0.12.6 + +# The top-level build directory on which CMake was run. +CMAKE_BINARY_DIR = /home/dbryan/libnipper-0.12.6 + +#============================================================================= +# Target rules for target CMakeFiles/nipper.dir + +# All Build rule for target. +CMakeFiles/nipper.dir/all: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/depend + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/build + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 + @echo "Built target nipper" + +# Include target in all. +all: CMakeFiles/nipper.dir/all + +# Build rule for subdir invocation for target. +CMakeFiles/nipper.dir/rule: cmake_check_build_system + $(CMAKE_COMMAND) -E cmake_progress_start /home/dbryan/libnipper-0.12.6/CMakeFiles 100 + $(MAKE) -f CMakeFiles/Makefile2 CMakeFiles/nipper.dir/all + $(CMAKE_COMMAND) -E cmake_progress_start /home/dbryan/libnipper-0.12.6/CMakeFiles 0 + +# Convenience name for target. +nipper: CMakeFiles/nipper.dir/rule + +# clean rule for target. +CMakeFiles/nipper.dir/clean: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/clean + +# clean rule for target. +clean: CMakeFiles/nipper.dir/clean + +#============================================================================= +# Special targets to cleanup operation of make. + +# Special rule to run CMake to check the build system integrity. +# No rule that depends on this can have commands that come from listfiles +# because they might be regenerated. +cmake_check_build_system: + $(CMAKE_COMMAND) -H$(CMAKE_SOURCE_DIR) -B$(CMAKE_BINARY_DIR) --check-build-system CMakeFiles/Makefile.cmake 0 + diff --git a/libnipper-0.12.6/CMakeFiles/.svn/text-base/cmake.check_cache.svn-base b/libnipper-0.12.6/CMakeFiles/.svn/text-base/cmake.check_cache.svn-base new file mode 100644 index 0000000..3dccd73 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/.svn/text-base/cmake.check_cache.svn-base @@ -0,0 +1 @@ +# This file is generated by cmake for dependency checking of the CMakeCache.txt file diff --git a/libnipper-0.12.6/CMakeFiles/.svn/text-base/progress.make.svn-base b/libnipper-0.12.6/CMakeFiles/.svn/text-base/progress.make.svn-base new file mode 100644 index 0000000..158e140 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/.svn/text-base/progress.make.svn-base @@ -0,0 +1 @@ +CMAKE_ALL_PROGRESS = 100 diff --git a/libnipper-0.12.6/CMakeFiles/CMakeCXXCompiler.cmake b/libnipper-0.12.6/CMakeFiles/CMakeCXXCompiler.cmake new file mode 100644 index 0000000..aa22c72 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/CMakeCXXCompiler.cmake @@ -0,0 +1,30 @@ +SET(CMAKE_CXX_COMPILER "/usr/bin/c++") +SET(CMAKE_CXX_COMPILER_ARG1 "") +SET(CMAKE_AR "/usr/bin/ar") +SET(CMAKE_RANLIB "/usr/bin/ranlib") +SET(CMAKE_COMPILER_IS_GNUCXX 1) +SET(CMAKE_CXX_COMPILER_LOADED 1) +SET(CMAKE_COMPILER_IS_MINGW ) +SET(CMAKE_COMPILER_IS_CYGWIN ) +IF(CMAKE_COMPILER_IS_CYGWIN) + SET(CYGWIN 1) + SET(UNIX 1) +ENDIF(CMAKE_COMPILER_IS_CYGWIN) + +SET(CMAKE_CXX_COMPILER_ENV_VAR "CXX") + +IF(CMAKE_COMPILER_IS_MINGW) + SET(MINGW 1) +ENDIF(CMAKE_COMPILER_IS_MINGW) +SET(CMAKE_COMPILER_IS_GNUCXX_RUN 1) +SET(CMAKE_CXX_IGNORE_EXTENSIONS inl;h;H;o;O;obj;OBJ;def;DEF;rc;RC) +SET(CMAKE_CXX_SOURCE_FILE_EXTENSIONS C;M;c++;cc;cpp;cxx;m;mm) +SET(CMAKE_CXX_LINKER_PREFERENCE Prefered) +IF(UNIX) + SET(CMAKE_CXX_OUTPUT_EXTENSION .o) +ELSE(UNIX) + SET(CMAKE_CXX_OUTPUT_EXTENSION .obj) +ENDIF(UNIX) +# save the size of void* in case where cache is removed +# and the this file is still around +SET(CMAKE_SIZEOF_VOID_P ) diff --git a/libnipper-0.12.6/CMakeFiles/CMakeDirectoryInformation.cmake b/libnipper-0.12.6/CMakeFiles/CMakeDirectoryInformation.cmake new file mode 100644 index 0000000..9fe559f --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/CMakeDirectoryInformation.cmake @@ -0,0 +1,16 @@ +# CMAKE generated file: DO NOT EDIT! +# Generated by "Unix Makefiles" Generator, CMake Version 2.4 + +# Force unix paths in dependencies. +SET(CMAKE_FORCE_UNIX_PATHS 1) + +# The C and CXX include file search paths: +SET(CMAKE_C_INCLUDE_PATH + ) +SET(CMAKE_CXX_INCLUDE_PATH ${CMAKE_C_INCLUDE_PATH}) + +# The C and CXX include file regular expressions for this directory. +SET(CMAKE_C_INCLUDE_REGEX_SCAN "^.*$") +SET(CMAKE_C_INCLUDE_REGEX_COMPLAIN "^$") +SET(CMAKE_CXX_INCLUDE_REGEX_SCAN ${CMAKE_C_INCLUDE_REGEX_SCAN}) +SET(CMAKE_CXX_INCLUDE_REGEX_COMPLAIN ${CMAKE_C_INCLUDE_REGEX_COMPLAIN}) diff --git a/libnipper-0.12.6/CMakeFiles/CMakeOutput.log b/libnipper-0.12.6/CMakeFiles/CMakeOutput.log new file mode 100644 index 0000000..8f8af7e --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/CMakeOutput.log @@ -0,0 +1,21 @@ +The system is: Linux - 2.6.18-8.1.15.el5 - i686 +Determining if the C++ compiler is GNU succeeded with the following output: +# 1 "/usr/share/cmake/Modules/CMakeTestGNU.c" +# 1 "" +# 1 "" +# 1 "/usr/share/cmake/Modules/CMakeTestGNU.c" + +void THIS_IS_GNU(); + +Determining if the CXX compiler works passed with the following output: +/usr/bin/gmake -f CMakeFiles/cmTryCompileExec.dir/build.make CMakeFiles/cmTryCompileExec.dir/build +gmake[1]: Entering directory `/home/dbryan/libnipper-0.12.6/CMakeFiles/CMakeTmp' +/usr/bin/cmake -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles 1 +Building CXX object CMakeFiles/cmTryCompileExec.dir/testCXXCompiler.o +/usr/bin/c++ -o CMakeFiles/cmTryCompileExec.dir/testCXXCompiler.o -c /home/dbryan/libnipper-0.12.6/CMakeFiles/CMakeTmp/testCXXCompiler.cxx +Linking CXX executable cmTryCompileExec +/usr/bin/cmake -P CMakeFiles/cmTryCompileExec.dir/cmake_clean_target.cmake +/usr/bin/c++ -fPIC "CMakeFiles/cmTryCompileExec.dir/testCXXCompiler.o" -o cmTryCompileExec -rdynamic +gmake[1]: Leaving directory `/home/dbryan/libnipper-0.12.6/CMakeFiles/CMakeTmp' + + diff --git a/libnipper-0.12.6/CMakeFiles/CMakeSystem.cmake b/libnipper-0.12.6/CMakeFiles/CMakeSystem.cmake new file mode 100644 index 0000000..a18e77c --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/CMakeSystem.cmake @@ -0,0 +1,5 @@ +SET(CMAKE_SYSTEM "Linux-2.6.18-8.1.15.el5") +SET(CMAKE_SYSTEM_NAME "Linux") +SET(CMAKE_SYSTEM_VERSION "2.6.18-8.1.15.el5") +SET(CMAKE_SYSTEM_PROCESSOR "i686") +SET(CMAKE_SYSTEM_LOADED 1) diff --git a/libnipper-0.12.6/CMakeFiles/CMakeTmp/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/CMakeTmp/.svn/all-wcprops new file mode 100644 index 0000000..85a72db --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/CMakeTmp/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 58 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/CMakeTmp +END diff --git a/libnipper-0.12.6/CMakeFiles/CMakeTmp/.svn/entries b/libnipper-0.12.6/CMakeFiles/CMakeTmp/.svn/entries new file mode 100644 index 0000000..3689c07 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/CMakeTmp/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/CMakeTmp +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +CMakeFiles +dir + diff --git a/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/.svn/all-wcprops new file mode 100644 index 0000000..1a633d8 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 69 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles +END diff --git a/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/.svn/entries b/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/.svn/entries new file mode 100644 index 0000000..0bb9e41 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +cmTryCompileExec.dir +dir + diff --git a/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/cmTryCompileExec.dir/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/cmTryCompileExec.dir/.svn/all-wcprops new file mode 100644 index 0000000..49fcd6c --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/cmTryCompileExec.dir/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 90 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/cmTryCompileExec.dir +END diff --git a/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/cmTryCompileExec.dir/.svn/entries b/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/cmTryCompileExec.dir/.svn/entries new file mode 100644 index 0000000..d029144 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/cmTryCompileExec.dir/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/CMakeTmp/CMakeFiles/cmTryCompileExec.dir +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/Makefile.cmake b/libnipper-0.12.6/CMakeFiles/Makefile.cmake new file mode 100644 index 0000000..4ee8dc5 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/Makefile.cmake @@ -0,0 +1,38 @@ +# CMAKE generated file: DO NOT EDIT! +# Generated by "Unix Makefiles" Generator, CMake Version 2.4 + +# The generator used is: +SET(CMAKE_DEPENDS_GENERATOR "Unix Makefiles") + +# The top level Makefile was generated from the following files: +SET(CMAKE_MAKEFILE_DEPENDS + "CMakeCache.txt" + "CMakeFiles/CMakeCXXCompiler.cmake" + "CMakeFiles/CMakeSystem.cmake" + "CMakeLists.txt" + "/usr/share/cmake/Modules/CMakeCXXCompiler.cmake.in" + "/usr/share/cmake/Modules/CMakeCXXInformation.cmake" + "/usr/share/cmake/Modules/CMakeCommonLanguageInclude.cmake" + "/usr/share/cmake/Modules/CMakeDetermineCXXCompiler.cmake" + "/usr/share/cmake/Modules/CMakeDetermineSystem.cmake" + "/usr/share/cmake/Modules/CMakeGenericSystem.cmake" + "/usr/share/cmake/Modules/CMakeSystem.cmake.in" + "/usr/share/cmake/Modules/CMakeSystemSpecificInformation.cmake" + "/usr/share/cmake/Modules/CMakeTestCXXCompiler.cmake" + "/usr/share/cmake/Modules/CMakeUnixFindMake.cmake" + "/usr/share/cmake/Modules/Platform/Linux.cmake" + "/usr/share/cmake/Modules/Platform/UnixPaths.cmake" + "/usr/share/cmake/Modules/Platform/gcc.cmake" + ) + +# The corresponding makefile is: +SET(CMAKE_MAKEFILE_OUTPUTS + "Makefile" + "CMakeFiles/cmake.check_cache" + "CMakeFiles/CMakeDirectoryInformation.cmake" + ) + +# The set of files whose dependency integrity should be checked: +SET(CMAKE_DEPEND_INFO_FILES + "CMakeFiles/nipper.dir/DependInfo.cmake" + ) diff --git a/libnipper-0.12.6/CMakeFiles/Makefile2 b/libnipper-0.12.6/CMakeFiles/Makefile2 new file mode 100644 index 0000000..b542253 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/Makefile2 @@ -0,0 +1,85 @@ +# CMAKE generated file: DO NOT EDIT! +# Generated by "Unix Makefiles" Generator, CMake Version 2.4 + +# Default target executed when no arguments are given to make. +default_target: all + +# The main recursive all target +all: + +# The main recursive preinstall target +preinstall: + +#============================================================================= +# Special targets provided by cmake. + +# Disable implicit rules so canoncical targets will work. +.SUFFIXES: + +.SUFFIXES: .hpux_make_needs_suffix_list + +# Suppress display of executed commands. +$(VERBOSE).SILENT: + +# A target that is always out of date. +cmake_force: + +#============================================================================= +# Set environment variables for the build. + +# The shell in which to execute make rules. +SHELL = /bin/sh + +# The CMake executable. +CMAKE_COMMAND = /usr/bin/cmake + +# The command to remove a file. +RM = /usr/bin/cmake -E remove -f + +# The program to use to edit the cache. +CMAKE_EDIT_COMMAND = /usr/bin/ccmake + +# The top-level source directory on which CMake was run. +CMAKE_SOURCE_DIR = /home/dbryan/libnipper-0.12.6 + +# The top-level build directory on which CMake was run. +CMAKE_BINARY_DIR = /home/dbryan/libnipper-0.12.6 + +#============================================================================= +# Target rules for target CMakeFiles/nipper.dir + +# All Build rule for target. +CMakeFiles/nipper.dir/all: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/depend + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/build + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 + @echo "Built target nipper" + +# Include target in all. +all: CMakeFiles/nipper.dir/all + +# Build rule for subdir invocation for target. +CMakeFiles/nipper.dir/rule: cmake_check_build_system + $(CMAKE_COMMAND) -E cmake_progress_start /home/dbryan/libnipper-0.12.6/CMakeFiles 100 + $(MAKE) -f CMakeFiles/Makefile2 CMakeFiles/nipper.dir/all + $(CMAKE_COMMAND) -E cmake_progress_start /home/dbryan/libnipper-0.12.6/CMakeFiles 0 + +# Convenience name for target. +nipper: CMakeFiles/nipper.dir/rule + +# clean rule for target. +CMakeFiles/nipper.dir/clean: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/clean + +# clean rule for target. +clean: CMakeFiles/nipper.dir/clean + +#============================================================================= +# Special targets to cleanup operation of make. + +# Special rule to run CMake to check the build system integrity. +# No rule that depends on this can have commands that come from listfiles +# because they might be regenerated. +cmake_check_build_system: + $(CMAKE_COMMAND) -H$(CMAKE_SOURCE_DIR) -B$(CMAKE_BINARY_DIR) --check-build-system CMakeFiles/Makefile.cmake 0 + diff --git a/libnipper-0.12.6/CMakeFiles/cmake.check_cache b/libnipper-0.12.6/CMakeFiles/cmake.check_cache new file mode 100644 index 0000000..3dccd73 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/cmake.check_cache @@ -0,0 +1 @@ +# This file is generated by cmake for dependency checking of the CMakeCache.txt file diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/all-wcprops new file mode 100644 index 0000000..56c4ae3 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/all-wcprops @@ -0,0 +1,71 @@ +K 25 +svn:wc:ra_dav:version-url +V 60 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir +END +cmake_clean_target.cmake +K 25 +svn:wc:ra_dav:version-url +V 85 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/cmake_clean_target.cmake +END +flags.make +K 25 +svn:wc:ra_dav:version-url +V 71 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/flags.make +END +CXX.includecache +K 25 +svn:wc:ra_dav:version-url +V 77 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/CXX.includecache +END +DependInfo.cmake +K 25 +svn:wc:ra_dav:version-url +V 77 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/DependInfo.cmake +END +depend.internal +K 25 +svn:wc:ra_dav:version-url +V 76 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/depend.internal +END +link.txt +K 25 +svn:wc:ra_dav:version-url +V 69 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/link.txt +END +depend.make +K 25 +svn:wc:ra_dav:version-url +V 72 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/depend.make +END +build.make +K 25 +svn:wc:ra_dav:version-url +V 71 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/build.make +END +progress.make +K 25 +svn:wc:ra_dav:version-url +V 74 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/progress.make +END +cmake_clean.cmake +K 25 +svn:wc:ra_dav:version-url +V 78 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/cmake_clean.cmake +END +depend.make.mark +K 25 +svn:wc:ra_dav:version-url +V 77 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/depend.make.mark +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/entries new file mode 100644 index 0000000..e8c77eb --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/entries @@ -0,0 +1,474 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +depend.make.mark +file + + + + +2016-02-13T06:47:10.984159Z +f35843e1eb33b16eb5335a8abcfb2d66 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +22 + +SonicWALL-SonicOS +dir + +cmake_clean_target.cmake +file + + + + +2016-02-13T06:47:10.984159Z +d296169ed1fc97c46d5cc801db46635e +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +43 + +CXX.includecache +file + + + + +2016-02-13T06:47:10.984159Z +319810c9163468324cba829c1b02008f +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +118212 + +3Com-SuperStack3-Firewall +dir + +Nortel-RoutingSwitch +dir + +link.txt +file + + + + +2016-02-13T06:47:10.984159Z +931b33afe83e2e1a89e2a52f6641231f +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +9319 + +build.make +file + + + + +2016-02-13T06:47:10.984159Z +3138e387b77c971a1b96d9463ba1553d +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +360227 + +Cisco-Security-FWSM +dir + +progress.make +file + + + + +2016-02-13T06:47:10.984159Z +4989398482c2d1823e397f2f892ef5b9 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3935 + +Cisco-Catalyst +dir + +Cisco-Catalyst-CatOS +dir + +CheckPoint-Firewall +dir + +device +dir + +BayNetworks-Accelar +dir + +CheckPoint-Management +dir + +Cisco-Security +dir + +Cisco-IOS-Router +dir + +Nokia-IP +dir + +Cisco-Security-ASA +dir + +flags.make +file + + + + +2016-02-13T06:47:10.984159Z +e7cc6e7ae30a729486be3c06b1253bdf +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +143 + +HP-ProCurve +dir + +Cisco-IOS-Catalyst +dir + +Cisco-Catalyst-NMP +dir + +depend.internal +file + + + + +2016-02-13T06:47:10.984159Z +1b251e29b6b668f97a4e2ceeb260ee99 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +107603 + +report +dir + +depend.make +file + + + + +2016-02-13T06:47:10.984159Z +2a440316c86b06581e054e412d600d71 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +127783 + +Nortel-Passport +dir + +Cisco-CSS +dir + +CheckPoint +dir + +Cisco-IOS +dir + +DependInfo.cmake +file + + + + +2016-02-13T06:47:10.984159Z +5236e8a41e03fb00b871c5d2d64b2ea8 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +26329 + +Juniper-ScreenOS +dir + +cmake_clean.cmake +file + + + + +2016-02-13T06:47:10.984159Z +f79773b22d174d698b2c9ed58a589c4d +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +9305 + +Cisco-Security-PIX +dir + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/CXX.includecache.svn-base b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/CXX.includecache.svn-base new file mode 100644 index 0000000..d82b9bf --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/CXX.includecache.svn-base @@ -0,0 +1,3664 @@ +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/../device/device.h + +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.h +../SonicWALL-SonicOS/device.h +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/device.h + +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/../device/../config.h + +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/../device/../config.h + +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/../device/device.h + +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.cpp +device.h +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.h + +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.h +../Nortel-Passport/device.h +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/../device/../config.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/../device/../config.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/../device/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.cpp +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.h +../CheckPoint/device.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/../device/../config.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/../device/../config.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/../device/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.cpp +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.h +../CheckPoint/device.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/errortext.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/device-policies.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/device.cpp +sys/types.h +- +sys/stat.h +- +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h +../device/errortext.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/errortext.h +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/CheckPoint/general.h +filter.h +/home/dbryan/libnipper-0.12.6/CheckPoint/filter.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/filter-objects.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint/device.h +filter.h +/home/dbryan/libnipper-0.12.6/CheckPoint/filter.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/filter-rules.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint/device.h +filter.h +/home/dbryan/libnipper-0.12.6/CheckPoint/filter.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/filter-services.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint/device.h +filter.h +/home/dbryan/libnipper-0.12.6/CheckPoint/filter.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/filter.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint/device.h +filter.h +/home/dbryan/libnipper-0.12.6/CheckPoint/filter.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/filter.h +../device/filter/filter.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/general.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint/device.h +general.h +/home/dbryan/libnipper-0.12.6/CheckPoint/general.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/../../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/authentication.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/../common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/../device.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.h +../device/authentication/authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/authentication.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +banner.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.h +../device/banner/banner.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.h +banner.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.h +dns.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.h +filter.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +dns.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.h +../device/dns/dns.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.cpp +cstring +- +cstdlib +- +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +filter.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.h +../device/filter/filter.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/general.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.h +../device/interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp-report.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.cpp +cstdlib +- +cstring +- +sstream +- +string +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.h +../device/snmp/snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.h +../Cisco-Catalyst/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.h +../Cisco-Catalyst/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/../../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/authentication.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/../common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/../device.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.h +../device/authentication/authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/authentication.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h +banner.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.h +../device/banner/banner.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.h +banner.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.h +dns.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +dns.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.h +../device/dns/dns.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.h +../device/interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.cpp +cstdlib +- +cstring +- +sstream +- +string +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.h +../device/snmp/snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/iosdevice.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp +cstring +- +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../device/common/configline.h +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.h +../Cisco-IOS/iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/iosdevice.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/iosdevice.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.cpp +cstring +- +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../device/common/configline.h +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.h +../Cisco-IOS/iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/iosdevice.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/authentication.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../device.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-line.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-report.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-security.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.h +../device/authentication/authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/authentication.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +banner.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.h +../device/banner/banner.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +dns.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.h +../device/dns/dns.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +filter.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.h +../device/filter/filter.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.h +../device/interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.h +banner.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.h +filter.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.h +dns.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp-report.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.h +../device/snmp/snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.h +../Cisco-Security/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.h +../Cisco-Security/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.h +../Cisco-Security/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/general.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.h +../Cisco-Security/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.h +../Cisco-Security/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.h +../Cisco-Security/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../device/common/configline.h +../Cisco-Security/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.h +../Cisco-Security/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.h +../Cisco-Security/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.h +../Cisco-Security/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../device/common/configline.h +../Cisco-Security/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.h +../Cisco-Security/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/../../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/authentication.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/../common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/../device.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/administration.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.h +../device/authentication/authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/authentication.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/banner.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +banner.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/banner.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/banner.h +../device/banner/banner.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/administration.h +banner.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/banner.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.h +filter.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/filter.h +dns.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/dns.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/dns.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +dns.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/dns.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/dns.h +../device/dns/dns.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/filter.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +filter.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/filter.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/filter.h +../device/filter/filter.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/general.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.h +../device/interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.cpp +cstdlib +- +cstring +- +sstream +- +string +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.h +../device/snmp/snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/../../config.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/authentication.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/../common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/../device.h +string +- + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +administration.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +authentication.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.h +../device/authentication/authentication.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/authentication.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +banner.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.h +../device/banner/banner.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h +administration.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.h +banner.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.h +snmp.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.h +dns.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.h +authentication.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.h +interfaces.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +dns.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.h +../device/dns/dns.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/general.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +general.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.h +../device/interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp-report.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +general.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.cpp +cstring +- +sstream +- +string +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +general.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.h +../device/snmp/snmp.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/../../config.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/authentication.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/../common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/../device.h +string +- + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +administration.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +general.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +authentication.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.h +../device/authentication/authentication.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/authentication.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +banner.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.h +../device/banner/banner.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h +banner.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.h +snmp.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.h +filter.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.h +dns.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.h +authentication.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +dns.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.h +../device/dns/dns.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.cpp +cstring +- +cstdlib +- +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +filter.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.h +../device/filter/filter.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +general.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.h +../device/interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp +cstring +- +sstream +- +string +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +general.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h +snmp.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.h +../device/snmp/snmp.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/../device/device.h + +/home/dbryan/libnipper-0.12.6/Nokia-IP/device.cpp +device.h +/home/dbryan/libnipper-0.12.6/Nokia-IP/device.h + +/home/dbryan/libnipper-0.12.6/Nokia-IP/device.h +../CheckPoint/device.h +/home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/device.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +administration.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +banner.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.h +../device/banner/banner.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.h +banner.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.h +snmp.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.h +filter.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.cpp +cstring +- +cstdlib +- +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +filter.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.h +../device/filter/filter.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/general.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +general.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/general.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.h +../device/interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +general.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.h +../device/snmp/snmp.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/../device/device.h + +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp +device.h +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.h + +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.h +../Nortel-Passport/device.h +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/device.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/errortext.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h +administration.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.h +device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h +administration.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.h +snmp.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.cpp +sys/types.h +- +sys/stat.h +- +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h +../device/errortext.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/errortext.h +device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.h +filter.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.h +snmp.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h +administration.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.h +dns.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h +dns.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.h +../device/dns/dns.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp +cstring +- +cstdlib +- +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h +../globaldefs.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h +filter.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.h +../device/filter/filter.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h +general.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h +general.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h +../device/snmp/snmp.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/config.cpp +string +- +cstring +- +cstdio +- +cstdlib +- +sys/types.h +- +sys/stat.h +- +unistd.h +- +globaldefs.h +/home/dbryan/libnipper-0.12.6/globaldefs.h +config.h +/home/dbryan/libnipper-0.12.6/config.h + +/home/dbryan/libnipper-0.12.6/config.h + +/home/dbryan/libnipper-0.12.6/device/../config.h + +/home/dbryan/libnipper-0.12.6/device/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/administration/../../config.h + +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/administration/../../config.h + +/home/dbryan/libnipper-0.12.6/device/administration/../interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/administration/../interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-bootp.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-finger.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-ftp.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-general.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-hosts.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-http.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-ssh.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-telnet.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-tftp.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-timeout.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h +../interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/device/administration/../interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication-general.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication-kerberos.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication-ldap.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication-nt.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication-radius.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication-securid.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication-tacacs.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication-users.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h +string +- + +/home/dbryan/libnipper-0.12.6/device/banner/../../config.h + +/home/dbryan/libnipper-0.12.6/device/banner/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/banner/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/banner/../../config.h + +/home/dbryan/libnipper-0.12.6/device/banner/../general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/banner/../general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/banner/../general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/banner/banner-report.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/banner/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/banner/../device.h +../general/general.h +/home/dbryan/libnipper-0.12.6/device/banner/../general/general.h +banner.h +/home/dbryan/libnipper-0.12.6/device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/device/banner/banner.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/banner/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/banner/../device.h +banner.h +/home/dbryan/libnipper-0.12.6/device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/device/banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/common/../../config.h + +/home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/common/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/common/../../config.h + +/home/dbryan/libnipper-0.12.6/device/common/../errortext.h + +/home/dbryan/libnipper-0.12.6/device/common/../general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/common/../general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/common/../general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/common/configline.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h +configline.h +/home/dbryan/libnipper-0.12.6/device/common/configline.h +cstring +- + +/home/dbryan/libnipper-0.12.6/device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/device/common/deviceconfig.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h +deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/device/common/../device.h +configline.h +/home/dbryan/libnipper-0.12.6/device/common/configline.h + +/home/dbryan/libnipper-0.12.6/device/common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/common/file.cpp +sys/types.h +- +sys/stat.h +- +cstring +- +cstdlib +- +unistd.h +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h +../errortext.h +/home/dbryan/libnipper-0.12.6/device/common/../errortext.h +../device.h +/home/dbryan/libnipper-0.12.6/device/common/../device.h + +/home/dbryan/libnipper-0.12.6/device/common/misc.cpp +cstring +- +iostream +- +sstream +- +cstdlib +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/common/../device.h + +/home/dbryan/libnipper-0.12.6/device/common/paragraph.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/common/../device.h + +/home/dbryan/libnipper-0.12.6/device/common/passwords.cpp +string +- +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/common/../device.h +../general/general.h +/home/dbryan/libnipper-0.12.6/device/common/../general/general.h + +/home/dbryan/libnipper-0.12.6/device/common/tables.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/common/../device.h + +/home/dbryan/libnipper-0.12.6/device/crypto/../../config.h + +/home/dbryan/libnipper-0.12.6/device/crypto/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/crypto/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/crypto/../../config.h + +/home/dbryan/libnipper-0.12.6/device/crypto/crypto-base64.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/crypto/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/crypto/../device.h + +/home/dbryan/libnipper-0.12.6/device/crypto/crypto-ciscotype7.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/crypto/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/crypto/../device.h + +/home/dbryan/libnipper-0.12.6/device/crypto/crypto-url.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/crypto/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/crypto/../device.h + +/home/dbryan/libnipper-0.12.6/device/device.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/../globaldefs.h +errortext.h +/home/dbryan/libnipper-0.12.6/device/errortext.h +device.h +/home/dbryan/libnipper-0.12.6/device/device.h +general/general.h +/home/dbryan/libnipper-0.12.6/device/general/general.h +administration/administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h +authentication/authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +dns/dns.h +/home/dbryan/libnipper-0.12.6/device/dns/dns.h +banner/banner.h +/home/dbryan/libnipper-0.12.6/device/banner/banner.h +filter/filter.h +/home/dbryan/libnipper-0.12.6/device/filter/filter.h +snmp/snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/../config.h + +/home/dbryan/libnipper-0.12.6/device/dns/../../config.h + +/home/dbryan/libnipper-0.12.6/device/dns/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/dns/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/dns/../../config.h + +/home/dbryan/libnipper-0.12.6/device/dns/dns-report.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/dns/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/dns/../device.h +dns.h +/home/dbryan/libnipper-0.12.6/device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/device/dns/dns.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/dns/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/dns/../device.h +dns.h +/home/dbryan/libnipper-0.12.6/device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/device/dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/errortext.h + +/home/dbryan/libnipper-0.12.6/device/filter/../../config.h + +/home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/filter/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/filter/../../config.h + +/home/dbryan/libnipper-0.12.6/device/filter/filter-filter-report.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/filter/../device.h +filter.h +/home/dbryan/libnipper-0.12.6/device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/device/filter/filter-filter.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/filter/../device.h +filter.h +/home/dbryan/libnipper-0.12.6/device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/device/filter/filter-object-report.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/filter/../device.h +filter.h +/home/dbryan/libnipper-0.12.6/device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/device/filter/filter-object.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/filter/../device.h +filter.h +/home/dbryan/libnipper-0.12.6/device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/device/filter/filter-security-report.cpp +cstring +- +cmath +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/filter/../device.h +filter.h +/home/dbryan/libnipper-0.12.6/device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/device/filter/filter-security.cpp +cstring +- +cstdlib +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/filter/../device.h +filter.h +/home/dbryan/libnipper-0.12.6/device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/device/filter/filter.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/filter/../device.h +filter.h +/home/dbryan/libnipper-0.12.6/device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/device/filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/general/../../config.h + +/home/dbryan/libnipper-0.12.6/device/general/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/general/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/general/../../config.h + +/home/dbryan/libnipper-0.12.6/device/general/general.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/general/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/general/../device.h +general.h +/home/dbryan/libnipper-0.12.6/device/general/general.h + +/home/dbryan/libnipper-0.12.6/device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/../../config.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/../administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../../config.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-interface.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-report.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-security.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h +../administration/administration.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../authentication/authentication.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../authentication/../common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../authentication/../device.h +string +- + +/home/dbryan/libnipper-0.12.6/device/reportgen/../banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/device/reportgen/report-abbreviations.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/report-commonports.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/report-icmp.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/report-logginglevels.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/report-misc.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/report-numbering.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/report-protocols.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/report.cpp +cmath +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h +../general/general.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../general/general.h +../administration/administration.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../administration/administration.h +../authentication/authentication.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../authentication/authentication.h +../dns/dns.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../dns/dns.h +../banner/banner.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../banner/banner.h +../snmp/snmp.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../snmp/snmp.h +../filter/filter.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../filter/filter.h +../interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp-community.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp-group.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp-host.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp-misc-issues.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp-traps.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp-user.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp-view.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.cpp +sstream +- +string +- +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/globaldefs.h + +/home/dbryan/libnipper-0.12.6/libnipper.cpp +globaldefs.h +/home/dbryan/libnipper-0.12.6/globaldefs.h +libnipper.h +/home/dbryan/libnipper-0.12.6/libnipper.h +config.h +/home/dbryan/libnipper-0.12.6/config.h +report/report.h +/home/dbryan/libnipper-0.12.6/report/report.h +Cisco-CSS/device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +Cisco-Catalyst-CatOS/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.h +Cisco-Catalyst-NMP/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.h +Cisco-IOS-Catalyst/device.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.h +Cisco-IOS-Router/device.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.h +Cisco-Security-ASA/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.h +Cisco-Security-FWSM/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.h +Cisco-Security-PIX/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.h +CheckPoint-Firewall/device.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.h +CheckPoint-Management/device.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.h +Nokia-IP/device.h +/home/dbryan/libnipper-0.12.6/Nokia-IP/device.h +HP-ProCurve/device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +Juniper-ScreenOS/device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +Nortel-Passport/device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +Nortel-RoutingSwitch/device.h +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.h +BayNetworks-Accelar/device.h +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.h +SonicWALL-SonicOS/device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h +3Com-SuperStack3-Firewall/device.h +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.h + +/home/dbryan/libnipper-0.12.6/libnipper.h + +/home/dbryan/libnipper-0.12.6/report/../config.h + +/home/dbryan/libnipper-0.12.6/report/../device/../config.h + +/home/dbryan/libnipper-0.12.6/report/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/report/../device/../config.h + +/home/dbryan/libnipper-0.12.6/report/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/report/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/report/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/report/report-contents.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h +../config.h +/home/dbryan/libnipper-0.12.6/report/../config.h + +/home/dbryan/libnipper-0.12.6/report/report-frontpage.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h +../config.h +/home/dbryan/libnipper-0.12.6/report/../config.h + +/home/dbryan/libnipper-0.12.6/report/report-functions.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-introduction.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-list.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-section-appendix.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-section-compliance.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-section-config.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-section-security.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-start.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/report/../device/general/general.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-table.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-text.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/report/../device/general/general.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-titles.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/report/../device/general/general.h +cstring +- +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h +../config.h +/home/dbryan/libnipper-0.12.6/report/../config.h +../device/device.h +/home/dbryan/libnipper-0.12.6/report/../device/device.h + +/home/dbryan/libnipper-0.12.6/report/report.h +cstdio +- +../device/device.h +/home/dbryan/libnipper-0.12.6/report/../device/device.h + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/DependInfo.cmake.svn-base b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/DependInfo.cmake.svn-base new file mode 100644 index 0000000..9f64184 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/DependInfo.cmake.svn-base @@ -0,0 +1,356 @@ +# The set of files whose dependency integrity should be checked: +SET(CMAKE_DEPENDS_LANGUAGES + "CXX" + ) +SET(CMAKE_DEPENDS_CHECK_CXX + "/home/dbryan/libnipper-0.12.6/device/snmp/snmp-user.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/snmp-user.o" + "/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/filter.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/dns.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/general.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/administration.o" + "/home/dbryan/libnipper-0.12.6/device/snmp/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/snmp.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint/device-policies.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/device-policies.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/general.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o" + "/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-security.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/general.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-line.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/authentication.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/banner.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/banner.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/filter.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/snmp.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/dns.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/dns.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/device.o" + "/home/dbryan/libnipper-0.12.6/device/snmp/snmp-group.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/snmp-group.o" + "/home/dbryan/libnipper-0.12.6/device/snmp/snmp-host.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/snmp-host.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-security.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o" + "/home/dbryan/libnipper-0.12.6/device/snmp/snmp-community.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/snmp-community.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/administration.o" + "/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces/interfaces.o" + "/home/dbryan/libnipper-0.12.6/device/snmp/snmp-misc-issues.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/snmp.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint/filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/filter.o" + "/home/dbryan/libnipper-0.12.6/device/filter/filter-security-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/filter-security-report.o" + "/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-interface.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o" + "/home/dbryan/libnipper-0.12.6/device/snmp/snmp-view.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/snmp-view.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/authentication.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/banner.o" + "/home/dbryan/libnipper-0.12.6/device/snmp/snmp-traps.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/snmp-traps.o" + "/home/dbryan/libnipper-0.12.6/device/filter/filter-security.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/filter-security.o" + "/home/dbryan/libnipper-0.12.6/device/filter/filter-object-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/filter-object-report.o" + "/home/dbryan/libnipper-0.12.6/device/filter/filter-object.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/filter-object.o" + "/home/dbryan/libnipper-0.12.6/device/filter/filter-filter-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/filter-filter-report.o" + "/home/dbryan/libnipper-0.12.6/device/filter/filter-filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/filter-filter.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication-users.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication-users.o" + "/home/dbryan/libnipper-0.12.6/device/filter/filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/filter.o" + "/home/dbryan/libnipper-0.12.6/device/banner/banner-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/banner/banner-report.o" + "/home/dbryan/libnipper-0.12.6/device/banner/banner.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/banner/banner.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication-tacacs.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication-securid.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication-securid.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication-radius.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication-radius.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication-nt.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication-nt.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication-ldap.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication-general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication-general.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication-kerberos.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication.o" + "/home/dbryan/libnipper-0.12.6/device/dns/dns-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/dns/dns-report.o" + "/home/dbryan/libnipper-0.12.6/device/dns/dns.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/dns/dns.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-ssh.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-ssh.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-timeout.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-timeout.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-tftp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-tftp.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-telnet.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-telnet.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-ftp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-ftp.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-finger.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-finger.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-http.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-http.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-hosts.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-hosts.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-general.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-bootp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-bootp.o" + "/home/dbryan/libnipper-0.12.6/device/reportgen/report-logginglevels.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration.o" + "/home/dbryan/libnipper-0.12.6/device/general/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/general/general.o" + "/home/dbryan/libnipper-0.12.6/device/reportgen/report-protocols.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/report-protocols.o" + "/home/dbryan/libnipper-0.12.6/device/reportgen/report-numbering.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/report-numbering.o" + "/home/dbryan/libnipper-0.12.6/device/crypto/crypto-base64.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/crypto/crypto-base64.o" + "/home/dbryan/libnipper-0.12.6/device/common/tables.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/tables.o" + "/home/dbryan/libnipper-0.12.6/device/reportgen/report-misc.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/report-misc.o" + "/home/dbryan/libnipper-0.12.6/device/reportgen/report-icmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/report-icmp.o" + "/home/dbryan/libnipper-0.12.6/device/reportgen/report-abbreviations.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o" + "/home/dbryan/libnipper-0.12.6/device/reportgen/report-commonports.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/report-commonports.o" + "/home/dbryan/libnipper-0.12.6/device/reportgen/report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/report.o" + "/home/dbryan/libnipper-0.12.6/device/crypto/crypto-url.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/crypto/crypto-url.o" + "/home/dbryan/libnipper-0.12.6/device/crypto/crypto-ciscotype7.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o" + "/home/dbryan/libnipper-0.12.6/report/report-titles.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-titles.o" + "/home/dbryan/libnipper-0.12.6/report/report-text.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-text.o" + "/home/dbryan/libnipper-0.12.6/report/report-table.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-table.o" + "/home/dbryan/libnipper-0.12.6/device/common/passwords.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/passwords.o" + "/home/dbryan/libnipper-0.12.6/device/common/paragraph.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/paragraph.o" + "/home/dbryan/libnipper-0.12.6/device/common/misc.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/misc.o" + "/home/dbryan/libnipper-0.12.6/device/common/file.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/file.o" + "/home/dbryan/libnipper-0.12.6/device/common/deviceconfig.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/deviceconfig.o" + "/home/dbryan/libnipper-0.12.6/device/common/configline.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/configline.o" + "/home/dbryan/libnipper-0.12.6/device/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/device.o" + "/home/dbryan/libnipper-0.12.6/report/report-start.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-start.o" + "/home/dbryan/libnipper-0.12.6/report/report-section-appendix.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-section-appendix.o" + "/home/dbryan/libnipper-0.12.6/report/report-section-config.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-section-config.o" + "/home/dbryan/libnipper-0.12.6/report/report-section-compliance.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-section-compliance.o" + "/home/dbryan/libnipper-0.12.6/report/report-section-security.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-section-security.o" + "/home/dbryan/libnipper-0.12.6/report/report-list.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-list.o" + "/home/dbryan/libnipper-0.12.6/report/report-introduction.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-introduction.o" + "/home/dbryan/libnipper-0.12.6/report/report-frontpage.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-frontpage.o" + "/home/dbryan/libnipper-0.12.6/report/report-functions.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-functions.o" + "/home/dbryan/libnipper-0.12.6/report/report-contents.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-contents.o" + "/home/dbryan/libnipper-0.12.6/report/report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report.o" + "/home/dbryan/libnipper-0.12.6/config.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/config.o" + "/home/dbryan/libnipper-0.12.6/libnipper.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/libnipper.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/authentication.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/general.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/general.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/administration.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/banner.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/snmp.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/dns.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/filter.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/interfaces.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint/filter-objects.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/filter-objects.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint/filter-rules.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/filter-rules.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint/filter-services.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/filter-services.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Management/device.o" + "/home/dbryan/libnipper-0.12.6/Nokia-IP/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nokia-IP/device.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o" + "/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/device.o" + "/home/dbryan/libnipper-0.12.6/Nortel-Passport/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/general.o" + "/home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/administration.o" + "/home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/banner.o" + "/home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/snmp.o" + "/home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/filter.o" + "/home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o" + "/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o" + "/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/device.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/general.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/banner.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/administration.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/snmp.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/dns.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/authentication.o" + "/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o" + "/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o" + "/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o" + "/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o" + "/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o" + "/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o" + "/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o" + "/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o" + ) diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/build.make.svn-base b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/build.make.svn-base new file mode 100644 index 0000000..e0a0638 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/build.make.svn-base @@ -0,0 +1,4796 @@ +# CMAKE generated file: DO NOT EDIT! +# Generated by "Unix Makefiles" Generator, CMake Version 2.4 + +#============================================================================= +# Special targets provided by cmake. + +# Disable implicit rules so canoncical targets will work. +.SUFFIXES: + +.SUFFIXES: .hpux_make_needs_suffix_list + +# Suppress display of executed commands. +$(VERBOSE).SILENT: + +# A target that is always out of date. +cmake_force: + +#============================================================================= +# Set environment variables for the build. + +# The shell in which to execute make rules. +SHELL = /bin/sh + +# The CMake executable. +CMAKE_COMMAND = /usr/bin/cmake + +# The command to remove a file. +RM = /usr/bin/cmake -E remove -f + +# The program to use to edit the cache. +CMAKE_EDIT_COMMAND = /usr/bin/ccmake + +# The top-level source directory on which CMake was run. +CMAKE_SOURCE_DIR = /home/dbryan/libnipper-0.12.6 + +# The top-level build directory on which CMake was run. +CMAKE_BINARY_DIR = /home/dbryan/libnipper-0.12.6 + +# Include any dependencies generated for this target. +include CMakeFiles/nipper.dir/depend.make + +# Include the progress variables for this target. +include CMakeFiles/nipper.dir/progress.make + +# Include the compile flags for this target's objects. +include CMakeFiles/nipper.dir/flags.make + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: libnipper.cpp + +CMakeFiles/nipper.dir/libnipper.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/libnipper.o: libnipper.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_1) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/libnipper.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/libnipper.o -c /home/dbryan/libnipper-0.12.6/libnipper.cpp + +CMakeFiles/nipper.dir/libnipper.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/libnipper.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/libnipper.cpp > CMakeFiles/nipper.dir/libnipper.i + +CMakeFiles/nipper.dir/libnipper.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/libnipper.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/libnipper.cpp -o CMakeFiles/nipper.dir/libnipper.s + +CMakeFiles/nipper.dir/libnipper.o.requires: + +CMakeFiles/nipper.dir/libnipper.o.provides: CMakeFiles/nipper.dir/libnipper.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/libnipper.o.provides.build + +CMakeFiles/nipper.dir/libnipper.o.provides.build: CMakeFiles/nipper.dir/libnipper.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: config.cpp + +CMakeFiles/nipper.dir/config.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/config.o: config.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_2) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/config.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/config.o -c /home/dbryan/libnipper-0.12.6/config.cpp + +CMakeFiles/nipper.dir/config.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/config.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/config.cpp > CMakeFiles/nipper.dir/config.i + +CMakeFiles/nipper.dir/config.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/config.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/config.cpp -o CMakeFiles/nipper.dir/config.s + +CMakeFiles/nipper.dir/config.o.requires: + +CMakeFiles/nipper.dir/config.o.provides: CMakeFiles/nipper.dir/config.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/config.o.provides.build + +CMakeFiles/nipper.dir/config.o.provides.build: CMakeFiles/nipper.dir/config.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report.cpp + +CMakeFiles/nipper.dir/report/report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report.o: report/report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_3) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report.o -c /home/dbryan/libnipper-0.12.6/report/report.cpp + +CMakeFiles/nipper.dir/report/report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report.cpp > CMakeFiles/nipper.dir/report/report.i + +CMakeFiles/nipper.dir/report/report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report.cpp -o CMakeFiles/nipper.dir/report/report.s + +CMakeFiles/nipper.dir/report/report.o.requires: + +CMakeFiles/nipper.dir/report/report.o.provides: CMakeFiles/nipper.dir/report/report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report.o.provides.build + +CMakeFiles/nipper.dir/report/report.o.provides.build: CMakeFiles/nipper.dir/report/report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-contents.cpp + +CMakeFiles/nipper.dir/report/report-contents.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-contents.o: report/report-contents.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_4) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-contents.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-contents.o -c /home/dbryan/libnipper-0.12.6/report/report-contents.cpp + +CMakeFiles/nipper.dir/report/report-contents.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-contents.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-contents.cpp > CMakeFiles/nipper.dir/report/report-contents.i + +CMakeFiles/nipper.dir/report/report-contents.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-contents.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-contents.cpp -o CMakeFiles/nipper.dir/report/report-contents.s + +CMakeFiles/nipper.dir/report/report-contents.o.requires: + +CMakeFiles/nipper.dir/report/report-contents.o.provides: CMakeFiles/nipper.dir/report/report-contents.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-contents.o.provides.build + +CMakeFiles/nipper.dir/report/report-contents.o.provides.build: CMakeFiles/nipper.dir/report/report-contents.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-functions.cpp + +CMakeFiles/nipper.dir/report/report-functions.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-functions.o: report/report-functions.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_5) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-functions.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-functions.o -c /home/dbryan/libnipper-0.12.6/report/report-functions.cpp + +CMakeFiles/nipper.dir/report/report-functions.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-functions.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-functions.cpp > CMakeFiles/nipper.dir/report/report-functions.i + +CMakeFiles/nipper.dir/report/report-functions.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-functions.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-functions.cpp -o CMakeFiles/nipper.dir/report/report-functions.s + +CMakeFiles/nipper.dir/report/report-functions.o.requires: + +CMakeFiles/nipper.dir/report/report-functions.o.provides: CMakeFiles/nipper.dir/report/report-functions.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-functions.o.provides.build + +CMakeFiles/nipper.dir/report/report-functions.o.provides.build: CMakeFiles/nipper.dir/report/report-functions.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-frontpage.cpp + +CMakeFiles/nipper.dir/report/report-frontpage.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-frontpage.o: report/report-frontpage.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_6) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-frontpage.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-frontpage.o -c /home/dbryan/libnipper-0.12.6/report/report-frontpage.cpp + +CMakeFiles/nipper.dir/report/report-frontpage.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-frontpage.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-frontpage.cpp > CMakeFiles/nipper.dir/report/report-frontpage.i + +CMakeFiles/nipper.dir/report/report-frontpage.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-frontpage.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-frontpage.cpp -o CMakeFiles/nipper.dir/report/report-frontpage.s + +CMakeFiles/nipper.dir/report/report-frontpage.o.requires: + +CMakeFiles/nipper.dir/report/report-frontpage.o.provides: CMakeFiles/nipper.dir/report/report-frontpage.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-frontpage.o.provides.build + +CMakeFiles/nipper.dir/report/report-frontpage.o.provides.build: CMakeFiles/nipper.dir/report/report-frontpage.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-introduction.cpp + +CMakeFiles/nipper.dir/report/report-introduction.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-introduction.o: report/report-introduction.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_7) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-introduction.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-introduction.o -c /home/dbryan/libnipper-0.12.6/report/report-introduction.cpp + +CMakeFiles/nipper.dir/report/report-introduction.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-introduction.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-introduction.cpp > CMakeFiles/nipper.dir/report/report-introduction.i + +CMakeFiles/nipper.dir/report/report-introduction.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-introduction.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-introduction.cpp -o CMakeFiles/nipper.dir/report/report-introduction.s + +CMakeFiles/nipper.dir/report/report-introduction.o.requires: + +CMakeFiles/nipper.dir/report/report-introduction.o.provides: CMakeFiles/nipper.dir/report/report-introduction.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-introduction.o.provides.build + +CMakeFiles/nipper.dir/report/report-introduction.o.provides.build: CMakeFiles/nipper.dir/report/report-introduction.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-list.cpp + +CMakeFiles/nipper.dir/report/report-list.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-list.o: report/report-list.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_8) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-list.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-list.o -c /home/dbryan/libnipper-0.12.6/report/report-list.cpp + +CMakeFiles/nipper.dir/report/report-list.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-list.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-list.cpp > CMakeFiles/nipper.dir/report/report-list.i + +CMakeFiles/nipper.dir/report/report-list.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-list.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-list.cpp -o CMakeFiles/nipper.dir/report/report-list.s + +CMakeFiles/nipper.dir/report/report-list.o.requires: + +CMakeFiles/nipper.dir/report/report-list.o.provides: CMakeFiles/nipper.dir/report/report-list.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-list.o.provides.build + +CMakeFiles/nipper.dir/report/report-list.o.provides.build: CMakeFiles/nipper.dir/report/report-list.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-section-security.cpp + +CMakeFiles/nipper.dir/report/report-section-security.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-section-security.o: report/report-section-security.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_9) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-section-security.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-section-security.o -c /home/dbryan/libnipper-0.12.6/report/report-section-security.cpp + +CMakeFiles/nipper.dir/report/report-section-security.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-section-security.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-section-security.cpp > CMakeFiles/nipper.dir/report/report-section-security.i + +CMakeFiles/nipper.dir/report/report-section-security.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-section-security.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-section-security.cpp -o CMakeFiles/nipper.dir/report/report-section-security.s + +CMakeFiles/nipper.dir/report/report-section-security.o.requires: + +CMakeFiles/nipper.dir/report/report-section-security.o.provides: CMakeFiles/nipper.dir/report/report-section-security.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-security.o.provides.build + +CMakeFiles/nipper.dir/report/report-section-security.o.provides.build: CMakeFiles/nipper.dir/report/report-section-security.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-section-compliance.cpp + +CMakeFiles/nipper.dir/report/report-section-compliance.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-section-compliance.o: report/report-section-compliance.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_10) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-section-compliance.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-section-compliance.o -c /home/dbryan/libnipper-0.12.6/report/report-section-compliance.cpp + +CMakeFiles/nipper.dir/report/report-section-compliance.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-section-compliance.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-section-compliance.cpp > CMakeFiles/nipper.dir/report/report-section-compliance.i + +CMakeFiles/nipper.dir/report/report-section-compliance.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-section-compliance.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-section-compliance.cpp -o CMakeFiles/nipper.dir/report/report-section-compliance.s + +CMakeFiles/nipper.dir/report/report-section-compliance.o.requires: + +CMakeFiles/nipper.dir/report/report-section-compliance.o.provides: CMakeFiles/nipper.dir/report/report-section-compliance.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-compliance.o.provides.build + +CMakeFiles/nipper.dir/report/report-section-compliance.o.provides.build: CMakeFiles/nipper.dir/report/report-section-compliance.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-section-config.cpp + +CMakeFiles/nipper.dir/report/report-section-config.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-section-config.o: report/report-section-config.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_11) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-section-config.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-section-config.o -c /home/dbryan/libnipper-0.12.6/report/report-section-config.cpp + +CMakeFiles/nipper.dir/report/report-section-config.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-section-config.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-section-config.cpp > CMakeFiles/nipper.dir/report/report-section-config.i + +CMakeFiles/nipper.dir/report/report-section-config.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-section-config.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-section-config.cpp -o CMakeFiles/nipper.dir/report/report-section-config.s + +CMakeFiles/nipper.dir/report/report-section-config.o.requires: + +CMakeFiles/nipper.dir/report/report-section-config.o.provides: CMakeFiles/nipper.dir/report/report-section-config.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-config.o.provides.build + +CMakeFiles/nipper.dir/report/report-section-config.o.provides.build: CMakeFiles/nipper.dir/report/report-section-config.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-section-appendix.cpp + +CMakeFiles/nipper.dir/report/report-section-appendix.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-section-appendix.o: report/report-section-appendix.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_12) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-section-appendix.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-section-appendix.o -c /home/dbryan/libnipper-0.12.6/report/report-section-appendix.cpp + +CMakeFiles/nipper.dir/report/report-section-appendix.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-section-appendix.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-section-appendix.cpp > CMakeFiles/nipper.dir/report/report-section-appendix.i + +CMakeFiles/nipper.dir/report/report-section-appendix.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-section-appendix.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-section-appendix.cpp -o CMakeFiles/nipper.dir/report/report-section-appendix.s + +CMakeFiles/nipper.dir/report/report-section-appendix.o.requires: + +CMakeFiles/nipper.dir/report/report-section-appendix.o.provides: CMakeFiles/nipper.dir/report/report-section-appendix.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-appendix.o.provides.build + +CMakeFiles/nipper.dir/report/report-section-appendix.o.provides.build: CMakeFiles/nipper.dir/report/report-section-appendix.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-start.cpp + +CMakeFiles/nipper.dir/report/report-start.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-start.o: report/report-start.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_13) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-start.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-start.o -c /home/dbryan/libnipper-0.12.6/report/report-start.cpp + +CMakeFiles/nipper.dir/report/report-start.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-start.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-start.cpp > CMakeFiles/nipper.dir/report/report-start.i + +CMakeFiles/nipper.dir/report/report-start.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-start.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-start.cpp -o CMakeFiles/nipper.dir/report/report-start.s + +CMakeFiles/nipper.dir/report/report-start.o.requires: + +CMakeFiles/nipper.dir/report/report-start.o.provides: CMakeFiles/nipper.dir/report/report-start.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-start.o.provides.build + +CMakeFiles/nipper.dir/report/report-start.o.provides.build: CMakeFiles/nipper.dir/report/report-start.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-table.cpp + +CMakeFiles/nipper.dir/report/report-table.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-table.o: report/report-table.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_14) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-table.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-table.o -c /home/dbryan/libnipper-0.12.6/report/report-table.cpp + +CMakeFiles/nipper.dir/report/report-table.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-table.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-table.cpp > CMakeFiles/nipper.dir/report/report-table.i + +CMakeFiles/nipper.dir/report/report-table.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-table.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-table.cpp -o CMakeFiles/nipper.dir/report/report-table.s + +CMakeFiles/nipper.dir/report/report-table.o.requires: + +CMakeFiles/nipper.dir/report/report-table.o.provides: CMakeFiles/nipper.dir/report/report-table.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-table.o.provides.build + +CMakeFiles/nipper.dir/report/report-table.o.provides.build: CMakeFiles/nipper.dir/report/report-table.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-text.cpp + +CMakeFiles/nipper.dir/report/report-text.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-text.o: report/report-text.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_15) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-text.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-text.o -c /home/dbryan/libnipper-0.12.6/report/report-text.cpp + +CMakeFiles/nipper.dir/report/report-text.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-text.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-text.cpp > CMakeFiles/nipper.dir/report/report-text.i + +CMakeFiles/nipper.dir/report/report-text.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-text.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-text.cpp -o CMakeFiles/nipper.dir/report/report-text.s + +CMakeFiles/nipper.dir/report/report-text.o.requires: + +CMakeFiles/nipper.dir/report/report-text.o.provides: CMakeFiles/nipper.dir/report/report-text.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-text.o.provides.build + +CMakeFiles/nipper.dir/report/report-text.o.provides.build: CMakeFiles/nipper.dir/report/report-text.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-titles.cpp + +CMakeFiles/nipper.dir/report/report-titles.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-titles.o: report/report-titles.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_16) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-titles.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-titles.o -c /home/dbryan/libnipper-0.12.6/report/report-titles.cpp + +CMakeFiles/nipper.dir/report/report-titles.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-titles.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-titles.cpp > CMakeFiles/nipper.dir/report/report-titles.i + +CMakeFiles/nipper.dir/report/report-titles.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-titles.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-titles.cpp -o CMakeFiles/nipper.dir/report/report-titles.s + +CMakeFiles/nipper.dir/report/report-titles.o.requires: + +CMakeFiles/nipper.dir/report/report-titles.o.provides: CMakeFiles/nipper.dir/report/report-titles.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-titles.o.provides.build + +CMakeFiles/nipper.dir/report/report-titles.o.provides.build: CMakeFiles/nipper.dir/report/report-titles.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/device.cpp + +CMakeFiles/nipper.dir/device/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/device.o: device/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_17) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/device.o -c /home/dbryan/libnipper-0.12.6/device/device.cpp + +CMakeFiles/nipper.dir/device/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/device.cpp > CMakeFiles/nipper.dir/device/device.i + +CMakeFiles/nipper.dir/device/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/device.cpp -o CMakeFiles/nipper.dir/device/device.s + +CMakeFiles/nipper.dir/device/device.o.requires: + +CMakeFiles/nipper.dir/device/device.o.provides: CMakeFiles/nipper.dir/device/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/device.o.provides.build + +CMakeFiles/nipper.dir/device/device.o.provides.build: CMakeFiles/nipper.dir/device/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/common/configline.cpp + +CMakeFiles/nipper.dir/device/common/configline.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/common/configline.o: device/common/configline.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_18) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/common/configline.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/common/configline.o -c /home/dbryan/libnipper-0.12.6/device/common/configline.cpp + +CMakeFiles/nipper.dir/device/common/configline.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/common/configline.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/common/configline.cpp > CMakeFiles/nipper.dir/device/common/configline.i + +CMakeFiles/nipper.dir/device/common/configline.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/common/configline.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/common/configline.cpp -o CMakeFiles/nipper.dir/device/common/configline.s + +CMakeFiles/nipper.dir/device/common/configline.o.requires: + +CMakeFiles/nipper.dir/device/common/configline.o.provides: CMakeFiles/nipper.dir/device/common/configline.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/configline.o.provides.build + +CMakeFiles/nipper.dir/device/common/configline.o.provides.build: CMakeFiles/nipper.dir/device/common/configline.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/common/deviceconfig.cpp + +CMakeFiles/nipper.dir/device/common/deviceconfig.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/common/deviceconfig.o: device/common/deviceconfig.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_19) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/common/deviceconfig.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/common/deviceconfig.o -c /home/dbryan/libnipper-0.12.6/device/common/deviceconfig.cpp + +CMakeFiles/nipper.dir/device/common/deviceconfig.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/common/deviceconfig.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/common/deviceconfig.cpp > CMakeFiles/nipper.dir/device/common/deviceconfig.i + +CMakeFiles/nipper.dir/device/common/deviceconfig.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/common/deviceconfig.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/common/deviceconfig.cpp -o CMakeFiles/nipper.dir/device/common/deviceconfig.s + +CMakeFiles/nipper.dir/device/common/deviceconfig.o.requires: + +CMakeFiles/nipper.dir/device/common/deviceconfig.o.provides: CMakeFiles/nipper.dir/device/common/deviceconfig.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/deviceconfig.o.provides.build + +CMakeFiles/nipper.dir/device/common/deviceconfig.o.provides.build: CMakeFiles/nipper.dir/device/common/deviceconfig.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/common/file.cpp + +CMakeFiles/nipper.dir/device/common/file.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/common/file.o: device/common/file.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_20) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/common/file.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/common/file.o -c /home/dbryan/libnipper-0.12.6/device/common/file.cpp + +CMakeFiles/nipper.dir/device/common/file.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/common/file.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/common/file.cpp > CMakeFiles/nipper.dir/device/common/file.i + +CMakeFiles/nipper.dir/device/common/file.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/common/file.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/common/file.cpp -o CMakeFiles/nipper.dir/device/common/file.s + +CMakeFiles/nipper.dir/device/common/file.o.requires: + +CMakeFiles/nipper.dir/device/common/file.o.provides: CMakeFiles/nipper.dir/device/common/file.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/file.o.provides.build + +CMakeFiles/nipper.dir/device/common/file.o.provides.build: CMakeFiles/nipper.dir/device/common/file.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/common/misc.cpp + +CMakeFiles/nipper.dir/device/common/misc.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/common/misc.o: device/common/misc.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_21) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/common/misc.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/common/misc.o -c /home/dbryan/libnipper-0.12.6/device/common/misc.cpp + +CMakeFiles/nipper.dir/device/common/misc.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/common/misc.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/common/misc.cpp > CMakeFiles/nipper.dir/device/common/misc.i + +CMakeFiles/nipper.dir/device/common/misc.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/common/misc.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/common/misc.cpp -o CMakeFiles/nipper.dir/device/common/misc.s + +CMakeFiles/nipper.dir/device/common/misc.o.requires: + +CMakeFiles/nipper.dir/device/common/misc.o.provides: CMakeFiles/nipper.dir/device/common/misc.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/misc.o.provides.build + +CMakeFiles/nipper.dir/device/common/misc.o.provides.build: CMakeFiles/nipper.dir/device/common/misc.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/common/paragraph.cpp + +CMakeFiles/nipper.dir/device/common/paragraph.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/common/paragraph.o: device/common/paragraph.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_22) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/common/paragraph.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/common/paragraph.o -c /home/dbryan/libnipper-0.12.6/device/common/paragraph.cpp + +CMakeFiles/nipper.dir/device/common/paragraph.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/common/paragraph.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/common/paragraph.cpp > CMakeFiles/nipper.dir/device/common/paragraph.i + +CMakeFiles/nipper.dir/device/common/paragraph.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/common/paragraph.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/common/paragraph.cpp -o CMakeFiles/nipper.dir/device/common/paragraph.s + +CMakeFiles/nipper.dir/device/common/paragraph.o.requires: + +CMakeFiles/nipper.dir/device/common/paragraph.o.provides: CMakeFiles/nipper.dir/device/common/paragraph.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/paragraph.o.provides.build + +CMakeFiles/nipper.dir/device/common/paragraph.o.provides.build: CMakeFiles/nipper.dir/device/common/paragraph.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/common/passwords.cpp + +CMakeFiles/nipper.dir/device/common/passwords.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/common/passwords.o: device/common/passwords.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_23) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/common/passwords.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/common/passwords.o -c /home/dbryan/libnipper-0.12.6/device/common/passwords.cpp + +CMakeFiles/nipper.dir/device/common/passwords.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/common/passwords.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/common/passwords.cpp > CMakeFiles/nipper.dir/device/common/passwords.i + +CMakeFiles/nipper.dir/device/common/passwords.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/common/passwords.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/common/passwords.cpp -o CMakeFiles/nipper.dir/device/common/passwords.s + +CMakeFiles/nipper.dir/device/common/passwords.o.requires: + +CMakeFiles/nipper.dir/device/common/passwords.o.provides: CMakeFiles/nipper.dir/device/common/passwords.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/passwords.o.provides.build + +CMakeFiles/nipper.dir/device/common/passwords.o.provides.build: CMakeFiles/nipper.dir/device/common/passwords.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/common/tables.cpp + +CMakeFiles/nipper.dir/device/common/tables.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/common/tables.o: device/common/tables.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_24) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/common/tables.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/common/tables.o -c /home/dbryan/libnipper-0.12.6/device/common/tables.cpp + +CMakeFiles/nipper.dir/device/common/tables.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/common/tables.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/common/tables.cpp > CMakeFiles/nipper.dir/device/common/tables.i + +CMakeFiles/nipper.dir/device/common/tables.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/common/tables.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/common/tables.cpp -o CMakeFiles/nipper.dir/device/common/tables.s + +CMakeFiles/nipper.dir/device/common/tables.o.requires: + +CMakeFiles/nipper.dir/device/common/tables.o.provides: CMakeFiles/nipper.dir/device/common/tables.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/tables.o.provides.build + +CMakeFiles/nipper.dir/device/common/tables.o.provides.build: CMakeFiles/nipper.dir/device/common/tables.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/crypto/crypto-base64.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o: device/crypto/crypto-base64.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_25) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/crypto/crypto-base64.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/crypto/crypto-base64.o -c /home/dbryan/libnipper-0.12.6/device/crypto/crypto-base64.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-base64.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/crypto/crypto-base64.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/crypto/crypto-base64.cpp > CMakeFiles/nipper.dir/device/crypto/crypto-base64.i + +CMakeFiles/nipper.dir/device/crypto/crypto-base64.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/crypto/crypto-base64.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/crypto/crypto-base64.cpp -o CMakeFiles/nipper.dir/device/crypto/crypto-base64.s + +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o.requires: + +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o.provides: CMakeFiles/nipper.dir/device/crypto/crypto-base64.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/crypto/crypto-base64.o.provides.build + +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o.provides.build: CMakeFiles/nipper.dir/device/crypto/crypto-base64.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/crypto/crypto-ciscotype7.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o: device/crypto/crypto-ciscotype7.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_26) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o -c /home/dbryan/libnipper-0.12.6/device/crypto/crypto-ciscotype7.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/crypto/crypto-ciscotype7.cpp > CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.i + +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/crypto/crypto-ciscotype7.cpp -o CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.s + +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o.requires: + +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o.provides: CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o.provides.build + +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o.provides.build: CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/crypto/crypto-url.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-url.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/crypto/crypto-url.o: device/crypto/crypto-url.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_27) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/crypto/crypto-url.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/crypto/crypto-url.o -c /home/dbryan/libnipper-0.12.6/device/crypto/crypto-url.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-url.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/crypto/crypto-url.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/crypto/crypto-url.cpp > CMakeFiles/nipper.dir/device/crypto/crypto-url.i + +CMakeFiles/nipper.dir/device/crypto/crypto-url.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/crypto/crypto-url.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/crypto/crypto-url.cpp -o CMakeFiles/nipper.dir/device/crypto/crypto-url.s + +CMakeFiles/nipper.dir/device/crypto/crypto-url.o.requires: + +CMakeFiles/nipper.dir/device/crypto/crypto-url.o.provides: CMakeFiles/nipper.dir/device/crypto/crypto-url.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/crypto/crypto-url.o.provides.build + +CMakeFiles/nipper.dir/device/crypto/crypto-url.o.provides.build: CMakeFiles/nipper.dir/device/crypto/crypto-url.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/reportgen/report.cpp + +CMakeFiles/nipper.dir/device/reportgen/report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_28) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/reportgen/report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/reportgen/report.o -c /home/dbryan/libnipper-0.12.6/device/reportgen/report.cpp + +CMakeFiles/nipper.dir/device/reportgen/report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/reportgen/report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/reportgen/report.cpp > CMakeFiles/nipper.dir/device/reportgen/report.i + +CMakeFiles/nipper.dir/device/reportgen/report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/reportgen/report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/reportgen/report.cpp -o CMakeFiles/nipper.dir/device/reportgen/report.s + +CMakeFiles/nipper.dir/device/reportgen/report.o.requires: + +CMakeFiles/nipper.dir/device/reportgen/report.o.provides: CMakeFiles/nipper.dir/device/reportgen/report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report.o.provides.build + +CMakeFiles/nipper.dir/device/reportgen/report.o.provides.build: CMakeFiles/nipper.dir/device/reportgen/report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/reportgen/report-abbreviations.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o: device/reportgen/report-abbreviations.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_29) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o -c /home/dbryan/libnipper-0.12.6/device/reportgen/report-abbreviations.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/reportgen/report-abbreviations.cpp > CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.i + +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/reportgen/report-abbreviations.cpp -o CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.s + +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o.requires: + +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o.provides: CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o.provides.build + +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o.provides.build: CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/reportgen/report-commonports.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o: device/reportgen/report-commonports.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_30) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/reportgen/report-commonports.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/reportgen/report-commonports.o -c /home/dbryan/libnipper-0.12.6/device/reportgen/report-commonports.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-commonports.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/reportgen/report-commonports.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/reportgen/report-commonports.cpp > CMakeFiles/nipper.dir/device/reportgen/report-commonports.i + +CMakeFiles/nipper.dir/device/reportgen/report-commonports.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/reportgen/report-commonports.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/reportgen/report-commonports.cpp -o CMakeFiles/nipper.dir/device/reportgen/report-commonports.s + +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o.requires: + +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o.provides: CMakeFiles/nipper.dir/device/reportgen/report-commonports.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-commonports.o.provides.build + +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o.provides.build: CMakeFiles/nipper.dir/device/reportgen/report-commonports.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/reportgen/report-icmp.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o: device/reportgen/report-icmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_31) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/reportgen/report-icmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/reportgen/report-icmp.o -c /home/dbryan/libnipper-0.12.6/device/reportgen/report-icmp.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-icmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/reportgen/report-icmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/reportgen/report-icmp.cpp > CMakeFiles/nipper.dir/device/reportgen/report-icmp.i + +CMakeFiles/nipper.dir/device/reportgen/report-icmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/reportgen/report-icmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/reportgen/report-icmp.cpp -o CMakeFiles/nipper.dir/device/reportgen/report-icmp.s + +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o.requires: + +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o.provides: CMakeFiles/nipper.dir/device/reportgen/report-icmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-icmp.o.provides.build + +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o.provides.build: CMakeFiles/nipper.dir/device/reportgen/report-icmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/reportgen/report-logginglevels.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o: device/reportgen/report-logginglevels.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_32) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o -c /home/dbryan/libnipper-0.12.6/device/reportgen/report-logginglevels.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/reportgen/report-logginglevels.cpp > CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.i + +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/reportgen/report-logginglevels.cpp -o CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.s + +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o.requires: + +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o.provides: CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o.provides.build + +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o.provides.build: CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/reportgen/report-misc.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-misc.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/reportgen/report-misc.o: device/reportgen/report-misc.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_33) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/reportgen/report-misc.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/reportgen/report-misc.o -c /home/dbryan/libnipper-0.12.6/device/reportgen/report-misc.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-misc.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/reportgen/report-misc.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/reportgen/report-misc.cpp > CMakeFiles/nipper.dir/device/reportgen/report-misc.i + +CMakeFiles/nipper.dir/device/reportgen/report-misc.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/reportgen/report-misc.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/reportgen/report-misc.cpp -o CMakeFiles/nipper.dir/device/reportgen/report-misc.s + +CMakeFiles/nipper.dir/device/reportgen/report-misc.o.requires: + +CMakeFiles/nipper.dir/device/reportgen/report-misc.o.provides: CMakeFiles/nipper.dir/device/reportgen/report-misc.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-misc.o.provides.build + +CMakeFiles/nipper.dir/device/reportgen/report-misc.o.provides.build: CMakeFiles/nipper.dir/device/reportgen/report-misc.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/reportgen/report-numbering.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o: device/reportgen/report-numbering.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_34) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/reportgen/report-numbering.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/reportgen/report-numbering.o -c /home/dbryan/libnipper-0.12.6/device/reportgen/report-numbering.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-numbering.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/reportgen/report-numbering.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/reportgen/report-numbering.cpp > CMakeFiles/nipper.dir/device/reportgen/report-numbering.i + +CMakeFiles/nipper.dir/device/reportgen/report-numbering.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/reportgen/report-numbering.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/reportgen/report-numbering.cpp -o CMakeFiles/nipper.dir/device/reportgen/report-numbering.s + +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o.requires: + +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o.provides: CMakeFiles/nipper.dir/device/reportgen/report-numbering.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-numbering.o.provides.build + +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o.provides.build: CMakeFiles/nipper.dir/device/reportgen/report-numbering.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/reportgen/report-protocols.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o: device/reportgen/report-protocols.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_35) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/reportgen/report-protocols.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/reportgen/report-protocols.o -c /home/dbryan/libnipper-0.12.6/device/reportgen/report-protocols.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-protocols.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/reportgen/report-protocols.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/reportgen/report-protocols.cpp > CMakeFiles/nipper.dir/device/reportgen/report-protocols.i + +CMakeFiles/nipper.dir/device/reportgen/report-protocols.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/reportgen/report-protocols.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/reportgen/report-protocols.cpp -o CMakeFiles/nipper.dir/device/reportgen/report-protocols.s + +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o.requires: + +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o.provides: CMakeFiles/nipper.dir/device/reportgen/report-protocols.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-protocols.o.provides.build + +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o.provides.build: CMakeFiles/nipper.dir/device/reportgen/report-protocols.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/general/general.cpp + +CMakeFiles/nipper.dir/device/general/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/general/general.o: device/general/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_36) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/general/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/general/general.o -c /home/dbryan/libnipper-0.12.6/device/general/general.cpp + +CMakeFiles/nipper.dir/device/general/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/general/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/general/general.cpp > CMakeFiles/nipper.dir/device/general/general.i + +CMakeFiles/nipper.dir/device/general/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/general/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/general/general.cpp -o CMakeFiles/nipper.dir/device/general/general.s + +CMakeFiles/nipper.dir/device/general/general.o.requires: + +CMakeFiles/nipper.dir/device/general/general.o.provides: CMakeFiles/nipper.dir/device/general/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/general/general.o.provides.build + +CMakeFiles/nipper.dir/device/general/general.o.provides.build: CMakeFiles/nipper.dir/device/general/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration.cpp + +CMakeFiles/nipper.dir/device/administration/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration.o: device/administration/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_37) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration.cpp + +CMakeFiles/nipper.dir/device/administration/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration.cpp > CMakeFiles/nipper.dir/device/administration/administration.i + +CMakeFiles/nipper.dir/device/administration/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration.cpp -o CMakeFiles/nipper.dir/device/administration/administration.s + +CMakeFiles/nipper.dir/device/administration/administration.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration.o.provides: CMakeFiles/nipper.dir/device/administration/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-bootp.cpp + +CMakeFiles/nipper.dir/device/administration/administration-bootp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-bootp.o: device/administration/administration-bootp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_38) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-bootp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-bootp.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-bootp.cpp + +CMakeFiles/nipper.dir/device/administration/administration-bootp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-bootp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-bootp.cpp > CMakeFiles/nipper.dir/device/administration/administration-bootp.i + +CMakeFiles/nipper.dir/device/administration/administration-bootp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-bootp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-bootp.cpp -o CMakeFiles/nipper.dir/device/administration/administration-bootp.s + +CMakeFiles/nipper.dir/device/administration/administration-bootp.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-bootp.o.provides: CMakeFiles/nipper.dir/device/administration/administration-bootp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-bootp.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-bootp.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-bootp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-finger.cpp + +CMakeFiles/nipper.dir/device/administration/administration-finger.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-finger.o: device/administration/administration-finger.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_39) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-finger.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-finger.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-finger.cpp + +CMakeFiles/nipper.dir/device/administration/administration-finger.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-finger.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-finger.cpp > CMakeFiles/nipper.dir/device/administration/administration-finger.i + +CMakeFiles/nipper.dir/device/administration/administration-finger.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-finger.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-finger.cpp -o CMakeFiles/nipper.dir/device/administration/administration-finger.s + +CMakeFiles/nipper.dir/device/administration/administration-finger.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-finger.o.provides: CMakeFiles/nipper.dir/device/administration/administration-finger.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-finger.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-finger.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-finger.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-ftp.cpp + +CMakeFiles/nipper.dir/device/administration/administration-ftp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-ftp.o: device/administration/administration-ftp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_40) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-ftp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-ftp.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-ftp.cpp + +CMakeFiles/nipper.dir/device/administration/administration-ftp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-ftp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-ftp.cpp > CMakeFiles/nipper.dir/device/administration/administration-ftp.i + +CMakeFiles/nipper.dir/device/administration/administration-ftp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-ftp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-ftp.cpp -o CMakeFiles/nipper.dir/device/administration/administration-ftp.s + +CMakeFiles/nipper.dir/device/administration/administration-ftp.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-ftp.o.provides: CMakeFiles/nipper.dir/device/administration/administration-ftp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-ftp.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-ftp.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-ftp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-general.cpp + +CMakeFiles/nipper.dir/device/administration/administration-general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-general.o: device/administration/administration-general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_41) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-general.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-general.cpp + +CMakeFiles/nipper.dir/device/administration/administration-general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-general.cpp > CMakeFiles/nipper.dir/device/administration/administration-general.i + +CMakeFiles/nipper.dir/device/administration/administration-general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-general.cpp -o CMakeFiles/nipper.dir/device/administration/administration-general.s + +CMakeFiles/nipper.dir/device/administration/administration-general.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-general.o.provides: CMakeFiles/nipper.dir/device/administration/administration-general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-general.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-general.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-hosts.cpp + +CMakeFiles/nipper.dir/device/administration/administration-hosts.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-hosts.o: device/administration/administration-hosts.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_42) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-hosts.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-hosts.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-hosts.cpp + +CMakeFiles/nipper.dir/device/administration/administration-hosts.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-hosts.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-hosts.cpp > CMakeFiles/nipper.dir/device/administration/administration-hosts.i + +CMakeFiles/nipper.dir/device/administration/administration-hosts.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-hosts.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-hosts.cpp -o CMakeFiles/nipper.dir/device/administration/administration-hosts.s + +CMakeFiles/nipper.dir/device/administration/administration-hosts.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-hosts.o.provides: CMakeFiles/nipper.dir/device/administration/administration-hosts.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-hosts.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-hosts.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-hosts.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-http.cpp + +CMakeFiles/nipper.dir/device/administration/administration-http.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-http.o: device/administration/administration-http.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_43) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-http.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-http.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-http.cpp + +CMakeFiles/nipper.dir/device/administration/administration-http.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-http.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-http.cpp > CMakeFiles/nipper.dir/device/administration/administration-http.i + +CMakeFiles/nipper.dir/device/administration/administration-http.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-http.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-http.cpp -o CMakeFiles/nipper.dir/device/administration/administration-http.s + +CMakeFiles/nipper.dir/device/administration/administration-http.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-http.o.provides: CMakeFiles/nipper.dir/device/administration/administration-http.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-http.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-http.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-http.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-telnet.cpp + +CMakeFiles/nipper.dir/device/administration/administration-telnet.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-telnet.o: device/administration/administration-telnet.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_44) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-telnet.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-telnet.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-telnet.cpp + +CMakeFiles/nipper.dir/device/administration/administration-telnet.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-telnet.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-telnet.cpp > CMakeFiles/nipper.dir/device/administration/administration-telnet.i + +CMakeFiles/nipper.dir/device/administration/administration-telnet.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-telnet.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-telnet.cpp -o CMakeFiles/nipper.dir/device/administration/administration-telnet.s + +CMakeFiles/nipper.dir/device/administration/administration-telnet.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-telnet.o.provides: CMakeFiles/nipper.dir/device/administration/administration-telnet.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-telnet.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-telnet.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-telnet.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-tftp.cpp + +CMakeFiles/nipper.dir/device/administration/administration-tftp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-tftp.o: device/administration/administration-tftp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_45) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-tftp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-tftp.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-tftp.cpp + +CMakeFiles/nipper.dir/device/administration/administration-tftp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-tftp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-tftp.cpp > CMakeFiles/nipper.dir/device/administration/administration-tftp.i + +CMakeFiles/nipper.dir/device/administration/administration-tftp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-tftp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-tftp.cpp -o CMakeFiles/nipper.dir/device/administration/administration-tftp.s + +CMakeFiles/nipper.dir/device/administration/administration-tftp.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-tftp.o.provides: CMakeFiles/nipper.dir/device/administration/administration-tftp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-tftp.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-tftp.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-tftp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-timeout.cpp + +CMakeFiles/nipper.dir/device/administration/administration-timeout.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-timeout.o: device/administration/administration-timeout.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_46) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-timeout.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-timeout.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-timeout.cpp + +CMakeFiles/nipper.dir/device/administration/administration-timeout.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-timeout.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-timeout.cpp > CMakeFiles/nipper.dir/device/administration/administration-timeout.i + +CMakeFiles/nipper.dir/device/administration/administration-timeout.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-timeout.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-timeout.cpp -o CMakeFiles/nipper.dir/device/administration/administration-timeout.s + +CMakeFiles/nipper.dir/device/administration/administration-timeout.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-timeout.o.provides: CMakeFiles/nipper.dir/device/administration/administration-timeout.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-timeout.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-timeout.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-timeout.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-ssh.cpp + +CMakeFiles/nipper.dir/device/administration/administration-ssh.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-ssh.o: device/administration/administration-ssh.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_47) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-ssh.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-ssh.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-ssh.cpp + +CMakeFiles/nipper.dir/device/administration/administration-ssh.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-ssh.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-ssh.cpp > CMakeFiles/nipper.dir/device/administration/administration-ssh.i + +CMakeFiles/nipper.dir/device/administration/administration-ssh.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-ssh.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-ssh.cpp -o CMakeFiles/nipper.dir/device/administration/administration-ssh.s + +CMakeFiles/nipper.dir/device/administration/administration-ssh.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-ssh.o.provides: CMakeFiles/nipper.dir/device/administration/administration-ssh.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-ssh.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-ssh.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-ssh.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/dns/dns.cpp + +CMakeFiles/nipper.dir/device/dns/dns.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/dns/dns.o: device/dns/dns.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_48) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/dns/dns.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/dns/dns.o -c /home/dbryan/libnipper-0.12.6/device/dns/dns.cpp + +CMakeFiles/nipper.dir/device/dns/dns.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/dns/dns.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/dns/dns.cpp > CMakeFiles/nipper.dir/device/dns/dns.i + +CMakeFiles/nipper.dir/device/dns/dns.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/dns/dns.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/dns/dns.cpp -o CMakeFiles/nipper.dir/device/dns/dns.s + +CMakeFiles/nipper.dir/device/dns/dns.o.requires: + +CMakeFiles/nipper.dir/device/dns/dns.o.provides: CMakeFiles/nipper.dir/device/dns/dns.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/dns/dns.o.provides.build + +CMakeFiles/nipper.dir/device/dns/dns.o.provides.build: CMakeFiles/nipper.dir/device/dns/dns.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/dns/dns-report.cpp + +CMakeFiles/nipper.dir/device/dns/dns-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/dns/dns-report.o: device/dns/dns-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_49) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/dns/dns-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/dns/dns-report.o -c /home/dbryan/libnipper-0.12.6/device/dns/dns-report.cpp + +CMakeFiles/nipper.dir/device/dns/dns-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/dns/dns-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/dns/dns-report.cpp > CMakeFiles/nipper.dir/device/dns/dns-report.i + +CMakeFiles/nipper.dir/device/dns/dns-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/dns/dns-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/dns/dns-report.cpp -o CMakeFiles/nipper.dir/device/dns/dns-report.s + +CMakeFiles/nipper.dir/device/dns/dns-report.o.requires: + +CMakeFiles/nipper.dir/device/dns/dns-report.o.provides: CMakeFiles/nipper.dir/device/dns/dns-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/dns/dns-report.o.provides.build + +CMakeFiles/nipper.dir/device/dns/dns-report.o.provides.build: CMakeFiles/nipper.dir/device/dns/dns-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication.o: device/authentication/authentication.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_50) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication.cpp > CMakeFiles/nipper.dir/device/authentication/authentication.i + +CMakeFiles/nipper.dir/device/authentication/authentication.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication.s + +CMakeFiles/nipper.dir/device/authentication/authentication.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication-general.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication-general.o: device/authentication/authentication-general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_51) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication-general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication-general.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication-general.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication-general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication-general.cpp > CMakeFiles/nipper.dir/device/authentication/authentication-general.i + +CMakeFiles/nipper.dir/device/authentication/authentication-general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication-general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication-general.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication-general.s + +CMakeFiles/nipper.dir/device/authentication/authentication-general.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication-general.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication-general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-general.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication-general.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication-general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication-kerberos.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o: device/authentication/authentication-kerberos.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_52) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication-kerberos.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication-kerberos.cpp > CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.i + +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication-kerberos.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.s + +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication-ldap.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o: device/authentication/authentication-ldap.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_53) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication-ldap.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication-ldap.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication-ldap.cpp > CMakeFiles/nipper.dir/device/authentication/authentication-ldap.i + +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication-ldap.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication-ldap.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication-ldap.s + +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication-nt.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o: device/authentication/authentication-nt.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_54) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication-nt.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication-nt.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication-nt.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-nt.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication-nt.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication-nt.cpp > CMakeFiles/nipper.dir/device/authentication/authentication-nt.i + +CMakeFiles/nipper.dir/device/authentication/authentication-nt.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication-nt.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication-nt.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication-nt.s + +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication-nt.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-nt.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication-nt.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication-radius.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o: device/authentication/authentication-radius.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_55) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication-radius.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication-radius.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication-radius.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-radius.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication-radius.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication-radius.cpp > CMakeFiles/nipper.dir/device/authentication/authentication-radius.i + +CMakeFiles/nipper.dir/device/authentication/authentication-radius.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication-radius.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication-radius.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication-radius.s + +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication-radius.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-radius.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication-radius.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication-securid.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o: device/authentication/authentication-securid.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_56) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication-securid.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication-securid.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication-securid.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-securid.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication-securid.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication-securid.cpp > CMakeFiles/nipper.dir/device/authentication/authentication-securid.i + +CMakeFiles/nipper.dir/device/authentication/authentication-securid.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication-securid.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication-securid.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication-securid.s + +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication-securid.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-securid.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication-securid.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication-tacacs.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o: device/authentication/authentication-tacacs.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_57) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication-tacacs.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication-tacacs.cpp > CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.i + +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication-tacacs.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.s + +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication-users.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-users.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication-users.o: device/authentication/authentication-users.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_58) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication-users.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication-users.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication-users.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-users.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication-users.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication-users.cpp > CMakeFiles/nipper.dir/device/authentication/authentication-users.i + +CMakeFiles/nipper.dir/device/authentication/authentication-users.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication-users.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication-users.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication-users.s + +CMakeFiles/nipper.dir/device/authentication/authentication-users.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication-users.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication-users.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-users.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication-users.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication-users.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/banner/banner.cpp + +CMakeFiles/nipper.dir/device/banner/banner.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/banner/banner.o: device/banner/banner.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_59) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/banner/banner.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/banner/banner.o -c /home/dbryan/libnipper-0.12.6/device/banner/banner.cpp + +CMakeFiles/nipper.dir/device/banner/banner.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/banner/banner.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/banner/banner.cpp > CMakeFiles/nipper.dir/device/banner/banner.i + +CMakeFiles/nipper.dir/device/banner/banner.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/banner/banner.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/banner/banner.cpp -o CMakeFiles/nipper.dir/device/banner/banner.s + +CMakeFiles/nipper.dir/device/banner/banner.o.requires: + +CMakeFiles/nipper.dir/device/banner/banner.o.provides: CMakeFiles/nipper.dir/device/banner/banner.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/banner/banner.o.provides.build + +CMakeFiles/nipper.dir/device/banner/banner.o.provides.build: CMakeFiles/nipper.dir/device/banner/banner.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/banner/banner-report.cpp + +CMakeFiles/nipper.dir/device/banner/banner-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/banner/banner-report.o: device/banner/banner-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_60) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/banner/banner-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/banner/banner-report.o -c /home/dbryan/libnipper-0.12.6/device/banner/banner-report.cpp + +CMakeFiles/nipper.dir/device/banner/banner-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/banner/banner-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/banner/banner-report.cpp > CMakeFiles/nipper.dir/device/banner/banner-report.i + +CMakeFiles/nipper.dir/device/banner/banner-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/banner/banner-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/banner/banner-report.cpp -o CMakeFiles/nipper.dir/device/banner/banner-report.s + +CMakeFiles/nipper.dir/device/banner/banner-report.o.requires: + +CMakeFiles/nipper.dir/device/banner/banner-report.o.provides: CMakeFiles/nipper.dir/device/banner/banner-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/banner/banner-report.o.provides.build + +CMakeFiles/nipper.dir/device/banner/banner-report.o.provides.build: CMakeFiles/nipper.dir/device/banner/banner-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/filter/filter.cpp + +CMakeFiles/nipper.dir/device/filter/filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/filter/filter.o: device/filter/filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_61) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/filter/filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/filter/filter.o -c /home/dbryan/libnipper-0.12.6/device/filter/filter.cpp + +CMakeFiles/nipper.dir/device/filter/filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/filter/filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/filter/filter.cpp > CMakeFiles/nipper.dir/device/filter/filter.i + +CMakeFiles/nipper.dir/device/filter/filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/filter/filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/filter/filter.cpp -o CMakeFiles/nipper.dir/device/filter/filter.s + +CMakeFiles/nipper.dir/device/filter/filter.o.requires: + +CMakeFiles/nipper.dir/device/filter/filter.o.provides: CMakeFiles/nipper.dir/device/filter/filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter.o.provides.build + +CMakeFiles/nipper.dir/device/filter/filter.o.provides.build: CMakeFiles/nipper.dir/device/filter/filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/filter/filter-filter.cpp + +CMakeFiles/nipper.dir/device/filter/filter-filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/filter/filter-filter.o: device/filter/filter-filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_62) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/filter/filter-filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/filter/filter-filter.o -c /home/dbryan/libnipper-0.12.6/device/filter/filter-filter.cpp + +CMakeFiles/nipper.dir/device/filter/filter-filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/filter/filter-filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/filter/filter-filter.cpp > CMakeFiles/nipper.dir/device/filter/filter-filter.i + +CMakeFiles/nipper.dir/device/filter/filter-filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/filter/filter-filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/filter/filter-filter.cpp -o CMakeFiles/nipper.dir/device/filter/filter-filter.s + +CMakeFiles/nipper.dir/device/filter/filter-filter.o.requires: + +CMakeFiles/nipper.dir/device/filter/filter-filter.o.provides: CMakeFiles/nipper.dir/device/filter/filter-filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-filter.o.provides.build + +CMakeFiles/nipper.dir/device/filter/filter-filter.o.provides.build: CMakeFiles/nipper.dir/device/filter/filter-filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/filter/filter-filter-report.cpp + +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o: device/filter/filter-filter-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_63) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/filter/filter-filter-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/filter/filter-filter-report.o -c /home/dbryan/libnipper-0.12.6/device/filter/filter-filter-report.cpp + +CMakeFiles/nipper.dir/device/filter/filter-filter-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/filter/filter-filter-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/filter/filter-filter-report.cpp > CMakeFiles/nipper.dir/device/filter/filter-filter-report.i + +CMakeFiles/nipper.dir/device/filter/filter-filter-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/filter/filter-filter-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/filter/filter-filter-report.cpp -o CMakeFiles/nipper.dir/device/filter/filter-filter-report.s + +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o.requires: + +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o.provides: CMakeFiles/nipper.dir/device/filter/filter-filter-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-filter-report.o.provides.build + +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o.provides.build: CMakeFiles/nipper.dir/device/filter/filter-filter-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/filter/filter-object.cpp + +CMakeFiles/nipper.dir/device/filter/filter-object.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/filter/filter-object.o: device/filter/filter-object.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_64) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/filter/filter-object.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/filter/filter-object.o -c /home/dbryan/libnipper-0.12.6/device/filter/filter-object.cpp + +CMakeFiles/nipper.dir/device/filter/filter-object.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/filter/filter-object.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/filter/filter-object.cpp > CMakeFiles/nipper.dir/device/filter/filter-object.i + +CMakeFiles/nipper.dir/device/filter/filter-object.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/filter/filter-object.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/filter/filter-object.cpp -o CMakeFiles/nipper.dir/device/filter/filter-object.s + +CMakeFiles/nipper.dir/device/filter/filter-object.o.requires: + +CMakeFiles/nipper.dir/device/filter/filter-object.o.provides: CMakeFiles/nipper.dir/device/filter/filter-object.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-object.o.provides.build + +CMakeFiles/nipper.dir/device/filter/filter-object.o.provides.build: CMakeFiles/nipper.dir/device/filter/filter-object.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/filter/filter-object-report.cpp + +CMakeFiles/nipper.dir/device/filter/filter-object-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/filter/filter-object-report.o: device/filter/filter-object-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_65) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/filter/filter-object-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/filter/filter-object-report.o -c /home/dbryan/libnipper-0.12.6/device/filter/filter-object-report.cpp + +CMakeFiles/nipper.dir/device/filter/filter-object-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/filter/filter-object-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/filter/filter-object-report.cpp > CMakeFiles/nipper.dir/device/filter/filter-object-report.i + +CMakeFiles/nipper.dir/device/filter/filter-object-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/filter/filter-object-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/filter/filter-object-report.cpp -o CMakeFiles/nipper.dir/device/filter/filter-object-report.s + +CMakeFiles/nipper.dir/device/filter/filter-object-report.o.requires: + +CMakeFiles/nipper.dir/device/filter/filter-object-report.o.provides: CMakeFiles/nipper.dir/device/filter/filter-object-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-object-report.o.provides.build + +CMakeFiles/nipper.dir/device/filter/filter-object-report.o.provides.build: CMakeFiles/nipper.dir/device/filter/filter-object-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/filter/filter-security.cpp + +CMakeFiles/nipper.dir/device/filter/filter-security.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/filter/filter-security.o: device/filter/filter-security.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_66) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/filter/filter-security.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/filter/filter-security.o -c /home/dbryan/libnipper-0.12.6/device/filter/filter-security.cpp + +CMakeFiles/nipper.dir/device/filter/filter-security.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/filter/filter-security.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/filter/filter-security.cpp > CMakeFiles/nipper.dir/device/filter/filter-security.i + +CMakeFiles/nipper.dir/device/filter/filter-security.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/filter/filter-security.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/filter/filter-security.cpp -o CMakeFiles/nipper.dir/device/filter/filter-security.s + +CMakeFiles/nipper.dir/device/filter/filter-security.o.requires: + +CMakeFiles/nipper.dir/device/filter/filter-security.o.provides: CMakeFiles/nipper.dir/device/filter/filter-security.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-security.o.provides.build + +CMakeFiles/nipper.dir/device/filter/filter-security.o.provides.build: CMakeFiles/nipper.dir/device/filter/filter-security.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/filter/filter-security-report.cpp + +CMakeFiles/nipper.dir/device/filter/filter-security-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/filter/filter-security-report.o: device/filter/filter-security-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_67) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/filter/filter-security-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/filter/filter-security-report.o -c /home/dbryan/libnipper-0.12.6/device/filter/filter-security-report.cpp + +CMakeFiles/nipper.dir/device/filter/filter-security-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/filter/filter-security-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/filter/filter-security-report.cpp > CMakeFiles/nipper.dir/device/filter/filter-security-report.i + +CMakeFiles/nipper.dir/device/filter/filter-security-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/filter/filter-security-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/filter/filter-security-report.cpp -o CMakeFiles/nipper.dir/device/filter/filter-security-report.s + +CMakeFiles/nipper.dir/device/filter/filter-security-report.o.requires: + +CMakeFiles/nipper.dir/device/filter/filter-security-report.o.provides: CMakeFiles/nipper.dir/device/filter/filter-security-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-security-report.o.provides.build + +CMakeFiles/nipper.dir/device/filter/filter-security-report.o.provides.build: CMakeFiles/nipper.dir/device/filter/filter-security-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/interfaces/interfaces.cpp + +CMakeFiles/nipper.dir/device/interfaces/interfaces.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/interfaces/interfaces.o: device/interfaces/interfaces.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_68) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/interfaces/interfaces.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/interfaces/interfaces.o -c /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.cpp + +CMakeFiles/nipper.dir/device/interfaces/interfaces.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/interfaces/interfaces.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.cpp > CMakeFiles/nipper.dir/device/interfaces/interfaces.i + +CMakeFiles/nipper.dir/device/interfaces/interfaces.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/interfaces/interfaces.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.cpp -o CMakeFiles/nipper.dir/device/interfaces/interfaces.s + +CMakeFiles/nipper.dir/device/interfaces/interfaces.o.requires: + +CMakeFiles/nipper.dir/device/interfaces/interfaces.o.provides: CMakeFiles/nipper.dir/device/interfaces/interfaces.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces.o.provides.build + +CMakeFiles/nipper.dir/device/interfaces/interfaces.o.provides.build: CMakeFiles/nipper.dir/device/interfaces/interfaces.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/interfaces/interfaces-interface.cpp + +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o: device/interfaces/interfaces-interface.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_69) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o -c /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-interface.cpp + +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-interface.cpp > CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.i + +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-interface.cpp -o CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.s + +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o.requires: + +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o.provides: CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o.provides.build + +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o.provides.build: CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/interfaces/interfaces-report.cpp + +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o: device/interfaces/interfaces-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_70) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o -c /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-report.cpp + +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/interfaces/interfaces-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-report.cpp > CMakeFiles/nipper.dir/device/interfaces/interfaces-report.i + +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/interfaces/interfaces-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-report.cpp -o CMakeFiles/nipper.dir/device/interfaces/interfaces-report.s + +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o.requires: + +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o.provides: CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o.provides.build + +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o.provides.build: CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/interfaces/interfaces-security.cpp + +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: device/interfaces/interfaces-security.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_71) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o -c /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-security.cpp + +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/interfaces/interfaces-security.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-security.cpp > CMakeFiles/nipper.dir/device/interfaces/interfaces-security.i + +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/interfaces/interfaces-security.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-security.cpp -o CMakeFiles/nipper.dir/device/interfaces/interfaces-security.s + +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o.requires: + +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o.provides: CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o.provides.build + +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o.provides.build: CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/snmp/snmp.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/snmp/snmp.o: device/snmp/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_72) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/snmp/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/snmp/snmp.o -c /home/dbryan/libnipper-0.12.6/device/snmp/snmp.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/snmp/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/snmp/snmp.cpp > CMakeFiles/nipper.dir/device/snmp/snmp.i + +CMakeFiles/nipper.dir/device/snmp/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/snmp/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/snmp/snmp.cpp -o CMakeFiles/nipper.dir/device/snmp/snmp.s + +CMakeFiles/nipper.dir/device/snmp/snmp.o.requires: + +CMakeFiles/nipper.dir/device/snmp/snmp.o.provides: CMakeFiles/nipper.dir/device/snmp/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp.o.provides.build + +CMakeFiles/nipper.dir/device/snmp/snmp.o.provides.build: CMakeFiles/nipper.dir/device/snmp/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/snmp/snmp-community.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-community.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/snmp/snmp-community.o: device/snmp/snmp-community.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_73) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/snmp/snmp-community.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/snmp/snmp-community.o -c /home/dbryan/libnipper-0.12.6/device/snmp/snmp-community.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-community.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/snmp/snmp-community.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/snmp/snmp-community.cpp > CMakeFiles/nipper.dir/device/snmp/snmp-community.i + +CMakeFiles/nipper.dir/device/snmp/snmp-community.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/snmp/snmp-community.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/snmp/snmp-community.cpp -o CMakeFiles/nipper.dir/device/snmp/snmp-community.s + +CMakeFiles/nipper.dir/device/snmp/snmp-community.o.requires: + +CMakeFiles/nipper.dir/device/snmp/snmp-community.o.provides: CMakeFiles/nipper.dir/device/snmp/snmp-community.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-community.o.provides.build + +CMakeFiles/nipper.dir/device/snmp/snmp-community.o.provides.build: CMakeFiles/nipper.dir/device/snmp/snmp-community.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/snmp/snmp-group.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-group.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/snmp/snmp-group.o: device/snmp/snmp-group.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_74) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/snmp/snmp-group.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/snmp/snmp-group.o -c /home/dbryan/libnipper-0.12.6/device/snmp/snmp-group.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-group.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/snmp/snmp-group.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/snmp/snmp-group.cpp > CMakeFiles/nipper.dir/device/snmp/snmp-group.i + +CMakeFiles/nipper.dir/device/snmp/snmp-group.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/snmp/snmp-group.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/snmp/snmp-group.cpp -o CMakeFiles/nipper.dir/device/snmp/snmp-group.s + +CMakeFiles/nipper.dir/device/snmp/snmp-group.o.requires: + +CMakeFiles/nipper.dir/device/snmp/snmp-group.o.provides: CMakeFiles/nipper.dir/device/snmp/snmp-group.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-group.o.provides.build + +CMakeFiles/nipper.dir/device/snmp/snmp-group.o.provides.build: CMakeFiles/nipper.dir/device/snmp/snmp-group.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/snmp/snmp-host.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-host.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/snmp/snmp-host.o: device/snmp/snmp-host.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_75) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/snmp/snmp-host.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/snmp/snmp-host.o -c /home/dbryan/libnipper-0.12.6/device/snmp/snmp-host.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-host.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/snmp/snmp-host.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/snmp/snmp-host.cpp > CMakeFiles/nipper.dir/device/snmp/snmp-host.i + +CMakeFiles/nipper.dir/device/snmp/snmp-host.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/snmp/snmp-host.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/snmp/snmp-host.cpp -o CMakeFiles/nipper.dir/device/snmp/snmp-host.s + +CMakeFiles/nipper.dir/device/snmp/snmp-host.o.requires: + +CMakeFiles/nipper.dir/device/snmp/snmp-host.o.provides: CMakeFiles/nipper.dir/device/snmp/snmp-host.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-host.o.provides.build + +CMakeFiles/nipper.dir/device/snmp/snmp-host.o.provides.build: CMakeFiles/nipper.dir/device/snmp/snmp-host.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/snmp/snmp-misc-issues.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o: device/snmp/snmp-misc-issues.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_76) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o -c /home/dbryan/libnipper-0.12.6/device/snmp/snmp-misc-issues.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/snmp/snmp-misc-issues.cpp > CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.i + +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/snmp/snmp-misc-issues.cpp -o CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.s + +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o.requires: + +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o.provides: CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o.provides.build + +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o.provides.build: CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/snmp/snmp-traps.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o: device/snmp/snmp-traps.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_77) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/snmp/snmp-traps.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/snmp/snmp-traps.o -c /home/dbryan/libnipper-0.12.6/device/snmp/snmp-traps.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-traps.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/snmp/snmp-traps.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/snmp/snmp-traps.cpp > CMakeFiles/nipper.dir/device/snmp/snmp-traps.i + +CMakeFiles/nipper.dir/device/snmp/snmp-traps.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/snmp/snmp-traps.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/snmp/snmp-traps.cpp -o CMakeFiles/nipper.dir/device/snmp/snmp-traps.s + +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o.requires: + +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o.provides: CMakeFiles/nipper.dir/device/snmp/snmp-traps.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-traps.o.provides.build + +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o.provides.build: CMakeFiles/nipper.dir/device/snmp/snmp-traps.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/snmp/snmp-user.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-user.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/snmp/snmp-user.o: device/snmp/snmp-user.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_78) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/snmp/snmp-user.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/snmp/snmp-user.o -c /home/dbryan/libnipper-0.12.6/device/snmp/snmp-user.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-user.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/snmp/snmp-user.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/snmp/snmp-user.cpp > CMakeFiles/nipper.dir/device/snmp/snmp-user.i + +CMakeFiles/nipper.dir/device/snmp/snmp-user.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/snmp/snmp-user.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/snmp/snmp-user.cpp -o CMakeFiles/nipper.dir/device/snmp/snmp-user.s + +CMakeFiles/nipper.dir/device/snmp/snmp-user.o.requires: + +CMakeFiles/nipper.dir/device/snmp/snmp-user.o.provides: CMakeFiles/nipper.dir/device/snmp/snmp-user.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-user.o.provides.build + +CMakeFiles/nipper.dir/device/snmp/snmp-user.o.provides.build: CMakeFiles/nipper.dir/device/snmp/snmp-user.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/snmp/snmp-view.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-view.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/snmp/snmp-view.o: device/snmp/snmp-view.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_79) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/snmp/snmp-view.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/snmp/snmp-view.o -c /home/dbryan/libnipper-0.12.6/device/snmp/snmp-view.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-view.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/snmp/snmp-view.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/snmp/snmp-view.cpp > CMakeFiles/nipper.dir/device/snmp/snmp-view.i + +CMakeFiles/nipper.dir/device/snmp/snmp-view.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/snmp/snmp-view.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/snmp/snmp-view.cpp -o CMakeFiles/nipper.dir/device/snmp/snmp-view.s + +CMakeFiles/nipper.dir/device/snmp/snmp-view.o.requires: + +CMakeFiles/nipper.dir/device/snmp/snmp-view.o.provides: CMakeFiles/nipper.dir/device/snmp/snmp-view.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-view.o.provides.build + +CMakeFiles/nipper.dir/device/snmp/snmp-view.o.provides.build: CMakeFiles/nipper.dir/device/snmp/snmp-view.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/iosdevice.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/iosdevice.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_80) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.cpp > CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.i + +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.s + +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/general.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_81) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/general.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.cpp > CMakeFiles/nipper.dir/Cisco-IOS/general.i + +CMakeFiles/nipper.dir/Cisco-IOS/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/general.s + +CMakeFiles/nipper.dir/Cisco-IOS/general.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/general.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/general.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/general.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/administration.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_82) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/administration.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.cpp > CMakeFiles/nipper.dir/Cisco-IOS/administration.i + +CMakeFiles/nipper.dir/Cisco-IOS/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/administration.s + +CMakeFiles/nipper.dir/Cisco-IOS/administration.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/administration.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/administration.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/administration-line.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/administration-line.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_83) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-line.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/administration-line.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-line.cpp > CMakeFiles/nipper.dir/Cisco-IOS/administration-line.i + +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/administration-line.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-line.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/administration-line.s + +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/administration-report.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/administration-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_84) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-report.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/administration-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-report.cpp > CMakeFiles/nipper.dir/Cisco-IOS/administration-report.i + +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/administration-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-report.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/administration-report.s + +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/administration-security.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/administration-security.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_85) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-security.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/administration-security.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-security.cpp > CMakeFiles/nipper.dir/Cisco-IOS/administration-security.i + +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/administration-security.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-security.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/administration-security.s + +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/authentication.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/authentication.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_86) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/authentication.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/authentication.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/authentication.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/authentication.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.cpp > CMakeFiles/nipper.dir/Cisco-IOS/authentication.i + +CMakeFiles/nipper.dir/Cisco-IOS/authentication.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/authentication.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/authentication.s + +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/authentication.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/authentication.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/authentication.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/banner.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/banner.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_87) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/banner.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/banner.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/banner.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/banner.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.cpp > CMakeFiles/nipper.dir/Cisco-IOS/banner.i + +CMakeFiles/nipper.dir/Cisco-IOS/banner.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/banner.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/banner.s + +CMakeFiles/nipper.dir/Cisco-IOS/banner.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/banner.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/banner.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/banner.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/banner.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/banner.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/snmp.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_88) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/snmp.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.cpp > CMakeFiles/nipper.dir/Cisco-IOS/snmp.i + +CMakeFiles/nipper.dir/Cisco-IOS/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/snmp.s + +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/snmp.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/snmp-report.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/snmp-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_89) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp-report.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp-report.cpp > CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.i + +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp-report.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.s + +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/filter.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_90) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/filter.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.cpp > CMakeFiles/nipper.dir/Cisco-IOS/filter.i + +CMakeFiles/nipper.dir/Cisco-IOS/filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/filter.s + +CMakeFiles/nipper.dir/Cisco-IOS/filter.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/filter.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/filter.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/filter.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/dns.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/dns.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_91) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/dns.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/dns.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/dns.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/dns.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.cpp > CMakeFiles/nipper.dir/Cisco-IOS/dns.i + +CMakeFiles/nipper.dir/Cisco-IOS/dns.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/dns.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/dns.s + +CMakeFiles/nipper.dir/Cisco-IOS/dns.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/dns.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/dns.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/dns.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/dns.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/dns.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/interfaces.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/interfaces.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_92) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/interfaces.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.cpp > CMakeFiles/nipper.dir/Cisco-IOS/interfaces.i + +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/interfaces.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/interfaces.s + +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS-Catalyst/device.cpp + +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: Cisco-IOS-Catalyst/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_93) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp + +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp > CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.i + +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp -o CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.s + +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o.provides: CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS-Router/device.cpp + +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: Cisco-IOS-Router/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_94) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.cpp + +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS-Router/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.cpp > CMakeFiles/nipper.dir/Cisco-IOS-Router/device.i + +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS-Router/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.cpp -o CMakeFiles/nipper.dir/Cisco-IOS-Router/device.s + +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o.provides: CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/device.cpp + +CMakeFiles/nipper.dir/Cisco-Security/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_95) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/device.cpp + +CMakeFiles/nipper.dir/Cisco-Security/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/device.cpp > CMakeFiles/nipper.dir/Cisco-Security/device.i + +CMakeFiles/nipper.dir/Cisco-Security/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/device.cpp -o CMakeFiles/nipper.dir/Cisco-Security/device.s + +CMakeFiles/nipper.dir/Cisco-Security/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/device.o.provides: CMakeFiles/nipper.dir/Cisco-Security/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/general.cpp + +CMakeFiles/nipper.dir/Cisco-Security/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_96) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/general.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/general.cpp + +CMakeFiles/nipper.dir/Cisco-Security/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/general.cpp > CMakeFiles/nipper.dir/Cisco-Security/general.i + +CMakeFiles/nipper.dir/Cisco-Security/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/general.cpp -o CMakeFiles/nipper.dir/Cisco-Security/general.s + +CMakeFiles/nipper.dir/Cisco-Security/general.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/general.o.provides: CMakeFiles/nipper.dir/Cisco-Security/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/general.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/general.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Security/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_97) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/administration.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Security/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/administration.cpp > CMakeFiles/nipper.dir/Cisco-Security/administration.i + +CMakeFiles/nipper.dir/Cisco-Security/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/administration.cpp -o CMakeFiles/nipper.dir/Cisco-Security/administration.s + +CMakeFiles/nipper.dir/Cisco-Security/administration.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/administration.o.provides: CMakeFiles/nipper.dir/Cisco-Security/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/administration.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/administration.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/authentication.cpp + +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/authentication.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_98) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/authentication.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/authentication.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.cpp + +CMakeFiles/nipper.dir/Cisco-Security/authentication.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/authentication.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.cpp > CMakeFiles/nipper.dir/Cisco-Security/authentication.i + +CMakeFiles/nipper.dir/Cisco-Security/authentication.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/authentication.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.cpp -o CMakeFiles/nipper.dir/Cisco-Security/authentication.s + +CMakeFiles/nipper.dir/Cisco-Security/authentication.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/authentication.o.provides: CMakeFiles/nipper.dir/Cisco-Security/authentication.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/authentication.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/authentication.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/authentication.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/banner.cpp + +CMakeFiles/nipper.dir/Cisco-Security/banner.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/banner.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_99) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/banner.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/banner.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/banner.cpp + +CMakeFiles/nipper.dir/Cisco-Security/banner.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/banner.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/banner.cpp > CMakeFiles/nipper.dir/Cisco-Security/banner.i + +CMakeFiles/nipper.dir/Cisco-Security/banner.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/banner.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/banner.cpp -o CMakeFiles/nipper.dir/Cisco-Security/banner.s + +CMakeFiles/nipper.dir/Cisco-Security/banner.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/banner.o.provides: CMakeFiles/nipper.dir/Cisco-Security/banner.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/banner.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/banner.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/banner.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/filter.cpp + +CMakeFiles/nipper.dir/Cisco-Security/filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_100) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/filter.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/filter.cpp + +CMakeFiles/nipper.dir/Cisco-Security/filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/filter.cpp > CMakeFiles/nipper.dir/Cisco-Security/filter.i + +CMakeFiles/nipper.dir/Cisco-Security/filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/filter.cpp -o CMakeFiles/nipper.dir/Cisco-Security/filter.s + +CMakeFiles/nipper.dir/Cisco-Security/filter.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/filter.o.provides: CMakeFiles/nipper.dir/Cisco-Security/filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/filter.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/filter.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/snmp.cpp + +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_101) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/snmp.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.cpp + +CMakeFiles/nipper.dir/Cisco-Security/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.cpp > CMakeFiles/nipper.dir/Cisco-Security/snmp.i + +CMakeFiles/nipper.dir/Cisco-Security/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.cpp -o CMakeFiles/nipper.dir/Cisco-Security/snmp.s + +CMakeFiles/nipper.dir/Cisco-Security/snmp.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/snmp.o.provides: CMakeFiles/nipper.dir/Cisco-Security/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/snmp.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/snmp.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/dns.cpp + +CMakeFiles/nipper.dir/Cisco-Security/dns.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/dns.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_102) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/dns.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/dns.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/dns.cpp + +CMakeFiles/nipper.dir/Cisco-Security/dns.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/dns.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/dns.cpp > CMakeFiles/nipper.dir/Cisco-Security/dns.i + +CMakeFiles/nipper.dir/Cisco-Security/dns.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/dns.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/dns.cpp -o CMakeFiles/nipper.dir/Cisco-Security/dns.s + +CMakeFiles/nipper.dir/Cisco-Security/dns.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/dns.o.provides: CMakeFiles/nipper.dir/Cisco-Security/dns.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/dns.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/dns.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/dns.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/interfaces.cpp + +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/interfaces.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_103) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/interfaces.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/interfaces.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.cpp + +CMakeFiles/nipper.dir/Cisco-Security/interfaces.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/interfaces.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.cpp > CMakeFiles/nipper.dir/Cisco-Security/interfaces.i + +CMakeFiles/nipper.dir/Cisco-Security/interfaces.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/interfaces.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.cpp -o CMakeFiles/nipper.dir/Cisco-Security/interfaces.s + +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o.provides: CMakeFiles/nipper.dir/Cisco-Security/interfaces.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/interfaces.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/interfaces.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security-ASA/device.cpp + +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_104) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.cpp + +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security-ASA/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.cpp > CMakeFiles/nipper.dir/Cisco-Security-ASA/device.i + +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security-ASA/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.cpp -o CMakeFiles/nipper.dir/Cisco-Security-ASA/device.s + +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o.provides: CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security-ASA/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_105) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.cpp > CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.i + +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.cpp -o CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.s + +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o.provides: CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security-FWSM/device.cpp + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_106) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.cpp + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.cpp > CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.i + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.cpp -o CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.s + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o.provides: CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security-FWSM/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_107) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp > CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.i + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp -o CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.s + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o.provides: CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security-PIX/device.cpp + +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_108) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.cpp + +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security-PIX/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.cpp > CMakeFiles/nipper.dir/Cisco-Security-PIX/device.i + +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security-PIX/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.cpp -o CMakeFiles/nipper.dir/Cisco-Security-PIX/device.s + +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o.provides: CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security-PIX/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_109) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.cpp > CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.i + +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.cpp -o CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.s + +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o.provides: CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/device.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_110) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.cpp > CMakeFiles/nipper.dir/Cisco-CSS/device.i + +CMakeFiles/nipper.dir/Cisco-CSS/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/device.s + +CMakeFiles/nipper.dir/Cisco-CSS/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/device.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/general.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_111) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/general.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.cpp > CMakeFiles/nipper.dir/Cisco-CSS/general.i + +CMakeFiles/nipper.dir/Cisco-CSS/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/general.s + +CMakeFiles/nipper.dir/Cisco-CSS/general.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/general.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/general.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/general.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/administration.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_112) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/administration.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.cpp > CMakeFiles/nipper.dir/Cisco-CSS/administration.i + +CMakeFiles/nipper.dir/Cisco-CSS/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/administration.s + +CMakeFiles/nipper.dir/Cisco-CSS/administration.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/administration.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/administration.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/administration.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/banner.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/banner.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_113) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/banner.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/banner.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/banner.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/banner.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.cpp > CMakeFiles/nipper.dir/Cisco-CSS/banner.i + +CMakeFiles/nipper.dir/Cisco-CSS/banner.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/banner.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/banner.s + +CMakeFiles/nipper.dir/Cisco-CSS/banner.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/banner.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/banner.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/banner.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/banner.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/banner.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/snmp.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_114) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/snmp.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.cpp > CMakeFiles/nipper.dir/Cisco-CSS/snmp.i + +CMakeFiles/nipper.dir/Cisco-CSS/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/snmp.s + +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/snmp.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/snmp-report.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/snmp-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_115) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp-report.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp-report.cpp > CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.i + +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp-report.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.s + +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/dns.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/dns.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_116) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/dns.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/dns.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/dns.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/dns.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.cpp > CMakeFiles/nipper.dir/Cisco-CSS/dns.i + +CMakeFiles/nipper.dir/Cisco-CSS/dns.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/dns.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/dns.s + +CMakeFiles/nipper.dir/Cisco-CSS/dns.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/dns.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/dns.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/dns.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/dns.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/dns.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/filter.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_117) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/filter.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.cpp > CMakeFiles/nipper.dir/Cisco-CSS/filter.i + +CMakeFiles/nipper.dir/Cisco-CSS/filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/filter.s + +CMakeFiles/nipper.dir/Cisco-CSS/filter.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/filter.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/filter.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/filter.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/authentication.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/authentication.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_118) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/authentication.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/authentication.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/authentication.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/authentication.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.cpp > CMakeFiles/nipper.dir/Cisco-CSS/authentication.i + +CMakeFiles/nipper.dir/Cisco-CSS/authentication.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/authentication.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/authentication.s + +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/authentication.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/authentication.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/authentication.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/interfaces.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/interfaces.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_119) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/interfaces.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.cpp > CMakeFiles/nipper.dir/Cisco-CSS/interfaces.i + +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/interfaces.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/interfaces.s + +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst/device.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_120) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst/device.i + +CMakeFiles/nipper.dir/Cisco-Catalyst/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst/device.s + +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst/general.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_121) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst/general.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst/general.i + +CMakeFiles/nipper.dir/Cisco-Catalyst/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst/general.s + +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/general.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_122) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst/administration.i + +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst/administration.s + +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst/authentication.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/authentication.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_123) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.i + +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.s + +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst/banner.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/banner.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_124) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst/banner.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst/banner.i + +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst/banner.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst/banner.s + +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst/dns.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/dns.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_125) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst/dns.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst/dns.i + +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst/dns.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst/dns.s + +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst/snmp.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_126) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.i + +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.s + +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst/interfaces.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/interfaces.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_127) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.i + +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.s + +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst-CatOS/device.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: Cisco-Catalyst-CatOS/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_128) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.i + +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.s + +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst-NMP/device.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: Cisco-Catalyst-NMP/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_129) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.i + +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.s + +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint/device.cpp + +CMakeFiles/nipper.dir/CheckPoint/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_130) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint/device.o -c /home/dbryan/libnipper-0.12.6/CheckPoint/device.cpp + +CMakeFiles/nipper.dir/CheckPoint/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint/device.cpp > CMakeFiles/nipper.dir/CheckPoint/device.i + +CMakeFiles/nipper.dir/CheckPoint/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint/device.cpp -o CMakeFiles/nipper.dir/CheckPoint/device.s + +CMakeFiles/nipper.dir/CheckPoint/device.o.requires: + +CMakeFiles/nipper.dir/CheckPoint/device.o.provides: CMakeFiles/nipper.dir/CheckPoint/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/device.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint/device.o.provides.build: CMakeFiles/nipper.dir/CheckPoint/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint/device-policies.cpp + +CMakeFiles/nipper.dir/CheckPoint/device-policies.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint/device-policies.o: CheckPoint/device-policies.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_131) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint/device-policies.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint/device-policies.o -c /home/dbryan/libnipper-0.12.6/CheckPoint/device-policies.cpp + +CMakeFiles/nipper.dir/CheckPoint/device-policies.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint/device-policies.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint/device-policies.cpp > CMakeFiles/nipper.dir/CheckPoint/device-policies.i + +CMakeFiles/nipper.dir/CheckPoint/device-policies.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint/device-policies.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint/device-policies.cpp -o CMakeFiles/nipper.dir/CheckPoint/device-policies.s + +CMakeFiles/nipper.dir/CheckPoint/device-policies.o.requires: + +CMakeFiles/nipper.dir/CheckPoint/device-policies.o.provides: CMakeFiles/nipper.dir/CheckPoint/device-policies.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/device-policies.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint/device-policies.o.provides.build: CMakeFiles/nipper.dir/CheckPoint/device-policies.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint/general.cpp + +CMakeFiles/nipper.dir/CheckPoint/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_132) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint/general.o -c /home/dbryan/libnipper-0.12.6/CheckPoint/general.cpp + +CMakeFiles/nipper.dir/CheckPoint/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint/general.cpp > CMakeFiles/nipper.dir/CheckPoint/general.i + +CMakeFiles/nipper.dir/CheckPoint/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint/general.cpp -o CMakeFiles/nipper.dir/CheckPoint/general.s + +CMakeFiles/nipper.dir/CheckPoint/general.o.requires: + +CMakeFiles/nipper.dir/CheckPoint/general.o.provides: CMakeFiles/nipper.dir/CheckPoint/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/general.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint/general.o.provides.build: CMakeFiles/nipper.dir/CheckPoint/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint/filter.cpp + +CMakeFiles/nipper.dir/CheckPoint/filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_133) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint/filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint/filter.o -c /home/dbryan/libnipper-0.12.6/CheckPoint/filter.cpp + +CMakeFiles/nipper.dir/CheckPoint/filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint/filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint/filter.cpp > CMakeFiles/nipper.dir/CheckPoint/filter.i + +CMakeFiles/nipper.dir/CheckPoint/filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint/filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint/filter.cpp -o CMakeFiles/nipper.dir/CheckPoint/filter.s + +CMakeFiles/nipper.dir/CheckPoint/filter.o.requires: + +CMakeFiles/nipper.dir/CheckPoint/filter.o.provides: CMakeFiles/nipper.dir/CheckPoint/filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint/filter.o.provides.build: CMakeFiles/nipper.dir/CheckPoint/filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint/filter-objects.cpp + +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/filter-objects.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_134) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint/filter-objects.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint/filter-objects.o -c /home/dbryan/libnipper-0.12.6/CheckPoint/filter-objects.cpp + +CMakeFiles/nipper.dir/CheckPoint/filter-objects.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint/filter-objects.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint/filter-objects.cpp > CMakeFiles/nipper.dir/CheckPoint/filter-objects.i + +CMakeFiles/nipper.dir/CheckPoint/filter-objects.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint/filter-objects.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint/filter-objects.cpp -o CMakeFiles/nipper.dir/CheckPoint/filter-objects.s + +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o.requires: + +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o.provides: CMakeFiles/nipper.dir/CheckPoint/filter-objects.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter-objects.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o.provides.build: CMakeFiles/nipper.dir/CheckPoint/filter-objects.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint/filter-rules.cpp + +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/filter-rules.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_135) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint/filter-rules.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint/filter-rules.o -c /home/dbryan/libnipper-0.12.6/CheckPoint/filter-rules.cpp + +CMakeFiles/nipper.dir/CheckPoint/filter-rules.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint/filter-rules.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint/filter-rules.cpp > CMakeFiles/nipper.dir/CheckPoint/filter-rules.i + +CMakeFiles/nipper.dir/CheckPoint/filter-rules.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint/filter-rules.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint/filter-rules.cpp -o CMakeFiles/nipper.dir/CheckPoint/filter-rules.s + +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o.requires: + +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o.provides: CMakeFiles/nipper.dir/CheckPoint/filter-rules.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter-rules.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o.provides.build: CMakeFiles/nipper.dir/CheckPoint/filter-rules.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint/filter-services.cpp + +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/filter-services.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_136) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint/filter-services.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint/filter-services.o -c /home/dbryan/libnipper-0.12.6/CheckPoint/filter-services.cpp + +CMakeFiles/nipper.dir/CheckPoint/filter-services.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint/filter-services.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint/filter-services.cpp > CMakeFiles/nipper.dir/CheckPoint/filter-services.i + +CMakeFiles/nipper.dir/CheckPoint/filter-services.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint/filter-services.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint/filter-services.cpp -o CMakeFiles/nipper.dir/CheckPoint/filter-services.s + +CMakeFiles/nipper.dir/CheckPoint/filter-services.o.requires: + +CMakeFiles/nipper.dir/CheckPoint/filter-services.o.provides: CMakeFiles/nipper.dir/CheckPoint/filter-services.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter-services.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint/filter-services.o.provides.build: CMakeFiles/nipper.dir/CheckPoint/filter-services.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint-Firewall/device.cpp + +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o: CheckPoint-Firewall/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_137) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o -c /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.cpp + +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint-Firewall/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.cpp > CMakeFiles/nipper.dir/CheckPoint-Firewall/device.i + +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint-Firewall/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.cpp -o CMakeFiles/nipper.dir/CheckPoint-Firewall/device.s + +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o.requires: + +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o.provides: CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o.provides.build: CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint-Management/device.cpp + +CMakeFiles/nipper.dir/CheckPoint-Management/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint-Management/device.o: CheckPoint-Management/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_138) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint-Management/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint-Management/device.o -c /home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.cpp + +CMakeFiles/nipper.dir/CheckPoint-Management/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint-Management/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.cpp > CMakeFiles/nipper.dir/CheckPoint-Management/device.i + +CMakeFiles/nipper.dir/CheckPoint-Management/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint-Management/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.cpp -o CMakeFiles/nipper.dir/CheckPoint-Management/device.s + +CMakeFiles/nipper.dir/CheckPoint-Management/device.o.requires: + +CMakeFiles/nipper.dir/CheckPoint-Management/device.o.provides: CMakeFiles/nipper.dir/CheckPoint-Management/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint-Management/device.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint-Management/device.o.provides.build: CMakeFiles/nipper.dir/CheckPoint-Management/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nokia-IP/device.cpp + +CMakeFiles/nipper.dir/Nokia-IP/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nokia-IP/device.o: Nokia-IP/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_139) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nokia-IP/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nokia-IP/device.o -c /home/dbryan/libnipper-0.12.6/Nokia-IP/device.cpp + +CMakeFiles/nipper.dir/Nokia-IP/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nokia-IP/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nokia-IP/device.cpp > CMakeFiles/nipper.dir/Nokia-IP/device.i + +CMakeFiles/nipper.dir/Nokia-IP/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nokia-IP/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nokia-IP/device.cpp -o CMakeFiles/nipper.dir/Nokia-IP/device.s + +CMakeFiles/nipper.dir/Nokia-IP/device.o.requires: + +CMakeFiles/nipper.dir/Nokia-IP/device.o.provides: CMakeFiles/nipper.dir/Nokia-IP/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nokia-IP/device.o.provides.build + +CMakeFiles/nipper.dir/Nokia-IP/device.o.provides.build: CMakeFiles/nipper.dir/Nokia-IP/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/device.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_140) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/device.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/device.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/general.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_141) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/general.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/general.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/administration.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_142) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/administration-report.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/administration-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_143) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/authentication.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/authentication.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_144) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/banner.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/banner.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_145) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/snmp.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_146) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/filter.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_147) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/dns.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/dns.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_148) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/interfaces.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/interfaces.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_149) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nortel-Passport/device.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_150) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nortel-Passport/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nortel-Passport/device.o -c /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nortel-Passport/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.cpp > CMakeFiles/nipper.dir/Nortel-Passport/device.i + +CMakeFiles/nipper.dir/Nortel-Passport/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nortel-Passport/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.cpp -o CMakeFiles/nipper.dir/Nortel-Passport/device.s + +CMakeFiles/nipper.dir/Nortel-Passport/device.o.requires: + +CMakeFiles/nipper.dir/Nortel-Passport/device.o.provides: CMakeFiles/nipper.dir/Nortel-Passport/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/device.o.provides.build + +CMakeFiles/nipper.dir/Nortel-Passport/device.o.provides.build: CMakeFiles/nipper.dir/Nortel-Passport/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nortel-Passport/general.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_151) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nortel-Passport/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nortel-Passport/general.o -c /home/dbryan/libnipper-0.12.6/Nortel-Passport/general.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nortel-Passport/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nortel-Passport/general.cpp > CMakeFiles/nipper.dir/Nortel-Passport/general.i + +CMakeFiles/nipper.dir/Nortel-Passport/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nortel-Passport/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nortel-Passport/general.cpp -o CMakeFiles/nipper.dir/Nortel-Passport/general.s + +CMakeFiles/nipper.dir/Nortel-Passport/general.o.requires: + +CMakeFiles/nipper.dir/Nortel-Passport/general.o.provides: CMakeFiles/nipper.dir/Nortel-Passport/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/general.o.provides.build + +CMakeFiles/nipper.dir/Nortel-Passport/general.o.provides.build: CMakeFiles/nipper.dir/Nortel-Passport/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nortel-Passport/administration.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_152) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nortel-Passport/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nortel-Passport/administration.o -c /home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nortel-Passport/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.cpp > CMakeFiles/nipper.dir/Nortel-Passport/administration.i + +CMakeFiles/nipper.dir/Nortel-Passport/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nortel-Passport/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.cpp -o CMakeFiles/nipper.dir/Nortel-Passport/administration.s + +CMakeFiles/nipper.dir/Nortel-Passport/administration.o.requires: + +CMakeFiles/nipper.dir/Nortel-Passport/administration.o.provides: CMakeFiles/nipper.dir/Nortel-Passport/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/administration.o.provides.build + +CMakeFiles/nipper.dir/Nortel-Passport/administration.o.provides.build: CMakeFiles/nipper.dir/Nortel-Passport/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nortel-Passport/banner.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/banner.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_153) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nortel-Passport/banner.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nortel-Passport/banner.o -c /home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/banner.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nortel-Passport/banner.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.cpp > CMakeFiles/nipper.dir/Nortel-Passport/banner.i + +CMakeFiles/nipper.dir/Nortel-Passport/banner.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nortel-Passport/banner.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.cpp -o CMakeFiles/nipper.dir/Nortel-Passport/banner.s + +CMakeFiles/nipper.dir/Nortel-Passport/banner.o.requires: + +CMakeFiles/nipper.dir/Nortel-Passport/banner.o.provides: CMakeFiles/nipper.dir/Nortel-Passport/banner.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/banner.o.provides.build + +CMakeFiles/nipper.dir/Nortel-Passport/banner.o.provides.build: CMakeFiles/nipper.dir/Nortel-Passport/banner.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nortel-Passport/snmp.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_154) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nortel-Passport/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nortel-Passport/snmp.o -c /home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nortel-Passport/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.cpp > CMakeFiles/nipper.dir/Nortel-Passport/snmp.i + +CMakeFiles/nipper.dir/Nortel-Passport/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nortel-Passport/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.cpp -o CMakeFiles/nipper.dir/Nortel-Passport/snmp.s + +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o.requires: + +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o.provides: CMakeFiles/nipper.dir/Nortel-Passport/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/snmp.o.provides.build + +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o.provides.build: CMakeFiles/nipper.dir/Nortel-Passport/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nortel-Passport/filter.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_155) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nortel-Passport/filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nortel-Passport/filter.o -c /home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nortel-Passport/filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.cpp > CMakeFiles/nipper.dir/Nortel-Passport/filter.i + +CMakeFiles/nipper.dir/Nortel-Passport/filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nortel-Passport/filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.cpp -o CMakeFiles/nipper.dir/Nortel-Passport/filter.s + +CMakeFiles/nipper.dir/Nortel-Passport/filter.o.requires: + +CMakeFiles/nipper.dir/Nortel-Passport/filter.o.provides: CMakeFiles/nipper.dir/Nortel-Passport/filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/filter.o.provides.build + +CMakeFiles/nipper.dir/Nortel-Passport/filter.o.provides.build: CMakeFiles/nipper.dir/Nortel-Passport/filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nortel-Passport/interfaces.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/interfaces.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_156) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o -c /home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nortel-Passport/interfaces.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.cpp > CMakeFiles/nipper.dir/Nortel-Passport/interfaces.i + +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nortel-Passport/interfaces.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.cpp -o CMakeFiles/nipper.dir/Nortel-Passport/interfaces.s + +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o.requires: + +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o.provides: CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o.provides.build + +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o.provides.build: CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nortel-RoutingSwitch/device.cpp + +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o: Nortel-RoutingSwitch/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_157) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o -c /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp + +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp > CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.i + +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp -o CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.s + +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o.requires: + +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o.provides: CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o.provides.build + +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o.provides.build: CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: BayNetworks-Accelar/device.cpp + +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o: BayNetworks-Accelar/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_158) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o -c /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.cpp + +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/BayNetworks-Accelar/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.cpp > CMakeFiles/nipper.dir/BayNetworks-Accelar/device.i + +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/BayNetworks-Accelar/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.cpp -o CMakeFiles/nipper.dir/BayNetworks-Accelar/device.s + +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o.requires: + +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o.provides: CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o.provides.build + +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o.provides.build: CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/device.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_159) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/device.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.cpp > CMakeFiles/nipper.dir/HP-ProCurve/device.i + +CMakeFiles/nipper.dir/HP-ProCurve/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/device.s + +CMakeFiles/nipper.dir/HP-ProCurve/device.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/device.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/device.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/device.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/general.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_160) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/general.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/general.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/general.cpp > CMakeFiles/nipper.dir/HP-ProCurve/general.i + +CMakeFiles/nipper.dir/HP-ProCurve/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/general.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/general.s + +CMakeFiles/nipper.dir/HP-ProCurve/general.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/general.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/general.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/general.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/administration.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_161) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/administration.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.cpp > CMakeFiles/nipper.dir/HP-ProCurve/administration.i + +CMakeFiles/nipper.dir/HP-ProCurve/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/administration.s + +CMakeFiles/nipper.dir/HP-ProCurve/administration.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/administration.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/administration.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/administration.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/banner.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/banner.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_162) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/banner.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/banner.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/banner.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/banner.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.cpp > CMakeFiles/nipper.dir/HP-ProCurve/banner.i + +CMakeFiles/nipper.dir/HP-ProCurve/banner.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/banner.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/banner.s + +CMakeFiles/nipper.dir/HP-ProCurve/banner.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/banner.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/banner.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/banner.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/banner.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/banner.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/snmp.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_163) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/snmp.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.cpp > CMakeFiles/nipper.dir/HP-ProCurve/snmp.i + +CMakeFiles/nipper.dir/HP-ProCurve/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/snmp.s + +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/snmp.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/snmp-report.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/snmp-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_164) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp-report.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp-report.cpp > CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.i + +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp-report.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.s + +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/dns.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/dns.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_165) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/dns.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/dns.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/dns.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/dns.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.cpp > CMakeFiles/nipper.dir/HP-ProCurve/dns.i + +CMakeFiles/nipper.dir/HP-ProCurve/dns.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/dns.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/dns.s + +CMakeFiles/nipper.dir/HP-ProCurve/dns.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/dns.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/dns.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/dns.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/dns.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/dns.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/authentication.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/authentication.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_166) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/authentication.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/authentication.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/authentication.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/authentication.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.cpp > CMakeFiles/nipper.dir/HP-ProCurve/authentication.i + +CMakeFiles/nipper.dir/HP-ProCurve/authentication.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/authentication.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/authentication.s + +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/authentication.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/authentication.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/authentication.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/interfaces.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/interfaces.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_167) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/interfaces.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.cpp > CMakeFiles/nipper.dir/HP-ProCurve/interfaces.i + +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/interfaces.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/interfaces.s + +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: SonicWALL-SonicOS/device.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_168) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o -c /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.cpp > CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.i + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.cpp -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.s + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o.requires: + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o.provides: CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o.provides.build + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o.provides.build: CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: SonicWALL-SonicOS/dns.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/dns.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_169) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o -c /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp > CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.i + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.s + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o.requires: + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o.provides: CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o.provides.build + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o.provides.build: CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: SonicWALL-SonicOS/general.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_170) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o -c /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.cpp > CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.i + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.cpp -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.s + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o.requires: + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o.provides: CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o.provides.build + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o.provides.build: CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: SonicWALL-SonicOS/filter.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_171) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o -c /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp > CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.i + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.s + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o.requires: + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o.provides: CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o.provides.build + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o.provides.build: CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: SonicWALL-SonicOS/snmp.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_172) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o -c /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp > CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.i + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.s + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o.requires: + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o.provides: CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o.provides.build + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o.provides.build: CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: SonicWALL-SonicOS/administration.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_173) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o -c /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp > CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.i + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.s + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o.requires: + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o.provides: CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o.provides.build + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o.provides.build: CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: SonicWALL-SonicOS/administration-report.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/administration-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_174) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o -c /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp > CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.i + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.s + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o.requires: + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o.provides: CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o.provides.build + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o.provides.build: CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: 3Com-SuperStack3-Firewall/device.cpp + +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: 3Com-SuperStack3-Firewall/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_175) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o -c /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp + +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp > CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.i + +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp -o CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.s + +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o.requires: + +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o.provides: CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o.provides.build + +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o.provides.build: CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o + +CMakeFiles/nipper.dir/depend: CMakeFiles/nipper.dir/depend.make.mark + +CMakeFiles/nipper.dir/depend.make.mark: + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --magenta --bold "Scanning dependencies of target nipper" + cd /home/dbryan/libnipper-0.12.6 && $(CMAKE_COMMAND) -E cmake_depends "Unix Makefiles" /home/dbryan/libnipper-0.12.6 /home/dbryan/libnipper-0.12.6 /home/dbryan/libnipper-0.12.6 /home/dbryan/libnipper-0.12.6 /home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/DependInfo.cmake + +# Object files for target nipper +nipper_OBJECTS = \ +"CMakeFiles/nipper.dir/libnipper.o" \ +"CMakeFiles/nipper.dir/config.o" \ +"CMakeFiles/nipper.dir/report/report.o" \ +"CMakeFiles/nipper.dir/report/report-contents.o" \ +"CMakeFiles/nipper.dir/report/report-functions.o" \ +"CMakeFiles/nipper.dir/report/report-frontpage.o" \ +"CMakeFiles/nipper.dir/report/report-introduction.o" \ +"CMakeFiles/nipper.dir/report/report-list.o" \ +"CMakeFiles/nipper.dir/report/report-section-security.o" \ +"CMakeFiles/nipper.dir/report/report-section-compliance.o" \ +"CMakeFiles/nipper.dir/report/report-section-config.o" \ +"CMakeFiles/nipper.dir/report/report-section-appendix.o" \ +"CMakeFiles/nipper.dir/report/report-start.o" \ +"CMakeFiles/nipper.dir/report/report-table.o" \ +"CMakeFiles/nipper.dir/report/report-text.o" \ +"CMakeFiles/nipper.dir/report/report-titles.o" \ +"CMakeFiles/nipper.dir/device/device.o" \ +"CMakeFiles/nipper.dir/device/common/configline.o" \ +"CMakeFiles/nipper.dir/device/common/deviceconfig.o" \ +"CMakeFiles/nipper.dir/device/common/file.o" \ +"CMakeFiles/nipper.dir/device/common/misc.o" \ +"CMakeFiles/nipper.dir/device/common/paragraph.o" \ +"CMakeFiles/nipper.dir/device/common/passwords.o" \ +"CMakeFiles/nipper.dir/device/common/tables.o" \ +"CMakeFiles/nipper.dir/device/crypto/crypto-base64.o" \ +"CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o" \ +"CMakeFiles/nipper.dir/device/crypto/crypto-url.o" \ +"CMakeFiles/nipper.dir/device/reportgen/report.o" \ +"CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o" \ +"CMakeFiles/nipper.dir/device/reportgen/report-commonports.o" \ +"CMakeFiles/nipper.dir/device/reportgen/report-icmp.o" \ +"CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o" \ +"CMakeFiles/nipper.dir/device/reportgen/report-misc.o" \ +"CMakeFiles/nipper.dir/device/reportgen/report-numbering.o" \ +"CMakeFiles/nipper.dir/device/reportgen/report-protocols.o" \ +"CMakeFiles/nipper.dir/device/general/general.o" \ +"CMakeFiles/nipper.dir/device/administration/administration.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-bootp.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-finger.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-ftp.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-general.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-hosts.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-http.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-telnet.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-tftp.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-timeout.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-ssh.o" \ +"CMakeFiles/nipper.dir/device/dns/dns.o" \ +"CMakeFiles/nipper.dir/device/dns/dns-report.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication-general.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication-nt.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication-radius.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication-securid.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication-users.o" \ +"CMakeFiles/nipper.dir/device/banner/banner.o" \ +"CMakeFiles/nipper.dir/device/banner/banner-report.o" \ +"CMakeFiles/nipper.dir/device/filter/filter.o" \ +"CMakeFiles/nipper.dir/device/filter/filter-filter.o" \ +"CMakeFiles/nipper.dir/device/filter/filter-filter-report.o" \ +"CMakeFiles/nipper.dir/device/filter/filter-object.o" \ +"CMakeFiles/nipper.dir/device/filter/filter-object-report.o" \ +"CMakeFiles/nipper.dir/device/filter/filter-security.o" \ +"CMakeFiles/nipper.dir/device/filter/filter-security-report.o" \ +"CMakeFiles/nipper.dir/device/interfaces/interfaces.o" \ +"CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o" \ +"CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o" \ +"CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o" \ +"CMakeFiles/nipper.dir/device/snmp/snmp.o" \ +"CMakeFiles/nipper.dir/device/snmp/snmp-community.o" \ +"CMakeFiles/nipper.dir/device/snmp/snmp-group.o" \ +"CMakeFiles/nipper.dir/device/snmp/snmp-host.o" \ +"CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o" \ +"CMakeFiles/nipper.dir/device/snmp/snmp-traps.o" \ +"CMakeFiles/nipper.dir/device/snmp/snmp-user.o" \ +"CMakeFiles/nipper.dir/device/snmp/snmp-view.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/general.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/administration.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/authentication.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/banner.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/snmp.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/filter.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/dns.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/device.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/general.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/administration.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/authentication.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/banner.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/filter.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/snmp.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/dns.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/interfaces.o" \ +"CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o" \ +"CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o" \ +"CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o" \ +"CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o" \ +"CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o" \ +"CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/device.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/general.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/administration.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/banner.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/snmp.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/dns.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/filter.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/authentication.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst/device.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst/general.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o" \ +"CMakeFiles/nipper.dir/CheckPoint/device.o" \ +"CMakeFiles/nipper.dir/CheckPoint/device-policies.o" \ +"CMakeFiles/nipper.dir/CheckPoint/general.o" \ +"CMakeFiles/nipper.dir/CheckPoint/filter.o" \ +"CMakeFiles/nipper.dir/CheckPoint/filter-objects.o" \ +"CMakeFiles/nipper.dir/CheckPoint/filter-rules.o" \ +"CMakeFiles/nipper.dir/CheckPoint/filter-services.o" \ +"CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o" \ +"CMakeFiles/nipper.dir/CheckPoint-Management/device.o" \ +"CMakeFiles/nipper.dir/Nokia-IP/device.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o" \ +"CMakeFiles/nipper.dir/Nortel-Passport/device.o" \ +"CMakeFiles/nipper.dir/Nortel-Passport/general.o" \ +"CMakeFiles/nipper.dir/Nortel-Passport/administration.o" \ +"CMakeFiles/nipper.dir/Nortel-Passport/banner.o" \ +"CMakeFiles/nipper.dir/Nortel-Passport/snmp.o" \ +"CMakeFiles/nipper.dir/Nortel-Passport/filter.o" \ +"CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o" \ +"CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o" \ +"CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/device.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/general.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/administration.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/banner.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/snmp.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/dns.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/authentication.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o" \ +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o" \ +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o" \ +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o" \ +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o" \ +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o" \ +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o" \ +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o" \ +"CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o" + +# External object files for target nipper +nipper_EXTERNAL_OBJECTS = + +libnipper.so: CMakeFiles/nipper.dir/libnipper.o +libnipper.so: CMakeFiles/nipper.dir/config.o +libnipper.so: CMakeFiles/nipper.dir/report/report.o +libnipper.so: CMakeFiles/nipper.dir/report/report-contents.o +libnipper.so: CMakeFiles/nipper.dir/report/report-functions.o +libnipper.so: CMakeFiles/nipper.dir/report/report-frontpage.o +libnipper.so: CMakeFiles/nipper.dir/report/report-introduction.o +libnipper.so: CMakeFiles/nipper.dir/report/report-list.o +libnipper.so: CMakeFiles/nipper.dir/report/report-section-security.o +libnipper.so: CMakeFiles/nipper.dir/report/report-section-compliance.o +libnipper.so: CMakeFiles/nipper.dir/report/report-section-config.o +libnipper.so: CMakeFiles/nipper.dir/report/report-section-appendix.o +libnipper.so: CMakeFiles/nipper.dir/report/report-start.o +libnipper.so: CMakeFiles/nipper.dir/report/report-table.o +libnipper.so: CMakeFiles/nipper.dir/report/report-text.o +libnipper.so: CMakeFiles/nipper.dir/report/report-titles.o +libnipper.so: CMakeFiles/nipper.dir/device/device.o +libnipper.so: CMakeFiles/nipper.dir/device/common/configline.o +libnipper.so: CMakeFiles/nipper.dir/device/common/deviceconfig.o +libnipper.so: CMakeFiles/nipper.dir/device/common/file.o +libnipper.so: CMakeFiles/nipper.dir/device/common/misc.o +libnipper.so: CMakeFiles/nipper.dir/device/common/paragraph.o +libnipper.so: CMakeFiles/nipper.dir/device/common/passwords.o +libnipper.so: CMakeFiles/nipper.dir/device/common/tables.o +libnipper.so: CMakeFiles/nipper.dir/device/crypto/crypto-base64.o +libnipper.so: CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o +libnipper.so: CMakeFiles/nipper.dir/device/crypto/crypto-url.o +libnipper.so: CMakeFiles/nipper.dir/device/reportgen/report.o +libnipper.so: CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o +libnipper.so: CMakeFiles/nipper.dir/device/reportgen/report-commonports.o +libnipper.so: CMakeFiles/nipper.dir/device/reportgen/report-icmp.o +libnipper.so: CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o +libnipper.so: CMakeFiles/nipper.dir/device/reportgen/report-misc.o +libnipper.so: CMakeFiles/nipper.dir/device/reportgen/report-numbering.o +libnipper.so: CMakeFiles/nipper.dir/device/reportgen/report-protocols.o +libnipper.so: CMakeFiles/nipper.dir/device/general/general.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-bootp.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-finger.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-ftp.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-general.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-hosts.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-http.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-telnet.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-tftp.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-timeout.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-ssh.o +libnipper.so: CMakeFiles/nipper.dir/device/dns/dns.o +libnipper.so: CMakeFiles/nipper.dir/device/dns/dns-report.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication-general.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication-nt.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication-radius.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication-securid.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication-users.o +libnipper.so: CMakeFiles/nipper.dir/device/banner/banner.o +libnipper.so: CMakeFiles/nipper.dir/device/banner/banner-report.o +libnipper.so: CMakeFiles/nipper.dir/device/filter/filter.o +libnipper.so: CMakeFiles/nipper.dir/device/filter/filter-filter.o +libnipper.so: CMakeFiles/nipper.dir/device/filter/filter-filter-report.o +libnipper.so: CMakeFiles/nipper.dir/device/filter/filter-object.o +libnipper.so: CMakeFiles/nipper.dir/device/filter/filter-object-report.o +libnipper.so: CMakeFiles/nipper.dir/device/filter/filter-security.o +libnipper.so: CMakeFiles/nipper.dir/device/filter/filter-security-report.o +libnipper.so: CMakeFiles/nipper.dir/device/interfaces/interfaces.o +libnipper.so: CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o +libnipper.so: CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o +libnipper.so: CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o +libnipper.so: CMakeFiles/nipper.dir/device/snmp/snmp.o +libnipper.so: CMakeFiles/nipper.dir/device/snmp/snmp-community.o +libnipper.so: CMakeFiles/nipper.dir/device/snmp/snmp-group.o +libnipper.so: CMakeFiles/nipper.dir/device/snmp/snmp-host.o +libnipper.so: CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o +libnipper.so: CMakeFiles/nipper.dir/device/snmp/snmp-traps.o +libnipper.so: CMakeFiles/nipper.dir/device/snmp/snmp-user.o +libnipper.so: CMakeFiles/nipper.dir/device/snmp/snmp-view.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/general.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/administration.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/authentication.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/banner.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/snmp.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/filter.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/dns.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/general.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/administration.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/authentication.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/banner.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/filter.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/snmp.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/dns.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/interfaces.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/general.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/administration.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/banner.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/snmp.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/dns.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/filter.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/authentication.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst/general.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint/device.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint/device-policies.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint/general.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint/filter.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint/filter-objects.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint/filter-rules.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint/filter-services.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint-Management/device.o +libnipper.so: CMakeFiles/nipper.dir/Nokia-IP/device.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o +libnipper.so: CMakeFiles/nipper.dir/Nortel-Passport/device.o +libnipper.so: CMakeFiles/nipper.dir/Nortel-Passport/general.o +libnipper.so: CMakeFiles/nipper.dir/Nortel-Passport/administration.o +libnipper.so: CMakeFiles/nipper.dir/Nortel-Passport/banner.o +libnipper.so: CMakeFiles/nipper.dir/Nortel-Passport/snmp.o +libnipper.so: CMakeFiles/nipper.dir/Nortel-Passport/filter.o +libnipper.so: CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o +libnipper.so: CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o +libnipper.so: CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/device.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/general.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/administration.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/banner.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/snmp.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/dns.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/authentication.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o +libnipper.so: CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o +libnipper.so: CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o +libnipper.so: CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o +libnipper.so: CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o +libnipper.so: CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o +libnipper.so: CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o +libnipper.so: CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o +libnipper.so: CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o +libnipper.so: CMakeFiles/nipper.dir/build.make + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --red --bold "Linking CXX shared library libnipper.so" + $(CMAKE_COMMAND) -P CMakeFiles/nipper.dir/cmake_clean_target.cmake + $(CMAKE_COMMAND) -E cmake_link_script CMakeFiles/nipper.dir/link.txt --verbose=$(VERBOSE) + +# Rule to build all files generated by this target. +CMakeFiles/nipper.dir/build: libnipper.so + +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/libnipper.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/config.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-contents.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-functions.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-frontpage.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-introduction.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-list.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-section-security.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-section-compliance.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-section-config.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-section-appendix.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-start.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-table.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-text.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-titles.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/common/configline.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/common/deviceconfig.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/common/file.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/common/misc.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/common/paragraph.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/common/passwords.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/common/tables.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/crypto/crypto-base64.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/crypto/crypto-url.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/reportgen/report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/reportgen/report-commonports.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/reportgen/report-icmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/reportgen/report-misc.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/reportgen/report-numbering.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/reportgen/report-protocols.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/general/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-bootp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-finger.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-ftp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-hosts.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-http.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-telnet.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-tftp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-timeout.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-ssh.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/dns/dns.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/dns/dns-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication-general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication-nt.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication-radius.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication-securid.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication-users.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/banner/banner.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/banner/banner-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/filter/filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/filter/filter-filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/filter/filter-filter-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/filter/filter-object.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/filter/filter-object-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/filter/filter-security.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/filter/filter-security-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/interfaces/interfaces.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/snmp/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/snmp/snmp-community.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/snmp/snmp-group.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/snmp/snmp-host.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/snmp/snmp-traps.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/snmp/snmp-user.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/snmp/snmp-view.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/authentication.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/banner.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/dns.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/authentication.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/banner.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/dns.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/interfaces.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/banner.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/dns.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/authentication.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint/device-policies.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint/filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint/filter-objects.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint/filter-rules.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint/filter-services.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint-Management/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nokia-IP/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nortel-Passport/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nortel-Passport/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nortel-Passport/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nortel-Passport/banner.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nortel-Passport/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nortel-Passport/filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/banner.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/dns.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/authentication.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o.requires + +CMakeFiles/nipper.dir/clean: + $(CMAKE_COMMAND) -P CMakeFiles/nipper.dir/cmake_clean.cmake + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/cmake_clean.cmake.svn-base b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/cmake_clean.cmake.svn-base new file mode 100644 index 0000000..d463919 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/cmake_clean.cmake.svn-base @@ -0,0 +1,180 @@ +FILE(REMOVE +"libnipper.pdb" +"libnipper.a" +"libnipper.so" +"CMakeFiles/nipper.dir/libnipper.o" +"CMakeFiles/nipper.dir/config.o" +"CMakeFiles/nipper.dir/report/report.o" +"CMakeFiles/nipper.dir/report/report-contents.o" +"CMakeFiles/nipper.dir/report/report-functions.o" +"CMakeFiles/nipper.dir/report/report-frontpage.o" +"CMakeFiles/nipper.dir/report/report-introduction.o" +"CMakeFiles/nipper.dir/report/report-list.o" +"CMakeFiles/nipper.dir/report/report-section-security.o" +"CMakeFiles/nipper.dir/report/report-section-compliance.o" +"CMakeFiles/nipper.dir/report/report-section-config.o" +"CMakeFiles/nipper.dir/report/report-section-appendix.o" +"CMakeFiles/nipper.dir/report/report-start.o" +"CMakeFiles/nipper.dir/report/report-table.o" +"CMakeFiles/nipper.dir/report/report-text.o" +"CMakeFiles/nipper.dir/report/report-titles.o" +"CMakeFiles/nipper.dir/device/device.o" +"CMakeFiles/nipper.dir/device/common/configline.o" +"CMakeFiles/nipper.dir/device/common/deviceconfig.o" +"CMakeFiles/nipper.dir/device/common/file.o" +"CMakeFiles/nipper.dir/device/common/misc.o" +"CMakeFiles/nipper.dir/device/common/paragraph.o" +"CMakeFiles/nipper.dir/device/common/passwords.o" +"CMakeFiles/nipper.dir/device/common/tables.o" +"CMakeFiles/nipper.dir/device/crypto/crypto-base64.o" +"CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o" +"CMakeFiles/nipper.dir/device/crypto/crypto-url.o" +"CMakeFiles/nipper.dir/device/reportgen/report.o" +"CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o" +"CMakeFiles/nipper.dir/device/reportgen/report-commonports.o" +"CMakeFiles/nipper.dir/device/reportgen/report-icmp.o" +"CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o" +"CMakeFiles/nipper.dir/device/reportgen/report-misc.o" +"CMakeFiles/nipper.dir/device/reportgen/report-numbering.o" +"CMakeFiles/nipper.dir/device/reportgen/report-protocols.o" +"CMakeFiles/nipper.dir/device/general/general.o" +"CMakeFiles/nipper.dir/device/administration/administration.o" +"CMakeFiles/nipper.dir/device/administration/administration-bootp.o" +"CMakeFiles/nipper.dir/device/administration/administration-finger.o" +"CMakeFiles/nipper.dir/device/administration/administration-ftp.o" +"CMakeFiles/nipper.dir/device/administration/administration-general.o" +"CMakeFiles/nipper.dir/device/administration/administration-hosts.o" +"CMakeFiles/nipper.dir/device/administration/administration-http.o" +"CMakeFiles/nipper.dir/device/administration/administration-telnet.o" +"CMakeFiles/nipper.dir/device/administration/administration-tftp.o" +"CMakeFiles/nipper.dir/device/administration/administration-timeout.o" +"CMakeFiles/nipper.dir/device/administration/administration-ssh.o" +"CMakeFiles/nipper.dir/device/dns/dns.o" +"CMakeFiles/nipper.dir/device/dns/dns-report.o" +"CMakeFiles/nipper.dir/device/authentication/authentication.o" +"CMakeFiles/nipper.dir/device/authentication/authentication-general.o" +"CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o" +"CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o" +"CMakeFiles/nipper.dir/device/authentication/authentication-nt.o" +"CMakeFiles/nipper.dir/device/authentication/authentication-radius.o" +"CMakeFiles/nipper.dir/device/authentication/authentication-securid.o" +"CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o" +"CMakeFiles/nipper.dir/device/authentication/authentication-users.o" +"CMakeFiles/nipper.dir/device/banner/banner.o" +"CMakeFiles/nipper.dir/device/banner/banner-report.o" +"CMakeFiles/nipper.dir/device/filter/filter.o" +"CMakeFiles/nipper.dir/device/filter/filter-filter.o" +"CMakeFiles/nipper.dir/device/filter/filter-filter-report.o" +"CMakeFiles/nipper.dir/device/filter/filter-object.o" +"CMakeFiles/nipper.dir/device/filter/filter-object-report.o" +"CMakeFiles/nipper.dir/device/filter/filter-security.o" +"CMakeFiles/nipper.dir/device/filter/filter-security-report.o" +"CMakeFiles/nipper.dir/device/interfaces/interfaces.o" +"CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o" +"CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o" +"CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o" +"CMakeFiles/nipper.dir/device/snmp/snmp.o" +"CMakeFiles/nipper.dir/device/snmp/snmp-community.o" +"CMakeFiles/nipper.dir/device/snmp/snmp-group.o" +"CMakeFiles/nipper.dir/device/snmp/snmp-host.o" +"CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o" +"CMakeFiles/nipper.dir/device/snmp/snmp-traps.o" +"CMakeFiles/nipper.dir/device/snmp/snmp-user.o" +"CMakeFiles/nipper.dir/device/snmp/snmp-view.o" +"CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o" +"CMakeFiles/nipper.dir/Cisco-IOS/general.o" +"CMakeFiles/nipper.dir/Cisco-IOS/administration.o" +"CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o" +"CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o" +"CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o" +"CMakeFiles/nipper.dir/Cisco-IOS/authentication.o" +"CMakeFiles/nipper.dir/Cisco-IOS/banner.o" +"CMakeFiles/nipper.dir/Cisco-IOS/snmp.o" +"CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o" +"CMakeFiles/nipper.dir/Cisco-IOS/filter.o" +"CMakeFiles/nipper.dir/Cisco-IOS/dns.o" +"CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o" +"CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o" +"CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o" +"CMakeFiles/nipper.dir/Cisco-Security/device.o" +"CMakeFiles/nipper.dir/Cisco-Security/general.o" +"CMakeFiles/nipper.dir/Cisco-Security/administration.o" +"CMakeFiles/nipper.dir/Cisco-Security/authentication.o" +"CMakeFiles/nipper.dir/Cisco-Security/banner.o" +"CMakeFiles/nipper.dir/Cisco-Security/filter.o" +"CMakeFiles/nipper.dir/Cisco-Security/snmp.o" +"CMakeFiles/nipper.dir/Cisco-Security/dns.o" +"CMakeFiles/nipper.dir/Cisco-Security/interfaces.o" +"CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o" +"CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o" +"CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o" +"CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o" +"CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o" +"CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o" +"CMakeFiles/nipper.dir/Cisco-CSS/device.o" +"CMakeFiles/nipper.dir/Cisco-CSS/general.o" +"CMakeFiles/nipper.dir/Cisco-CSS/administration.o" +"CMakeFiles/nipper.dir/Cisco-CSS/banner.o" +"CMakeFiles/nipper.dir/Cisco-CSS/snmp.o" +"CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o" +"CMakeFiles/nipper.dir/Cisco-CSS/dns.o" +"CMakeFiles/nipper.dir/Cisco-CSS/filter.o" +"CMakeFiles/nipper.dir/Cisco-CSS/authentication.o" +"CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst/device.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst/general.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o" +"CMakeFiles/nipper.dir/CheckPoint/device.o" +"CMakeFiles/nipper.dir/CheckPoint/device-policies.o" +"CMakeFiles/nipper.dir/CheckPoint/general.o" +"CMakeFiles/nipper.dir/CheckPoint/filter.o" +"CMakeFiles/nipper.dir/CheckPoint/filter-objects.o" +"CMakeFiles/nipper.dir/CheckPoint/filter-rules.o" +"CMakeFiles/nipper.dir/CheckPoint/filter-services.o" +"CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o" +"CMakeFiles/nipper.dir/CheckPoint-Management/device.o" +"CMakeFiles/nipper.dir/Nokia-IP/device.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o" +"CMakeFiles/nipper.dir/Nortel-Passport/device.o" +"CMakeFiles/nipper.dir/Nortel-Passport/general.o" +"CMakeFiles/nipper.dir/Nortel-Passport/administration.o" +"CMakeFiles/nipper.dir/Nortel-Passport/banner.o" +"CMakeFiles/nipper.dir/Nortel-Passport/snmp.o" +"CMakeFiles/nipper.dir/Nortel-Passport/filter.o" +"CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o" +"CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o" +"CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o" +"CMakeFiles/nipper.dir/HP-ProCurve/device.o" +"CMakeFiles/nipper.dir/HP-ProCurve/general.o" +"CMakeFiles/nipper.dir/HP-ProCurve/administration.o" +"CMakeFiles/nipper.dir/HP-ProCurve/banner.o" +"CMakeFiles/nipper.dir/HP-ProCurve/snmp.o" +"CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o" +"CMakeFiles/nipper.dir/HP-ProCurve/dns.o" +"CMakeFiles/nipper.dir/HP-ProCurve/authentication.o" +"CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o" +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o" +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o" +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o" +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o" +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o" +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o" +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o" +"CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o" +) diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/cmake_clean_target.cmake.svn-base b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/cmake_clean_target.cmake.svn-base new file mode 100644 index 0000000..cb00d19 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/cmake_clean_target.cmake.svn-base @@ -0,0 +1,4 @@ +FILE(REMOVE +"libnipper.a" +"libnipper.so" +) diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/depend.internal.svn-base b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/depend.internal.svn-base new file mode 100644 index 0000000..05cbc16 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/depend.internal.svn-base @@ -0,0 +1,1664 @@ +# CMAKE generated file: DO NOT EDIT! +# Generated by "Unix Makefiles" Generator, CMake Version 2.4 + +CMakeFiles/nipper.dir/device/snmp/snmp-user.o + /home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + /home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/snmp/../device.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp-user.cpp + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o + /home/dbryan/libnipper-0.12.6/device/interfaces/../../config.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../device.h + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-report.cpp + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-IOS/filter.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-Security/general.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/general.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security/administration.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/administration.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +CMakeFiles/nipper.dir/device/snmp/snmp.o + /home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + /home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/snmp/../device.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.cpp + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/CheckPoint/device-policies.o + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h + /home/dbryan/libnipper-0.12.6/CheckPoint/device-policies.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint/general.o + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/general/general.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h + /home/dbryan/libnipper-0.12.6/CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/general.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint/general.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o + /home/dbryan/libnipper-0.12.6/device/interfaces/../../config.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../administration/administration.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../device.h + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-security.cpp + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-IOS/general.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-report.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-line.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security/banner.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/banner/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/banner.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security/filter.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/filter.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/filter.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/dns.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/iosdevice.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/iosdevice.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.h +CMakeFiles/nipper.dir/Cisco-Security/device.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.h +CMakeFiles/nipper.dir/device/snmp/snmp-group.o + /home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + /home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/snmp/../device.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp-group.cpp + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/device/snmp/snmp-host.o + /home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + /home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/snmp/../device.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp-host.cpp + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-security.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/device/snmp/snmp-community.o + /home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + /home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/snmp/../device.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp-community.cpp + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/device/interfaces/interfaces.o + /home/dbryan/libnipper-0.12.6/device/interfaces/../../config.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../device.h + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.cpp + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o + /home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + /home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/snmp/../device.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp-misc-issues.cpp + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp-report.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.h +CMakeFiles/nipper.dir/CheckPoint/filter.o + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h + /home/dbryan/libnipper-0.12.6/CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/filter.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint/filter.h +CMakeFiles/nipper.dir/device/filter/filter-security-report.o + /home/dbryan/libnipper-0.12.6/device/filter/../../config.h + /home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/filter/../device.h + /home/dbryan/libnipper-0.12.6/device/filter/filter-security-report.cpp + /home/dbryan/libnipper-0.12.6/device/filter/filter.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o + /home/dbryan/libnipper-0.12.6/device/interfaces/../../config.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../device.h + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-interface.cpp + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h +CMakeFiles/nipper.dir/device/snmp/snmp-view.o + /home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + /home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/snmp/../device.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp-view.cpp + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS/banner.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/banner/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o + /home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + /home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/snmp/../device.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp-traps.cpp + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/device/filter/filter-security.o + /home/dbryan/libnipper-0.12.6/device/filter/../../config.h + /home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/filter/../device.h + /home/dbryan/libnipper-0.12.6/device/filter/filter-security.cpp + /home/dbryan/libnipper-0.12.6/device/filter/filter.h +CMakeFiles/nipper.dir/device/filter/filter-object-report.o + /home/dbryan/libnipper-0.12.6/device/filter/../../config.h + /home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/filter/../device.h + /home/dbryan/libnipper-0.12.6/device/filter/filter-object-report.cpp + /home/dbryan/libnipper-0.12.6/device/filter/filter.h +CMakeFiles/nipper.dir/device/filter/filter-object.o + /home/dbryan/libnipper-0.12.6/device/filter/../../config.h + /home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/filter/../device.h + /home/dbryan/libnipper-0.12.6/device/filter/filter-object.cpp + /home/dbryan/libnipper-0.12.6/device/filter/filter.h +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o + /home/dbryan/libnipper-0.12.6/device/filter/../../config.h + /home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/filter/../device.h + /home/dbryan/libnipper-0.12.6/device/filter/filter-filter-report.cpp + /home/dbryan/libnipper-0.12.6/device/filter/filter.h +CMakeFiles/nipper.dir/device/filter/filter-filter.o + /home/dbryan/libnipper-0.12.6/device/filter/../../config.h + /home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/filter/../device.h + /home/dbryan/libnipper-0.12.6/device/filter/filter-filter.cpp + /home/dbryan/libnipper-0.12.6/device/filter/filter.h +CMakeFiles/nipper.dir/device/authentication/authentication-users.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication-users.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/filter/filter.o + /home/dbryan/libnipper-0.12.6/device/filter/../../config.h + /home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/filter/../device.h + /home/dbryan/libnipper-0.12.6/device/filter/filter.cpp + /home/dbryan/libnipper-0.12.6/device/filter/filter.h +CMakeFiles/nipper.dir/device/banner/banner-report.o + /home/dbryan/libnipper-0.12.6/device/banner/../../config.h + /home/dbryan/libnipper-0.12.6/device/banner/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/banner/../device.h + /home/dbryan/libnipper-0.12.6/device/banner/../general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/banner/../general/general.h + /home/dbryan/libnipper-0.12.6/device/banner/banner-report.cpp + /home/dbryan/libnipper-0.12.6/device/banner/banner.h +CMakeFiles/nipper.dir/device/banner/banner.o + /home/dbryan/libnipper-0.12.6/device/banner/../../config.h + /home/dbryan/libnipper-0.12.6/device/banner/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/banner/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/banner/../device.h + /home/dbryan/libnipper-0.12.6/device/banner/banner.cpp + /home/dbryan/libnipper-0.12.6/device/banner/banner.h +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication-tacacs.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication-securid.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication-radius.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication-nt.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication-ldap.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/authentication/authentication-general.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication-general.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication-kerberos.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/authentication/authentication.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/dns/dns-report.o + /home/dbryan/libnipper-0.12.6/device/dns/../../config.h + /home/dbryan/libnipper-0.12.6/device/dns/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/dns/../device.h + /home/dbryan/libnipper-0.12.6/device/dns/dns-report.cpp + /home/dbryan/libnipper-0.12.6/device/dns/dns.h +CMakeFiles/nipper.dir/device/dns/dns.o + /home/dbryan/libnipper-0.12.6/device/dns/../../config.h + /home/dbryan/libnipper-0.12.6/device/dns/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/dns/../device.h + /home/dbryan/libnipper-0.12.6/device/dns/dns.cpp + /home/dbryan/libnipper-0.12.6/device/dns/dns.h +CMakeFiles/nipper.dir/device/administration/administration-ssh.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-ssh.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-timeout.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-timeout.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-tftp.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-tftp.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-telnet.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-telnet.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-ftp.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-ftp.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-finger.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-finger.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-http.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-http.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-hosts.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-hosts.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-general.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-general.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-bootp.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-bootp.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o + /home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + /home/dbryan/libnipper-0.12.6/device/reportgen/report-logginglevels.cpp +CMakeFiles/nipper.dir/device/administration/administration.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/../interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/device/administration/administration.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/general/general.o + /home/dbryan/libnipper-0.12.6/device/general/../../config.h + /home/dbryan/libnipper-0.12.6/device/general/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/general/../device.h + /home/dbryan/libnipper-0.12.6/device/general/general.cpp + /home/dbryan/libnipper-0.12.6/device/general/general.h +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o + /home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + /home/dbryan/libnipper-0.12.6/device/reportgen/report-protocols.cpp +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o + /home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + /home/dbryan/libnipper-0.12.6/device/reportgen/report-numbering.cpp +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o + /home/dbryan/libnipper-0.12.6/device/crypto/../../config.h + /home/dbryan/libnipper-0.12.6/device/crypto/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/crypto/../device.h + /home/dbryan/libnipper-0.12.6/device/crypto/crypto-base64.cpp +CMakeFiles/nipper.dir/device/common/tables.o + /home/dbryan/libnipper-0.12.6/device/common/../../config.h + /home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/common/../device.h + /home/dbryan/libnipper-0.12.6/device/common/tables.cpp +CMakeFiles/nipper.dir/device/reportgen/report-misc.o + /home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + /home/dbryan/libnipper-0.12.6/device/reportgen/report-misc.cpp +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o + /home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + /home/dbryan/libnipper-0.12.6/device/reportgen/report-icmp.cpp +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o + /home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + /home/dbryan/libnipper-0.12.6/device/reportgen/report-abbreviations.cpp +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o + /home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + /home/dbryan/libnipper-0.12.6/device/reportgen/report-commonports.cpp +CMakeFiles/nipper.dir/device/reportgen/report.o + /home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../administration/administration.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../authentication/authentication.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../banner/banner.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../dns/dns.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../filter/filter.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../general/general.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../snmp/snmp.h + /home/dbryan/libnipper-0.12.6/device/reportgen/report.cpp +CMakeFiles/nipper.dir/device/crypto/crypto-url.o + /home/dbryan/libnipper-0.12.6/device/crypto/../../config.h + /home/dbryan/libnipper-0.12.6/device/crypto/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/crypto/../device.h + /home/dbryan/libnipper-0.12.6/device/crypto/crypto-url.cpp +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o + /home/dbryan/libnipper-0.12.6/device/crypto/../../config.h + /home/dbryan/libnipper-0.12.6/device/crypto/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/crypto/../device.h + /home/dbryan/libnipper-0.12.6/device/crypto/crypto-ciscotype7.cpp +CMakeFiles/nipper.dir/report/report-titles.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/report/../device/general/general.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-titles.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-text.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/report/../device/general/general.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-text.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-table.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-table.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/device/common/passwords.o + /home/dbryan/libnipper-0.12.6/device/common/../../config.h + /home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/common/../device.h + /home/dbryan/libnipper-0.12.6/device/common/../general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/common/../general/general.h + /home/dbryan/libnipper-0.12.6/device/common/passwords.cpp +CMakeFiles/nipper.dir/device/common/paragraph.o + /home/dbryan/libnipper-0.12.6/device/common/../../config.h + /home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/common/../device.h + /home/dbryan/libnipper-0.12.6/device/common/paragraph.cpp +CMakeFiles/nipper.dir/device/common/misc.o + /home/dbryan/libnipper-0.12.6/device/common/../../config.h + /home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/common/../device.h + /home/dbryan/libnipper-0.12.6/device/common/misc.cpp +CMakeFiles/nipper.dir/device/common/file.o + /home/dbryan/libnipper-0.12.6/device/common/../../config.h + /home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/common/../device.h + /home/dbryan/libnipper-0.12.6/device/common/../errortext.h + /home/dbryan/libnipper-0.12.6/device/common/file.cpp +CMakeFiles/nipper.dir/device/common/deviceconfig.o + /home/dbryan/libnipper-0.12.6/device/common/../../config.h + /home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/common/../device.h + /home/dbryan/libnipper-0.12.6/device/common/configline.h + /home/dbryan/libnipper-0.12.6/device/common/deviceconfig.cpp + /home/dbryan/libnipper-0.12.6/device/common/deviceconfig.h +CMakeFiles/nipper.dir/device/common/configline.o + /home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/common/configline.cpp + /home/dbryan/libnipper-0.12.6/device/common/configline.h +CMakeFiles/nipper.dir/device/device.o + /home/dbryan/libnipper-0.12.6/device/../config.h + /home/dbryan/libnipper-0.12.6/device/../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/administration.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/device/banner/banner.h + /home/dbryan/libnipper-0.12.6/device/device.cpp + /home/dbryan/libnipper-0.12.6/device/device.h + /home/dbryan/libnipper-0.12.6/device/dns/dns.h + /home/dbryan/libnipper-0.12.6/device/errortext.h + /home/dbryan/libnipper-0.12.6/device/filter/filter.h + /home/dbryan/libnipper-0.12.6/device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/general/general.h + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/report/report-start.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/report/../device/general/general.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-start.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-section-appendix.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-section-appendix.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-section-config.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-section-config.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-section-compliance.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-section-compliance.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-section-security.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-section-security.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-list.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-list.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-introduction.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-introduction.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-frontpage.o + /home/dbryan/libnipper-0.12.6/report/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-frontpage.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-functions.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-functions.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-contents.o + /home/dbryan/libnipper-0.12.6/report/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-contents.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report.o + /home/dbryan/libnipper-0.12.6/report/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/config.o + /home/dbryan/libnipper-0.12.6/config.cpp + /home/dbryan/libnipper-0.12.6/config.h + /home/dbryan/libnipper-0.12.6/globaldefs.h +CMakeFiles/nipper.dir/libnipper.o + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.h + /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/iosdevice.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h + /home/dbryan/libnipper-0.12.6/Nokia-IP/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/config.h + /home/dbryan/libnipper-0.12.6/globaldefs.h + /home/dbryan/libnipper-0.12.6/libnipper.cpp + /home/dbryan/libnipper-0.12.6/libnipper.h + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.h +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/banner/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.h +CMakeFiles/nipper.dir/CheckPoint/device.o + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/errortext.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/general/general.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h + /home/dbryan/libnipper-0.12.6/CheckPoint/device.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/filter.h + /home/dbryan/libnipper-0.12.6/CheckPoint/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.h +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.h +CMakeFiles/nipper.dir/Cisco-CSS/general.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h +CMakeFiles/nipper.dir/Cisco-CSS/banner.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/banner/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp-report.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.h +CMakeFiles/nipper.dir/Cisco-CSS/dns.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.h +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h + /home/dbryan/libnipper-0.12.6/CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/filter-objects.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint/filter.h +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h + /home/dbryan/libnipper-0.12.6/CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/filter-rules.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint/filter.h +CMakeFiles/nipper.dir/CheckPoint/filter-services.o + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h + /home/dbryan/libnipper-0.12.6/CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/filter-services.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint/filter.h +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o + /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.h +CMakeFiles/nipper.dir/CheckPoint-Management/device.o + /home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.h +CMakeFiles/nipper.dir/Nokia-IP/device.o + /home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/Nokia-IP/device.cpp + /home/dbryan/libnipper-0.12.6/Nokia-IP/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/banner/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.cpp + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/general.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.h +CMakeFiles/nipper.dir/Nortel-Passport/general.o + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/general.cpp + /home/dbryan/libnipper-0.12.6/Nortel-Passport/general.h +CMakeFiles/nipper.dir/Nortel-Passport/administration.o + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.cpp + /home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +CMakeFiles/nipper.dir/Nortel-Passport/banner.o + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/banner/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.cpp + /home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/general.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.cpp + /home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.h +CMakeFiles/nipper.dir/Nortel-Passport/filter.o + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.cpp + /home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.h +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.cpp + /home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.h +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o + /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp + /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.h +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o + /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.cpp + /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/general.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.h +CMakeFiles/nipper.dir/HP-ProCurve/general.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/general.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/general.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h +CMakeFiles/nipper.dir/HP-ProCurve/banner.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/banner/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +CMakeFiles/nipper.dir/HP-ProCurve/administration.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/general.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/general.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp-report.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.h +CMakeFiles/nipper.dir/HP-ProCurve/dns.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.h +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/errortext.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.cpp + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.cpp + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/../device/device.h + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../globaldefs.h + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/depend.make.mark.svn-base b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/depend.make.mark.svn-base new file mode 100644 index 0000000..5675640 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/depend.make.mark.svn-base @@ -0,0 +1 @@ +Dependencies updated> diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/depend.make.svn-base b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/depend.make.svn-base new file mode 100644 index 0000000..b4100e4 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/depend.make.svn-base @@ -0,0 +1,1664 @@ +# CMAKE generated file: DO NOT EDIT! +# Generated by "Unix Makefiles" Generator, CMake Version 2.4 + +CMakeFiles/nipper.dir/device/snmp/snmp-user.o: device/snmp/../../config.h +CMakeFiles/nipper.dir/device/snmp/snmp-user.o: device/snmp/../../globaldefs.h +CMakeFiles/nipper.dir/device/snmp/snmp-user.o: device/snmp/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/snmp/snmp-user.o: device/snmp/../device.h +CMakeFiles/nipper.dir/device/snmp/snmp-user.o: device/snmp/snmp-user.cpp +CMakeFiles/nipper.dir/device/snmp/snmp-user.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o: device/interfaces/../../config.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o: device/interfaces/../../globaldefs.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o: device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o: device/interfaces/../device.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o: device/interfaces/interfaces-report.cpp +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o: device/interfaces/interfaces.h + +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/../device/filter/filter.h +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/filter.cpp +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/filter.h +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/../device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/../device/dns/dns.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/dns.cpp +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/dns.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/general.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/../device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/general.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/interfaces.cpp +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/interfaces.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/general.cpp +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/general.h + +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/administration.cpp +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/administration.h +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/device.h + +CMakeFiles/nipper.dir/device/snmp/snmp.o: device/snmp/../../config.h +CMakeFiles/nipper.dir/device/snmp/snmp.o: device/snmp/../../globaldefs.h +CMakeFiles/nipper.dir/device/snmp/snmp.o: device/snmp/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/snmp/snmp.o: device/snmp/../device.h +CMakeFiles/nipper.dir/device/snmp/snmp.o: device/snmp/snmp.cpp +CMakeFiles/nipper.dir/device/snmp/snmp.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/CheckPoint/device-policies.o: CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint/device-policies.o: CheckPoint/../device/common/configline.h +CMakeFiles/nipper.dir/CheckPoint/device-policies.o: CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint/device-policies.o: CheckPoint/../globaldefs.h +CMakeFiles/nipper.dir/CheckPoint/device-policies.o: CheckPoint/device-policies.cpp +CMakeFiles/nipper.dir/CheckPoint/device-policies.o: CheckPoint/device.h + +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/../device/general/general.h +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/../globaldefs.h +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/general.cpp +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/general.h + +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/banner/banner.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/dns/dns.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/filter/filter.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/authentication.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/banner.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/dns.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/filter.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/general.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/interfaces.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/iosdevice.cpp +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/snmp.h + +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: device/interfaces/../../config.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: device/interfaces/../../globaldefs.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: device/interfaces/../administration/administration.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: device/interfaces/../device.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: device/interfaces/interfaces-security.cpp +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: device/interfaces/interfaces.h + +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/general.cpp +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/general.h +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/administration-report.cpp +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/administration-line.cpp +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/../device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/authentication.cpp +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/authentication.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/device.h + +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/../device/banner/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/../device/banner/banner.h +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/banner.cpp +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/banner.h +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/device.h + +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/../device/filter/filter.h +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/filter.cpp +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/filter.h + +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/snmp.cpp +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/snmp.h + +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/../device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/../device/dns/dns.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/dns.cpp +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/dns.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/general.h + +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: Cisco-IOS-Catalyst/../Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: Cisco-IOS-Catalyst/../Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: Cisco-IOS-Catalyst/../Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: Cisco-IOS-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: Cisco-IOS-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: Cisco-IOS-Catalyst/device.cpp +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: Cisco-IOS-Catalyst/device.h + +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: Cisco-IOS-Router/../Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: Cisco-IOS-Router/../Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: Cisco-IOS-Router/../Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: Cisco-IOS-Router/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: Cisco-IOS-Router/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: Cisco-IOS-Router/device.cpp +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: Cisco-IOS-Router/device.h + +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/banner/banner.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/dns/dns.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/filter/filter.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/administration.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/authentication.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/banner.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/device.cpp +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/dns.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/filter.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/interfaces.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/snmp.h + +CMakeFiles/nipper.dir/device/snmp/snmp-group.o: device/snmp/../../config.h +CMakeFiles/nipper.dir/device/snmp/snmp-group.o: device/snmp/../../globaldefs.h +CMakeFiles/nipper.dir/device/snmp/snmp-group.o: device/snmp/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/snmp/snmp-group.o: device/snmp/../device.h +CMakeFiles/nipper.dir/device/snmp/snmp-group.o: device/snmp/snmp-group.cpp +CMakeFiles/nipper.dir/device/snmp/snmp-group.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/device/snmp/snmp-host.o: device/snmp/../../config.h +CMakeFiles/nipper.dir/device/snmp/snmp-host.o: device/snmp/../../globaldefs.h +CMakeFiles/nipper.dir/device/snmp/snmp-host.o: device/snmp/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/snmp/snmp-host.o: device/snmp/../device.h +CMakeFiles/nipper.dir/device/snmp/snmp-host.o: device/snmp/snmp-host.cpp +CMakeFiles/nipper.dir/device/snmp/snmp-host.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/administration-security.cpp +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/device/snmp/snmp-community.o: device/snmp/../../config.h +CMakeFiles/nipper.dir/device/snmp/snmp-community.o: device/snmp/../../globaldefs.h +CMakeFiles/nipper.dir/device/snmp/snmp-community.o: device/snmp/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/snmp/snmp-community.o: device/snmp/../device.h +CMakeFiles/nipper.dir/device/snmp/snmp-community.o: device/snmp/snmp-community.cpp +CMakeFiles/nipper.dir/device/snmp/snmp-community.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/administration.cpp +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/authentication.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/general.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/device/interfaces/interfaces.o: device/interfaces/../../config.h +CMakeFiles/nipper.dir/device/interfaces/interfaces.o: device/interfaces/../../globaldefs.h +CMakeFiles/nipper.dir/device/interfaces/interfaces.o: device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/interfaces/interfaces.o: device/interfaces/../device.h +CMakeFiles/nipper.dir/device/interfaces/interfaces.o: device/interfaces/interfaces.cpp +CMakeFiles/nipper.dir/device/interfaces/interfaces.o: device/interfaces/interfaces.h + +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o: device/snmp/../../config.h +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o: device/snmp/../../globaldefs.h +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o: device/snmp/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o: device/snmp/../device.h +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o: device/snmp/snmp-misc-issues.cpp +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/general.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/snmp.cpp +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/snmp.h + +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/general.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/snmp-report.cpp +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/snmp.h + +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/../device/common/configline.h +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/../device/filter/filter.h +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/../globaldefs.h +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/filter.cpp +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/filter.h + +CMakeFiles/nipper.dir/device/filter/filter-security-report.o: device/filter/../../config.h +CMakeFiles/nipper.dir/device/filter/filter-security-report.o: device/filter/../../globaldefs.h +CMakeFiles/nipper.dir/device/filter/filter-security-report.o: device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/filter/filter-security-report.o: device/filter/../device.h +CMakeFiles/nipper.dir/device/filter/filter-security-report.o: device/filter/filter-security-report.cpp +CMakeFiles/nipper.dir/device/filter/filter-security-report.o: device/filter/filter.h + +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o: device/interfaces/../../config.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o: device/interfaces/../../globaldefs.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o: device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o: device/interfaces/../device.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o: device/interfaces/interfaces-interface.cpp +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o: device/interfaces/interfaces.h + +CMakeFiles/nipper.dir/device/snmp/snmp-view.o: device/snmp/../../config.h +CMakeFiles/nipper.dir/device/snmp/snmp-view.o: device/snmp/../../globaldefs.h +CMakeFiles/nipper.dir/device/snmp/snmp-view.o: device/snmp/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/snmp/snmp-view.o: device/snmp/../device.h +CMakeFiles/nipper.dir/device/snmp/snmp-view.o: device/snmp/snmp-view.cpp +CMakeFiles/nipper.dir/device/snmp/snmp-view.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/../device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/authentication.cpp +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/authentication.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/../device/banner/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/../device/banner/banner.h +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/banner.cpp +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/banner.h +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o: device/snmp/../../config.h +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o: device/snmp/../../globaldefs.h +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o: device/snmp/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o: device/snmp/../device.h +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o: device/snmp/snmp-traps.cpp +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/device/filter/filter-security.o: device/filter/../../config.h +CMakeFiles/nipper.dir/device/filter/filter-security.o: device/filter/../../globaldefs.h +CMakeFiles/nipper.dir/device/filter/filter-security.o: device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/filter/filter-security.o: device/filter/../device.h +CMakeFiles/nipper.dir/device/filter/filter-security.o: device/filter/filter-security.cpp +CMakeFiles/nipper.dir/device/filter/filter-security.o: device/filter/filter.h + +CMakeFiles/nipper.dir/device/filter/filter-object-report.o: device/filter/../../config.h +CMakeFiles/nipper.dir/device/filter/filter-object-report.o: device/filter/../../globaldefs.h +CMakeFiles/nipper.dir/device/filter/filter-object-report.o: device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/filter/filter-object-report.o: device/filter/../device.h +CMakeFiles/nipper.dir/device/filter/filter-object-report.o: device/filter/filter-object-report.cpp +CMakeFiles/nipper.dir/device/filter/filter-object-report.o: device/filter/filter.h + +CMakeFiles/nipper.dir/device/filter/filter-object.o: device/filter/../../config.h +CMakeFiles/nipper.dir/device/filter/filter-object.o: device/filter/../../globaldefs.h +CMakeFiles/nipper.dir/device/filter/filter-object.o: device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/filter/filter-object.o: device/filter/../device.h +CMakeFiles/nipper.dir/device/filter/filter-object.o: device/filter/filter-object.cpp +CMakeFiles/nipper.dir/device/filter/filter-object.o: device/filter/filter.h + +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o: device/filter/../../config.h +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o: device/filter/../../globaldefs.h +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o: device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o: device/filter/../device.h +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o: device/filter/filter-filter-report.cpp +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o: device/filter/filter.h + +CMakeFiles/nipper.dir/device/filter/filter-filter.o: device/filter/../../config.h +CMakeFiles/nipper.dir/device/filter/filter-filter.o: device/filter/../../globaldefs.h +CMakeFiles/nipper.dir/device/filter/filter-filter.o: device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/filter/filter-filter.o: device/filter/../device.h +CMakeFiles/nipper.dir/device/filter/filter-filter.o: device/filter/filter-filter.cpp +CMakeFiles/nipper.dir/device/filter/filter-filter.o: device/filter/filter.h + +CMakeFiles/nipper.dir/device/authentication/authentication-users.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication-users.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication-users.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication-users.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication-users.o: device/authentication/authentication-users.cpp +CMakeFiles/nipper.dir/device/authentication/authentication-users.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/filter/filter.o: device/filter/../../config.h +CMakeFiles/nipper.dir/device/filter/filter.o: device/filter/../../globaldefs.h +CMakeFiles/nipper.dir/device/filter/filter.o: device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/filter/filter.o: device/filter/../device.h +CMakeFiles/nipper.dir/device/filter/filter.o: device/filter/filter.cpp +CMakeFiles/nipper.dir/device/filter/filter.o: device/filter/filter.h + +CMakeFiles/nipper.dir/device/banner/banner-report.o: device/banner/../../config.h +CMakeFiles/nipper.dir/device/banner/banner-report.o: device/banner/../../globaldefs.h +CMakeFiles/nipper.dir/device/banner/banner-report.o: device/banner/../device.h +CMakeFiles/nipper.dir/device/banner/banner-report.o: device/banner/../general/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/banner/banner-report.o: device/banner/../general/general.h +CMakeFiles/nipper.dir/device/banner/banner-report.o: device/banner/banner-report.cpp +CMakeFiles/nipper.dir/device/banner/banner-report.o: device/banner/banner.h + +CMakeFiles/nipper.dir/device/banner/banner.o: device/banner/../../config.h +CMakeFiles/nipper.dir/device/banner/banner.o: device/banner/../../globaldefs.h +CMakeFiles/nipper.dir/device/banner/banner.o: device/banner/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/banner/banner.o: device/banner/../device.h +CMakeFiles/nipper.dir/device/banner/banner.o: device/banner/banner.cpp +CMakeFiles/nipper.dir/device/banner/banner.o: device/banner/banner.h + +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o: device/authentication/authentication-tacacs.cpp +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o: device/authentication/authentication-securid.cpp +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o: device/authentication/authentication-radius.cpp +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o: device/authentication/authentication-nt.cpp +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o: device/authentication/authentication-ldap.cpp +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/authentication/authentication-general.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication-general.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication-general.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication-general.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication-general.o: device/authentication/authentication-general.cpp +CMakeFiles/nipper.dir/device/authentication/authentication-general.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o: device/authentication/authentication-kerberos.cpp +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/authentication/authentication.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication.o: device/authentication/authentication.cpp +CMakeFiles/nipper.dir/device/authentication/authentication.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/dns/dns-report.o: device/dns/../../config.h +CMakeFiles/nipper.dir/device/dns/dns-report.o: device/dns/../../globaldefs.h +CMakeFiles/nipper.dir/device/dns/dns-report.o: device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/dns/dns-report.o: device/dns/../device.h +CMakeFiles/nipper.dir/device/dns/dns-report.o: device/dns/dns-report.cpp +CMakeFiles/nipper.dir/device/dns/dns-report.o: device/dns/dns.h + +CMakeFiles/nipper.dir/device/dns/dns.o: device/dns/../../config.h +CMakeFiles/nipper.dir/device/dns/dns.o: device/dns/../../globaldefs.h +CMakeFiles/nipper.dir/device/dns/dns.o: device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/dns/dns.o: device/dns/../device.h +CMakeFiles/nipper.dir/device/dns/dns.o: device/dns/dns.cpp +CMakeFiles/nipper.dir/device/dns/dns.o: device/dns/dns.h + +CMakeFiles/nipper.dir/device/administration/administration-ssh.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-ssh.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-ssh.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-ssh.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-ssh.o: device/administration/administration-ssh.cpp +CMakeFiles/nipper.dir/device/administration/administration-ssh.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-timeout.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-timeout.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-timeout.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-timeout.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-timeout.o: device/administration/administration-timeout.cpp +CMakeFiles/nipper.dir/device/administration/administration-timeout.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-tftp.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-tftp.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-tftp.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-tftp.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-tftp.o: device/administration/administration-tftp.cpp +CMakeFiles/nipper.dir/device/administration/administration-tftp.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-telnet.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-telnet.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-telnet.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-telnet.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-telnet.o: device/administration/administration-telnet.cpp +CMakeFiles/nipper.dir/device/administration/administration-telnet.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-ftp.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-ftp.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-ftp.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-ftp.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-ftp.o: device/administration/administration-ftp.cpp +CMakeFiles/nipper.dir/device/administration/administration-ftp.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-finger.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-finger.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-finger.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-finger.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-finger.o: device/administration/administration-finger.cpp +CMakeFiles/nipper.dir/device/administration/administration-finger.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-http.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-http.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-http.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-http.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-http.o: device/administration/administration-http.cpp +CMakeFiles/nipper.dir/device/administration/administration-http.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-hosts.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-hosts.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-hosts.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-hosts.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-hosts.o: device/administration/administration-hosts.cpp +CMakeFiles/nipper.dir/device/administration/administration-hosts.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-general.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-general.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-general.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-general.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-general.o: device/administration/administration-general.cpp +CMakeFiles/nipper.dir/device/administration/administration-general.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-bootp.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-bootp.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-bootp.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-bootp.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-bootp.o: device/administration/administration-bootp.cpp +CMakeFiles/nipper.dir/device/administration/administration-bootp.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o: device/reportgen/../../config.h +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o: device/reportgen/../../globaldefs.h +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o: device/reportgen/../device.h +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o: device/reportgen/report-logginglevels.cpp + +CMakeFiles/nipper.dir/device/administration/administration.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration.o: device/administration/../interfaces/interfaces.h +CMakeFiles/nipper.dir/device/administration/administration.o: device/administration/administration.cpp +CMakeFiles/nipper.dir/device/administration/administration.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/general/general.o: device/general/../../config.h +CMakeFiles/nipper.dir/device/general/general.o: device/general/../../globaldefs.h +CMakeFiles/nipper.dir/device/general/general.o: device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/general/general.o: device/general/../device.h +CMakeFiles/nipper.dir/device/general/general.o: device/general/general.cpp +CMakeFiles/nipper.dir/device/general/general.o: device/general/general.h + +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o: device/reportgen/../../config.h +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o: device/reportgen/../../globaldefs.h +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o: device/reportgen/../device.h +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o: device/reportgen/report-protocols.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o: device/reportgen/../../config.h +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o: device/reportgen/../../globaldefs.h +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o: device/reportgen/../device.h +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o: device/reportgen/report-numbering.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o: device/crypto/../../config.h +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o: device/crypto/../../globaldefs.h +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o: device/crypto/../device.h +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o: device/crypto/crypto-base64.cpp + +CMakeFiles/nipper.dir/device/common/tables.o: device/common/../../config.h +CMakeFiles/nipper.dir/device/common/tables.o: device/common/../../globaldefs.h +CMakeFiles/nipper.dir/device/common/tables.o: device/common/../device.h +CMakeFiles/nipper.dir/device/common/tables.o: device/common/tables.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-misc.o: device/reportgen/../../config.h +CMakeFiles/nipper.dir/device/reportgen/report-misc.o: device/reportgen/../../globaldefs.h +CMakeFiles/nipper.dir/device/reportgen/report-misc.o: device/reportgen/../device.h +CMakeFiles/nipper.dir/device/reportgen/report-misc.o: device/reportgen/report-misc.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o: device/reportgen/../../config.h +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o: device/reportgen/../../globaldefs.h +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o: device/reportgen/../device.h +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o: device/reportgen/report-icmp.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o: device/reportgen/../../config.h +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o: device/reportgen/../../globaldefs.h +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o: device/reportgen/../device.h +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o: device/reportgen/report-abbreviations.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o: device/reportgen/../../config.h +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o: device/reportgen/../../globaldefs.h +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o: device/reportgen/../device.h +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o: device/reportgen/report-commonports.cpp + +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../../config.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../../globaldefs.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../administration/administration.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../authentication/authentication.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../banner/banner.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../device.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../dns/dns.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../filter/filter.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../general/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../general/general.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../interfaces/interfaces.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../snmp/snmp.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/report.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-url.o: device/crypto/../../config.h +CMakeFiles/nipper.dir/device/crypto/crypto-url.o: device/crypto/../../globaldefs.h +CMakeFiles/nipper.dir/device/crypto/crypto-url.o: device/crypto/../device.h +CMakeFiles/nipper.dir/device/crypto/crypto-url.o: device/crypto/crypto-url.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o: device/crypto/../../config.h +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o: device/crypto/../../globaldefs.h +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o: device/crypto/../device.h +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o: device/crypto/crypto-ciscotype7.cpp + +CMakeFiles/nipper.dir/report/report-titles.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-titles.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-titles.o: report/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/report/report-titles.o: report/../device/general/general.h +CMakeFiles/nipper.dir/report/report-titles.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-titles.o: report/report-titles.cpp +CMakeFiles/nipper.dir/report/report-titles.o: report/report.h + +CMakeFiles/nipper.dir/report/report-text.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-text.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-text.o: report/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/report/report-text.o: report/../device/general/general.h +CMakeFiles/nipper.dir/report/report-text.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-text.o: report/report-text.cpp +CMakeFiles/nipper.dir/report/report-text.o: report/report.h + +CMakeFiles/nipper.dir/report/report-table.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-table.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-table.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-table.o: report/report-table.cpp +CMakeFiles/nipper.dir/report/report-table.o: report/report.h + +CMakeFiles/nipper.dir/device/common/passwords.o: device/common/../../config.h +CMakeFiles/nipper.dir/device/common/passwords.o: device/common/../../globaldefs.h +CMakeFiles/nipper.dir/device/common/passwords.o: device/common/../device.h +CMakeFiles/nipper.dir/device/common/passwords.o: device/common/../general/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/common/passwords.o: device/common/../general/general.h +CMakeFiles/nipper.dir/device/common/passwords.o: device/common/passwords.cpp + +CMakeFiles/nipper.dir/device/common/paragraph.o: device/common/../../config.h +CMakeFiles/nipper.dir/device/common/paragraph.o: device/common/../../globaldefs.h +CMakeFiles/nipper.dir/device/common/paragraph.o: device/common/../device.h +CMakeFiles/nipper.dir/device/common/paragraph.o: device/common/paragraph.cpp + +CMakeFiles/nipper.dir/device/common/misc.o: device/common/../../config.h +CMakeFiles/nipper.dir/device/common/misc.o: device/common/../../globaldefs.h +CMakeFiles/nipper.dir/device/common/misc.o: device/common/../device.h +CMakeFiles/nipper.dir/device/common/misc.o: device/common/misc.cpp + +CMakeFiles/nipper.dir/device/common/file.o: device/common/../../config.h +CMakeFiles/nipper.dir/device/common/file.o: device/common/../../globaldefs.h +CMakeFiles/nipper.dir/device/common/file.o: device/common/../device.h +CMakeFiles/nipper.dir/device/common/file.o: device/common/../errortext.h +CMakeFiles/nipper.dir/device/common/file.o: device/common/file.cpp + +CMakeFiles/nipper.dir/device/common/deviceconfig.o: device/common/../../config.h +CMakeFiles/nipper.dir/device/common/deviceconfig.o: device/common/../../globaldefs.h +CMakeFiles/nipper.dir/device/common/deviceconfig.o: device/common/../device.h +CMakeFiles/nipper.dir/device/common/deviceconfig.o: device/common/configline.h +CMakeFiles/nipper.dir/device/common/deviceconfig.o: device/common/deviceconfig.cpp +CMakeFiles/nipper.dir/device/common/deviceconfig.o: device/common/deviceconfig.h + +CMakeFiles/nipper.dir/device/common/configline.o: device/common/../../globaldefs.h +CMakeFiles/nipper.dir/device/common/configline.o: device/common/configline.cpp +CMakeFiles/nipper.dir/device/common/configline.o: device/common/configline.h + +CMakeFiles/nipper.dir/device/device.o: device/../config.h +CMakeFiles/nipper.dir/device/device.o: device/../globaldefs.h +CMakeFiles/nipper.dir/device/device.o: device/administration/administration.h +CMakeFiles/nipper.dir/device/device.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/device.o: device/authentication/authentication.h +CMakeFiles/nipper.dir/device/device.o: device/banner/banner.h +CMakeFiles/nipper.dir/device/device.o: device/device.cpp +CMakeFiles/nipper.dir/device/device.o: device/device.h +CMakeFiles/nipper.dir/device/device.o: device/dns/dns.h +CMakeFiles/nipper.dir/device/device.o: device/errortext.h +CMakeFiles/nipper.dir/device/device.o: device/filter/filter.h +CMakeFiles/nipper.dir/device/device.o: device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/device.o: device/general/general.h +CMakeFiles/nipper.dir/device/device.o: device/interfaces/interfaces.h +CMakeFiles/nipper.dir/device/device.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/report/report-start.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-start.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-start.o: report/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/report/report-start.o: report/../device/general/general.h +CMakeFiles/nipper.dir/report/report-start.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-start.o: report/report-start.cpp +CMakeFiles/nipper.dir/report/report-start.o: report/report.h + +CMakeFiles/nipper.dir/report/report-section-appendix.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-section-appendix.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-section-appendix.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-section-appendix.o: report/report-section-appendix.cpp +CMakeFiles/nipper.dir/report/report-section-appendix.o: report/report.h + +CMakeFiles/nipper.dir/report/report-section-config.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-section-config.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-section-config.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-section-config.o: report/report-section-config.cpp +CMakeFiles/nipper.dir/report/report-section-config.o: report/report.h + +CMakeFiles/nipper.dir/report/report-section-compliance.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-section-compliance.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-section-compliance.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-section-compliance.o: report/report-section-compliance.cpp +CMakeFiles/nipper.dir/report/report-section-compliance.o: report/report.h + +CMakeFiles/nipper.dir/report/report-section-security.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-section-security.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-section-security.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-section-security.o: report/report-section-security.cpp +CMakeFiles/nipper.dir/report/report-section-security.o: report/report.h + +CMakeFiles/nipper.dir/report/report-list.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-list.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-list.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-list.o: report/report-list.cpp +CMakeFiles/nipper.dir/report/report-list.o: report/report.h + +CMakeFiles/nipper.dir/report/report-introduction.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-introduction.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-introduction.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-introduction.o: report/report-introduction.cpp +CMakeFiles/nipper.dir/report/report-introduction.o: report/report.h + +CMakeFiles/nipper.dir/report/report-frontpage.o: report/../config.h +CMakeFiles/nipper.dir/report/report-frontpage.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-frontpage.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-frontpage.o: report/report-frontpage.cpp +CMakeFiles/nipper.dir/report/report-frontpage.o: report/report.h + +CMakeFiles/nipper.dir/report/report-functions.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-functions.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-functions.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-functions.o: report/report-functions.cpp +CMakeFiles/nipper.dir/report/report-functions.o: report/report.h + +CMakeFiles/nipper.dir/report/report-contents.o: report/../config.h +CMakeFiles/nipper.dir/report/report-contents.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-contents.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-contents.o: report/report-contents.cpp +CMakeFiles/nipper.dir/report/report-contents.o: report/report.h + +CMakeFiles/nipper.dir/report/report.o: report/../config.h +CMakeFiles/nipper.dir/report/report.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report.o: report/report.cpp +CMakeFiles/nipper.dir/report/report.o: report/report.h + +CMakeFiles/nipper.dir/config.o: config.cpp +CMakeFiles/nipper.dir/config.o: config.h +CMakeFiles/nipper.dir/config.o: globaldefs.h + +CMakeFiles/nipper.dir/libnipper.o: 3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/libnipper.o: 3Com-SuperStack3-Firewall/device.h +CMakeFiles/nipper.dir/libnipper.o: BayNetworks-Accelar/device.h +CMakeFiles/nipper.dir/libnipper.o: CheckPoint-Firewall/../CheckPoint/device.h +CMakeFiles/nipper.dir/libnipper.o: CheckPoint-Firewall/device.h +CMakeFiles/nipper.dir/libnipper.o: CheckPoint-Management/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-Catalyst-CatOS/../Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-Catalyst-CatOS/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-Catalyst-NMP/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-IOS-Catalyst/../Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-IOS-Catalyst/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-IOS-Router/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-Security-ASA/../Cisco-Security/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-Security-ASA/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-Security-FWSM/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-Security-PIX/device.h +CMakeFiles/nipper.dir/libnipper.o: HP-ProCurve/device.h +CMakeFiles/nipper.dir/libnipper.o: Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/libnipper.o: Nokia-IP/device.h +CMakeFiles/nipper.dir/libnipper.o: Nortel-Passport/device.h +CMakeFiles/nipper.dir/libnipper.o: Nortel-RoutingSwitch/../Nortel-Passport/device.h +CMakeFiles/nipper.dir/libnipper.o: Nortel-RoutingSwitch/device.h +CMakeFiles/nipper.dir/libnipper.o: SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/libnipper.o: config.h +CMakeFiles/nipper.dir/libnipper.o: globaldefs.h +CMakeFiles/nipper.dir/libnipper.o: libnipper.cpp +CMakeFiles/nipper.dir/libnipper.o: libnipper.h +CMakeFiles/nipper.dir/libnipper.o: report/../device/../config.h +CMakeFiles/nipper.dir/libnipper.o: report/../device/device.h +CMakeFiles/nipper.dir/libnipper.o: report/report.h + +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/../device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/authentication.cpp +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/authentication.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/device.h + +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/../device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/interfaces.cpp +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/interfaces.h + +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/banner/banner.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/dns/dns.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/administration.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/authentication.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/banner.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/device.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/dns.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/interfaces.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/snmp.h + +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/general.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/general.h + +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/administration.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/administration.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/general.h + +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/../device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/authentication.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/authentication.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/device.h + +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/../device/banner/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/../device/banner/banner.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/banner.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/banner.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/general.h + +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/../device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/../device/dns/dns.h +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/dns.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/dns.h + +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/snmp.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/snmp.h + +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/../device/common/configline.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/../device/errortext.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/../device/filter/filter.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/../device/general/general.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/../globaldefs.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/device.cpp +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/filter.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/general.h + +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/../device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/interfaces.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/interfaces.h + +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: Cisco-Catalyst-CatOS/../Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: Cisco-Catalyst-CatOS/../Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: Cisco-Catalyst-CatOS/../Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: Cisco-Catalyst-CatOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: Cisco-Catalyst-CatOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: Cisco-Catalyst-CatOS/device.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: Cisco-Catalyst-CatOS/device.h + +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: Cisco-Catalyst-NMP/../Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: Cisco-Catalyst-NMP/../Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: Cisco-Catalyst-NMP/../Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: Cisco-Catalyst-NMP/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: Cisco-Catalyst-NMP/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: Cisco-Catalyst-NMP/device.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: Cisco-Catalyst-NMP/device.h + +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../Cisco-Security/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../Cisco-Security/administration.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/administration.cpp +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/administration.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/device.h + +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/banner/banner.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/dns/dns.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/filter/filter.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/administration.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/authentication.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/banner.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/device.cpp +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/dns.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/filter.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/general.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/interfaces.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/snmp.h + +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/general.cpp +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/general.h + +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/administration.cpp +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/administration.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/general.h + +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/../device/banner/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/../device/banner/banner.h +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/banner.cpp +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/banner.h +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/device.h + +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/general.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/snmp.cpp +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/snmp.h + +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/general.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/snmp-report.cpp +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/snmp.h + +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/../device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/../device/dns/dns.h +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/dns.cpp +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/dns.h + +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/../device/filter/filter.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/filter.cpp +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/filter.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/interfaces.h + +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/../device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/interfaces.cpp +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/interfaces.h + +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../Cisco-Security/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../Cisco-Security/administration.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/administration.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/device.cpp +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/device.h + +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../Cisco-Security/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../Cisco-Security/administration.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/administration.cpp +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/administration.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/device.h + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../Cisco-Security/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../Cisco-Security/administration.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/administration.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/device.cpp +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/device.h + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../Cisco-Security/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../Cisco-Security/administration.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/administration.cpp +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/administration.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/device.h + +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../Cisco-Security/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../Cisco-Security/administration.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/administration.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/device.cpp +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/device.h + +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/../device/common/configline.h +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/../device/filter/filter.h +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/../globaldefs.h +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/filter-objects.cpp +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/filter.h + +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/../device/common/configline.h +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/../device/filter/filter.h +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/../globaldefs.h +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/filter-rules.cpp +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/filter.h + +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/../device/common/configline.h +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/../device/filter/filter.h +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/../globaldefs.h +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/filter-services.cpp +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/filter.h + +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o: CheckPoint-Firewall/../CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o: CheckPoint-Firewall/../CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o: CheckPoint-Firewall/../CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o: CheckPoint-Firewall/device.cpp +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o: CheckPoint-Firewall/device.h + +CMakeFiles/nipper.dir/CheckPoint-Management/device.o: CheckPoint-Management/../CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint-Management/device.o: CheckPoint-Management/../CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint-Management/device.o: CheckPoint-Management/../CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint-Management/device.o: CheckPoint-Management/device.cpp +CMakeFiles/nipper.dir/CheckPoint-Management/device.o: CheckPoint-Management/device.h + +CMakeFiles/nipper.dir/Nokia-IP/device.o: Nokia-IP/../CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/Nokia-IP/device.o: Nokia-IP/../CheckPoint/../device/device.h +CMakeFiles/nipper.dir/Nokia-IP/device.o: Nokia-IP/../CheckPoint/device.h +CMakeFiles/nipper.dir/Nokia-IP/device.o: Nokia-IP/device.cpp +CMakeFiles/nipper.dir/Nokia-IP/device.o: Nokia-IP/device.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/authentication/../device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/banner/banner.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/dns/dns.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/filter/filter.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/general/general.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/administration.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/authentication.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/banner.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/device.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/dns.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/filter.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/general.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/interfaces.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/snmp.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/../device/general/general.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/general.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/general.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/../device/general/general.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/administration.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/administration.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/general.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/../device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/../device/authentication/../device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/authentication.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/authentication.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/device.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/administration-report.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/administration.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/device.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/../device/banner/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/../device/banner/banner.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/banner.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/banner.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/device.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/../device/general/general.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/administration.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/general.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/snmp.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/snmp.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/../device/filter/filter.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/filter.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/filter.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/../device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/../device/dns/dns.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/dns.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/dns.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/../device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/interfaces.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/interfaces.h + +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/administration/administration.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/banner/banner.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/common/configline.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/filter/filter.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/general/general.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../globaldefs.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/administration.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/banner.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/device.cpp +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/device.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/filter.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/general.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/interfaces.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/snmp.h + +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/../device/common/configline.h +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/../device/general/general.h +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/../globaldefs.h +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/device.h +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/general.cpp +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/general.h + +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/../device/administration/administration.h +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/../device/common/configline.h +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/../globaldefs.h +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/administration.cpp +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/administration.h +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/device.h + +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/../device/banner/../common/deviceconfig.h +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/../device/banner/banner.h +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/../device/common/configline.h +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/../globaldefs.h +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/banner.cpp +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/banner.h +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/device.h + +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/../device/common/configline.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/../device/general/general.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/../globaldefs.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/device.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/general.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/snmp.cpp +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/snmp.h + +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/../device/common/configline.h +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/../device/filter/filter.h +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/../globaldefs.h +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/device.h +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/filter.cpp +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/filter.h + +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/../device/common/configline.h +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/../device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/../globaldefs.h +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/device.h +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/interfaces.cpp +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/interfaces.h + +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o: Nortel-RoutingSwitch/../Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o: Nortel-RoutingSwitch/../Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o: Nortel-RoutingSwitch/../Nortel-Passport/device.h +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o: Nortel-RoutingSwitch/device.cpp +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o: Nortel-RoutingSwitch/device.h + +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o: BayNetworks-Accelar/../Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o: BayNetworks-Accelar/../Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o: BayNetworks-Accelar/../Nortel-Passport/device.h +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o: BayNetworks-Accelar/device.cpp +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o: BayNetworks-Accelar/device.h + +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/administration/administration.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/authentication/../device.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/authentication/authentication.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/banner/banner.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/common/configline.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/dns/dns.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/general/general.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/snmp/snmp.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/administration.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/authentication.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/banner.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/device.cpp +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/device.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/dns.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/general.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/interfaces.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/snmp.h + +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/../device/common/configline.h +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/../device/general/general.h +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/device.h +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/general.cpp +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/general.h + +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/../device/banner/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/../device/banner/banner.h +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/../device/common/configline.h +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/banner.cpp +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/banner.h +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/device.h + +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/../device/administration/administration.h +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/../device/common/configline.h +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/administration.cpp +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/administration.h +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/device.h + +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/../device/common/configline.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/../device/general/general.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/../device/snmp/snmp.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/device.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/general.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/snmp.cpp +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/snmp.h + +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/../device/general/general.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/../device/snmp/snmp.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/device.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/general.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/snmp-report.cpp +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/snmp.h + +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/../device/common/configline.h +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/../device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/../device/dns/dns.h +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/device.h +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/dns.cpp +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/dns.h + +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/../device/common/configline.h +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/../device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/device.h +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/interfaces.cpp +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/interfaces.h + +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/../device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/../device/authentication/../device.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/../device/authentication/authentication.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/../device/common/configline.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/authentication.cpp +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/authentication.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/device.h + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/../config.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/administration/administration.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/common/configline.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/dns/dns.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/errortext.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/filter/filter.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/general/general.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../globaldefs.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/administration.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/device.cpp +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/dns.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/filter.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/general.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/snmp.h + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/../device/../config.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/../device/common/configline.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/../device/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/../device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/../device/dns/dns.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/../globaldefs.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/dns.cpp +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/dns.h + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/../device/../config.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/../device/common/configline.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/../device/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/../device/general/general.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/../globaldefs.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/general.cpp +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/general.h + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/../device/../config.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/../device/common/configline.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/../device/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/../device/filter/filter.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/../globaldefs.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/filter.cpp +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/filter.h + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/../device/../config.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/../device/common/configline.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/../device/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/../device/general/general.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/../globaldefs.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/general.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/snmp.cpp +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/snmp.h + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/../device/../config.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/../device/administration/administration.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/../device/common/configline.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/../device/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/../globaldefs.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/administration.cpp +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/administration.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/snmp.h + +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: 3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/../device/../config.h +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: 3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/../device/device.h +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: 3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: 3Com-SuperStack3-Firewall/../device/common/configline.h +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: 3Com-SuperStack3-Firewall/../globaldefs.h +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: 3Com-SuperStack3-Firewall/device.cpp +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: 3Com-SuperStack3-Firewall/device.h + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/../device/../config.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/../device/administration/administration.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/../device/common/configline.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/../device/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/../globaldefs.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/administration-report.cpp +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/administration.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/device.h + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/flags.make.svn-base b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/flags.make.svn-base new file mode 100644 index 0000000..f2265e2 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/flags.make.svn-base @@ -0,0 +1,5 @@ +# CMAKE generated file: DO NOT EDIT! +# Generated by "Unix Makefiles" Generator, CMake Version 2.4 + +CXX_FLAGS = -Dnipper_EXPORTS -fPIC -O2 + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/link.txt.svn-base b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/link.txt.svn-base new file mode 100644 index 0000000..ad9e035 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/link.txt.svn-base @@ -0,0 +1 @@ +/usr/bin/c++ -fPIC -shared -Wl,-soname,libnipper.so -o libnipper.so "CMakeFiles/nipper.dir/libnipper.o" "CMakeFiles/nipper.dir/config.o" "CMakeFiles/nipper.dir/report/report.o" "CMakeFiles/nipper.dir/report/report-contents.o" "CMakeFiles/nipper.dir/report/report-functions.o" "CMakeFiles/nipper.dir/report/report-frontpage.o" "CMakeFiles/nipper.dir/report/report-introduction.o" "CMakeFiles/nipper.dir/report/report-list.o" "CMakeFiles/nipper.dir/report/report-section-security.o" "CMakeFiles/nipper.dir/report/report-section-compliance.o" "CMakeFiles/nipper.dir/report/report-section-config.o" "CMakeFiles/nipper.dir/report/report-section-appendix.o" "CMakeFiles/nipper.dir/report/report-start.o" "CMakeFiles/nipper.dir/report/report-table.o" "CMakeFiles/nipper.dir/report/report-text.o" "CMakeFiles/nipper.dir/report/report-titles.o" "CMakeFiles/nipper.dir/device/device.o" "CMakeFiles/nipper.dir/device/common/configline.o" "CMakeFiles/nipper.dir/device/common/deviceconfig.o" "CMakeFiles/nipper.dir/device/common/file.o" "CMakeFiles/nipper.dir/device/common/misc.o" "CMakeFiles/nipper.dir/device/common/paragraph.o" "CMakeFiles/nipper.dir/device/common/passwords.o" "CMakeFiles/nipper.dir/device/common/tables.o" "CMakeFiles/nipper.dir/device/crypto/crypto-base64.o" "CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o" "CMakeFiles/nipper.dir/device/crypto/crypto-url.o" "CMakeFiles/nipper.dir/device/reportgen/report.o" "CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o" "CMakeFiles/nipper.dir/device/reportgen/report-commonports.o" "CMakeFiles/nipper.dir/device/reportgen/report-icmp.o" "CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o" "CMakeFiles/nipper.dir/device/reportgen/report-misc.o" "CMakeFiles/nipper.dir/device/reportgen/report-numbering.o" "CMakeFiles/nipper.dir/device/reportgen/report-protocols.o" "CMakeFiles/nipper.dir/device/general/general.o" "CMakeFiles/nipper.dir/device/administration/administration.o" "CMakeFiles/nipper.dir/device/administration/administration-bootp.o" "CMakeFiles/nipper.dir/device/administration/administration-finger.o" "CMakeFiles/nipper.dir/device/administration/administration-ftp.o" "CMakeFiles/nipper.dir/device/administration/administration-general.o" "CMakeFiles/nipper.dir/device/administration/administration-hosts.o" "CMakeFiles/nipper.dir/device/administration/administration-http.o" "CMakeFiles/nipper.dir/device/administration/administration-telnet.o" "CMakeFiles/nipper.dir/device/administration/administration-tftp.o" "CMakeFiles/nipper.dir/device/administration/administration-timeout.o" "CMakeFiles/nipper.dir/device/administration/administration-ssh.o" "CMakeFiles/nipper.dir/device/dns/dns.o" "CMakeFiles/nipper.dir/device/dns/dns-report.o" "CMakeFiles/nipper.dir/device/authentication/authentication.o" "CMakeFiles/nipper.dir/device/authentication/authentication-general.o" "CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o" "CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o" "CMakeFiles/nipper.dir/device/authentication/authentication-nt.o" "CMakeFiles/nipper.dir/device/authentication/authentication-radius.o" "CMakeFiles/nipper.dir/device/authentication/authentication-securid.o" "CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o" "CMakeFiles/nipper.dir/device/authentication/authentication-users.o" "CMakeFiles/nipper.dir/device/banner/banner.o" "CMakeFiles/nipper.dir/device/banner/banner-report.o" "CMakeFiles/nipper.dir/device/filter/filter.o" "CMakeFiles/nipper.dir/device/filter/filter-filter.o" "CMakeFiles/nipper.dir/device/filter/filter-filter-report.o" "CMakeFiles/nipper.dir/device/filter/filter-object.o" "CMakeFiles/nipper.dir/device/filter/filter-object-report.o" "CMakeFiles/nipper.dir/device/filter/filter-security.o" "CMakeFiles/nipper.dir/device/filter/filter-security-report.o" "CMakeFiles/nipper.dir/device/interfaces/interfaces.o" "CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o" "CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o" "CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o" "CMakeFiles/nipper.dir/device/snmp/snmp.o" "CMakeFiles/nipper.dir/device/snmp/snmp-community.o" "CMakeFiles/nipper.dir/device/snmp/snmp-group.o" "CMakeFiles/nipper.dir/device/snmp/snmp-host.o" "CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o" "CMakeFiles/nipper.dir/device/snmp/snmp-traps.o" "CMakeFiles/nipper.dir/device/snmp/snmp-user.o" "CMakeFiles/nipper.dir/device/snmp/snmp-view.o" "CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o" "CMakeFiles/nipper.dir/Cisco-IOS/general.o" "CMakeFiles/nipper.dir/Cisco-IOS/administration.o" "CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o" "CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o" "CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o" "CMakeFiles/nipper.dir/Cisco-IOS/authentication.o" "CMakeFiles/nipper.dir/Cisco-IOS/banner.o" "CMakeFiles/nipper.dir/Cisco-IOS/snmp.o" "CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o" "CMakeFiles/nipper.dir/Cisco-IOS/filter.o" "CMakeFiles/nipper.dir/Cisco-IOS/dns.o" "CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o" "CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o" "CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o" "CMakeFiles/nipper.dir/Cisco-Security/device.o" "CMakeFiles/nipper.dir/Cisco-Security/general.o" "CMakeFiles/nipper.dir/Cisco-Security/administration.o" "CMakeFiles/nipper.dir/Cisco-Security/authentication.o" "CMakeFiles/nipper.dir/Cisco-Security/banner.o" "CMakeFiles/nipper.dir/Cisco-Security/filter.o" "CMakeFiles/nipper.dir/Cisco-Security/snmp.o" "CMakeFiles/nipper.dir/Cisco-Security/dns.o" "CMakeFiles/nipper.dir/Cisco-Security/interfaces.o" "CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o" "CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o" "CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o" "CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o" "CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o" "CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o" "CMakeFiles/nipper.dir/Cisco-CSS/device.o" "CMakeFiles/nipper.dir/Cisco-CSS/general.o" "CMakeFiles/nipper.dir/Cisco-CSS/administration.o" "CMakeFiles/nipper.dir/Cisco-CSS/banner.o" "CMakeFiles/nipper.dir/Cisco-CSS/snmp.o" "CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o" "CMakeFiles/nipper.dir/Cisco-CSS/dns.o" "CMakeFiles/nipper.dir/Cisco-CSS/filter.o" "CMakeFiles/nipper.dir/Cisco-CSS/authentication.o" "CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o" "CMakeFiles/nipper.dir/Cisco-Catalyst/device.o" "CMakeFiles/nipper.dir/Cisco-Catalyst/general.o" "CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o" "CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o" "CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o" "CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o" "CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o" "CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o" "CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o" "CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o" "CMakeFiles/nipper.dir/CheckPoint/device.o" "CMakeFiles/nipper.dir/CheckPoint/device-policies.o" "CMakeFiles/nipper.dir/CheckPoint/general.o" "CMakeFiles/nipper.dir/CheckPoint/filter.o" "CMakeFiles/nipper.dir/CheckPoint/filter-objects.o" "CMakeFiles/nipper.dir/CheckPoint/filter-rules.o" "CMakeFiles/nipper.dir/CheckPoint/filter-services.o" "CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o" "CMakeFiles/nipper.dir/CheckPoint-Management/device.o" "CMakeFiles/nipper.dir/Nokia-IP/device.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o" "CMakeFiles/nipper.dir/Nortel-Passport/device.o" "CMakeFiles/nipper.dir/Nortel-Passport/general.o" "CMakeFiles/nipper.dir/Nortel-Passport/administration.o" "CMakeFiles/nipper.dir/Nortel-Passport/banner.o" "CMakeFiles/nipper.dir/Nortel-Passport/snmp.o" "CMakeFiles/nipper.dir/Nortel-Passport/filter.o" "CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o" "CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o" "CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o" "CMakeFiles/nipper.dir/HP-ProCurve/device.o" "CMakeFiles/nipper.dir/HP-ProCurve/general.o" "CMakeFiles/nipper.dir/HP-ProCurve/administration.o" "CMakeFiles/nipper.dir/HP-ProCurve/banner.o" "CMakeFiles/nipper.dir/HP-ProCurve/snmp.o" "CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o" "CMakeFiles/nipper.dir/HP-ProCurve/dns.o" "CMakeFiles/nipper.dir/HP-ProCurve/authentication.o" "CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o" "CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o" "CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o" "CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o" "CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o" "CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o" "CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o" "CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o" "CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o" diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/progress.make.svn-base b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/progress.make.svn-base new file mode 100644 index 0000000..546884a --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/.svn/text-base/progress.make.svn-base @@ -0,0 +1,176 @@ +CMAKE_PROGRESS_1 = +CMAKE_PROGRESS_2 = 1 +CMAKE_PROGRESS_3 = +CMAKE_PROGRESS_4 = 2 +CMAKE_PROGRESS_5 = +CMAKE_PROGRESS_6 = 3 +CMAKE_PROGRESS_7 = 4 +CMAKE_PROGRESS_8 = +CMAKE_PROGRESS_9 = 5 +CMAKE_PROGRESS_10 = +CMAKE_PROGRESS_11 = 6 +CMAKE_PROGRESS_12 = +CMAKE_PROGRESS_13 = 7 +CMAKE_PROGRESS_14 = 8 +CMAKE_PROGRESS_15 = +CMAKE_PROGRESS_16 = 9 +CMAKE_PROGRESS_17 = +CMAKE_PROGRESS_18 = 10 +CMAKE_PROGRESS_19 = +CMAKE_PROGRESS_20 = 11 +CMAKE_PROGRESS_21 = 12 +CMAKE_PROGRESS_22 = +CMAKE_PROGRESS_23 = 13 +CMAKE_PROGRESS_24 = +CMAKE_PROGRESS_25 = 14 +CMAKE_PROGRESS_26 = +CMAKE_PROGRESS_27 = 15 +CMAKE_PROGRESS_28 = 16 +CMAKE_PROGRESS_29 = +CMAKE_PROGRESS_30 = 17 +CMAKE_PROGRESS_31 = +CMAKE_PROGRESS_32 = 18 +CMAKE_PROGRESS_33 = +CMAKE_PROGRESS_34 = 19 +CMAKE_PROGRESS_35 = 20 +CMAKE_PROGRESS_36 = +CMAKE_PROGRESS_37 = 21 +CMAKE_PROGRESS_38 = +CMAKE_PROGRESS_39 = 22 +CMAKE_PROGRESS_40 = +CMAKE_PROGRESS_41 = 23 +CMAKE_PROGRESS_42 = 24 +CMAKE_PROGRESS_43 = +CMAKE_PROGRESS_44 = 25 +CMAKE_PROGRESS_45 = +CMAKE_PROGRESS_46 = 26 +CMAKE_PROGRESS_47 = +CMAKE_PROGRESS_48 = 27 +CMAKE_PROGRESS_49 = 28 +CMAKE_PROGRESS_50 = +CMAKE_PROGRESS_51 = 29 +CMAKE_PROGRESS_52 = +CMAKE_PROGRESS_53 = 30 +CMAKE_PROGRESS_54 = +CMAKE_PROGRESS_55 = 31 +CMAKE_PROGRESS_56 = 32 +CMAKE_PROGRESS_57 = +CMAKE_PROGRESS_58 = 33 +CMAKE_PROGRESS_59 = +CMAKE_PROGRESS_60 = 34 +CMAKE_PROGRESS_61 = +CMAKE_PROGRESS_62 = 35 +CMAKE_PROGRESS_63 = 36 +CMAKE_PROGRESS_64 = +CMAKE_PROGRESS_65 = 37 +CMAKE_PROGRESS_66 = +CMAKE_PROGRESS_67 = 38 +CMAKE_PROGRESS_68 = +CMAKE_PROGRESS_69 = 39 +CMAKE_PROGRESS_70 = 40 +CMAKE_PROGRESS_71 = +CMAKE_PROGRESS_72 = 41 +CMAKE_PROGRESS_73 = +CMAKE_PROGRESS_74 = 42 +CMAKE_PROGRESS_75 = +CMAKE_PROGRESS_76 = 43 +CMAKE_PROGRESS_77 = 44 +CMAKE_PROGRESS_78 = +CMAKE_PROGRESS_79 = 45 +CMAKE_PROGRESS_80 = +CMAKE_PROGRESS_81 = 46 +CMAKE_PROGRESS_82 = +CMAKE_PROGRESS_83 = 47 +CMAKE_PROGRESS_84 = 48 +CMAKE_PROGRESS_85 = +CMAKE_PROGRESS_86 = 49 +CMAKE_PROGRESS_87 = +CMAKE_PROGRESS_88 = 50 +CMAKE_PROGRESS_89 = +CMAKE_PROGRESS_90 = 51 +CMAKE_PROGRESS_91 = 52 +CMAKE_PROGRESS_92 = +CMAKE_PROGRESS_93 = 53 +CMAKE_PROGRESS_94 = +CMAKE_PROGRESS_95 = 54 +CMAKE_PROGRESS_96 = +CMAKE_PROGRESS_97 = 55 +CMAKE_PROGRESS_98 = 56 +CMAKE_PROGRESS_99 = +CMAKE_PROGRESS_100 = 57 +CMAKE_PROGRESS_101 = +CMAKE_PROGRESS_102 = 58 +CMAKE_PROGRESS_103 = +CMAKE_PROGRESS_104 = 59 +CMAKE_PROGRESS_105 = 60 +CMAKE_PROGRESS_106 = +CMAKE_PROGRESS_107 = 61 +CMAKE_PROGRESS_108 = +CMAKE_PROGRESS_109 = 62 +CMAKE_PROGRESS_110 = +CMAKE_PROGRESS_111 = 63 +CMAKE_PROGRESS_112 = 64 +CMAKE_PROGRESS_113 = +CMAKE_PROGRESS_114 = 65 +CMAKE_PROGRESS_115 = +CMAKE_PROGRESS_116 = 66 +CMAKE_PROGRESS_117 = +CMAKE_PROGRESS_118 = 67 +CMAKE_PROGRESS_119 = 68 +CMAKE_PROGRESS_120 = +CMAKE_PROGRESS_121 = 69 +CMAKE_PROGRESS_122 = +CMAKE_PROGRESS_123 = 70 +CMAKE_PROGRESS_124 = +CMAKE_PROGRESS_125 = 71 +CMAKE_PROGRESS_126 = 72 +CMAKE_PROGRESS_127 = +CMAKE_PROGRESS_128 = 73 +CMAKE_PROGRESS_129 = +CMAKE_PROGRESS_130 = 74 +CMAKE_PROGRESS_131 = +CMAKE_PROGRESS_132 = 75 +CMAKE_PROGRESS_133 = 76 +CMAKE_PROGRESS_134 = +CMAKE_PROGRESS_135 = 77 +CMAKE_PROGRESS_136 = +CMAKE_PROGRESS_137 = 78 +CMAKE_PROGRESS_138 = +CMAKE_PROGRESS_139 = 79 +CMAKE_PROGRESS_140 = 80 +CMAKE_PROGRESS_141 = +CMAKE_PROGRESS_142 = 81 +CMAKE_PROGRESS_143 = +CMAKE_PROGRESS_144 = 82 +CMAKE_PROGRESS_145 = +CMAKE_PROGRESS_146 = 83 +CMAKE_PROGRESS_147 = 84 +CMAKE_PROGRESS_148 = +CMAKE_PROGRESS_149 = 85 +CMAKE_PROGRESS_150 = +CMAKE_PROGRESS_151 = 86 +CMAKE_PROGRESS_152 = +CMAKE_PROGRESS_153 = 87 +CMAKE_PROGRESS_154 = 88 +CMAKE_PROGRESS_155 = +CMAKE_PROGRESS_156 = 89 +CMAKE_PROGRESS_157 = +CMAKE_PROGRESS_158 = 90 +CMAKE_PROGRESS_159 = +CMAKE_PROGRESS_160 = 91 +CMAKE_PROGRESS_161 = 92 +CMAKE_PROGRESS_162 = +CMAKE_PROGRESS_163 = 93 +CMAKE_PROGRESS_164 = +CMAKE_PROGRESS_165 = 94 +CMAKE_PROGRESS_166 = +CMAKE_PROGRESS_167 = 95 +CMAKE_PROGRESS_168 = 96 +CMAKE_PROGRESS_169 = +CMAKE_PROGRESS_170 = 97 +CMAKE_PROGRESS_171 = +CMAKE_PROGRESS_172 = 98 +CMAKE_PROGRESS_173 = +CMAKE_PROGRESS_174 = 99 +CMAKE_PROGRESS_175 = 100 + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/.svn/all-wcprops new file mode 100644 index 0000000..33003f8 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 86 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/.svn/entries new file mode 100644 index 0000000..eacd74a --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/BayNetworks-Accelar/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/BayNetworks-Accelar/.svn/all-wcprops new file mode 100644 index 0000000..7c1d1a5 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/BayNetworks-Accelar/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 80 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/BayNetworks-Accelar +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/BayNetworks-Accelar/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/BayNetworks-Accelar/.svn/entries new file mode 100644 index 0000000..b6c908f --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/BayNetworks-Accelar/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/BayNetworks-Accelar +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/CXX.includecache b/libnipper-0.12.6/CMakeFiles/nipper.dir/CXX.includecache new file mode 100644 index 0000000..d82b9bf --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/CXX.includecache @@ -0,0 +1,3664 @@ +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/../device/device.h + +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.h +../SonicWALL-SonicOS/device.h +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/device.h + +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/../device/../config.h + +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/../device/../config.h + +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/../device/device.h + +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.cpp +device.h +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.h + +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.h +../Nortel-Passport/device.h +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/../device/../config.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/../device/../config.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/../device/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.cpp +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.h +../CheckPoint/device.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/../device/../config.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/../device/../config.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/../device/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.cpp +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.h +../CheckPoint/device.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/errortext.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/device-policies.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/device.cpp +sys/types.h +- +sys/stat.h +- +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h +../device/errortext.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/errortext.h +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/CheckPoint/general.h +filter.h +/home/dbryan/libnipper-0.12.6/CheckPoint/filter.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/filter-objects.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint/device.h +filter.h +/home/dbryan/libnipper-0.12.6/CheckPoint/filter.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/filter-rules.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint/device.h +filter.h +/home/dbryan/libnipper-0.12.6/CheckPoint/filter.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/filter-services.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint/device.h +filter.h +/home/dbryan/libnipper-0.12.6/CheckPoint/filter.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/filter.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint/device.h +filter.h +/home/dbryan/libnipper-0.12.6/CheckPoint/filter.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/filter.h +../device/filter/filter.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/general.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/CheckPoint/device.h +general.h +/home/dbryan/libnipper-0.12.6/CheckPoint/general.h + +/home/dbryan/libnipper-0.12.6/CheckPoint/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/CheckPoint/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/../../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/authentication.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/../common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/../device.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.h +../device/authentication/authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/authentication.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +banner.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.h +../device/banner/banner.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.h +banner.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.h +dns.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.h +filter.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +dns.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.h +../device/dns/dns.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.cpp +cstring +- +cstdlib +- +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +filter.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.h +../device/filter/filter.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/general.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.h +../device/interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp-report.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.cpp +cstdlib +- +cstring +- +sstream +- +string +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.h +../device/snmp/snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.h +../Cisco-Catalyst/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.h +../Cisco-Catalyst/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/../../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/authentication.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/../common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/../device.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.h +../device/authentication/authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/authentication.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h +banner.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.h +../device/banner/banner.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.h +banner.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.h +dns.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +dns.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.h +../device/dns/dns.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.h +../device/interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.cpp +cstdlib +- +cstring +- +sstream +- +string +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.h +../device/snmp/snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/iosdevice.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp +cstring +- +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../device/common/configline.h +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.h +../Cisco-IOS/iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/iosdevice.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/iosdevice.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.cpp +cstring +- +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../device/common/configline.h +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.h +../Cisco-IOS/iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/iosdevice.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/authentication.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../device.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-line.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-report.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-security.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.h +../device/authentication/authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/authentication.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +banner.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.h +../device/banner/banner.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +dns.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.h +../device/dns/dns.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +filter.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.h +../device/filter/filter.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.h +../device/interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.h +banner.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.h +filter.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.h +dns.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp-report.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h +iosdevice.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.h +../device/snmp/snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.h +../Cisco-Security/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.h +../Cisco-Security/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.h +../Cisco-Security/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/general.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.h +../Cisco-Security/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.h +../Cisco-Security/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.h +../Cisco-Security/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../device/common/configline.h +../Cisco-Security/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.h +../Cisco-Security/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.h +../Cisco-Security/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.h +../Cisco-Security/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../device/common/configline.h +../Cisco-Security/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.h +../Cisco-Security/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/../../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/authentication.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/../common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/../device.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/administration.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.h +../device/authentication/authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/authentication.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/banner.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +banner.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/banner.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/banner.h +../device/banner/banner.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/administration.h +banner.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/banner.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.h +filter.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/filter.h +dns.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/dns.h +authentication.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/dns.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +dns.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/dns.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/dns.h +../device/dns/dns.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/filter.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +filter.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/filter.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/filter.h +../device/filter/filter.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/general.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/general.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.h +../device/interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.cpp +cstdlib +- +cstring +- +sstream +- +string +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +general.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.h + +/home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.h +../device/snmp/snmp.h +/home/dbryan/libnipper-0.12.6/Cisco-Security/../device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/../../config.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/authentication.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/../common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/../device.h +string +- + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +administration.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +authentication.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.h +../device/authentication/authentication.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/authentication.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +banner.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.h +../device/banner/banner.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h +administration.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.h +banner.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.h +snmp.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.h +dns.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.h +authentication.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.h +interfaces.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +dns.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.h +../device/dns/dns.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/general.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +general.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.h +../device/interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp-report.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +general.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.cpp +cstring +- +sstream +- +string +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +general.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.h + +/home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.h +../device/snmp/snmp.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/../../config.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/authentication.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/../common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/../device.h +string +- + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +administration.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +general.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +authentication.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.h +../device/authentication/authentication.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/authentication.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +banner.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.h +../device/banner/banner.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h +banner.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.h +snmp.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.h +filter.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.h +dns.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.h +authentication.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +dns.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.h +../device/dns/dns.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.cpp +cstring +- +cstdlib +- +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +filter.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.h +../device/filter/filter.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +general.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.h +../device/interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp +cstring +- +sstream +- +string +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +general.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h +snmp.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.h + +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.h +../device/snmp/snmp.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/../device/device.h + +/home/dbryan/libnipper-0.12.6/Nokia-IP/device.cpp +device.h +/home/dbryan/libnipper-0.12.6/Nokia-IP/device.h + +/home/dbryan/libnipper-0.12.6/Nokia-IP/device.h +../CheckPoint/device.h +/home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/device.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +administration.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +banner.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.h +../device/banner/banner.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/general.h +administration.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.h +banner.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.h +snmp.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.h +filter.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.cpp +cstring +- +cstdlib +- +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +filter.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.h +../device/filter/filter.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/general.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +general.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/general.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.h +../device/interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +general.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.h + +/home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.h +../device/snmp/snmp.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/../device/../config.h + +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/../device/device.h + +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp +device.h +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.h + +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.h +../Nortel-Passport/device.h +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/device.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/errortext.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h +administration.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.h +device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h +administration.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.h +snmp.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.h +../device/administration/administration.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.cpp +sys/types.h +- +sys/stat.h +- +cstring +- +cstdlib +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h +../device/errortext.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/errortext.h +device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h +general.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.h +filter.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.h +snmp.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h +administration.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.h +dns.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h +../device/device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h +dns.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.h +../device/dns/dns.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp +cstring +- +cstdlib +- +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h +../globaldefs.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h +device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h +filter.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.h +../device/filter/filter.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.cpp +cstdlib +- +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h +general.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/general.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp +cstring +- +../globaldefs.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h +../device/common/configline.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h +device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h +general.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.h +snmp.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h + +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h +../device/snmp/snmp.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/config.cpp +string +- +cstring +- +cstdio +- +cstdlib +- +sys/types.h +- +sys/stat.h +- +unistd.h +- +globaldefs.h +/home/dbryan/libnipper-0.12.6/globaldefs.h +config.h +/home/dbryan/libnipper-0.12.6/config.h + +/home/dbryan/libnipper-0.12.6/config.h + +/home/dbryan/libnipper-0.12.6/device/../config.h + +/home/dbryan/libnipper-0.12.6/device/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/administration/../../config.h + +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/administration/../../config.h + +/home/dbryan/libnipper-0.12.6/device/administration/../interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/administration/../interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-bootp.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-finger.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-ftp.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-general.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-hosts.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-http.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-ssh.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-telnet.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-tftp.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration-timeout.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/administration/../device.h +administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h +../interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/device/administration/../interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/device/administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication-general.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication-kerberos.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication-ldap.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication-nt.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication-radius.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication-securid.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication-tacacs.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication-users.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h +authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h + +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/device/authentication/../device.h +string +- + +/home/dbryan/libnipper-0.12.6/device/banner/../../config.h + +/home/dbryan/libnipper-0.12.6/device/banner/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/banner/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/banner/../../config.h + +/home/dbryan/libnipper-0.12.6/device/banner/../general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/banner/../general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/banner/../general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/banner/banner-report.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/banner/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/banner/../device.h +../general/general.h +/home/dbryan/libnipper-0.12.6/device/banner/../general/general.h +banner.h +/home/dbryan/libnipper-0.12.6/device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/device/banner/banner.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/banner/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/banner/../device.h +banner.h +/home/dbryan/libnipper-0.12.6/device/banner/banner.h + +/home/dbryan/libnipper-0.12.6/device/banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/common/../../config.h + +/home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/common/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/common/../../config.h + +/home/dbryan/libnipper-0.12.6/device/common/../errortext.h + +/home/dbryan/libnipper-0.12.6/device/common/../general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/common/../general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/common/../general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/common/configline.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h +configline.h +/home/dbryan/libnipper-0.12.6/device/common/configline.h +cstring +- + +/home/dbryan/libnipper-0.12.6/device/common/configline.h +string +- + +/home/dbryan/libnipper-0.12.6/device/common/deviceconfig.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h +deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/device/common/../device.h +configline.h +/home/dbryan/libnipper-0.12.6/device/common/configline.h + +/home/dbryan/libnipper-0.12.6/device/common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/common/file.cpp +sys/types.h +- +sys/stat.h +- +cstring +- +cstdlib +- +unistd.h +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h +../errortext.h +/home/dbryan/libnipper-0.12.6/device/common/../errortext.h +../device.h +/home/dbryan/libnipper-0.12.6/device/common/../device.h + +/home/dbryan/libnipper-0.12.6/device/common/misc.cpp +cstring +- +iostream +- +sstream +- +cstdlib +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/common/../device.h + +/home/dbryan/libnipper-0.12.6/device/common/paragraph.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/common/../device.h + +/home/dbryan/libnipper-0.12.6/device/common/passwords.cpp +string +- +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/common/../device.h +../general/general.h +/home/dbryan/libnipper-0.12.6/device/common/../general/general.h + +/home/dbryan/libnipper-0.12.6/device/common/tables.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/common/../device.h + +/home/dbryan/libnipper-0.12.6/device/crypto/../../config.h + +/home/dbryan/libnipper-0.12.6/device/crypto/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/crypto/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/crypto/../../config.h + +/home/dbryan/libnipper-0.12.6/device/crypto/crypto-base64.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/crypto/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/crypto/../device.h + +/home/dbryan/libnipper-0.12.6/device/crypto/crypto-ciscotype7.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/crypto/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/crypto/../device.h + +/home/dbryan/libnipper-0.12.6/device/crypto/crypto-url.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/crypto/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/crypto/../device.h + +/home/dbryan/libnipper-0.12.6/device/device.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/../globaldefs.h +errortext.h +/home/dbryan/libnipper-0.12.6/device/errortext.h +device.h +/home/dbryan/libnipper-0.12.6/device/device.h +general/general.h +/home/dbryan/libnipper-0.12.6/device/general/general.h +administration/administration.h +/home/dbryan/libnipper-0.12.6/device/administration/administration.h +authentication/authentication.h +/home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +dns/dns.h +/home/dbryan/libnipper-0.12.6/device/dns/dns.h +banner/banner.h +/home/dbryan/libnipper-0.12.6/device/banner/banner.h +filter/filter.h +/home/dbryan/libnipper-0.12.6/device/filter/filter.h +snmp/snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/../config.h + +/home/dbryan/libnipper-0.12.6/device/dns/../../config.h + +/home/dbryan/libnipper-0.12.6/device/dns/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/dns/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/dns/../../config.h + +/home/dbryan/libnipper-0.12.6/device/dns/dns-report.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/dns/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/dns/../device.h +dns.h +/home/dbryan/libnipper-0.12.6/device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/device/dns/dns.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/dns/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/dns/../device.h +dns.h +/home/dbryan/libnipper-0.12.6/device/dns/dns.h + +/home/dbryan/libnipper-0.12.6/device/dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/errortext.h + +/home/dbryan/libnipper-0.12.6/device/filter/../../config.h + +/home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/filter/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/filter/../../config.h + +/home/dbryan/libnipper-0.12.6/device/filter/filter-filter-report.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/filter/../device.h +filter.h +/home/dbryan/libnipper-0.12.6/device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/device/filter/filter-filter.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/filter/../device.h +filter.h +/home/dbryan/libnipper-0.12.6/device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/device/filter/filter-object-report.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/filter/../device.h +filter.h +/home/dbryan/libnipper-0.12.6/device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/device/filter/filter-object.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/filter/../device.h +filter.h +/home/dbryan/libnipper-0.12.6/device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/device/filter/filter-security-report.cpp +cstring +- +cmath +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/filter/../device.h +filter.h +/home/dbryan/libnipper-0.12.6/device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/device/filter/filter-security.cpp +cstring +- +cstdlib +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/filter/../device.h +filter.h +/home/dbryan/libnipper-0.12.6/device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/device/filter/filter.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/filter/../device.h +filter.h +/home/dbryan/libnipper-0.12.6/device/filter/filter.h + +/home/dbryan/libnipper-0.12.6/device/filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/general/../../config.h + +/home/dbryan/libnipper-0.12.6/device/general/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/general/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/general/../../config.h + +/home/dbryan/libnipper-0.12.6/device/general/general.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/general/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/general/../device.h +general.h +/home/dbryan/libnipper-0.12.6/device/general/general.h + +/home/dbryan/libnipper-0.12.6/device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/../../config.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/../administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../../config.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-interface.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-report.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-security.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h +../administration/administration.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../administration/administration.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../device.h +interfaces.h +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../administration/administration.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../administration/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../authentication/authentication.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../authentication/../common/deviceconfig.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../authentication/../device.h +string +- + +/home/dbryan/libnipper-0.12.6/device/reportgen/../banner/banner.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../banner/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../dns/dns.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../dns/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../filter/filter.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../filter/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../interfaces/interfaces.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../interfaces/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/../snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/device/reportgen/report-abbreviations.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/report-commonports.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/report-icmp.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/report-logginglevels.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/report-misc.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/report-numbering.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/report-protocols.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + +/home/dbryan/libnipper-0.12.6/device/reportgen/report.cpp +cmath +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../device.h +../general/general.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../general/general.h +../administration/administration.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../administration/administration.h +../authentication/authentication.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../authentication/authentication.h +../dns/dns.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../dns/dns.h +../banner/banner.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../banner/banner.h +../snmp/snmp.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../snmp/snmp.h +../filter/filter.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../filter/filter.h +../interfaces/interfaces.h +/home/dbryan/libnipper-0.12.6/device/reportgen/../interfaces/interfaces.h + +/home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + +/home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp-community.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp-group.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp-host.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp-misc-issues.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp-traps.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp-user.cpp +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp-view.cpp +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.cpp +sstream +- +string +- +cstring +- +../../globaldefs.h +/home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h +../device.h +/home/dbryan/libnipper-0.12.6/device/snmp/../device.h +snmp.h +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h + +/home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h +string +- + +/home/dbryan/libnipper-0.12.6/globaldefs.h + +/home/dbryan/libnipper-0.12.6/libnipper.cpp +globaldefs.h +/home/dbryan/libnipper-0.12.6/globaldefs.h +libnipper.h +/home/dbryan/libnipper-0.12.6/libnipper.h +config.h +/home/dbryan/libnipper-0.12.6/config.h +report/report.h +/home/dbryan/libnipper-0.12.6/report/report.h +Cisco-CSS/device.h +/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +Cisco-Catalyst-CatOS/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.h +Cisco-Catalyst-NMP/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.h +Cisco-IOS-Catalyst/device.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.h +Cisco-IOS-Router/device.h +/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.h +Cisco-Security-ASA/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.h +Cisco-Security-FWSM/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.h +Cisco-Security-PIX/device.h +/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.h +CheckPoint-Firewall/device.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.h +CheckPoint-Management/device.h +/home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.h +Nokia-IP/device.h +/home/dbryan/libnipper-0.12.6/Nokia-IP/device.h +HP-ProCurve/device.h +/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +Juniper-ScreenOS/device.h +/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +Nortel-Passport/device.h +/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +Nortel-RoutingSwitch/device.h +/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.h +BayNetworks-Accelar/device.h +/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.h +SonicWALL-SonicOS/device.h +/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h +3Com-SuperStack3-Firewall/device.h +/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.h + +/home/dbryan/libnipper-0.12.6/libnipper.h + +/home/dbryan/libnipper-0.12.6/report/../config.h + +/home/dbryan/libnipper-0.12.6/report/../device/../config.h + +/home/dbryan/libnipper-0.12.6/report/../device/device.h +cstdio +- +string +- +../config.h +/home/dbryan/libnipper-0.12.6/report/../device/../config.h + +/home/dbryan/libnipper-0.12.6/report/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/report/../device/general/general.h +string +- +../common/deviceconfig.h +/home/dbryan/libnipper-0.12.6/report/../device/general/../common/deviceconfig.h + +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h + +/home/dbryan/libnipper-0.12.6/report/report-contents.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h +../config.h +/home/dbryan/libnipper-0.12.6/report/../config.h + +/home/dbryan/libnipper-0.12.6/report/report-frontpage.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h +../config.h +/home/dbryan/libnipper-0.12.6/report/../config.h + +/home/dbryan/libnipper-0.12.6/report/report-functions.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-introduction.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-list.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-section-appendix.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-section-compliance.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-section-config.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-section-security.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-start.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/report/../device/general/general.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-table.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-text.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/report/../device/general/general.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report-titles.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +../device/general/general.h +/home/dbryan/libnipper-0.12.6/report/../device/general/general.h +cstring +- +report.h +/home/dbryan/libnipper-0.12.6/report/report.h + +/home/dbryan/libnipper-0.12.6/report/report.cpp +../globaldefs.h +/home/dbryan/libnipper-0.12.6/report/../globaldefs.h +report.h +/home/dbryan/libnipper-0.12.6/report/report.h +../config.h +/home/dbryan/libnipper-0.12.6/report/../config.h +../device/device.h +/home/dbryan/libnipper-0.12.6/report/../device/device.h + +/home/dbryan/libnipper-0.12.6/report/report.h +cstdio +- +../device/device.h +/home/dbryan/libnipper-0.12.6/report/../device/device.h + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Firewall/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Firewall/.svn/all-wcprops new file mode 100644 index 0000000..bb1f24a --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Firewall/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 80 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Firewall +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Firewall/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Firewall/.svn/entries new file mode 100644 index 0000000..752c6c2 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Firewall/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Firewall +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Management/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Management/.svn/all-wcprops new file mode 100644 index 0000000..4d54750 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Management/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 82 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Management +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Management/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Management/.svn/entries new file mode 100644 index 0000000..e21408b --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Management/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Management +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/.svn/all-wcprops new file mode 100644 index 0000000..c910113 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 71 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/.svn/entries new file mode 100644 index 0000000..32924dc --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/.svn/all-wcprops new file mode 100644 index 0000000..d7f10bd --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 70 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/.svn/entries new file mode 100644 index 0000000..134bb99 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/.svn/all-wcprops new file mode 100644 index 0000000..16c0754 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 81 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/.svn/entries new file mode 100644 index 0000000..3f76e4b --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/.svn/all-wcprops new file mode 100644 index 0000000..1899897 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 79 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-NMP +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/.svn/entries new file mode 100644 index 0000000..7f89398 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-NMP +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/.svn/all-wcprops new file mode 100644 index 0000000..d2dd870 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 75 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/.svn/entries new file mode 100644 index 0000000..953a520 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/.svn/all-wcprops new file mode 100644 index 0000000..e475b96 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 79 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Catalyst +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/.svn/entries new file mode 100644 index 0000000..35e084a --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Catalyst +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Router/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Router/.svn/all-wcprops new file mode 100644 index 0000000..c4c22c6 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Router/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 77 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Router +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Router/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Router/.svn/entries new file mode 100644 index 0000000..165e35b --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Router/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Router +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/.svn/all-wcprops new file mode 100644 index 0000000..a3b4624 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 70 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/.svn/entries new file mode 100644 index 0000000..3057b37 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-ASA/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-ASA/.svn/all-wcprops new file mode 100644 index 0000000..cf36030 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-ASA/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 79 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-ASA +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-ASA/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-ASA/.svn/entries new file mode 100644 index 0000000..2410cd8 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-ASA/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-ASA +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-FWSM/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-FWSM/.svn/all-wcprops new file mode 100644 index 0000000..e38586a --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-FWSM/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 80 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-FWSM +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-FWSM/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-FWSM/.svn/entries new file mode 100644 index 0000000..e65f7b6 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-FWSM/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-FWSM +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-PIX/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-PIX/.svn/all-wcprops new file mode 100644 index 0000000..0af36f0 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-PIX/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 79 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-PIX +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-PIX/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-PIX/.svn/entries new file mode 100644 index 0000000..e765b0a --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-PIX/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-PIX +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/.svn/all-wcprops new file mode 100644 index 0000000..8b5d789 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 75 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/.svn/entries new file mode 100644 index 0000000..4174fbd --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/DependInfo.cmake b/libnipper-0.12.6/CMakeFiles/nipper.dir/DependInfo.cmake new file mode 100644 index 0000000..9f64184 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/DependInfo.cmake @@ -0,0 +1,356 @@ +# The set of files whose dependency integrity should be checked: +SET(CMAKE_DEPENDS_LANGUAGES + "CXX" + ) +SET(CMAKE_DEPENDS_CHECK_CXX + "/home/dbryan/libnipper-0.12.6/device/snmp/snmp-user.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/snmp-user.o" + "/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/filter.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/dns.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/general.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/administration.o" + "/home/dbryan/libnipper-0.12.6/device/snmp/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/snmp.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint/device-policies.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/device-policies.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/general.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o" + "/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-security.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/general.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-line.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/authentication.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/banner.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/banner.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/filter.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/snmp.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/dns.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/dns.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/device.o" + "/home/dbryan/libnipper-0.12.6/device/snmp/snmp-group.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/snmp-group.o" + "/home/dbryan/libnipper-0.12.6/device/snmp/snmp-host.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/snmp-host.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-security.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o" + "/home/dbryan/libnipper-0.12.6/device/snmp/snmp-community.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/snmp-community.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/administration.o" + "/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces/interfaces.o" + "/home/dbryan/libnipper-0.12.6/device/snmp/snmp-misc-issues.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/snmp.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint/filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/filter.o" + "/home/dbryan/libnipper-0.12.6/device/filter/filter-security-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/filter-security-report.o" + "/home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-interface.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o" + "/home/dbryan/libnipper-0.12.6/device/snmp/snmp-view.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/snmp-view.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/authentication.o" + "/home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-IOS/banner.o" + "/home/dbryan/libnipper-0.12.6/device/snmp/snmp-traps.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/snmp-traps.o" + "/home/dbryan/libnipper-0.12.6/device/filter/filter-security.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/filter-security.o" + "/home/dbryan/libnipper-0.12.6/device/filter/filter-object-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/filter-object-report.o" + "/home/dbryan/libnipper-0.12.6/device/filter/filter-object.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/filter-object.o" + "/home/dbryan/libnipper-0.12.6/device/filter/filter-filter-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/filter-filter-report.o" + "/home/dbryan/libnipper-0.12.6/device/filter/filter-filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/filter-filter.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication-users.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication-users.o" + "/home/dbryan/libnipper-0.12.6/device/filter/filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/filter.o" + "/home/dbryan/libnipper-0.12.6/device/banner/banner-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/banner/banner-report.o" + "/home/dbryan/libnipper-0.12.6/device/banner/banner.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/banner/banner.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication-tacacs.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication-securid.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication-securid.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication-radius.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication-radius.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication-nt.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication-nt.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication-ldap.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication-general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication-general.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication-kerberos.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o" + "/home/dbryan/libnipper-0.12.6/device/authentication/authentication.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/authentication.o" + "/home/dbryan/libnipper-0.12.6/device/dns/dns-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/dns/dns-report.o" + "/home/dbryan/libnipper-0.12.6/device/dns/dns.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/dns/dns.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-ssh.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-ssh.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-timeout.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-timeout.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-tftp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-tftp.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-telnet.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-telnet.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-ftp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-ftp.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-finger.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-finger.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-http.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-http.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-hosts.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-hosts.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-general.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration-bootp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration-bootp.o" + "/home/dbryan/libnipper-0.12.6/device/reportgen/report-logginglevels.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o" + "/home/dbryan/libnipper-0.12.6/device/administration/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/administration.o" + "/home/dbryan/libnipper-0.12.6/device/general/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/general/general.o" + "/home/dbryan/libnipper-0.12.6/device/reportgen/report-protocols.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/report-protocols.o" + "/home/dbryan/libnipper-0.12.6/device/reportgen/report-numbering.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/report-numbering.o" + "/home/dbryan/libnipper-0.12.6/device/crypto/crypto-base64.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/crypto/crypto-base64.o" + "/home/dbryan/libnipper-0.12.6/device/common/tables.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/tables.o" + "/home/dbryan/libnipper-0.12.6/device/reportgen/report-misc.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/report-misc.o" + "/home/dbryan/libnipper-0.12.6/device/reportgen/report-icmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/report-icmp.o" + "/home/dbryan/libnipper-0.12.6/device/reportgen/report-abbreviations.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o" + "/home/dbryan/libnipper-0.12.6/device/reportgen/report-commonports.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/report-commonports.o" + "/home/dbryan/libnipper-0.12.6/device/reportgen/report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/report.o" + "/home/dbryan/libnipper-0.12.6/device/crypto/crypto-url.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/crypto/crypto-url.o" + "/home/dbryan/libnipper-0.12.6/device/crypto/crypto-ciscotype7.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o" + "/home/dbryan/libnipper-0.12.6/report/report-titles.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-titles.o" + "/home/dbryan/libnipper-0.12.6/report/report-text.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-text.o" + "/home/dbryan/libnipper-0.12.6/report/report-table.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-table.o" + "/home/dbryan/libnipper-0.12.6/device/common/passwords.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/passwords.o" + "/home/dbryan/libnipper-0.12.6/device/common/paragraph.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/paragraph.o" + "/home/dbryan/libnipper-0.12.6/device/common/misc.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/misc.o" + "/home/dbryan/libnipper-0.12.6/device/common/file.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/file.o" + "/home/dbryan/libnipper-0.12.6/device/common/deviceconfig.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/deviceconfig.o" + "/home/dbryan/libnipper-0.12.6/device/common/configline.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/configline.o" + "/home/dbryan/libnipper-0.12.6/device/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/device/device.o" + "/home/dbryan/libnipper-0.12.6/report/report-start.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-start.o" + "/home/dbryan/libnipper-0.12.6/report/report-section-appendix.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-section-appendix.o" + "/home/dbryan/libnipper-0.12.6/report/report-section-config.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-section-config.o" + "/home/dbryan/libnipper-0.12.6/report/report-section-compliance.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-section-compliance.o" + "/home/dbryan/libnipper-0.12.6/report/report-section-security.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-section-security.o" + "/home/dbryan/libnipper-0.12.6/report/report-list.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-list.o" + "/home/dbryan/libnipper-0.12.6/report/report-introduction.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-introduction.o" + "/home/dbryan/libnipper-0.12.6/report/report-frontpage.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-frontpage.o" + "/home/dbryan/libnipper-0.12.6/report/report-functions.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-functions.o" + "/home/dbryan/libnipper-0.12.6/report/report-contents.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report-contents.o" + "/home/dbryan/libnipper-0.12.6/report/report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/report/report.o" + "/home/dbryan/libnipper-0.12.6/config.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/config.o" + "/home/dbryan/libnipper-0.12.6/libnipper.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/libnipper.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/authentication.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/general.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/general.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/administration.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/banner.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/snmp.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/dns.o" + "/home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-CSS/filter.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security/interfaces.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o" + "/home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint/filter-objects.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/filter-objects.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint/filter-rules.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/filter-rules.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint/filter-services.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint/filter-services.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o" + "/home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/CheckPoint-Management/device.o" + "/home/dbryan/libnipper-0.12.6/Nokia-IP/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nokia-IP/device.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o" + "/home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o" + "/home/dbryan/libnipper-0.12.6/Nortel-Passport/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/device.o" + "/home/dbryan/libnipper-0.12.6/Nortel-Passport/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/general.o" + "/home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/administration.o" + "/home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/banner.o" + "/home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/snmp.o" + "/home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/filter.o" + "/home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o" + "/home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o" + "/home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/device.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/general.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/banner.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/administration.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/snmp.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/dns.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o" + "/home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/authentication.o" + "/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o" + "/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o" + "/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o" + "/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o" + "/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o" + "/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o" + "/home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o" + "/home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp" + "/home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o" + ) diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/.svn/all-wcprops new file mode 100644 index 0000000..e828a8b --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 72 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/.svn/entries new file mode 100644 index 0000000..f943bc4 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/HP-ProCurve +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/.svn/all-wcprops new file mode 100644 index 0000000..b49549a --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 77 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/.svn/entries new file mode 100644 index 0000000..40777c7 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Juniper-ScreenOS +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Nokia-IP/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/Nokia-IP/.svn/all-wcprops new file mode 100644 index 0000000..15a0c6b --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Nokia-IP/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 69 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Nokia-IP +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Nokia-IP/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/Nokia-IP/.svn/entries new file mode 100644 index 0000000..a991b74 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Nokia-IP/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Nokia-IP +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/.svn/all-wcprops new file mode 100644 index 0000000..401c0f3 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 76 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/.svn/entries new file mode 100644 index 0000000..0ca572f --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-Passport +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-RoutingSwitch/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-RoutingSwitch/.svn/all-wcprops new file mode 100644 index 0000000..606a5e7 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-RoutingSwitch/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 81 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-RoutingSwitch +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-RoutingSwitch/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-RoutingSwitch/.svn/entries new file mode 100644 index 0000000..6cf980a --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-RoutingSwitch/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/Nortel-RoutingSwitch +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/.svn/all-wcprops new file mode 100644 index 0000000..ef1589e --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 78 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/.svn/entries new file mode 100644 index 0000000..1bd9bf2 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/SonicWALL-SonicOS +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/build.make b/libnipper-0.12.6/CMakeFiles/nipper.dir/build.make new file mode 100644 index 0000000..e0a0638 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/build.make @@ -0,0 +1,4796 @@ +# CMAKE generated file: DO NOT EDIT! +# Generated by "Unix Makefiles" Generator, CMake Version 2.4 + +#============================================================================= +# Special targets provided by cmake. + +# Disable implicit rules so canoncical targets will work. +.SUFFIXES: + +.SUFFIXES: .hpux_make_needs_suffix_list + +# Suppress display of executed commands. +$(VERBOSE).SILENT: + +# A target that is always out of date. +cmake_force: + +#============================================================================= +# Set environment variables for the build. + +# The shell in which to execute make rules. +SHELL = /bin/sh + +# The CMake executable. +CMAKE_COMMAND = /usr/bin/cmake + +# The command to remove a file. +RM = /usr/bin/cmake -E remove -f + +# The program to use to edit the cache. +CMAKE_EDIT_COMMAND = /usr/bin/ccmake + +# The top-level source directory on which CMake was run. +CMAKE_SOURCE_DIR = /home/dbryan/libnipper-0.12.6 + +# The top-level build directory on which CMake was run. +CMAKE_BINARY_DIR = /home/dbryan/libnipper-0.12.6 + +# Include any dependencies generated for this target. +include CMakeFiles/nipper.dir/depend.make + +# Include the progress variables for this target. +include CMakeFiles/nipper.dir/progress.make + +# Include the compile flags for this target's objects. +include CMakeFiles/nipper.dir/flags.make + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: libnipper.cpp + +CMakeFiles/nipper.dir/libnipper.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/libnipper.o: libnipper.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_1) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/libnipper.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/libnipper.o -c /home/dbryan/libnipper-0.12.6/libnipper.cpp + +CMakeFiles/nipper.dir/libnipper.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/libnipper.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/libnipper.cpp > CMakeFiles/nipper.dir/libnipper.i + +CMakeFiles/nipper.dir/libnipper.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/libnipper.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/libnipper.cpp -o CMakeFiles/nipper.dir/libnipper.s + +CMakeFiles/nipper.dir/libnipper.o.requires: + +CMakeFiles/nipper.dir/libnipper.o.provides: CMakeFiles/nipper.dir/libnipper.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/libnipper.o.provides.build + +CMakeFiles/nipper.dir/libnipper.o.provides.build: CMakeFiles/nipper.dir/libnipper.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: config.cpp + +CMakeFiles/nipper.dir/config.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/config.o: config.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_2) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/config.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/config.o -c /home/dbryan/libnipper-0.12.6/config.cpp + +CMakeFiles/nipper.dir/config.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/config.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/config.cpp > CMakeFiles/nipper.dir/config.i + +CMakeFiles/nipper.dir/config.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/config.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/config.cpp -o CMakeFiles/nipper.dir/config.s + +CMakeFiles/nipper.dir/config.o.requires: + +CMakeFiles/nipper.dir/config.o.provides: CMakeFiles/nipper.dir/config.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/config.o.provides.build + +CMakeFiles/nipper.dir/config.o.provides.build: CMakeFiles/nipper.dir/config.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report.cpp + +CMakeFiles/nipper.dir/report/report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report.o: report/report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_3) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report.o -c /home/dbryan/libnipper-0.12.6/report/report.cpp + +CMakeFiles/nipper.dir/report/report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report.cpp > CMakeFiles/nipper.dir/report/report.i + +CMakeFiles/nipper.dir/report/report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report.cpp -o CMakeFiles/nipper.dir/report/report.s + +CMakeFiles/nipper.dir/report/report.o.requires: + +CMakeFiles/nipper.dir/report/report.o.provides: CMakeFiles/nipper.dir/report/report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report.o.provides.build + +CMakeFiles/nipper.dir/report/report.o.provides.build: CMakeFiles/nipper.dir/report/report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-contents.cpp + +CMakeFiles/nipper.dir/report/report-contents.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-contents.o: report/report-contents.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_4) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-contents.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-contents.o -c /home/dbryan/libnipper-0.12.6/report/report-contents.cpp + +CMakeFiles/nipper.dir/report/report-contents.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-contents.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-contents.cpp > CMakeFiles/nipper.dir/report/report-contents.i + +CMakeFiles/nipper.dir/report/report-contents.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-contents.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-contents.cpp -o CMakeFiles/nipper.dir/report/report-contents.s + +CMakeFiles/nipper.dir/report/report-contents.o.requires: + +CMakeFiles/nipper.dir/report/report-contents.o.provides: CMakeFiles/nipper.dir/report/report-contents.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-contents.o.provides.build + +CMakeFiles/nipper.dir/report/report-contents.o.provides.build: CMakeFiles/nipper.dir/report/report-contents.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-functions.cpp + +CMakeFiles/nipper.dir/report/report-functions.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-functions.o: report/report-functions.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_5) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-functions.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-functions.o -c /home/dbryan/libnipper-0.12.6/report/report-functions.cpp + +CMakeFiles/nipper.dir/report/report-functions.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-functions.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-functions.cpp > CMakeFiles/nipper.dir/report/report-functions.i + +CMakeFiles/nipper.dir/report/report-functions.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-functions.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-functions.cpp -o CMakeFiles/nipper.dir/report/report-functions.s + +CMakeFiles/nipper.dir/report/report-functions.o.requires: + +CMakeFiles/nipper.dir/report/report-functions.o.provides: CMakeFiles/nipper.dir/report/report-functions.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-functions.o.provides.build + +CMakeFiles/nipper.dir/report/report-functions.o.provides.build: CMakeFiles/nipper.dir/report/report-functions.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-frontpage.cpp + +CMakeFiles/nipper.dir/report/report-frontpage.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-frontpage.o: report/report-frontpage.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_6) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-frontpage.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-frontpage.o -c /home/dbryan/libnipper-0.12.6/report/report-frontpage.cpp + +CMakeFiles/nipper.dir/report/report-frontpage.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-frontpage.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-frontpage.cpp > CMakeFiles/nipper.dir/report/report-frontpage.i + +CMakeFiles/nipper.dir/report/report-frontpage.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-frontpage.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-frontpage.cpp -o CMakeFiles/nipper.dir/report/report-frontpage.s + +CMakeFiles/nipper.dir/report/report-frontpage.o.requires: + +CMakeFiles/nipper.dir/report/report-frontpage.o.provides: CMakeFiles/nipper.dir/report/report-frontpage.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-frontpage.o.provides.build + +CMakeFiles/nipper.dir/report/report-frontpage.o.provides.build: CMakeFiles/nipper.dir/report/report-frontpage.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-introduction.cpp + +CMakeFiles/nipper.dir/report/report-introduction.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-introduction.o: report/report-introduction.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_7) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-introduction.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-introduction.o -c /home/dbryan/libnipper-0.12.6/report/report-introduction.cpp + +CMakeFiles/nipper.dir/report/report-introduction.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-introduction.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-introduction.cpp > CMakeFiles/nipper.dir/report/report-introduction.i + +CMakeFiles/nipper.dir/report/report-introduction.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-introduction.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-introduction.cpp -o CMakeFiles/nipper.dir/report/report-introduction.s + +CMakeFiles/nipper.dir/report/report-introduction.o.requires: + +CMakeFiles/nipper.dir/report/report-introduction.o.provides: CMakeFiles/nipper.dir/report/report-introduction.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-introduction.o.provides.build + +CMakeFiles/nipper.dir/report/report-introduction.o.provides.build: CMakeFiles/nipper.dir/report/report-introduction.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-list.cpp + +CMakeFiles/nipper.dir/report/report-list.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-list.o: report/report-list.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_8) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-list.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-list.o -c /home/dbryan/libnipper-0.12.6/report/report-list.cpp + +CMakeFiles/nipper.dir/report/report-list.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-list.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-list.cpp > CMakeFiles/nipper.dir/report/report-list.i + +CMakeFiles/nipper.dir/report/report-list.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-list.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-list.cpp -o CMakeFiles/nipper.dir/report/report-list.s + +CMakeFiles/nipper.dir/report/report-list.o.requires: + +CMakeFiles/nipper.dir/report/report-list.o.provides: CMakeFiles/nipper.dir/report/report-list.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-list.o.provides.build + +CMakeFiles/nipper.dir/report/report-list.o.provides.build: CMakeFiles/nipper.dir/report/report-list.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-section-security.cpp + +CMakeFiles/nipper.dir/report/report-section-security.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-section-security.o: report/report-section-security.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_9) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-section-security.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-section-security.o -c /home/dbryan/libnipper-0.12.6/report/report-section-security.cpp + +CMakeFiles/nipper.dir/report/report-section-security.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-section-security.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-section-security.cpp > CMakeFiles/nipper.dir/report/report-section-security.i + +CMakeFiles/nipper.dir/report/report-section-security.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-section-security.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-section-security.cpp -o CMakeFiles/nipper.dir/report/report-section-security.s + +CMakeFiles/nipper.dir/report/report-section-security.o.requires: + +CMakeFiles/nipper.dir/report/report-section-security.o.provides: CMakeFiles/nipper.dir/report/report-section-security.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-security.o.provides.build + +CMakeFiles/nipper.dir/report/report-section-security.o.provides.build: CMakeFiles/nipper.dir/report/report-section-security.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-section-compliance.cpp + +CMakeFiles/nipper.dir/report/report-section-compliance.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-section-compliance.o: report/report-section-compliance.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_10) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-section-compliance.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-section-compliance.o -c /home/dbryan/libnipper-0.12.6/report/report-section-compliance.cpp + +CMakeFiles/nipper.dir/report/report-section-compliance.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-section-compliance.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-section-compliance.cpp > CMakeFiles/nipper.dir/report/report-section-compliance.i + +CMakeFiles/nipper.dir/report/report-section-compliance.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-section-compliance.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-section-compliance.cpp -o CMakeFiles/nipper.dir/report/report-section-compliance.s + +CMakeFiles/nipper.dir/report/report-section-compliance.o.requires: + +CMakeFiles/nipper.dir/report/report-section-compliance.o.provides: CMakeFiles/nipper.dir/report/report-section-compliance.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-compliance.o.provides.build + +CMakeFiles/nipper.dir/report/report-section-compliance.o.provides.build: CMakeFiles/nipper.dir/report/report-section-compliance.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-section-config.cpp + +CMakeFiles/nipper.dir/report/report-section-config.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-section-config.o: report/report-section-config.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_11) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-section-config.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-section-config.o -c /home/dbryan/libnipper-0.12.6/report/report-section-config.cpp + +CMakeFiles/nipper.dir/report/report-section-config.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-section-config.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-section-config.cpp > CMakeFiles/nipper.dir/report/report-section-config.i + +CMakeFiles/nipper.dir/report/report-section-config.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-section-config.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-section-config.cpp -o CMakeFiles/nipper.dir/report/report-section-config.s + +CMakeFiles/nipper.dir/report/report-section-config.o.requires: + +CMakeFiles/nipper.dir/report/report-section-config.o.provides: CMakeFiles/nipper.dir/report/report-section-config.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-config.o.provides.build + +CMakeFiles/nipper.dir/report/report-section-config.o.provides.build: CMakeFiles/nipper.dir/report/report-section-config.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-section-appendix.cpp + +CMakeFiles/nipper.dir/report/report-section-appendix.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-section-appendix.o: report/report-section-appendix.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_12) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-section-appendix.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-section-appendix.o -c /home/dbryan/libnipper-0.12.6/report/report-section-appendix.cpp + +CMakeFiles/nipper.dir/report/report-section-appendix.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-section-appendix.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-section-appendix.cpp > CMakeFiles/nipper.dir/report/report-section-appendix.i + +CMakeFiles/nipper.dir/report/report-section-appendix.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-section-appendix.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-section-appendix.cpp -o CMakeFiles/nipper.dir/report/report-section-appendix.s + +CMakeFiles/nipper.dir/report/report-section-appendix.o.requires: + +CMakeFiles/nipper.dir/report/report-section-appendix.o.provides: CMakeFiles/nipper.dir/report/report-section-appendix.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-appendix.o.provides.build + +CMakeFiles/nipper.dir/report/report-section-appendix.o.provides.build: CMakeFiles/nipper.dir/report/report-section-appendix.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-start.cpp + +CMakeFiles/nipper.dir/report/report-start.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-start.o: report/report-start.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_13) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-start.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-start.o -c /home/dbryan/libnipper-0.12.6/report/report-start.cpp + +CMakeFiles/nipper.dir/report/report-start.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-start.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-start.cpp > CMakeFiles/nipper.dir/report/report-start.i + +CMakeFiles/nipper.dir/report/report-start.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-start.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-start.cpp -o CMakeFiles/nipper.dir/report/report-start.s + +CMakeFiles/nipper.dir/report/report-start.o.requires: + +CMakeFiles/nipper.dir/report/report-start.o.provides: CMakeFiles/nipper.dir/report/report-start.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-start.o.provides.build + +CMakeFiles/nipper.dir/report/report-start.o.provides.build: CMakeFiles/nipper.dir/report/report-start.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-table.cpp + +CMakeFiles/nipper.dir/report/report-table.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-table.o: report/report-table.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_14) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-table.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-table.o -c /home/dbryan/libnipper-0.12.6/report/report-table.cpp + +CMakeFiles/nipper.dir/report/report-table.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-table.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-table.cpp > CMakeFiles/nipper.dir/report/report-table.i + +CMakeFiles/nipper.dir/report/report-table.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-table.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-table.cpp -o CMakeFiles/nipper.dir/report/report-table.s + +CMakeFiles/nipper.dir/report/report-table.o.requires: + +CMakeFiles/nipper.dir/report/report-table.o.provides: CMakeFiles/nipper.dir/report/report-table.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-table.o.provides.build + +CMakeFiles/nipper.dir/report/report-table.o.provides.build: CMakeFiles/nipper.dir/report/report-table.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-text.cpp + +CMakeFiles/nipper.dir/report/report-text.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-text.o: report/report-text.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_15) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-text.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-text.o -c /home/dbryan/libnipper-0.12.6/report/report-text.cpp + +CMakeFiles/nipper.dir/report/report-text.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-text.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-text.cpp > CMakeFiles/nipper.dir/report/report-text.i + +CMakeFiles/nipper.dir/report/report-text.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-text.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-text.cpp -o CMakeFiles/nipper.dir/report/report-text.s + +CMakeFiles/nipper.dir/report/report-text.o.requires: + +CMakeFiles/nipper.dir/report/report-text.o.provides: CMakeFiles/nipper.dir/report/report-text.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-text.o.provides.build + +CMakeFiles/nipper.dir/report/report-text.o.provides.build: CMakeFiles/nipper.dir/report/report-text.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: report/report-titles.cpp + +CMakeFiles/nipper.dir/report/report-titles.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/report/report-titles.o: report/report-titles.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_16) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/report/report-titles.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/report/report-titles.o -c /home/dbryan/libnipper-0.12.6/report/report-titles.cpp + +CMakeFiles/nipper.dir/report/report-titles.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/report/report-titles.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/report/report-titles.cpp > CMakeFiles/nipper.dir/report/report-titles.i + +CMakeFiles/nipper.dir/report/report-titles.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/report/report-titles.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/report/report-titles.cpp -o CMakeFiles/nipper.dir/report/report-titles.s + +CMakeFiles/nipper.dir/report/report-titles.o.requires: + +CMakeFiles/nipper.dir/report/report-titles.o.provides: CMakeFiles/nipper.dir/report/report-titles.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-titles.o.provides.build + +CMakeFiles/nipper.dir/report/report-titles.o.provides.build: CMakeFiles/nipper.dir/report/report-titles.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/device.cpp + +CMakeFiles/nipper.dir/device/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/device.o: device/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_17) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/device.o -c /home/dbryan/libnipper-0.12.6/device/device.cpp + +CMakeFiles/nipper.dir/device/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/device.cpp > CMakeFiles/nipper.dir/device/device.i + +CMakeFiles/nipper.dir/device/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/device.cpp -o CMakeFiles/nipper.dir/device/device.s + +CMakeFiles/nipper.dir/device/device.o.requires: + +CMakeFiles/nipper.dir/device/device.o.provides: CMakeFiles/nipper.dir/device/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/device.o.provides.build + +CMakeFiles/nipper.dir/device/device.o.provides.build: CMakeFiles/nipper.dir/device/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/common/configline.cpp + +CMakeFiles/nipper.dir/device/common/configline.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/common/configline.o: device/common/configline.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_18) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/common/configline.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/common/configline.o -c /home/dbryan/libnipper-0.12.6/device/common/configline.cpp + +CMakeFiles/nipper.dir/device/common/configline.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/common/configline.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/common/configline.cpp > CMakeFiles/nipper.dir/device/common/configline.i + +CMakeFiles/nipper.dir/device/common/configline.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/common/configline.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/common/configline.cpp -o CMakeFiles/nipper.dir/device/common/configline.s + +CMakeFiles/nipper.dir/device/common/configline.o.requires: + +CMakeFiles/nipper.dir/device/common/configline.o.provides: CMakeFiles/nipper.dir/device/common/configline.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/configline.o.provides.build + +CMakeFiles/nipper.dir/device/common/configline.o.provides.build: CMakeFiles/nipper.dir/device/common/configline.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/common/deviceconfig.cpp + +CMakeFiles/nipper.dir/device/common/deviceconfig.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/common/deviceconfig.o: device/common/deviceconfig.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_19) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/common/deviceconfig.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/common/deviceconfig.o -c /home/dbryan/libnipper-0.12.6/device/common/deviceconfig.cpp + +CMakeFiles/nipper.dir/device/common/deviceconfig.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/common/deviceconfig.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/common/deviceconfig.cpp > CMakeFiles/nipper.dir/device/common/deviceconfig.i + +CMakeFiles/nipper.dir/device/common/deviceconfig.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/common/deviceconfig.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/common/deviceconfig.cpp -o CMakeFiles/nipper.dir/device/common/deviceconfig.s + +CMakeFiles/nipper.dir/device/common/deviceconfig.o.requires: + +CMakeFiles/nipper.dir/device/common/deviceconfig.o.provides: CMakeFiles/nipper.dir/device/common/deviceconfig.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/deviceconfig.o.provides.build + +CMakeFiles/nipper.dir/device/common/deviceconfig.o.provides.build: CMakeFiles/nipper.dir/device/common/deviceconfig.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/common/file.cpp + +CMakeFiles/nipper.dir/device/common/file.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/common/file.o: device/common/file.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_20) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/common/file.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/common/file.o -c /home/dbryan/libnipper-0.12.6/device/common/file.cpp + +CMakeFiles/nipper.dir/device/common/file.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/common/file.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/common/file.cpp > CMakeFiles/nipper.dir/device/common/file.i + +CMakeFiles/nipper.dir/device/common/file.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/common/file.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/common/file.cpp -o CMakeFiles/nipper.dir/device/common/file.s + +CMakeFiles/nipper.dir/device/common/file.o.requires: + +CMakeFiles/nipper.dir/device/common/file.o.provides: CMakeFiles/nipper.dir/device/common/file.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/file.o.provides.build + +CMakeFiles/nipper.dir/device/common/file.o.provides.build: CMakeFiles/nipper.dir/device/common/file.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/common/misc.cpp + +CMakeFiles/nipper.dir/device/common/misc.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/common/misc.o: device/common/misc.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_21) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/common/misc.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/common/misc.o -c /home/dbryan/libnipper-0.12.6/device/common/misc.cpp + +CMakeFiles/nipper.dir/device/common/misc.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/common/misc.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/common/misc.cpp > CMakeFiles/nipper.dir/device/common/misc.i + +CMakeFiles/nipper.dir/device/common/misc.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/common/misc.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/common/misc.cpp -o CMakeFiles/nipper.dir/device/common/misc.s + +CMakeFiles/nipper.dir/device/common/misc.o.requires: + +CMakeFiles/nipper.dir/device/common/misc.o.provides: CMakeFiles/nipper.dir/device/common/misc.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/misc.o.provides.build + +CMakeFiles/nipper.dir/device/common/misc.o.provides.build: CMakeFiles/nipper.dir/device/common/misc.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/common/paragraph.cpp + +CMakeFiles/nipper.dir/device/common/paragraph.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/common/paragraph.o: device/common/paragraph.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_22) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/common/paragraph.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/common/paragraph.o -c /home/dbryan/libnipper-0.12.6/device/common/paragraph.cpp + +CMakeFiles/nipper.dir/device/common/paragraph.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/common/paragraph.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/common/paragraph.cpp > CMakeFiles/nipper.dir/device/common/paragraph.i + +CMakeFiles/nipper.dir/device/common/paragraph.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/common/paragraph.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/common/paragraph.cpp -o CMakeFiles/nipper.dir/device/common/paragraph.s + +CMakeFiles/nipper.dir/device/common/paragraph.o.requires: + +CMakeFiles/nipper.dir/device/common/paragraph.o.provides: CMakeFiles/nipper.dir/device/common/paragraph.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/paragraph.o.provides.build + +CMakeFiles/nipper.dir/device/common/paragraph.o.provides.build: CMakeFiles/nipper.dir/device/common/paragraph.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/common/passwords.cpp + +CMakeFiles/nipper.dir/device/common/passwords.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/common/passwords.o: device/common/passwords.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_23) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/common/passwords.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/common/passwords.o -c /home/dbryan/libnipper-0.12.6/device/common/passwords.cpp + +CMakeFiles/nipper.dir/device/common/passwords.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/common/passwords.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/common/passwords.cpp > CMakeFiles/nipper.dir/device/common/passwords.i + +CMakeFiles/nipper.dir/device/common/passwords.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/common/passwords.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/common/passwords.cpp -o CMakeFiles/nipper.dir/device/common/passwords.s + +CMakeFiles/nipper.dir/device/common/passwords.o.requires: + +CMakeFiles/nipper.dir/device/common/passwords.o.provides: CMakeFiles/nipper.dir/device/common/passwords.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/passwords.o.provides.build + +CMakeFiles/nipper.dir/device/common/passwords.o.provides.build: CMakeFiles/nipper.dir/device/common/passwords.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/common/tables.cpp + +CMakeFiles/nipper.dir/device/common/tables.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/common/tables.o: device/common/tables.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_24) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/common/tables.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/common/tables.o -c /home/dbryan/libnipper-0.12.6/device/common/tables.cpp + +CMakeFiles/nipper.dir/device/common/tables.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/common/tables.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/common/tables.cpp > CMakeFiles/nipper.dir/device/common/tables.i + +CMakeFiles/nipper.dir/device/common/tables.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/common/tables.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/common/tables.cpp -o CMakeFiles/nipper.dir/device/common/tables.s + +CMakeFiles/nipper.dir/device/common/tables.o.requires: + +CMakeFiles/nipper.dir/device/common/tables.o.provides: CMakeFiles/nipper.dir/device/common/tables.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/tables.o.provides.build + +CMakeFiles/nipper.dir/device/common/tables.o.provides.build: CMakeFiles/nipper.dir/device/common/tables.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/crypto/crypto-base64.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o: device/crypto/crypto-base64.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_25) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/crypto/crypto-base64.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/crypto/crypto-base64.o -c /home/dbryan/libnipper-0.12.6/device/crypto/crypto-base64.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-base64.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/crypto/crypto-base64.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/crypto/crypto-base64.cpp > CMakeFiles/nipper.dir/device/crypto/crypto-base64.i + +CMakeFiles/nipper.dir/device/crypto/crypto-base64.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/crypto/crypto-base64.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/crypto/crypto-base64.cpp -o CMakeFiles/nipper.dir/device/crypto/crypto-base64.s + +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o.requires: + +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o.provides: CMakeFiles/nipper.dir/device/crypto/crypto-base64.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/crypto/crypto-base64.o.provides.build + +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o.provides.build: CMakeFiles/nipper.dir/device/crypto/crypto-base64.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/crypto/crypto-ciscotype7.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o: device/crypto/crypto-ciscotype7.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_26) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o -c /home/dbryan/libnipper-0.12.6/device/crypto/crypto-ciscotype7.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/crypto/crypto-ciscotype7.cpp > CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.i + +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/crypto/crypto-ciscotype7.cpp -o CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.s + +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o.requires: + +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o.provides: CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o.provides.build + +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o.provides.build: CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/crypto/crypto-url.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-url.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/crypto/crypto-url.o: device/crypto/crypto-url.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_27) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/crypto/crypto-url.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/crypto/crypto-url.o -c /home/dbryan/libnipper-0.12.6/device/crypto/crypto-url.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-url.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/crypto/crypto-url.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/crypto/crypto-url.cpp > CMakeFiles/nipper.dir/device/crypto/crypto-url.i + +CMakeFiles/nipper.dir/device/crypto/crypto-url.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/crypto/crypto-url.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/crypto/crypto-url.cpp -o CMakeFiles/nipper.dir/device/crypto/crypto-url.s + +CMakeFiles/nipper.dir/device/crypto/crypto-url.o.requires: + +CMakeFiles/nipper.dir/device/crypto/crypto-url.o.provides: CMakeFiles/nipper.dir/device/crypto/crypto-url.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/crypto/crypto-url.o.provides.build + +CMakeFiles/nipper.dir/device/crypto/crypto-url.o.provides.build: CMakeFiles/nipper.dir/device/crypto/crypto-url.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/reportgen/report.cpp + +CMakeFiles/nipper.dir/device/reportgen/report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_28) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/reportgen/report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/reportgen/report.o -c /home/dbryan/libnipper-0.12.6/device/reportgen/report.cpp + +CMakeFiles/nipper.dir/device/reportgen/report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/reportgen/report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/reportgen/report.cpp > CMakeFiles/nipper.dir/device/reportgen/report.i + +CMakeFiles/nipper.dir/device/reportgen/report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/reportgen/report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/reportgen/report.cpp -o CMakeFiles/nipper.dir/device/reportgen/report.s + +CMakeFiles/nipper.dir/device/reportgen/report.o.requires: + +CMakeFiles/nipper.dir/device/reportgen/report.o.provides: CMakeFiles/nipper.dir/device/reportgen/report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report.o.provides.build + +CMakeFiles/nipper.dir/device/reportgen/report.o.provides.build: CMakeFiles/nipper.dir/device/reportgen/report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/reportgen/report-abbreviations.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o: device/reportgen/report-abbreviations.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_29) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o -c /home/dbryan/libnipper-0.12.6/device/reportgen/report-abbreviations.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/reportgen/report-abbreviations.cpp > CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.i + +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/reportgen/report-abbreviations.cpp -o CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.s + +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o.requires: + +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o.provides: CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o.provides.build + +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o.provides.build: CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/reportgen/report-commonports.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o: device/reportgen/report-commonports.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_30) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/reportgen/report-commonports.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/reportgen/report-commonports.o -c /home/dbryan/libnipper-0.12.6/device/reportgen/report-commonports.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-commonports.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/reportgen/report-commonports.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/reportgen/report-commonports.cpp > CMakeFiles/nipper.dir/device/reportgen/report-commonports.i + +CMakeFiles/nipper.dir/device/reportgen/report-commonports.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/reportgen/report-commonports.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/reportgen/report-commonports.cpp -o CMakeFiles/nipper.dir/device/reportgen/report-commonports.s + +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o.requires: + +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o.provides: CMakeFiles/nipper.dir/device/reportgen/report-commonports.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-commonports.o.provides.build + +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o.provides.build: CMakeFiles/nipper.dir/device/reportgen/report-commonports.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/reportgen/report-icmp.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o: device/reportgen/report-icmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_31) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/reportgen/report-icmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/reportgen/report-icmp.o -c /home/dbryan/libnipper-0.12.6/device/reportgen/report-icmp.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-icmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/reportgen/report-icmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/reportgen/report-icmp.cpp > CMakeFiles/nipper.dir/device/reportgen/report-icmp.i + +CMakeFiles/nipper.dir/device/reportgen/report-icmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/reportgen/report-icmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/reportgen/report-icmp.cpp -o CMakeFiles/nipper.dir/device/reportgen/report-icmp.s + +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o.requires: + +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o.provides: CMakeFiles/nipper.dir/device/reportgen/report-icmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-icmp.o.provides.build + +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o.provides.build: CMakeFiles/nipper.dir/device/reportgen/report-icmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/reportgen/report-logginglevels.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o: device/reportgen/report-logginglevels.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_32) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o -c /home/dbryan/libnipper-0.12.6/device/reportgen/report-logginglevels.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/reportgen/report-logginglevels.cpp > CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.i + +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/reportgen/report-logginglevels.cpp -o CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.s + +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o.requires: + +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o.provides: CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o.provides.build + +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o.provides.build: CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/reportgen/report-misc.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-misc.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/reportgen/report-misc.o: device/reportgen/report-misc.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_33) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/reportgen/report-misc.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/reportgen/report-misc.o -c /home/dbryan/libnipper-0.12.6/device/reportgen/report-misc.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-misc.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/reportgen/report-misc.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/reportgen/report-misc.cpp > CMakeFiles/nipper.dir/device/reportgen/report-misc.i + +CMakeFiles/nipper.dir/device/reportgen/report-misc.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/reportgen/report-misc.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/reportgen/report-misc.cpp -o CMakeFiles/nipper.dir/device/reportgen/report-misc.s + +CMakeFiles/nipper.dir/device/reportgen/report-misc.o.requires: + +CMakeFiles/nipper.dir/device/reportgen/report-misc.o.provides: CMakeFiles/nipper.dir/device/reportgen/report-misc.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-misc.o.provides.build + +CMakeFiles/nipper.dir/device/reportgen/report-misc.o.provides.build: CMakeFiles/nipper.dir/device/reportgen/report-misc.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/reportgen/report-numbering.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o: device/reportgen/report-numbering.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_34) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/reportgen/report-numbering.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/reportgen/report-numbering.o -c /home/dbryan/libnipper-0.12.6/device/reportgen/report-numbering.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-numbering.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/reportgen/report-numbering.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/reportgen/report-numbering.cpp > CMakeFiles/nipper.dir/device/reportgen/report-numbering.i + +CMakeFiles/nipper.dir/device/reportgen/report-numbering.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/reportgen/report-numbering.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/reportgen/report-numbering.cpp -o CMakeFiles/nipper.dir/device/reportgen/report-numbering.s + +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o.requires: + +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o.provides: CMakeFiles/nipper.dir/device/reportgen/report-numbering.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-numbering.o.provides.build + +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o.provides.build: CMakeFiles/nipper.dir/device/reportgen/report-numbering.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/reportgen/report-protocols.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o: device/reportgen/report-protocols.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_35) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/reportgen/report-protocols.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/reportgen/report-protocols.o -c /home/dbryan/libnipper-0.12.6/device/reportgen/report-protocols.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-protocols.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/reportgen/report-protocols.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/reportgen/report-protocols.cpp > CMakeFiles/nipper.dir/device/reportgen/report-protocols.i + +CMakeFiles/nipper.dir/device/reportgen/report-protocols.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/reportgen/report-protocols.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/reportgen/report-protocols.cpp -o CMakeFiles/nipper.dir/device/reportgen/report-protocols.s + +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o.requires: + +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o.provides: CMakeFiles/nipper.dir/device/reportgen/report-protocols.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-protocols.o.provides.build + +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o.provides.build: CMakeFiles/nipper.dir/device/reportgen/report-protocols.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/general/general.cpp + +CMakeFiles/nipper.dir/device/general/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/general/general.o: device/general/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_36) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/general/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/general/general.o -c /home/dbryan/libnipper-0.12.6/device/general/general.cpp + +CMakeFiles/nipper.dir/device/general/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/general/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/general/general.cpp > CMakeFiles/nipper.dir/device/general/general.i + +CMakeFiles/nipper.dir/device/general/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/general/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/general/general.cpp -o CMakeFiles/nipper.dir/device/general/general.s + +CMakeFiles/nipper.dir/device/general/general.o.requires: + +CMakeFiles/nipper.dir/device/general/general.o.provides: CMakeFiles/nipper.dir/device/general/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/general/general.o.provides.build + +CMakeFiles/nipper.dir/device/general/general.o.provides.build: CMakeFiles/nipper.dir/device/general/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration.cpp + +CMakeFiles/nipper.dir/device/administration/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration.o: device/administration/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_37) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration.cpp + +CMakeFiles/nipper.dir/device/administration/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration.cpp > CMakeFiles/nipper.dir/device/administration/administration.i + +CMakeFiles/nipper.dir/device/administration/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration.cpp -o CMakeFiles/nipper.dir/device/administration/administration.s + +CMakeFiles/nipper.dir/device/administration/administration.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration.o.provides: CMakeFiles/nipper.dir/device/administration/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-bootp.cpp + +CMakeFiles/nipper.dir/device/administration/administration-bootp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-bootp.o: device/administration/administration-bootp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_38) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-bootp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-bootp.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-bootp.cpp + +CMakeFiles/nipper.dir/device/administration/administration-bootp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-bootp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-bootp.cpp > CMakeFiles/nipper.dir/device/administration/administration-bootp.i + +CMakeFiles/nipper.dir/device/administration/administration-bootp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-bootp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-bootp.cpp -o CMakeFiles/nipper.dir/device/administration/administration-bootp.s + +CMakeFiles/nipper.dir/device/administration/administration-bootp.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-bootp.o.provides: CMakeFiles/nipper.dir/device/administration/administration-bootp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-bootp.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-bootp.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-bootp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-finger.cpp + +CMakeFiles/nipper.dir/device/administration/administration-finger.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-finger.o: device/administration/administration-finger.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_39) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-finger.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-finger.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-finger.cpp + +CMakeFiles/nipper.dir/device/administration/administration-finger.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-finger.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-finger.cpp > CMakeFiles/nipper.dir/device/administration/administration-finger.i + +CMakeFiles/nipper.dir/device/administration/administration-finger.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-finger.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-finger.cpp -o CMakeFiles/nipper.dir/device/administration/administration-finger.s + +CMakeFiles/nipper.dir/device/administration/administration-finger.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-finger.o.provides: CMakeFiles/nipper.dir/device/administration/administration-finger.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-finger.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-finger.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-finger.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-ftp.cpp + +CMakeFiles/nipper.dir/device/administration/administration-ftp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-ftp.o: device/administration/administration-ftp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_40) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-ftp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-ftp.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-ftp.cpp + +CMakeFiles/nipper.dir/device/administration/administration-ftp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-ftp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-ftp.cpp > CMakeFiles/nipper.dir/device/administration/administration-ftp.i + +CMakeFiles/nipper.dir/device/administration/administration-ftp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-ftp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-ftp.cpp -o CMakeFiles/nipper.dir/device/administration/administration-ftp.s + +CMakeFiles/nipper.dir/device/administration/administration-ftp.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-ftp.o.provides: CMakeFiles/nipper.dir/device/administration/administration-ftp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-ftp.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-ftp.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-ftp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-general.cpp + +CMakeFiles/nipper.dir/device/administration/administration-general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-general.o: device/administration/administration-general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_41) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-general.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-general.cpp + +CMakeFiles/nipper.dir/device/administration/administration-general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-general.cpp > CMakeFiles/nipper.dir/device/administration/administration-general.i + +CMakeFiles/nipper.dir/device/administration/administration-general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-general.cpp -o CMakeFiles/nipper.dir/device/administration/administration-general.s + +CMakeFiles/nipper.dir/device/administration/administration-general.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-general.o.provides: CMakeFiles/nipper.dir/device/administration/administration-general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-general.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-general.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-hosts.cpp + +CMakeFiles/nipper.dir/device/administration/administration-hosts.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-hosts.o: device/administration/administration-hosts.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_42) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-hosts.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-hosts.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-hosts.cpp + +CMakeFiles/nipper.dir/device/administration/administration-hosts.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-hosts.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-hosts.cpp > CMakeFiles/nipper.dir/device/administration/administration-hosts.i + +CMakeFiles/nipper.dir/device/administration/administration-hosts.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-hosts.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-hosts.cpp -o CMakeFiles/nipper.dir/device/administration/administration-hosts.s + +CMakeFiles/nipper.dir/device/administration/administration-hosts.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-hosts.o.provides: CMakeFiles/nipper.dir/device/administration/administration-hosts.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-hosts.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-hosts.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-hosts.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-http.cpp + +CMakeFiles/nipper.dir/device/administration/administration-http.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-http.o: device/administration/administration-http.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_43) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-http.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-http.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-http.cpp + +CMakeFiles/nipper.dir/device/administration/administration-http.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-http.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-http.cpp > CMakeFiles/nipper.dir/device/administration/administration-http.i + +CMakeFiles/nipper.dir/device/administration/administration-http.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-http.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-http.cpp -o CMakeFiles/nipper.dir/device/administration/administration-http.s + +CMakeFiles/nipper.dir/device/administration/administration-http.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-http.o.provides: CMakeFiles/nipper.dir/device/administration/administration-http.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-http.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-http.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-http.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-telnet.cpp + +CMakeFiles/nipper.dir/device/administration/administration-telnet.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-telnet.o: device/administration/administration-telnet.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_44) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-telnet.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-telnet.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-telnet.cpp + +CMakeFiles/nipper.dir/device/administration/administration-telnet.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-telnet.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-telnet.cpp > CMakeFiles/nipper.dir/device/administration/administration-telnet.i + +CMakeFiles/nipper.dir/device/administration/administration-telnet.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-telnet.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-telnet.cpp -o CMakeFiles/nipper.dir/device/administration/administration-telnet.s + +CMakeFiles/nipper.dir/device/administration/administration-telnet.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-telnet.o.provides: CMakeFiles/nipper.dir/device/administration/administration-telnet.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-telnet.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-telnet.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-telnet.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-tftp.cpp + +CMakeFiles/nipper.dir/device/administration/administration-tftp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-tftp.o: device/administration/administration-tftp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_45) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-tftp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-tftp.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-tftp.cpp + +CMakeFiles/nipper.dir/device/administration/administration-tftp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-tftp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-tftp.cpp > CMakeFiles/nipper.dir/device/administration/administration-tftp.i + +CMakeFiles/nipper.dir/device/administration/administration-tftp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-tftp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-tftp.cpp -o CMakeFiles/nipper.dir/device/administration/administration-tftp.s + +CMakeFiles/nipper.dir/device/administration/administration-tftp.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-tftp.o.provides: CMakeFiles/nipper.dir/device/administration/administration-tftp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-tftp.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-tftp.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-tftp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-timeout.cpp + +CMakeFiles/nipper.dir/device/administration/administration-timeout.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-timeout.o: device/administration/administration-timeout.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_46) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-timeout.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-timeout.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-timeout.cpp + +CMakeFiles/nipper.dir/device/administration/administration-timeout.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-timeout.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-timeout.cpp > CMakeFiles/nipper.dir/device/administration/administration-timeout.i + +CMakeFiles/nipper.dir/device/administration/administration-timeout.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-timeout.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-timeout.cpp -o CMakeFiles/nipper.dir/device/administration/administration-timeout.s + +CMakeFiles/nipper.dir/device/administration/administration-timeout.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-timeout.o.provides: CMakeFiles/nipper.dir/device/administration/administration-timeout.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-timeout.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-timeout.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-timeout.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/administration/administration-ssh.cpp + +CMakeFiles/nipper.dir/device/administration/administration-ssh.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/administration/administration-ssh.o: device/administration/administration-ssh.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_47) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/administration/administration-ssh.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/administration/administration-ssh.o -c /home/dbryan/libnipper-0.12.6/device/administration/administration-ssh.cpp + +CMakeFiles/nipper.dir/device/administration/administration-ssh.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/administration/administration-ssh.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/administration/administration-ssh.cpp > CMakeFiles/nipper.dir/device/administration/administration-ssh.i + +CMakeFiles/nipper.dir/device/administration/administration-ssh.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/administration/administration-ssh.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/administration/administration-ssh.cpp -o CMakeFiles/nipper.dir/device/administration/administration-ssh.s + +CMakeFiles/nipper.dir/device/administration/administration-ssh.o.requires: + +CMakeFiles/nipper.dir/device/administration/administration-ssh.o.provides: CMakeFiles/nipper.dir/device/administration/administration-ssh.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-ssh.o.provides.build + +CMakeFiles/nipper.dir/device/administration/administration-ssh.o.provides.build: CMakeFiles/nipper.dir/device/administration/administration-ssh.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/dns/dns.cpp + +CMakeFiles/nipper.dir/device/dns/dns.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/dns/dns.o: device/dns/dns.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_48) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/dns/dns.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/dns/dns.o -c /home/dbryan/libnipper-0.12.6/device/dns/dns.cpp + +CMakeFiles/nipper.dir/device/dns/dns.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/dns/dns.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/dns/dns.cpp > CMakeFiles/nipper.dir/device/dns/dns.i + +CMakeFiles/nipper.dir/device/dns/dns.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/dns/dns.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/dns/dns.cpp -o CMakeFiles/nipper.dir/device/dns/dns.s + +CMakeFiles/nipper.dir/device/dns/dns.o.requires: + +CMakeFiles/nipper.dir/device/dns/dns.o.provides: CMakeFiles/nipper.dir/device/dns/dns.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/dns/dns.o.provides.build + +CMakeFiles/nipper.dir/device/dns/dns.o.provides.build: CMakeFiles/nipper.dir/device/dns/dns.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/dns/dns-report.cpp + +CMakeFiles/nipper.dir/device/dns/dns-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/dns/dns-report.o: device/dns/dns-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_49) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/dns/dns-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/dns/dns-report.o -c /home/dbryan/libnipper-0.12.6/device/dns/dns-report.cpp + +CMakeFiles/nipper.dir/device/dns/dns-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/dns/dns-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/dns/dns-report.cpp > CMakeFiles/nipper.dir/device/dns/dns-report.i + +CMakeFiles/nipper.dir/device/dns/dns-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/dns/dns-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/dns/dns-report.cpp -o CMakeFiles/nipper.dir/device/dns/dns-report.s + +CMakeFiles/nipper.dir/device/dns/dns-report.o.requires: + +CMakeFiles/nipper.dir/device/dns/dns-report.o.provides: CMakeFiles/nipper.dir/device/dns/dns-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/dns/dns-report.o.provides.build + +CMakeFiles/nipper.dir/device/dns/dns-report.o.provides.build: CMakeFiles/nipper.dir/device/dns/dns-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication.o: device/authentication/authentication.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_50) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication.cpp > CMakeFiles/nipper.dir/device/authentication/authentication.i + +CMakeFiles/nipper.dir/device/authentication/authentication.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication.s + +CMakeFiles/nipper.dir/device/authentication/authentication.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication-general.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication-general.o: device/authentication/authentication-general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_51) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication-general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication-general.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication-general.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication-general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication-general.cpp > CMakeFiles/nipper.dir/device/authentication/authentication-general.i + +CMakeFiles/nipper.dir/device/authentication/authentication-general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication-general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication-general.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication-general.s + +CMakeFiles/nipper.dir/device/authentication/authentication-general.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication-general.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication-general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-general.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication-general.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication-general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication-kerberos.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o: device/authentication/authentication-kerberos.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_52) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication-kerberos.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication-kerberos.cpp > CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.i + +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication-kerberos.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.s + +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication-ldap.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o: device/authentication/authentication-ldap.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_53) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication-ldap.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication-ldap.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication-ldap.cpp > CMakeFiles/nipper.dir/device/authentication/authentication-ldap.i + +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication-ldap.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication-ldap.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication-ldap.s + +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication-nt.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o: device/authentication/authentication-nt.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_54) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication-nt.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication-nt.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication-nt.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-nt.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication-nt.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication-nt.cpp > CMakeFiles/nipper.dir/device/authentication/authentication-nt.i + +CMakeFiles/nipper.dir/device/authentication/authentication-nt.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication-nt.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication-nt.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication-nt.s + +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication-nt.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-nt.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication-nt.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication-radius.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o: device/authentication/authentication-radius.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_55) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication-radius.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication-radius.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication-radius.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-radius.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication-radius.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication-radius.cpp > CMakeFiles/nipper.dir/device/authentication/authentication-radius.i + +CMakeFiles/nipper.dir/device/authentication/authentication-radius.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication-radius.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication-radius.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication-radius.s + +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication-radius.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-radius.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication-radius.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication-securid.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o: device/authentication/authentication-securid.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_56) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication-securid.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication-securid.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication-securid.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-securid.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication-securid.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication-securid.cpp > CMakeFiles/nipper.dir/device/authentication/authentication-securid.i + +CMakeFiles/nipper.dir/device/authentication/authentication-securid.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication-securid.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication-securid.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication-securid.s + +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication-securid.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-securid.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication-securid.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication-tacacs.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o: device/authentication/authentication-tacacs.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_57) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication-tacacs.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication-tacacs.cpp > CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.i + +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication-tacacs.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.s + +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/authentication/authentication-users.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-users.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/authentication/authentication-users.o: device/authentication/authentication-users.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_58) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/authentication/authentication-users.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/authentication/authentication-users.o -c /home/dbryan/libnipper-0.12.6/device/authentication/authentication-users.cpp + +CMakeFiles/nipper.dir/device/authentication/authentication-users.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/authentication/authentication-users.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/authentication/authentication-users.cpp > CMakeFiles/nipper.dir/device/authentication/authentication-users.i + +CMakeFiles/nipper.dir/device/authentication/authentication-users.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/authentication/authentication-users.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/authentication/authentication-users.cpp -o CMakeFiles/nipper.dir/device/authentication/authentication-users.s + +CMakeFiles/nipper.dir/device/authentication/authentication-users.o.requires: + +CMakeFiles/nipper.dir/device/authentication/authentication-users.o.provides: CMakeFiles/nipper.dir/device/authentication/authentication-users.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-users.o.provides.build + +CMakeFiles/nipper.dir/device/authentication/authentication-users.o.provides.build: CMakeFiles/nipper.dir/device/authentication/authentication-users.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/banner/banner.cpp + +CMakeFiles/nipper.dir/device/banner/banner.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/banner/banner.o: device/banner/banner.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_59) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/banner/banner.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/banner/banner.o -c /home/dbryan/libnipper-0.12.6/device/banner/banner.cpp + +CMakeFiles/nipper.dir/device/banner/banner.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/banner/banner.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/banner/banner.cpp > CMakeFiles/nipper.dir/device/banner/banner.i + +CMakeFiles/nipper.dir/device/banner/banner.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/banner/banner.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/banner/banner.cpp -o CMakeFiles/nipper.dir/device/banner/banner.s + +CMakeFiles/nipper.dir/device/banner/banner.o.requires: + +CMakeFiles/nipper.dir/device/banner/banner.o.provides: CMakeFiles/nipper.dir/device/banner/banner.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/banner/banner.o.provides.build + +CMakeFiles/nipper.dir/device/banner/banner.o.provides.build: CMakeFiles/nipper.dir/device/banner/banner.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/banner/banner-report.cpp + +CMakeFiles/nipper.dir/device/banner/banner-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/banner/banner-report.o: device/banner/banner-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_60) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/banner/banner-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/banner/banner-report.o -c /home/dbryan/libnipper-0.12.6/device/banner/banner-report.cpp + +CMakeFiles/nipper.dir/device/banner/banner-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/banner/banner-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/banner/banner-report.cpp > CMakeFiles/nipper.dir/device/banner/banner-report.i + +CMakeFiles/nipper.dir/device/banner/banner-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/banner/banner-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/banner/banner-report.cpp -o CMakeFiles/nipper.dir/device/banner/banner-report.s + +CMakeFiles/nipper.dir/device/banner/banner-report.o.requires: + +CMakeFiles/nipper.dir/device/banner/banner-report.o.provides: CMakeFiles/nipper.dir/device/banner/banner-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/banner/banner-report.o.provides.build + +CMakeFiles/nipper.dir/device/banner/banner-report.o.provides.build: CMakeFiles/nipper.dir/device/banner/banner-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/filter/filter.cpp + +CMakeFiles/nipper.dir/device/filter/filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/filter/filter.o: device/filter/filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_61) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/filter/filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/filter/filter.o -c /home/dbryan/libnipper-0.12.6/device/filter/filter.cpp + +CMakeFiles/nipper.dir/device/filter/filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/filter/filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/filter/filter.cpp > CMakeFiles/nipper.dir/device/filter/filter.i + +CMakeFiles/nipper.dir/device/filter/filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/filter/filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/filter/filter.cpp -o CMakeFiles/nipper.dir/device/filter/filter.s + +CMakeFiles/nipper.dir/device/filter/filter.o.requires: + +CMakeFiles/nipper.dir/device/filter/filter.o.provides: CMakeFiles/nipper.dir/device/filter/filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter.o.provides.build + +CMakeFiles/nipper.dir/device/filter/filter.o.provides.build: CMakeFiles/nipper.dir/device/filter/filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/filter/filter-filter.cpp + +CMakeFiles/nipper.dir/device/filter/filter-filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/filter/filter-filter.o: device/filter/filter-filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_62) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/filter/filter-filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/filter/filter-filter.o -c /home/dbryan/libnipper-0.12.6/device/filter/filter-filter.cpp + +CMakeFiles/nipper.dir/device/filter/filter-filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/filter/filter-filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/filter/filter-filter.cpp > CMakeFiles/nipper.dir/device/filter/filter-filter.i + +CMakeFiles/nipper.dir/device/filter/filter-filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/filter/filter-filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/filter/filter-filter.cpp -o CMakeFiles/nipper.dir/device/filter/filter-filter.s + +CMakeFiles/nipper.dir/device/filter/filter-filter.o.requires: + +CMakeFiles/nipper.dir/device/filter/filter-filter.o.provides: CMakeFiles/nipper.dir/device/filter/filter-filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-filter.o.provides.build + +CMakeFiles/nipper.dir/device/filter/filter-filter.o.provides.build: CMakeFiles/nipper.dir/device/filter/filter-filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/filter/filter-filter-report.cpp + +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o: device/filter/filter-filter-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_63) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/filter/filter-filter-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/filter/filter-filter-report.o -c /home/dbryan/libnipper-0.12.6/device/filter/filter-filter-report.cpp + +CMakeFiles/nipper.dir/device/filter/filter-filter-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/filter/filter-filter-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/filter/filter-filter-report.cpp > CMakeFiles/nipper.dir/device/filter/filter-filter-report.i + +CMakeFiles/nipper.dir/device/filter/filter-filter-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/filter/filter-filter-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/filter/filter-filter-report.cpp -o CMakeFiles/nipper.dir/device/filter/filter-filter-report.s + +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o.requires: + +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o.provides: CMakeFiles/nipper.dir/device/filter/filter-filter-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-filter-report.o.provides.build + +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o.provides.build: CMakeFiles/nipper.dir/device/filter/filter-filter-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/filter/filter-object.cpp + +CMakeFiles/nipper.dir/device/filter/filter-object.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/filter/filter-object.o: device/filter/filter-object.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_64) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/filter/filter-object.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/filter/filter-object.o -c /home/dbryan/libnipper-0.12.6/device/filter/filter-object.cpp + +CMakeFiles/nipper.dir/device/filter/filter-object.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/filter/filter-object.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/filter/filter-object.cpp > CMakeFiles/nipper.dir/device/filter/filter-object.i + +CMakeFiles/nipper.dir/device/filter/filter-object.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/filter/filter-object.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/filter/filter-object.cpp -o CMakeFiles/nipper.dir/device/filter/filter-object.s + +CMakeFiles/nipper.dir/device/filter/filter-object.o.requires: + +CMakeFiles/nipper.dir/device/filter/filter-object.o.provides: CMakeFiles/nipper.dir/device/filter/filter-object.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-object.o.provides.build + +CMakeFiles/nipper.dir/device/filter/filter-object.o.provides.build: CMakeFiles/nipper.dir/device/filter/filter-object.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/filter/filter-object-report.cpp + +CMakeFiles/nipper.dir/device/filter/filter-object-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/filter/filter-object-report.o: device/filter/filter-object-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_65) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/filter/filter-object-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/filter/filter-object-report.o -c /home/dbryan/libnipper-0.12.6/device/filter/filter-object-report.cpp + +CMakeFiles/nipper.dir/device/filter/filter-object-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/filter/filter-object-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/filter/filter-object-report.cpp > CMakeFiles/nipper.dir/device/filter/filter-object-report.i + +CMakeFiles/nipper.dir/device/filter/filter-object-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/filter/filter-object-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/filter/filter-object-report.cpp -o CMakeFiles/nipper.dir/device/filter/filter-object-report.s + +CMakeFiles/nipper.dir/device/filter/filter-object-report.o.requires: + +CMakeFiles/nipper.dir/device/filter/filter-object-report.o.provides: CMakeFiles/nipper.dir/device/filter/filter-object-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-object-report.o.provides.build + +CMakeFiles/nipper.dir/device/filter/filter-object-report.o.provides.build: CMakeFiles/nipper.dir/device/filter/filter-object-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/filter/filter-security.cpp + +CMakeFiles/nipper.dir/device/filter/filter-security.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/filter/filter-security.o: device/filter/filter-security.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_66) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/filter/filter-security.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/filter/filter-security.o -c /home/dbryan/libnipper-0.12.6/device/filter/filter-security.cpp + +CMakeFiles/nipper.dir/device/filter/filter-security.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/filter/filter-security.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/filter/filter-security.cpp > CMakeFiles/nipper.dir/device/filter/filter-security.i + +CMakeFiles/nipper.dir/device/filter/filter-security.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/filter/filter-security.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/filter/filter-security.cpp -o CMakeFiles/nipper.dir/device/filter/filter-security.s + +CMakeFiles/nipper.dir/device/filter/filter-security.o.requires: + +CMakeFiles/nipper.dir/device/filter/filter-security.o.provides: CMakeFiles/nipper.dir/device/filter/filter-security.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-security.o.provides.build + +CMakeFiles/nipper.dir/device/filter/filter-security.o.provides.build: CMakeFiles/nipper.dir/device/filter/filter-security.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/filter/filter-security-report.cpp + +CMakeFiles/nipper.dir/device/filter/filter-security-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/filter/filter-security-report.o: device/filter/filter-security-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_67) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/filter/filter-security-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/filter/filter-security-report.o -c /home/dbryan/libnipper-0.12.6/device/filter/filter-security-report.cpp + +CMakeFiles/nipper.dir/device/filter/filter-security-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/filter/filter-security-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/filter/filter-security-report.cpp > CMakeFiles/nipper.dir/device/filter/filter-security-report.i + +CMakeFiles/nipper.dir/device/filter/filter-security-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/filter/filter-security-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/filter/filter-security-report.cpp -o CMakeFiles/nipper.dir/device/filter/filter-security-report.s + +CMakeFiles/nipper.dir/device/filter/filter-security-report.o.requires: + +CMakeFiles/nipper.dir/device/filter/filter-security-report.o.provides: CMakeFiles/nipper.dir/device/filter/filter-security-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-security-report.o.provides.build + +CMakeFiles/nipper.dir/device/filter/filter-security-report.o.provides.build: CMakeFiles/nipper.dir/device/filter/filter-security-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/interfaces/interfaces.cpp + +CMakeFiles/nipper.dir/device/interfaces/interfaces.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/interfaces/interfaces.o: device/interfaces/interfaces.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_68) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/interfaces/interfaces.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/interfaces/interfaces.o -c /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.cpp + +CMakeFiles/nipper.dir/device/interfaces/interfaces.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/interfaces/interfaces.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.cpp > CMakeFiles/nipper.dir/device/interfaces/interfaces.i + +CMakeFiles/nipper.dir/device/interfaces/interfaces.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/interfaces/interfaces.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.cpp -o CMakeFiles/nipper.dir/device/interfaces/interfaces.s + +CMakeFiles/nipper.dir/device/interfaces/interfaces.o.requires: + +CMakeFiles/nipper.dir/device/interfaces/interfaces.o.provides: CMakeFiles/nipper.dir/device/interfaces/interfaces.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces.o.provides.build + +CMakeFiles/nipper.dir/device/interfaces/interfaces.o.provides.build: CMakeFiles/nipper.dir/device/interfaces/interfaces.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/interfaces/interfaces-interface.cpp + +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o: device/interfaces/interfaces-interface.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_69) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o -c /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-interface.cpp + +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-interface.cpp > CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.i + +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-interface.cpp -o CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.s + +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o.requires: + +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o.provides: CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o.provides.build + +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o.provides.build: CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/interfaces/interfaces-report.cpp + +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o: device/interfaces/interfaces-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_70) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o -c /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-report.cpp + +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/interfaces/interfaces-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-report.cpp > CMakeFiles/nipper.dir/device/interfaces/interfaces-report.i + +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/interfaces/interfaces-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-report.cpp -o CMakeFiles/nipper.dir/device/interfaces/interfaces-report.s + +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o.requires: + +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o.provides: CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o.provides.build + +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o.provides.build: CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/interfaces/interfaces-security.cpp + +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: device/interfaces/interfaces-security.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_71) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o -c /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-security.cpp + +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/interfaces/interfaces-security.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-security.cpp > CMakeFiles/nipper.dir/device/interfaces/interfaces-security.i + +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/interfaces/interfaces-security.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-security.cpp -o CMakeFiles/nipper.dir/device/interfaces/interfaces-security.s + +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o.requires: + +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o.provides: CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o.provides.build + +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o.provides.build: CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/snmp/snmp.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/snmp/snmp.o: device/snmp/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_72) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/snmp/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/snmp/snmp.o -c /home/dbryan/libnipper-0.12.6/device/snmp/snmp.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/snmp/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/snmp/snmp.cpp > CMakeFiles/nipper.dir/device/snmp/snmp.i + +CMakeFiles/nipper.dir/device/snmp/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/snmp/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/snmp/snmp.cpp -o CMakeFiles/nipper.dir/device/snmp/snmp.s + +CMakeFiles/nipper.dir/device/snmp/snmp.o.requires: + +CMakeFiles/nipper.dir/device/snmp/snmp.o.provides: CMakeFiles/nipper.dir/device/snmp/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp.o.provides.build + +CMakeFiles/nipper.dir/device/snmp/snmp.o.provides.build: CMakeFiles/nipper.dir/device/snmp/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/snmp/snmp-community.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-community.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/snmp/snmp-community.o: device/snmp/snmp-community.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_73) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/snmp/snmp-community.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/snmp/snmp-community.o -c /home/dbryan/libnipper-0.12.6/device/snmp/snmp-community.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-community.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/snmp/snmp-community.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/snmp/snmp-community.cpp > CMakeFiles/nipper.dir/device/snmp/snmp-community.i + +CMakeFiles/nipper.dir/device/snmp/snmp-community.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/snmp/snmp-community.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/snmp/snmp-community.cpp -o CMakeFiles/nipper.dir/device/snmp/snmp-community.s + +CMakeFiles/nipper.dir/device/snmp/snmp-community.o.requires: + +CMakeFiles/nipper.dir/device/snmp/snmp-community.o.provides: CMakeFiles/nipper.dir/device/snmp/snmp-community.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-community.o.provides.build + +CMakeFiles/nipper.dir/device/snmp/snmp-community.o.provides.build: CMakeFiles/nipper.dir/device/snmp/snmp-community.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/snmp/snmp-group.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-group.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/snmp/snmp-group.o: device/snmp/snmp-group.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_74) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/snmp/snmp-group.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/snmp/snmp-group.o -c /home/dbryan/libnipper-0.12.6/device/snmp/snmp-group.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-group.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/snmp/snmp-group.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/snmp/snmp-group.cpp > CMakeFiles/nipper.dir/device/snmp/snmp-group.i + +CMakeFiles/nipper.dir/device/snmp/snmp-group.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/snmp/snmp-group.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/snmp/snmp-group.cpp -o CMakeFiles/nipper.dir/device/snmp/snmp-group.s + +CMakeFiles/nipper.dir/device/snmp/snmp-group.o.requires: + +CMakeFiles/nipper.dir/device/snmp/snmp-group.o.provides: CMakeFiles/nipper.dir/device/snmp/snmp-group.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-group.o.provides.build + +CMakeFiles/nipper.dir/device/snmp/snmp-group.o.provides.build: CMakeFiles/nipper.dir/device/snmp/snmp-group.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/snmp/snmp-host.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-host.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/snmp/snmp-host.o: device/snmp/snmp-host.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_75) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/snmp/snmp-host.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/snmp/snmp-host.o -c /home/dbryan/libnipper-0.12.6/device/snmp/snmp-host.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-host.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/snmp/snmp-host.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/snmp/snmp-host.cpp > CMakeFiles/nipper.dir/device/snmp/snmp-host.i + +CMakeFiles/nipper.dir/device/snmp/snmp-host.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/snmp/snmp-host.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/snmp/snmp-host.cpp -o CMakeFiles/nipper.dir/device/snmp/snmp-host.s + +CMakeFiles/nipper.dir/device/snmp/snmp-host.o.requires: + +CMakeFiles/nipper.dir/device/snmp/snmp-host.o.provides: CMakeFiles/nipper.dir/device/snmp/snmp-host.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-host.o.provides.build + +CMakeFiles/nipper.dir/device/snmp/snmp-host.o.provides.build: CMakeFiles/nipper.dir/device/snmp/snmp-host.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/snmp/snmp-misc-issues.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o: device/snmp/snmp-misc-issues.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_76) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o -c /home/dbryan/libnipper-0.12.6/device/snmp/snmp-misc-issues.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/snmp/snmp-misc-issues.cpp > CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.i + +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/snmp/snmp-misc-issues.cpp -o CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.s + +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o.requires: + +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o.provides: CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o.provides.build + +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o.provides.build: CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/snmp/snmp-traps.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o: device/snmp/snmp-traps.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_77) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/snmp/snmp-traps.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/snmp/snmp-traps.o -c /home/dbryan/libnipper-0.12.6/device/snmp/snmp-traps.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-traps.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/snmp/snmp-traps.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/snmp/snmp-traps.cpp > CMakeFiles/nipper.dir/device/snmp/snmp-traps.i + +CMakeFiles/nipper.dir/device/snmp/snmp-traps.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/snmp/snmp-traps.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/snmp/snmp-traps.cpp -o CMakeFiles/nipper.dir/device/snmp/snmp-traps.s + +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o.requires: + +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o.provides: CMakeFiles/nipper.dir/device/snmp/snmp-traps.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-traps.o.provides.build + +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o.provides.build: CMakeFiles/nipper.dir/device/snmp/snmp-traps.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/snmp/snmp-user.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-user.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/snmp/snmp-user.o: device/snmp/snmp-user.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_78) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/snmp/snmp-user.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/snmp/snmp-user.o -c /home/dbryan/libnipper-0.12.6/device/snmp/snmp-user.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-user.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/snmp/snmp-user.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/snmp/snmp-user.cpp > CMakeFiles/nipper.dir/device/snmp/snmp-user.i + +CMakeFiles/nipper.dir/device/snmp/snmp-user.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/snmp/snmp-user.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/snmp/snmp-user.cpp -o CMakeFiles/nipper.dir/device/snmp/snmp-user.s + +CMakeFiles/nipper.dir/device/snmp/snmp-user.o.requires: + +CMakeFiles/nipper.dir/device/snmp/snmp-user.o.provides: CMakeFiles/nipper.dir/device/snmp/snmp-user.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-user.o.provides.build + +CMakeFiles/nipper.dir/device/snmp/snmp-user.o.provides.build: CMakeFiles/nipper.dir/device/snmp/snmp-user.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: device/snmp/snmp-view.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-view.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/device/snmp/snmp-view.o: device/snmp/snmp-view.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_79) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/device/snmp/snmp-view.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/device/snmp/snmp-view.o -c /home/dbryan/libnipper-0.12.6/device/snmp/snmp-view.cpp + +CMakeFiles/nipper.dir/device/snmp/snmp-view.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/device/snmp/snmp-view.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/device/snmp/snmp-view.cpp > CMakeFiles/nipper.dir/device/snmp/snmp-view.i + +CMakeFiles/nipper.dir/device/snmp/snmp-view.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/device/snmp/snmp-view.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/device/snmp/snmp-view.cpp -o CMakeFiles/nipper.dir/device/snmp/snmp-view.s + +CMakeFiles/nipper.dir/device/snmp/snmp-view.o.requires: + +CMakeFiles/nipper.dir/device/snmp/snmp-view.o.provides: CMakeFiles/nipper.dir/device/snmp/snmp-view.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-view.o.provides.build + +CMakeFiles/nipper.dir/device/snmp/snmp-view.o.provides.build: CMakeFiles/nipper.dir/device/snmp/snmp-view.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/iosdevice.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/iosdevice.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_80) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.cpp > CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.i + +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.s + +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/general.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_81) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/general.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.cpp > CMakeFiles/nipper.dir/Cisco-IOS/general.i + +CMakeFiles/nipper.dir/Cisco-IOS/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/general.s + +CMakeFiles/nipper.dir/Cisco-IOS/general.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/general.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/general.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/general.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/administration.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_82) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/administration.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.cpp > CMakeFiles/nipper.dir/Cisco-IOS/administration.i + +CMakeFiles/nipper.dir/Cisco-IOS/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/administration.s + +CMakeFiles/nipper.dir/Cisco-IOS/administration.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/administration.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/administration.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/administration-line.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/administration-line.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_83) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-line.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/administration-line.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-line.cpp > CMakeFiles/nipper.dir/Cisco-IOS/administration-line.i + +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/administration-line.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-line.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/administration-line.s + +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/administration-report.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/administration-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_84) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-report.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/administration-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-report.cpp > CMakeFiles/nipper.dir/Cisco-IOS/administration-report.i + +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/administration-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-report.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/administration-report.s + +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/administration-security.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/administration-security.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_85) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-security.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/administration-security.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-security.cpp > CMakeFiles/nipper.dir/Cisco-IOS/administration-security.i + +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/administration-security.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-security.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/administration-security.s + +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/authentication.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/authentication.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_86) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/authentication.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/authentication.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/authentication.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/authentication.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.cpp > CMakeFiles/nipper.dir/Cisco-IOS/authentication.i + +CMakeFiles/nipper.dir/Cisco-IOS/authentication.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/authentication.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/authentication.s + +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/authentication.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/authentication.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/authentication.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/banner.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/banner.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_87) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/banner.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/banner.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/banner.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/banner.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.cpp > CMakeFiles/nipper.dir/Cisco-IOS/banner.i + +CMakeFiles/nipper.dir/Cisco-IOS/banner.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/banner.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/banner.s + +CMakeFiles/nipper.dir/Cisco-IOS/banner.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/banner.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/banner.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/banner.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/banner.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/banner.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/snmp.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_88) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/snmp.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.cpp > CMakeFiles/nipper.dir/Cisco-IOS/snmp.i + +CMakeFiles/nipper.dir/Cisco-IOS/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/snmp.s + +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/snmp.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/snmp-report.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/snmp-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_89) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp-report.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp-report.cpp > CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.i + +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp-report.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.s + +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/filter.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_90) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/filter.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.cpp > CMakeFiles/nipper.dir/Cisco-IOS/filter.i + +CMakeFiles/nipper.dir/Cisco-IOS/filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/filter.s + +CMakeFiles/nipper.dir/Cisco-IOS/filter.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/filter.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/filter.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/filter.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/dns.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/dns.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_91) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/dns.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/dns.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/dns.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/dns.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.cpp > CMakeFiles/nipper.dir/Cisco-IOS/dns.i + +CMakeFiles/nipper.dir/Cisco-IOS/dns.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/dns.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/dns.s + +CMakeFiles/nipper.dir/Cisco-IOS/dns.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/dns.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/dns.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/dns.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/dns.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/dns.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS/interfaces.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/interfaces.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_92) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.cpp + +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS/interfaces.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.cpp > CMakeFiles/nipper.dir/Cisco-IOS/interfaces.i + +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS/interfaces.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.cpp -o CMakeFiles/nipper.dir/Cisco-IOS/interfaces.s + +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o.provides: CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS-Catalyst/device.cpp + +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: Cisco-IOS-Catalyst/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_93) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp + +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp > CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.i + +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp -o CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.s + +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o.provides: CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-IOS-Router/device.cpp + +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: Cisco-IOS-Router/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_94) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.cpp + +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-IOS-Router/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.cpp > CMakeFiles/nipper.dir/Cisco-IOS-Router/device.i + +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-IOS-Router/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.cpp -o CMakeFiles/nipper.dir/Cisco-IOS-Router/device.s + +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o.provides: CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/device.cpp + +CMakeFiles/nipper.dir/Cisco-Security/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_95) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/device.cpp + +CMakeFiles/nipper.dir/Cisco-Security/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/device.cpp > CMakeFiles/nipper.dir/Cisco-Security/device.i + +CMakeFiles/nipper.dir/Cisco-Security/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/device.cpp -o CMakeFiles/nipper.dir/Cisco-Security/device.s + +CMakeFiles/nipper.dir/Cisco-Security/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/device.o.provides: CMakeFiles/nipper.dir/Cisco-Security/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/general.cpp + +CMakeFiles/nipper.dir/Cisco-Security/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_96) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/general.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/general.cpp + +CMakeFiles/nipper.dir/Cisco-Security/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/general.cpp > CMakeFiles/nipper.dir/Cisco-Security/general.i + +CMakeFiles/nipper.dir/Cisco-Security/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/general.cpp -o CMakeFiles/nipper.dir/Cisco-Security/general.s + +CMakeFiles/nipper.dir/Cisco-Security/general.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/general.o.provides: CMakeFiles/nipper.dir/Cisco-Security/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/general.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/general.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Security/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_97) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/administration.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Security/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/administration.cpp > CMakeFiles/nipper.dir/Cisco-Security/administration.i + +CMakeFiles/nipper.dir/Cisco-Security/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/administration.cpp -o CMakeFiles/nipper.dir/Cisco-Security/administration.s + +CMakeFiles/nipper.dir/Cisco-Security/administration.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/administration.o.provides: CMakeFiles/nipper.dir/Cisco-Security/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/administration.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/administration.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/authentication.cpp + +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/authentication.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_98) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/authentication.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/authentication.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.cpp + +CMakeFiles/nipper.dir/Cisco-Security/authentication.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/authentication.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.cpp > CMakeFiles/nipper.dir/Cisco-Security/authentication.i + +CMakeFiles/nipper.dir/Cisco-Security/authentication.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/authentication.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.cpp -o CMakeFiles/nipper.dir/Cisco-Security/authentication.s + +CMakeFiles/nipper.dir/Cisco-Security/authentication.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/authentication.o.provides: CMakeFiles/nipper.dir/Cisco-Security/authentication.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/authentication.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/authentication.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/authentication.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/banner.cpp + +CMakeFiles/nipper.dir/Cisco-Security/banner.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/banner.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_99) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/banner.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/banner.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/banner.cpp + +CMakeFiles/nipper.dir/Cisco-Security/banner.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/banner.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/banner.cpp > CMakeFiles/nipper.dir/Cisco-Security/banner.i + +CMakeFiles/nipper.dir/Cisco-Security/banner.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/banner.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/banner.cpp -o CMakeFiles/nipper.dir/Cisco-Security/banner.s + +CMakeFiles/nipper.dir/Cisco-Security/banner.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/banner.o.provides: CMakeFiles/nipper.dir/Cisco-Security/banner.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/banner.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/banner.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/banner.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/filter.cpp + +CMakeFiles/nipper.dir/Cisco-Security/filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_100) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/filter.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/filter.cpp + +CMakeFiles/nipper.dir/Cisco-Security/filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/filter.cpp > CMakeFiles/nipper.dir/Cisco-Security/filter.i + +CMakeFiles/nipper.dir/Cisco-Security/filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/filter.cpp -o CMakeFiles/nipper.dir/Cisco-Security/filter.s + +CMakeFiles/nipper.dir/Cisco-Security/filter.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/filter.o.provides: CMakeFiles/nipper.dir/Cisco-Security/filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/filter.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/filter.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/snmp.cpp + +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_101) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/snmp.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.cpp + +CMakeFiles/nipper.dir/Cisco-Security/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.cpp > CMakeFiles/nipper.dir/Cisco-Security/snmp.i + +CMakeFiles/nipper.dir/Cisco-Security/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.cpp -o CMakeFiles/nipper.dir/Cisco-Security/snmp.s + +CMakeFiles/nipper.dir/Cisco-Security/snmp.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/snmp.o.provides: CMakeFiles/nipper.dir/Cisco-Security/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/snmp.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/snmp.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/dns.cpp + +CMakeFiles/nipper.dir/Cisco-Security/dns.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/dns.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_102) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/dns.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/dns.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/dns.cpp + +CMakeFiles/nipper.dir/Cisco-Security/dns.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/dns.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/dns.cpp > CMakeFiles/nipper.dir/Cisco-Security/dns.i + +CMakeFiles/nipper.dir/Cisco-Security/dns.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/dns.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/dns.cpp -o CMakeFiles/nipper.dir/Cisco-Security/dns.s + +CMakeFiles/nipper.dir/Cisco-Security/dns.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/dns.o.provides: CMakeFiles/nipper.dir/Cisco-Security/dns.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/dns.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/dns.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/dns.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security/interfaces.cpp + +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/interfaces.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_103) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security/interfaces.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security/interfaces.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.cpp + +CMakeFiles/nipper.dir/Cisco-Security/interfaces.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security/interfaces.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.cpp > CMakeFiles/nipper.dir/Cisco-Security/interfaces.i + +CMakeFiles/nipper.dir/Cisco-Security/interfaces.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security/interfaces.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.cpp -o CMakeFiles/nipper.dir/Cisco-Security/interfaces.s + +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o.provides: CMakeFiles/nipper.dir/Cisco-Security/interfaces.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/interfaces.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security/interfaces.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security-ASA/device.cpp + +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_104) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.cpp + +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security-ASA/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.cpp > CMakeFiles/nipper.dir/Cisco-Security-ASA/device.i + +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security-ASA/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.cpp -o CMakeFiles/nipper.dir/Cisco-Security-ASA/device.s + +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o.provides: CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security-ASA/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_105) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.cpp > CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.i + +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.cpp -o CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.s + +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o.provides: CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security-FWSM/device.cpp + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_106) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.cpp + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.cpp > CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.i + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.cpp -o CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.s + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o.provides: CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security-FWSM/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_107) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp > CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.i + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp -o CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.s + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o.provides: CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security-PIX/device.cpp + +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_108) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.cpp + +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security-PIX/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.cpp > CMakeFiles/nipper.dir/Cisco-Security-PIX/device.i + +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security-PIX/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.cpp -o CMakeFiles/nipper.dir/Cisco-Security-PIX/device.s + +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o.provides: CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Security-PIX/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_109) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o -c /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.cpp > CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.i + +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.cpp -o CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.s + +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o.requires: + +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o.provides: CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o.provides.build: CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/device.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_110) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.cpp > CMakeFiles/nipper.dir/Cisco-CSS/device.i + +CMakeFiles/nipper.dir/Cisco-CSS/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/device.s + +CMakeFiles/nipper.dir/Cisco-CSS/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/device.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/general.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_111) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/general.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.cpp > CMakeFiles/nipper.dir/Cisco-CSS/general.i + +CMakeFiles/nipper.dir/Cisco-CSS/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/general.s + +CMakeFiles/nipper.dir/Cisco-CSS/general.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/general.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/general.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/general.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/administration.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_112) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/administration.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.cpp > CMakeFiles/nipper.dir/Cisco-CSS/administration.i + +CMakeFiles/nipper.dir/Cisco-CSS/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/administration.s + +CMakeFiles/nipper.dir/Cisco-CSS/administration.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/administration.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/administration.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/administration.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/banner.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/banner.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_113) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/banner.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/banner.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/banner.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/banner.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.cpp > CMakeFiles/nipper.dir/Cisco-CSS/banner.i + +CMakeFiles/nipper.dir/Cisco-CSS/banner.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/banner.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/banner.s + +CMakeFiles/nipper.dir/Cisco-CSS/banner.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/banner.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/banner.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/banner.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/banner.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/banner.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/snmp.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_114) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/snmp.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.cpp > CMakeFiles/nipper.dir/Cisco-CSS/snmp.i + +CMakeFiles/nipper.dir/Cisco-CSS/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/snmp.s + +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/snmp.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/snmp-report.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/snmp-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_115) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp-report.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp-report.cpp > CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.i + +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp-report.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.s + +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/dns.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/dns.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_116) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/dns.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/dns.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/dns.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/dns.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.cpp > CMakeFiles/nipper.dir/Cisco-CSS/dns.i + +CMakeFiles/nipper.dir/Cisco-CSS/dns.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/dns.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/dns.s + +CMakeFiles/nipper.dir/Cisco-CSS/dns.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/dns.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/dns.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/dns.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/dns.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/dns.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/filter.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_117) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/filter.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.cpp > CMakeFiles/nipper.dir/Cisco-CSS/filter.i + +CMakeFiles/nipper.dir/Cisco-CSS/filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/filter.s + +CMakeFiles/nipper.dir/Cisco-CSS/filter.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/filter.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/filter.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/filter.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/authentication.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/authentication.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_118) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/authentication.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/authentication.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/authentication.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/authentication.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.cpp > CMakeFiles/nipper.dir/Cisco-CSS/authentication.i + +CMakeFiles/nipper.dir/Cisco-CSS/authentication.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/authentication.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/authentication.s + +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/authentication.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/authentication.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/authentication.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-CSS/interfaces.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/interfaces.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_119) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o -c /home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.cpp + +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-CSS/interfaces.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.cpp > CMakeFiles/nipper.dir/Cisco-CSS/interfaces.i + +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-CSS/interfaces.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.cpp -o CMakeFiles/nipper.dir/Cisco-CSS/interfaces.s + +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o.requires: + +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o.provides: CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o.provides.build + +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o.provides.build: CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst/device.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_120) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst/device.i + +CMakeFiles/nipper.dir/Cisco-Catalyst/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst/device.s + +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst/general.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_121) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst/general.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst/general.i + +CMakeFiles/nipper.dir/Cisco-Catalyst/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst/general.s + +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/general.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_122) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst/administration.i + +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst/administration.s + +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst/authentication.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/authentication.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_123) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.i + +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.s + +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst/banner.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/banner.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_124) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst/banner.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst/banner.i + +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst/banner.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst/banner.s + +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst/dns.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/dns.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_125) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst/dns.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst/dns.i + +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst/dns.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst/dns.s + +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst/snmp.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_126) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.i + +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.s + +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst/interfaces.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/interfaces.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_127) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.i + +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.s + +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst-CatOS/device.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: Cisco-Catalyst-CatOS/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_128) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.i + +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.s + +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Cisco-Catalyst-NMP/device.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: Cisco-Catalyst-NMP/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_129) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o -c /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp + +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp > CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.i + +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp -o CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.s + +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o.requires: + +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o.provides: CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o.provides.build + +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o.provides.build: CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint/device.cpp + +CMakeFiles/nipper.dir/CheckPoint/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_130) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint/device.o -c /home/dbryan/libnipper-0.12.6/CheckPoint/device.cpp + +CMakeFiles/nipper.dir/CheckPoint/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint/device.cpp > CMakeFiles/nipper.dir/CheckPoint/device.i + +CMakeFiles/nipper.dir/CheckPoint/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint/device.cpp -o CMakeFiles/nipper.dir/CheckPoint/device.s + +CMakeFiles/nipper.dir/CheckPoint/device.o.requires: + +CMakeFiles/nipper.dir/CheckPoint/device.o.provides: CMakeFiles/nipper.dir/CheckPoint/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/device.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint/device.o.provides.build: CMakeFiles/nipper.dir/CheckPoint/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint/device-policies.cpp + +CMakeFiles/nipper.dir/CheckPoint/device-policies.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint/device-policies.o: CheckPoint/device-policies.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_131) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint/device-policies.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint/device-policies.o -c /home/dbryan/libnipper-0.12.6/CheckPoint/device-policies.cpp + +CMakeFiles/nipper.dir/CheckPoint/device-policies.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint/device-policies.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint/device-policies.cpp > CMakeFiles/nipper.dir/CheckPoint/device-policies.i + +CMakeFiles/nipper.dir/CheckPoint/device-policies.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint/device-policies.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint/device-policies.cpp -o CMakeFiles/nipper.dir/CheckPoint/device-policies.s + +CMakeFiles/nipper.dir/CheckPoint/device-policies.o.requires: + +CMakeFiles/nipper.dir/CheckPoint/device-policies.o.provides: CMakeFiles/nipper.dir/CheckPoint/device-policies.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/device-policies.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint/device-policies.o.provides.build: CMakeFiles/nipper.dir/CheckPoint/device-policies.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint/general.cpp + +CMakeFiles/nipper.dir/CheckPoint/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_132) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint/general.o -c /home/dbryan/libnipper-0.12.6/CheckPoint/general.cpp + +CMakeFiles/nipper.dir/CheckPoint/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint/general.cpp > CMakeFiles/nipper.dir/CheckPoint/general.i + +CMakeFiles/nipper.dir/CheckPoint/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint/general.cpp -o CMakeFiles/nipper.dir/CheckPoint/general.s + +CMakeFiles/nipper.dir/CheckPoint/general.o.requires: + +CMakeFiles/nipper.dir/CheckPoint/general.o.provides: CMakeFiles/nipper.dir/CheckPoint/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/general.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint/general.o.provides.build: CMakeFiles/nipper.dir/CheckPoint/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint/filter.cpp + +CMakeFiles/nipper.dir/CheckPoint/filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_133) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint/filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint/filter.o -c /home/dbryan/libnipper-0.12.6/CheckPoint/filter.cpp + +CMakeFiles/nipper.dir/CheckPoint/filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint/filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint/filter.cpp > CMakeFiles/nipper.dir/CheckPoint/filter.i + +CMakeFiles/nipper.dir/CheckPoint/filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint/filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint/filter.cpp -o CMakeFiles/nipper.dir/CheckPoint/filter.s + +CMakeFiles/nipper.dir/CheckPoint/filter.o.requires: + +CMakeFiles/nipper.dir/CheckPoint/filter.o.provides: CMakeFiles/nipper.dir/CheckPoint/filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint/filter.o.provides.build: CMakeFiles/nipper.dir/CheckPoint/filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint/filter-objects.cpp + +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/filter-objects.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_134) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint/filter-objects.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint/filter-objects.o -c /home/dbryan/libnipper-0.12.6/CheckPoint/filter-objects.cpp + +CMakeFiles/nipper.dir/CheckPoint/filter-objects.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint/filter-objects.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint/filter-objects.cpp > CMakeFiles/nipper.dir/CheckPoint/filter-objects.i + +CMakeFiles/nipper.dir/CheckPoint/filter-objects.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint/filter-objects.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint/filter-objects.cpp -o CMakeFiles/nipper.dir/CheckPoint/filter-objects.s + +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o.requires: + +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o.provides: CMakeFiles/nipper.dir/CheckPoint/filter-objects.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter-objects.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o.provides.build: CMakeFiles/nipper.dir/CheckPoint/filter-objects.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint/filter-rules.cpp + +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/filter-rules.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_135) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint/filter-rules.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint/filter-rules.o -c /home/dbryan/libnipper-0.12.6/CheckPoint/filter-rules.cpp + +CMakeFiles/nipper.dir/CheckPoint/filter-rules.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint/filter-rules.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint/filter-rules.cpp > CMakeFiles/nipper.dir/CheckPoint/filter-rules.i + +CMakeFiles/nipper.dir/CheckPoint/filter-rules.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint/filter-rules.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint/filter-rules.cpp -o CMakeFiles/nipper.dir/CheckPoint/filter-rules.s + +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o.requires: + +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o.provides: CMakeFiles/nipper.dir/CheckPoint/filter-rules.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter-rules.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o.provides.build: CMakeFiles/nipper.dir/CheckPoint/filter-rules.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint/filter-services.cpp + +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/filter-services.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_136) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint/filter-services.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint/filter-services.o -c /home/dbryan/libnipper-0.12.6/CheckPoint/filter-services.cpp + +CMakeFiles/nipper.dir/CheckPoint/filter-services.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint/filter-services.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint/filter-services.cpp > CMakeFiles/nipper.dir/CheckPoint/filter-services.i + +CMakeFiles/nipper.dir/CheckPoint/filter-services.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint/filter-services.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint/filter-services.cpp -o CMakeFiles/nipper.dir/CheckPoint/filter-services.s + +CMakeFiles/nipper.dir/CheckPoint/filter-services.o.requires: + +CMakeFiles/nipper.dir/CheckPoint/filter-services.o.provides: CMakeFiles/nipper.dir/CheckPoint/filter-services.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter-services.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint/filter-services.o.provides.build: CMakeFiles/nipper.dir/CheckPoint/filter-services.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint-Firewall/device.cpp + +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o: CheckPoint-Firewall/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_137) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o -c /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.cpp + +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint-Firewall/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.cpp > CMakeFiles/nipper.dir/CheckPoint-Firewall/device.i + +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint-Firewall/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.cpp -o CMakeFiles/nipper.dir/CheckPoint-Firewall/device.s + +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o.requires: + +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o.provides: CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o.provides.build: CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: CheckPoint-Management/device.cpp + +CMakeFiles/nipper.dir/CheckPoint-Management/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/CheckPoint-Management/device.o: CheckPoint-Management/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_138) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/CheckPoint-Management/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/CheckPoint-Management/device.o -c /home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.cpp + +CMakeFiles/nipper.dir/CheckPoint-Management/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/CheckPoint-Management/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.cpp > CMakeFiles/nipper.dir/CheckPoint-Management/device.i + +CMakeFiles/nipper.dir/CheckPoint-Management/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/CheckPoint-Management/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.cpp -o CMakeFiles/nipper.dir/CheckPoint-Management/device.s + +CMakeFiles/nipper.dir/CheckPoint-Management/device.o.requires: + +CMakeFiles/nipper.dir/CheckPoint-Management/device.o.provides: CMakeFiles/nipper.dir/CheckPoint-Management/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint-Management/device.o.provides.build + +CMakeFiles/nipper.dir/CheckPoint-Management/device.o.provides.build: CMakeFiles/nipper.dir/CheckPoint-Management/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nokia-IP/device.cpp + +CMakeFiles/nipper.dir/Nokia-IP/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nokia-IP/device.o: Nokia-IP/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_139) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nokia-IP/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nokia-IP/device.o -c /home/dbryan/libnipper-0.12.6/Nokia-IP/device.cpp + +CMakeFiles/nipper.dir/Nokia-IP/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nokia-IP/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nokia-IP/device.cpp > CMakeFiles/nipper.dir/Nokia-IP/device.i + +CMakeFiles/nipper.dir/Nokia-IP/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nokia-IP/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nokia-IP/device.cpp -o CMakeFiles/nipper.dir/Nokia-IP/device.s + +CMakeFiles/nipper.dir/Nokia-IP/device.o.requires: + +CMakeFiles/nipper.dir/Nokia-IP/device.o.provides: CMakeFiles/nipper.dir/Nokia-IP/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nokia-IP/device.o.provides.build + +CMakeFiles/nipper.dir/Nokia-IP/device.o.provides.build: CMakeFiles/nipper.dir/Nokia-IP/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/device.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_140) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/device.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/device.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/general.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_141) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/general.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/general.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/administration.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_142) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/administration-report.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/administration-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_143) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/authentication.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/authentication.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_144) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/banner.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/banner.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_145) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/snmp.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_146) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/filter.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_147) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/dns.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/dns.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_148) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Juniper-ScreenOS/interfaces.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/interfaces.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_149) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o -c /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp + +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp > CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.i + +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp -o CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.s + +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o.requires: + +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o.provides: CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o.provides.build + +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o.provides.build: CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nortel-Passport/device.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_150) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nortel-Passport/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nortel-Passport/device.o -c /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nortel-Passport/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.cpp > CMakeFiles/nipper.dir/Nortel-Passport/device.i + +CMakeFiles/nipper.dir/Nortel-Passport/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nortel-Passport/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.cpp -o CMakeFiles/nipper.dir/Nortel-Passport/device.s + +CMakeFiles/nipper.dir/Nortel-Passport/device.o.requires: + +CMakeFiles/nipper.dir/Nortel-Passport/device.o.provides: CMakeFiles/nipper.dir/Nortel-Passport/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/device.o.provides.build + +CMakeFiles/nipper.dir/Nortel-Passport/device.o.provides.build: CMakeFiles/nipper.dir/Nortel-Passport/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nortel-Passport/general.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_151) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nortel-Passport/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nortel-Passport/general.o -c /home/dbryan/libnipper-0.12.6/Nortel-Passport/general.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nortel-Passport/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nortel-Passport/general.cpp > CMakeFiles/nipper.dir/Nortel-Passport/general.i + +CMakeFiles/nipper.dir/Nortel-Passport/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nortel-Passport/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nortel-Passport/general.cpp -o CMakeFiles/nipper.dir/Nortel-Passport/general.s + +CMakeFiles/nipper.dir/Nortel-Passport/general.o.requires: + +CMakeFiles/nipper.dir/Nortel-Passport/general.o.provides: CMakeFiles/nipper.dir/Nortel-Passport/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/general.o.provides.build + +CMakeFiles/nipper.dir/Nortel-Passport/general.o.provides.build: CMakeFiles/nipper.dir/Nortel-Passport/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nortel-Passport/administration.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_152) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nortel-Passport/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nortel-Passport/administration.o -c /home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nortel-Passport/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.cpp > CMakeFiles/nipper.dir/Nortel-Passport/administration.i + +CMakeFiles/nipper.dir/Nortel-Passport/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nortel-Passport/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.cpp -o CMakeFiles/nipper.dir/Nortel-Passport/administration.s + +CMakeFiles/nipper.dir/Nortel-Passport/administration.o.requires: + +CMakeFiles/nipper.dir/Nortel-Passport/administration.o.provides: CMakeFiles/nipper.dir/Nortel-Passport/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/administration.o.provides.build + +CMakeFiles/nipper.dir/Nortel-Passport/administration.o.provides.build: CMakeFiles/nipper.dir/Nortel-Passport/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nortel-Passport/banner.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/banner.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_153) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nortel-Passport/banner.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nortel-Passport/banner.o -c /home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/banner.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nortel-Passport/banner.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.cpp > CMakeFiles/nipper.dir/Nortel-Passport/banner.i + +CMakeFiles/nipper.dir/Nortel-Passport/banner.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nortel-Passport/banner.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.cpp -o CMakeFiles/nipper.dir/Nortel-Passport/banner.s + +CMakeFiles/nipper.dir/Nortel-Passport/banner.o.requires: + +CMakeFiles/nipper.dir/Nortel-Passport/banner.o.provides: CMakeFiles/nipper.dir/Nortel-Passport/banner.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/banner.o.provides.build + +CMakeFiles/nipper.dir/Nortel-Passport/banner.o.provides.build: CMakeFiles/nipper.dir/Nortel-Passport/banner.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nortel-Passport/snmp.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_154) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nortel-Passport/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nortel-Passport/snmp.o -c /home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nortel-Passport/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.cpp > CMakeFiles/nipper.dir/Nortel-Passport/snmp.i + +CMakeFiles/nipper.dir/Nortel-Passport/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nortel-Passport/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.cpp -o CMakeFiles/nipper.dir/Nortel-Passport/snmp.s + +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o.requires: + +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o.provides: CMakeFiles/nipper.dir/Nortel-Passport/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/snmp.o.provides.build + +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o.provides.build: CMakeFiles/nipper.dir/Nortel-Passport/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nortel-Passport/filter.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_155) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nortel-Passport/filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nortel-Passport/filter.o -c /home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nortel-Passport/filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.cpp > CMakeFiles/nipper.dir/Nortel-Passport/filter.i + +CMakeFiles/nipper.dir/Nortel-Passport/filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nortel-Passport/filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.cpp -o CMakeFiles/nipper.dir/Nortel-Passport/filter.s + +CMakeFiles/nipper.dir/Nortel-Passport/filter.o.requires: + +CMakeFiles/nipper.dir/Nortel-Passport/filter.o.provides: CMakeFiles/nipper.dir/Nortel-Passport/filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/filter.o.provides.build + +CMakeFiles/nipper.dir/Nortel-Passport/filter.o.provides.build: CMakeFiles/nipper.dir/Nortel-Passport/filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nortel-Passport/interfaces.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/interfaces.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_156) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o -c /home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.cpp + +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nortel-Passport/interfaces.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.cpp > CMakeFiles/nipper.dir/Nortel-Passport/interfaces.i + +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nortel-Passport/interfaces.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.cpp -o CMakeFiles/nipper.dir/Nortel-Passport/interfaces.s + +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o.requires: + +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o.provides: CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o.provides.build + +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o.provides.build: CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: Nortel-RoutingSwitch/device.cpp + +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o: Nortel-RoutingSwitch/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_157) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o -c /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp + +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp > CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.i + +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp -o CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.s + +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o.requires: + +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o.provides: CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o.provides.build + +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o.provides.build: CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: BayNetworks-Accelar/device.cpp + +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o: BayNetworks-Accelar/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_158) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o -c /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.cpp + +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/BayNetworks-Accelar/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.cpp > CMakeFiles/nipper.dir/BayNetworks-Accelar/device.i + +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/BayNetworks-Accelar/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.cpp -o CMakeFiles/nipper.dir/BayNetworks-Accelar/device.s + +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o.requires: + +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o.provides: CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o.provides.build + +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o.provides.build: CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/device.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_159) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/device.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.cpp > CMakeFiles/nipper.dir/HP-ProCurve/device.i + +CMakeFiles/nipper.dir/HP-ProCurve/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/device.s + +CMakeFiles/nipper.dir/HP-ProCurve/device.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/device.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/device.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/device.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/general.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_160) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/general.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/general.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/general.cpp > CMakeFiles/nipper.dir/HP-ProCurve/general.i + +CMakeFiles/nipper.dir/HP-ProCurve/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/general.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/general.s + +CMakeFiles/nipper.dir/HP-ProCurve/general.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/general.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/general.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/general.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/administration.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_161) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/administration.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.cpp > CMakeFiles/nipper.dir/HP-ProCurve/administration.i + +CMakeFiles/nipper.dir/HP-ProCurve/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/administration.s + +CMakeFiles/nipper.dir/HP-ProCurve/administration.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/administration.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/administration.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/administration.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/banner.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/banner.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_162) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/banner.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/banner.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/banner.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/banner.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.cpp > CMakeFiles/nipper.dir/HP-ProCurve/banner.i + +CMakeFiles/nipper.dir/HP-ProCurve/banner.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/banner.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/banner.s + +CMakeFiles/nipper.dir/HP-ProCurve/banner.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/banner.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/banner.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/banner.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/banner.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/banner.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/snmp.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_163) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/snmp.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.cpp > CMakeFiles/nipper.dir/HP-ProCurve/snmp.i + +CMakeFiles/nipper.dir/HP-ProCurve/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/snmp.s + +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/snmp.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/snmp-report.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/snmp-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_164) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp-report.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp-report.cpp > CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.i + +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp-report.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.s + +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/dns.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/dns.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_165) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/dns.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/dns.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/dns.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/dns.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.cpp > CMakeFiles/nipper.dir/HP-ProCurve/dns.i + +CMakeFiles/nipper.dir/HP-ProCurve/dns.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/dns.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/dns.s + +CMakeFiles/nipper.dir/HP-ProCurve/dns.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/dns.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/dns.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/dns.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/dns.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/dns.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/authentication.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/authentication.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_166) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/authentication.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/authentication.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/authentication.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/authentication.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.cpp > CMakeFiles/nipper.dir/HP-ProCurve/authentication.i + +CMakeFiles/nipper.dir/HP-ProCurve/authentication.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/authentication.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/authentication.s + +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/authentication.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/authentication.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/authentication.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: HP-ProCurve/interfaces.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/interfaces.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_167) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o -c /home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.cpp + +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/HP-ProCurve/interfaces.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.cpp > CMakeFiles/nipper.dir/HP-ProCurve/interfaces.i + +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/HP-ProCurve/interfaces.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.cpp -o CMakeFiles/nipper.dir/HP-ProCurve/interfaces.s + +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o.requires: + +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o.provides: CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o.provides.build + +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o.provides.build: CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: SonicWALL-SonicOS/device.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_168) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o -c /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.cpp > CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.i + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.cpp -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.s + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o.requires: + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o.provides: CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o.provides.build + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o.provides.build: CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: SonicWALL-SonicOS/dns.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/dns.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_169) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o -c /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp > CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.i + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.s + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o.requires: + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o.provides: CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o.provides.build + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o.provides.build: CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: SonicWALL-SonicOS/general.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/general.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_170) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o -c /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.cpp > CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.i + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.cpp -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.s + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o.requires: + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o.provides: CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o.provides.build + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o.provides.build: CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: SonicWALL-SonicOS/filter.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/filter.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_171) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o -c /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp > CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.i + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.s + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o.requires: + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o.provides: CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o.provides.build + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o.provides.build: CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: SonicWALL-SonicOS/snmp.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/snmp.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_172) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o -c /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp > CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.i + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.s + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o.requires: + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o.provides: CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o.provides.build + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o.provides.build: CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: SonicWALL-SonicOS/administration.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/administration.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_173) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o -c /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp > CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.i + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.s + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o.requires: + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o.provides: CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o.provides.build + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o.provides.build: CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: SonicWALL-SonicOS/administration-report.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/administration-report.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_174) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o -c /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp > CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.i + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp -o CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.s + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o.requires: + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o.provides: CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o.provides.build + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o.provides.build: CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o + +CMakeFiles/nipper.dir/depend.make.mark: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/depend.make.mark: 3Com-SuperStack3-Firewall/device.cpp + +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: CMakeFiles/nipper.dir/flags.make +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: 3Com-SuperStack3-Firewall/device.cpp + $(CMAKE_COMMAND) -E cmake_progress_report /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_PROGRESS_175) + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Building CXX object CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o" + /usr/bin/c++ $(CXX_FLAGS) -o CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o -c /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp + +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.i: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Preprocessing CXX source to CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.i" + /usr/bin/c++ $(CXX_FLAGS) -E /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp > CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.i + +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.s: cmake_force + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --green "Compiling CXX source to assembly CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.s" + /usr/bin/c++ $(CXX_FLAGS) -S /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp -o CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.s + +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o.requires: + +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o.provides: CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o.requires + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o.provides.build + +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o.provides.build: CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o + +CMakeFiles/nipper.dir/depend: CMakeFiles/nipper.dir/depend.make.mark + +CMakeFiles/nipper.dir/depend.make.mark: + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --magenta --bold "Scanning dependencies of target nipper" + cd /home/dbryan/libnipper-0.12.6 && $(CMAKE_COMMAND) -E cmake_depends "Unix Makefiles" /home/dbryan/libnipper-0.12.6 /home/dbryan/libnipper-0.12.6 /home/dbryan/libnipper-0.12.6 /home/dbryan/libnipper-0.12.6 /home/dbryan/libnipper-0.12.6/CMakeFiles/nipper.dir/DependInfo.cmake + +# Object files for target nipper +nipper_OBJECTS = \ +"CMakeFiles/nipper.dir/libnipper.o" \ +"CMakeFiles/nipper.dir/config.o" \ +"CMakeFiles/nipper.dir/report/report.o" \ +"CMakeFiles/nipper.dir/report/report-contents.o" \ +"CMakeFiles/nipper.dir/report/report-functions.o" \ +"CMakeFiles/nipper.dir/report/report-frontpage.o" \ +"CMakeFiles/nipper.dir/report/report-introduction.o" \ +"CMakeFiles/nipper.dir/report/report-list.o" \ +"CMakeFiles/nipper.dir/report/report-section-security.o" \ +"CMakeFiles/nipper.dir/report/report-section-compliance.o" \ +"CMakeFiles/nipper.dir/report/report-section-config.o" \ +"CMakeFiles/nipper.dir/report/report-section-appendix.o" \ +"CMakeFiles/nipper.dir/report/report-start.o" \ +"CMakeFiles/nipper.dir/report/report-table.o" \ +"CMakeFiles/nipper.dir/report/report-text.o" \ +"CMakeFiles/nipper.dir/report/report-titles.o" \ +"CMakeFiles/nipper.dir/device/device.o" \ +"CMakeFiles/nipper.dir/device/common/configline.o" \ +"CMakeFiles/nipper.dir/device/common/deviceconfig.o" \ +"CMakeFiles/nipper.dir/device/common/file.o" \ +"CMakeFiles/nipper.dir/device/common/misc.o" \ +"CMakeFiles/nipper.dir/device/common/paragraph.o" \ +"CMakeFiles/nipper.dir/device/common/passwords.o" \ +"CMakeFiles/nipper.dir/device/common/tables.o" \ +"CMakeFiles/nipper.dir/device/crypto/crypto-base64.o" \ +"CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o" \ +"CMakeFiles/nipper.dir/device/crypto/crypto-url.o" \ +"CMakeFiles/nipper.dir/device/reportgen/report.o" \ +"CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o" \ +"CMakeFiles/nipper.dir/device/reportgen/report-commonports.o" \ +"CMakeFiles/nipper.dir/device/reportgen/report-icmp.o" \ +"CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o" \ +"CMakeFiles/nipper.dir/device/reportgen/report-misc.o" \ +"CMakeFiles/nipper.dir/device/reportgen/report-numbering.o" \ +"CMakeFiles/nipper.dir/device/reportgen/report-protocols.o" \ +"CMakeFiles/nipper.dir/device/general/general.o" \ +"CMakeFiles/nipper.dir/device/administration/administration.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-bootp.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-finger.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-ftp.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-general.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-hosts.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-http.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-telnet.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-tftp.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-timeout.o" \ +"CMakeFiles/nipper.dir/device/administration/administration-ssh.o" \ +"CMakeFiles/nipper.dir/device/dns/dns.o" \ +"CMakeFiles/nipper.dir/device/dns/dns-report.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication-general.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication-nt.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication-radius.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication-securid.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o" \ +"CMakeFiles/nipper.dir/device/authentication/authentication-users.o" \ +"CMakeFiles/nipper.dir/device/banner/banner.o" \ +"CMakeFiles/nipper.dir/device/banner/banner-report.o" \ +"CMakeFiles/nipper.dir/device/filter/filter.o" \ +"CMakeFiles/nipper.dir/device/filter/filter-filter.o" \ +"CMakeFiles/nipper.dir/device/filter/filter-filter-report.o" \ +"CMakeFiles/nipper.dir/device/filter/filter-object.o" \ +"CMakeFiles/nipper.dir/device/filter/filter-object-report.o" \ +"CMakeFiles/nipper.dir/device/filter/filter-security.o" \ +"CMakeFiles/nipper.dir/device/filter/filter-security-report.o" \ +"CMakeFiles/nipper.dir/device/interfaces/interfaces.o" \ +"CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o" \ +"CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o" \ +"CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o" \ +"CMakeFiles/nipper.dir/device/snmp/snmp.o" \ +"CMakeFiles/nipper.dir/device/snmp/snmp-community.o" \ +"CMakeFiles/nipper.dir/device/snmp/snmp-group.o" \ +"CMakeFiles/nipper.dir/device/snmp/snmp-host.o" \ +"CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o" \ +"CMakeFiles/nipper.dir/device/snmp/snmp-traps.o" \ +"CMakeFiles/nipper.dir/device/snmp/snmp-user.o" \ +"CMakeFiles/nipper.dir/device/snmp/snmp-view.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/general.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/administration.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/authentication.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/banner.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/snmp.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/filter.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/dns.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o" \ +"CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/device.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/general.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/administration.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/authentication.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/banner.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/filter.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/snmp.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/dns.o" \ +"CMakeFiles/nipper.dir/Cisco-Security/interfaces.o" \ +"CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o" \ +"CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o" \ +"CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o" \ +"CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o" \ +"CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o" \ +"CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/device.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/general.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/administration.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/banner.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/snmp.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/dns.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/filter.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/authentication.o" \ +"CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst/device.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst/general.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o" \ +"CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o" \ +"CMakeFiles/nipper.dir/CheckPoint/device.o" \ +"CMakeFiles/nipper.dir/CheckPoint/device-policies.o" \ +"CMakeFiles/nipper.dir/CheckPoint/general.o" \ +"CMakeFiles/nipper.dir/CheckPoint/filter.o" \ +"CMakeFiles/nipper.dir/CheckPoint/filter-objects.o" \ +"CMakeFiles/nipper.dir/CheckPoint/filter-rules.o" \ +"CMakeFiles/nipper.dir/CheckPoint/filter-services.o" \ +"CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o" \ +"CMakeFiles/nipper.dir/CheckPoint-Management/device.o" \ +"CMakeFiles/nipper.dir/Nokia-IP/device.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o" \ +"CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o" \ +"CMakeFiles/nipper.dir/Nortel-Passport/device.o" \ +"CMakeFiles/nipper.dir/Nortel-Passport/general.o" \ +"CMakeFiles/nipper.dir/Nortel-Passport/administration.o" \ +"CMakeFiles/nipper.dir/Nortel-Passport/banner.o" \ +"CMakeFiles/nipper.dir/Nortel-Passport/snmp.o" \ +"CMakeFiles/nipper.dir/Nortel-Passport/filter.o" \ +"CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o" \ +"CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o" \ +"CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/device.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/general.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/administration.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/banner.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/snmp.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/dns.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/authentication.o" \ +"CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o" \ +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o" \ +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o" \ +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o" \ +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o" \ +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o" \ +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o" \ +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o" \ +"CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o" + +# External object files for target nipper +nipper_EXTERNAL_OBJECTS = + +libnipper.so: CMakeFiles/nipper.dir/libnipper.o +libnipper.so: CMakeFiles/nipper.dir/config.o +libnipper.so: CMakeFiles/nipper.dir/report/report.o +libnipper.so: CMakeFiles/nipper.dir/report/report-contents.o +libnipper.so: CMakeFiles/nipper.dir/report/report-functions.o +libnipper.so: CMakeFiles/nipper.dir/report/report-frontpage.o +libnipper.so: CMakeFiles/nipper.dir/report/report-introduction.o +libnipper.so: CMakeFiles/nipper.dir/report/report-list.o +libnipper.so: CMakeFiles/nipper.dir/report/report-section-security.o +libnipper.so: CMakeFiles/nipper.dir/report/report-section-compliance.o +libnipper.so: CMakeFiles/nipper.dir/report/report-section-config.o +libnipper.so: CMakeFiles/nipper.dir/report/report-section-appendix.o +libnipper.so: CMakeFiles/nipper.dir/report/report-start.o +libnipper.so: CMakeFiles/nipper.dir/report/report-table.o +libnipper.so: CMakeFiles/nipper.dir/report/report-text.o +libnipper.so: CMakeFiles/nipper.dir/report/report-titles.o +libnipper.so: CMakeFiles/nipper.dir/device/device.o +libnipper.so: CMakeFiles/nipper.dir/device/common/configline.o +libnipper.so: CMakeFiles/nipper.dir/device/common/deviceconfig.o +libnipper.so: CMakeFiles/nipper.dir/device/common/file.o +libnipper.so: CMakeFiles/nipper.dir/device/common/misc.o +libnipper.so: CMakeFiles/nipper.dir/device/common/paragraph.o +libnipper.so: CMakeFiles/nipper.dir/device/common/passwords.o +libnipper.so: CMakeFiles/nipper.dir/device/common/tables.o +libnipper.so: CMakeFiles/nipper.dir/device/crypto/crypto-base64.o +libnipper.so: CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o +libnipper.so: CMakeFiles/nipper.dir/device/crypto/crypto-url.o +libnipper.so: CMakeFiles/nipper.dir/device/reportgen/report.o +libnipper.so: CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o +libnipper.so: CMakeFiles/nipper.dir/device/reportgen/report-commonports.o +libnipper.so: CMakeFiles/nipper.dir/device/reportgen/report-icmp.o +libnipper.so: CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o +libnipper.so: CMakeFiles/nipper.dir/device/reportgen/report-misc.o +libnipper.so: CMakeFiles/nipper.dir/device/reportgen/report-numbering.o +libnipper.so: CMakeFiles/nipper.dir/device/reportgen/report-protocols.o +libnipper.so: CMakeFiles/nipper.dir/device/general/general.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-bootp.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-finger.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-ftp.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-general.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-hosts.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-http.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-telnet.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-tftp.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-timeout.o +libnipper.so: CMakeFiles/nipper.dir/device/administration/administration-ssh.o +libnipper.so: CMakeFiles/nipper.dir/device/dns/dns.o +libnipper.so: CMakeFiles/nipper.dir/device/dns/dns-report.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication-general.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication-nt.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication-radius.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication-securid.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o +libnipper.so: CMakeFiles/nipper.dir/device/authentication/authentication-users.o +libnipper.so: CMakeFiles/nipper.dir/device/banner/banner.o +libnipper.so: CMakeFiles/nipper.dir/device/banner/banner-report.o +libnipper.so: CMakeFiles/nipper.dir/device/filter/filter.o +libnipper.so: CMakeFiles/nipper.dir/device/filter/filter-filter.o +libnipper.so: CMakeFiles/nipper.dir/device/filter/filter-filter-report.o +libnipper.so: CMakeFiles/nipper.dir/device/filter/filter-object.o +libnipper.so: CMakeFiles/nipper.dir/device/filter/filter-object-report.o +libnipper.so: CMakeFiles/nipper.dir/device/filter/filter-security.o +libnipper.so: CMakeFiles/nipper.dir/device/filter/filter-security-report.o +libnipper.so: CMakeFiles/nipper.dir/device/interfaces/interfaces.o +libnipper.so: CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o +libnipper.so: CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o +libnipper.so: CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o +libnipper.so: CMakeFiles/nipper.dir/device/snmp/snmp.o +libnipper.so: CMakeFiles/nipper.dir/device/snmp/snmp-community.o +libnipper.so: CMakeFiles/nipper.dir/device/snmp/snmp-group.o +libnipper.so: CMakeFiles/nipper.dir/device/snmp/snmp-host.o +libnipper.so: CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o +libnipper.so: CMakeFiles/nipper.dir/device/snmp/snmp-traps.o +libnipper.so: CMakeFiles/nipper.dir/device/snmp/snmp-user.o +libnipper.so: CMakeFiles/nipper.dir/device/snmp/snmp-view.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/general.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/administration.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/authentication.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/banner.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/snmp.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/filter.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/dns.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/general.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/administration.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/authentication.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/banner.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/filter.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/snmp.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/dns.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security/interfaces.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/general.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/administration.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/banner.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/snmp.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/dns.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/filter.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/authentication.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst/general.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o +libnipper.so: CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint/device.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint/device-policies.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint/general.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint/filter.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint/filter-objects.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint/filter-rules.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint/filter-services.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o +libnipper.so: CMakeFiles/nipper.dir/CheckPoint-Management/device.o +libnipper.so: CMakeFiles/nipper.dir/Nokia-IP/device.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o +libnipper.so: CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o +libnipper.so: CMakeFiles/nipper.dir/Nortel-Passport/device.o +libnipper.so: CMakeFiles/nipper.dir/Nortel-Passport/general.o +libnipper.so: CMakeFiles/nipper.dir/Nortel-Passport/administration.o +libnipper.so: CMakeFiles/nipper.dir/Nortel-Passport/banner.o +libnipper.so: CMakeFiles/nipper.dir/Nortel-Passport/snmp.o +libnipper.so: CMakeFiles/nipper.dir/Nortel-Passport/filter.o +libnipper.so: CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o +libnipper.so: CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o +libnipper.so: CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/device.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/general.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/administration.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/banner.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/snmp.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/dns.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/authentication.o +libnipper.so: CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o +libnipper.so: CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o +libnipper.so: CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o +libnipper.so: CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o +libnipper.so: CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o +libnipper.so: CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o +libnipper.so: CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o +libnipper.so: CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o +libnipper.so: CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o +libnipper.so: CMakeFiles/nipper.dir/build.make + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --red --bold "Linking CXX shared library libnipper.so" + $(CMAKE_COMMAND) -P CMakeFiles/nipper.dir/cmake_clean_target.cmake + $(CMAKE_COMMAND) -E cmake_link_script CMakeFiles/nipper.dir/link.txt --verbose=$(VERBOSE) + +# Rule to build all files generated by this target. +CMakeFiles/nipper.dir/build: libnipper.so + +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/libnipper.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/config.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-contents.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-functions.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-frontpage.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-introduction.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-list.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-section-security.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-section-compliance.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-section-config.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-section-appendix.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-start.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-table.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-text.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/report/report-titles.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/common/configline.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/common/deviceconfig.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/common/file.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/common/misc.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/common/paragraph.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/common/passwords.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/common/tables.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/crypto/crypto-base64.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/crypto/crypto-url.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/reportgen/report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/reportgen/report-commonports.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/reportgen/report-icmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/reportgen/report-misc.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/reportgen/report-numbering.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/reportgen/report-protocols.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/general/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-bootp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-finger.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-ftp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-hosts.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-http.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-telnet.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-tftp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-timeout.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/administration/administration-ssh.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/dns/dns.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/dns/dns-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication-general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication-nt.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication-radius.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication-securid.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/authentication/authentication-users.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/banner/banner.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/banner/banner-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/filter/filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/filter/filter-filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/filter/filter-filter-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/filter/filter-object.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/filter/filter-object-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/filter/filter-security.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/filter/filter-security-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/interfaces/interfaces.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/snmp/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/snmp/snmp-community.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/snmp/snmp-group.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/snmp/snmp-host.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/snmp/snmp-traps.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/snmp/snmp-user.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/device/snmp/snmp-view.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/authentication.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/banner.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/dns.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/authentication.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/banner.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/dns.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security/interfaces.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/banner.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/dns.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/authentication.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint/device-policies.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint/filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint/filter-objects.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint/filter-rules.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint/filter-services.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/CheckPoint-Management/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nokia-IP/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nortel-Passport/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nortel-Passport/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nortel-Passport/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nortel-Passport/banner.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nortel-Passport/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nortel-Passport/filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/banner.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/dns.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/authentication.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o.requires +CMakeFiles/nipper.dir/requires: CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o.requires + +CMakeFiles/nipper.dir/clean: + $(CMAKE_COMMAND) -P CMakeFiles/nipper.dir/cmake_clean.cmake + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/cmake_clean.cmake b/libnipper-0.12.6/CMakeFiles/nipper.dir/cmake_clean.cmake new file mode 100644 index 0000000..d463919 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/cmake_clean.cmake @@ -0,0 +1,180 @@ +FILE(REMOVE +"libnipper.pdb" +"libnipper.a" +"libnipper.so" +"CMakeFiles/nipper.dir/libnipper.o" +"CMakeFiles/nipper.dir/config.o" +"CMakeFiles/nipper.dir/report/report.o" +"CMakeFiles/nipper.dir/report/report-contents.o" +"CMakeFiles/nipper.dir/report/report-functions.o" +"CMakeFiles/nipper.dir/report/report-frontpage.o" +"CMakeFiles/nipper.dir/report/report-introduction.o" +"CMakeFiles/nipper.dir/report/report-list.o" +"CMakeFiles/nipper.dir/report/report-section-security.o" +"CMakeFiles/nipper.dir/report/report-section-compliance.o" +"CMakeFiles/nipper.dir/report/report-section-config.o" +"CMakeFiles/nipper.dir/report/report-section-appendix.o" +"CMakeFiles/nipper.dir/report/report-start.o" +"CMakeFiles/nipper.dir/report/report-table.o" +"CMakeFiles/nipper.dir/report/report-text.o" +"CMakeFiles/nipper.dir/report/report-titles.o" +"CMakeFiles/nipper.dir/device/device.o" +"CMakeFiles/nipper.dir/device/common/configline.o" +"CMakeFiles/nipper.dir/device/common/deviceconfig.o" +"CMakeFiles/nipper.dir/device/common/file.o" +"CMakeFiles/nipper.dir/device/common/misc.o" +"CMakeFiles/nipper.dir/device/common/paragraph.o" +"CMakeFiles/nipper.dir/device/common/passwords.o" +"CMakeFiles/nipper.dir/device/common/tables.o" +"CMakeFiles/nipper.dir/device/crypto/crypto-base64.o" +"CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o" +"CMakeFiles/nipper.dir/device/crypto/crypto-url.o" +"CMakeFiles/nipper.dir/device/reportgen/report.o" +"CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o" +"CMakeFiles/nipper.dir/device/reportgen/report-commonports.o" +"CMakeFiles/nipper.dir/device/reportgen/report-icmp.o" +"CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o" +"CMakeFiles/nipper.dir/device/reportgen/report-misc.o" +"CMakeFiles/nipper.dir/device/reportgen/report-numbering.o" +"CMakeFiles/nipper.dir/device/reportgen/report-protocols.o" +"CMakeFiles/nipper.dir/device/general/general.o" +"CMakeFiles/nipper.dir/device/administration/administration.o" +"CMakeFiles/nipper.dir/device/administration/administration-bootp.o" +"CMakeFiles/nipper.dir/device/administration/administration-finger.o" +"CMakeFiles/nipper.dir/device/administration/administration-ftp.o" +"CMakeFiles/nipper.dir/device/administration/administration-general.o" +"CMakeFiles/nipper.dir/device/administration/administration-hosts.o" +"CMakeFiles/nipper.dir/device/administration/administration-http.o" +"CMakeFiles/nipper.dir/device/administration/administration-telnet.o" +"CMakeFiles/nipper.dir/device/administration/administration-tftp.o" +"CMakeFiles/nipper.dir/device/administration/administration-timeout.o" +"CMakeFiles/nipper.dir/device/administration/administration-ssh.o" +"CMakeFiles/nipper.dir/device/dns/dns.o" +"CMakeFiles/nipper.dir/device/dns/dns-report.o" +"CMakeFiles/nipper.dir/device/authentication/authentication.o" +"CMakeFiles/nipper.dir/device/authentication/authentication-general.o" +"CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o" +"CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o" +"CMakeFiles/nipper.dir/device/authentication/authentication-nt.o" +"CMakeFiles/nipper.dir/device/authentication/authentication-radius.o" +"CMakeFiles/nipper.dir/device/authentication/authentication-securid.o" +"CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o" +"CMakeFiles/nipper.dir/device/authentication/authentication-users.o" +"CMakeFiles/nipper.dir/device/banner/banner.o" +"CMakeFiles/nipper.dir/device/banner/banner-report.o" +"CMakeFiles/nipper.dir/device/filter/filter.o" +"CMakeFiles/nipper.dir/device/filter/filter-filter.o" +"CMakeFiles/nipper.dir/device/filter/filter-filter-report.o" +"CMakeFiles/nipper.dir/device/filter/filter-object.o" +"CMakeFiles/nipper.dir/device/filter/filter-object-report.o" +"CMakeFiles/nipper.dir/device/filter/filter-security.o" +"CMakeFiles/nipper.dir/device/filter/filter-security-report.o" +"CMakeFiles/nipper.dir/device/interfaces/interfaces.o" +"CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o" +"CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o" +"CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o" +"CMakeFiles/nipper.dir/device/snmp/snmp.o" +"CMakeFiles/nipper.dir/device/snmp/snmp-community.o" +"CMakeFiles/nipper.dir/device/snmp/snmp-group.o" +"CMakeFiles/nipper.dir/device/snmp/snmp-host.o" +"CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o" +"CMakeFiles/nipper.dir/device/snmp/snmp-traps.o" +"CMakeFiles/nipper.dir/device/snmp/snmp-user.o" +"CMakeFiles/nipper.dir/device/snmp/snmp-view.o" +"CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o" +"CMakeFiles/nipper.dir/Cisco-IOS/general.o" +"CMakeFiles/nipper.dir/Cisco-IOS/administration.o" +"CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o" +"CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o" +"CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o" +"CMakeFiles/nipper.dir/Cisco-IOS/authentication.o" +"CMakeFiles/nipper.dir/Cisco-IOS/banner.o" +"CMakeFiles/nipper.dir/Cisco-IOS/snmp.o" +"CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o" +"CMakeFiles/nipper.dir/Cisco-IOS/filter.o" +"CMakeFiles/nipper.dir/Cisco-IOS/dns.o" +"CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o" +"CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o" +"CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o" +"CMakeFiles/nipper.dir/Cisco-Security/device.o" +"CMakeFiles/nipper.dir/Cisco-Security/general.o" +"CMakeFiles/nipper.dir/Cisco-Security/administration.o" +"CMakeFiles/nipper.dir/Cisco-Security/authentication.o" +"CMakeFiles/nipper.dir/Cisco-Security/banner.o" +"CMakeFiles/nipper.dir/Cisco-Security/filter.o" +"CMakeFiles/nipper.dir/Cisco-Security/snmp.o" +"CMakeFiles/nipper.dir/Cisco-Security/dns.o" +"CMakeFiles/nipper.dir/Cisco-Security/interfaces.o" +"CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o" +"CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o" +"CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o" +"CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o" +"CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o" +"CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o" +"CMakeFiles/nipper.dir/Cisco-CSS/device.o" +"CMakeFiles/nipper.dir/Cisco-CSS/general.o" +"CMakeFiles/nipper.dir/Cisco-CSS/administration.o" +"CMakeFiles/nipper.dir/Cisco-CSS/banner.o" +"CMakeFiles/nipper.dir/Cisco-CSS/snmp.o" +"CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o" +"CMakeFiles/nipper.dir/Cisco-CSS/dns.o" +"CMakeFiles/nipper.dir/Cisco-CSS/filter.o" +"CMakeFiles/nipper.dir/Cisco-CSS/authentication.o" +"CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst/device.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst/general.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o" +"CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o" +"CMakeFiles/nipper.dir/CheckPoint/device.o" +"CMakeFiles/nipper.dir/CheckPoint/device-policies.o" +"CMakeFiles/nipper.dir/CheckPoint/general.o" +"CMakeFiles/nipper.dir/CheckPoint/filter.o" +"CMakeFiles/nipper.dir/CheckPoint/filter-objects.o" +"CMakeFiles/nipper.dir/CheckPoint/filter-rules.o" +"CMakeFiles/nipper.dir/CheckPoint/filter-services.o" +"CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o" +"CMakeFiles/nipper.dir/CheckPoint-Management/device.o" +"CMakeFiles/nipper.dir/Nokia-IP/device.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o" +"CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o" +"CMakeFiles/nipper.dir/Nortel-Passport/device.o" +"CMakeFiles/nipper.dir/Nortel-Passport/general.o" +"CMakeFiles/nipper.dir/Nortel-Passport/administration.o" +"CMakeFiles/nipper.dir/Nortel-Passport/banner.o" +"CMakeFiles/nipper.dir/Nortel-Passport/snmp.o" +"CMakeFiles/nipper.dir/Nortel-Passport/filter.o" +"CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o" +"CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o" +"CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o" +"CMakeFiles/nipper.dir/HP-ProCurve/device.o" +"CMakeFiles/nipper.dir/HP-ProCurve/general.o" +"CMakeFiles/nipper.dir/HP-ProCurve/administration.o" +"CMakeFiles/nipper.dir/HP-ProCurve/banner.o" +"CMakeFiles/nipper.dir/HP-ProCurve/snmp.o" +"CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o" +"CMakeFiles/nipper.dir/HP-ProCurve/dns.o" +"CMakeFiles/nipper.dir/HP-ProCurve/authentication.o" +"CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o" +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o" +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o" +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o" +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o" +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o" +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o" +"CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o" +"CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o" +) diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/cmake_clean_target.cmake b/libnipper-0.12.6/CMakeFiles/nipper.dir/cmake_clean_target.cmake new file mode 100644 index 0000000..cb00d19 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/cmake_clean_target.cmake @@ -0,0 +1,4 @@ +FILE(REMOVE +"libnipper.a" +"libnipper.so" +) diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/depend.internal b/libnipper-0.12.6/CMakeFiles/nipper.dir/depend.internal new file mode 100644 index 0000000..05cbc16 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/depend.internal @@ -0,0 +1,1664 @@ +# CMAKE generated file: DO NOT EDIT! +# Generated by "Unix Makefiles" Generator, CMake Version 2.4 + +CMakeFiles/nipper.dir/device/snmp/snmp-user.o + /home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + /home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/snmp/../device.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp-user.cpp + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o + /home/dbryan/libnipper-0.12.6/device/interfaces/../../config.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../device.h + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-report.cpp + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-IOS/filter.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-Security/general.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/general.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security/administration.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/administration.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +CMakeFiles/nipper.dir/device/snmp/snmp.o + /home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + /home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/snmp/../device.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.cpp + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/CheckPoint/device-policies.o + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h + /home/dbryan/libnipper-0.12.6/CheckPoint/device-policies.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint/general.o + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/general/general.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h + /home/dbryan/libnipper-0.12.6/CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/general.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint/general.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o + /home/dbryan/libnipper-0.12.6/device/interfaces/../../config.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../administration/administration.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../device.h + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-security.cpp + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-IOS/general.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-report.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-line.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security/banner.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/banner/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/banner.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security/filter.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/filter.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/filter.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/dns.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/iosdevice.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../Cisco-IOS/iosdevice.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.h +CMakeFiles/nipper.dir/Cisco-Security/device.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/snmp.h +CMakeFiles/nipper.dir/device/snmp/snmp-group.o + /home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + /home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/snmp/../device.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp-group.cpp + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/device/snmp/snmp-host.o + /home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + /home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/snmp/../device.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp-host.cpp + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration-security.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/device/snmp/snmp-community.o + /home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + /home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/snmp/../device.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp-community.cpp + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/device/interfaces/interfaces.o + /home/dbryan/libnipper-0.12.6/device/interfaces/../../config.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../device.h + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.cpp + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o + /home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + /home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/snmp/../device.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp-misc-issues.cpp + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp-report.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/snmp.h +CMakeFiles/nipper.dir/CheckPoint/filter.o + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h + /home/dbryan/libnipper-0.12.6/CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/filter.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint/filter.h +CMakeFiles/nipper.dir/device/filter/filter-security-report.o + /home/dbryan/libnipper-0.12.6/device/filter/../../config.h + /home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/filter/../device.h + /home/dbryan/libnipper-0.12.6/device/filter/filter-security-report.cpp + /home/dbryan/libnipper-0.12.6/device/filter/filter.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o + /home/dbryan/libnipper-0.12.6/device/interfaces/../../config.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/interfaces/../device.h + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces-interface.cpp + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h +CMakeFiles/nipper.dir/device/snmp/snmp-view.o + /home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + /home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/snmp/../device.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp-view.cpp + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS/banner.o + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/banner/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.cpp + /home/dbryan/libnipper-0.12.6/Cisco-IOS/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o + /home/dbryan/libnipper-0.12.6/device/snmp/../../config.h + /home/dbryan/libnipper-0.12.6/device/snmp/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/snmp/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/snmp/../device.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp-traps.cpp + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/device/filter/filter-security.o + /home/dbryan/libnipper-0.12.6/device/filter/../../config.h + /home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/filter/../device.h + /home/dbryan/libnipper-0.12.6/device/filter/filter-security.cpp + /home/dbryan/libnipper-0.12.6/device/filter/filter.h +CMakeFiles/nipper.dir/device/filter/filter-object-report.o + /home/dbryan/libnipper-0.12.6/device/filter/../../config.h + /home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/filter/../device.h + /home/dbryan/libnipper-0.12.6/device/filter/filter-object-report.cpp + /home/dbryan/libnipper-0.12.6/device/filter/filter.h +CMakeFiles/nipper.dir/device/filter/filter-object.o + /home/dbryan/libnipper-0.12.6/device/filter/../../config.h + /home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/filter/../device.h + /home/dbryan/libnipper-0.12.6/device/filter/filter-object.cpp + /home/dbryan/libnipper-0.12.6/device/filter/filter.h +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o + /home/dbryan/libnipper-0.12.6/device/filter/../../config.h + /home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/filter/../device.h + /home/dbryan/libnipper-0.12.6/device/filter/filter-filter-report.cpp + /home/dbryan/libnipper-0.12.6/device/filter/filter.h +CMakeFiles/nipper.dir/device/filter/filter-filter.o + /home/dbryan/libnipper-0.12.6/device/filter/../../config.h + /home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/filter/../device.h + /home/dbryan/libnipper-0.12.6/device/filter/filter-filter.cpp + /home/dbryan/libnipper-0.12.6/device/filter/filter.h +CMakeFiles/nipper.dir/device/authentication/authentication-users.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication-users.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/filter/filter.o + /home/dbryan/libnipper-0.12.6/device/filter/../../config.h + /home/dbryan/libnipper-0.12.6/device/filter/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/filter/../device.h + /home/dbryan/libnipper-0.12.6/device/filter/filter.cpp + /home/dbryan/libnipper-0.12.6/device/filter/filter.h +CMakeFiles/nipper.dir/device/banner/banner-report.o + /home/dbryan/libnipper-0.12.6/device/banner/../../config.h + /home/dbryan/libnipper-0.12.6/device/banner/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/banner/../device.h + /home/dbryan/libnipper-0.12.6/device/banner/../general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/banner/../general/general.h + /home/dbryan/libnipper-0.12.6/device/banner/banner-report.cpp + /home/dbryan/libnipper-0.12.6/device/banner/banner.h +CMakeFiles/nipper.dir/device/banner/banner.o + /home/dbryan/libnipper-0.12.6/device/banner/../../config.h + /home/dbryan/libnipper-0.12.6/device/banner/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/banner/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/banner/../device.h + /home/dbryan/libnipper-0.12.6/device/banner/banner.cpp + /home/dbryan/libnipper-0.12.6/device/banner/banner.h +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication-tacacs.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication-securid.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication-radius.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication-nt.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication-ldap.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/authentication/authentication-general.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication-general.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication-kerberos.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/authentication/authentication.o + /home/dbryan/libnipper-0.12.6/device/authentication/../../config.h + /home/dbryan/libnipper-0.12.6/device/authentication/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.cpp + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h +CMakeFiles/nipper.dir/device/dns/dns-report.o + /home/dbryan/libnipper-0.12.6/device/dns/../../config.h + /home/dbryan/libnipper-0.12.6/device/dns/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/dns/../device.h + /home/dbryan/libnipper-0.12.6/device/dns/dns-report.cpp + /home/dbryan/libnipper-0.12.6/device/dns/dns.h +CMakeFiles/nipper.dir/device/dns/dns.o + /home/dbryan/libnipper-0.12.6/device/dns/../../config.h + /home/dbryan/libnipper-0.12.6/device/dns/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/dns/../device.h + /home/dbryan/libnipper-0.12.6/device/dns/dns.cpp + /home/dbryan/libnipper-0.12.6/device/dns/dns.h +CMakeFiles/nipper.dir/device/administration/administration-ssh.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-ssh.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-timeout.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-timeout.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-tftp.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-tftp.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-telnet.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-telnet.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-ftp.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-ftp.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-finger.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-finger.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-http.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-http.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-hosts.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-hosts.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-general.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-general.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/administration/administration-bootp.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/administration-bootp.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o + /home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + /home/dbryan/libnipper-0.12.6/device/reportgen/report-logginglevels.cpp +CMakeFiles/nipper.dir/device/administration/administration.o + /home/dbryan/libnipper-0.12.6/device/administration/../../config.h + /home/dbryan/libnipper-0.12.6/device/administration/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/administration/../device.h + /home/dbryan/libnipper-0.12.6/device/administration/../interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/device/administration/administration.cpp + /home/dbryan/libnipper-0.12.6/device/administration/administration.h +CMakeFiles/nipper.dir/device/general/general.o + /home/dbryan/libnipper-0.12.6/device/general/../../config.h + /home/dbryan/libnipper-0.12.6/device/general/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/general/../device.h + /home/dbryan/libnipper-0.12.6/device/general/general.cpp + /home/dbryan/libnipper-0.12.6/device/general/general.h +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o + /home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + /home/dbryan/libnipper-0.12.6/device/reportgen/report-protocols.cpp +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o + /home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + /home/dbryan/libnipper-0.12.6/device/reportgen/report-numbering.cpp +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o + /home/dbryan/libnipper-0.12.6/device/crypto/../../config.h + /home/dbryan/libnipper-0.12.6/device/crypto/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/crypto/../device.h + /home/dbryan/libnipper-0.12.6/device/crypto/crypto-base64.cpp +CMakeFiles/nipper.dir/device/common/tables.o + /home/dbryan/libnipper-0.12.6/device/common/../../config.h + /home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/common/../device.h + /home/dbryan/libnipper-0.12.6/device/common/tables.cpp +CMakeFiles/nipper.dir/device/reportgen/report-misc.o + /home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + /home/dbryan/libnipper-0.12.6/device/reportgen/report-misc.cpp +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o + /home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + /home/dbryan/libnipper-0.12.6/device/reportgen/report-icmp.cpp +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o + /home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + /home/dbryan/libnipper-0.12.6/device/reportgen/report-abbreviations.cpp +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o + /home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + /home/dbryan/libnipper-0.12.6/device/reportgen/report-commonports.cpp +CMakeFiles/nipper.dir/device/reportgen/report.o + /home/dbryan/libnipper-0.12.6/device/reportgen/../../config.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../administration/administration.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../authentication/authentication.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../banner/banner.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../device.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../dns/dns.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../filter/filter.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../general/general.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/device/reportgen/../snmp/snmp.h + /home/dbryan/libnipper-0.12.6/device/reportgen/report.cpp +CMakeFiles/nipper.dir/device/crypto/crypto-url.o + /home/dbryan/libnipper-0.12.6/device/crypto/../../config.h + /home/dbryan/libnipper-0.12.6/device/crypto/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/crypto/../device.h + /home/dbryan/libnipper-0.12.6/device/crypto/crypto-url.cpp +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o + /home/dbryan/libnipper-0.12.6/device/crypto/../../config.h + /home/dbryan/libnipper-0.12.6/device/crypto/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/crypto/../device.h + /home/dbryan/libnipper-0.12.6/device/crypto/crypto-ciscotype7.cpp +CMakeFiles/nipper.dir/report/report-titles.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/report/../device/general/general.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-titles.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-text.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/report/../device/general/general.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-text.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-table.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-table.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/device/common/passwords.o + /home/dbryan/libnipper-0.12.6/device/common/../../config.h + /home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/common/../device.h + /home/dbryan/libnipper-0.12.6/device/common/../general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/common/../general/general.h + /home/dbryan/libnipper-0.12.6/device/common/passwords.cpp +CMakeFiles/nipper.dir/device/common/paragraph.o + /home/dbryan/libnipper-0.12.6/device/common/../../config.h + /home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/common/../device.h + /home/dbryan/libnipper-0.12.6/device/common/paragraph.cpp +CMakeFiles/nipper.dir/device/common/misc.o + /home/dbryan/libnipper-0.12.6/device/common/../../config.h + /home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/common/../device.h + /home/dbryan/libnipper-0.12.6/device/common/misc.cpp +CMakeFiles/nipper.dir/device/common/file.o + /home/dbryan/libnipper-0.12.6/device/common/../../config.h + /home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/common/../device.h + /home/dbryan/libnipper-0.12.6/device/common/../errortext.h + /home/dbryan/libnipper-0.12.6/device/common/file.cpp +CMakeFiles/nipper.dir/device/common/deviceconfig.o + /home/dbryan/libnipper-0.12.6/device/common/../../config.h + /home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/common/../device.h + /home/dbryan/libnipper-0.12.6/device/common/configline.h + /home/dbryan/libnipper-0.12.6/device/common/deviceconfig.cpp + /home/dbryan/libnipper-0.12.6/device/common/deviceconfig.h +CMakeFiles/nipper.dir/device/common/configline.o + /home/dbryan/libnipper-0.12.6/device/common/../../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/common/configline.cpp + /home/dbryan/libnipper-0.12.6/device/common/configline.h +CMakeFiles/nipper.dir/device/device.o + /home/dbryan/libnipper-0.12.6/device/../config.h + /home/dbryan/libnipper-0.12.6/device/../globaldefs.h + /home/dbryan/libnipper-0.12.6/device/administration/administration.h + /home/dbryan/libnipper-0.12.6/device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/device/banner/banner.h + /home/dbryan/libnipper-0.12.6/device/device.cpp + /home/dbryan/libnipper-0.12.6/device/device.h + /home/dbryan/libnipper-0.12.6/device/dns/dns.h + /home/dbryan/libnipper-0.12.6/device/errortext.h + /home/dbryan/libnipper-0.12.6/device/filter/filter.h + /home/dbryan/libnipper-0.12.6/device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/device/general/general.h + /home/dbryan/libnipper-0.12.6/device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/device/snmp/snmp.h +CMakeFiles/nipper.dir/report/report-start.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/report/../device/general/general.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-start.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-section-appendix.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-section-appendix.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-section-config.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-section-config.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-section-compliance.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-section-compliance.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-section-security.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-section-security.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-list.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-list.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-introduction.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-introduction.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-frontpage.o + /home/dbryan/libnipper-0.12.6/report/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-frontpage.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-functions.o + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-functions.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report-contents.o + /home/dbryan/libnipper-0.12.6/report/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report-contents.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/report/report.o + /home/dbryan/libnipper-0.12.6/report/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/../globaldefs.h + /home/dbryan/libnipper-0.12.6/report/report.cpp + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/config.o + /home/dbryan/libnipper-0.12.6/config.cpp + /home/dbryan/libnipper-0.12.6/config.h + /home/dbryan/libnipper-0.12.6/globaldefs.h +CMakeFiles/nipper.dir/libnipper.o + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.h + /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/../Cisco-IOS/iosdevice.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-IOS-Router/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h + /home/dbryan/libnipper-0.12.6/Nokia-IP/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/config.h + /home/dbryan/libnipper-0.12.6/globaldefs.h + /home/dbryan/libnipper-0.12.6/libnipper.cpp + /home/dbryan/libnipper-0.12.6/libnipper.h + /home/dbryan/libnipper-0.12.6/report/../device/../config.h + /home/dbryan/libnipper-0.12.6/report/../device/device.h + /home/dbryan/libnipper-0.12.6/report/report.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.h +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/banner/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/dns.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/snmp.h +CMakeFiles/nipper.dir/CheckPoint/device.o + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/errortext.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/general/general.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h + /home/dbryan/libnipper-0.12.6/CheckPoint/device.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/filter.h + /home/dbryan/libnipper-0.12.6/CheckPoint/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst/interfaces.h +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../Cisco-Catalyst/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Catalyst-NMP/device.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/authentication.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.h +CMakeFiles/nipper.dir/Cisco-CSS/general.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h +CMakeFiles/nipper.dir/Cisco-CSS/banner.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/banner/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/banner.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/general.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp-report.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/snmp.h +CMakeFiles/nipper.dir/Cisco-CSS/dns.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/dns.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/device.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.cpp + /home/dbryan/libnipper-0.12.6/Cisco-CSS/filter.h + /home/dbryan/libnipper-0.12.6/Cisco-CSS/interfaces.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security/interfaces.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-ASA/device.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-FWSM/device.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/../config.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/device.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../Cisco-Security/general.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/administration.h + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.cpp + /home/dbryan/libnipper-0.12.6/Cisco-Security-PIX/device.h +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h + /home/dbryan/libnipper-0.12.6/CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/filter-objects.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint/filter.h +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h + /home/dbryan/libnipper-0.12.6/CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/filter-rules.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint/filter.h +CMakeFiles/nipper.dir/CheckPoint/filter-services.o + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/CheckPoint/../globaldefs.h + /home/dbryan/libnipper-0.12.6/CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint/filter-services.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint/filter.h +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o + /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/../CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint-Firewall/device.h +CMakeFiles/nipper.dir/CheckPoint-Management/device.o + /home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Management/../CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.cpp + /home/dbryan/libnipper-0.12.6/CheckPoint-Management/device.h +CMakeFiles/nipper.dir/Nokia-IP/device.o + /home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/../device/device.h + /home/dbryan/libnipper-0.12.6/Nokia-IP/../CheckPoint/device.h + /home/dbryan/libnipper-0.12.6/Nokia-IP/device.cpp + /home/dbryan/libnipper-0.12.6/Nokia-IP/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/authentication.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/banner/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/banner.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/administration.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/general.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/snmp.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/filter.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/dns.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/device.h + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp + /home/dbryan/libnipper-0.12.6/Juniper-ScreenOS/interfaces.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.cpp + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/general.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.h +CMakeFiles/nipper.dir/Nortel-Passport/general.o + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/general.cpp + /home/dbryan/libnipper-0.12.6/Nortel-Passport/general.h +CMakeFiles/nipper.dir/Nortel-Passport/administration.o + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.cpp + /home/dbryan/libnipper-0.12.6/Nortel-Passport/administration.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +CMakeFiles/nipper.dir/Nortel-Passport/banner.o + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/banner/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.cpp + /home/dbryan/libnipper-0.12.6/Nortel-Passport/banner.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/general/general.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/general.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.cpp + /home/dbryan/libnipper-0.12.6/Nortel-Passport/snmp.h +CMakeFiles/nipper.dir/Nortel-Passport/filter.o + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.cpp + /home/dbryan/libnipper-0.12.6/Nortel-Passport/filter.h +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/../globaldefs.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.cpp + /home/dbryan/libnipper-0.12.6/Nortel-Passport/interfaces.h +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o + /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/../Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp + /home/dbryan/libnipper-0.12.6/Nortel-RoutingSwitch/device.h +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o + /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/../device/../config.h + /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/../device/device.h + /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/../Nortel-Passport/device.h + /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.cpp + /home/dbryan/libnipper-0.12.6/BayNetworks-Accelar/device.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/general.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.h +CMakeFiles/nipper.dir/HP-ProCurve/general.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/general.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/general.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h +CMakeFiles/nipper.dir/HP-ProCurve/banner.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/banner/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/banner/banner.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/banner.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +CMakeFiles/nipper.dir/HP-ProCurve/administration.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/administration.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/general.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/general/general.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/general.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp-report.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/snmp.h +CMakeFiles/nipper.dir/HP-ProCurve/dns.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/dns.h +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/interfaces/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/interfaces/interfaces.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/interfaces.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/../config.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/../device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/authentication/authentication.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../device/device.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/../globaldefs.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.cpp + /home/dbryan/libnipper-0.12.6/HP-ProCurve/authentication.h + /home/dbryan/libnipper-0.12.6/HP-ProCurve/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/errortext.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.cpp + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/dns/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/dns/dns.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/dns.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.cpp + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/filter/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/filter/filter.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/filter.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/general/general.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/general.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/snmp/snmp.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/../device/device.h + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/device.h + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/../globaldefs.h + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.cpp + /home/dbryan/libnipper-0.12.6/3Com-SuperStack3-Firewall/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/../config.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/../common/deviceconfig.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/administration/administration.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/common/configline.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../device/device.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/../globaldefs.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/administration.h + /home/dbryan/libnipper-0.12.6/SonicWALL-SonicOS/device.h diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/depend.make b/libnipper-0.12.6/CMakeFiles/nipper.dir/depend.make new file mode 100644 index 0000000..b4100e4 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/depend.make @@ -0,0 +1,1664 @@ +# CMAKE generated file: DO NOT EDIT! +# Generated by "Unix Makefiles" Generator, CMake Version 2.4 + +CMakeFiles/nipper.dir/device/snmp/snmp-user.o: device/snmp/../../config.h +CMakeFiles/nipper.dir/device/snmp/snmp-user.o: device/snmp/../../globaldefs.h +CMakeFiles/nipper.dir/device/snmp/snmp-user.o: device/snmp/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/snmp/snmp-user.o: device/snmp/../device.h +CMakeFiles/nipper.dir/device/snmp/snmp-user.o: device/snmp/snmp-user.cpp +CMakeFiles/nipper.dir/device/snmp/snmp-user.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o: device/interfaces/../../config.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o: device/interfaces/../../globaldefs.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o: device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o: device/interfaces/../device.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o: device/interfaces/interfaces-report.cpp +CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o: device/interfaces/interfaces.h + +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/../device/filter/filter.h +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/filter.cpp +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/filter.h +CMakeFiles/nipper.dir/Cisco-IOS/filter.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/../device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/../device/dns/dns.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/dns.cpp +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/dns.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/general.h +CMakeFiles/nipper.dir/Cisco-IOS/dns.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/../device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/general.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/interfaces.cpp +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/interfaces.h +CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/general.cpp +CMakeFiles/nipper.dir/Cisco-Security/general.o: Cisco-Security/general.h + +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/administration.cpp +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/administration.h +CMakeFiles/nipper.dir/Cisco-Security/administration.o: Cisco-Security/device.h + +CMakeFiles/nipper.dir/device/snmp/snmp.o: device/snmp/../../config.h +CMakeFiles/nipper.dir/device/snmp/snmp.o: device/snmp/../../globaldefs.h +CMakeFiles/nipper.dir/device/snmp/snmp.o: device/snmp/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/snmp/snmp.o: device/snmp/../device.h +CMakeFiles/nipper.dir/device/snmp/snmp.o: device/snmp/snmp.cpp +CMakeFiles/nipper.dir/device/snmp/snmp.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/CheckPoint/device-policies.o: CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint/device-policies.o: CheckPoint/../device/common/configline.h +CMakeFiles/nipper.dir/CheckPoint/device-policies.o: CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint/device-policies.o: CheckPoint/../globaldefs.h +CMakeFiles/nipper.dir/CheckPoint/device-policies.o: CheckPoint/device-policies.cpp +CMakeFiles/nipper.dir/CheckPoint/device-policies.o: CheckPoint/device.h + +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/../device/general/general.h +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/../globaldefs.h +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/general.cpp +CMakeFiles/nipper.dir/CheckPoint/general.o: CheckPoint/general.h + +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/banner/banner.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/dns/dns.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/filter/filter.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/authentication.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/banner.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/dns.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/filter.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/general.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/interfaces.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/iosdevice.cpp +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o: Cisco-IOS/snmp.h + +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: device/interfaces/../../config.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: device/interfaces/../../globaldefs.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: device/interfaces/../administration/administration.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: device/interfaces/../device.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: device/interfaces/interfaces-security.cpp +CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o: device/interfaces/interfaces.h + +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/general.cpp +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/general.h +CMakeFiles/nipper.dir/Cisco-IOS/general.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/administration-report.cpp +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/administration-line.cpp +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/../device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/authentication.cpp +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/authentication.h +CMakeFiles/nipper.dir/Cisco-Security/authentication.o: Cisco-Security/device.h + +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/../device/banner/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/../device/banner/banner.h +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/banner.cpp +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/banner.h +CMakeFiles/nipper.dir/Cisco-Security/banner.o: Cisco-Security/device.h + +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/../device/filter/filter.h +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/filter.cpp +CMakeFiles/nipper.dir/Cisco-Security/filter.o: Cisco-Security/filter.h + +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/snmp.cpp +CMakeFiles/nipper.dir/Cisco-Security/snmp.o: Cisco-Security/snmp.h + +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/../device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/../device/dns/dns.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/dns.cpp +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/dns.h +CMakeFiles/nipper.dir/Cisco-Security/dns.o: Cisco-Security/general.h + +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: Cisco-IOS-Catalyst/../Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: Cisco-IOS-Catalyst/../Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: Cisco-IOS-Catalyst/../Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: Cisco-IOS-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: Cisco-IOS-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: Cisco-IOS-Catalyst/device.cpp +CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o: Cisco-IOS-Catalyst/device.h + +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: Cisco-IOS-Router/../Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: Cisco-IOS-Router/../Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: Cisco-IOS-Router/../Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: Cisco-IOS-Router/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: Cisco-IOS-Router/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: Cisco-IOS-Router/device.cpp +CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o: Cisco-IOS-Router/device.h + +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/banner/banner.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/dns/dns.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/filter/filter.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/administration.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/authentication.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/banner.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/device.cpp +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/dns.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/filter.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/interfaces.h +CMakeFiles/nipper.dir/Cisco-Security/device.o: Cisco-Security/snmp.h + +CMakeFiles/nipper.dir/device/snmp/snmp-group.o: device/snmp/../../config.h +CMakeFiles/nipper.dir/device/snmp/snmp-group.o: device/snmp/../../globaldefs.h +CMakeFiles/nipper.dir/device/snmp/snmp-group.o: device/snmp/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/snmp/snmp-group.o: device/snmp/../device.h +CMakeFiles/nipper.dir/device/snmp/snmp-group.o: device/snmp/snmp-group.cpp +CMakeFiles/nipper.dir/device/snmp/snmp-group.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/device/snmp/snmp-host.o: device/snmp/../../config.h +CMakeFiles/nipper.dir/device/snmp/snmp-host.o: device/snmp/../../globaldefs.h +CMakeFiles/nipper.dir/device/snmp/snmp-host.o: device/snmp/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/snmp/snmp-host.o: device/snmp/../device.h +CMakeFiles/nipper.dir/device/snmp/snmp-host.o: device/snmp/snmp-host.cpp +CMakeFiles/nipper.dir/device/snmp/snmp-host.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/administration-security.cpp +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/device/snmp/snmp-community.o: device/snmp/../../config.h +CMakeFiles/nipper.dir/device/snmp/snmp-community.o: device/snmp/../../globaldefs.h +CMakeFiles/nipper.dir/device/snmp/snmp-community.o: device/snmp/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/snmp/snmp-community.o: device/snmp/../device.h +CMakeFiles/nipper.dir/device/snmp/snmp-community.o: device/snmp/snmp-community.cpp +CMakeFiles/nipper.dir/device/snmp/snmp-community.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/administration.cpp +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/authentication.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/general.h +CMakeFiles/nipper.dir/Cisco-IOS/administration.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/device/interfaces/interfaces.o: device/interfaces/../../config.h +CMakeFiles/nipper.dir/device/interfaces/interfaces.o: device/interfaces/../../globaldefs.h +CMakeFiles/nipper.dir/device/interfaces/interfaces.o: device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/interfaces/interfaces.o: device/interfaces/../device.h +CMakeFiles/nipper.dir/device/interfaces/interfaces.o: device/interfaces/interfaces.cpp +CMakeFiles/nipper.dir/device/interfaces/interfaces.o: device/interfaces/interfaces.h + +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o: device/snmp/../../config.h +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o: device/snmp/../../globaldefs.h +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o: device/snmp/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o: device/snmp/../device.h +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o: device/snmp/snmp-misc-issues.cpp +CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/general.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/snmp.cpp +CMakeFiles/nipper.dir/Cisco-IOS/snmp.o: Cisco-IOS/snmp.h + +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/general.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/snmp-report.cpp +CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o: Cisco-IOS/snmp.h + +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/../device/common/configline.h +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/../device/filter/filter.h +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/../globaldefs.h +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/filter.cpp +CMakeFiles/nipper.dir/CheckPoint/filter.o: CheckPoint/filter.h + +CMakeFiles/nipper.dir/device/filter/filter-security-report.o: device/filter/../../config.h +CMakeFiles/nipper.dir/device/filter/filter-security-report.o: device/filter/../../globaldefs.h +CMakeFiles/nipper.dir/device/filter/filter-security-report.o: device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/filter/filter-security-report.o: device/filter/../device.h +CMakeFiles/nipper.dir/device/filter/filter-security-report.o: device/filter/filter-security-report.cpp +CMakeFiles/nipper.dir/device/filter/filter-security-report.o: device/filter/filter.h + +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o: device/interfaces/../../config.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o: device/interfaces/../../globaldefs.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o: device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o: device/interfaces/../device.h +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o: device/interfaces/interfaces-interface.cpp +CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o: device/interfaces/interfaces.h + +CMakeFiles/nipper.dir/device/snmp/snmp-view.o: device/snmp/../../config.h +CMakeFiles/nipper.dir/device/snmp/snmp-view.o: device/snmp/../../globaldefs.h +CMakeFiles/nipper.dir/device/snmp/snmp-view.o: device/snmp/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/snmp/snmp-view.o: device/snmp/../device.h +CMakeFiles/nipper.dir/device/snmp/snmp-view.o: device/snmp/snmp-view.cpp +CMakeFiles/nipper.dir/device/snmp/snmp-view.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/../device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/administration.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/authentication.cpp +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/authentication.h +CMakeFiles/nipper.dir/Cisco-IOS/authentication.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/../device/banner/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/../device/banner/banner.h +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/../device/device.h +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/banner.cpp +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/banner.h +CMakeFiles/nipper.dir/Cisco-IOS/banner.o: Cisco-IOS/iosdevice.h + +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o: device/snmp/../../config.h +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o: device/snmp/../../globaldefs.h +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o: device/snmp/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o: device/snmp/../device.h +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o: device/snmp/snmp-traps.cpp +CMakeFiles/nipper.dir/device/snmp/snmp-traps.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/device/filter/filter-security.o: device/filter/../../config.h +CMakeFiles/nipper.dir/device/filter/filter-security.o: device/filter/../../globaldefs.h +CMakeFiles/nipper.dir/device/filter/filter-security.o: device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/filter/filter-security.o: device/filter/../device.h +CMakeFiles/nipper.dir/device/filter/filter-security.o: device/filter/filter-security.cpp +CMakeFiles/nipper.dir/device/filter/filter-security.o: device/filter/filter.h + +CMakeFiles/nipper.dir/device/filter/filter-object-report.o: device/filter/../../config.h +CMakeFiles/nipper.dir/device/filter/filter-object-report.o: device/filter/../../globaldefs.h +CMakeFiles/nipper.dir/device/filter/filter-object-report.o: device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/filter/filter-object-report.o: device/filter/../device.h +CMakeFiles/nipper.dir/device/filter/filter-object-report.o: device/filter/filter-object-report.cpp +CMakeFiles/nipper.dir/device/filter/filter-object-report.o: device/filter/filter.h + +CMakeFiles/nipper.dir/device/filter/filter-object.o: device/filter/../../config.h +CMakeFiles/nipper.dir/device/filter/filter-object.o: device/filter/../../globaldefs.h +CMakeFiles/nipper.dir/device/filter/filter-object.o: device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/filter/filter-object.o: device/filter/../device.h +CMakeFiles/nipper.dir/device/filter/filter-object.o: device/filter/filter-object.cpp +CMakeFiles/nipper.dir/device/filter/filter-object.o: device/filter/filter.h + +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o: device/filter/../../config.h +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o: device/filter/../../globaldefs.h +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o: device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o: device/filter/../device.h +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o: device/filter/filter-filter-report.cpp +CMakeFiles/nipper.dir/device/filter/filter-filter-report.o: device/filter/filter.h + +CMakeFiles/nipper.dir/device/filter/filter-filter.o: device/filter/../../config.h +CMakeFiles/nipper.dir/device/filter/filter-filter.o: device/filter/../../globaldefs.h +CMakeFiles/nipper.dir/device/filter/filter-filter.o: device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/filter/filter-filter.o: device/filter/../device.h +CMakeFiles/nipper.dir/device/filter/filter-filter.o: device/filter/filter-filter.cpp +CMakeFiles/nipper.dir/device/filter/filter-filter.o: device/filter/filter.h + +CMakeFiles/nipper.dir/device/authentication/authentication-users.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication-users.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication-users.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication-users.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication-users.o: device/authentication/authentication-users.cpp +CMakeFiles/nipper.dir/device/authentication/authentication-users.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/filter/filter.o: device/filter/../../config.h +CMakeFiles/nipper.dir/device/filter/filter.o: device/filter/../../globaldefs.h +CMakeFiles/nipper.dir/device/filter/filter.o: device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/filter/filter.o: device/filter/../device.h +CMakeFiles/nipper.dir/device/filter/filter.o: device/filter/filter.cpp +CMakeFiles/nipper.dir/device/filter/filter.o: device/filter/filter.h + +CMakeFiles/nipper.dir/device/banner/banner-report.o: device/banner/../../config.h +CMakeFiles/nipper.dir/device/banner/banner-report.o: device/banner/../../globaldefs.h +CMakeFiles/nipper.dir/device/banner/banner-report.o: device/banner/../device.h +CMakeFiles/nipper.dir/device/banner/banner-report.o: device/banner/../general/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/banner/banner-report.o: device/banner/../general/general.h +CMakeFiles/nipper.dir/device/banner/banner-report.o: device/banner/banner-report.cpp +CMakeFiles/nipper.dir/device/banner/banner-report.o: device/banner/banner.h + +CMakeFiles/nipper.dir/device/banner/banner.o: device/banner/../../config.h +CMakeFiles/nipper.dir/device/banner/banner.o: device/banner/../../globaldefs.h +CMakeFiles/nipper.dir/device/banner/banner.o: device/banner/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/banner/banner.o: device/banner/../device.h +CMakeFiles/nipper.dir/device/banner/banner.o: device/banner/banner.cpp +CMakeFiles/nipper.dir/device/banner/banner.o: device/banner/banner.h + +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o: device/authentication/authentication-tacacs.cpp +CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o: device/authentication/authentication-securid.cpp +CMakeFiles/nipper.dir/device/authentication/authentication-securid.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o: device/authentication/authentication-radius.cpp +CMakeFiles/nipper.dir/device/authentication/authentication-radius.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o: device/authentication/authentication-nt.cpp +CMakeFiles/nipper.dir/device/authentication/authentication-nt.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o: device/authentication/authentication-ldap.cpp +CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/authentication/authentication-general.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication-general.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication-general.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication-general.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication-general.o: device/authentication/authentication-general.cpp +CMakeFiles/nipper.dir/device/authentication/authentication-general.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o: device/authentication/authentication-kerberos.cpp +CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/authentication/authentication.o: device/authentication/../../config.h +CMakeFiles/nipper.dir/device/authentication/authentication.o: device/authentication/../../globaldefs.h +CMakeFiles/nipper.dir/device/authentication/authentication.o: device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/authentication/authentication.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/authentication/authentication.o: device/authentication/authentication.cpp +CMakeFiles/nipper.dir/device/authentication/authentication.o: device/authentication/authentication.h + +CMakeFiles/nipper.dir/device/dns/dns-report.o: device/dns/../../config.h +CMakeFiles/nipper.dir/device/dns/dns-report.o: device/dns/../../globaldefs.h +CMakeFiles/nipper.dir/device/dns/dns-report.o: device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/dns/dns-report.o: device/dns/../device.h +CMakeFiles/nipper.dir/device/dns/dns-report.o: device/dns/dns-report.cpp +CMakeFiles/nipper.dir/device/dns/dns-report.o: device/dns/dns.h + +CMakeFiles/nipper.dir/device/dns/dns.o: device/dns/../../config.h +CMakeFiles/nipper.dir/device/dns/dns.o: device/dns/../../globaldefs.h +CMakeFiles/nipper.dir/device/dns/dns.o: device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/dns/dns.o: device/dns/../device.h +CMakeFiles/nipper.dir/device/dns/dns.o: device/dns/dns.cpp +CMakeFiles/nipper.dir/device/dns/dns.o: device/dns/dns.h + +CMakeFiles/nipper.dir/device/administration/administration-ssh.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-ssh.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-ssh.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-ssh.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-ssh.o: device/administration/administration-ssh.cpp +CMakeFiles/nipper.dir/device/administration/administration-ssh.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-timeout.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-timeout.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-timeout.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-timeout.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-timeout.o: device/administration/administration-timeout.cpp +CMakeFiles/nipper.dir/device/administration/administration-timeout.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-tftp.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-tftp.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-tftp.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-tftp.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-tftp.o: device/administration/administration-tftp.cpp +CMakeFiles/nipper.dir/device/administration/administration-tftp.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-telnet.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-telnet.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-telnet.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-telnet.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-telnet.o: device/administration/administration-telnet.cpp +CMakeFiles/nipper.dir/device/administration/administration-telnet.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-ftp.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-ftp.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-ftp.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-ftp.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-ftp.o: device/administration/administration-ftp.cpp +CMakeFiles/nipper.dir/device/administration/administration-ftp.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-finger.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-finger.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-finger.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-finger.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-finger.o: device/administration/administration-finger.cpp +CMakeFiles/nipper.dir/device/administration/administration-finger.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-http.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-http.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-http.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-http.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-http.o: device/administration/administration-http.cpp +CMakeFiles/nipper.dir/device/administration/administration-http.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-hosts.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-hosts.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-hosts.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-hosts.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-hosts.o: device/administration/administration-hosts.cpp +CMakeFiles/nipper.dir/device/administration/administration-hosts.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-general.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-general.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-general.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-general.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-general.o: device/administration/administration-general.cpp +CMakeFiles/nipper.dir/device/administration/administration-general.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/administration/administration-bootp.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration-bootp.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration-bootp.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration-bootp.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration-bootp.o: device/administration/administration-bootp.cpp +CMakeFiles/nipper.dir/device/administration/administration-bootp.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o: device/reportgen/../../config.h +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o: device/reportgen/../../globaldefs.h +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o: device/reportgen/../device.h +CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o: device/reportgen/report-logginglevels.cpp + +CMakeFiles/nipper.dir/device/administration/administration.o: device/administration/../../config.h +CMakeFiles/nipper.dir/device/administration/administration.o: device/administration/../../globaldefs.h +CMakeFiles/nipper.dir/device/administration/administration.o: device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/administration/administration.o: device/administration/../device.h +CMakeFiles/nipper.dir/device/administration/administration.o: device/administration/../interfaces/interfaces.h +CMakeFiles/nipper.dir/device/administration/administration.o: device/administration/administration.cpp +CMakeFiles/nipper.dir/device/administration/administration.o: device/administration/administration.h + +CMakeFiles/nipper.dir/device/general/general.o: device/general/../../config.h +CMakeFiles/nipper.dir/device/general/general.o: device/general/../../globaldefs.h +CMakeFiles/nipper.dir/device/general/general.o: device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/general/general.o: device/general/../device.h +CMakeFiles/nipper.dir/device/general/general.o: device/general/general.cpp +CMakeFiles/nipper.dir/device/general/general.o: device/general/general.h + +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o: device/reportgen/../../config.h +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o: device/reportgen/../../globaldefs.h +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o: device/reportgen/../device.h +CMakeFiles/nipper.dir/device/reportgen/report-protocols.o: device/reportgen/report-protocols.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o: device/reportgen/../../config.h +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o: device/reportgen/../../globaldefs.h +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o: device/reportgen/../device.h +CMakeFiles/nipper.dir/device/reportgen/report-numbering.o: device/reportgen/report-numbering.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o: device/crypto/../../config.h +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o: device/crypto/../../globaldefs.h +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o: device/crypto/../device.h +CMakeFiles/nipper.dir/device/crypto/crypto-base64.o: device/crypto/crypto-base64.cpp + +CMakeFiles/nipper.dir/device/common/tables.o: device/common/../../config.h +CMakeFiles/nipper.dir/device/common/tables.o: device/common/../../globaldefs.h +CMakeFiles/nipper.dir/device/common/tables.o: device/common/../device.h +CMakeFiles/nipper.dir/device/common/tables.o: device/common/tables.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-misc.o: device/reportgen/../../config.h +CMakeFiles/nipper.dir/device/reportgen/report-misc.o: device/reportgen/../../globaldefs.h +CMakeFiles/nipper.dir/device/reportgen/report-misc.o: device/reportgen/../device.h +CMakeFiles/nipper.dir/device/reportgen/report-misc.o: device/reportgen/report-misc.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o: device/reportgen/../../config.h +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o: device/reportgen/../../globaldefs.h +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o: device/reportgen/../device.h +CMakeFiles/nipper.dir/device/reportgen/report-icmp.o: device/reportgen/report-icmp.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o: device/reportgen/../../config.h +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o: device/reportgen/../../globaldefs.h +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o: device/reportgen/../device.h +CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o: device/reportgen/report-abbreviations.cpp + +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o: device/reportgen/../../config.h +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o: device/reportgen/../../globaldefs.h +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o: device/reportgen/../device.h +CMakeFiles/nipper.dir/device/reportgen/report-commonports.o: device/reportgen/report-commonports.cpp + +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../../config.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../../globaldefs.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../administration/administration.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../authentication/authentication.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../banner/banner.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../device.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../dns/dns.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../filter/filter.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../general/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../general/general.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../interfaces/interfaces.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/../snmp/snmp.h +CMakeFiles/nipper.dir/device/reportgen/report.o: device/reportgen/report.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-url.o: device/crypto/../../config.h +CMakeFiles/nipper.dir/device/crypto/crypto-url.o: device/crypto/../../globaldefs.h +CMakeFiles/nipper.dir/device/crypto/crypto-url.o: device/crypto/../device.h +CMakeFiles/nipper.dir/device/crypto/crypto-url.o: device/crypto/crypto-url.cpp + +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o: device/crypto/../../config.h +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o: device/crypto/../../globaldefs.h +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o: device/crypto/../device.h +CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o: device/crypto/crypto-ciscotype7.cpp + +CMakeFiles/nipper.dir/report/report-titles.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-titles.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-titles.o: report/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/report/report-titles.o: report/../device/general/general.h +CMakeFiles/nipper.dir/report/report-titles.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-titles.o: report/report-titles.cpp +CMakeFiles/nipper.dir/report/report-titles.o: report/report.h + +CMakeFiles/nipper.dir/report/report-text.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-text.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-text.o: report/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/report/report-text.o: report/../device/general/general.h +CMakeFiles/nipper.dir/report/report-text.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-text.o: report/report-text.cpp +CMakeFiles/nipper.dir/report/report-text.o: report/report.h + +CMakeFiles/nipper.dir/report/report-table.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-table.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-table.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-table.o: report/report-table.cpp +CMakeFiles/nipper.dir/report/report-table.o: report/report.h + +CMakeFiles/nipper.dir/device/common/passwords.o: device/common/../../config.h +CMakeFiles/nipper.dir/device/common/passwords.o: device/common/../../globaldefs.h +CMakeFiles/nipper.dir/device/common/passwords.o: device/common/../device.h +CMakeFiles/nipper.dir/device/common/passwords.o: device/common/../general/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/common/passwords.o: device/common/../general/general.h +CMakeFiles/nipper.dir/device/common/passwords.o: device/common/passwords.cpp + +CMakeFiles/nipper.dir/device/common/paragraph.o: device/common/../../config.h +CMakeFiles/nipper.dir/device/common/paragraph.o: device/common/../../globaldefs.h +CMakeFiles/nipper.dir/device/common/paragraph.o: device/common/../device.h +CMakeFiles/nipper.dir/device/common/paragraph.o: device/common/paragraph.cpp + +CMakeFiles/nipper.dir/device/common/misc.o: device/common/../../config.h +CMakeFiles/nipper.dir/device/common/misc.o: device/common/../../globaldefs.h +CMakeFiles/nipper.dir/device/common/misc.o: device/common/../device.h +CMakeFiles/nipper.dir/device/common/misc.o: device/common/misc.cpp + +CMakeFiles/nipper.dir/device/common/file.o: device/common/../../config.h +CMakeFiles/nipper.dir/device/common/file.o: device/common/../../globaldefs.h +CMakeFiles/nipper.dir/device/common/file.o: device/common/../device.h +CMakeFiles/nipper.dir/device/common/file.o: device/common/../errortext.h +CMakeFiles/nipper.dir/device/common/file.o: device/common/file.cpp + +CMakeFiles/nipper.dir/device/common/deviceconfig.o: device/common/../../config.h +CMakeFiles/nipper.dir/device/common/deviceconfig.o: device/common/../../globaldefs.h +CMakeFiles/nipper.dir/device/common/deviceconfig.o: device/common/../device.h +CMakeFiles/nipper.dir/device/common/deviceconfig.o: device/common/configline.h +CMakeFiles/nipper.dir/device/common/deviceconfig.o: device/common/deviceconfig.cpp +CMakeFiles/nipper.dir/device/common/deviceconfig.o: device/common/deviceconfig.h + +CMakeFiles/nipper.dir/device/common/configline.o: device/common/../../globaldefs.h +CMakeFiles/nipper.dir/device/common/configline.o: device/common/configline.cpp +CMakeFiles/nipper.dir/device/common/configline.o: device/common/configline.h + +CMakeFiles/nipper.dir/device/device.o: device/../config.h +CMakeFiles/nipper.dir/device/device.o: device/../globaldefs.h +CMakeFiles/nipper.dir/device/device.o: device/administration/administration.h +CMakeFiles/nipper.dir/device/device.o: device/authentication/../device.h +CMakeFiles/nipper.dir/device/device.o: device/authentication/authentication.h +CMakeFiles/nipper.dir/device/device.o: device/banner/banner.h +CMakeFiles/nipper.dir/device/device.o: device/device.cpp +CMakeFiles/nipper.dir/device/device.o: device/device.h +CMakeFiles/nipper.dir/device/device.o: device/dns/dns.h +CMakeFiles/nipper.dir/device/device.o: device/errortext.h +CMakeFiles/nipper.dir/device/device.o: device/filter/filter.h +CMakeFiles/nipper.dir/device/device.o: device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/device/device.o: device/general/general.h +CMakeFiles/nipper.dir/device/device.o: device/interfaces/interfaces.h +CMakeFiles/nipper.dir/device/device.o: device/snmp/snmp.h + +CMakeFiles/nipper.dir/report/report-start.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-start.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-start.o: report/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/report/report-start.o: report/../device/general/general.h +CMakeFiles/nipper.dir/report/report-start.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-start.o: report/report-start.cpp +CMakeFiles/nipper.dir/report/report-start.o: report/report.h + +CMakeFiles/nipper.dir/report/report-section-appendix.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-section-appendix.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-section-appendix.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-section-appendix.o: report/report-section-appendix.cpp +CMakeFiles/nipper.dir/report/report-section-appendix.o: report/report.h + +CMakeFiles/nipper.dir/report/report-section-config.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-section-config.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-section-config.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-section-config.o: report/report-section-config.cpp +CMakeFiles/nipper.dir/report/report-section-config.o: report/report.h + +CMakeFiles/nipper.dir/report/report-section-compliance.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-section-compliance.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-section-compliance.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-section-compliance.o: report/report-section-compliance.cpp +CMakeFiles/nipper.dir/report/report-section-compliance.o: report/report.h + +CMakeFiles/nipper.dir/report/report-section-security.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-section-security.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-section-security.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-section-security.o: report/report-section-security.cpp +CMakeFiles/nipper.dir/report/report-section-security.o: report/report.h + +CMakeFiles/nipper.dir/report/report-list.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-list.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-list.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-list.o: report/report-list.cpp +CMakeFiles/nipper.dir/report/report-list.o: report/report.h + +CMakeFiles/nipper.dir/report/report-introduction.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-introduction.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-introduction.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-introduction.o: report/report-introduction.cpp +CMakeFiles/nipper.dir/report/report-introduction.o: report/report.h + +CMakeFiles/nipper.dir/report/report-frontpage.o: report/../config.h +CMakeFiles/nipper.dir/report/report-frontpage.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-frontpage.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-frontpage.o: report/report-frontpage.cpp +CMakeFiles/nipper.dir/report/report-frontpage.o: report/report.h + +CMakeFiles/nipper.dir/report/report-functions.o: report/../device/../config.h +CMakeFiles/nipper.dir/report/report-functions.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-functions.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-functions.o: report/report-functions.cpp +CMakeFiles/nipper.dir/report/report-functions.o: report/report.h + +CMakeFiles/nipper.dir/report/report-contents.o: report/../config.h +CMakeFiles/nipper.dir/report/report-contents.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report-contents.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report-contents.o: report/report-contents.cpp +CMakeFiles/nipper.dir/report/report-contents.o: report/report.h + +CMakeFiles/nipper.dir/report/report.o: report/../config.h +CMakeFiles/nipper.dir/report/report.o: report/../device/device.h +CMakeFiles/nipper.dir/report/report.o: report/../globaldefs.h +CMakeFiles/nipper.dir/report/report.o: report/report.cpp +CMakeFiles/nipper.dir/report/report.o: report/report.h + +CMakeFiles/nipper.dir/config.o: config.cpp +CMakeFiles/nipper.dir/config.o: config.h +CMakeFiles/nipper.dir/config.o: globaldefs.h + +CMakeFiles/nipper.dir/libnipper.o: 3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/libnipper.o: 3Com-SuperStack3-Firewall/device.h +CMakeFiles/nipper.dir/libnipper.o: BayNetworks-Accelar/device.h +CMakeFiles/nipper.dir/libnipper.o: CheckPoint-Firewall/../CheckPoint/device.h +CMakeFiles/nipper.dir/libnipper.o: CheckPoint-Firewall/device.h +CMakeFiles/nipper.dir/libnipper.o: CheckPoint-Management/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-Catalyst-CatOS/../Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-Catalyst-CatOS/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-Catalyst-NMP/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-IOS-Catalyst/../Cisco-IOS/iosdevice.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-IOS-Catalyst/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-IOS-Router/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-Security-ASA/../Cisco-Security/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-Security-ASA/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-Security-FWSM/device.h +CMakeFiles/nipper.dir/libnipper.o: Cisco-Security-PIX/device.h +CMakeFiles/nipper.dir/libnipper.o: HP-ProCurve/device.h +CMakeFiles/nipper.dir/libnipper.o: Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/libnipper.o: Nokia-IP/device.h +CMakeFiles/nipper.dir/libnipper.o: Nortel-Passport/device.h +CMakeFiles/nipper.dir/libnipper.o: Nortel-RoutingSwitch/../Nortel-Passport/device.h +CMakeFiles/nipper.dir/libnipper.o: Nortel-RoutingSwitch/device.h +CMakeFiles/nipper.dir/libnipper.o: SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/libnipper.o: config.h +CMakeFiles/nipper.dir/libnipper.o: globaldefs.h +CMakeFiles/nipper.dir/libnipper.o: libnipper.cpp +CMakeFiles/nipper.dir/libnipper.o: libnipper.h +CMakeFiles/nipper.dir/libnipper.o: report/../device/../config.h +CMakeFiles/nipper.dir/libnipper.o: report/../device/device.h +CMakeFiles/nipper.dir/libnipper.o: report/report.h + +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/../device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/authentication.cpp +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/authentication.h +CMakeFiles/nipper.dir/Cisco-CSS/authentication.o: Cisco-CSS/device.h + +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/../device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/interfaces.cpp +CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o: Cisco-CSS/interfaces.h + +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/banner/banner.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/dns/dns.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/administration.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/authentication.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/banner.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/device.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/dns.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/interfaces.h +CMakeFiles/nipper.dir/Cisco-Catalyst/device.o: Cisco-Catalyst/snmp.h + +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/general.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst/general.o: Cisco-Catalyst/general.h + +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/administration.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/administration.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o: Cisco-Catalyst/general.h + +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/../device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/authentication.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/authentication.h +CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o: Cisco-Catalyst/device.h + +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/../device/banner/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/../device/banner/banner.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/banner.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/banner.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o: Cisco-Catalyst/general.h + +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/../device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/../device/dns/dns.h +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/dns.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o: Cisco-Catalyst/dns.h + +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/general.h +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/snmp.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o: Cisco-Catalyst/snmp.h + +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/../device/common/configline.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/../device/errortext.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/../device/filter/filter.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/../device/general/general.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/../globaldefs.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/device.cpp +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/filter.h +CMakeFiles/nipper.dir/CheckPoint/device.o: CheckPoint/general.h + +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/../device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/interfaces.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o: Cisco-Catalyst/interfaces.h + +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: Cisco-Catalyst-CatOS/../Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: Cisco-Catalyst-CatOS/../Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: Cisco-Catalyst-CatOS/../Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: Cisco-Catalyst-CatOS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: Cisco-Catalyst-CatOS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: Cisco-Catalyst-CatOS/device.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o: Cisco-Catalyst-CatOS/device.h + +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: Cisco-Catalyst-NMP/../Cisco-Catalyst/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: Cisco-Catalyst-NMP/../Cisco-Catalyst/../device/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: Cisco-Catalyst-NMP/../Cisco-Catalyst/device.h +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: Cisco-Catalyst-NMP/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: Cisco-Catalyst-NMP/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: Cisco-Catalyst-NMP/device.cpp +CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o: Cisco-Catalyst-NMP/device.h + +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../Cisco-Security/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../Cisco-Security/administration.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/administration.cpp +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/administration.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o: Cisco-Security-PIX/device.h + +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/authentication/../device.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/banner/banner.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/dns/dns.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/filter/filter.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/administration.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/authentication.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/banner.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/device.cpp +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/dns.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/filter.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/general.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/interfaces.h +CMakeFiles/nipper.dir/Cisco-CSS/device.o: Cisco-CSS/snmp.h + +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/general.cpp +CMakeFiles/nipper.dir/Cisco-CSS/general.o: Cisco-CSS/general.h + +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/administration.cpp +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/administration.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/administration.o: Cisco-CSS/general.h + +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/../device/banner/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/../device/banner/banner.h +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/banner.cpp +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/banner.h +CMakeFiles/nipper.dir/Cisco-CSS/banner.o: Cisco-CSS/device.h + +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/general.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/snmp.cpp +CMakeFiles/nipper.dir/Cisco-CSS/snmp.o: Cisco-CSS/snmp.h + +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/general.h +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/snmp-report.cpp +CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o: Cisco-CSS/snmp.h + +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/../device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/../device/dns/dns.h +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/dns.cpp +CMakeFiles/nipper.dir/Cisco-CSS/dns.o: Cisco-CSS/dns.h + +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/../device/../config.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/../device/device.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/../device/filter/filter.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/device.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/filter.cpp +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/filter.h +CMakeFiles/nipper.dir/Cisco-CSS/filter.o: Cisco-CSS/interfaces.h + +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/../device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/interfaces.cpp +CMakeFiles/nipper.dir/Cisco-Security/interfaces.o: Cisco-Security/interfaces.h + +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../Cisco-Security/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../Cisco-Security/administration.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/administration.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/device.cpp +CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o: Cisco-Security-ASA/device.h + +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../Cisco-Security/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../Cisco-Security/administration.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/administration.cpp +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/administration.h +CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o: Cisco-Security-ASA/device.h + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../Cisco-Security/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../Cisco-Security/administration.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/administration.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/device.cpp +CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o: Cisco-Security-FWSM/device.h + +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../Cisco-Security/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../Cisco-Security/administration.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/administration.cpp +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/administration.h +CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o: Cisco-Security-FWSM/device.h + +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../Cisco-Security/../device/../config.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../Cisco-Security/../device/administration/administration.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../Cisco-Security/../device/device.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../Cisco-Security/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../Cisco-Security/../device/general/general.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../Cisco-Security/administration.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../Cisco-Security/device.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../Cisco-Security/general.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../device/common/configline.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/../globaldefs.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/administration.h +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/device.cpp +CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o: Cisco-Security-PIX/device.h + +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/../device/common/configline.h +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/../device/filter/filter.h +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/../globaldefs.h +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/filter-objects.cpp +CMakeFiles/nipper.dir/CheckPoint/filter-objects.o: CheckPoint/filter.h + +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/../device/common/configline.h +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/../device/filter/filter.h +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/../globaldefs.h +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/filter-rules.cpp +CMakeFiles/nipper.dir/CheckPoint/filter-rules.o: CheckPoint/filter.h + +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/../device/common/configline.h +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/../device/filter/filter.h +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/../globaldefs.h +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/filter-services.cpp +CMakeFiles/nipper.dir/CheckPoint/filter-services.o: CheckPoint/filter.h + +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o: CheckPoint-Firewall/../CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o: CheckPoint-Firewall/../CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o: CheckPoint-Firewall/../CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o: CheckPoint-Firewall/device.cpp +CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o: CheckPoint-Firewall/device.h + +CMakeFiles/nipper.dir/CheckPoint-Management/device.o: CheckPoint-Management/../CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/CheckPoint-Management/device.o: CheckPoint-Management/../CheckPoint/../device/device.h +CMakeFiles/nipper.dir/CheckPoint-Management/device.o: CheckPoint-Management/../CheckPoint/device.h +CMakeFiles/nipper.dir/CheckPoint-Management/device.o: CheckPoint-Management/device.cpp +CMakeFiles/nipper.dir/CheckPoint-Management/device.o: CheckPoint-Management/device.h + +CMakeFiles/nipper.dir/Nokia-IP/device.o: Nokia-IP/../CheckPoint/../device/../config.h +CMakeFiles/nipper.dir/Nokia-IP/device.o: Nokia-IP/../CheckPoint/../device/device.h +CMakeFiles/nipper.dir/Nokia-IP/device.o: Nokia-IP/../CheckPoint/device.h +CMakeFiles/nipper.dir/Nokia-IP/device.o: Nokia-IP/device.cpp +CMakeFiles/nipper.dir/Nokia-IP/device.o: Nokia-IP/device.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/authentication/../device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/banner/banner.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/dns/dns.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/filter/filter.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/general/general.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/administration.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/authentication.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/banner.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/device.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/dns.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/filter.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/general.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/interfaces.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o: Juniper-ScreenOS/snmp.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/../device/general/general.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/general.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o: Juniper-ScreenOS/general.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/../device/general/general.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/administration.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/administration.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o: Juniper-ScreenOS/general.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/../device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/../device/authentication/../device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/../device/authentication/authentication.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/authentication.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/authentication.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o: Juniper-ScreenOS/device.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/administration-report.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/administration.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o: Juniper-ScreenOS/device.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/../device/banner/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/../device/banner/banner.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/banner.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/banner.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o: Juniper-ScreenOS/device.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/../device/administration/administration.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/../device/general/general.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/administration.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/general.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/snmp.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o: Juniper-ScreenOS/snmp.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/../device/filter/filter.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/filter.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o: Juniper-ScreenOS/filter.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/../device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/../device/dns/dns.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/dns.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o: Juniper-ScreenOS/dns.h + +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/../device/../config.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/../device/common/configline.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/../device/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/../device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/../globaldefs.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/device.h +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/interfaces.cpp +CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o: Juniper-ScreenOS/interfaces.h + +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/administration/administration.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/banner/banner.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/common/configline.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/filter/filter.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/general/general.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/../globaldefs.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/administration.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/banner.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/device.cpp +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/device.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/filter.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/general.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/interfaces.h +CMakeFiles/nipper.dir/Nortel-Passport/device.o: Nortel-Passport/snmp.h + +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/../device/common/configline.h +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/../device/general/general.h +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/../globaldefs.h +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/device.h +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/general.cpp +CMakeFiles/nipper.dir/Nortel-Passport/general.o: Nortel-Passport/general.h + +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/../device/administration/administration.h +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/../device/common/configline.h +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/../globaldefs.h +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/administration.cpp +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/administration.h +CMakeFiles/nipper.dir/Nortel-Passport/administration.o: Nortel-Passport/device.h + +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/../device/banner/../common/deviceconfig.h +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/../device/banner/banner.h +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/../device/common/configline.h +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/../globaldefs.h +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/banner.cpp +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/banner.h +CMakeFiles/nipper.dir/Nortel-Passport/banner.o: Nortel-Passport/device.h + +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/../device/common/configline.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/../device/general/general.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/../device/snmp/snmp.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/../globaldefs.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/device.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/general.h +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/snmp.cpp +CMakeFiles/nipper.dir/Nortel-Passport/snmp.o: Nortel-Passport/snmp.h + +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/../device/common/configline.h +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/../device/filter/filter.h +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/../globaldefs.h +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/device.h +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/filter.cpp +CMakeFiles/nipper.dir/Nortel-Passport/filter.o: Nortel-Passport/filter.h + +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/../device/common/configline.h +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/../device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/../globaldefs.h +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/device.h +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/interfaces.cpp +CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o: Nortel-Passport/interfaces.h + +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o: Nortel-RoutingSwitch/../Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o: Nortel-RoutingSwitch/../Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o: Nortel-RoutingSwitch/../Nortel-Passport/device.h +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o: Nortel-RoutingSwitch/device.cpp +CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o: Nortel-RoutingSwitch/device.h + +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o: BayNetworks-Accelar/../Nortel-Passport/../device/../config.h +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o: BayNetworks-Accelar/../Nortel-Passport/../device/device.h +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o: BayNetworks-Accelar/../Nortel-Passport/device.h +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o: BayNetworks-Accelar/device.cpp +CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o: BayNetworks-Accelar/device.h + +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/administration/administration.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/authentication/../device.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/authentication/authentication.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/banner/banner.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/common/configline.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/dns/dns.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/general/general.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../device/snmp/snmp.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/administration.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/authentication.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/banner.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/device.cpp +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/device.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/dns.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/general.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/interfaces.h +CMakeFiles/nipper.dir/HP-ProCurve/device.o: HP-ProCurve/snmp.h + +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/../device/common/configline.h +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/../device/general/general.h +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/device.h +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/general.cpp +CMakeFiles/nipper.dir/HP-ProCurve/general.o: HP-ProCurve/general.h + +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/../device/banner/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/../device/banner/banner.h +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/../device/common/configline.h +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/banner.cpp +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/banner.h +CMakeFiles/nipper.dir/HP-ProCurve/banner.o: HP-ProCurve/device.h + +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/../device/administration/administration.h +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/../device/common/configline.h +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/administration.cpp +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/administration.h +CMakeFiles/nipper.dir/HP-ProCurve/administration.o: HP-ProCurve/device.h + +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/../device/common/configline.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/../device/general/general.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/../device/snmp/snmp.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/device.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/general.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/snmp.cpp +CMakeFiles/nipper.dir/HP-ProCurve/snmp.o: HP-ProCurve/snmp.h + +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/../device/general/general.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/../device/snmp/snmp.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/device.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/general.h +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/snmp-report.cpp +CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o: HP-ProCurve/snmp.h + +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/../device/common/configline.h +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/../device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/../device/dns/dns.h +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/device.h +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/dns.cpp +CMakeFiles/nipper.dir/HP-ProCurve/dns.o: HP-ProCurve/dns.h + +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/../device/common/configline.h +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/../device/interfaces/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/../device/interfaces/interfaces.h +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/device.h +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/interfaces.cpp +CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o: HP-ProCurve/interfaces.h + +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/../device/../config.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/../device/authentication/../common/deviceconfig.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/../device/authentication/../device.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/../device/authentication/authentication.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/../device/common/configline.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/../device/device.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/../globaldefs.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/authentication.cpp +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/authentication.h +CMakeFiles/nipper.dir/HP-ProCurve/authentication.o: HP-ProCurve/device.h + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/../config.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/administration/administration.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/common/configline.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/dns/dns.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/errortext.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/filter/filter.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/general/general.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/../globaldefs.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/administration.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/device.cpp +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/dns.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/filter.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/general.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o: SonicWALL-SonicOS/snmp.h + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/../device/../config.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/../device/common/configline.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/../device/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/../device/dns/../common/deviceconfig.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/../device/dns/dns.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/../globaldefs.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/dns.cpp +CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o: SonicWALL-SonicOS/dns.h + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/../device/../config.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/../device/common/configline.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/../device/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/../device/general/general.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/../globaldefs.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/general.cpp +CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o: SonicWALL-SonicOS/general.h + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/../device/../config.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/../device/common/configline.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/../device/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/../device/filter/../common/deviceconfig.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/../device/filter/filter.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/../globaldefs.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/filter.cpp +CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o: SonicWALL-SonicOS/filter.h + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/../device/../config.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/../device/common/configline.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/../device/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/../device/general/../common/deviceconfig.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/../device/general/general.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/../globaldefs.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/general.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/snmp.cpp +CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o: SonicWALL-SonicOS/snmp.h + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/../device/../config.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/../device/administration/administration.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/../device/common/configline.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/../device/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/../device/snmp/snmp.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/../globaldefs.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/administration.cpp +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/administration.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o: SonicWALL-SonicOS/snmp.h + +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: 3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/../device/../config.h +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: 3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/../device/device.h +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: 3Com-SuperStack3-Firewall/../SonicWALL-SonicOS/device.h +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: 3Com-SuperStack3-Firewall/../device/common/configline.h +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: 3Com-SuperStack3-Firewall/../globaldefs.h +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: 3Com-SuperStack3-Firewall/device.cpp +CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o: 3Com-SuperStack3-Firewall/device.h + +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/../device/../config.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/../device/administration/../common/deviceconfig.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/../device/administration/administration.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/../device/common/configline.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/../device/device.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/../globaldefs.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/administration-report.cpp +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/administration.h +CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o: SonicWALL-SonicOS/device.h + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/depend.make.mark b/libnipper-0.12.6/CMakeFiles/nipper.dir/depend.make.mark new file mode 100644 index 0000000..5675640 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/depend.make.mark @@ -0,0 +1 @@ +Dependencies updated> diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/.svn/all-wcprops new file mode 100644 index 0000000..3e6c1a0 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/.svn/entries new file mode 100644 index 0000000..8310924 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/.svn/entries @@ -0,0 +1,61 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +dns +dir + +banner +dir + +reportgen +dir + +administration +dir + +filter +dir + +common +dir + +snmp +dir + +general +dir + +authentication +dir + +crypto +dir + +interfaces +dir + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/.svn/all-wcprops new file mode 100644 index 0000000..928c65b --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 82 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/.svn/entries new file mode 100644 index 0000000..81a12a5 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/administration +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/.svn/all-wcprops new file mode 100644 index 0000000..d385b8e --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 82 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/.svn/entries new file mode 100644 index 0000000..f3bdd25 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/authentication +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/banner/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/banner/.svn/all-wcprops new file mode 100644 index 0000000..d3f3cce --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/banner/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 74 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/banner +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/banner/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/banner/.svn/entries new file mode 100644 index 0000000..428ffb4 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/banner/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/banner +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/.svn/all-wcprops new file mode 100644 index 0000000..0bda89a --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 74 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/.svn/entries new file mode 100644 index 0000000..5224eb3 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/common +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/crypto/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/crypto/.svn/all-wcprops new file mode 100644 index 0000000..1af5ece --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/crypto/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 74 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/crypto +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/crypto/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/crypto/.svn/entries new file mode 100644 index 0000000..163d256 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/crypto/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/crypto +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/dns/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/dns/.svn/all-wcprops new file mode 100644 index 0000000..a2cc6ee --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/dns/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 71 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/dns +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/dns/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/dns/.svn/entries new file mode 100644 index 0000000..824c98b --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/dns/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/dns +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/.svn/all-wcprops new file mode 100644 index 0000000..96decac --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 74 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/.svn/entries new file mode 100644 index 0000000..fb2ded6 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/filter +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/general/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/general/.svn/all-wcprops new file mode 100644 index 0000000..6347775 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/general/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 75 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/general +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/general/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/general/.svn/entries new file mode 100644 index 0000000..100d23d --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/general/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/general +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces/.svn/all-wcprops new file mode 100644 index 0000000..0d9f915 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 78 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces/.svn/entries new file mode 100644 index 0000000..7813b09 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/interfaces +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/.svn/all-wcprops new file mode 100644 index 0000000..3e7230e --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 77 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/.svn/entries new file mode 100644 index 0000000..6f03dde --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/reportgen +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/.svn/all-wcprops new file mode 100644 index 0000000..c66310f --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 72 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/.svn/entries new file mode 100644 index 0000000..0d6f573 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/device/snmp +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/flags.make b/libnipper-0.12.6/CMakeFiles/nipper.dir/flags.make new file mode 100644 index 0000000..f2265e2 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/flags.make @@ -0,0 +1,5 @@ +# CMAKE generated file: DO NOT EDIT! +# Generated by "Unix Makefiles" Generator, CMake Version 2.4 + +CXX_FLAGS = -Dnipper_EXPORTS -fPIC -O2 + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/link.txt b/libnipper-0.12.6/CMakeFiles/nipper.dir/link.txt new file mode 100644 index 0000000..ad9e035 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/link.txt @@ -0,0 +1 @@ +/usr/bin/c++ -fPIC -shared -Wl,-soname,libnipper.so -o libnipper.so "CMakeFiles/nipper.dir/libnipper.o" "CMakeFiles/nipper.dir/config.o" "CMakeFiles/nipper.dir/report/report.o" "CMakeFiles/nipper.dir/report/report-contents.o" "CMakeFiles/nipper.dir/report/report-functions.o" "CMakeFiles/nipper.dir/report/report-frontpage.o" "CMakeFiles/nipper.dir/report/report-introduction.o" "CMakeFiles/nipper.dir/report/report-list.o" "CMakeFiles/nipper.dir/report/report-section-security.o" "CMakeFiles/nipper.dir/report/report-section-compliance.o" "CMakeFiles/nipper.dir/report/report-section-config.o" "CMakeFiles/nipper.dir/report/report-section-appendix.o" "CMakeFiles/nipper.dir/report/report-start.o" "CMakeFiles/nipper.dir/report/report-table.o" "CMakeFiles/nipper.dir/report/report-text.o" "CMakeFiles/nipper.dir/report/report-titles.o" "CMakeFiles/nipper.dir/device/device.o" "CMakeFiles/nipper.dir/device/common/configline.o" "CMakeFiles/nipper.dir/device/common/deviceconfig.o" "CMakeFiles/nipper.dir/device/common/file.o" "CMakeFiles/nipper.dir/device/common/misc.o" "CMakeFiles/nipper.dir/device/common/paragraph.o" "CMakeFiles/nipper.dir/device/common/passwords.o" "CMakeFiles/nipper.dir/device/common/tables.o" "CMakeFiles/nipper.dir/device/crypto/crypto-base64.o" "CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o" "CMakeFiles/nipper.dir/device/crypto/crypto-url.o" "CMakeFiles/nipper.dir/device/reportgen/report.o" "CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o" "CMakeFiles/nipper.dir/device/reportgen/report-commonports.o" "CMakeFiles/nipper.dir/device/reportgen/report-icmp.o" "CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o" "CMakeFiles/nipper.dir/device/reportgen/report-misc.o" "CMakeFiles/nipper.dir/device/reportgen/report-numbering.o" "CMakeFiles/nipper.dir/device/reportgen/report-protocols.o" "CMakeFiles/nipper.dir/device/general/general.o" "CMakeFiles/nipper.dir/device/administration/administration.o" "CMakeFiles/nipper.dir/device/administration/administration-bootp.o" "CMakeFiles/nipper.dir/device/administration/administration-finger.o" "CMakeFiles/nipper.dir/device/administration/administration-ftp.o" "CMakeFiles/nipper.dir/device/administration/administration-general.o" "CMakeFiles/nipper.dir/device/administration/administration-hosts.o" "CMakeFiles/nipper.dir/device/administration/administration-http.o" "CMakeFiles/nipper.dir/device/administration/administration-telnet.o" "CMakeFiles/nipper.dir/device/administration/administration-tftp.o" "CMakeFiles/nipper.dir/device/administration/administration-timeout.o" "CMakeFiles/nipper.dir/device/administration/administration-ssh.o" "CMakeFiles/nipper.dir/device/dns/dns.o" "CMakeFiles/nipper.dir/device/dns/dns-report.o" "CMakeFiles/nipper.dir/device/authentication/authentication.o" "CMakeFiles/nipper.dir/device/authentication/authentication-general.o" "CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o" "CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o" "CMakeFiles/nipper.dir/device/authentication/authentication-nt.o" "CMakeFiles/nipper.dir/device/authentication/authentication-radius.o" "CMakeFiles/nipper.dir/device/authentication/authentication-securid.o" "CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o" "CMakeFiles/nipper.dir/device/authentication/authentication-users.o" "CMakeFiles/nipper.dir/device/banner/banner.o" "CMakeFiles/nipper.dir/device/banner/banner-report.o" "CMakeFiles/nipper.dir/device/filter/filter.o" "CMakeFiles/nipper.dir/device/filter/filter-filter.o" "CMakeFiles/nipper.dir/device/filter/filter-filter-report.o" "CMakeFiles/nipper.dir/device/filter/filter-object.o" "CMakeFiles/nipper.dir/device/filter/filter-object-report.o" "CMakeFiles/nipper.dir/device/filter/filter-security.o" "CMakeFiles/nipper.dir/device/filter/filter-security-report.o" "CMakeFiles/nipper.dir/device/interfaces/interfaces.o" "CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o" "CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o" "CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o" "CMakeFiles/nipper.dir/device/snmp/snmp.o" "CMakeFiles/nipper.dir/device/snmp/snmp-community.o" "CMakeFiles/nipper.dir/device/snmp/snmp-group.o" "CMakeFiles/nipper.dir/device/snmp/snmp-host.o" "CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o" "CMakeFiles/nipper.dir/device/snmp/snmp-traps.o" "CMakeFiles/nipper.dir/device/snmp/snmp-user.o" "CMakeFiles/nipper.dir/device/snmp/snmp-view.o" "CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o" "CMakeFiles/nipper.dir/Cisco-IOS/general.o" "CMakeFiles/nipper.dir/Cisco-IOS/administration.o" "CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o" "CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o" "CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o" "CMakeFiles/nipper.dir/Cisco-IOS/authentication.o" "CMakeFiles/nipper.dir/Cisco-IOS/banner.o" "CMakeFiles/nipper.dir/Cisco-IOS/snmp.o" "CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o" "CMakeFiles/nipper.dir/Cisco-IOS/filter.o" "CMakeFiles/nipper.dir/Cisco-IOS/dns.o" "CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o" "CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o" "CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o" "CMakeFiles/nipper.dir/Cisco-Security/device.o" "CMakeFiles/nipper.dir/Cisco-Security/general.o" "CMakeFiles/nipper.dir/Cisco-Security/administration.o" "CMakeFiles/nipper.dir/Cisco-Security/authentication.o" "CMakeFiles/nipper.dir/Cisco-Security/banner.o" "CMakeFiles/nipper.dir/Cisco-Security/filter.o" "CMakeFiles/nipper.dir/Cisco-Security/snmp.o" "CMakeFiles/nipper.dir/Cisco-Security/dns.o" "CMakeFiles/nipper.dir/Cisco-Security/interfaces.o" "CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o" "CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o" "CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o" "CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o" "CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o" "CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o" "CMakeFiles/nipper.dir/Cisco-CSS/device.o" "CMakeFiles/nipper.dir/Cisco-CSS/general.o" "CMakeFiles/nipper.dir/Cisco-CSS/administration.o" "CMakeFiles/nipper.dir/Cisco-CSS/banner.o" "CMakeFiles/nipper.dir/Cisco-CSS/snmp.o" "CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o" "CMakeFiles/nipper.dir/Cisco-CSS/dns.o" "CMakeFiles/nipper.dir/Cisco-CSS/filter.o" "CMakeFiles/nipper.dir/Cisco-CSS/authentication.o" "CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o" "CMakeFiles/nipper.dir/Cisco-Catalyst/device.o" "CMakeFiles/nipper.dir/Cisco-Catalyst/general.o" "CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o" "CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o" "CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o" "CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o" "CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o" "CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o" "CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o" "CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o" "CMakeFiles/nipper.dir/CheckPoint/device.o" "CMakeFiles/nipper.dir/CheckPoint/device-policies.o" "CMakeFiles/nipper.dir/CheckPoint/general.o" "CMakeFiles/nipper.dir/CheckPoint/filter.o" "CMakeFiles/nipper.dir/CheckPoint/filter-objects.o" "CMakeFiles/nipper.dir/CheckPoint/filter-rules.o" "CMakeFiles/nipper.dir/CheckPoint/filter-services.o" "CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o" "CMakeFiles/nipper.dir/CheckPoint-Management/device.o" "CMakeFiles/nipper.dir/Nokia-IP/device.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o" "CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o" "CMakeFiles/nipper.dir/Nortel-Passport/device.o" "CMakeFiles/nipper.dir/Nortel-Passport/general.o" "CMakeFiles/nipper.dir/Nortel-Passport/administration.o" "CMakeFiles/nipper.dir/Nortel-Passport/banner.o" "CMakeFiles/nipper.dir/Nortel-Passport/snmp.o" "CMakeFiles/nipper.dir/Nortel-Passport/filter.o" "CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o" "CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o" "CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o" "CMakeFiles/nipper.dir/HP-ProCurve/device.o" "CMakeFiles/nipper.dir/HP-ProCurve/general.o" "CMakeFiles/nipper.dir/HP-ProCurve/administration.o" "CMakeFiles/nipper.dir/HP-ProCurve/banner.o" "CMakeFiles/nipper.dir/HP-ProCurve/snmp.o" "CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o" "CMakeFiles/nipper.dir/HP-ProCurve/dns.o" "CMakeFiles/nipper.dir/HP-ProCurve/authentication.o" "CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o" "CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o" "CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o" "CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o" "CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o" "CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o" "CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o" "CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o" "CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o" diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/progress.make b/libnipper-0.12.6/CMakeFiles/nipper.dir/progress.make new file mode 100644 index 0000000..546884a --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/progress.make @@ -0,0 +1,176 @@ +CMAKE_PROGRESS_1 = +CMAKE_PROGRESS_2 = 1 +CMAKE_PROGRESS_3 = +CMAKE_PROGRESS_4 = 2 +CMAKE_PROGRESS_5 = +CMAKE_PROGRESS_6 = 3 +CMAKE_PROGRESS_7 = 4 +CMAKE_PROGRESS_8 = +CMAKE_PROGRESS_9 = 5 +CMAKE_PROGRESS_10 = +CMAKE_PROGRESS_11 = 6 +CMAKE_PROGRESS_12 = +CMAKE_PROGRESS_13 = 7 +CMAKE_PROGRESS_14 = 8 +CMAKE_PROGRESS_15 = +CMAKE_PROGRESS_16 = 9 +CMAKE_PROGRESS_17 = +CMAKE_PROGRESS_18 = 10 +CMAKE_PROGRESS_19 = +CMAKE_PROGRESS_20 = 11 +CMAKE_PROGRESS_21 = 12 +CMAKE_PROGRESS_22 = +CMAKE_PROGRESS_23 = 13 +CMAKE_PROGRESS_24 = +CMAKE_PROGRESS_25 = 14 +CMAKE_PROGRESS_26 = +CMAKE_PROGRESS_27 = 15 +CMAKE_PROGRESS_28 = 16 +CMAKE_PROGRESS_29 = +CMAKE_PROGRESS_30 = 17 +CMAKE_PROGRESS_31 = +CMAKE_PROGRESS_32 = 18 +CMAKE_PROGRESS_33 = +CMAKE_PROGRESS_34 = 19 +CMAKE_PROGRESS_35 = 20 +CMAKE_PROGRESS_36 = +CMAKE_PROGRESS_37 = 21 +CMAKE_PROGRESS_38 = +CMAKE_PROGRESS_39 = 22 +CMAKE_PROGRESS_40 = +CMAKE_PROGRESS_41 = 23 +CMAKE_PROGRESS_42 = 24 +CMAKE_PROGRESS_43 = +CMAKE_PROGRESS_44 = 25 +CMAKE_PROGRESS_45 = +CMAKE_PROGRESS_46 = 26 +CMAKE_PROGRESS_47 = +CMAKE_PROGRESS_48 = 27 +CMAKE_PROGRESS_49 = 28 +CMAKE_PROGRESS_50 = +CMAKE_PROGRESS_51 = 29 +CMAKE_PROGRESS_52 = +CMAKE_PROGRESS_53 = 30 +CMAKE_PROGRESS_54 = +CMAKE_PROGRESS_55 = 31 +CMAKE_PROGRESS_56 = 32 +CMAKE_PROGRESS_57 = +CMAKE_PROGRESS_58 = 33 +CMAKE_PROGRESS_59 = +CMAKE_PROGRESS_60 = 34 +CMAKE_PROGRESS_61 = +CMAKE_PROGRESS_62 = 35 +CMAKE_PROGRESS_63 = 36 +CMAKE_PROGRESS_64 = +CMAKE_PROGRESS_65 = 37 +CMAKE_PROGRESS_66 = +CMAKE_PROGRESS_67 = 38 +CMAKE_PROGRESS_68 = +CMAKE_PROGRESS_69 = 39 +CMAKE_PROGRESS_70 = 40 +CMAKE_PROGRESS_71 = +CMAKE_PROGRESS_72 = 41 +CMAKE_PROGRESS_73 = +CMAKE_PROGRESS_74 = 42 +CMAKE_PROGRESS_75 = +CMAKE_PROGRESS_76 = 43 +CMAKE_PROGRESS_77 = 44 +CMAKE_PROGRESS_78 = +CMAKE_PROGRESS_79 = 45 +CMAKE_PROGRESS_80 = +CMAKE_PROGRESS_81 = 46 +CMAKE_PROGRESS_82 = +CMAKE_PROGRESS_83 = 47 +CMAKE_PROGRESS_84 = 48 +CMAKE_PROGRESS_85 = +CMAKE_PROGRESS_86 = 49 +CMAKE_PROGRESS_87 = +CMAKE_PROGRESS_88 = 50 +CMAKE_PROGRESS_89 = +CMAKE_PROGRESS_90 = 51 +CMAKE_PROGRESS_91 = 52 +CMAKE_PROGRESS_92 = +CMAKE_PROGRESS_93 = 53 +CMAKE_PROGRESS_94 = +CMAKE_PROGRESS_95 = 54 +CMAKE_PROGRESS_96 = +CMAKE_PROGRESS_97 = 55 +CMAKE_PROGRESS_98 = 56 +CMAKE_PROGRESS_99 = +CMAKE_PROGRESS_100 = 57 +CMAKE_PROGRESS_101 = +CMAKE_PROGRESS_102 = 58 +CMAKE_PROGRESS_103 = +CMAKE_PROGRESS_104 = 59 +CMAKE_PROGRESS_105 = 60 +CMAKE_PROGRESS_106 = +CMAKE_PROGRESS_107 = 61 +CMAKE_PROGRESS_108 = +CMAKE_PROGRESS_109 = 62 +CMAKE_PROGRESS_110 = +CMAKE_PROGRESS_111 = 63 +CMAKE_PROGRESS_112 = 64 +CMAKE_PROGRESS_113 = +CMAKE_PROGRESS_114 = 65 +CMAKE_PROGRESS_115 = +CMAKE_PROGRESS_116 = 66 +CMAKE_PROGRESS_117 = +CMAKE_PROGRESS_118 = 67 +CMAKE_PROGRESS_119 = 68 +CMAKE_PROGRESS_120 = +CMAKE_PROGRESS_121 = 69 +CMAKE_PROGRESS_122 = +CMAKE_PROGRESS_123 = 70 +CMAKE_PROGRESS_124 = +CMAKE_PROGRESS_125 = 71 +CMAKE_PROGRESS_126 = 72 +CMAKE_PROGRESS_127 = +CMAKE_PROGRESS_128 = 73 +CMAKE_PROGRESS_129 = +CMAKE_PROGRESS_130 = 74 +CMAKE_PROGRESS_131 = +CMAKE_PROGRESS_132 = 75 +CMAKE_PROGRESS_133 = 76 +CMAKE_PROGRESS_134 = +CMAKE_PROGRESS_135 = 77 +CMAKE_PROGRESS_136 = +CMAKE_PROGRESS_137 = 78 +CMAKE_PROGRESS_138 = +CMAKE_PROGRESS_139 = 79 +CMAKE_PROGRESS_140 = 80 +CMAKE_PROGRESS_141 = +CMAKE_PROGRESS_142 = 81 +CMAKE_PROGRESS_143 = +CMAKE_PROGRESS_144 = 82 +CMAKE_PROGRESS_145 = +CMAKE_PROGRESS_146 = 83 +CMAKE_PROGRESS_147 = 84 +CMAKE_PROGRESS_148 = +CMAKE_PROGRESS_149 = 85 +CMAKE_PROGRESS_150 = +CMAKE_PROGRESS_151 = 86 +CMAKE_PROGRESS_152 = +CMAKE_PROGRESS_153 = 87 +CMAKE_PROGRESS_154 = 88 +CMAKE_PROGRESS_155 = +CMAKE_PROGRESS_156 = 89 +CMAKE_PROGRESS_157 = +CMAKE_PROGRESS_158 = 90 +CMAKE_PROGRESS_159 = +CMAKE_PROGRESS_160 = 91 +CMAKE_PROGRESS_161 = 92 +CMAKE_PROGRESS_162 = +CMAKE_PROGRESS_163 = 93 +CMAKE_PROGRESS_164 = +CMAKE_PROGRESS_165 = 94 +CMAKE_PROGRESS_166 = +CMAKE_PROGRESS_167 = 95 +CMAKE_PROGRESS_168 = 96 +CMAKE_PROGRESS_169 = +CMAKE_PROGRESS_170 = 97 +CMAKE_PROGRESS_171 = +CMAKE_PROGRESS_172 = 98 +CMAKE_PROGRESS_173 = +CMAKE_PROGRESS_174 = 99 +CMAKE_PROGRESS_175 = 100 + diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/report/.svn/all-wcprops b/libnipper-0.12.6/CMakeFiles/nipper.dir/report/.svn/all-wcprops new file mode 100644 index 0000000..7fbca29 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/report/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/report +END diff --git a/libnipper-0.12.6/CMakeFiles/nipper.dir/report/.svn/entries b/libnipper-0.12.6/CMakeFiles/nipper.dir/report/.svn/entries new file mode 100644 index 0000000..01356dd --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/nipper.dir/report/.svn/entries @@ -0,0 +1,28 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CMakeFiles/nipper.dir/report +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + diff --git a/libnipper-0.12.6/CMakeFiles/progress.make b/libnipper-0.12.6/CMakeFiles/progress.make new file mode 100644 index 0000000..158e140 --- /dev/null +++ b/libnipper-0.12.6/CMakeFiles/progress.make @@ -0,0 +1 @@ +CMAKE_ALL_PROGRESS = 100 diff --git a/libnipper-0.12.6/CMakeLists.txt b/libnipper-0.12.6/CMakeLists.txt new file mode 100644 index 0000000..e066822 --- /dev/null +++ b/libnipper-0.12.6/CMakeLists.txt @@ -0,0 +1,325 @@ +PROJECT(Nipper CXX) + +CMAKE_MINIMUM_REQUIRED(VERSION 2.4) + +# Add compiler definitions (first is for development only)... +#ADD_DEFINITIONS(-Wall -g -O2) +ADD_DEFINITIONS(-O2) + +# General Device +SET(device_SRC + device/device.cpp + + # Common Device Code... + device/common/configline.cpp + device/common/deviceconfig.cpp + device/common/file.cpp + device/common/misc.cpp + device/common/paragraph.cpp + device/common/passwords.cpp + device/common/tables.cpp + + # Crypto (and encoding) routines... + device/crypto/crypto-base64.cpp + device/crypto/crypto-ciscotype7.cpp + device/crypto/crypto-url.cpp + + # Device reporting... + device/reportgen/report.cpp + device/reportgen/report-abbreviations.cpp + device/reportgen/report-commonports.cpp + device/reportgen/report-icmp.cpp + device/reportgen/report-logginglevels.cpp + device/reportgen/report-misc.cpp + device/reportgen/report-numbering.cpp + device/reportgen/report-protocols.cpp + + # Device configuration sections... + device/general/general.cpp + device/administration/administration.cpp + device/administration/administration-bootp.cpp + device/administration/administration-finger.cpp + device/administration/administration-ftp.cpp + device/administration/administration-general.cpp + device/administration/administration-hosts.cpp + device/administration/administration-http.cpp + device/administration/administration-telnet.cpp + device/administration/administration-tftp.cpp + device/administration/administration-timeout.cpp + device/administration/administration-ssh.cpp + device/dns/dns.cpp + device/dns/dns-report.cpp + device/authentication/authentication.cpp + device/authentication/authentication-general.cpp + device/authentication/authentication-kerberos.cpp + device/authentication/authentication-ldap.cpp + device/authentication/authentication-nt.cpp + device/authentication/authentication-radius.cpp + device/authentication/authentication-securid.cpp + device/authentication/authentication-tacacs.cpp + device/authentication/authentication-users.cpp + device/banner/banner.cpp + device/banner/banner-report.cpp + device/filter/filter.cpp + device/filter/filter-filter.cpp + device/filter/filter-filter-report.cpp + device/filter/filter-object.cpp + device/filter/filter-object-report.cpp + device/filter/filter-security.cpp + device/filter/filter-security-report.cpp + device/interfaces/interfaces.cpp + device/interfaces/interfaces-interface.cpp + device/interfaces/interfaces-report.cpp + device/interfaces/interfaces-security.cpp + device/snmp/snmp.cpp + device/snmp/snmp-community.cpp + device/snmp/snmp-group.cpp + device/snmp/snmp-host.cpp + device/snmp/snmp-misc-issues.cpp + device/snmp/snmp-traps.cpp + device/snmp/snmp-user.cpp + device/snmp/snmp-view.cpp +) + +# Cisco IOS Device... +SET(iosdevice_SRC + Cisco-IOS/iosdevice.cpp + Cisco-IOS/general.cpp + Cisco-IOS/administration.cpp + Cisco-IOS/administration-line.cpp + Cisco-IOS/administration-report.cpp + Cisco-IOS/administration-security.cpp + Cisco-IOS/authentication.cpp + Cisco-IOS/banner.cpp + Cisco-IOS/snmp.cpp + Cisco-IOS/snmp-report.cpp + Cisco-IOS/filter.cpp + Cisco-IOS/dns.cpp + Cisco-IOS/interfaces.cpp +) + +# Cisco IOS Catalyst Device... +SET(ioscatdevice_SRC + Cisco-IOS-Catalyst/device.cpp +) + +# Cisco IOS Router Device... +SET(iosrouterdevice_SRC + Cisco-IOS-Router/device.cpp +) + +# Cisco CSS Device... +SET(ciscocssdevice_SRC + Cisco-CSS/device.cpp + Cisco-CSS/general.cpp + Cisco-CSS/administration.cpp + Cisco-CSS/banner.cpp + Cisco-CSS/snmp.cpp + Cisco-CSS/snmp-report.cpp + Cisco-CSS/dns.cpp + Cisco-CSS/filter.cpp + Cisco-CSS/authentication.cpp + Cisco-CSS/interfaces.cpp +) + +# Cisco Security Device... +SET(ciscosecdevice_SRC + Cisco-Security/device.cpp + Cisco-Security/general.cpp + Cisco-Security/administration.cpp + Cisco-Security/authentication.cpp + Cisco-Security/banner.cpp + Cisco-Security/filter.cpp + Cisco-Security/snmp.cpp + Cisco-Security/dns.cpp + Cisco-Security/interfaces.cpp +) + +# Cisco Security PIX Device... +SET(ciscopixdevice_SRC + Cisco-Security-PIX/device.cpp + Cisco-Security-PIX/administration.cpp +) + +# Cisco Security ASA Device... +SET(ciscoasadevice_SRC + Cisco-Security-ASA/device.cpp + Cisco-Security-ASA/administration.cpp +) + +# Cisco Security FWSM Device... +SET(ciscofwsmdevice_SRC + Cisco-Security-FWSM/device.cpp + Cisco-Security-FWSM/administration.cpp +) + +# Cisco Catalyst Device... +SET(catalystdevice_SRC + Cisco-Catalyst/device.cpp + Cisco-Catalyst/general.cpp + Cisco-Catalyst/administration.cpp + Cisco-Catalyst/authentication.cpp + Cisco-Catalyst/banner.cpp + Cisco-Catalyst/dns.cpp + Cisco-Catalyst/snmp.cpp + Cisco-Catalyst/interfaces.cpp +) + +# Cisco Catalyst CatOS Device... +SET(catalystcatosdevice_SRC + Cisco-Catalyst-CatOS/device.cpp +) + +# Cisco Catalyst NMP Device... +SET(catalystnmpdevice_SRC + Cisco-Catalyst-NMP/device.cpp +) + +# CheckPoint-Based Device... +SET(checkpointdevice_SRC + CheckPoint/device.cpp + CheckPoint/device-policies.cpp + CheckPoint/general.cpp + CheckPoint/filter.cpp + CheckPoint/filter-objects.cpp + CheckPoint/filter-rules.cpp + CheckPoint/filter-services.cpp +) + +# CheckPoint Firewall Module Device... +SET(checkpointfirewalldevice_SRC + CheckPoint-Firewall/device.cpp +) + +# CheckPoint Management Module Device... +SET(checkpointmanagementdevice_SRC + CheckPoint-Management/device.cpp +) + +# Nokia IP Device... +SET(nokiaipdevice_SRC + Nokia-IP/device.cpp +) + +# Juniper ScreenOS Device... +SET(screenosdevice_SRC + Juniper-ScreenOS/device.cpp + Juniper-ScreenOS/general.cpp + Juniper-ScreenOS/administration.cpp + Juniper-ScreenOS/administration-report.cpp + Juniper-ScreenOS/authentication.cpp + Juniper-ScreenOS/banner.cpp + Juniper-ScreenOS/snmp.cpp + Juniper-ScreenOS/filter.cpp + Juniper-ScreenOS/dns.cpp + Juniper-ScreenOS/interfaces.cpp +) + +# Nortel Passport Device... +SET(passportdevice_SRC + Nortel-Passport/device.cpp + Nortel-Passport/general.cpp + Nortel-Passport/administration.cpp + Nortel-Passport/banner.cpp + Nortel-Passport/snmp.cpp + Nortel-Passport/filter.cpp + Nortel-Passport/interfaces.cpp +) + +# Nortel Ethernet Routing Switch (8300) Device... +SET(nortelroutingswitchdevice_SRC + Nortel-RoutingSwitch/device.cpp +) + +# Bay Networks Accelar Device... +SET(bayaccelardevice_SRC + BayNetworks-Accelar/device.cpp +) + +# HP ProCurve Device... +SET(procurvedevice_SRC + HP-ProCurve/device.cpp + HP-ProCurve/general.cpp + HP-ProCurve/administration.cpp + HP-ProCurve/banner.cpp + HP-ProCurve/snmp.cpp + HP-ProCurve/snmp-report.cpp + HP-ProCurve/dns.cpp + HP-ProCurve/authentication.cpp + HP-ProCurve/interfaces.cpp +) + +# SonicWALL SonicOS Device... +SET(sonicosdevice_SRC + SonicWALL-SonicOS/device.cpp + SonicWALL-SonicOS/dns.cpp + SonicWALL-SonicOS/general.cpp + SonicWALL-SonicOS/filter.cpp + SonicWALL-SonicOS/snmp.cpp + SonicWALL-SonicOS/administration.cpp + SonicWALL-SonicOS/administration-report.cpp +) + +# 3Com SuperStack 3 Firewall Device... +SET(superstack3fwdevice_SRC + 3Com-SuperStack3-Firewall/device.cpp +) + +# Reporting... +SET(report_SRC + report/report.cpp + report/report-contents.cpp + report/report-functions.cpp + report/report-frontpage.cpp + report/report-introduction.cpp + report/report-list.cpp + report/report-section-security.cpp + report/report-section-compliance.cpp + report/report-section-config.cpp + report/report-section-appendix.cpp + report/report-start.cpp + report/report-table.cpp + report/report-text.cpp + report/report-titles.cpp +) + +SET(libnipper_SRC + libnipper.cpp + config.cpp + ${report_SRC} + ${device_SRC} + ${iosdevice_SRC} + ${ioscatdevice_SRC} + ${iosrouterdevice_SRC} + ${ciscosecdevice_SRC} + ${ciscoasadevice_SRC} + ${ciscofwsmdevice_SRC} + ${ciscopixdevice_SRC} + ${ciscocssdevice_SRC} + ${catalystdevice_SRC} + ${catalystcatosdevice_SRC} + ${catalystnmpdevice_SRC} + ${checkpointdevice_SRC} + ${checkpointfirewalldevice_SRC} + ${checkpointmanagementdevice_SRC} + ${nokiaipdevice_SRC} + ${screenosdevice_SRC} + ${passportdevice_SRC} + ${nortelroutingswitchdevice_SRC} + ${bayaccelardevice_SRC} + ${procurvedevice_SRC} + ${sonicosdevice_SRC} + ${superstack3fwdevice_SRC} +) + +# TEMPORARY COMMANDS TO EASE DEVELOPMENT - DELETE... +#ADD_EXECUTABLE(nipper nipper.cpp ${libnipper_SRC}) + +# Build the library... +ADD_LIBRARY(nipper SHARED ${libnipper_SRC}) + +# Install... +INSTALL(TARGETS nipper LIBRARY DESTINATION /usr/lib) +INSTALL(FILES nipper.conf DESTINATION /etc) +INSTALL(FILES libnipper.h config.h DESTINATION /usr/include/libnipper/) +INSTALL(FILES man/nipper.conf.5 DESTINATION /usr/share/man/man5) \ No newline at end of file diff --git a/libnipper-0.12.6/Changelog b/libnipper-0.12.6/Changelog new file mode 100644 index 0000000..2e66ccc --- /dev/null +++ b/libnipper-0.12.6/Changelog @@ -0,0 +1,265 @@ +Changelog +========= + +Version: 0.12.6 +Date : 30/12/2008 +Author : Ian Ventura-Whiting +Thanks : David Bryan +Changes: The following nipper features have been added or + improved with this release. A * represents a new + feature. + > Fixed IOS password capture issue. + > Fixed seg fault when processing specific + filter configuration (all devices). + + +Version: 0.12.5 +Date : 14/12/2008 +Author : Ian Ventura-Whiting +Thanks : Sam + Patrick Harbauer +Changes: The following nipper features have been added or + improved with this release. A * represents a new + feature. + + General: + > Fixed issue HTTP/HTTPS administrative hosts. + > Fixed PQR issue with contradict and duplicate + issues. + > Improved text report layout. + > Fixed IOS Exec Banner command recommendation. + > Fixed IOS CDP issue. + > Fixed Specific IOS Filter Processing Issue. + + +Version: 0.12.4 +Date : 06/11/2008 +Author : Ian Ventura-Whiting +Changes: The following nipper features have been added or + improved with this release. A * represents a new + feature. + + General: + > Fixed PQR issue with filtering finding text. + > Updated example code in the libnipper SDK. + > XML tag fixes (Re 31) + + +Version: 0.12.3 +Date : 01/11/2008 +Author : Ian Ventura-Whiting +Changes: The following nipper features have been added or + improved with this release. A * represents a new + feature. + + General: + > Fixed Console timeout issue + > Fixed ACL of no type issue (Re 27) + > Fixed XML tags within XML tags (Re 31) + + Cisco Security Appliances: + > Fixed Timeout issue + + +Version: 0.12.2 +Date : 11/10/2008 +Author : Ian Ventura-Whiting +Changes: The following nipper features have been added or + improved with this release. A * represents a new + feature. + + General: + > Fixed PQR issue with encryption text. + + Cisco IOS Catalysts: + > Fixed IOS Clear Text Issue Reporting + > Fixed pickup of Port Security on interfaces. + + +Version: 0.12.1 +Date : 05/09/2008 +Author : Ian Ventura-Whiting +Changes: The following nipper features have been added or + improved with this release. A * represents a new + feature. + + General: + > Fixed issue with CSS with user required input. + > Fixed a memory leak with duplicate/contradict + filter issues. + > Compiler flags updated to resolve a Windows + build issue. + > Fixed an issue with duplicates and comment lines. + + Juniper NetScreen: + > Fixed PQR issue with dictionary password + recommendation. + + Cisco IOS Catalysts: + > Improved auto-detection. + + CheckPoint (and compatible): + > Fixed issue with services not matching properly + with contradicting/duplicate rules. + > Fixed reporting issues with service groups. + > Fixed reporting issues with host groups. + + +Version: 0.12.0 +Date : 17/08/2008 +Author : Ian Ventura-Whiting +Notes : This is the first release of Nipper as a library. +Thanks : A big thanks must go to: + Portcullis Computer Security (www.portcullis.co.uk) + Hewlett-Packard ProCurve (www.procurve.com) + Juniper (www.juniper.net) + Fortinet (www.fortinet.com) +License: Nipper library and program is covered by the GPL 3 or + higher. However, there are two exceptions. + 1. The code cannot be used as part of a commercial + product. If this is required email fizz@titania.co.uk + 2. Any code that makes use of this library MUST + display the returned text of the Nipper::getVersion() + method. +Changes: The following nipper features have been added or + improved with this release. A * represents a new + feature. + + General Library Features: + > Nipper library. * + > Translated to C++. * + > Added support for: + + HP ProCurve Devices * + + 3Com SuperStack 3 Firewall * + + Nokia IP (now has an option) * + + CheckPoint (management/firewall) * + + Bay Networks Accelar (option added) * + + Nortel Ethernet Routing Switch 8300 * + > Added "index of tables" to report output. * + > Added "related security issues" to the + security report output. * + > Added security issue ratings. * + > Added security report recommendations. * + > Added internationalisation support. * + > Added IP protocols appendix section. * + > Added ICMP Types appendix section. * + > Added logon banner content analysis. * + > Added security issue ordering options. * + > Added configuration device type auto + detection. * + > Improved Nipper Framework. + > Improved HTML report format tagging. + > Improved Builtin HTML stylesheet. + > Improved Latex support. + > Improved abbreviation support. + > Improved common port list support. + > Improved logging severity levels section. + > Improved dictionary password checking. + > Improved Debug output. + > Improved security report introduction. + > Improved security report conclusions. + > Improved password complexity checking. + > Improved filtering checking. + > Improved SNMP checking. + > Improved Administration service checking. + + Nortel Passport (and compatible): + > Added module support. * + > Added banner support. * + > Added motd support. * + > Added SNMP support. * + > Added Interface support. * + > Improved filter support. + + HP ProCurve: + > Added hostname. * + > Added version, model support. * + > Added SNMP support. * + > Added SNMPv3 support. * + > Added module support. * + > Added console support. * + > Added banner support. * + > Added SSH support. * + > Added Telnet support. * + > Added TFTP support. * + > Added Management Host support. * + > Added Web Management support. * + > Added DNS support. * + > Added Authentication support. * + > Added VLAN interface support. * + + Juniper NetScreen: + > Added predfined service object + support. * + > Added DNS support. * + > Improved Hostname detection. + > Improved SNMP support. + > Improved Banner support. + > Improved Administration support. + > Improved Policy support. + > Improved Address Book support. + > Improved Authentication support. + > Improved Interface support. + + Cisco Content Services Switch: + > Added Banner support. * + > Added Connection Timeouts. * + > Added Core Dumps. * + > Added DNS support. * + > Added Authentication support. * + > Added Circuit support. * + > Added Interface support. * + > Improved hostname detection. + > Improved administration services. + > Improved SNMP support. + > Improved ACL support. + + Cisco Routers and IOS Catalyst: + > Added Rlogin support. * + > Improved line support. + > Improved SNMP support. + > Improved Banner support. + > Improved ACL support. + > Improved Telnet support. + > Improved SSH support. + > Improved HTTP support. + > Improved Finger support. + > Improved BOOTP support. + > Improved DNS support. + > Improved Authentication support. + > Improved Interface support. + + Cisco Catalyst (NMP/CatOS): + > Added Banner support. * + > Added DNS support. * + > Improved SNMP support. + > Improved Authentication support. + + Cisco Security Appliances: + > Added Ciphers support. * + > Improved SNMP support. + > Improved Banner support. + > Improved HTTP(S) support. + > Improved SSH support. + > Improved ACL support. + > Improved Object support. + > Improved Authentication support. + > Improved Interface support. + + SonicWALL Firewalls (and compatible): + > Added service groups support. * + > Added SNMP support. * + > Added Administration support. * + > Added DNS support. * + > Improved Policy support. + > Improved Service support. + + CheckPoint (and compatible): + > Improved object support. + > Improved service support. + > Improved rule support. + + +NOTE: +Changelog for all previous versions are included with the +last of the Nipper 0.11.x series archives. diff --git a/libnipper-0.12.6/CheckPoint-Firewall/.svn/all-wcprops b/libnipper-0.12.6/CheckPoint-Firewall/.svn/all-wcprops new file mode 100644 index 0000000..e580722 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint-Firewall/.svn/all-wcprops @@ -0,0 +1,17 @@ +K 25 +svn:wc:ra_dav:version-url +V 58 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint-Firewall +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint-Firewall/device.h +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 69 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint-Firewall/device.cpp +END diff --git a/libnipper-0.12.6/CheckPoint-Firewall/.svn/entries b/libnipper-0.12.6/CheckPoint-Firewall/.svn/entries new file mode 100644 index 0000000..675fd99 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint-Firewall/.svn/entries @@ -0,0 +1,96 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CheckPoint-Firewall +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device.cpp +file + + + + +2016-02-13T06:47:11.284157Z +751ded6eefd89d46b7132e41e8b863e6 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2493 + +device.h +file + + + + +2016-02-13T06:47:11.284157Z +1e758b1b7aaa5bc5737f5e617c4c41cf +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2534 + diff --git a/libnipper-0.12.6/CheckPoint-Firewall/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/CheckPoint-Firewall/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..f0009b6 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint-Firewall/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,41 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include "device.h" + + +CheckPointFirewallDevice::CheckPointFirewallDevice() +{ + deviceMake = "CheckPoint"; + deviceType = "Firewall Module"; + deviceOS = "CheckPoint-OS"; +} diff --git a/libnipper-0.12.6/CheckPoint-Firewall/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/CheckPoint-Firewall/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..05bcb4f --- /dev/null +++ b/libnipper-0.12.6/CheckPoint-Firewall/.svn/text-base/device.h.svn-base @@ -0,0 +1,47 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CheckPointFirewall_H +#define device_CheckPointFirewall_H + + +#include "../CheckPoint/device.h" + + +class CheckPointFirewallDevice : public CheckPointDevice +{ + public: + CheckPointFirewallDevice(); + +}; + + +#endif diff --git a/libnipper-0.12.6/CheckPoint-Firewall/device.cpp b/libnipper-0.12.6/CheckPoint-Firewall/device.cpp new file mode 100644 index 0000000..f0009b6 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint-Firewall/device.cpp @@ -0,0 +1,41 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include "device.h" + + +CheckPointFirewallDevice::CheckPointFirewallDevice() +{ + deviceMake = "CheckPoint"; + deviceType = "Firewall Module"; + deviceOS = "CheckPoint-OS"; +} diff --git a/libnipper-0.12.6/CheckPoint-Firewall/device.h b/libnipper-0.12.6/CheckPoint-Firewall/device.h new file mode 100644 index 0000000..05bcb4f --- /dev/null +++ b/libnipper-0.12.6/CheckPoint-Firewall/device.h @@ -0,0 +1,47 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CheckPointFirewall_H +#define device_CheckPointFirewall_H + + +#include "../CheckPoint/device.h" + + +class CheckPointFirewallDevice : public CheckPointDevice +{ + public: + CheckPointFirewallDevice(); + +}; + + +#endif diff --git a/libnipper-0.12.6/CheckPoint-Management/.svn/all-wcprops b/libnipper-0.12.6/CheckPoint-Management/.svn/all-wcprops new file mode 100644 index 0000000..717e48d --- /dev/null +++ b/libnipper-0.12.6/CheckPoint-Management/.svn/all-wcprops @@ -0,0 +1,17 @@ +K 25 +svn:wc:ra_dav:version-url +V 60 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint-Management +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 69 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint-Management/device.h +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 71 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint-Management/device.cpp +END diff --git a/libnipper-0.12.6/CheckPoint-Management/.svn/entries b/libnipper-0.12.6/CheckPoint-Management/.svn/entries new file mode 100644 index 0000000..16fc065 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint-Management/.svn/entries @@ -0,0 +1,96 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CheckPoint-Management +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device.h +file + + + + +2016-02-13T06:47:11.328157Z +c50ecc13a398e2fe14d51f969c1dc1a1 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2541 + +device.cpp +file + + + + +2016-02-13T06:47:11.328157Z +7dc057cbd72be252e1f1226170536390 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2499 + diff --git a/libnipper-0.12.6/CheckPoint-Management/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/CheckPoint-Management/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..e6d8f98 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint-Management/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,41 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include "device.h" + + +CheckPointManagementDevice::CheckPointManagementDevice() +{ + deviceMake = "CheckPoint"; + deviceType = "Management Module"; + deviceOS = "CheckPoint-OS"; +} diff --git a/libnipper-0.12.6/CheckPoint-Management/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/CheckPoint-Management/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..b4441c5 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint-Management/.svn/text-base/device.h.svn-base @@ -0,0 +1,46 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CheckPointManagement_H +#define device_CheckPointManagement_H + + +#include "../CheckPoint/device.h" + + +class CheckPointManagementDevice : public CheckPointDevice +{ + public: + CheckPointManagementDevice(); +}; + + +#endif diff --git a/libnipper-0.12.6/CheckPoint-Management/device.cpp b/libnipper-0.12.6/CheckPoint-Management/device.cpp new file mode 100644 index 0000000..e6d8f98 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint-Management/device.cpp @@ -0,0 +1,41 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include "device.h" + + +CheckPointManagementDevice::CheckPointManagementDevice() +{ + deviceMake = "CheckPoint"; + deviceType = "Management Module"; + deviceOS = "CheckPoint-OS"; +} diff --git a/libnipper-0.12.6/CheckPoint-Management/device.h b/libnipper-0.12.6/CheckPoint-Management/device.h new file mode 100644 index 0000000..b4441c5 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint-Management/device.h @@ -0,0 +1,46 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CheckPointManagement_H +#define device_CheckPointManagement_H + + +#include "../CheckPoint/device.h" + + +class CheckPointManagementDevice : public CheckPointDevice +{ + public: + CheckPointManagementDevice(); +}; + + +#endif diff --git a/libnipper-0.12.6/CheckPoint/.svn/all-wcprops b/libnipper-0.12.6/CheckPoint/.svn/all-wcprops new file mode 100644 index 0000000..16fdb13 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/.svn/all-wcprops @@ -0,0 +1,65 @@ +K 25 +svn:wc:ra_dav:version-url +V 49 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint +END +general.h +K 25 +svn:wc:ra_dav:version-url +V 59 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint/general.h +END +device-policies.cpp +K 25 +svn:wc:ra_dav:version-url +V 69 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint/device-policies.cpp +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 58 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint/device.h +END +filter.cpp +K 25 +svn:wc:ra_dav:version-url +V 60 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint/filter.cpp +END +filter-services.cpp +K 25 +svn:wc:ra_dav:version-url +V 69 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint/filter-services.cpp +END +filter.h +K 25 +svn:wc:ra_dav:version-url +V 58 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint/filter.h +END +filter-objects.cpp +K 25 +svn:wc:ra_dav:version-url +V 68 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint/filter-objects.cpp +END +general.cpp +K 25 +svn:wc:ra_dav:version-url +V 61 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint/general.cpp +END +filter-rules.cpp +K 25 +svn:wc:ra_dav:version-url +V 66 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint/filter-rules.cpp +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 60 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/CheckPoint/device.cpp +END diff --git a/libnipper-0.12.6/CheckPoint/.svn/entries b/libnipper-0.12.6/CheckPoint/.svn/entries new file mode 100644 index 0000000..4a1a4b2 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/.svn/entries @@ -0,0 +1,368 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/CheckPoint +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device-policies.cpp +file + + + + +2016-02-13T06:47:11.280157Z +d8adee0f0d96e9c0b9eb55d360839781 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5191 + +device.h +file + + + + +2016-02-13T06:47:11.280157Z +471c521daa86628ac23388c2589c1df4 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2900 + +filter.cpp +file + + + + +2016-02-13T06:47:11.280157Z +57f51f78d7f315c37b6508a04bed1ebd +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +28878 + +filter-services.cpp +file + + + + +2016-02-13T06:47:11.280157Z +a9acbf172dc898cc1678822bb8e1ba76 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +12199 + +filter.h +file + + + + +2016-02-13T06:47:11.280157Z +0369ba3cda76c50ed801da845f592978 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3179 + +filter-objects.cpp +file + + + + +2016-02-13T06:47:11.280157Z +10d7d0cdb587bf022d3305bda0de6e2d +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +24179 + +general.cpp +file + + + + +2016-02-13T06:47:11.280157Z +a1fccd8a4996ddcc5c08093f27f85d89 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6883 + +filter-rules.cpp +file + + + + +2016-02-13T06:47:11.280157Z +87d1ffcfecd8db298e0678045dfbd019 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +34433 + +device.cpp +file + + + + +2016-02-13T06:47:11.280157Z +c3fad14cc304567ed7d66bbee4247f8a +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +12377 + +general.h +file + + + + +2016-02-13T06:47:11.280157Z +529308a934b9808054d0cb895677a801 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2815 + diff --git a/libnipper-0.12.6/CheckPoint/.svn/text-base/device-policies.cpp.svn-base b/libnipper-0.12.6/CheckPoint/.svn/text-base/device-policies.cpp.svn-base new file mode 100644 index 0000000..e714a0a --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/.svn/text-base/device-policies.cpp.svn-base @@ -0,0 +1,136 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" + + +int CheckPointDevice::processPolicyCollections(ConfigLine *command, char *line, int lineSize) +{ + // Variables... + policyCollections *policyPointer = 0; + + if (config->reportFormat == Config::Debug) + printf("%sPolicy Collection Start Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + + while ((feof(inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // New policy... + if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0)) + { + if (config->reportFormat == Config::Debug) + printf("%sPolicy Start Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + + // Create policy + if (policies == 0) + { + policies = new (policyCollections); + policyPointer = policies; + } + else + { + policyPointer = policies; + while (policyPointer->next != 0) + policyPointer = policyPointer->next; + policyPointer->next = new (policyCollections); + policyPointer = policyPointer->next; + } + + // Init new policy... + policyPointer->next = 0; + policyPointer->policyName.assign(command->part(1) + 1); + + while ((feof(inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // default... + if (strcasecmp(command->part(0), ":default") == 0) + { + if (config->reportFormat == Config::Debug) + printf("%sPolicy Default Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + + if (command->part(1)[0] == '0') + policyPointer->active = false; + else + policyPointer->active = true; + } + + // Unknown CheckPoint Structure... + else if ((command->part(0)[0] == ':') && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + { + processUnknownCheckPointConfig(command, line, lineSize); + } + + // All others... + else if (command->part(0)[0] != ')') + lineNotProcessed(line); + } + + if (config->reportFormat == Config::Debug) + printf("%sPolicy End Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + lineNotProcessed(line); + } + + if (config->reportFormat == Config::Debug) + printf("%sPolicy Collection End Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + + command->setConfigLine((char *)""); + + return 0; +} + diff --git a/libnipper-0.12.6/CheckPoint/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/CheckPoint/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..a724ce3 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,429 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include +#include +#include +#include + +#include "../globaldefs.h" +#include "../device/errortext.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" +#include "filter.h" + + +CheckPointDevice::CheckPointDevice() +{ + deviceMake = "CheckPoint"; + deviceType = "CheckPoint-Based"; + deviceOS = "CheckPoint OS"; + + supportConfigNetworkServices = false; + + isFirewall = true; + policies = 0; + + general = new (CheckPointGeneral); + filter = new (CheckPointFilter); +} + + +CheckPointDevice::~CheckPointDevice() +{ + // Variables... + policyCollections *policyPointer = 0; + + delete general; + delete filter; + + while (policies != 0) + { + policyPointer = policies->next; + delete policies; + policies = policyPointer; + } +} + + +int CheckPointDevice::process() +{ + // Variables... + policyCollections *policyPointer = 0; + string configDirectory; + string tempFilename; + struct stat *fileStats = 0; + int returnCode = 0; + bool addedPolicies = false; + + /* + CheckPoint files to process... + + Key: + * tables.C - Contains a list of the other files... + + Objects: + * objects_5_0.C + * objects.C_41 + * objects.C + + Rules: + * *.W files + * rules.C + + Rules + Comments: + * rulebases_5_0.fws + * rulebases.fws + + Users: + * fwauth.NDB + */ + + // Check if input is a directory (required)... + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(config->inputSource, fileStats); + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + delete fileStats; + return deviceerror_inputnotadirectory; + } + delete fileStats; + + // Add Directory slash if it does not already exist + configDirectory.assign(config->inputSource); +#if !defined(__WIN32__) + if (configDirectory.c_str()[configDirectory.length() - 1] != '/') + configDirectory.append("/"); +#else + if (configDirectory.c_str()[configDirectory.length() - 1] != '\\') + configDirectory.append("\\"); +#endif + + // Process CheckPoint Object Files... + tempFilename.assign(configDirectory); + tempFilename.append("objects_5_0.C"); + config->inputSource = tempFilename.c_str(); + returnCode = openInput(); + if (returnCode != 0) + { + tempFilename.assign(configDirectory); + tempFilename.append("objects.C_41"); + config->inputSource = tempFilename.c_str(); + returnCode = openInput(); + if (returnCode != 0) + { + tempFilename.assign(configDirectory); + tempFilename.append("objects.C"); + config->inputSource = tempFilename.c_str(); + returnCode = openInput(); + } + } + if (returnCode != 0) + return deviceerror_objectsfilenotfound; + returnCode = processDevice(); + fclose(inputFile); + if (returnCode != 0) + return returnCode; + + // Process CheckPoint Rules Files... + + // Try policy collection first... + policyPointer = policies; + while (policyPointer != 0) + { + tempFilename.assign(configDirectory); + tempFilename.append(policyPointer->policyName); + tempFilename.append(".W"); + config->inputSource = tempFilename.c_str(); + returnCode = openInput(); + if (returnCode == 0) + { + returnCode = ((CheckPointFilter *)filter)->processWRulesDevice(this, policyPointer->policyName.c_str(), policyPointer->active); + fclose(inputFile); + addedPolicies = true; + } + policyPointer = policyPointer->next; + returnCode = 0; + } + + // If policies still have not been added... + if (addedPolicies == false) + { + tempFilename.assign(configDirectory); + tempFilename.append("rules.C"); + config->inputSource = tempFilename.c_str(); + returnCode = openInput(); + if (returnCode == 0) + { + returnCode = ((CheckPointFilter *)filter)->processRRulesDevice(this); + fclose(inputFile); + } + } + + // Process CheckPoint Rules With Comments Files... + tempFilename.assign(configDirectory); + tempFilename.append("rulebases_5_0.fws"); + config->inputSource = tempFilename.c_str(); + returnCode = openInput(); + if (returnCode != 0) + { + tempFilename.assign(configDirectory); + tempFilename.append("rulebases.fws"); + config->inputSource = tempFilename.c_str(); + returnCode = openInput(); + } + if (returnCode == 0) + { + returnCode = ((CheckPointFilter *)filter)->processFRulesDevice(this); + fclose(inputFile); + } + else + returnCode = 0; + + // Process Users... + + // Post processing defaults... + setPostCommonDefaults(); + + // Post device specific processing defaults... + setPostDefaults(); + + return returnCode; +} + + +int CheckPointDevice::processDevice() +{ + // Variables... + char line[1024]; + ConfigLine command; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Starting... + if ((strcmp(command.part(0), "(") == 0) && (strcmp(command.part(1), ")") != 0)) + { + if (config->reportFormat == Config::Debug) + printf("%sConfig Content Starts Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (strcmp(command.part(0), ")") != 0)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Network Objects Start... + if (((strcmp(command.part(0), ":netobj") == 0) || (strcmp(command.part(0), ":network_objects") == 0)) && (strcmp(command.part(1), "()") != 0)) + filter->processDeviceConfig(this, &command, (char *)line, sizeof(line)); + + // Services Start... + else if (((strcmp(command.part(0), ":servobj") == 0) || (strcmp(command.part(0), ":services") == 0)) && (strcmp(command.part(1), "()") != 0)) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Policy Collections... + else if ((strcmp(command.part(0), ":policies_collections") == 0) && (strcmp(command.part(1), "()") != 0)) + processPolicyCollections(&command, (char *)&line, sizeof(line)); + + // Unknown CheckPoint Structure... + else if ((strncmp(command.part(0), ":", 1) == 0) && (strcmp(command.part(1), "()") != 0) && (command.part(1)[0] == '(')) + processUnknownCheckPointConfig(&command, (char *)&line, sizeof(line)); + + // All others... + else if (command.part(0)[0] != ')') + lineNotProcessed(line); + } + + // Ending... + if (strcmp(command.part(0), ")") == 0) + { + if (config->reportFormat == Config::Debug) + printf("%sConfig Content Ends Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + + command.setConfigLine((char *)""); + } + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command.part(0), ":", 1) == 0) && (strcmp(command.part(1), "()") != 0) && (command.part(1)[0] == '(')) + processUnknownCheckPointConfig(&command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + return 0; +} + + +int CheckPointDevice::processUnknownCheckPointConfig(ConfigLine *command, char *line, int lineSize) +{ + lineNotProcessed(line); + + while ((feof(inputFile) == 0) && (strcmp(command->part(0), ")") != 0)) + { + // Read a line from the config... + readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strncmp(command->part(0), ":", 1) == 0) && (strncmp(command->part(1), "(", 1) == 0) && (command->part(command->parts - 1)[strlen(command->part(command->parts - 1)) - 1] != ')')) + processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else + lineNotProcessed(line); + } + + command->setConfigLine((char *)""); + + return 0; +} + + +bool CheckPointDevice::isDeviceType() +{ + // Variables... + string configDirectory; + string tempFilename; + struct stat *fileStats = 0; + + // Check if input is a directory (required)... + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(config->inputSource, fileStats); + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + delete fileStats; + return false; + } + delete fileStats; + + // Add Directory slash if it does not already exist + configDirectory.assign(config->inputSource); +#if !defined(__WIN32__) + if (configDirectory.c_str()[configDirectory.length() - 1] != '/') + configDirectory.append("/"); +#else + if (configDirectory.c_str()[configDirectory.length() - 1] != '\\') + configDirectory.append("\\"); +#endif + + // Process CheckPoint Object Files... + tempFilename.assign(configDirectory); + tempFilename.append("objects_5_0.C"); + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(tempFilename.c_str(), fileStats); + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + delete fileStats; + return true; + } + delete fileStats; + tempFilename.assign(configDirectory); + tempFilename.append("objects.C_41"); + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(tempFilename.c_str(), fileStats); + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + delete fileStats; + return true; + } + delete fileStats; + tempFilename.assign(configDirectory); + tempFilename.append("objects.C"); + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(tempFilename.c_str(), fileStats); + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + delete fileStats; + return true; + } + delete fileStats; + + // Process Rules Files... + tempFilename.assign(configDirectory); + tempFilename.append("rules.C"); + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(tempFilename.c_str(), fileStats); + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + delete fileStats; + return true; + } + delete fileStats; + tempFilename.assign(configDirectory); + tempFilename.append("rulebases_5_0.fws"); + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(tempFilename.c_str(), fileStats); + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + delete fileStats; + return true; + } + delete fileStats; + tempFilename.assign(configDirectory); + tempFilename.append("rulebases.fws"); + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(tempFilename.c_str(), fileStats); + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + delete fileStats; + return true; + } + delete fileStats; + + return false; +} + + diff --git a/libnipper-0.12.6/CheckPoint/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/CheckPoint/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..5952203 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/.svn/text-base/device.h.svn-base @@ -0,0 +1,65 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CheckPoint_H +#define device_CheckPoint_H + + +#include "../device/device.h" + + +class CheckPointDevice : public Device +{ + public: + CheckPointDevice(); + virtual ~CheckPointDevice(); + int processUnknownCheckPointConfig(ConfigLine *command, char *line, int lineSize); + + bool isDeviceType(); + + private: + int processDevice(); + int process(); + + struct policyCollections + { + string policyName; + bool active; + struct policyCollections *next; + }; + + policyCollections *policies; + + int processPolicyCollections(ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/CheckPoint/.svn/text-base/filter-objects.cpp.svn-base b/libnipper-0.12.6/CheckPoint/.svn/text-base/filter-objects.cpp.svn-base new file mode 100644 index 0000000..c12ba7b --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/.svn/text-base/filter-objects.cpp.svn-base @@ -0,0 +1,599 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "filter.h" + + +int CheckPointFilter::processDeviceObjectConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + netObjectListConfig *objectListPointer = 0; + netObjectListConfig *hostGroupListPointer = 0; + filterObjectConfig *objectPointer = 0; + filterObjectConfig *subObjectPointer = 0; + objectType tempType = addressBookObject; + int tempInt = 0; + + if (device->config->reportFormat == Config::Debug) + printf("%sObject Configs Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer = getObjectList("Network Objects"); + objectListPointer->type = addressBookObject; + objectListPointer->title = i18n("Network Host Configuration"); + objectListPointer->description = i18n("This section details the hosts and networks configured for use in the policy rules."); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // New object... + if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addObject(objectListPointer); + objectPointer->label.assign(command->part(1) + 1); + tempType = addressBookObject; + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // IP Address... + if ((strcasecmp(command->part(0), ":ipaddr") == 0) || (strcasecmp(command->part(0), ":ipaddr_first") == 0) || (strcasecmp(command->part(0), ":bogus_ip") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sIP Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer->name.assign(command->part(1)); + } + + // Net Mask... + else if ((strcasecmp(command->part(0), ":netmask") == 0) || (strcasecmp(command->part(0), ":ipaddr_last") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNetmask Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer->netmask.assign(command->part(1)); + } + + // Location... + else if ((strcasecmp(command->part(0), ":location") == 0) && (strcasecmp(command->part(1), "external") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLocation Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer->internal = false; + } + + // Comments... + else if ((strcasecmp(command->part(0), ":comments") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sComments Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer->comment.assign(command->part(1)); + } + + // Firewall... + else if ((strcasecmp(command->part(0), ":firewall") == 0) && (strcasecmp(command->part(1), "installed") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFirewall Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer->firewall = true; + } + + // Type... + else if (strcasecmp(command->part(0), ":type") == 0) + { + if (strcasecmp(command->part(1), "host") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHost Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempType = hostObject; + } + + else if (strcasecmp(command->part(1), "machines_range") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sMachines Range Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempType = machinesRangeObject; + } + + else if (strcasecmp(command->part(1), "dynamic_net_obj") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDynamic Net Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempType = dynamicnetObject; + } + + else if (strcasecmp(command->part(1), "group") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sGroup Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempType = groupObject; + } + + else if (strcasecmp(command->part(1), "network") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNetwork Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempType = networkObject; + } + + else if (strcasecmp(command->part(1), "gateway") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sGateway Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempType = gatewayObject; + } + + else if (strcasecmp(command->part(1), "gateway_cluster") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sGateway Cluster Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Set the object type... + tempType = gatewayClusterObject; + } + + else if (strcasecmp(command->part(1), "cluster_member") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCluster Member Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempType = clusterMemberObject; + } + + // Create a delete me object... + else + { + objectPointer->deleteMe = true; + device->lineNotProcessed(line); + } + } + + // Management... + else if ((strcasecmp(command->part(0), ":management") == 0) && (strcasecmp(command->part(1), "true") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sManagement Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer->management = true; + } + + // Interfaces... + else if ((strcasecmp(command->part(0), ":interfaces") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterfaces Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (strcmp(command->part(0), ")") != 0)) + { + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // New Interface... + if ((command->part(0)[0] == ':') && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, interfaces); + subObjectPointer->interfaceIndex = atoi(command->part(0) + 1); + subObjectPointer->type = interfaceObject; + subObjectPointer->serviceOper = serviceOperEqual; + + while ((feof(device->inputFile) == 0) && (strcmp(command->part(0), ")") != 0)) + { + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // IP Address... + if (strcasecmp(command->part(0), ":ipaddr") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer->name.assign(command->part(1)); + } + + // Net Mask... + else if (strcasecmp(command->part(0), ":netmask") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Netmask Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer->netmask.assign(command->part(1)); + } + + // Dynamic IP... + else if ((strcasecmp(command->part(0), ":dynamic_ip") == 0) && (strcasecmp(command->part(1), "(true)") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Dynamic Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer->dhcp = true; + } + else if ((strcasecmp(command->part(0), ":dynamic_ip") == 0) && (strcasecmp(command->part(1), "(false)") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Dynamic Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer->dhcp = false; + } + + else if (strcasecmp(command->part(0), ":officialname") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer->label.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sInterface End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sInterfaces End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Cluster Members... + else if ((strcasecmp(command->part(0), ":cluster_members") == 0) && (strcmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCluster Members Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((command->part(0)[0] == ':') && (strcmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCluster Member Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempInt = atoi(command->part(0) + 1); + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":Name") == 0) || (strcasecmp(command->part(0), ":refname") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCluster Member Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, members); + subObjectPointer->name.assign(command->part(1)); + subObjectPointer->type = groupObject; + subObjectPointer->serviceOper = serviceOperEqual; + subObjectPointer->interfaceIndex = tempInt; + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sCluster Member End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sCluster Members End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Members... + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, members); + subObjectPointer->name.assign(command->part(1)); + subObjectPointer->type = groupObject; + subObjectPointer->serviceOper = serviceOperEqual; + } + + // Members... + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Members Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, members); + subObjectPointer->type = groupObject; + subObjectPointer->serviceOper = serviceOperEqual; + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Name... + if (strcasecmp(command->part(0), ":Name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Member Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer->name.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sObject Member End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (objectPointer->deleteMe == false) + { + switch (tempType) + { + case hostObject: + objectPointer->serviceOper = serviceOperEqual; + objectPointer->type = hostObject; + break; + + case machinesRangeObject: + objectPointer->serviceOper = serviceOperRange; + objectPointer->type = machinesRangeObject; + break; + + case dynamicnetObject: + objectPointer->serviceOper = serviceOperEqual; + objectPointer->type = dynamicnetObject; + break; + + case networkObject: + objectPointer->type = networkObject; + objectPointer->serviceOper = serviceOperEqual; + break; + + case groupObject: + hostGroupListPointer = getObjectList(objectPointer->label.c_str()); + hostGroupListPointer->type = hostObject; + hostGroupListPointer->comment.assign(objectPointer->comment); + hostGroupListPointer->title = i18n("Host Groups"); + hostGroupListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices host groups. Host groups ease administration by enabling hosts to be grouped and the group can then be used within a policy rule, rather than listing each individual host for a specific rule."); + objectPointer->deleteMe = true; + + // Go through any added members and transfer to objects of this group... + subObjectPointer = objectPointer->members; + while (subObjectPointer != 0) + { + objectPointer = addObject(hostGroupListPointer); + copySourceToDestinationObjects(subObjectPointer, objectPointer); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + subObjectPointer->deleteMe = true; + subObjectPointer = subObjectPointer->next; + } + break; + + case gatewayObject: + // Create new list for the gateway... + hostGroupListPointer = getObjectList(objectPointer->label.c_str()); + hostGroupListPointer->type = gatewayObject; + hostGroupListPointer->comment.assign(objectPointer->comment); + hostGroupListPointer->title = i18n("Gateways"); + hostGroupListPointer->description = i18n("A *DEVICETYPE* device configuration can include multiple gateway devices. This section describes the gateway device configuration."); + + // Set the object type... + objectPointer->type = gatewayObject; + objectPointer->serviceOper = serviceOperEqual; + + // Copy the object to the new list... + subObjectPointer = objectPointer; + objectPointer = addObject(hostGroupListPointer); + copySourceToDestinationObjects(subObjectPointer, objectPointer); + + // Delete the old object (removes duplicate) + subObjectPointer->deleteMe = true; + break; + + case gatewayClusterObject: + // Create new list for the gateway cluster... + hostGroupListPointer = getObjectList(objectPointer->label.c_str()); + hostGroupListPointer->type = gatewayClusterObject; + hostGroupListPointer->comment.assign(objectPointer->comment); + hostGroupListPointer->title = i18n("Gateway Clusters"); + hostGroupListPointer->description = i18n("On *DEVICETYPE* devices, a cluster of gateways can be configured to provide fault tollerance and load sharing of network traffic. This section describes the configuration of the gateway clusters."); + + // Set the object type... + objectPointer->type = gatewayClusterObject; + objectPointer->serviceOper = serviceOperEqual; + + // Copy the object to the new list... + subObjectPointer = objectPointer; + objectPointer = addObject(hostGroupListPointer); + copySourceToDestinationObjects(subObjectPointer, objectPointer); + + // Delete the old object (removes duplicate) + subObjectPointer->deleteMe = true; + break; + + case clusterMemberObject: + // Create new list for the cluster member... + hostGroupListPointer = getObjectList(objectPointer->label.c_str()); + hostGroupListPointer->type = clusterMemberObject; + hostGroupListPointer->comment.assign(objectPointer->comment); + hostGroupListPointer->title = i18n("Cluster Members"); + hostGroupListPointer->description = i18n("On *DEVICETYPE* devices, a cluster of gateways can be configured to provide fault tollerance and load sharing of network traffic. This section describes the configuration of the gateway cluster members."); + + // Set the object type... + objectPointer->type = clusterMemberObject; + objectPointer->serviceOper = serviceOperEqual; + + // Copy the object to the new list... + subObjectPointer = objectPointer; + objectPointer = addObject(hostGroupListPointer); + copySourceToDestinationObjects(subObjectPointer, objectPointer); + + // Delete the old object (removes duplicate) + subObjectPointer->deleteMe = true; + break; + + default: + break; + } + } + + // If network object is really a host... + if (objectPointer->type == networkObject) + { + if (objectPointer->netmask.compare("255.255.255.255") == 0) + objectPointer->type = hostObject; + } + + if (device->config->reportFormat == Config::Debug) + printf("%sObject Members End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sObject Configs End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + + return 0; +} + diff --git a/libnipper-0.12.6/CheckPoint/.svn/text-base/filter-rules.cpp.svn-base b/libnipper-0.12.6/CheckPoint/.svn/text-base/filter-rules.cpp.svn-base new file mode 100644 index 0000000..3204fb1 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/.svn/text-base/filter-rules.cpp.svn-base @@ -0,0 +1,901 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "filter.h" + + +bool CheckPointFilter::processDeviceRuleConfig(Device *device, ConfigLine *command, char *line, int lineSize, filterListConfig *filterListPointer, filterConfig *existingFilterPointer) +{ + // Variables... + filterObjectConfig *objectPointer = 0; + filterConfig *filterPointer = 0; + bool incrementFilterPointer = true; + bool negate = false; + + // Fix filter pointer... + if (existingFilterPointer == 0) + filterPointer = addFilter(filterListPointer); + else + filterPointer = existingFilterPointer; + + if (device->config->reportFormat == Config::Debug) + printf("%sRule Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Admin Info... + if ((strcasecmp(command->part(0), ":AdminInfo") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdmin Info Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // ID... + if ((strcasecmp(command->part(0), ":chkpf_uid") == 0) && (strcmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdmin ID Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->internalId.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sAdmin Info End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Action... + else if ((strcasecmp(command->part(0), ":action") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAction Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Drop... + if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(drop") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDrop Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->action = denyAction; + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + } + + // allow... + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(accept") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAccept Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->action = allowAction; + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sAction End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Disabled... + else if ((strcasecmp(command->part(0), ":disabled") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDisabled Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcasecmp(command->part(1), "true") == 0) + filterPointer->enabled = false; + else + filterPointer->enabled = true; + } + + // Header Text... + else if ((strcasecmp(command->part(0), ":header_text") == 0) && (strcmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRemark Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (existingFilterPointer != 0) + { + incrementFilterPointer = false; + filterPointer = insertFilter(filterListPointer, existingFilterPointer); + } + filterPointer->remarkFilter = true; + filterPointer->comment.assign(command->part(1)); + } + + // Filter Comments Text... + else if ((strcasecmp(command->part(0), ":comments") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sComments Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->comment.assign(command->part(1)); + } + + // Track (log)... + else if ((strcasecmp(command->part(0), ":track") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTracking Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Log structure + if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "log") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLog Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->log = true; + } + + // No Log structure + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "none") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLog Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->log = false; + } + + // Reference object + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTrack Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":Name") == 0) && (strcasecmp(command->part(1), "Log") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLog Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->log = true; + } + + else if ((strcasecmp(command->part(0), ":Name") == 0) && (strcasecmp(command->part(1), "None") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLog Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->log = false; + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sTrack End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sTracking End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Destination... + else if ((strcasecmp(command->part(0), ":dst") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + negate = false; + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Negate... + if ((strcasecmp(command->part(0), ":op") == 0) && (strcasecmp(command->part(1), "not in") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNegate Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + negate = true; + } + + // Member Line + else if ((strcasecmp(command->part(0), ":") == 0) && (command->part(1)[0] != '(')) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, destination); + objectPointer->type = groupObject; + if (negate == false) + objectPointer->serviceOper = serviceOperEqual; + else + objectPointer->serviceOper = serviceOperNotEqual; + objectPointer->name.assign(command->part(1)); + } + + // Reference object + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Member Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":Name") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, destination); + objectPointer->type = groupObject; + if (negate == false) + objectPointer->serviceOper = serviceOperEqual; + else + objectPointer->serviceOper = serviceOperNotEqual; + objectPointer->name.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Member End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // compound object + else if ((strcasecmp(command->part(0), ":compound") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Compound Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Compound Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, destination); + objectPointer->type = compoundObject; + objectPointer->serviceOper = serviceOperEqual; + objectPointer->name.assign(command->part(1) + 1); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Compound End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sDestination End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Source... + else if ((strcasecmp(command->part(0), ":src") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSource Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + negate = false; + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Negate... + if ((strcasecmp(command->part(0), ":op") == 0) && (strcasecmp(command->part(1), "not in") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNegate Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + negate = true; + } + + // Member Line + else if ((strcasecmp(command->part(0), ":") == 0) && (command->part(1)[0] != '(')) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSource Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, source); + objectPointer->type = groupObject; + if (negate == false) + objectPointer->serviceOper = serviceOperEqual; + else + objectPointer->serviceOper = serviceOperNotEqual; + objectPointer->name.assign(command->part(1)); + } + + // Reference object + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSource Member Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":Name") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSource Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, source); + objectPointer->type = groupObject; + if (negate == false) + objectPointer->serviceOper = serviceOperEqual; + else + objectPointer->serviceOper = serviceOperNotEqual; + objectPointer->name.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sSource Member End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // compound object + else if ((strcasecmp(command->part(0), ":compound") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSource Compound Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSource Compound Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, source); + objectPointer->type = compoundObject; + objectPointer->serviceOper = serviceOperEqual; + objectPointer->name.assign(command->part(1) + 1); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sSource Compound End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sSource End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Install... + else if ((strcasecmp(command->part(0), ":install") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInstall Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Member Line + if ((strcasecmp(command->part(0), ":") == 0) && (command->part(1)[0] != '(')) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInstall Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, installed); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + objectPointer->name.assign(command->part(1)); + } + + // Reference object + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInstall Member Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":Name") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInstall Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, installed); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + objectPointer->name.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sInstall Member End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sInstall End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // through... + else if ((strcasecmp(command->part(0), ":through") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sThrough Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Member Line + if ((strcasecmp(command->part(0), ":") == 0) && (command->part(1)[0] != '(')) + { + if (device->config->reportFormat == Config::Debug) + printf("%sThrough Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, through); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + objectPointer->name.assign(command->part(1)); + } + + // Reference object + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sThrough Member Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":Name") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sThrough Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, through); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + objectPointer->name.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sThrough Member End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sThrough End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Services... + else if ((strcasecmp(command->part(0), ":services") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + negate = false; + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Negate... + if ((strcasecmp(command->part(0), ":op") == 0) && (strcasecmp(command->part(1), "not in") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNegate Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + negate = true; + } + + // Member Line + else if ((strcasecmp(command->part(0), ":") == 0) && (command->part(1)[0] != '(')) + { + if (device->config->reportFormat == Config::Debug) + printf("%sServices Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, destinationService); + objectPointer->type = groupObject; + if (negate == false) + objectPointer->serviceOper = serviceOperEqual; + else + objectPointer->serviceOper = serviceOperNotEqual; + objectPointer->name.assign(command->part(1)); + } + + // Reference object + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sServices Member Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":Name") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sServices Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, destinationService); + objectPointer->type = groupObject; + if (negate == false) + objectPointer->serviceOper = serviceOperEqual; + else + objectPointer->serviceOper = serviceOperNotEqual; + objectPointer->name.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sServices Member End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sServices End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sRule End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + + return incrementFilterPointer; +} + diff --git a/libnipper-0.12.6/CheckPoint/.svn/text-base/filter-services.cpp.svn-base b/libnipper-0.12.6/CheckPoint/.svn/text-base/filter-services.cpp.svn-base new file mode 100644 index 0000000..85e108c --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/.svn/text-base/filter-services.cpp.svn-base @@ -0,0 +1,289 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "filter.h" + + +int CheckPointFilter::processDeviceServicesConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + netObjectListConfig *serviceListPointer = 0; + netObjectListConfig *serviceGroupListPointer = 0; + filterObjectConfig *objectPointer = 0; + filterObjectConfig *subObjectPointer = 0; + objectType tempType = enhancedServiceObject; + + if (device->config->reportFormat == Config::Debug) + printf("%sServices Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + serviceListPointer = getObjectList("Services"); + serviceListPointer->type = enhancedServiceObject; + serviceListPointer->title = i18n("Service List"); + serviceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices services. These services can be directly used in the policy rules or grouped into service groups."); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // New service... + if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addObject(serviceListPointer); + objectPointer->name.assign(command->part(1) + 1); + objectPointer->type = enhancedServiceObject; + objectPointer->serviceOper = serviceOperEqual; + tempType = enhancedServiceObject; + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Protocol... + if ((strcasecmp(command->part(0), ":protocol") == 0) && (strcasecmp(command->part(1), "()") != 0) && (strcasecmp(command->part(1), "-1") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sProtocol Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, protocol); + subObjectPointer->name.assign(device->getProtocol(atoi(command->part(1)))); + subObjectPointer->type = protocolObject; + subObjectPointer->serviceOper = serviceOperEqual; + } + + // Port... + else if ((strcasecmp(command->part(0), ":port") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, destinationService); + subObjectPointer->name.assign(command->part(1)); + subObjectPointer->type = portObject; + subObjectPointer->serviceOper = serviceOperEqual; + } + + // Source Port... + else if ((strcasecmp(command->part(0), ":src_port") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSource Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, sourceService); + subObjectPointer->name.assign(command->part(1)); + subObjectPointer->type = portObject; + subObjectPointer->serviceOper = serviceOperEqual; + } + + // ICMP... + else if ((strncasecmp(command->part(0), ":icmp_", 6) == 0) && (objectPointer->protocol == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sProtocol ICMP Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, protocol); + subObjectPointer->name.assign("ICMP"); + subObjectPointer->type = protocolObject; + subObjectPointer->serviceOper = serviceOperEqual; + objectPointer->type = otherObject; + } + + // Type... + else if ((strcasecmp(command->part(0), ":type") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sProtocol Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcasecmp(command->part(1), "group") == 0) + { + tempType = serviceObject; + } + else if (strcasecmp(command->part(1), "other") == 0) + objectPointer->type = otherObject; + else if (objectPointer->protocol == 0) + { + subObjectPointer = addObject(objectPointer, protocol); + subObjectPointer->name.assign(command->part(1)); + } + } + + // Comments... + else if ((strcasecmp(command->part(0), ":comments") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sComments Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer->comment.assign(command->part(1)); + } + + // Group Members... + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, members); + subObjectPointer->name.assign(command->part(1)); + subObjectPointer->type = groupObject; + subObjectPointer->serviceOper = serviceOperEqual; + } + + // Group Members... + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Member Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, members); + subObjectPointer->type = groupObject; + subObjectPointer->serviceOper = serviceOperEqual; + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Name... + if (strcasecmp(command->part(0), ":Name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Member Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer->name.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Member End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (tempType == serviceObject) + { + serviceGroupListPointer = getObjectList(objectPointer->name.c_str()); + serviceGroupListPointer->type = serviceObject; + serviceGroupListPointer->comment.assign(objectPointer->comment); + serviceGroupListPointer->title = i18n("Service Groups"); + serviceGroupListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices service groups. Service groups ease administration by enabling services to be grouped and then the group can be used within a policy rule, rather than listing each individual service for a specific rule."); + objectPointer->deleteMe = true; + + // Go through any added members and transfer to objects of this group... + subObjectPointer = objectPointer->members; + while (subObjectPointer != 0) + { + objectPointer = addObject(serviceGroupListPointer); + copySourceToDestinationObjects(subObjectPointer, objectPointer); + subObjectPointer->deleteMe = true; + subObjectPointer = subObjectPointer->next; + } + } + + // Add in any source and destination ports... + if (objectPointer->type == enhancedServiceObject) + { + if (objectPointer->sourcePort == 0) + { + subObjectPointer = addObject(objectPointer, sourceService); + subObjectPointer->name.assign(i18n("Any")); + } + if (objectPointer->destinationPort == 0) + { + subObjectPointer = addObject(objectPointer, destinationService); + subObjectPointer->name.assign(i18n("Any")); + } + } + + if (device->config->reportFormat == Config::Debug) + printf("%sObject Service End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sServices End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + + return 0; +} + + diff --git a/libnipper-0.12.6/CheckPoint/.svn/text-base/filter.cpp.svn-base b/libnipper-0.12.6/CheckPoint/.svn/text-base/filter.cpp.svn-base new file mode 100644 index 0000000..b2e28b8 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/.svn/text-base/filter.cpp.svn-base @@ -0,0 +1,481 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "filter.h" + + +CheckPointFilter::CheckPointFilter() +{ + // Object options... + networkObjectName = i18n("Network Objects"); // The name for the object (used in config report) + networkObjectDescription = i18n(""); // The description for the object (config report) + protocolObjectName = i18n("Protocol Objects"); // The name for the object (used in config report) + protocolObjectDescription = i18n(""); // The description for the object (config report) + icmpObjectName = i18n("*ABBREV*ICMP*-ABBREV* Objects"); // The name for the object (used in config report) + icmpObjectDescription = i18n(""); // The description for the object (config report) + serviceObjectName = i18n("Service Objects"); // The name for the object (used in config report) + serviceObjectDescription = i18n(""); // The description for the object (config report) + + // Filter device options... + denyAllAndLogDefault = false; // Does it deny all and log by default? + logOnlyDenySupported = false; // Is only Drop rule logging supported + defaultFilterActionSupported = false; // Default action supported on the device + allowByDefault = false; // Allow by default? + defaultActionIsAllow = false; // Is the default action to allow + logLevelsSupported = false; // Are log Levels supported + noAccessWithoutFilters = true; // Is access not granted if no filters are configured + filterSupportsInstalled = true; // If filtering supports installed (i.e. CheckPoint) + filterSupportsThrough = true; // If a filtering supports through (i.e. CheckPoint) + rejectRulesSupported = false; // If reject rules are supported + bypassRulesSupported = false; // If bypass rules are supported + defaultRulesSupported = false; // If default rules are supported + ruleListsAreAssigned = false; // Rule lists are assigned to specific elements + allowName = i18n("Accept"); // The name given to an allowed filter + denyName = i18n("Drop"); // The name given to a denied filter + rejectName = i18n("Reject"); // The name given to a rejected filter + filterConfigTitle = i18n("Policy Collection Configuration"); // The Title for the configuration report section + filterConfigText = i18n("A policy determines which network traffic are allowed to pass through the networks managed by the *DEVICETYPE* device, or if it is to be dropped. The policy is processed one rule at a time with the first rule that matches the network packet applying."); // The device specific configuration report section text + filterConfigText2 = i18n(""); // The device specific configuration report section text2 + useFilterID = false; // Use the filter ID to identify a filter (otherwise a line no. is used) + filterIDTitle = i18n("Rule"); // The title for the filter ID/line no. table column + filterListName = i18n("policy"); // The name of the filter list, for use in text paragraphs + filterListNameTitle = i18n("Policy"); // The name of the filter list, for use in titles + filterListNamePlaural = i18n("policies"); // The name of the filter list, for use in text paragraphs + filterTitle = i18n("Rule"); // The name of a filter, for use in titles + filterTitlePlaural = i18n("Rules"); // The name of a filter, for use in titles + filterName = i18n("rule"); // The name of a filter, for use use in text paragraph + filterNamePlaural = i18n("rules"); // The name of a filter, for use use in text paragraph + + // Issue titles... + allowAndNotLogIssue = i18n("Not All Accept Rules Log Access"); // The title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogTable = i18n("Accept rules that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogConcl = i18n("not all accept rules log access"); // The conclusions text for the "All Allow Rules Do Not Log" issue + allowAndNotLogReco = i18n("Configure logging for all rules"); // The recommendations text for "All Allow Rules Do Not Log" (and deny) issue + denyAndNotLogIssue = i18n("Not All Drop Rules Log Access"); // The title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogTable = i18n("Drop rules that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogConcl = i18n("not all deny rules log access"); // The conclusions text for the "All Allow Rules Do Not Log" issue + configRuleLogging = i18n("Logging can be enabled for each rule individually using the standard *DEVICETYPE* device management tools."); // The text describing how to configure logging for filter rules + noFilteringIssue = i18n("No Policies Were Configured"); // The title text for the "No filtering" issue + noFilteringRec = i18n("Configure policies to restict access"); // The title text for the "No filtering" recommendation + noFilteringCon = i18n("no policies were configured"); // The title text for the "No filtering" conclusion + legacyIssueFinding = i18n(""); // The finding for the legacy issue + legacyIssueImpact = i18n(""); // The impact for the legacy issue + legacyIssueEase = i18n(""); // The ease for the legacy issue + legacyIssueRec = i18n(""); // The recommendation for the legacy issue + allowAnythingTable = i18n("Rules accept any access"); // The allow anything table title text + allowWeakTable = i18n("Rules provide weak filtering"); // Weak source/service/destination/service table title text + allowAnyAnyAnyTable = i18n("Rules accept any host to access any destination and service"); // The allow any source, destination and service table title text + allowWeakWeakWeakTable = i18n("Rules provide weak filtering of source, destination and service"); // The allow weak source, destination and service table title text + allowAnyServiceAnyTable = i18n("Rules allow any source port to any destination and service"); // The allow any source port, destination and service table title text + allowWeakServiceAnyTable = i18n("Rules provide weak filtering of source port to destination and service"); // The allow weak source, destination and service table title text + allowAnyAnyTable = i18n("Rules accept any source to any destination"); // The allow any source, destination table title text + allowAnyAnyServiceTable = i18n("Rules accept any source to any destination service"); // The allow any source, destination service table title text + allowAnyDestServiceTable = i18n("Rules accept any destination and service"); // The allow any destination and service table title text + allowAnyPortDestTable = i18n("Rules accept any source port to any destination address"); // The allow any source port to any destination table title text + allowAnyPortServiceTable = i18n("Rules accept any source port to any destination service"); // The allow any source port to any dest service table title text + allowWeakWeakTable = i18n("Rules accept weak filtering of source and destination addresses"); // The allow weak source, destination addresses + allowWeakWeakServiceTable = i18n("Rules accept weak source addresses and destination services"); // The allow weak source, destination service table title text + allowDestAndServiceTable = i18n("Rules accept weak destination addresses and services");// The allow weak destination and service table title text + allowWeakPortDestTable = i18n("Rules accept weak source ports and destination"); // The allow weak source port to Destination table title text + allowWeakPortServiceTable = i18n("Rules accept weak source ports and destination services"); // The allow weak source port to service table title text + allowAnySourceTable = i18n("Rules accept from any source address"); // The allow any source address table title text + allowNetSourceTable = i18n("Rules accept from a network source address"); // The allow a network source address table title text + allowAnyPortTable = i18n("Rules accept from any source port"); // The allow any source port table title text + allowRangePortTable = i18n("Rules accept from a source port range"); // The allow range source port table title text + allowAnyDestTable = i18n("Rules accept to any destination"); // The allow any destination table title text + allowNetDestTable = i18n("Rules accept to a network destination"); // The allow a network destination table title text + allowToAnyDestServiceTable = i18n("Rules accept to any destination service"); // The allow any destination service table title text + allowToNetDestServiceTable = i18n("Rules accept to a destination service range"); // The allow a destination service range table title text + bypassContentFilterCon = i18n("Rules were configured that bypass the content filtering"); // Bypass filter conclusion text + bypassContentFilterRec = i18n("Connfigure rules that do not bypass the content filtering"); // Bypass filter recommendation text + defaultFilterCon = i18n("Rules were configured that default to the ports filtering action"); // Default filter conclusion text + defaultFilterRec = i18n("Configure Rules that do not default to the ports filtering action"); // Default filter recommendation text + rejectSecurityIssueTitle = i18n("Reject Rules Were Configured"); // Reject filter title text + securityRejectTextCon = i18n("Rules were configured that reject network traffic"); // Reject filter conclusion text + securityRejectTextRec = i18n("Configure rules to drop rather than reject network traffic"); // Reject filter recommendation text + clearTextServiceCon = i18n("Rules were configured that accept access to clear text protocol services"); // Clear Text Service conclusions text + clearTextServiceRec = i18n("Configure rules to drop access to any clear text protocol services"); // Clear Text Service recommendations text2 + configureFilterListRecIssueText = i18n(""); // The text and commands to configure a filter list + configureFilterRecIssueText = i18n(""); // The text and commands to configure a filter + unnecessaryServiceCon = i18n("Rules were configured that accept access to potentially unnecessary services"); // Unnecessary Service conclusions text + unnecessaryServiceRec = i18n("Configure rules to drop access to any unnecessary services"); // Unnecessary Service recommendations text2 + filtersWithNoCommentsTitle = i18n("Not All Rules Include Comments"); // Filters with no comments title text + noFilterCommentsCon = i18n("not all rules include comment text indicating their purpose"); // The no comments conclusion text + noFilterCommentsRec = i18n("Configure comment text for all rules"); // The no comments recommendation text + configureFilterCommentText = i18n(""); // The text and commands to configure a filters comment text + disabledFiltersTitle = i18n("Disabled Rules Were Configured"); // The disabled filter issues title text + removeFilterText = i18n(""); // The commands and text to delete a filter + disabledFilterCon = i18n("disabled rules were configured"); // The disabled filter conclusion text + disabledFilterRec = i18n("Remove all disabled rules"); // The disabled filter recommendation text + defaultActionIssueTitle = i18n("The Default Network Filtering Action Accepts Access"); // The default filter action issue title + defaultActionIssueCon = i18n("the default Policy action was configured to accept access when a rule does not match"); // The default filter action conclusion text + defaultActionIssueRec = i18n("Set the default policy action to drop network traffic"); // The default filter action recommendation text + configureDefaultActionText = i18n(""); // The text and commands to configure the default action + unusedFiltersIssueTitle = i18n("Unused Rules Were Configured At The Policies End"); // Unused filters at the end of the filter list title + unusedFiltersIssueCon = i18n("unused rules were configured at the end of the Policies"); // Unused filters issue conclusions text + unusedFiltersIssueRec = i18n("Remove all unused rules"); // Unused filters issue recommendation text + denyAllLogIssueTitle = i18n("Policy Does Not End with Drop All And Log"); // Drop All And Log Issue title + denyAllLogConfigure = i18n(""); // The text and commands to add a deny all and log line + denyAllLogIssueCon = i18n("not all policies end with a deny all and log "); // The deny all and log conclusions text + denyAllLogIssueRec = i18n("Configure a deny all and log rule as the last rule in each policy"); // The deny all and log recommendations text + contradictIssueTitle = i18n("Contradicting Rules Were Configured"); // The contradict issue title + contradictIssueTable = i18n("contradictions of rule"); // The contradict table issue title + contradictIssueCon = i18n("Rules were configured that contradict other rules"); // The contradict issue conclusion + contradictIssueRec = i18n("Reconfigure the rules so they do not contradict other rules"); // The contradict issue recommendation + duplicateIssueTitle = i18n("Duplicate Rules Were Configured"); // The duplicate/overlapping issue title + duplicateIssueTable = i18n("duplicates of rule"); // The duplicate/overlapping issue title + duplicateIssueCon = i18n("Rules were configured that duplicate the configuration of other rules"); // The duplicate/overlapping issue title + duplicateIssueRec = i18n("Reconfigure the Rules so that the rules do not duplicate other rules"); // The duplicate/overlapping issue title +} + + +CheckPointFilter::~CheckPointFilter() +{ +} + + +int CheckPointFilter::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int errorCode = 0; + + // If objects... + if ((strcmp(command->part(0), ":netobj") == 0) || (strcmp(command->part(0), ":network_objects") == 0)) + errorCode = processDeviceObjectConfig(device, command, line, lineSize); + + // Services Start... + else if ((strcmp(command->part(0), ":servobj") == 0) || (strcmp(command->part(0), ":services") == 0)) + errorCode = processDeviceServicesConfig(device, command, line, lineSize); + + return errorCode; +} + + +int CheckPointFilter::processWRulesDevice(Device *device, const char *policyList, bool active) +{ + // Variables... + Filter::filterListConfig *filterListPointer = 0; + char line[1024]; + ConfigLine command; + + // Read a line from the config... + device->readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Collection Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList(policyList); + filterListPointer->active = active; + filterListPointer->type = i18n("Policy"); + filterListPointer->typeDescription = i18n("A policy is a collection of rules that determine whether traffic managed by the *DEVICETYPE* device is accepted or dropped. This section details the policy collection rules."); + + filterListPointer->legacyType = false; // Is the filter list a legacy type? + filterListPointer->sourceOnly = false; // The type of filter + filterListPointer->loggingSupport = true; // Does the filter list support logging + filterListPointer->supportsTime = true; // Filter support time (dest only) + filterListPointer->supportsFragments = false; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = false; // Filter support established (dest only) + filterListPointer->sourceServiceSupported = false; // If source services are supported + filterListPointer->disabledFilterSupport = true; // Is it possible to disable filters? + filterListPointer->filterCommentsSupported = true; // Are filter comments supported + filterListPointer->showProtocol = false; // Show the protocol? (some devices use a configured service) + filterListPointer->showFilterZones = false; // Does the filter use filter-based zones (i.e. SonicWALL) + filterListPointer->showStop = false; // Does the filter have a stop status (i.e. Passport devices) + filterListPointer->showFilterType = false; // Does the filter have a type (i.e. like on Passport devices) + + // The process device configuration file loop... + while ((feof(device->inputFile) == 0) && (strcmp(command.part(0), ")") != 0)) + { + + // Read a line from the config... + device->readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Rules Start... + if ((strcmp(command.part(0), ":rule") == 0) && (strcmp(command.part(1), "()") != 0)) + processDeviceRuleConfig(device, &command, (char *)line, sizeof(line), filterListPointer); + + // Unknown CheckPoint Structure... + else if ((strncmp(command.part(0), ":", 1) == 0) && (strcmp(command.part(1), "()") != 0) && (command.part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(&command, (char *)&line, sizeof(line)); + + // All others... + else if (command.part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Collection End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + return 0; +} + + +int CheckPointFilter::processRRulesDevice(Device *device) +{ + // Variables... + Filter::filterListConfig *filterListPointer = 0; + char line[1024]; + ConfigLine command; + + // Read a line from the config... + device->readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (device->config->reportFormat == Config::Debug) + printf("%sRules File Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList(device->deviceMake); + filterListPointer->active = true; + filterListPointer->type = i18n("Policy"); + filterListPointer->typeDescription = i18n("A policy is a collection of rules that determine whether traffic managed by the *DEVICETYPE* device is accepted or dropped. This section details the policy collection rules."); + + filterListPointer->legacyType = false; // Is the filter list a legacy type? + filterListPointer->sourceOnly = false; // The type of filter + filterListPointer->loggingSupport = true; // Does the filter list support logging + filterListPointer->supportsTime = true; // Filter support time (dest only) + filterListPointer->supportsFragments = false; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = false; // Filter support established (dest only) + filterListPointer->sourceServiceSupported = false; // If source services are supported + filterListPointer->disabledFilterSupport = true; // Is it possible to disable filters? + filterListPointer->filterCommentsSupported = true; // Are filter comments supported + filterListPointer->showProtocol = false; // Show the protocol? (some devices use a configured service) + filterListPointer->showFilterZones = false; // Does the filter use filter-based zones (i.e. SonicWALL) + filterListPointer->showStop = false; // Does the filter have a stop status (i.e. Passport devices) + filterListPointer->showFilterType = false; // Does the filter have a type (i.e. like on Passport devices) + + // The process device configuration file loop... + while ((feof(device->inputFile) == 0) && (strcmp(command.part(0), ")") != 0)) + { + + // Read a line from the config... + device->readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Rules Start... + if ((strcmp(command.part(0), ":rules") == 0) && (strcmp(command.part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRules Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // The process device configuration file loop... + while ((feof(device->inputFile) == 0) && (strcmp(command.part(0), ")") != 0)) + { + + // Read a line from the config... + device->readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Rule Start... + if ((strcmp(command.part(0), ":") == 0) && (strcmp(command.part(1), "()") != 0)) + processDeviceRuleConfig(device, &command, (char *)line, sizeof(line), filterListPointer); + + // Unknown CheckPoint Structure... + else if ((strncmp(command.part(0), ":", 1) == 0) && (strcmp(command.part(1), "()") != 0) && (command.part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(&command, (char *)&line, sizeof(line)); + + // All others... + else if (command.part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sRules End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command.setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command.part(0), ":", 1) == 0) && (strcmp(command.part(1), "()") != 0) && (command.part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(&command, (char *)&line, sizeof(line)); + + // All others... + else if (command.part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sRules File End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + return 0; +} + + +int CheckPointFilter::processFRulesDevice(Device *device) +{ + // Variables... + Filter::filterListConfig *filterListPointer = 0; + Filter::filterConfig *filterPointer = 0; + char line[1024]; + string policyName; + bool listAlreadyExists = false; + bool incrementPointer = false; + ConfigLine command; + + // Read a line from the config... + device->readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (device->config->reportFormat == Config::Debug) + printf("%sRulebases File Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // The process device configuration file loop... + while ((feof(device->inputFile) == 0) && (strcmp(command.part(0), ")") != 0)) + { + + // Read a line from the config... + device->readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Rulebase Start... + if ((strcmp(command.part(0), ":rule-base") == 0) && (strcmp(command.part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRulebase Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + policyName.assign(command.part(1) + 4); + policyName.resize(policyName.size() - 1); + filterPointer = 0; + + filterListPointer = getOnlyFilterList(policyName.c_str()); + if (filterListPointer == 0) + { + listAlreadyExists = false; + filterListPointer = getFilterList(policyName.c_str()); + filterListPointer->type = i18n("Policy"); + filterListPointer->typeDescription = i18n("A policy is a collection of rules that determine whether traffic managed by the *DEVICETYPE* device is accepted or dropped. This section details the policy collection rules."); + + filterListPointer->legacyType = false; // Is the filter list a legacy type? + filterListPointer->sourceOnly = false; // The type of filter + filterListPointer->loggingSupport = true; // Does the filter list support logging + filterListPointer->supportsTime = true; // Filter support time (dest only) + filterListPointer->supportsFragments = false; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = false; // Filter support established (dest only) + filterListPointer->sourceServiceSupported = false; // If source services are supported + filterListPointer->disabledFilterSupport = true; // Is it possible to disable filters? + filterListPointer->filterCommentsSupported = true; // Are filter comments supported + filterListPointer->showProtocol = false; // Show the protocol? (some devices use a configured service) + filterListPointer->showFilterZones = false; // Does the filter use filter-based zones (i.e. SonicWALL) + filterListPointer->showStop = false; // Does the filter have a stop status (i.e. Passport devices) + filterListPointer->showFilterType = false; // Does the filter have a type (i.e. like on Passport devices) + } + else + { + listAlreadyExists = true; + filterPointer = filterListPointer->filter; + } + + // The process device configuration file loop... + while ((feof(device->inputFile) == 0) && (strcmp(command.part(0), ")") != 0)) + { + + // Read a line from the config... + device->readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Default Line... + if (strcmp(command.part(0), ":default") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRulebase Default Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (listAlreadyExists == false) + { + if (command.part(1)[0] == '1') + filterListPointer->active = true; + else + filterListPointer->active = false; + } + } + + // Rule Start... + else if ((strcmp(command.part(0), ":rule") == 0) && (strcmp(command.part(1), "()") != 0)) + { + incrementPointer = processDeviceRuleConfig(device, &command, (char *)line, sizeof(line), filterListPointer, filterPointer); + if ((incrementPointer == true) && (filterPointer != 0)) + filterPointer = filterPointer->next; + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command.part(0), ":", 1) == 0) && (strcmp(command.part(1), "()") != 0) && (command.part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(&command, (char *)&line, sizeof(line)); + + // All others... + else if (command.part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sRulebase End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command.setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command.part(0), ":", 1) == 0) && (strcmp(command.part(1), "()") != 0) && (command.part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(&command, (char *)&line, sizeof(line)); + + // All others... + else if (command.part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sRulebases File End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + return 0; +} + diff --git a/libnipper-0.12.6/CheckPoint/.svn/text-base/filter.h.svn-base b/libnipper-0.12.6/CheckPoint/.svn/text-base/filter.h.svn-base new file mode 100644 index 0000000..0e3524f --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/.svn/text-base/filter.h.svn-base @@ -0,0 +1,59 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CheckPointFilter_H +#define CheckPointFilter_H + + +#include "../device/filter/filter.h" + + +class CheckPointFilter : public Filter +{ + public: + CheckPointFilter(); + ~CheckPointFilter(); + + int processWRulesDevice(Device *device, const char *policyList, bool active); // *.W files + int processRRulesDevice(Device *device); // rules.C file + int processFRulesDevice(Device *device); // rulebases*.fws files + + + private: + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDeviceObjectConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDeviceServicesConfig(Device *device, ConfigLine *command, char *line, int lineSize); + bool processDeviceRuleConfig(Device *device, ConfigLine *command, char *line, int lineSize, filterListConfig *filterListPointer, filterConfig *existingFilterPointer = 0); +}; + + +#endif + diff --git a/libnipper-0.12.6/CheckPoint/.svn/text-base/general.cpp.svn-base b/libnipper-0.12.6/CheckPoint/.svn/text-base/general.cpp.svn-base new file mode 100644 index 0000000..aa24061 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/.svn/text-base/general.cpp.svn-base @@ -0,0 +1,143 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#include "../globaldefs.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +CheckPointGeneral::CheckPointGeneral() +{ +} + + +int CheckPointGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + //int tempInt = 0; + //bool setting = false; + + // Init +/* if (strcmp(command->part(0), "unset") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 1; + setting = true; + } + + // Hostname + if (strcmp(command->part(tempInt), "hostname") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHostname Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostname = command->part(tempInt + 1); + }*/ + + return 0; +} + + +int CheckPointGeneral::processDefaults(Device *device) +{ + hostname.assign("noname"); + + // Split Version Numbers... +/* if (!version.empty()) + { + versionMajor = atoi(version.c_str()); + if ((version.find_first_of('.') != string::npos) && (version.length() > version.find_first_of('.') + 1)) + versionMinor = atoi(version.c_str() + version.find_first_of('.') + 1); + }*/ + + return 0; +} + + +int CheckPointGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; +/* + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-GENERAL"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-GENERAL-TABLE"); + + // Password Encryption... + if (servicePasswordEncryption != unconfigured) + { + device->addTableData(paragraphPointer->table, i18n("Service Password Encryption")); + if (servicePasswordEncryption == on) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + }*/ + + return errorCode; +} + + +int CheckPointGeneral::generateSecuritySpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; +/* + // Service Password Encryption... + if (servicePasswordEncryption == off) + { + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Service Password Encryption Disabled")); + securityIssuePointer->reference.assign("IOS.PASSENCR.1"); + securityIssuePointer->overallRating = 8; + securityIssuePointer->impactRating = 9; + securityIssuePointer->easeRating = 2; + securityIssuePointer->fixRating = 1; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("Cisco service passwords by default are stored in their clear text form rather than being encrypted. However, it is possible to have these passwords stored using the reversible Cisco type-7 encryption. *COMPANY* determined that the service password encryption that helps to provide a basic level of encryption for passwords that otherwise would be stored in clear text was disabled on the Cisco device *DEVICENAME*.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("The Cisco type-7 password encryption provides little in the way of protection against an attacker who has access to the configuration file. However, the Cisco type-7 password encryption would provide a level of protect against a malicious user who had managed to briefly view a devices configuration.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("If a malicious user were able to glance a password from a devices configuration they could use it to gain a level of access to *DEVICENAME*. If the passwords were encrypted using the Cisco type-7 routine, a malicious user that had access to the devices configuration would have to decode the password first. Tools are widely available on the Internet that can reverse Cisco type-7 passwords.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that the Cisco password encryption service be enabled. The Cisco password encryption service can be started with the following Cisco *ABBREV*IOS*-ABBREV* command:")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*CODE**COMMAND*service password-encryption*-COMMAND**-CODE*")); + securityIssuePointer->conLine.assign(i18n("service password encryption was disabled")); + securityIssuePointer->recLine.assign(i18n("enable the service password encryption")); + }*/ + return errorCode; +} diff --git a/libnipper-0.12.6/CheckPoint/.svn/text-base/general.h.svn-base b/libnipper-0.12.6/CheckPoint/.svn/text-base/general.h.svn-base new file mode 100644 index 0000000..5cc4ecc --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/.svn/text-base/general.h.svn-base @@ -0,0 +1,53 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CheckPointdevicegeneral_H +#define CheckPointdevicegeneral_H + +#include "../device/general/general.h" + + +class CheckPointGeneral : public General +{ + public: + CheckPointGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Reporting... + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/CheckPoint/device-policies.cpp b/libnipper-0.12.6/CheckPoint/device-policies.cpp new file mode 100644 index 0000000..e714a0a --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/device-policies.cpp @@ -0,0 +1,136 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" + + +int CheckPointDevice::processPolicyCollections(ConfigLine *command, char *line, int lineSize) +{ + // Variables... + policyCollections *policyPointer = 0; + + if (config->reportFormat == Config::Debug) + printf("%sPolicy Collection Start Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + + while ((feof(inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // New policy... + if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0)) + { + if (config->reportFormat == Config::Debug) + printf("%sPolicy Start Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + + // Create policy + if (policies == 0) + { + policies = new (policyCollections); + policyPointer = policies; + } + else + { + policyPointer = policies; + while (policyPointer->next != 0) + policyPointer = policyPointer->next; + policyPointer->next = new (policyCollections); + policyPointer = policyPointer->next; + } + + // Init new policy... + policyPointer->next = 0; + policyPointer->policyName.assign(command->part(1) + 1); + + while ((feof(inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // default... + if (strcasecmp(command->part(0), ":default") == 0) + { + if (config->reportFormat == Config::Debug) + printf("%sPolicy Default Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + + if (command->part(1)[0] == '0') + policyPointer->active = false; + else + policyPointer->active = true; + } + + // Unknown CheckPoint Structure... + else if ((command->part(0)[0] == ':') && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + { + processUnknownCheckPointConfig(command, line, lineSize); + } + + // All others... + else if (command->part(0)[0] != ')') + lineNotProcessed(line); + } + + if (config->reportFormat == Config::Debug) + printf("%sPolicy End Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + lineNotProcessed(line); + } + + if (config->reportFormat == Config::Debug) + printf("%sPolicy Collection End Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + + command->setConfigLine((char *)""); + + return 0; +} + diff --git a/libnipper-0.12.6/CheckPoint/device.cpp b/libnipper-0.12.6/CheckPoint/device.cpp new file mode 100644 index 0000000..a724ce3 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/device.cpp @@ -0,0 +1,429 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include +#include +#include +#include + +#include "../globaldefs.h" +#include "../device/errortext.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" +#include "filter.h" + + +CheckPointDevice::CheckPointDevice() +{ + deviceMake = "CheckPoint"; + deviceType = "CheckPoint-Based"; + deviceOS = "CheckPoint OS"; + + supportConfigNetworkServices = false; + + isFirewall = true; + policies = 0; + + general = new (CheckPointGeneral); + filter = new (CheckPointFilter); +} + + +CheckPointDevice::~CheckPointDevice() +{ + // Variables... + policyCollections *policyPointer = 0; + + delete general; + delete filter; + + while (policies != 0) + { + policyPointer = policies->next; + delete policies; + policies = policyPointer; + } +} + + +int CheckPointDevice::process() +{ + // Variables... + policyCollections *policyPointer = 0; + string configDirectory; + string tempFilename; + struct stat *fileStats = 0; + int returnCode = 0; + bool addedPolicies = false; + + /* + CheckPoint files to process... + + Key: + * tables.C - Contains a list of the other files... + + Objects: + * objects_5_0.C + * objects.C_41 + * objects.C + + Rules: + * *.W files + * rules.C + + Rules + Comments: + * rulebases_5_0.fws + * rulebases.fws + + Users: + * fwauth.NDB + */ + + // Check if input is a directory (required)... + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(config->inputSource, fileStats); + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + delete fileStats; + return deviceerror_inputnotadirectory; + } + delete fileStats; + + // Add Directory slash if it does not already exist + configDirectory.assign(config->inputSource); +#if !defined(__WIN32__) + if (configDirectory.c_str()[configDirectory.length() - 1] != '/') + configDirectory.append("/"); +#else + if (configDirectory.c_str()[configDirectory.length() - 1] != '\\') + configDirectory.append("\\"); +#endif + + // Process CheckPoint Object Files... + tempFilename.assign(configDirectory); + tempFilename.append("objects_5_0.C"); + config->inputSource = tempFilename.c_str(); + returnCode = openInput(); + if (returnCode != 0) + { + tempFilename.assign(configDirectory); + tempFilename.append("objects.C_41"); + config->inputSource = tempFilename.c_str(); + returnCode = openInput(); + if (returnCode != 0) + { + tempFilename.assign(configDirectory); + tempFilename.append("objects.C"); + config->inputSource = tempFilename.c_str(); + returnCode = openInput(); + } + } + if (returnCode != 0) + return deviceerror_objectsfilenotfound; + returnCode = processDevice(); + fclose(inputFile); + if (returnCode != 0) + return returnCode; + + // Process CheckPoint Rules Files... + + // Try policy collection first... + policyPointer = policies; + while (policyPointer != 0) + { + tempFilename.assign(configDirectory); + tempFilename.append(policyPointer->policyName); + tempFilename.append(".W"); + config->inputSource = tempFilename.c_str(); + returnCode = openInput(); + if (returnCode == 0) + { + returnCode = ((CheckPointFilter *)filter)->processWRulesDevice(this, policyPointer->policyName.c_str(), policyPointer->active); + fclose(inputFile); + addedPolicies = true; + } + policyPointer = policyPointer->next; + returnCode = 0; + } + + // If policies still have not been added... + if (addedPolicies == false) + { + tempFilename.assign(configDirectory); + tempFilename.append("rules.C"); + config->inputSource = tempFilename.c_str(); + returnCode = openInput(); + if (returnCode == 0) + { + returnCode = ((CheckPointFilter *)filter)->processRRulesDevice(this); + fclose(inputFile); + } + } + + // Process CheckPoint Rules With Comments Files... + tempFilename.assign(configDirectory); + tempFilename.append("rulebases_5_0.fws"); + config->inputSource = tempFilename.c_str(); + returnCode = openInput(); + if (returnCode != 0) + { + tempFilename.assign(configDirectory); + tempFilename.append("rulebases.fws"); + config->inputSource = tempFilename.c_str(); + returnCode = openInput(); + } + if (returnCode == 0) + { + returnCode = ((CheckPointFilter *)filter)->processFRulesDevice(this); + fclose(inputFile); + } + else + returnCode = 0; + + // Process Users... + + // Post processing defaults... + setPostCommonDefaults(); + + // Post device specific processing defaults... + setPostDefaults(); + + return returnCode; +} + + +int CheckPointDevice::processDevice() +{ + // Variables... + char line[1024]; + ConfigLine command; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Starting... + if ((strcmp(command.part(0), "(") == 0) && (strcmp(command.part(1), ")") != 0)) + { + if (config->reportFormat == Config::Debug) + printf("%sConfig Content Starts Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (strcmp(command.part(0), ")") != 0)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Network Objects Start... + if (((strcmp(command.part(0), ":netobj") == 0) || (strcmp(command.part(0), ":network_objects") == 0)) && (strcmp(command.part(1), "()") != 0)) + filter->processDeviceConfig(this, &command, (char *)line, sizeof(line)); + + // Services Start... + else if (((strcmp(command.part(0), ":servobj") == 0) || (strcmp(command.part(0), ":services") == 0)) && (strcmp(command.part(1), "()") != 0)) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Policy Collections... + else if ((strcmp(command.part(0), ":policies_collections") == 0) && (strcmp(command.part(1), "()") != 0)) + processPolicyCollections(&command, (char *)&line, sizeof(line)); + + // Unknown CheckPoint Structure... + else if ((strncmp(command.part(0), ":", 1) == 0) && (strcmp(command.part(1), "()") != 0) && (command.part(1)[0] == '(')) + processUnknownCheckPointConfig(&command, (char *)&line, sizeof(line)); + + // All others... + else if (command.part(0)[0] != ')') + lineNotProcessed(line); + } + + // Ending... + if (strcmp(command.part(0), ")") == 0) + { + if (config->reportFormat == Config::Debug) + printf("%sConfig Content Ends Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + + command.setConfigLine((char *)""); + } + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command.part(0), ":", 1) == 0) && (strcmp(command.part(1), "()") != 0) && (command.part(1)[0] == '(')) + processUnknownCheckPointConfig(&command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + return 0; +} + + +int CheckPointDevice::processUnknownCheckPointConfig(ConfigLine *command, char *line, int lineSize) +{ + lineNotProcessed(line); + + while ((feof(inputFile) == 0) && (strcmp(command->part(0), ")") != 0)) + { + // Read a line from the config... + readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strncmp(command->part(0), ":", 1) == 0) && (strncmp(command->part(1), "(", 1) == 0) && (command->part(command->parts - 1)[strlen(command->part(command->parts - 1)) - 1] != ')')) + processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else + lineNotProcessed(line); + } + + command->setConfigLine((char *)""); + + return 0; +} + + +bool CheckPointDevice::isDeviceType() +{ + // Variables... + string configDirectory; + string tempFilename; + struct stat *fileStats = 0; + + // Check if input is a directory (required)... + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(config->inputSource, fileStats); + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + delete fileStats; + return false; + } + delete fileStats; + + // Add Directory slash if it does not already exist + configDirectory.assign(config->inputSource); +#if !defined(__WIN32__) + if (configDirectory.c_str()[configDirectory.length() - 1] != '/') + configDirectory.append("/"); +#else + if (configDirectory.c_str()[configDirectory.length() - 1] != '\\') + configDirectory.append("\\"); +#endif + + // Process CheckPoint Object Files... + tempFilename.assign(configDirectory); + tempFilename.append("objects_5_0.C"); + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(tempFilename.c_str(), fileStats); + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + delete fileStats; + return true; + } + delete fileStats; + tempFilename.assign(configDirectory); + tempFilename.append("objects.C_41"); + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(tempFilename.c_str(), fileStats); + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + delete fileStats; + return true; + } + delete fileStats; + tempFilename.assign(configDirectory); + tempFilename.append("objects.C"); + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(tempFilename.c_str(), fileStats); + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + delete fileStats; + return true; + } + delete fileStats; + + // Process Rules Files... + tempFilename.assign(configDirectory); + tempFilename.append("rules.C"); + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(tempFilename.c_str(), fileStats); + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + delete fileStats; + return true; + } + delete fileStats; + tempFilename.assign(configDirectory); + tempFilename.append("rulebases_5_0.fws"); + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(tempFilename.c_str(), fileStats); + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + delete fileStats; + return true; + } + delete fileStats; + tempFilename.assign(configDirectory); + tempFilename.append("rulebases.fws"); + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(tempFilename.c_str(), fileStats); + if ((fileStats->st_mode & S_IFMT) != S_IFDIR) + { + delete fileStats; + return true; + } + delete fileStats; + + return false; +} + + diff --git a/libnipper-0.12.6/CheckPoint/device.h b/libnipper-0.12.6/CheckPoint/device.h new file mode 100644 index 0000000..5952203 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/device.h @@ -0,0 +1,65 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CheckPoint_H +#define device_CheckPoint_H + + +#include "../device/device.h" + + +class CheckPointDevice : public Device +{ + public: + CheckPointDevice(); + virtual ~CheckPointDevice(); + int processUnknownCheckPointConfig(ConfigLine *command, char *line, int lineSize); + + bool isDeviceType(); + + private: + int processDevice(); + int process(); + + struct policyCollections + { + string policyName; + bool active; + struct policyCollections *next; + }; + + policyCollections *policies; + + int processPolicyCollections(ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/CheckPoint/filter-objects.cpp b/libnipper-0.12.6/CheckPoint/filter-objects.cpp new file mode 100644 index 0000000..c12ba7b --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/filter-objects.cpp @@ -0,0 +1,599 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "filter.h" + + +int CheckPointFilter::processDeviceObjectConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + netObjectListConfig *objectListPointer = 0; + netObjectListConfig *hostGroupListPointer = 0; + filterObjectConfig *objectPointer = 0; + filterObjectConfig *subObjectPointer = 0; + objectType tempType = addressBookObject; + int tempInt = 0; + + if (device->config->reportFormat == Config::Debug) + printf("%sObject Configs Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer = getObjectList("Network Objects"); + objectListPointer->type = addressBookObject; + objectListPointer->title = i18n("Network Host Configuration"); + objectListPointer->description = i18n("This section details the hosts and networks configured for use in the policy rules."); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // New object... + if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addObject(objectListPointer); + objectPointer->label.assign(command->part(1) + 1); + tempType = addressBookObject; + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // IP Address... + if ((strcasecmp(command->part(0), ":ipaddr") == 0) || (strcasecmp(command->part(0), ":ipaddr_first") == 0) || (strcasecmp(command->part(0), ":bogus_ip") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sIP Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer->name.assign(command->part(1)); + } + + // Net Mask... + else if ((strcasecmp(command->part(0), ":netmask") == 0) || (strcasecmp(command->part(0), ":ipaddr_last") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNetmask Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer->netmask.assign(command->part(1)); + } + + // Location... + else if ((strcasecmp(command->part(0), ":location") == 0) && (strcasecmp(command->part(1), "external") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLocation Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer->internal = false; + } + + // Comments... + else if ((strcasecmp(command->part(0), ":comments") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sComments Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer->comment.assign(command->part(1)); + } + + // Firewall... + else if ((strcasecmp(command->part(0), ":firewall") == 0) && (strcasecmp(command->part(1), "installed") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFirewall Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer->firewall = true; + } + + // Type... + else if (strcasecmp(command->part(0), ":type") == 0) + { + if (strcasecmp(command->part(1), "host") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHost Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempType = hostObject; + } + + else if (strcasecmp(command->part(1), "machines_range") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sMachines Range Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempType = machinesRangeObject; + } + + else if (strcasecmp(command->part(1), "dynamic_net_obj") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDynamic Net Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempType = dynamicnetObject; + } + + else if (strcasecmp(command->part(1), "group") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sGroup Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempType = groupObject; + } + + else if (strcasecmp(command->part(1), "network") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNetwork Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempType = networkObject; + } + + else if (strcasecmp(command->part(1), "gateway") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sGateway Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempType = gatewayObject; + } + + else if (strcasecmp(command->part(1), "gateway_cluster") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sGateway Cluster Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Set the object type... + tempType = gatewayClusterObject; + } + + else if (strcasecmp(command->part(1), "cluster_member") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCluster Member Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempType = clusterMemberObject; + } + + // Create a delete me object... + else + { + objectPointer->deleteMe = true; + device->lineNotProcessed(line); + } + } + + // Management... + else if ((strcasecmp(command->part(0), ":management") == 0) && (strcasecmp(command->part(1), "true") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sManagement Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer->management = true; + } + + // Interfaces... + else if ((strcasecmp(command->part(0), ":interfaces") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterfaces Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (strcmp(command->part(0), ")") != 0)) + { + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // New Interface... + if ((command->part(0)[0] == ':') && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, interfaces); + subObjectPointer->interfaceIndex = atoi(command->part(0) + 1); + subObjectPointer->type = interfaceObject; + subObjectPointer->serviceOper = serviceOperEqual; + + while ((feof(device->inputFile) == 0) && (strcmp(command->part(0), ")") != 0)) + { + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // IP Address... + if (strcasecmp(command->part(0), ":ipaddr") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer->name.assign(command->part(1)); + } + + // Net Mask... + else if (strcasecmp(command->part(0), ":netmask") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Netmask Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer->netmask.assign(command->part(1)); + } + + // Dynamic IP... + else if ((strcasecmp(command->part(0), ":dynamic_ip") == 0) && (strcasecmp(command->part(1), "(true)") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Dynamic Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer->dhcp = true; + } + else if ((strcasecmp(command->part(0), ":dynamic_ip") == 0) && (strcasecmp(command->part(1), "(false)") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Dynamic Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer->dhcp = false; + } + + else if (strcasecmp(command->part(0), ":officialname") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer->label.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sInterface End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sInterfaces End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Cluster Members... + else if ((strcasecmp(command->part(0), ":cluster_members") == 0) && (strcmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCluster Members Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((command->part(0)[0] == ':') && (strcmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCluster Member Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempInt = atoi(command->part(0) + 1); + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":Name") == 0) || (strcasecmp(command->part(0), ":refname") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCluster Member Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, members); + subObjectPointer->name.assign(command->part(1)); + subObjectPointer->type = groupObject; + subObjectPointer->serviceOper = serviceOperEqual; + subObjectPointer->interfaceIndex = tempInt; + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sCluster Member End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sCluster Members End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Members... + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, members); + subObjectPointer->name.assign(command->part(1)); + subObjectPointer->type = groupObject; + subObjectPointer->serviceOper = serviceOperEqual; + } + + // Members... + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Members Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, members); + subObjectPointer->type = groupObject; + subObjectPointer->serviceOper = serviceOperEqual; + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Name... + if (strcasecmp(command->part(0), ":Name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Member Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer->name.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sObject Member End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (objectPointer->deleteMe == false) + { + switch (tempType) + { + case hostObject: + objectPointer->serviceOper = serviceOperEqual; + objectPointer->type = hostObject; + break; + + case machinesRangeObject: + objectPointer->serviceOper = serviceOperRange; + objectPointer->type = machinesRangeObject; + break; + + case dynamicnetObject: + objectPointer->serviceOper = serviceOperEqual; + objectPointer->type = dynamicnetObject; + break; + + case networkObject: + objectPointer->type = networkObject; + objectPointer->serviceOper = serviceOperEqual; + break; + + case groupObject: + hostGroupListPointer = getObjectList(objectPointer->label.c_str()); + hostGroupListPointer->type = hostObject; + hostGroupListPointer->comment.assign(objectPointer->comment); + hostGroupListPointer->title = i18n("Host Groups"); + hostGroupListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices host groups. Host groups ease administration by enabling hosts to be grouped and the group can then be used within a policy rule, rather than listing each individual host for a specific rule."); + objectPointer->deleteMe = true; + + // Go through any added members and transfer to objects of this group... + subObjectPointer = objectPointer->members; + while (subObjectPointer != 0) + { + objectPointer = addObject(hostGroupListPointer); + copySourceToDestinationObjects(subObjectPointer, objectPointer); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + subObjectPointer->deleteMe = true; + subObjectPointer = subObjectPointer->next; + } + break; + + case gatewayObject: + // Create new list for the gateway... + hostGroupListPointer = getObjectList(objectPointer->label.c_str()); + hostGroupListPointer->type = gatewayObject; + hostGroupListPointer->comment.assign(objectPointer->comment); + hostGroupListPointer->title = i18n("Gateways"); + hostGroupListPointer->description = i18n("A *DEVICETYPE* device configuration can include multiple gateway devices. This section describes the gateway device configuration."); + + // Set the object type... + objectPointer->type = gatewayObject; + objectPointer->serviceOper = serviceOperEqual; + + // Copy the object to the new list... + subObjectPointer = objectPointer; + objectPointer = addObject(hostGroupListPointer); + copySourceToDestinationObjects(subObjectPointer, objectPointer); + + // Delete the old object (removes duplicate) + subObjectPointer->deleteMe = true; + break; + + case gatewayClusterObject: + // Create new list for the gateway cluster... + hostGroupListPointer = getObjectList(objectPointer->label.c_str()); + hostGroupListPointer->type = gatewayClusterObject; + hostGroupListPointer->comment.assign(objectPointer->comment); + hostGroupListPointer->title = i18n("Gateway Clusters"); + hostGroupListPointer->description = i18n("On *DEVICETYPE* devices, a cluster of gateways can be configured to provide fault tollerance and load sharing of network traffic. This section describes the configuration of the gateway clusters."); + + // Set the object type... + objectPointer->type = gatewayClusterObject; + objectPointer->serviceOper = serviceOperEqual; + + // Copy the object to the new list... + subObjectPointer = objectPointer; + objectPointer = addObject(hostGroupListPointer); + copySourceToDestinationObjects(subObjectPointer, objectPointer); + + // Delete the old object (removes duplicate) + subObjectPointer->deleteMe = true; + break; + + case clusterMemberObject: + // Create new list for the cluster member... + hostGroupListPointer = getObjectList(objectPointer->label.c_str()); + hostGroupListPointer->type = clusterMemberObject; + hostGroupListPointer->comment.assign(objectPointer->comment); + hostGroupListPointer->title = i18n("Cluster Members"); + hostGroupListPointer->description = i18n("On *DEVICETYPE* devices, a cluster of gateways can be configured to provide fault tollerance and load sharing of network traffic. This section describes the configuration of the gateway cluster members."); + + // Set the object type... + objectPointer->type = clusterMemberObject; + objectPointer->serviceOper = serviceOperEqual; + + // Copy the object to the new list... + subObjectPointer = objectPointer; + objectPointer = addObject(hostGroupListPointer); + copySourceToDestinationObjects(subObjectPointer, objectPointer); + + // Delete the old object (removes duplicate) + subObjectPointer->deleteMe = true; + break; + + default: + break; + } + } + + // If network object is really a host... + if (objectPointer->type == networkObject) + { + if (objectPointer->netmask.compare("255.255.255.255") == 0) + objectPointer->type = hostObject; + } + + if (device->config->reportFormat == Config::Debug) + printf("%sObject Members End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sObject Configs End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + + return 0; +} + diff --git a/libnipper-0.12.6/CheckPoint/filter-rules.cpp b/libnipper-0.12.6/CheckPoint/filter-rules.cpp new file mode 100644 index 0000000..3204fb1 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/filter-rules.cpp @@ -0,0 +1,901 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "filter.h" + + +bool CheckPointFilter::processDeviceRuleConfig(Device *device, ConfigLine *command, char *line, int lineSize, filterListConfig *filterListPointer, filterConfig *existingFilterPointer) +{ + // Variables... + filterObjectConfig *objectPointer = 0; + filterConfig *filterPointer = 0; + bool incrementFilterPointer = true; + bool negate = false; + + // Fix filter pointer... + if (existingFilterPointer == 0) + filterPointer = addFilter(filterListPointer); + else + filterPointer = existingFilterPointer; + + if (device->config->reportFormat == Config::Debug) + printf("%sRule Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Admin Info... + if ((strcasecmp(command->part(0), ":AdminInfo") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdmin Info Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // ID... + if ((strcasecmp(command->part(0), ":chkpf_uid") == 0) && (strcmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdmin ID Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->internalId.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sAdmin Info End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Action... + else if ((strcasecmp(command->part(0), ":action") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAction Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Drop... + if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(drop") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDrop Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->action = denyAction; + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + } + + // allow... + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(accept") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAccept Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->action = allowAction; + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sAction End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Disabled... + else if ((strcasecmp(command->part(0), ":disabled") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDisabled Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcasecmp(command->part(1), "true") == 0) + filterPointer->enabled = false; + else + filterPointer->enabled = true; + } + + // Header Text... + else if ((strcasecmp(command->part(0), ":header_text") == 0) && (strcmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRemark Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (existingFilterPointer != 0) + { + incrementFilterPointer = false; + filterPointer = insertFilter(filterListPointer, existingFilterPointer); + } + filterPointer->remarkFilter = true; + filterPointer->comment.assign(command->part(1)); + } + + // Filter Comments Text... + else if ((strcasecmp(command->part(0), ":comments") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sComments Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->comment.assign(command->part(1)); + } + + // Track (log)... + else if ((strcasecmp(command->part(0), ":track") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTracking Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Log structure + if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "log") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLog Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->log = true; + } + + // No Log structure + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "none") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLog Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->log = false; + } + + // Reference object + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTrack Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":Name") == 0) && (strcasecmp(command->part(1), "Log") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLog Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->log = true; + } + + else if ((strcasecmp(command->part(0), ":Name") == 0) && (strcasecmp(command->part(1), "None") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLog Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->log = false; + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sTrack End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sTracking End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Destination... + else if ((strcasecmp(command->part(0), ":dst") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + negate = false; + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Negate... + if ((strcasecmp(command->part(0), ":op") == 0) && (strcasecmp(command->part(1), "not in") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNegate Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + negate = true; + } + + // Member Line + else if ((strcasecmp(command->part(0), ":") == 0) && (command->part(1)[0] != '(')) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, destination); + objectPointer->type = groupObject; + if (negate == false) + objectPointer->serviceOper = serviceOperEqual; + else + objectPointer->serviceOper = serviceOperNotEqual; + objectPointer->name.assign(command->part(1)); + } + + // Reference object + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Member Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":Name") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, destination); + objectPointer->type = groupObject; + if (negate == false) + objectPointer->serviceOper = serviceOperEqual; + else + objectPointer->serviceOper = serviceOperNotEqual; + objectPointer->name.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Member End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // compound object + else if ((strcasecmp(command->part(0), ":compound") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Compound Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Compound Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, destination); + objectPointer->type = compoundObject; + objectPointer->serviceOper = serviceOperEqual; + objectPointer->name.assign(command->part(1) + 1); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Compound End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sDestination End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Source... + else if ((strcasecmp(command->part(0), ":src") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSource Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + negate = false; + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Negate... + if ((strcasecmp(command->part(0), ":op") == 0) && (strcasecmp(command->part(1), "not in") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNegate Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + negate = true; + } + + // Member Line + else if ((strcasecmp(command->part(0), ":") == 0) && (command->part(1)[0] != '(')) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSource Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, source); + objectPointer->type = groupObject; + if (negate == false) + objectPointer->serviceOper = serviceOperEqual; + else + objectPointer->serviceOper = serviceOperNotEqual; + objectPointer->name.assign(command->part(1)); + } + + // Reference object + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSource Member Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":Name") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSource Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, source); + objectPointer->type = groupObject; + if (negate == false) + objectPointer->serviceOper = serviceOperEqual; + else + objectPointer->serviceOper = serviceOperNotEqual; + objectPointer->name.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sSource Member End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // compound object + else if ((strcasecmp(command->part(0), ":compound") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSource Compound Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSource Compound Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, source); + objectPointer->type = compoundObject; + objectPointer->serviceOper = serviceOperEqual; + objectPointer->name.assign(command->part(1) + 1); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sSource Compound End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sSource End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Install... + else if ((strcasecmp(command->part(0), ":install") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInstall Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Member Line + if ((strcasecmp(command->part(0), ":") == 0) && (command->part(1)[0] != '(')) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInstall Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, installed); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + objectPointer->name.assign(command->part(1)); + } + + // Reference object + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInstall Member Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":Name") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInstall Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, installed); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + objectPointer->name.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sInstall Member End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sInstall End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // through... + else if ((strcasecmp(command->part(0), ":through") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sThrough Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Member Line + if ((strcasecmp(command->part(0), ":") == 0) && (command->part(1)[0] != '(')) + { + if (device->config->reportFormat == Config::Debug) + printf("%sThrough Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, through); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + objectPointer->name.assign(command->part(1)); + } + + // Reference object + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sThrough Member Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":Name") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sThrough Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, through); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + objectPointer->name.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sThrough Member End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sThrough End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Services... + else if ((strcasecmp(command->part(0), ":services") == 0) && (strcmp(command->part(1), "()") != 0) && (existingFilterPointer == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + negate = false; + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Negate... + if ((strcasecmp(command->part(0), ":op") == 0) && (strcasecmp(command->part(1), "not in") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNegate Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + negate = true; + } + + // Member Line + else if ((strcasecmp(command->part(0), ":") == 0) && (command->part(1)[0] != '(')) + { + if (device->config->reportFormat == Config::Debug) + printf("%sServices Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, destinationService); + objectPointer->type = groupObject; + if (negate == false) + objectPointer->serviceOper = serviceOperEqual; + else + objectPointer->serviceOper = serviceOperNotEqual; + objectPointer->name.assign(command->part(1)); + } + + // Reference object + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sServices Member Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if ((strcasecmp(command->part(0), ":Name") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sServices Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, destinationService); + objectPointer->type = groupObject; + if (negate == false) + objectPointer->serviceOper = serviceOperEqual; + else + objectPointer->serviceOper = serviceOperNotEqual; + objectPointer->name.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sServices Member End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sServices End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sRule End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + + return incrementFilterPointer; +} + diff --git a/libnipper-0.12.6/CheckPoint/filter-services.cpp b/libnipper-0.12.6/CheckPoint/filter-services.cpp new file mode 100644 index 0000000..85e108c --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/filter-services.cpp @@ -0,0 +1,289 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "filter.h" + + +int CheckPointFilter::processDeviceServicesConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + netObjectListConfig *serviceListPointer = 0; + netObjectListConfig *serviceGroupListPointer = 0; + filterObjectConfig *objectPointer = 0; + filterObjectConfig *subObjectPointer = 0; + objectType tempType = enhancedServiceObject; + + if (device->config->reportFormat == Config::Debug) + printf("%sServices Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + serviceListPointer = getObjectList("Services"); + serviceListPointer->type = enhancedServiceObject; + serviceListPointer->title = i18n("Service List"); + serviceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices services. These services can be directly used in the policy rules or grouped into service groups."); + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // New service... + if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addObject(serviceListPointer); + objectPointer->name.assign(command->part(1) + 1); + objectPointer->type = enhancedServiceObject; + objectPointer->serviceOper = serviceOperEqual; + tempType = enhancedServiceObject; + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Protocol... + if ((strcasecmp(command->part(0), ":protocol") == 0) && (strcasecmp(command->part(1), "()") != 0) && (strcasecmp(command->part(1), "-1") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sProtocol Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, protocol); + subObjectPointer->name.assign(device->getProtocol(atoi(command->part(1)))); + subObjectPointer->type = protocolObject; + subObjectPointer->serviceOper = serviceOperEqual; + } + + // Port... + else if ((strcasecmp(command->part(0), ":port") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDestination Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, destinationService); + subObjectPointer->name.assign(command->part(1)); + subObjectPointer->type = portObject; + subObjectPointer->serviceOper = serviceOperEqual; + } + + // Source Port... + else if ((strcasecmp(command->part(0), ":src_port") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSource Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, sourceService); + subObjectPointer->name.assign(command->part(1)); + subObjectPointer->type = portObject; + subObjectPointer->serviceOper = serviceOperEqual; + } + + // ICMP... + else if ((strncasecmp(command->part(0), ":icmp_", 6) == 0) && (objectPointer->protocol == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sProtocol ICMP Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, protocol); + subObjectPointer->name.assign("ICMP"); + subObjectPointer->type = protocolObject; + subObjectPointer->serviceOper = serviceOperEqual; + objectPointer->type = otherObject; + } + + // Type... + else if ((strcasecmp(command->part(0), ":type") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sProtocol Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcasecmp(command->part(1), "group") == 0) + { + tempType = serviceObject; + } + else if (strcasecmp(command->part(1), "other") == 0) + objectPointer->type = otherObject; + else if (objectPointer->protocol == 0) + { + subObjectPointer = addObject(objectPointer, protocol); + subObjectPointer->name.assign(command->part(1)); + } + } + + // Comments... + else if ((strcasecmp(command->part(0), ":comments") == 0) && (strcasecmp(command->part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sComments Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer->comment.assign(command->part(1)); + } + + // Group Members... + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Member Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, members); + subObjectPointer->name.assign(command->part(1)); + subObjectPointer->type = groupObject; + subObjectPointer->serviceOper = serviceOperEqual; + } + + // Group Members... + else if ((strcasecmp(command->part(0), ":") == 0) && (strcasecmp(command->part(1), "(ReferenceObject") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Member Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer = addObject(objectPointer, members); + subObjectPointer->type = groupObject; + subObjectPointer->serviceOper = serviceOperEqual; + + while ((feof(device->inputFile) == 0) && (command->part(0)[0] != ')')) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Name... + if (strcasecmp(command->part(0), ":Name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Member Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + subObjectPointer->name.assign(command->part(1)); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Member End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (tempType == serviceObject) + { + serviceGroupListPointer = getObjectList(objectPointer->name.c_str()); + serviceGroupListPointer->type = serviceObject; + serviceGroupListPointer->comment.assign(objectPointer->comment); + serviceGroupListPointer->title = i18n("Service Groups"); + serviceGroupListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices service groups. Service groups ease administration by enabling services to be grouped and then the group can be used within a policy rule, rather than listing each individual service for a specific rule."); + objectPointer->deleteMe = true; + + // Go through any added members and transfer to objects of this group... + subObjectPointer = objectPointer->members; + while (subObjectPointer != 0) + { + objectPointer = addObject(serviceGroupListPointer); + copySourceToDestinationObjects(subObjectPointer, objectPointer); + subObjectPointer->deleteMe = true; + subObjectPointer = subObjectPointer->next; + } + } + + // Add in any source and destination ports... + if (objectPointer->type == enhancedServiceObject) + { + if (objectPointer->sourcePort == 0) + { + subObjectPointer = addObject(objectPointer, sourceService); + subObjectPointer->name.assign(i18n("Any")); + } + if (objectPointer->destinationPort == 0) + { + subObjectPointer = addObject(objectPointer, destinationService); + subObjectPointer->name.assign(i18n("Any")); + } + } + + if (device->config->reportFormat == Config::Debug) + printf("%sObject Service End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command->part(0), ":", 1) == 0) && (strcmp(command->part(1), "()") != 0) && (command->part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(command, line, lineSize); + + // All others... + else if (command->part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sServices End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command->setConfigLine((char *)""); + + return 0; +} + + diff --git a/libnipper-0.12.6/CheckPoint/filter.cpp b/libnipper-0.12.6/CheckPoint/filter.cpp new file mode 100644 index 0000000..b2e28b8 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/filter.cpp @@ -0,0 +1,481 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "filter.h" + + +CheckPointFilter::CheckPointFilter() +{ + // Object options... + networkObjectName = i18n("Network Objects"); // The name for the object (used in config report) + networkObjectDescription = i18n(""); // The description for the object (config report) + protocolObjectName = i18n("Protocol Objects"); // The name for the object (used in config report) + protocolObjectDescription = i18n(""); // The description for the object (config report) + icmpObjectName = i18n("*ABBREV*ICMP*-ABBREV* Objects"); // The name for the object (used in config report) + icmpObjectDescription = i18n(""); // The description for the object (config report) + serviceObjectName = i18n("Service Objects"); // The name for the object (used in config report) + serviceObjectDescription = i18n(""); // The description for the object (config report) + + // Filter device options... + denyAllAndLogDefault = false; // Does it deny all and log by default? + logOnlyDenySupported = false; // Is only Drop rule logging supported + defaultFilterActionSupported = false; // Default action supported on the device + allowByDefault = false; // Allow by default? + defaultActionIsAllow = false; // Is the default action to allow + logLevelsSupported = false; // Are log Levels supported + noAccessWithoutFilters = true; // Is access not granted if no filters are configured + filterSupportsInstalled = true; // If filtering supports installed (i.e. CheckPoint) + filterSupportsThrough = true; // If a filtering supports through (i.e. CheckPoint) + rejectRulesSupported = false; // If reject rules are supported + bypassRulesSupported = false; // If bypass rules are supported + defaultRulesSupported = false; // If default rules are supported + ruleListsAreAssigned = false; // Rule lists are assigned to specific elements + allowName = i18n("Accept"); // The name given to an allowed filter + denyName = i18n("Drop"); // The name given to a denied filter + rejectName = i18n("Reject"); // The name given to a rejected filter + filterConfigTitle = i18n("Policy Collection Configuration"); // The Title for the configuration report section + filterConfigText = i18n("A policy determines which network traffic are allowed to pass through the networks managed by the *DEVICETYPE* device, or if it is to be dropped. The policy is processed one rule at a time with the first rule that matches the network packet applying."); // The device specific configuration report section text + filterConfigText2 = i18n(""); // The device specific configuration report section text2 + useFilterID = false; // Use the filter ID to identify a filter (otherwise a line no. is used) + filterIDTitle = i18n("Rule"); // The title for the filter ID/line no. table column + filterListName = i18n("policy"); // The name of the filter list, for use in text paragraphs + filterListNameTitle = i18n("Policy"); // The name of the filter list, for use in titles + filterListNamePlaural = i18n("policies"); // The name of the filter list, for use in text paragraphs + filterTitle = i18n("Rule"); // The name of a filter, for use in titles + filterTitlePlaural = i18n("Rules"); // The name of a filter, for use in titles + filterName = i18n("rule"); // The name of a filter, for use use in text paragraph + filterNamePlaural = i18n("rules"); // The name of a filter, for use use in text paragraph + + // Issue titles... + allowAndNotLogIssue = i18n("Not All Accept Rules Log Access"); // The title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogTable = i18n("Accept rules that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogConcl = i18n("not all accept rules log access"); // The conclusions text for the "All Allow Rules Do Not Log" issue + allowAndNotLogReco = i18n("Configure logging for all rules"); // The recommendations text for "All Allow Rules Do Not Log" (and deny) issue + denyAndNotLogIssue = i18n("Not All Drop Rules Log Access"); // The title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogTable = i18n("Drop rules that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogConcl = i18n("not all deny rules log access"); // The conclusions text for the "All Allow Rules Do Not Log" issue + configRuleLogging = i18n("Logging can be enabled for each rule individually using the standard *DEVICETYPE* device management tools."); // The text describing how to configure logging for filter rules + noFilteringIssue = i18n("No Policies Were Configured"); // The title text for the "No filtering" issue + noFilteringRec = i18n("Configure policies to restict access"); // The title text for the "No filtering" recommendation + noFilteringCon = i18n("no policies were configured"); // The title text for the "No filtering" conclusion + legacyIssueFinding = i18n(""); // The finding for the legacy issue + legacyIssueImpact = i18n(""); // The impact for the legacy issue + legacyIssueEase = i18n(""); // The ease for the legacy issue + legacyIssueRec = i18n(""); // The recommendation for the legacy issue + allowAnythingTable = i18n("Rules accept any access"); // The allow anything table title text + allowWeakTable = i18n("Rules provide weak filtering"); // Weak source/service/destination/service table title text + allowAnyAnyAnyTable = i18n("Rules accept any host to access any destination and service"); // The allow any source, destination and service table title text + allowWeakWeakWeakTable = i18n("Rules provide weak filtering of source, destination and service"); // The allow weak source, destination and service table title text + allowAnyServiceAnyTable = i18n("Rules allow any source port to any destination and service"); // The allow any source port, destination and service table title text + allowWeakServiceAnyTable = i18n("Rules provide weak filtering of source port to destination and service"); // The allow weak source, destination and service table title text + allowAnyAnyTable = i18n("Rules accept any source to any destination"); // The allow any source, destination table title text + allowAnyAnyServiceTable = i18n("Rules accept any source to any destination service"); // The allow any source, destination service table title text + allowAnyDestServiceTable = i18n("Rules accept any destination and service"); // The allow any destination and service table title text + allowAnyPortDestTable = i18n("Rules accept any source port to any destination address"); // The allow any source port to any destination table title text + allowAnyPortServiceTable = i18n("Rules accept any source port to any destination service"); // The allow any source port to any dest service table title text + allowWeakWeakTable = i18n("Rules accept weak filtering of source and destination addresses"); // The allow weak source, destination addresses + allowWeakWeakServiceTable = i18n("Rules accept weak source addresses and destination services"); // The allow weak source, destination service table title text + allowDestAndServiceTable = i18n("Rules accept weak destination addresses and services");// The allow weak destination and service table title text + allowWeakPortDestTable = i18n("Rules accept weak source ports and destination"); // The allow weak source port to Destination table title text + allowWeakPortServiceTable = i18n("Rules accept weak source ports and destination services"); // The allow weak source port to service table title text + allowAnySourceTable = i18n("Rules accept from any source address"); // The allow any source address table title text + allowNetSourceTable = i18n("Rules accept from a network source address"); // The allow a network source address table title text + allowAnyPortTable = i18n("Rules accept from any source port"); // The allow any source port table title text + allowRangePortTable = i18n("Rules accept from a source port range"); // The allow range source port table title text + allowAnyDestTable = i18n("Rules accept to any destination"); // The allow any destination table title text + allowNetDestTable = i18n("Rules accept to a network destination"); // The allow a network destination table title text + allowToAnyDestServiceTable = i18n("Rules accept to any destination service"); // The allow any destination service table title text + allowToNetDestServiceTable = i18n("Rules accept to a destination service range"); // The allow a destination service range table title text + bypassContentFilterCon = i18n("Rules were configured that bypass the content filtering"); // Bypass filter conclusion text + bypassContentFilterRec = i18n("Connfigure rules that do not bypass the content filtering"); // Bypass filter recommendation text + defaultFilterCon = i18n("Rules were configured that default to the ports filtering action"); // Default filter conclusion text + defaultFilterRec = i18n("Configure Rules that do not default to the ports filtering action"); // Default filter recommendation text + rejectSecurityIssueTitle = i18n("Reject Rules Were Configured"); // Reject filter title text + securityRejectTextCon = i18n("Rules were configured that reject network traffic"); // Reject filter conclusion text + securityRejectTextRec = i18n("Configure rules to drop rather than reject network traffic"); // Reject filter recommendation text + clearTextServiceCon = i18n("Rules were configured that accept access to clear text protocol services"); // Clear Text Service conclusions text + clearTextServiceRec = i18n("Configure rules to drop access to any clear text protocol services"); // Clear Text Service recommendations text2 + configureFilterListRecIssueText = i18n(""); // The text and commands to configure a filter list + configureFilterRecIssueText = i18n(""); // The text and commands to configure a filter + unnecessaryServiceCon = i18n("Rules were configured that accept access to potentially unnecessary services"); // Unnecessary Service conclusions text + unnecessaryServiceRec = i18n("Configure rules to drop access to any unnecessary services"); // Unnecessary Service recommendations text2 + filtersWithNoCommentsTitle = i18n("Not All Rules Include Comments"); // Filters with no comments title text + noFilterCommentsCon = i18n("not all rules include comment text indicating their purpose"); // The no comments conclusion text + noFilterCommentsRec = i18n("Configure comment text for all rules"); // The no comments recommendation text + configureFilterCommentText = i18n(""); // The text and commands to configure a filters comment text + disabledFiltersTitle = i18n("Disabled Rules Were Configured"); // The disabled filter issues title text + removeFilterText = i18n(""); // The commands and text to delete a filter + disabledFilterCon = i18n("disabled rules were configured"); // The disabled filter conclusion text + disabledFilterRec = i18n("Remove all disabled rules"); // The disabled filter recommendation text + defaultActionIssueTitle = i18n("The Default Network Filtering Action Accepts Access"); // The default filter action issue title + defaultActionIssueCon = i18n("the default Policy action was configured to accept access when a rule does not match"); // The default filter action conclusion text + defaultActionIssueRec = i18n("Set the default policy action to drop network traffic"); // The default filter action recommendation text + configureDefaultActionText = i18n(""); // The text and commands to configure the default action + unusedFiltersIssueTitle = i18n("Unused Rules Were Configured At The Policies End"); // Unused filters at the end of the filter list title + unusedFiltersIssueCon = i18n("unused rules were configured at the end of the Policies"); // Unused filters issue conclusions text + unusedFiltersIssueRec = i18n("Remove all unused rules"); // Unused filters issue recommendation text + denyAllLogIssueTitle = i18n("Policy Does Not End with Drop All And Log"); // Drop All And Log Issue title + denyAllLogConfigure = i18n(""); // The text and commands to add a deny all and log line + denyAllLogIssueCon = i18n("not all policies end with a deny all and log "); // The deny all and log conclusions text + denyAllLogIssueRec = i18n("Configure a deny all and log rule as the last rule in each policy"); // The deny all and log recommendations text + contradictIssueTitle = i18n("Contradicting Rules Were Configured"); // The contradict issue title + contradictIssueTable = i18n("contradictions of rule"); // The contradict table issue title + contradictIssueCon = i18n("Rules were configured that contradict other rules"); // The contradict issue conclusion + contradictIssueRec = i18n("Reconfigure the rules so they do not contradict other rules"); // The contradict issue recommendation + duplicateIssueTitle = i18n("Duplicate Rules Were Configured"); // The duplicate/overlapping issue title + duplicateIssueTable = i18n("duplicates of rule"); // The duplicate/overlapping issue title + duplicateIssueCon = i18n("Rules were configured that duplicate the configuration of other rules"); // The duplicate/overlapping issue title + duplicateIssueRec = i18n("Reconfigure the Rules so that the rules do not duplicate other rules"); // The duplicate/overlapping issue title +} + + +CheckPointFilter::~CheckPointFilter() +{ +} + + +int CheckPointFilter::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int errorCode = 0; + + // If objects... + if ((strcmp(command->part(0), ":netobj") == 0) || (strcmp(command->part(0), ":network_objects") == 0)) + errorCode = processDeviceObjectConfig(device, command, line, lineSize); + + // Services Start... + else if ((strcmp(command->part(0), ":servobj") == 0) || (strcmp(command->part(0), ":services") == 0)) + errorCode = processDeviceServicesConfig(device, command, line, lineSize); + + return errorCode; +} + + +int CheckPointFilter::processWRulesDevice(Device *device, const char *policyList, bool active) +{ + // Variables... + Filter::filterListConfig *filterListPointer = 0; + char line[1024]; + ConfigLine command; + + // Read a line from the config... + device->readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Collection Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList(policyList); + filterListPointer->active = active; + filterListPointer->type = i18n("Policy"); + filterListPointer->typeDescription = i18n("A policy is a collection of rules that determine whether traffic managed by the *DEVICETYPE* device is accepted or dropped. This section details the policy collection rules."); + + filterListPointer->legacyType = false; // Is the filter list a legacy type? + filterListPointer->sourceOnly = false; // The type of filter + filterListPointer->loggingSupport = true; // Does the filter list support logging + filterListPointer->supportsTime = true; // Filter support time (dest only) + filterListPointer->supportsFragments = false; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = false; // Filter support established (dest only) + filterListPointer->sourceServiceSupported = false; // If source services are supported + filterListPointer->disabledFilterSupport = true; // Is it possible to disable filters? + filterListPointer->filterCommentsSupported = true; // Are filter comments supported + filterListPointer->showProtocol = false; // Show the protocol? (some devices use a configured service) + filterListPointer->showFilterZones = false; // Does the filter use filter-based zones (i.e. SonicWALL) + filterListPointer->showStop = false; // Does the filter have a stop status (i.e. Passport devices) + filterListPointer->showFilterType = false; // Does the filter have a type (i.e. like on Passport devices) + + // The process device configuration file loop... + while ((feof(device->inputFile) == 0) && (strcmp(command.part(0), ")") != 0)) + { + + // Read a line from the config... + device->readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Rules Start... + if ((strcmp(command.part(0), ":rule") == 0) && (strcmp(command.part(1), "()") != 0)) + processDeviceRuleConfig(device, &command, (char *)line, sizeof(line), filterListPointer); + + // Unknown CheckPoint Structure... + else if ((strncmp(command.part(0), ":", 1) == 0) && (strcmp(command.part(1), "()") != 0) && (command.part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(&command, (char *)&line, sizeof(line)); + + // All others... + else if (command.part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Collection End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + return 0; +} + + +int CheckPointFilter::processRRulesDevice(Device *device) +{ + // Variables... + Filter::filterListConfig *filterListPointer = 0; + char line[1024]; + ConfigLine command; + + // Read a line from the config... + device->readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (device->config->reportFormat == Config::Debug) + printf("%sRules File Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList(device->deviceMake); + filterListPointer->active = true; + filterListPointer->type = i18n("Policy"); + filterListPointer->typeDescription = i18n("A policy is a collection of rules that determine whether traffic managed by the *DEVICETYPE* device is accepted or dropped. This section details the policy collection rules."); + + filterListPointer->legacyType = false; // Is the filter list a legacy type? + filterListPointer->sourceOnly = false; // The type of filter + filterListPointer->loggingSupport = true; // Does the filter list support logging + filterListPointer->supportsTime = true; // Filter support time (dest only) + filterListPointer->supportsFragments = false; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = false; // Filter support established (dest only) + filterListPointer->sourceServiceSupported = false; // If source services are supported + filterListPointer->disabledFilterSupport = true; // Is it possible to disable filters? + filterListPointer->filterCommentsSupported = true; // Are filter comments supported + filterListPointer->showProtocol = false; // Show the protocol? (some devices use a configured service) + filterListPointer->showFilterZones = false; // Does the filter use filter-based zones (i.e. SonicWALL) + filterListPointer->showStop = false; // Does the filter have a stop status (i.e. Passport devices) + filterListPointer->showFilterType = false; // Does the filter have a type (i.e. like on Passport devices) + + // The process device configuration file loop... + while ((feof(device->inputFile) == 0) && (strcmp(command.part(0), ")") != 0)) + { + + // Read a line from the config... + device->readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Rules Start... + if ((strcmp(command.part(0), ":rules") == 0) && (strcmp(command.part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRules Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // The process device configuration file loop... + while ((feof(device->inputFile) == 0) && (strcmp(command.part(0), ")") != 0)) + { + + // Read a line from the config... + device->readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Rule Start... + if ((strcmp(command.part(0), ":") == 0) && (strcmp(command.part(1), "()") != 0)) + processDeviceRuleConfig(device, &command, (char *)line, sizeof(line), filterListPointer); + + // Unknown CheckPoint Structure... + else if ((strncmp(command.part(0), ":", 1) == 0) && (strcmp(command.part(1), "()") != 0) && (command.part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(&command, (char *)&line, sizeof(line)); + + // All others... + else if (command.part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sRules End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command.setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command.part(0), ":", 1) == 0) && (strcmp(command.part(1), "()") != 0) && (command.part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(&command, (char *)&line, sizeof(line)); + + // All others... + else if (command.part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sRules File End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + return 0; +} + + +int CheckPointFilter::processFRulesDevice(Device *device) +{ + // Variables... + Filter::filterListConfig *filterListPointer = 0; + Filter::filterConfig *filterPointer = 0; + char line[1024]; + string policyName; + bool listAlreadyExists = false; + bool incrementPointer = false; + ConfigLine command; + + // Read a line from the config... + device->readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (device->config->reportFormat == Config::Debug) + printf("%sRulebases File Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // The process device configuration file loop... + while ((feof(device->inputFile) == 0) && (strcmp(command.part(0), ")") != 0)) + { + + // Read a line from the config... + device->readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Rulebase Start... + if ((strcmp(command.part(0), ":rule-base") == 0) && (strcmp(command.part(1), "()") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRulebase Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + policyName.assign(command.part(1) + 4); + policyName.resize(policyName.size() - 1); + filterPointer = 0; + + filterListPointer = getOnlyFilterList(policyName.c_str()); + if (filterListPointer == 0) + { + listAlreadyExists = false; + filterListPointer = getFilterList(policyName.c_str()); + filterListPointer->type = i18n("Policy"); + filterListPointer->typeDescription = i18n("A policy is a collection of rules that determine whether traffic managed by the *DEVICETYPE* device is accepted or dropped. This section details the policy collection rules."); + + filterListPointer->legacyType = false; // Is the filter list a legacy type? + filterListPointer->sourceOnly = false; // The type of filter + filterListPointer->loggingSupport = true; // Does the filter list support logging + filterListPointer->supportsTime = true; // Filter support time (dest only) + filterListPointer->supportsFragments = false; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = false; // Filter support established (dest only) + filterListPointer->sourceServiceSupported = false; // If source services are supported + filterListPointer->disabledFilterSupport = true; // Is it possible to disable filters? + filterListPointer->filterCommentsSupported = true; // Are filter comments supported + filterListPointer->showProtocol = false; // Show the protocol? (some devices use a configured service) + filterListPointer->showFilterZones = false; // Does the filter use filter-based zones (i.e. SonicWALL) + filterListPointer->showStop = false; // Does the filter have a stop status (i.e. Passport devices) + filterListPointer->showFilterType = false; // Does the filter have a type (i.e. like on Passport devices) + } + else + { + listAlreadyExists = true; + filterPointer = filterListPointer->filter; + } + + // The process device configuration file loop... + while ((feof(device->inputFile) == 0) && (strcmp(command.part(0), ")") != 0)) + { + + // Read a line from the config... + device->readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Default Line... + if (strcmp(command.part(0), ":default") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRulebase Default Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (listAlreadyExists == false) + { + if (command.part(1)[0] == '1') + filterListPointer->active = true; + else + filterListPointer->active = false; + } + } + + // Rule Start... + else if ((strcmp(command.part(0), ":rule") == 0) && (strcmp(command.part(1), "()") != 0)) + { + incrementPointer = processDeviceRuleConfig(device, &command, (char *)line, sizeof(line), filterListPointer, filterPointer); + if ((incrementPointer == true) && (filterPointer != 0)) + filterPointer = filterPointer->next; + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command.part(0), ":", 1) == 0) && (strcmp(command.part(1), "()") != 0) && (command.part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(&command, (char *)&line, sizeof(line)); + + // All others... + else if (command.part(0)[0] != ')') + device->lineNotProcessed(line); + + } + + if (device->config->reportFormat == Config::Debug) + printf("%sRulebase End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + command.setConfigLine((char *)""); + } + + // Unknown CheckPoint Structure... + else if ((strncmp(command.part(0), ":", 1) == 0) && (strcmp(command.part(1), "()") != 0) && (command.part(1)[0] == '(')) + ((CheckPointDevice *)device)->processUnknownCheckPointConfig(&command, (char *)&line, sizeof(line)); + + // All others... + else if (command.part(0)[0] != ')') + device->lineNotProcessed(line); + } + + if (device->config->reportFormat == Config::Debug) + printf("%sRulebases File End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + return 0; +} + diff --git a/libnipper-0.12.6/CheckPoint/filter.h b/libnipper-0.12.6/CheckPoint/filter.h new file mode 100644 index 0000000..0e3524f --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/filter.h @@ -0,0 +1,59 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CheckPointFilter_H +#define CheckPointFilter_H + + +#include "../device/filter/filter.h" + + +class CheckPointFilter : public Filter +{ + public: + CheckPointFilter(); + ~CheckPointFilter(); + + int processWRulesDevice(Device *device, const char *policyList, bool active); // *.W files + int processRRulesDevice(Device *device); // rules.C file + int processFRulesDevice(Device *device); // rulebases*.fws files + + + private: + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDeviceObjectConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDeviceServicesConfig(Device *device, ConfigLine *command, char *line, int lineSize); + bool processDeviceRuleConfig(Device *device, ConfigLine *command, char *line, int lineSize, filterListConfig *filterListPointer, filterConfig *existingFilterPointer = 0); +}; + + +#endif + diff --git a/libnipper-0.12.6/CheckPoint/general.cpp b/libnipper-0.12.6/CheckPoint/general.cpp new file mode 100644 index 0000000..aa24061 --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/general.cpp @@ -0,0 +1,143 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#include "../globaldefs.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +CheckPointGeneral::CheckPointGeneral() +{ +} + + +int CheckPointGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + //int tempInt = 0; + //bool setting = false; + + // Init +/* if (strcmp(command->part(0), "unset") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 1; + setting = true; + } + + // Hostname + if (strcmp(command->part(tempInt), "hostname") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHostname Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostname = command->part(tempInt + 1); + }*/ + + return 0; +} + + +int CheckPointGeneral::processDefaults(Device *device) +{ + hostname.assign("noname"); + + // Split Version Numbers... +/* if (!version.empty()) + { + versionMajor = atoi(version.c_str()); + if ((version.find_first_of('.') != string::npos) && (version.length() > version.find_first_of('.') + 1)) + versionMinor = atoi(version.c_str() + version.find_first_of('.') + 1); + }*/ + + return 0; +} + + +int CheckPointGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; +/* + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-GENERAL"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-GENERAL-TABLE"); + + // Password Encryption... + if (servicePasswordEncryption != unconfigured) + { + device->addTableData(paragraphPointer->table, i18n("Service Password Encryption")); + if (servicePasswordEncryption == on) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + }*/ + + return errorCode; +} + + +int CheckPointGeneral::generateSecuritySpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; +/* + // Service Password Encryption... + if (servicePasswordEncryption == off) + { + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Service Password Encryption Disabled")); + securityIssuePointer->reference.assign("IOS.PASSENCR.1"); + securityIssuePointer->overallRating = 8; + securityIssuePointer->impactRating = 9; + securityIssuePointer->easeRating = 2; + securityIssuePointer->fixRating = 1; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("Cisco service passwords by default are stored in their clear text form rather than being encrypted. However, it is possible to have these passwords stored using the reversible Cisco type-7 encryption. *COMPANY* determined that the service password encryption that helps to provide a basic level of encryption for passwords that otherwise would be stored in clear text was disabled on the Cisco device *DEVICENAME*.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("The Cisco type-7 password encryption provides little in the way of protection against an attacker who has access to the configuration file. However, the Cisco type-7 password encryption would provide a level of protect against a malicious user who had managed to briefly view a devices configuration.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("If a malicious user were able to glance a password from a devices configuration they could use it to gain a level of access to *DEVICENAME*. If the passwords were encrypted using the Cisco type-7 routine, a malicious user that had access to the devices configuration would have to decode the password first. Tools are widely available on the Internet that can reverse Cisco type-7 passwords.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that the Cisco password encryption service be enabled. The Cisco password encryption service can be started with the following Cisco *ABBREV*IOS*-ABBREV* command:")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*CODE**COMMAND*service password-encryption*-COMMAND**-CODE*")); + securityIssuePointer->conLine.assign(i18n("service password encryption was disabled")); + securityIssuePointer->recLine.assign(i18n("enable the service password encryption")); + }*/ + return errorCode; +} diff --git a/libnipper-0.12.6/CheckPoint/general.h b/libnipper-0.12.6/CheckPoint/general.h new file mode 100644 index 0000000..5cc4ecc --- /dev/null +++ b/libnipper-0.12.6/CheckPoint/general.h @@ -0,0 +1,53 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CheckPointdevicegeneral_H +#define CheckPointdevicegeneral_H + +#include "../device/general/general.h" + + +class CheckPointGeneral : public General +{ + public: + CheckPointGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Reporting... + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/all-wcprops b/libnipper-0.12.6/Cisco-CSS/.svn/all-wcprops new file mode 100644 index 0000000..74b07c7 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/all-wcprops @@ -0,0 +1,119 @@ +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS +END +interfaces.h +K 25 +svn:wc:ra_dav:version-url +V 61 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/interfaces.h +END +dns.h +K 25 +svn:wc:ra_dav:version-url +V 54 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/dns.h +END +filter.h +K 25 +svn:wc:ra_dav:version-url +V 57 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/filter.h +END +administration.h +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/administration.h +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 59 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/device.cpp +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 57 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/device.h +END +banner.cpp +K 25 +svn:wc:ra_dav:version-url +V 59 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/banner.cpp +END +banner.h +K 25 +svn:wc:ra_dav:version-url +V 57 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/banner.h +END +general.cpp +K 25 +svn:wc:ra_dav:version-url +V 60 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/general.cpp +END +snmp.cpp +K 25 +svn:wc:ra_dav:version-url +V 57 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/snmp.cpp +END +authentication.cpp +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/authentication.cpp +END +snmp.h +K 25 +svn:wc:ra_dav:version-url +V 55 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/snmp.h +END +general.h +K 25 +svn:wc:ra_dav:version-url +V 58 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/general.h +END +interfaces.cpp +K 25 +svn:wc:ra_dav:version-url +V 63 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/interfaces.cpp +END +dns.cpp +K 25 +svn:wc:ra_dav:version-url +V 56 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/dns.cpp +END +authentication.h +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/authentication.h +END +filter.cpp +K 25 +svn:wc:ra_dav:version-url +V 59 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/filter.cpp +END +administration.cpp +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/administration.cpp +END +snmp-report.cpp +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-CSS/snmp-report.cpp +END diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/entries b/libnipper-0.12.6/Cisco-CSS/.svn/entries new file mode 100644 index 0000000..93c3445 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/entries @@ -0,0 +1,674 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/Cisco-CSS +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device.cpp +file + + + + +2016-02-13T06:47:10.560161Z +13a6e0bba4c3470855ddd6ba34fc7d3f +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +8113 + +device.h +file + + + + +2016-02-13T06:47:10.560161Z +a74141d7bd45694e20b0b215f336028b +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2566 + +banner.cpp +file + + + + +2016-02-13T06:47:10.560161Z +d7416f5a7c4b75dd2d6e70c0dae81453 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3698 + +banner.h +file + + + + +2016-02-13T06:47:10.560161Z +97b92eca3a58ba85b242cc481dda15b6 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2596 + +general.cpp +file + + + + +2016-02-13T06:47:10.560161Z +d2e6e6f275be7a3914f709c655041332 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +8493 + +snmp.cpp +file + + + + +2016-02-13T06:47:10.560161Z +fc44a2df5b2b6b3e5563f3607517438d +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +11430 + +authentication.cpp +file + + + + +2016-02-13T06:47:10.560161Z +051d5e8de85c1301ec122ef41393cdd1 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +13846 + +snmp.h +file + + + + +2016-02-13T06:47:10.560161Z +d65326615260bc356f6adaf14c5fe785 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2859 + +general.h +file + + + + +2016-02-13T06:47:10.560161Z +fdd32d62774070d3ae9ca48e12695955 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2873 + +interfaces.cpp +file + + + + +2016-02-13T06:47:10.560161Z +23aa2383aec6be0be2137332e7b931e9 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +9993 + +dns.cpp +file + + + + +2016-02-13T06:47:10.560161Z +1ec60409cc0884850d5248be6f4cddb0 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6848 + +authentication.h +file + + + + +2016-02-13T06:47:10.560161Z +1b1d830bbfab79ead068bca71c5a7a79 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2881 + +filter.cpp +file + + + + +2016-02-13T06:47:10.560161Z +d6b483a636b3ae8352da5eca176cf534 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +35826 + +administration.cpp +file + + + + +2016-02-13T06:47:10.560161Z +81b15bf093f8cfd4ca7b96f054cf0897 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +23746 + +snmp-report.cpp +file + + + + +2016-02-13T06:47:10.560161Z +f6d08c27fbb0552eb7ead7e81e5da019 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +10779 + +interfaces.h +file + + + + +2016-02-13T06:47:10.560161Z +1862ada1ef4d6e2e8ae39e16162db82f +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2597 + +dns.h +file + + + + +2016-02-13T06:47:10.560161Z +8a904456b774005c425d9b52a0d46e3d +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2564 + +filter.h +file + + + + +2016-02-13T06:47:10.560161Z +4b06ce86448e7e327461a074561eeef7 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2660 + +administration.h +file + + + + +2016-02-13T06:47:10.560161Z +38cd364d9ecaf5451dd6fc374f6ce24a +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3203 + diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/administration.cpp.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/administration.cpp.svn-base new file mode 100644 index 0000000..3471280 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/administration.cpp.svn-base @@ -0,0 +1,515 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "administration.h" + + +CiscoCSSAdministration::CiscoCSSAdministration() +{ + // General... + generalSettings = true; // Show the general settings section? + consoleEnabled = false; // Is the Console port enabled? + consoleSupported = true; // Is a console port supported? + //consoleTimeoutSupported = false; // Is a console timeout supported? + //consoleTimeout = 0; // Console timeout + //configConsoleTimeout = i18n(""); // The text and commands to configure the timeout + connectionTimeoutSupported = true; // Is a connection timeout supported? + connectionTimeout = 0; // Connection Timeout + configTimeout = i18n("The Console, *ABBREV*FTP*-ABBREV*, *ABBREV*SSH*-ABBREV* and Telnet connection timeout can be configured on *DEVICETYPE* with the following command:*CODE**COMMAND*idle timeout *CMDUSER*timeout-minutes*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure the timeout + + // Host restrictions... + //serviceWideHosts = false; // Do all the admin services share a common host restrictions? + //serviceConfigHosts = i18n(""); // Text, how to configure administrative host restrictions. + + // Telnet options... + telnetSupported = true; // Is telnet supported? + telnetEnabled = true; // Is Telnet enabled? + telnetPort = 23; // The telnet service port + //telnetSpecificHost = false; // Does Telnet have its own access list? + //telnetHostsRequired = false; // Is the host configuration required? + //configTelnetHostAccess = i18n(""); // How access lists are configured for the telnet service + disableTelnet = i18n("The Telnet service can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*restrict telnet*-COMMAND**-CODE*"); // How to disable telnet text... + //telnetSpecificTimeout = false; // A Telnet Specific Timeout? + //telnetTimeout = 0; // The Telnet Timeout (secs) + //configTelnetTimeout = i18n(""); // The text and commands to configure the timeout + + // TFTP options... + tftpSupported = false; // Is TFTP supported? + //tftpEnabled = false; // Is TFTP enabled? + //tftpPort = 69; // The TFTP service port + //tftpSpecificHost = false; // Does TFTP have its own access list? + //tftpHostsRequired = false; // Is the host configuration required? + //configTFTPHostAccess = i18n(""); // How access lists are configured for the TFTP service + //disableTFTP = i18n(""); // How to disable TFTP text... + + // FTP options... + ftpSupported = true; // Is FTP supported? + ftpEnabled = true; // Is FTP enabled? + ftpPort = 21; // The FTP service port + ftpSpecificHost = false; // Does FTP have its own access list? + //ftpHostsRequired = false; // Is the host configuration required? + //configFTPHostAccess = i18n(""); // How access lists are configured for the FTP service + disableFTP = i18n("The *ABBREV*FTP*-ABBREV* service can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*restrict ftp*-COMMAND**-CODE*"); // How to disable FTP text... + //ftpSpecificTimeout = false; // A FTP Specific Timeout? + //ftpTimeout = 0; // The FTP Timeout (secs) + //configFTPTimeout = i18n(""); // The text and commands to configure the timeout + + // SFTP options... + sftpSupported = false; // Is SFTP supported? + //sftpEnabled = false; // Is SFTP enabled? + //sftpPort = 21; // The SFTP service port + //sftpUpgrade = false; // Is an upgrade required to support SFTP? + //sftpSpecificHost = false; // Does SFTP have its own access list? + //sftpHostsRequired = false; // Is the host configuration required? + //configSFTPHostAccess = i18n(""); // How access lists are configured for the SFTP service + //configSFTP = i18n(""); // How to configure SFTP + //sftpSpecificTimeout = false; // A SFTP Specific Timeout? + //sftpTimeout = 0; // The SFTP Timeout (secs) + //configSFTPTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH options... + sshSupported = true; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = true; // Is the SSH service enabled? + sshVersion = 0; // What is the SSH Protocol version (0 = 1 and 2) + sshPort = 22; // The SSH port number + configSSHSupport = i18n("The *ABBREV*SSH*-ABBREV* service can be enabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*no restrict ssh*-COMMAND**-CODE*"); // How to configure SSH... + sshSpecificHost = false; // Does SSH have its own access list? + //sshHostsRequired = false; // Is the host configuration required? + //configSSHHostAccess = i18n(""); // How to configure SSH... + //scpSupported = false; // Is SCP supported? + //sshSpecificTimeout = false; // A SSH Specific Timeout? + //sshTimeout = 0; // The SSH Timeout (secs) + //configSSHTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH 2 support... + ssh2Supported = false; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + configSSHv2Support = i18n("The *ABBREV*SSH*-ABBREV* service on *DEVICETYPE* devices can be configured to support only protocol version 2 with the following command:*CODE**COMMAND*sshd version v2*-COMMAND**-CODE*"); // How to configure protocol version 2 support only + + sshConfigProtocolSupport = i18n("*DEVICETYPE* devices support *ABBREV*SSH*-ABBREV* protocol version 1 and from *DEVICEOS* version 7.50 *DEVICETYPE* devices support protocol version 2."); // Config report text on protocol support (e.g. supports both version 1 and 2 of the protocol) + + // HTTP(S) options... + httpSupported = true; // Does this device support HTTP + httpsSupported = false; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpPort = 80; // HTTP port + httpsEnabled = false; // Is the HTTPS service enabled? + httpsPort = 443; // HTTPS port + //httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? + //httpSpecificTimeout = false; // A HTTP Specific Timeout? + //httpTimeout = 0; // The HTTP Timeout (secs) + //configHTTPTimeout = i18n(""); // The text and commands to configure the timeout + httpLabel = i18n("*ABBREV*XML*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*Secure XML*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + //httpSpecificHost = false; // Does HTTP have its own access list? + //httpHostsRequired = false; // Is the host configuration required? + //configHTTPHostAccess = i18n(""); // How to configure HTTP Management hosts... + //httpsRedirectSupported = false; // Is HTTP redirected to HTTPS? + disableHTTP = i18n("The unsecure *ABBREV*XML*-ABBREV* service can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*restrict xml*-COMMAND**-CODE*"); // How to disable HTTP text... + configHTTPSSupport = i18n("The secure *ABBREV*XML*-ABBREV* service can be enabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*no restrict secure-xml*-COMMAND**-CODE*"); // How to configure HTTPS... + + // Device Specific... + userRestrictions = false; // The user database setting... + ciscoViewDeviceManager = false; // As it says... + sshdKeepAlives = true; // SSHD Keep Alive Messages... + sshServerKeyBits = 768; // The SSH Server Key bits... +} + + +int CiscoCSSAdministration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int tempInt = 0; + bool setting = false; + + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // SSHD... + if (strcmp(command->part(tempInt), "sshd") == 0) + { + tempInt++; + + if (strcmp(command->part(tempInt), "keepalive") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSHD Keep Alive Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + sshdKeepAlives = false; + } + + else if (strcmp(command->part(tempInt), "port") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSHD Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + sshPort = atoi(command->part(tempInt)); + else + sshPort = 22; + } + + else if (strcmp(command->part(tempInt), "server-keybits") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSHD Server Keybits Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + sshServerKeyBits = atoi(command->part(tempInt)); + else + sshServerKeyBits = 768; + } + + else if (strcmp(command->part(tempInt), "version") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSHD Version Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + { + if (strcmp(command->part(tempInt), "v1") == 0) + sshVersion = 1; + else + sshVersion = 2; + } + else + sshVersion = 0; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // Restrict lines... + else if (strcmp(command->part(tempInt), "restrict") == 0) + { + tempInt++; + + if (strcmp(command->part(tempInt), "telnet") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict Telnet Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + telnetEnabled = false; + else + telnetEnabled = true; + } + + else if (strcmp(command->part(tempInt), "ftp") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict FTP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + ftpEnabled = false; + else + ftpEnabled = true; + } + + else if (strcmp(command->part(tempInt), "console") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict Console Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + consoleEnabled = false; + else + consoleEnabled = true; + } + + else if (strcmp(command->part(tempInt), "ssh") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict SSH Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + sshEnabled = false; + else + sshEnabled = true; + } + + else if (strcmp(command->part(tempInt), "xml") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict XML Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + httpEnabled = false; + else + httpEnabled = true; + } + + else if (strcmp(command->part(tempInt), "secure-xml") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict Secure XML Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + httpsEnabled = false; + else + httpsEnabled = true; + } + + else if (strcmp(command->part(tempInt), "user-database") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict User Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + userRestrictions = false; + else + userRestrictions = true; + } + + else if (strcmp(command->part(tempInt), "web-mgmt") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict CiscoView Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + ciscoViewDeviceManager = false; + else + ciscoViewDeviceManager = true; + } + + // All others... + else + device->lineNotProcessed(line); + } + + else if ((strcmp(command->part(tempInt), "web-mgmt") == 0) && (strcmp(command->part(tempInt + 1), "state") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict CiscoView Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + if (strcmp(command->part(tempInt), "disable") == 0) + ciscoViewDeviceManager = false; + else + ciscoViewDeviceManager = true; + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoCSSAdministration::processDefaults(Device *device) +{ + // SSH2 supported... + if ((ssh2Supported == false) && (device->general->versionMajor != 0)) + { + if ((device->general->versionMajor > 7) || ((device->general->versionMajor == 7) && (device->general->versionMinor > 49))) + ssh2Supported = true; + else + { + ssh2upgrade = true; + sshVersion = 1; + } + + // Default SSH Protocol... + if (((device->general->versionMajor < 7) || ((device->general->versionMajor == 7) && (device->general->versionMinor < 50))) && (sshVersion == 0)) + sshVersion = 1; + } + else + { + ssh2upgrade = true; + sshVersion = 1; + } + + // HTTPS supported... + if ((httpsSupported == false) && (device->general->versionMajor != 0)) + { + if ((device->general->versionMajor > 7) || ((device->general->versionMajor == 7) && (device->general->versionMinor > 29))) + httpsSupported = true; + else + httpsUpgrade = true; + } + else + httpsUpgrade = true; + + return 0; +} + + +int CiscoCSSAdministration::generateDeviceGeneralConfig(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + + // Add service to the services list... + configReportPointer = device->getConfigSection("CONFIG-SERVICES"); + paragraphPointer = device->getTableParagraphPointer("CONFIG-SERVICES-TABLE"); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*CVDM*-ABBREV* Service")); + if (ciscoViewDeviceManager == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + // Add general stuff... + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINGENERAL-TABLE"); + device->addTableData(paragraphPointer->table, i18n("User Administrative Restrictions")); + if (userRestrictions == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*CVDM*-ABBREV* Service")); + if (ciscoViewDeviceManager == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + return 0; +} + + +int CiscoCSSAdministration::generateDeviceSSHConfig(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + + // SSH table settings... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINSSH-TABLE"); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*SSH*-ABBREV* Server Key Length")); + tempString.assign(device->intToString(sshServerKeyBits)); + if (sshServerKeyBits == 1) + tempString.append(i18n(" bit")); + else + tempString.append(i18n(" bits")); + device->addTableData(paragraphPointer->table, tempString.c_str()); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*SSH*-ABBREV* Keep Alive Messages")); + if (sshdKeepAlives == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + return 0; +} + + +int CiscoCSSAdministration::generateSecuritySpecificReport(Device *device) +{ + // Variables... + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + + if ((userRestrictions == false) && ((telnetEnabled == true) || (sshEnabled == true))) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] User Administrative Restrictions Disabled\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("User Administrative Restrictions Disabled")); + securityIssuePointer->reference.assign("CSS.ADMIREST.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*DEVICETYPE* devices support the configuration of different levels of user. This helps to prevent unauthorised users from modifying the devices configuration. *DEVICETYPE* devices have a *COMMAND*user-database*-COMMAND* setting that can restrict users from making some significant changes to the configuration of *DEVICENAME*. By default, users are allowed to make the changes.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that the users had not been restricted with the *COMMAND*user-database*-COMMAND* setting on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 8; // HIGH + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("A malicious user would not be prevented from creating or modifying usernames on *DEVICENAME*. Furthermore, without any restrictions the user would be able to clear the running-config.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + securityIssuePointer->easeRating = 3; // MODERATE + paragraphPointer->paragraph.assign(i18n("In order for an attacker to exploit this issue the attacker would require access to *DEVICENAME* as a user. The attacker would therefore require authentication credentials and access to an administrative service.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 1; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that *DEVICENAME* should be reconfigured to prevent the devices users from clearing the running-config or creating/modifying usernames. The access restrictions can be modified to prevent all but Administrator and Technician users from performing those tasks. This can be done with the following command:*CODE**COMMAND*restrict user-database*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("user administrative restrictions were disabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Restrict users from performing administrative tasks.")); + } + + + if ((sshdKeepAlives == false) && (sshEnabled == true)) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] SSH Keep Alive Messages Disabled\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("*ABBREV*SSH*-ABBREV* Keep Alive Messages Disabled")); + securityIssuePointer->reference.assign("CSS.ADMISSHK.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("The *ABBREV*SSH*-ABBREV* service on *DEVICETYPE* devices supports the sending of \"keep alive\" messages. These messages are sent to determine if a connection to the service has become orphaned, the resources can then be freed for any broken connections.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*DEVICETYPE* devices send \"keep alive\" by default for connections to the *ABBREV*SSH*-ABBREV* service. However, *COMPANY* determined that the sending of \"keep alive\" messages had been disabled on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 5; // MEDIUM + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker could perform a *ABBREV*DoS*-ABBREV* attack on the *ABBREV*SSH*-ABBREV* service by repeatedly opening connections until no more connections are possible.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + securityIssuePointer->easeRating = 6; // EASY + paragraphPointer->paragraph.assign(i18n("Tools are available on the Internet that are capable of opening large numbers of connections to cause a *ABBREV*DoS*-ABBREV* attack.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 1; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that *ABBREV*SSH*-ABBREV* service \"keep alive\" messages are enabled on *DEVICENAME*. This can be configured with the following command:*CODE**COMMAND*sshd keepalive*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("*ABBREV*SSH*-ABBREV* service \"keep alive\" messages were disabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Enable the sending of *ABBREV*SSH*-ABBREV* service \"keep alive\" messages.")); + } + + return 0; +} diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/administration.h.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/administration.h.svn-base new file mode 100644 index 0000000..955e50a --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/administration.h.svn-base @@ -0,0 +1,60 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoCSSAdministration_H +#define device_CiscoCSSAdministration_H + + +#include "../device/administration/administration.h" + + +class CiscoCSSAdministration : public Administration +{ + public: + + CiscoCSSAdministration(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int generateDeviceGeneralConfig(Device *device); // A device specific config report output + virtual int generateSecuritySpecificReport(Device *device); + virtual int generateDeviceSSHConfig(Device *device); + + // Custom settings... + bool userRestrictions; // The user database setting... + bool ciscoViewDeviceManager; // As it says... + bool sshdKeepAlives; // SSHD Keep Alive Messages... + int sshServerKeyBits; // The SSH Server Key bits... +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/authentication.cpp.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/authentication.cpp.svn-base new file mode 100644 index 0000000..c13e1de --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/authentication.cpp.svn-base @@ -0,0 +1,387 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "authentication.h" +#include "../device/common/configline.h" + + +CiscoCSSAuthentication::CiscoCSSAuthentication() +{ + // General... + authenticationConfigIntro = i18n("This section describes the various *DEVICETYPE* device authentication settings."); // Introduction text to the whole section + loginAttemptsSupported = false; // Login attempts supported + loginAttempts = 0; // Login attempts allowed (0 = infinite) + accessWithoutAuthentication = false; // Set to true if access is allowed without authentication + configAccessAuthentication = ""; // The text and commands to configure access authentication with a password + + // Authentication Methods... + authMethodSupported = true; // Authentication Method Supported + appliesToSupported = true; // Applies To Supported + namedAuthSupport = false; // Are auth servers named? + showAuthLevel = false; // Show auth level + + // Local User Options... + encryptionSupported = false; // Show encryption + readOnlySupported = false; // Is read only supported? + outboundACLSupported = false; // Are outbound filtering ACL supported? + privilegeLevelSupported = false; // Are privilege levels supported? + privilegeLevelText = i18n("Privilege Level"); // The table title privilege level text + configDeviceSpecificLocalUsers = ""; // Text for the config report local user section. + filterText = i18n("*ABBREV*ACL*-ABBREV*"); // The table filter column title text + + // TACACS Options... + showTacacsGroupName = false; // Show the TACACS group + showTacacsRetries = false; // Show the TACACS retries + configTacacsKey = i18n("*ABBREV*TACACS+*-ABBREV* encryption keys can be configured on *DEVICETYPE* devices with the following command:*CODE**COMMAND*tacacs-server key *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a TACACS+ key + + // RADIUS Options... + showRadiusGroupName = false; // Show the RADIUS group + configRadiusKey = i18n("*ABBREV*RADIUS*-ABBREV* encryption keys can be configured on *DEVICETYPE* devices with the following command:*CODE**COMMAND*radius-server *CMDOPTION*primary *CMDOR* secondary*-CMDOPTION* *CMDUSER*address*-CMDUSER* secret *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a RADIUS key + + // KERBEROS Options... + showKerberosGroupName = false; // Show the KERBEROS group + showKerberosTimeout = false; // Show Kerberos timeout + showKerberosRetries = false; // Show Kerberos retries + + // LDAP Options... + showLDAPGroupName = false; // Show the LDAP group + showLDAPPassword = false; // Show LDAP password + configLDAPPassword = i18n(""); // The text and commands to configure an LDAP server password + + // SecurID Options... + showSecurIDGroupName = false; // Show the SecurID group + showSecurIDDuress = false; // Show the SecurID Duress + showSecurIDEncryption = false; // Show the SecurID Encryption + + // NT Options... + showNTGroupName = false; // Show the NT group + + + tacacsTimeout = 5; + radiusRetransmit = 3; + radiusTimeout = 10; +} + + +int CiscoCSSAuthentication::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + authConfig *authPointer = 0; + authConfig *previousPointer = 0; + tacacsServerConfig *tacacsPointer = 0; + radiusServerConfig *radiusPointer = 0; + int tempInt = 0; + int errorCode = 0; + bool found = false; + + // Virtual... + if ((strcmp(command->part(0), "virtual") == 0) && (strcmp(command->part(1), "authentication") == 0) && (strcmp(command->part(3), "disallowed") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sVirtual Authentication Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if ((strcmp(command->part(1), "primary") == 0) && (authMethods != 0)) + { + previousPointer = 0; + authPointer = authMethods; + while ((authPointer != 0) && (found == false)) + { + if (authPointer->appliesTo.compare(i18n("Virtual")) == 0) + { + found = true; + if (previousPointer == 0) + { + previousPointer = new (authConfig); + previousPointer->next = authMethods; + authPointer = previousPointer; + } + else + { + previousPointer->next = new (authConfig); + previousPointer->next->next = authPointer; + authPointer = previousPointer->next; + } + } + else + { + previousPointer = authPointer; + authPointer = authPointer->next; + } + } + } + else + { + authPointer = addMethod(); + } + authPointer->appliesTo.assign(i18n("Virtual")); + if (strcmp(command->part(2), "local") == 0) + authPointer->method = localAuth; + else if (strcmp(command->part(2), "tacacs") == 0) + authPointer->method = tacacsAuth; + else if (strcmp(command->part(2), "radius") == 0) + authPointer->method = radiusAuth; + } + + // Console... + if ((strcmp(command->part(0), "console") == 0) && (strcmp(command->part(1), "authentication") == 0) && (strcmp(command->part(3), "disallowed") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole Authentication Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if ((strcmp(command->part(1), "primary") == 0) && (authMethods != 0)) + { + previousPointer = 0; + authPointer = authMethods; + while ((authPointer != 0) && (found == false)) + { + if (authPointer->appliesTo.compare(i18n("Console")) == 0) + { + found = true; + if (previousPointer == 0) + { + previousPointer = new (authConfig); + previousPointer->next = authMethods; + authPointer = previousPointer; + } + else + { + previousPointer->next = new (authConfig); + previousPointer->next->next = authPointer; + authPointer = previousPointer->next; + } + } + else + { + previousPointer = authPointer; + authPointer = authPointer->next; + } + } + } + else + { + authPointer = addMethod(); + } + authPointer->appliesTo.assign(i18n("Console")); + if (strcmp(command->part(2), "local") == 0) + authPointer->method = localAuth; + else if (strcmp(command->part(2), "tacacs") == 0) + authPointer->method = tacacsAuth; + else if (strcmp(command->part(2), "radius") == 0) + authPointer->method = radiusAuth; + } + + // tacacs-server... + else if (strcmp(command->part(0), "tacacs-server") == 0) + { + + if (strcmp(command->part(1), "key") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Key Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsKey.assign(command->part(2)); + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + if (tacacsPointer->key.empty()) + tacacsPointer->key.assign(tacacsKey); + tacacsPointer = tacacsPointer->next; + } + } + + else if (strcmp(command->part(1), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsTimeout = atoi(command->part(2)); + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + tacacsPointer->timeout = tacacsTimeout; + tacacsPointer = tacacsPointer->next; + } + } + + else if ((strcmp(command->part(1), "account") != 0) && (strcmp(command->part(1), "authorize") != 0) && (strcmp(command->part(1), "frequency") != 0) && (strcmp(command->part(1), "send-full-command") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = addTacacsServer(); + tacacsPointer->encryption = desEncryption; + tacacsPointer->address.assign(command->part(1)); + tacacsPointer->port = atoi(command->part(2)); + tacacsPointer->description.assign(i18n("Backup")); + tempInt = atoi(command->part(3)); + if ((tempInt != 0) || (strcmp(command->part(3), "0") == 0)) + { + tacacsPointer->timeout = tempInt; + tempInt = 4; + } + else + { + tacacsPointer->timeout = tacacsTimeout; + tempInt = 3; + } + tacacsPointer->key.assign(tacacsKey); + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "primary") == 0) + tacacsPointer->description.assign(i18n("Primary")); + else if (strcmp(command->part(tempInt), "frequency") == 0) + tempInt++; + else + tacacsPointer->key.assign(command->part(tempInt)); + tempInt++; + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + + // radius-server... + if (strcmp(command->part(0), "radius-server") == 0) + { + + if (strcmp(command->part(1), "retransmit") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Retransmit Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusRetransmit = atoi(command->part(2)); + radiusPointer = radiusServer; + while (radiusPointer != 0) + { + radiusPointer->retries = radiusRetransmit; + radiusPointer = radiusPointer->next; + } + } + + else if (strcmp(command->part(1), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusTimeout = atoi(command->part(2)); + radiusPointer = radiusServer; + while (radiusPointer != 0) + { + radiusPointer->timeout = radiusTimeout; + radiusPointer = radiusPointer->next; + } + } + + else if (strcmp(command->part(1), "primary") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Primary Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = addRadiusServer(); + radiusPointer->timeout = radiusTimeout; + radiusPointer->retries = radiusRetransmit; + radiusPointer->description.assign(i18n("Primary")); + radiusPointer->address.assign(command->part(2)); + radiusPointer->key.assign(command->part(4)); + if (command->parts == 7) + radiusPointer->port = atoi(command->part(6)); + } + + else if (strcmp(command->part(1), "secondary") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Secondary Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = addRadiusServer(); + radiusPointer->timeout = radiusTimeout; + radiusPointer->retries = radiusRetransmit; + radiusPointer->description.assign(i18n("Secondary")); + radiusPointer->address.assign(command->part(2)); + radiusPointer->key.assign(command->part(4)); + if (command->parts == 7) + radiusPointer->port = atoi(command->part(6)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return errorCode; +} + + +int CiscoCSSAuthentication::processDefaults(Device *device) +{ + // Variables... + authConfig *authPointer = 0; + bool foundConsole = false; + bool foundVirtual = false; + + authPointer = authMethods; + while (authPointer != 0) + { + if (authPointer->appliesTo.compare(i18n("Virtual")) == 0) + foundVirtual = true; + else if (authPointer->appliesTo.compare(i18n("Console")) == 0) + foundConsole = true; + authPointer = authPointer->next; + } + + if (foundConsole == false) + { + authPointer = addMethod(); + authPointer->appliesTo.assign(i18n("Console")); + authPointer->method = localAuth; + } + + if (foundVirtual == false) + { + authPointer = addMethod(); + authPointer->appliesTo.assign(i18n("Virtual")); + authPointer->method = localAuth; + } + + return 0; +} diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/authentication.h.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/authentication.h.svn-base new file mode 100644 index 0000000..549d4ca --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/authentication.h.svn-base @@ -0,0 +1,60 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoCSSauthentication_H +#define CiscoCSSauthentication_H + + +#include "../device/authentication/authentication.h" + + +class CiscoCSSAuthentication : public Authentication +{ + public: + + CiscoCSSAuthentication(); + + + // ----------------------------------------------------------------------- + // Standard Device Class Methods... + // ----------------------------------------------------------------------- + + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + + private: + int tacacsTimeout; + string tacacsKey; + int radiusRetransmit; + int radiusTimeout; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/banner.cpp.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/banner.cpp.svn-base new file mode 100644 index 0000000..1e37f93 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/banner.cpp.svn-base @@ -0,0 +1,69 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "banner.h" + +CiscoCSSBanner::CiscoCSSBanner() +{ + // Banner settings... + preLogonBanner = true; // Support Banner(s) Before Logon? + configPreLogonBanner = i18n("On *DEVICETYPE* devices, a banner message must be created with a text editor and then the file transfered to the script directory on the device. Once the banner message file is on the device, it can be configured with the following command:*CODE**COMMAND*prelogin-banner \"*CMDUSER*filename*-CMDUSER*\"*-COMMAND**-CODE*"); // The text that explains how to config a prelogon banner, with commands... +} + + +int CiscoCSSBanner::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + bannerStruct *bannerPointer = 0; + + if (device->config->reportFormat == Config::Debug) + printf("%sBanner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(0), "no") != true) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->bannerFile = true; + bannerPointer->connectionType = anyConnection; + bannerPointer->name.assign("PreLogin"); + bannerPointer->description.assign(i18n("The Pre-Login banner message is presented to a user before they logon to the *DEVICETYPE* device.")); + bannerPointer->filename.assign(command->part(1)); + } + + return 0; +} + + diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/banner.h.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/banner.h.svn-base new file mode 100644 index 0000000..cc1b7be --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/banner.h.svn-base @@ -0,0 +1,48 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoCSSBanner_H +#define device_CiscoCSSBanner_H + + +#include "../device/banner/banner.h" + + +class CiscoCSSBanner : public Banner +{ + public: + CiscoCSSBanner(); + + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..ca88e25 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,235 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" +#include "administration.h" +#include "banner.h" +#include "snmp.h" +#include "dns.h" +#include "filter.h" +#include "authentication.h" +#include "interfaces.h" + + +CiscoCSSDevice::CiscoCSSDevice() +{ + deviceMake = "Cisco"; + deviceType = "*ABBREV*CSS*-ABBREV*"; + deviceOS = "*ABBREV*CSS*-ABBREV* *ABBREV*OS*-ABBREV*"; + + general = new (CiscoCSSGeneral); + administration = new (CiscoCSSAdministration); + banner = new (CiscoCSSBanner); + snmp = new (CiscoCSSSNMP); + dns = new (CiscoCSSDNS); + filter = new (CiscoCSSFilter); + authentication = new (CiscoCSSAuthentication); + interfaces = new (CiscoCSSInterfaces); +} + + +CiscoCSSDevice::~CiscoCSSDevice() +{ + delete general; + delete administration; + delete banner; + delete snmp; + delete dns; + delete filter; + delete authentication; + delete interfaces; +} + + +int CiscoCSSDevice::processDevice() +{ + // Variables... + char line[1024]; + int tempInt = 0; + bool setting = true; + bool deviceOk = false; + ConfigLine command; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (strcmp(command.part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Version (in general)... + if ((strcmp(command.part(0), "!Active") == 0) && (strcmp(command.part(1), "version:") == 0)) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Potential hostname... + else if ((command.part(0)[strlen(command.part(0)) - 1] == '#') && (strncmp(command.part(1), "sh", 2) == 0) && (strncmp(command.part(2), "run", 3) == 0)) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SNMP... + else if (strcmp(command.part(tempInt), "snmp") == 0) + { + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + tempInt++; + if (strcmp(command.part(tempInt), "name") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + } + else if ((strcmp(command.part(tempInt), "restrict") == 0) && (strcmp(command.part(tempInt + 1), "snmp") == 0)) + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Restrict other things... + else if (strcmp(command.part(tempInt), "restrict") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Interfaces... + else if (strcmp(command.part(tempInt), "interface") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Circuites... + else if (strcmp(command.part(tempInt), "circuit") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SSHD... + else if (strcmp(command.part(tempInt), "sshd") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Web-mgmt... + else if (strcmp(command.part(tempInt), "web-mgmt") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // ACL... + else if (strcmp(command.part(tempInt), "acl") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // NQL... + else if (strcmp(command.part(tempInt), "nql") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Banner... + else if (strcmp(command.part(tempInt), "prelogin-banner") == 0) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // DNS... + else if (strcmp(command.part(tempInt), "dns") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // DNS Records... + else if (strcmp(command.part(tempInt), "dns-record") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // DNS Server... + else if (strcmp(command.part(tempInt), "dns-server") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // TACACS+... + else if (strcmp(command.part(tempInt), "tacacs-server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // RADIUS... + else if (strcmp(command.part(tempInt), "radius-server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Virtual... + else if (strcmp(command.part(tempInt), "virtual") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Console... + else if (strcmp(command.part(tempInt), "console") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Core Dumps... + else if (strcmp(command.part(tempInt), "dump") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + else if (strncmp(line, "!*************************** GLOBAL ***************************", 63) == 0) + deviceOk = true; + + // All others... + else + lineNotProcessed(line); + } + + if ((deviceOk == false) && (config->deviceTypeChecks == true)) + return libnipper_error_wrongdevice; + + return 0; +} + + +bool CiscoCSSDevice::isDeviceType() +{ + // Variables... + char line[1024]; + bool found = false; + int count = 0; + int returnCode = 0; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (found == false) && (count < 15)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + if (strncmp(line, "!*************************** GLOBAL ***************************", 63) == 0) + found = true; + + count++; + } + fclose(inputFile); + + return found; +} + diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..03dbe3e --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/device.h.svn-base @@ -0,0 +1,51 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoCSS_H +#define device_CiscoCSS_H + + +#include "../device/device.h" + +class CiscoCSSGeneral; + +class CiscoCSSDevice : public Device +{ + public: + CiscoCSSDevice(); + ~CiscoCSSDevice(); + + int processDevice(); + bool isDeviceType(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/dns.cpp.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/dns.cpp.svn-base new file mode 100644 index 0000000..97406fb --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/dns.cpp.svn-base @@ -0,0 +1,174 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "dns.h" + + +CiscoCSSDNS::CiscoCSSDNS() +{ + nameMappingConfig = i18n("*DEVICETYPE* devices have can be configured to act as a *ABBREV*DNS*-ABBREV* server and perform name lookups. This section details the domain naming settings."); // The text paragraph in the config section + + // Host configuration + showInterface = false; // Are interfaces supported? + + // DNS Client Settings + dnsClientSupported = true; // DNS Client Supported? + dnsLookupEnabled = false; // DNS lookups enabled? + disableLookup = "*ABBREV*DNS*-ABBREV* server name lookups can be disabled on *DEVICETYPE* devices by removing all *ABBREV*DNS*-ABBREV* servers from the configuration. This can be done with the following command:*CODE**COMMAND*no dns *CMDREQUIRE*primary *CMDOR* secondary*-CMDREQUIRE**-COMMAND**-CODE*"; // The text and commands to disable DNS lookup + dnsRetries = 0; // DNS lookup retries + dnsRetriesSupported = false; // DNS lookup retries Supported? + dnsTimeout = 0; // DNS timeout + dnsTimeoutSupported = false; // DNS timeout Supported? + + // DNS Server Options... + dnsRecordKeepAliveSupported = true; // Is the DNS keep Alive message type supported? + returnRecordsSupported = true; // Is the single/multiple record field supported? + dynamicDNSSupported = false; // Is Dynamic DNS Supported? + dnsServerSupported = true; // Is DNS Server Supported? + dnsServiceEnabled = false; // Is the DNS service enabled? + dynamicDNSEnabled = false; // Is dynamic DNS enabled? + dnsProxySupported = false; // Is DNS Proxy Server Supported? + dnsProxyEnabled = false; // Is the DNS Proxy service enabled? + dnsPort = 53; // DNS Server Port +} + + +int CiscoCSSDNS::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + dnsConfig *dnsPointer = 0; + dnsRecordConfig *recordPointer = 0; + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // DNS servers... + if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "suffix") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + { + dnsPointer = addDNSServer(command->part(tempInt + 1)); + dnsPointer->description.assign(command->part(tempInt)); + } + } + + // DNS domain... + else if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "suffix") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Domain Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + + if (setting == true) + { + dnsDomain.assign(command->part(tempInt)); + } + } + + // DNS Records... + else if ((strcmp(command->part(tempInt), "dns-record") == 0) && (strcmp(command->part(tempInt + 1), "zero") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Record Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + { + recordPointer = addDNSRecord(); + recordPointer->recordType.assign(command->part(tempInt)); + tempInt++; + recordPointer->name.assign(command->part(tempInt)); + tempInt++; + recordPointer->address.assign(command->part(tempInt)); + tempInt++; + recordPointer->keepAlive.assign("0"); + recordPointer->singleRecord = true; + if (command->parts > tempInt) + { + recordPointer->keepAlive.assign(command->part(tempInt)); + tempInt++; + if (command->parts > tempInt) + { + if (strcmp(command->part(tempInt), "multiple") == 0) + recordPointer->singleRecord = false; + } + } + } + } + + // DNS server forwarders... + else if ((strcmp(command->part(tempInt), "dns-server") == 0) && (strcmp(command->part(tempInt + 1), "forwarder") == 0) && (strcmp(command->part(tempInt + 2), "zero") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Forwarder Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt +=2; + + if (setting == true) + { + dnsPointer = addForwarder(command->part(tempInt + 1)); + dnsPointer->description.assign(command->part(tempInt)); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoCSSDNS::processDefaults(Device *device) +{ + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/dns.h.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/dns.h.svn-base new file mode 100644 index 0000000..aff44f0 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/dns.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoCSSDNS_H +#define CiscoCSSDNS_H + + +#include "../device/dns/dns.h" + + +class CiscoCSSDNS : public DNS +{ + public: + + CiscoCSSDNS(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/filter.cpp.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/filter.cpp.svn-base new file mode 100644 index 0000000..93adf56 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/filter.cpp.svn-base @@ -0,0 +1,620 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../device/common/configline.h" +#include "../globaldefs.h" +#include "device.h" +#include "filter.h" +#include "interfaces.h" + + +CiscoCSSFilter::CiscoCSSFilter() +{ + // Object options... + networkObjectName = i18n("Network Objects"); // The name for the object (used in config report) + networkObjectDescription = i18n(""); // The description for the object (config report) + protocolObjectName = i18n("Protocol Objects"); // The name for the object (used in config report) + protocolObjectDescription = i18n(""); // The description for the object (config report) + icmpObjectName = i18n("*ABBREV*ICMP*-ABBREV* Objects"); // The name for the object (used in config report) + icmpObjectDescription = i18n(""); // The description for the object (config report) + serviceObjectName = i18n("Service Objects"); // The name for the object (used in config report) + serviceObjectDescription = i18n(""); // The description for the object (config report) + + // Filter device options... + denyAllAndLogDefault = false; // Does it deny all and log by default? + defaultFilterActionSupported = false; // Default action supported on the device + allowByDefault = false; // Allow by default? + defaultActionIsAllow = false; // Is the default action to allow + logLevelsSupported = false; // Are log Levels supported + logOnlyDenySupported = false; // Is only Deny rule logging supported + noAccessWithoutFilters = false; // Is access not granted if no filters are configured + filterSupportsInstalled = false; // If filtering supports installed (i.e. CheckPoint) + filterSupportsThrough = false; // If a filtering supports through (i.e. CheckPoint) + rejectRulesSupported = false; // If reject rules are supported + bypassRulesSupported = true; // If bypass rules are supported + defaultRulesSupported = false; // If default rules are supported + ruleListsAreAssigned = true; // Rule lists are assigned to specific elements + allowName = i18n("Permit"); // The name given to an allowed filter + denyName = i18n("Deny"); // The name given to a denied filter + rejectName = i18n("Reject"); // The name given to a rejected filter + filterConfigTitle = i18n("*ABBREV*ACL*-ABBREV* Configuration"); // The Title for the configuration report section + filterConfigText = i18n("This section details the configuration of the network filtering *ABBREV*ACL*-ABBREV* on *DEVICENAME*."); // The device specific configuration report section text + filterConfigText2 = i18n(""); // The device specific configuration report section text2 + useFilterID = true; // Use the filter ID to identify a filter (otherwise a line no. is used) + filterIDTitle = i18n("Clause"); // The title for the filter ID/line no. table column + filterListName = i18n("*ABBREV*ACL*-ABBREV*"); // The name of the filter list, for use in text paragraphs + filterListNameTitle = i18n("*ABBREV*ACL*-ABBREV*"); // The name of the filter list, for use in titles + filterListNamePlaural = i18n("*ABBREV*ACLs*-ABBREV*"); // The name of the filter list, for use in text paragraphs + filterTitle = i18n("Clause"); // The name of a filter, for use in titles + filterTitlePlaural = i18n("Clauses"); // The name of a filter, for use in titles + filterName = i18n("clause"); // The name of a filter, for use use in text paragraph + filterNamePlaural = i18n("clauses"); // The name of a filter, for use use in text paragraph + + // Issue titles... + allowAndNotLogIssue = i18n("Not All Permit Clauses Log Access"); // The title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogTable = i18n("Permit clauses that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogConcl = i18n("not all permit clauses log access"); // The conclusions text for the "All Allow Rules Do Not Log" issue + allowAndNotLogReco = i18n("Configure logging for all clauses"); // The recommendations text for "All Allow Rules Do Not Log" (and deny) issue + denyAndNotLogIssue = i18n("Not All Deny Clauses Log Access"); // The title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogTable = i18n("Deny clauses that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogConcl = i18n("not all deny clauses log access"); // The conclusions text for the "All Allow Rules Do Not Log" issue + configRuleLogging = i18n("A clause can be configured with logging on *DEVICETYPE* devices with the following command:*CODE**COMMAND*clause *CMDUSER*number*-CMDUSER* log enable *CMDREQUIRE*permit *CMDOR* deny*-CMDREQUIRE* *CMDUSER*source*-CMDUSER* detination *CMDUSER*destination*-CMDUSER**-COMMAND**-CODE*"); // The text describing how to configure logging for filter rules + noFilteringIssue = i18n("No *ABBREV*ACLs*-ABBREV* Were Configured");// The title text for the "No filtering" issue + noFilteringRec = i18n("Configure *ABBREV*ACLs*-ABBREV* to restict access"); // The title text for the "No filtering" recommendation + noFilteringCon = i18n("no *ABBREV*ACLs*-ABBREV* were configured"); // The title text for the "No filtering" conclusion + legacyIssueFinding = i18n(""); // The finding for the legacy issue + legacyIssueImpact = i18n(""); // The impact for the legacy issue + legacyIssueEase = i18n(""); // The ease for the legacy issue + legacyIssueRec = i18n(""); // The recommendation for the legacy issue + allowAnythingTable = i18n("Clauses permit any access"); // The allow anything table title text + allowWeakTable = i18n("Clauses provide weak filtering"); // Weak source/service/destination/service table title text + allowAnyAnyAnyTable = i18n("Clauses permit any host to access any destination and service"); // The allow any source, destination and service table title text + allowWeakWeakWeakTable = i18n("Clauses provide weak filtering of source, destination and service"); // The allow weak source, destination and service table title text + allowAnyServiceAnyTable = i18n("Clauses allow any source port to any destination and service"); // The allow any source port, destination and service table title text + allowWeakServiceAnyTable = i18n("Clauses provide weak filtering of source port to destination and service"); // The allow weak source, destination and service table title text + allowAnyAnyTable = i18n("Clauses permit any source to any destination"); // The allow any source, destination table title text + allowAnyAnyServiceTable = i18n("Clauses permit any source to any destination service"); // The allow any source, destination service table title text + allowAnyDestServiceTable = i18n("Clauses permit any destination and service"); // The allow any destination and service table title text + allowAnyPortDestTable = i18n("Clauses permit any source port to any destination address"); // The allow any source port to any destination table title text + allowAnyPortServiceTable = i18n("Clauses permit any source port to any destination service"); // The allow any source port to any dest service table title text + allowWeakWeakTable = i18n("Clauses permit weak filtering of source and destination addresses"); // The allow weak source, destination addresses + allowWeakWeakServiceTable = i18n("Clauses permit weak source addresses and destination services"); // The allow weak source, destination service table title text + allowDestAndServiceTable = i18n("Clauses permit weak destination addresses and services");// The allow weak destination and service table title text + allowWeakPortDestTable = i18n("Clauses permit weak source ports and destination"); // The allow weak source port to Destination table title text + allowWeakPortServiceTable = i18n("Clauses permit weak source ports and destination services"); // The allow weak source port to service table title text + allowAnySourceTable = i18n("Clauses permit from any source address"); // The allow any source address table title text + allowNetSourceTable = i18n("Clauses permit from a network source address"); // The allow a network source address table title text + allowAnyPortTable = i18n("Clauses permit from any source port"); // The allow any source port table title text + allowRangePortTable = i18n("Clauses permit from a source port range"); // The allow range source port table title text + allowAnyDestTable = i18n("Clauses permit to any destination"); // The allow any destination table title text + allowNetDestTable = i18n("Clauses permit to a network destination"); // The allow a network destination table title text + allowToAnyDestServiceTable = i18n("Clauses permit to any destination service"); // The allow any destination service table title text + allowToNetDestServiceTable = i18n("Clauses permit to a destination service range"); // The allow a destination service range table title text + bypassContentFilterCon = i18n("Clauses were configured that bypass the content filtering"); // Bypass filter conclusion text + bypassContentFilterRec = i18n("Connfigure clauses that do not bypass the content filtering"); // Bypass filter recommendation text + defaultFilterCon = i18n("Clauses were configured that default to the ports filtering action"); // Default filter conclusion text + defaultFilterRec = i18n("Configure clauses that do not default to the ports filtering action"); // Default filter recommendation text + rejectSecurityIssueTitle = i18n("Reject Clauses Were Configured"); // Reject filter title text + securityRejectTextCon = i18n("Clauses were configured that reject network traffic"); // Reject filter conclusion text + securityRejectTextRec = i18n("Configure clauses to deny rather than reject network traffic"); // Reject filter recommendation text + clearTextServiceCon = i18n("Clauses were configured that permit access to clear text protocol services"); // Clear Text Service conclusions text + clearTextServiceRec = i18n("Configure clauses to deny access to any clear text protocol services"); // Clear Text Service recommendations text2 + configureFilterListRecIssueText = i18n("An *ABBREV*ACL*-ABBREV* can be configured with the following command:*CODE**COMMAND*acl *CMDUSER*index*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a filter list + configureFilterRecIssueText = i18n("A clause can be configured on *DEVICETYPE* devices with the following command:*CODE**COMMAND*clause *CMDUSER*number*-CMDUSER* *CMDREQUIRE*permit *CMDOR* deny*-CMDREQUIRE* *CMDUSER*protocol*-CMDUSER* *CMDUSER*source*-CMDUSER* detination *CMDUSER*destination*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a filter + unnecessaryServiceCon = i18n("Clauses were configured that permit access to potentially unnecessary services"); // Unnecessary Service conclusions text + unnecessaryServiceRec = i18n("Configure clauses to deny access to any unnecessary services"); // Unnecessary Service recommendations text2 + filtersWithNoCommentsTitle = i18n("Not All Clauses Include Comments"); // Filters with no comments title text + noFilterCommentsCon = i18n("not all clauses include comment text indicating their purpose"); // The no comments conclusion text + noFilterCommentsRec = i18n("Configure comment text for all clauses"); // The no comments recommendation text + configureFilterCommentText = i18n(""); // The text and commands to configure a filters comment text + disabledFiltersTitle = i18n("Disabled Clauses Were Configured"); // The disabled filter issues title text + removeFilterText = i18n("A disabled clause can be removed with the following command:*CODE**COMMAND*no clause *CMDUSER*number*-CMDUSER**-COMMAND**-CODE*"); // The commands and text to delete a filter + disabledFilterCon = i18n("disabled clauses were configured"); // The disabled filter conclusion text + disabledFilterRec = i18n("Remove all disabled clauses"); // The disabled filter recommendation text + defaultActionIssueTitle = i18n("The Default Network Filtering Action Permits Access"); // The default filter action issue title + defaultActionIssueCon = i18n("the default *ABBREV*ACL*-ABBREV* action was configured to permit access when a clause does not match"); // The default filter action conclusion text + defaultActionIssueRec = i18n("Set the default *ABBREV*ACL*-ABBREV* action to deny network traffic"); // The default filter action recommendation text + configureDefaultActionText = i18n(""); // The text and commands to configure the default action + unusedFiltersIssueTitle = i18n("Unused Clauses Were Configured At The *ABBREV*ACLs*-ABBREV* End"); // Unused filters at the end of the filter list title + unusedFiltersIssueCon = i18n("unused clauses were configured at the end of the *ABBREV*ACLs*-ABBREV*"); // Unused filters issue conclusions text + unusedFiltersIssueRec = i18n("Remove all unused clauses"); // Unused filters issue recommendation text + denyAllLogIssueTitle = i18n("*ABBREV*ACL*-ABBREV* Does Not End with Deny All And Log"); // Deny All And Log Issue title + denyAllLogConfigure = i18n("A clause to deny everything and log can be added to a *ABBREV*ACL*-ABBREV* with the following command:*CODE**COMMAND*clause *CMDUSER*number*-CMDUSER* log enable deny any any detination any*-COMMAND**-CODE*"); // The text and commands to add a deny all and log line + denyAllLogIssueCon = i18n("not all *ABBREV*ACLs*-ABBREV* end with a deny all and log "); // The deny all and log conclusions text + denyAllLogIssueRec = i18n("Configure a deny all and log Clause as the last Clause in each *ABBREV*ACL*-ABBREV*"); // The deny all and log recommendations text + contradictIssueTitle = i18n("Contradicting Clauses Were Configured"); // The contradict issue title + contradictIssueTable = i18n("contradictions of clause"); // The contradict table issue title + contradictIssueCon = i18n("Clauses were configured that contradict other clauses"); // The contradict issue conclusion + contradictIssueRec = i18n("Reconfigure the clauses so they do not contradict other clause"); // The contradict issue recommendation + duplicateIssueTitle = i18n("Duplicate Clauses Were Configured"); // The duplicate/overlapping issue title + duplicateIssueTable = i18n("duplicates of clause"); // The duplicate/overlapping issue title + duplicateIssueCon = i18n("Clauses were configured that duplicate the configuration of other clauses"); // The duplicate/overlapping issue title + duplicateIssueRec = i18n("Reconfigure the clauses so that the rules do not duplicate other clauses"); // The duplicate/overlapping issue title +} + + +int CiscoCSSFilter::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + filterObjectConfig *filterObjectPointer = 0; + netObjectListConfig *objectListPointer = 0; + filterListConfig *filterListPointer = 0; + filterConfig *filterPointer = 0; + Interfaces::interfaceConfig *interfacePointer = 0; + Interfaces::interfaceListConfig *interfaceListPointer = 0; + fpos_t filePosition; + string tempString; + int tempInt = 0; + int protocolInt = 0; + + // If enabled/disable ... + if ((strcmp(command->part(1), "enable") == 0) || (strcmp(command->part(1), "disable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sACL Enabled/Disabled Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(1), "enable") == 0) + noAccessWithoutFilters = false; + else + noAccessWithoutFilters = true; + } + + // ACL... + else if (strcmp(command->part(0), "acl") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList(command->part(1)); + filterListPointer->type = i18n("*ABBREV*ACL*-ABBREV* Configuration"); // The filter list type name (used in the config report) + filterListPointer->typeDescription = i18n("*DEVICETYPE* device *ABBREV*ACL*-ABBREV* are sequential lists of permit, deny or bypass clauses that are applied to a *ABBREV*VLAN*-ABBREV* circuit. An *ABBREV*ACL*-ABBREV* is processed sequentially with the first clause that matches the incoming traffic applying. If the entire *ABBREV*ACL*-ABBREV* has been processed without a clause matching, then the traffic is denied by a hidden deny all rule. However, *ABBREV*ACL*-ABBREV* have to be enabled on *DEVICETYPE* otherwise all traffic will be permitted regardless of the *ABBREV*ACL*-ABBREV*. Once enabled, any *ABBREV*VLAN*-ABBREV* circuits without an*ABBREV*ACL*-ABBREV* applied will be denied by the hidden deny all rule."); // The filter list type description for the report (used in config report) + filterListPointer->legacyType = false; // Is the filter list a legacy type? + filterListPointer->sourceOnly = false; // The type of filter + filterListPointer->loggingSupport = true; // Does the filter list support logging + filterListPointer->supportsTime = false; // Filter support time (dest only) + filterListPointer->supportsFragments = false; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = false; // Filter support established (dest only) + filterListPointer->sourceServiceSupported = true; // If source services are supported + filterListPointer->disabledFilterSupport = false; // Is it possible to disable filters? + filterListPointer->filterCommentsSupported = false; // Are filter comments supported + filterListPointer->showProtocol = true; // Show the protocol? (some devices use a configured service) + filterListPointer->showFilterZones = false; // Does the filter use filter-based zones (i.e. SonicWALL) + filterListPointer->showStop = false; // Does the filter have a stop status (i.e. Passport devices) + filterListPointer->showFilterType = false; // Does the filter have a type (i.e. like on Passport devices) + filterListPointer->active = true; // Is the filter list used? (for CheckPoint devices) + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + + // Clause... + if (strcasecmp(command->part(0), "clause") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sClause Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer = addFilter(filterListPointer); + tempInt = 1; + + // number + filterPointer->id = atoi(command->part(tempInt)); + tempInt++; + + // Log? + if (strcasecmp(command->part(0), "log") == 0) + { + tempInt++; + if (strcasecmp(command->part(0), "enable") == 0) + filterPointer->log = true; + else + filterPointer->log = false; + tempInt++; + } + + // Action + if (strcasecmp(command->part(0), "bypass") == 0) + filterPointer->action = bypassAction; + else if (strcasecmp(command->part(0), "deny") == 0) + filterPointer->action = denyAction; + else + filterPointer->action = allowAction; + tempInt++; + + // Protocol + filterObjectPointer = addFilterObject(filterPointer, protocol); + if (strcasecmp(command->part(tempInt), "any") == 0) + filterObjectPointer->type = anyObject; + else + filterObjectPointer->type = protocolObject; + filterObjectPointer->serviceOper = serviceOperEqual; + protocolInt = atoi(command->part(tempInt)); + if ((protocolInt != 0) || (strcmp(command->part(tempInt), "0") == 0)) + filterObjectPointer->name.assign(device->getProtocol(protocolInt)); + else + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + + // Source + filterObjectPointer = addFilterObject(filterPointer, source); + filterObjectPointer->serviceOper = serviceOperEqual; + if (strcasecmp(command->part(tempInt), "nql") == 0) + { + tempInt++; + filterObjectPointer->type = groupObject; + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + } + else if (strcasecmp(command->part(tempInt), "any") == 0) + { + tempInt++; + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperAny; + filterObjectPointer->name.assign(i18n("Any")); + } + else + { + filterObjectPointer->type = hostObject; + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + if ((strcmp(command->part(tempInt), "destination") != 0) && (strcmp(command->part(tempInt), "range") != 0) && (strcmp(command->part(tempInt), "neq") != 0) && (strcmp(command->part(tempInt), "gt") != 0) && (strcmp(command->part(tempInt), "lt") != 0) && (strcmp(command->part(tempInt), "eq") != 0)) + { + filterObjectPointer->netmask.assign(command->part(tempInt)); + if (strcmp(filterObjectPointer->netmask.c_str(), "255.255.255.255") != 0) + filterObjectPointer->type = networkObject; + tempInt++; + } + } + + // Source port + if (strcmp(command->part(tempInt), "destination") != 0) + { + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->type = portObject; + + // Equal... + if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + + // Less than + else if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + } + + // Greater than + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + } + + // Not equal to... + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + } + + // Range + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + } + tempInt++; + } + + // destination + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destination); + filterObjectPointer->serviceOper = serviceOperEqual; + if (strcasecmp(command->part(tempInt), "nql") == 0) + { + tempInt++; + filterObjectPointer->type = groupObject; + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + } + else if (strcasecmp(command->part(tempInt), "any") == 0) + { + tempInt++; + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperAny; + filterObjectPointer->name.assign(i18n("Any")); + } + else + { + filterObjectPointer->type = hostObject; + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + if ((tempInt < command->parts) && (strcmp(command->part(tempInt), "prefer") != 0) && (strcmp(command->part(tempInt), "sourcegroup") != 0) && (strcmp(command->part(tempInt), "range") != 0) && (strcmp(command->part(tempInt), "neq") != 0) && (strcmp(command->part(tempInt), "gt") != 0) && (strcmp(command->part(tempInt), "lt") != 0) && (strcmp(command->part(tempInt), "eq") != 0)) + { + filterObjectPointer->netmask.assign(command->part(tempInt)); + if (strcmp(filterObjectPointer->netmask.c_str(), "255.255.255.255") != 0) + filterObjectPointer->type = networkObject; + tempInt++; + } + } + + // destination port + if ((strcmp(command->part(tempInt), "range") == 0) || (strcmp(command->part(tempInt), "neq") == 0) || (strcmp(command->part(tempInt), "gt") == 0) || (strcmp(command->part(tempInt), "lt") == 0) || (strcmp(command->part(tempInt), "eq") == 0)) + { + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->type = portObject; + + // Equal... + if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + + // Less than + else if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + } + + // Greater than + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + } + + // Not equal to... + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + } + + // Range + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + } + tempInt++; + } + } + + // Apply circuit + else if ((strcmp(command->part(0), "apply") == 0) && (strncmp(command->part(1), "circuit-(", 9) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sApply To Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfaceListPointer = device->interfaces->getInterfaceList("CIRCUIT"); + if ((interfaceListPointer != 0) && (filterListPointer != 0)) + { + tempString.assign(command->part(1) + 9); + tempString.resize(tempString.length() - 1); + interfacePointer = device->interfaces->getOnlyInterface(interfaceListPointer, tempString.c_str()); + if (interfacePointer != 0) + { + device->interfaces->addFilterList(interfacePointer, filterListPointer->name.c_str(), true); + } + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + + } + + // NQL... + else if (strcmp(command->part(0), "nql") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNQL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer = getObjectList(command->part(1)); + objectListPointer->title = i18n("*ABBREV*NQL*-ABBREV* Configuration"); // Pointer to the object name text + objectListPointer->description = i18n("*ABBREV*NQL*-ABBREV* are lists of *ABBREV*IP*-ABBREV* addresses and networks that are grouped together to ease administration. The *ABBREV*NQL*-ABBREV* can then be used in an *ABBREV*ACL*-ABBREV*."); // Pointer to the description text + objectListPointer->objectCommentSupported = false; // Enabled object comments + objectListPointer->protocolSupported = false; // Only applies if enhancedServiceObject is not the type + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + + // Description... + if (strcasecmp(command->part(0), "description") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNQL Description Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer->comment.assign(command->part(1)); + } + + // IP Address... + else if ((strcasecmp(command->part(0), "ip") == 0) && (strcasecmp(command->part(1), "address") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNQL IP Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterObjectPointer = addObject(objectListPointer); + filterObjectPointer->type = hostObject; + filterObjectPointer->serviceOper = serviceOperEqual; + + tempString.assign(command->part(2)); + if (tempString.find("/") == string::npos) + { + filterObjectPointer->name.assign(command->part(2)); + filterObjectPointer->netmask.assign(command->part(3)); + if (filterObjectPointer->netmask.compare("255.255.255.255") != 0) + filterObjectPointer->type = networkObject; + } + else + { + filterObjectPointer->name.assign(tempString.substr(0, tempString.find("/") - 1)); + filterObjectPointer->netmask.assign(device->cidrToNetmask(tempString.substr(tempString.find("/") + 1).c_str())); + if (filterObjectPointer->netmask.compare("255.255.255.255") != 0) + filterObjectPointer->type = networkObject; + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoCSSFilter::processDeviceSpecificDefaults(Device *device) +{ + if ((filterList == 0) && (noAccessWithoutFilters == false)) + filterConfigText2 = i18n("No *ABBREV*ACL*-ABBREV* have been configured on *DEVICENAME* and *ABBREV*ACL*-ABBREV* processing is disabled, so all network traffic will be permitted."); + else if ((filterList != 0) && (noAccessWithoutFilters == false)) + filterConfigText2 = i18n("Although *ABBREV*ACL*-ABBREV* have been configured on *DEVICENAME*, *ABBREV*ACL*-ABBREV* processing is disabled, so all network traffic will be permitted regardless."); + else if ((filterList == 0) && (noAccessWithoutFilters == true)) + filterConfigText2 = i18n("No *ABBREV*ACL*-ABBREV* have been configured on *DEVICENAME* and *ABBREV*ACL*-ABBREV* processing is enabled, so all network traffic will be denied."); + else + filterConfigText2 = i18n("*ABBREV*ACL*-ABBREV* processing is enabled on *DEVICENAME*, so all network traffic that does not match an *ABBREV*ACL*-ABBREV* clause will be denied."); + + return 0; +} + + +int CiscoCSSFilter::generateDeviceSpecificFilterSecurityIssues(Device *device) +{ + // Variables... + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + + if (noAccessWithoutFilters == false) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] ACL Were Not Active\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("*ABBREV*ACL*-ABBREV* Were Not Active")); + securityIssuePointer->reference.assign("CSS.FILTNOAC.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*ABBREV*ACLs*-ABBREV* are sequential lists of allow, deny and bypass clauses that determine whether network traffic is permitted or dropped. All *ABBREV*ACLs*-ABBREV* have a hidden deny all clause as the final clause, clause 255. Regardless of whether *ABBREV*ACLs*-ABBREV* are configured, if *ABBREV*ACLs*-ABBREV* are not enabled on *DEVICETYPE* devices then all traffic will be allowed.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *ABBREV*ACLs*-ABBREV* are disabled.")); + + // Issue impact... + securityIssuePointer->impactRating = 6; // Medium + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("With *ABBREV*ACLs*-ABBREV* disabled, an attacker could gain access to hosts and services for which they should not be able to access.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + securityIssuePointer->easeRating = 0; // N/A + paragraphPointer->paragraph.assign(i18n("Network traffic will not be blocked by *DEVICENAME*.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 5; // Planned + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that *ABBREV*ACL*-ABBREV* should be enabled. Once enabled, all traffic is denied by default, so an *ABBREV*ACL*-ABBREV* should be configured to permit traffic to the device prior to enabling *ABBREV*ACLs*-ABBREV*.")); + + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*ABBREV*ACL*-ABBREV* can be enabled with the following command:*CODE**COMMAND*acl enable*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.assign(i18n("*ABBREV*ACL*-ABBREV* was disabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("enable *ABBREV*ACLs*-ABBREV*"), true); + } + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/filter.h.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/filter.h.svn-base new file mode 100644 index 0000000..d91e1e6 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/filter.h.svn-base @@ -0,0 +1,53 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoCSSFilter_H +#define CiscoCSSFilter_H + + +#include "../device/filter/filter.h" + + +class CiscoCSSFilter : public Filter +{ + public: + CiscoCSSFilter(); + + + private: + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDeviceSpecificDefaults(Device *device); + int generateDeviceSpecificFilterSecurityIssues(Device *device); +}; + + +#endif + diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/general.cpp.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/general.cpp.svn-base new file mode 100644 index 0000000..82e6ffb --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/general.cpp.svn-base @@ -0,0 +1,195 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +CiscoCSSGeneral::CiscoCSSGeneral() +{ + coreDumpsEnabled = true; // Core Dumps Enabled? +} + + +int CiscoCSSGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Version (in general)... + if ((strcmp(command->part(0), "!Active") == 0) && (strcmp(command->part(1), "version:") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sVersion Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + version = command->part(2); + } + + // Potential hostname... + else if ((command->part(0)[strlen(command->part(0)) - 1] == '#') && (strncmp(command->part(1), "sh", 2) == 0) && (strncmp(command->part(2), "run", 3) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPotential Hostname Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempHostname.assign(command->part(0)); + tempHostname.erase(tempHostname.find_last_of("#")); + } + + // SNMP name... + else if ((strcmp(command->part(0), "snmp") == 0) && (strcmp(command->part(1), "name") == 0)) + { + if (hostname.empty()) + hostname.assign(command->part(2)); + } + + // dump... + else if (strcmp(command->part(0), "dump") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCore Dump Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (strcmp(command->part(1), "enable") == 0) + coreDumpsEnabled = true; + else + coreDumpsEnabled = false; + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoCSSGeneral::processDefaults(Device *device) +{ + // Variables... + string tempString; + + // Set hostname... + if ((hostname.empty()) && (!tempHostname.empty())) + hostname.assign(tempHostname); + + // Split Version Numbers... + if ((!version.empty()) && (version.length() > 8)) + { + tempString = version.substr(2, 2); + versionMajor = atoi(tempString.c_str()); + tempString = version.substr(4, 2); + versionMinor = atoi(tempString.c_str()); + tempString = version.substr(6, 1); + versionRevision = atoi(tempString.c_str()); + tempString = version.substr(7, 2); + versionTweak = atoi(tempString.c_str()); + } + + return 0; +} + + +int CiscoCSSGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-GENERAL"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-GENERAL-TABLE"); + + // Core Dumps... + device->addTableData(paragraphPointer->table, i18n("Core Dumps")); + if (coreDumpsEnabled == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + return errorCode; +} + + +int CiscoCSSGeneral::generateSecuritySpecificReport(Device *device) +{ + // Variables... + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Service Password Encryption... + if (coreDumpsEnabled == true) + { + + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Core Dumps Enabled\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Core Dumps Enabled")); + securityIssuePointer->reference.assign("CSS.COREDUMP.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*DEVICETYPE* devices have a debug option that causes the memory of the device to be written to the disk (to a core file) when a fatal error occurs. The core file enables developers and technical support to analyse what happened at the time of the fatal error. This functionality is similar to that found on UNIX systems and is enabled by default. After the fatal error has occured, *DEVICETYPE* devices will reboot automatically.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that core dumps were enabled on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 3; // LOW + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker who was able to repeatedly cause fatal errors on *DEVICENAME* may be able to fill the available disk space with core files. A full disk may cause *DEVICENAME* further unexpected problems.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + securityIssuePointer->easeRating = 2; // Challenge + paragraphPointer->paragraph.assign(i18n("The attacker would have to find a vulnerability to cause the fatal errors on the device. However, if *DEVICENAME* is not adequately maintained it may fill with core files over time on its own.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 1; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("Core files are rarely examined by network administrators and are of more use to Cisco technicians when analysing software or hardware faults. Therefore *COMPANY* recommends that, if not used, core dumps should be disabled.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("Core dumps can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*dump disable*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("core dumps were enabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable core dumps")); + } + + return errorCode; +} + + diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/general.h.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/general.h.svn-base new file mode 100644 index 0000000..4488d68 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/general.h.svn-base @@ -0,0 +1,55 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoCSSdevicegeneral_H +#define CiscoCSSdevicegeneral_H + +#include "../device/general/general.h" + +class CiscoCSSGeneral : public General +{ + public: + CiscoCSSGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + + private: + string tempHostname; + bool coreDumpsEnabled; // Core Dumps Enabled? +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/interfaces.cpp.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/interfaces.cpp.svn-base new file mode 100644 index 0000000..ecd020b --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/interfaces.cpp.svn-base @@ -0,0 +1,232 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "interfaces.h" + + +CiscoCSSInterfaces::CiscoCSSInterfaces() +{ + // Interface Options... + useModuleAndPort = false; // Use the module / port instead of the name + useInterfaceZone = false; // Use the interface zone + zoneName = i18n("Zone"); // The name for zone field + filterIn = i18n("*ABBREV*ACL*-ABBREV*"); // The filter in table title text + filterOut = i18n("Filter Out"); // The filter out table title text + showDescription = true; // Show the interface description + cdpGlobalRequired = false; // If CDP needs to be enabled globally as well + disableCDPText = i18n(""); // The text and commands to disable CDP + cdpSupported = false; // Is CDP supported on interfaces + disableProxyARPText = i18n(""); // The text and commands to disable Proxy ARP + disableUnreachablesText = i18n(""); // The text and commands to disable ICMP unreachable messages + disableInformationText = i18n(""); // The text and commands to disable ICMP information messages + disableMaskText = i18n(""); // The text and commands to disable ICMP mask messages + disableRedirectText = i18n(""); // The text and commands to disable ICMP redirect messages + disableDirectedText = i18n(""); // The text and commands to disable directed broadcasts + disableMOPText = i18n(""); // The text and commands to disable MOP + disableActiveText = i18n("Interfaces can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*shut*-COMMAND**-CODE*"); // The text and commands to disable potentially unused interfaces + filterName = i18n("filter lists"); // The filter list name for use in the filter issue text + configFilterText = i18n("An *ABBREV*ACL*-ABBREV* can be configured for a particular circuit with the following *ABBREV*ACL*-ABBREV* command:*CODE**COMMAND*apply circuit-(*CMDUSER*name*-CMDUSER*)*-COMMAND**-CODE*"); // The text and commands to configure network filtering + defaultAutoTrunk = false; // Default to automatically trunk + disableTrunkText = i18n(""); // The text and commands to disable trunking on a port + enablePortSecurityText = i18n(""); // The text and commands to enable port security +} + + +int CiscoCSSInterfaces::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + interfaceListConfig *interfaceListPointer = 0; + interfaceConfig *interfacePointer = 0; + + if (strcmp(command->part(0), "interface") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Sort out the interface list first... + interfaceListPointer = getInterfaceList("INTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Network Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices network interfaces."); + interfaceListPointer->tableTitle = i18n("Network interfaces"); + interfaceListPointer->label = "INTERFACES"; + interfaceListPointer->vlanSupported = true; + interfaceListPointer->portModeSupported = true; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1)); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((command->parts > 0) && (feof(device->inputFile) == 0)) + { + + // Description... + if (strcmp(command->part(0), "description") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Description Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->description.assign(command->part(1)); + } + + // Shut... + else if ((strcmp(command->part(0), "shut") == 0) || (strcmp(command->part(0), "admin-shutdown") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Shutdown Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->enabled = false; + } + + // VLAN... + else if (strcmp(command->part(0), "vlan") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface VLAN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + addVLAN(interfacePointer, command->part(1)); + } + + // VLAN... + else if ((strcmp(command->part(0), "bridge") == 0) && (strcmp(command->part(1), "vlan") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface VLAN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + addVLAN(interfacePointer, command->part(2)); + } + + // Trunk... + else if (strcmp(command->part(0), "trunk") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface VLAN Trunking Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->switchportMode = portModeTrunk; + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + } + + else if (strcmp(command->part(0), "circuit") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCircuit Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Sort out the interface list first... + interfaceListPointer = getInterfaceList("CIRCUIT"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Circuit Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices circuit interfaces."); + interfaceListPointer->tableTitle = i18n("Circuit interfaces"); + interfaceListPointer->label = "CIRCUIT"; + interfaceListPointer->ipAddressSupported = true; // Is it possible to disable interfaces? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1)); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((command->parts > 0) && (feof(device->inputFile) == 0)) + { + + // Description... + if (strcmp(command->part(0), "description") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCircuit Description Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->description.assign(command->part(1)); + } + + // Address... + if ((strcmp(command->part(0), "ip") == 0) && (strcmp(command->part(1), "address") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCircuit IP Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->address.assign(command->part(2)); + interfacePointer->netmask.assign(command->part(3)); + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoCSSInterfaces::processDefaults(Device *device) +{ + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/interfaces.h.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/interfaces.h.svn-base new file mode 100644 index 0000000..3949404 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/interfaces.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoCSSInterfaces_H +#define CiscoCSSInterfaces_H + + +#include "../device/interfaces/interfaces.h" + + +class CiscoCSSInterfaces : public Interfaces +{ + public: + + CiscoCSSInterfaces(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + +}; + +#endif diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/snmp-report.cpp.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/snmp-report.cpp.svn-base new file mode 100644 index 0000000..0d57375 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/snmp-report.cpp.svn-base @@ -0,0 +1,212 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include "../globaldefs.h" +#include "device.h" +#include "general.h" +#include "snmp.h" + + +int CiscoCSSSNMP::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-SNMP"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-SNMP-TABLE"); + + // Trap Source... + device->addTableData(paragraphPointer->table, i18n("*ABBREV*SNMP*-ABBREV* Trap Source")); + device->addTableData(paragraphPointer->table, trapSource.c_str()); + + // Server Reload... + device->addTableData(paragraphPointer->table, i18n("Server Reloads")); + if (reloadAllowed == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + return errorCode; +} + + +int CiscoCSSSNMP::generateSecuritySpecificReport(Device *device) +{ + // Variables... + snmpCommunity *snmpCommunityPointer = 0; + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + bool dictionaryCommunity = false; + bool weakCommunity = false; + bool writeAccess = false; + int errorCode = 0; + + // Searching for issues... + snmpCommunityPointer = community; + while (snmpCommunityPointer != 0) + { + if ((snmpCommunityPointer->enabled == true) && (snmpCommunityPointer->type != communityReadOnly) && (((communityRequiresHosts == true) && (hostCommunityExists(snmpCommunityPointer->community.c_str()) == true)) || (communityRequiresHosts == false))) + { + writeAccess = true; + if (snmpCommunityPointer->communityInDict == true) + dictionaryCommunity = true; + else if (snmpCommunityPointer->communityWeak != Device::passwordPassed) + weakCommunity = true; + } + snmpCommunityPointer = snmpCommunityPointer->next; + } + + // System Shutdown via SNMP... + if ((reloadAllowed == true) && (writeAccess == true)) + { + + // Write Access... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWRIT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "CSS.SNMPRELO.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "CSS.SNMPRELO.1"); + } + + // Clear-text SNMP... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPCLEA.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + device->addString(paragraphPointer, "CSS.SNMPRELO.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "CSS.SNMPRELO.1"); + } + + // Dictionary-based Community Strings... + if (dictionaryCommunity == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPDICT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "CSS.SNMPRELO.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "CSS.SNMPRELO.1"); + } + } + + // Weak Community Strings... + if (weakCommunity == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWEAK.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "CSS.SNMPRELO.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "CSS.SNMPRELO.1"); + } + } + + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] SNMP System Reload\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("*ABBREV*SNMP*-ABBREV* Reload Option Enabled")); + securityIssuePointer->reference.assign("CSS.SNMPRELO.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addString(paragraphPointer, snmpFilterText); + paragraphPointer->paragraph.assign(i18n("A *ABBREV*SNMP*-ABBREV* system reload facility can be configured for *DEVICETYPE* so that network administrators can remotely reset the devices. *COMPANY* determined that the *ABBREV*SNMP*-ABBREV* system reload option was enabled on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 7; // High + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker who had *ABBREV*SNMP*-ABBREV* write access could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload.")); + + // Issue ease... + securityIssuePointer->easeRating = 4; // Moderate + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("For an attacker to exploit this issue they would require *ABBREV*SNMP*-ABBREV* query tools, a community string with write access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* and the reload value. *ABBREV*SNMP*-ABBREV* query tools are available on the Internet and some *ABBREV*OS*-ABBREV* install them by default.")); + if (dictionaryCommunity == true) + { + securityIssuePointer->easeRating = 7; // Easy + device->addString(paragraphPointer, "GEN.SNMPDICT.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a dictionary attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + else if (weakCommunity == true) + { + securityIssuePointer->easeRating = 5; // Moderate + device->addString(paragraphPointer, "GEN.SNMPWEAK.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a brute-force attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.append(i18n("The reload number is between 1 to 2*POWER*32*-POWER* and the attacker will require this value in order to reboot *DEVICENAME*. Unless the attacker is aware of what the value could be, they would have to attempt to brute-forece the value as it cannot be read from the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV*.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 3; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that, unless required, the *ABBREV*SNMP*-ABBREV* reload option should be disabled. This can be done with the following command:*CODE**COMMAND*no snmp reload-enable*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("*ABBREV*SNMP*-ABBREV* system reload was enabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable *ABBREV*SNMP*-ABBREV* system reload")); + + // Dependent issues... + device->addDependency(securityIssuePointer, "GEN.SNMPCLEA.1"); + device->addDependency(securityIssuePointer, "GEN.SNMPWRIT.1"); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPDICT.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPWEAK.1"); + } + + return errorCode; +} + diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/snmp.cpp.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/snmp.cpp.svn-base new file mode 100644 index 0000000..e66cf9e --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/snmp.cpp.svn-base @@ -0,0 +1,276 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include +#include +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "snmp.h" + +using namespace std; + + +CiscoCSSSNMP::CiscoCSSSNMP() +{ + // Init SNMP support options... + deviceSNMPSupportText = i18n("*DEVICETYPE* support only *ABBREV*SNMP*-ABBREV* versions 1 and 2c. "); // Intro Config section device specific text. + supportSNMP3 = false; // Does this device support SNMPv3? + supportSNMP3Upgrade = false; // Do you have to upgrade to get support for SNMPv3 + // N/A - supportSNMP3UpgText = i18n(""); // SNMP 3 is supported from OS version ... + disableSNMPCmdText = i18n("*ABBREV*SNMP*-ABBREV* can be disabled on *DEVICETYPE* with the following command:*CODE**COMMAND*restrict snmp*-COMMAND**-CODE*"); // The text and command(s) to disable SNMP support + configSNMPCommunityText = i18n("*ABBREV*SNMP*-ABBREV* community strings can be configured with the following command:*CODE**COMMAND*snmp community *CMDUSER*community-string*-CMDUSER* *CMDREQUIRE*read-only *CMDOR* read-write*-CMDREQUIRE**-COMMAND**-CODE*"); // The text and command(s) to configure a community string + // N/A - configSNMP3Text = i18n(""); // The text and command(s) to configure SNMP version 3 + // N/A - configSNMPViewText = i18n(""); // The text and command(s) to configure SNMP views + configSNMPTrapsText = i18n("*ABBREV*SNMP*-ABBREV* trap hosts can be configured using the following command:*CODE**COMMAND*snmp trap-host *CMDUSER*ip-address*-CMDUSER* *CMDUSER*community-string*-CMDUSER* *CMDOPTION*snmpv2*-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP traps + // N/A - configSNMPInformsText = i18n(""); // The text and command(s) to configure SNMP informs + configSNMPReadOnlyText = i18n("*ABBREV*SNMP*-ABBREV* read only community strings can be configured with the following command:*CODE**COMMAND*snmp community *CMDUSER*community-string*-CMDUSER* read-only*-COMMAND**-CODE*"); // The text and command(s) to configure SNMP read only access + // N/A - configSNMPFilterText = i18n(""); // The text and command(s) to configure SNMP filtering + + enabled = true; + + // Community Options... + communityView = false; // SNMP view for the community + communityFilter = false; // SNMP Network Filtering + communityIPv6Filter = false; // SNMP IPv6 Network Filtering + communitySpecificFilters = false; // If the device uses an SNMP specific list. If false, it is std device filters + communityRequiresHosts = false; // If the SNMP community will not work without a list of those who can access it + + // Default communities... + defaultReadOnly = ""; // Default read only community + defaultReadWrite = ""; // Default read/write community + defaultReadWriteAll = ""; // Default read/write all community + + // SNMP Trap/Inform Host Options... + trapsOnly = true; // Only Traps are supported + trapsSNMPv3 = false; // SNMP v3 support for traps + trapsShowPort = false; // Show Trap Host Port in Table + trapsInterface = false; // Show Interface in Table + trapsInterfaceText = i18n("Interface"); // The Traps/Informs Host Table Interface Column Title + trapsShowNotifications = false; // Show Notifications in the Table + trapsShowEventLevel = false; // Show Notification Event Level in the Table + + // Traps/Informs Options... + trapsShowExcluded = false; // Show excluded traps + trapsShowOptions = true; // Show trap options + + // Device specific SNMP settings... + reloadAllowed = false; + trapSource.assign("Management"); +} + + +int CiscoCSSSNMP::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + snmpCommunity *communityPointer = 0; + snmpTrapHost *trapHostPointer = 0; + snmpTrap *snmpTrapPointer = 0; + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 2; + setting = false; + } + else + { + tempInt = 1; + setting = true; + } + + // Restrict SNMP + if ((strcmp(command->part(0), "restrict") == 0) && (strcmp(command->part(1), "snmp") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Restrict Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + enabled = false; + } + + // snmp community? + else if (strcmp(command->part(tempInt), "community") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + communityPointer = addSNMPCommunity(); + communityPointer->community.assign(command->part(tempInt)); + communityPointer->enabled = setting; + tempInt++; + if (strcasecmp(command->part(tempInt), "read-only") == 0) + communityPointer->type = communityReadOnly; + else + communityPointer->type = communityReadWrite; + } + + // Name + else if (strcmp(command->part(tempInt), "name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + name.assign(command->part(tempInt)); + } + + // Location... + else if (strcmp(command->part(tempInt), "location") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Location Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + location.assign(command->part(tempInt)); + } + + // Contact... + else if (strcmp(command->part(tempInt), "contact") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Contact Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + contact.assign(command->part(tempInt)); + } + + // Reload... + else if (strcmp(command->part(tempInt), "reload-enable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Reload Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + { + tempInt++; + if (atoi(command->part(tempInt)) > 0) + reloadAllowed = true; + } + } + + // SNMP Host... + else if (strcmp(command->part(tempInt), "trap-host") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapHostPointer = addSNMPTrapHost(); + trapHostPointer->host.assign(command->part(tempInt)); + tempInt++; + trapHostPointer->community.assign(command->part(tempInt)); + tempInt++; + if (strcmp(command->part(tempInt), "snmpv2") == 0) + trapHostPointer->version = 2; + } + + // Trap Source Address... + else if (strcmp(command->part(tempInt), "trap-source") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Source Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + { + tempInt++; + if (strcmp(command->part(tempInt), "egress-port") == 0) + trapSource.assign("*ABBREV*VLAN*-ABBREV* Egress"); + else if (strcmp(command->part(tempInt), "management") == 0) + trapSource.assign("Management"); + else + trapSource.assign(command->part(tempInt + 1)); + } + } + + // Auth Traps... + else if (strcmp(command->part(tempInt), "auth-traps") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Auth Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign("Authentication"); + } + + // Generic Traps... + else if ((strcmp(command->part(tempInt), "trap-type") == 0) && (strcmp(command->part(tempInt + 1), "generic") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Generic Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign("cold start"); + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign("warm start"); + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign("link down"); + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign("link up"); + } + + // Enterprise Traps... + else if ((strcmp(command->part(tempInt), "trap-type") == 0) && (strcmp(command->part(tempInt + 1), "enterprise") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Enterprise Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign(command->part(tempInt)); + tempInt++; + snmpTrapPointer->options.assign(command->part(tempInt)); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoCSSSNMP::processDefaults(Device *device) +{ + // Variables... + snmpCommunity *communityPointer = community; + + // Enable SNMP Service... + while ((communityPointer != 0) && (snmp12Enabled == false)) + { + if (communityPointer->enabled == true) + snmp12Enabled = true; + communityPointer = communityPointer->next; + } + if (enabled == true) + enabled = snmp12Enabled; + + return 0; +} diff --git a/libnipper-0.12.6/Cisco-CSS/.svn/text-base/snmp.h.svn-base b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/snmp.h.svn-base new file mode 100644 index 0000000..a5140d2 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/.svn/text-base/snmp.h.svn-base @@ -0,0 +1,55 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoCSSdevicesnmp_H +#define CiscoCSSdevicesnmp_H + +#include "../device/snmp/snmp.h" + + +class CiscoCSSSNMP : public SNMP +{ + public: + CiscoCSSSNMP(); + + // Device specific properties... + bool reloadAllowed; + string trapSource; + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-CSS/administration.cpp b/libnipper-0.12.6/Cisco-CSS/administration.cpp new file mode 100644 index 0000000..3471280 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/administration.cpp @@ -0,0 +1,515 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "administration.h" + + +CiscoCSSAdministration::CiscoCSSAdministration() +{ + // General... + generalSettings = true; // Show the general settings section? + consoleEnabled = false; // Is the Console port enabled? + consoleSupported = true; // Is a console port supported? + //consoleTimeoutSupported = false; // Is a console timeout supported? + //consoleTimeout = 0; // Console timeout + //configConsoleTimeout = i18n(""); // The text and commands to configure the timeout + connectionTimeoutSupported = true; // Is a connection timeout supported? + connectionTimeout = 0; // Connection Timeout + configTimeout = i18n("The Console, *ABBREV*FTP*-ABBREV*, *ABBREV*SSH*-ABBREV* and Telnet connection timeout can be configured on *DEVICETYPE* with the following command:*CODE**COMMAND*idle timeout *CMDUSER*timeout-minutes*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure the timeout + + // Host restrictions... + //serviceWideHosts = false; // Do all the admin services share a common host restrictions? + //serviceConfigHosts = i18n(""); // Text, how to configure administrative host restrictions. + + // Telnet options... + telnetSupported = true; // Is telnet supported? + telnetEnabled = true; // Is Telnet enabled? + telnetPort = 23; // The telnet service port + //telnetSpecificHost = false; // Does Telnet have its own access list? + //telnetHostsRequired = false; // Is the host configuration required? + //configTelnetHostAccess = i18n(""); // How access lists are configured for the telnet service + disableTelnet = i18n("The Telnet service can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*restrict telnet*-COMMAND**-CODE*"); // How to disable telnet text... + //telnetSpecificTimeout = false; // A Telnet Specific Timeout? + //telnetTimeout = 0; // The Telnet Timeout (secs) + //configTelnetTimeout = i18n(""); // The text and commands to configure the timeout + + // TFTP options... + tftpSupported = false; // Is TFTP supported? + //tftpEnabled = false; // Is TFTP enabled? + //tftpPort = 69; // The TFTP service port + //tftpSpecificHost = false; // Does TFTP have its own access list? + //tftpHostsRequired = false; // Is the host configuration required? + //configTFTPHostAccess = i18n(""); // How access lists are configured for the TFTP service + //disableTFTP = i18n(""); // How to disable TFTP text... + + // FTP options... + ftpSupported = true; // Is FTP supported? + ftpEnabled = true; // Is FTP enabled? + ftpPort = 21; // The FTP service port + ftpSpecificHost = false; // Does FTP have its own access list? + //ftpHostsRequired = false; // Is the host configuration required? + //configFTPHostAccess = i18n(""); // How access lists are configured for the FTP service + disableFTP = i18n("The *ABBREV*FTP*-ABBREV* service can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*restrict ftp*-COMMAND**-CODE*"); // How to disable FTP text... + //ftpSpecificTimeout = false; // A FTP Specific Timeout? + //ftpTimeout = 0; // The FTP Timeout (secs) + //configFTPTimeout = i18n(""); // The text and commands to configure the timeout + + // SFTP options... + sftpSupported = false; // Is SFTP supported? + //sftpEnabled = false; // Is SFTP enabled? + //sftpPort = 21; // The SFTP service port + //sftpUpgrade = false; // Is an upgrade required to support SFTP? + //sftpSpecificHost = false; // Does SFTP have its own access list? + //sftpHostsRequired = false; // Is the host configuration required? + //configSFTPHostAccess = i18n(""); // How access lists are configured for the SFTP service + //configSFTP = i18n(""); // How to configure SFTP + //sftpSpecificTimeout = false; // A SFTP Specific Timeout? + //sftpTimeout = 0; // The SFTP Timeout (secs) + //configSFTPTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH options... + sshSupported = true; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = true; // Is the SSH service enabled? + sshVersion = 0; // What is the SSH Protocol version (0 = 1 and 2) + sshPort = 22; // The SSH port number + configSSHSupport = i18n("The *ABBREV*SSH*-ABBREV* service can be enabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*no restrict ssh*-COMMAND**-CODE*"); // How to configure SSH... + sshSpecificHost = false; // Does SSH have its own access list? + //sshHostsRequired = false; // Is the host configuration required? + //configSSHHostAccess = i18n(""); // How to configure SSH... + //scpSupported = false; // Is SCP supported? + //sshSpecificTimeout = false; // A SSH Specific Timeout? + //sshTimeout = 0; // The SSH Timeout (secs) + //configSSHTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH 2 support... + ssh2Supported = false; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + configSSHv2Support = i18n("The *ABBREV*SSH*-ABBREV* service on *DEVICETYPE* devices can be configured to support only protocol version 2 with the following command:*CODE**COMMAND*sshd version v2*-COMMAND**-CODE*"); // How to configure protocol version 2 support only + + sshConfigProtocolSupport = i18n("*DEVICETYPE* devices support *ABBREV*SSH*-ABBREV* protocol version 1 and from *DEVICEOS* version 7.50 *DEVICETYPE* devices support protocol version 2."); // Config report text on protocol support (e.g. supports both version 1 and 2 of the protocol) + + // HTTP(S) options... + httpSupported = true; // Does this device support HTTP + httpsSupported = false; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpPort = 80; // HTTP port + httpsEnabled = false; // Is the HTTPS service enabled? + httpsPort = 443; // HTTPS port + //httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? + //httpSpecificTimeout = false; // A HTTP Specific Timeout? + //httpTimeout = 0; // The HTTP Timeout (secs) + //configHTTPTimeout = i18n(""); // The text and commands to configure the timeout + httpLabel = i18n("*ABBREV*XML*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*Secure XML*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + //httpSpecificHost = false; // Does HTTP have its own access list? + //httpHostsRequired = false; // Is the host configuration required? + //configHTTPHostAccess = i18n(""); // How to configure HTTP Management hosts... + //httpsRedirectSupported = false; // Is HTTP redirected to HTTPS? + disableHTTP = i18n("The unsecure *ABBREV*XML*-ABBREV* service can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*restrict xml*-COMMAND**-CODE*"); // How to disable HTTP text... + configHTTPSSupport = i18n("The secure *ABBREV*XML*-ABBREV* service can be enabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*no restrict secure-xml*-COMMAND**-CODE*"); // How to configure HTTPS... + + // Device Specific... + userRestrictions = false; // The user database setting... + ciscoViewDeviceManager = false; // As it says... + sshdKeepAlives = true; // SSHD Keep Alive Messages... + sshServerKeyBits = 768; // The SSH Server Key bits... +} + + +int CiscoCSSAdministration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int tempInt = 0; + bool setting = false; + + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // SSHD... + if (strcmp(command->part(tempInt), "sshd") == 0) + { + tempInt++; + + if (strcmp(command->part(tempInt), "keepalive") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSHD Keep Alive Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + sshdKeepAlives = false; + } + + else if (strcmp(command->part(tempInt), "port") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSHD Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + sshPort = atoi(command->part(tempInt)); + else + sshPort = 22; + } + + else if (strcmp(command->part(tempInt), "server-keybits") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSHD Server Keybits Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + sshServerKeyBits = atoi(command->part(tempInt)); + else + sshServerKeyBits = 768; + } + + else if (strcmp(command->part(tempInt), "version") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSHD Version Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + { + if (strcmp(command->part(tempInt), "v1") == 0) + sshVersion = 1; + else + sshVersion = 2; + } + else + sshVersion = 0; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // Restrict lines... + else if (strcmp(command->part(tempInt), "restrict") == 0) + { + tempInt++; + + if (strcmp(command->part(tempInt), "telnet") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict Telnet Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + telnetEnabled = false; + else + telnetEnabled = true; + } + + else if (strcmp(command->part(tempInt), "ftp") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict FTP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + ftpEnabled = false; + else + ftpEnabled = true; + } + + else if (strcmp(command->part(tempInt), "console") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict Console Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + consoleEnabled = false; + else + consoleEnabled = true; + } + + else if (strcmp(command->part(tempInt), "ssh") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict SSH Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + sshEnabled = false; + else + sshEnabled = true; + } + + else if (strcmp(command->part(tempInt), "xml") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict XML Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + httpEnabled = false; + else + httpEnabled = true; + } + + else if (strcmp(command->part(tempInt), "secure-xml") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict Secure XML Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + httpsEnabled = false; + else + httpsEnabled = true; + } + + else if (strcmp(command->part(tempInt), "user-database") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict User Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + userRestrictions = false; + else + userRestrictions = true; + } + + else if (strcmp(command->part(tempInt), "web-mgmt") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict CiscoView Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + ciscoViewDeviceManager = false; + else + ciscoViewDeviceManager = true; + } + + // All others... + else + device->lineNotProcessed(line); + } + + else if ((strcmp(command->part(tempInt), "web-mgmt") == 0) && (strcmp(command->part(tempInt + 1), "state") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRestrict CiscoView Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + if (strcmp(command->part(tempInt), "disable") == 0) + ciscoViewDeviceManager = false; + else + ciscoViewDeviceManager = true; + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoCSSAdministration::processDefaults(Device *device) +{ + // SSH2 supported... + if ((ssh2Supported == false) && (device->general->versionMajor != 0)) + { + if ((device->general->versionMajor > 7) || ((device->general->versionMajor == 7) && (device->general->versionMinor > 49))) + ssh2Supported = true; + else + { + ssh2upgrade = true; + sshVersion = 1; + } + + // Default SSH Protocol... + if (((device->general->versionMajor < 7) || ((device->general->versionMajor == 7) && (device->general->versionMinor < 50))) && (sshVersion == 0)) + sshVersion = 1; + } + else + { + ssh2upgrade = true; + sshVersion = 1; + } + + // HTTPS supported... + if ((httpsSupported == false) && (device->general->versionMajor != 0)) + { + if ((device->general->versionMajor > 7) || ((device->general->versionMajor == 7) && (device->general->versionMinor > 29))) + httpsSupported = true; + else + httpsUpgrade = true; + } + else + httpsUpgrade = true; + + return 0; +} + + +int CiscoCSSAdministration::generateDeviceGeneralConfig(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + + // Add service to the services list... + configReportPointer = device->getConfigSection("CONFIG-SERVICES"); + paragraphPointer = device->getTableParagraphPointer("CONFIG-SERVICES-TABLE"); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*CVDM*-ABBREV* Service")); + if (ciscoViewDeviceManager == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + // Add general stuff... + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINGENERAL-TABLE"); + device->addTableData(paragraphPointer->table, i18n("User Administrative Restrictions")); + if (userRestrictions == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*CVDM*-ABBREV* Service")); + if (ciscoViewDeviceManager == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + return 0; +} + + +int CiscoCSSAdministration::generateDeviceSSHConfig(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + + // SSH table settings... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINSSH-TABLE"); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*SSH*-ABBREV* Server Key Length")); + tempString.assign(device->intToString(sshServerKeyBits)); + if (sshServerKeyBits == 1) + tempString.append(i18n(" bit")); + else + tempString.append(i18n(" bits")); + device->addTableData(paragraphPointer->table, tempString.c_str()); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*SSH*-ABBREV* Keep Alive Messages")); + if (sshdKeepAlives == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + return 0; +} + + +int CiscoCSSAdministration::generateSecuritySpecificReport(Device *device) +{ + // Variables... + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + + if ((userRestrictions == false) && ((telnetEnabled == true) || (sshEnabled == true))) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] User Administrative Restrictions Disabled\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("User Administrative Restrictions Disabled")); + securityIssuePointer->reference.assign("CSS.ADMIREST.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*DEVICETYPE* devices support the configuration of different levels of user. This helps to prevent unauthorised users from modifying the devices configuration. *DEVICETYPE* devices have a *COMMAND*user-database*-COMMAND* setting that can restrict users from making some significant changes to the configuration of *DEVICENAME*. By default, users are allowed to make the changes.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that the users had not been restricted with the *COMMAND*user-database*-COMMAND* setting on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 8; // HIGH + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("A malicious user would not be prevented from creating or modifying usernames on *DEVICENAME*. Furthermore, without any restrictions the user would be able to clear the running-config.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + securityIssuePointer->easeRating = 3; // MODERATE + paragraphPointer->paragraph.assign(i18n("In order for an attacker to exploit this issue the attacker would require access to *DEVICENAME* as a user. The attacker would therefore require authentication credentials and access to an administrative service.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 1; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that *DEVICENAME* should be reconfigured to prevent the devices users from clearing the running-config or creating/modifying usernames. The access restrictions can be modified to prevent all but Administrator and Technician users from performing those tasks. This can be done with the following command:*CODE**COMMAND*restrict user-database*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("user administrative restrictions were disabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Restrict users from performing administrative tasks.")); + } + + + if ((sshdKeepAlives == false) && (sshEnabled == true)) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] SSH Keep Alive Messages Disabled\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("*ABBREV*SSH*-ABBREV* Keep Alive Messages Disabled")); + securityIssuePointer->reference.assign("CSS.ADMISSHK.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("The *ABBREV*SSH*-ABBREV* service on *DEVICETYPE* devices supports the sending of \"keep alive\" messages. These messages are sent to determine if a connection to the service has become orphaned, the resources can then be freed for any broken connections.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*DEVICETYPE* devices send \"keep alive\" by default for connections to the *ABBREV*SSH*-ABBREV* service. However, *COMPANY* determined that the sending of \"keep alive\" messages had been disabled on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 5; // MEDIUM + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker could perform a *ABBREV*DoS*-ABBREV* attack on the *ABBREV*SSH*-ABBREV* service by repeatedly opening connections until no more connections are possible.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + securityIssuePointer->easeRating = 6; // EASY + paragraphPointer->paragraph.assign(i18n("Tools are available on the Internet that are capable of opening large numbers of connections to cause a *ABBREV*DoS*-ABBREV* attack.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 1; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that *ABBREV*SSH*-ABBREV* service \"keep alive\" messages are enabled on *DEVICENAME*. This can be configured with the following command:*CODE**COMMAND*sshd keepalive*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("*ABBREV*SSH*-ABBREV* service \"keep alive\" messages were disabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Enable the sending of *ABBREV*SSH*-ABBREV* service \"keep alive\" messages.")); + } + + return 0; +} diff --git a/libnipper-0.12.6/Cisco-CSS/administration.h b/libnipper-0.12.6/Cisco-CSS/administration.h new file mode 100644 index 0000000..955e50a --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/administration.h @@ -0,0 +1,60 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoCSSAdministration_H +#define device_CiscoCSSAdministration_H + + +#include "../device/administration/administration.h" + + +class CiscoCSSAdministration : public Administration +{ + public: + + CiscoCSSAdministration(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int generateDeviceGeneralConfig(Device *device); // A device specific config report output + virtual int generateSecuritySpecificReport(Device *device); + virtual int generateDeviceSSHConfig(Device *device); + + // Custom settings... + bool userRestrictions; // The user database setting... + bool ciscoViewDeviceManager; // As it says... + bool sshdKeepAlives; // SSHD Keep Alive Messages... + int sshServerKeyBits; // The SSH Server Key bits... +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-CSS/authentication.cpp b/libnipper-0.12.6/Cisco-CSS/authentication.cpp new file mode 100644 index 0000000..c13e1de --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/authentication.cpp @@ -0,0 +1,387 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "authentication.h" +#include "../device/common/configline.h" + + +CiscoCSSAuthentication::CiscoCSSAuthentication() +{ + // General... + authenticationConfigIntro = i18n("This section describes the various *DEVICETYPE* device authentication settings."); // Introduction text to the whole section + loginAttemptsSupported = false; // Login attempts supported + loginAttempts = 0; // Login attempts allowed (0 = infinite) + accessWithoutAuthentication = false; // Set to true if access is allowed without authentication + configAccessAuthentication = ""; // The text and commands to configure access authentication with a password + + // Authentication Methods... + authMethodSupported = true; // Authentication Method Supported + appliesToSupported = true; // Applies To Supported + namedAuthSupport = false; // Are auth servers named? + showAuthLevel = false; // Show auth level + + // Local User Options... + encryptionSupported = false; // Show encryption + readOnlySupported = false; // Is read only supported? + outboundACLSupported = false; // Are outbound filtering ACL supported? + privilegeLevelSupported = false; // Are privilege levels supported? + privilegeLevelText = i18n("Privilege Level"); // The table title privilege level text + configDeviceSpecificLocalUsers = ""; // Text for the config report local user section. + filterText = i18n("*ABBREV*ACL*-ABBREV*"); // The table filter column title text + + // TACACS Options... + showTacacsGroupName = false; // Show the TACACS group + showTacacsRetries = false; // Show the TACACS retries + configTacacsKey = i18n("*ABBREV*TACACS+*-ABBREV* encryption keys can be configured on *DEVICETYPE* devices with the following command:*CODE**COMMAND*tacacs-server key *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a TACACS+ key + + // RADIUS Options... + showRadiusGroupName = false; // Show the RADIUS group + configRadiusKey = i18n("*ABBREV*RADIUS*-ABBREV* encryption keys can be configured on *DEVICETYPE* devices with the following command:*CODE**COMMAND*radius-server *CMDOPTION*primary *CMDOR* secondary*-CMDOPTION* *CMDUSER*address*-CMDUSER* secret *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a RADIUS key + + // KERBEROS Options... + showKerberosGroupName = false; // Show the KERBEROS group + showKerberosTimeout = false; // Show Kerberos timeout + showKerberosRetries = false; // Show Kerberos retries + + // LDAP Options... + showLDAPGroupName = false; // Show the LDAP group + showLDAPPassword = false; // Show LDAP password + configLDAPPassword = i18n(""); // The text and commands to configure an LDAP server password + + // SecurID Options... + showSecurIDGroupName = false; // Show the SecurID group + showSecurIDDuress = false; // Show the SecurID Duress + showSecurIDEncryption = false; // Show the SecurID Encryption + + // NT Options... + showNTGroupName = false; // Show the NT group + + + tacacsTimeout = 5; + radiusRetransmit = 3; + radiusTimeout = 10; +} + + +int CiscoCSSAuthentication::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + authConfig *authPointer = 0; + authConfig *previousPointer = 0; + tacacsServerConfig *tacacsPointer = 0; + radiusServerConfig *radiusPointer = 0; + int tempInt = 0; + int errorCode = 0; + bool found = false; + + // Virtual... + if ((strcmp(command->part(0), "virtual") == 0) && (strcmp(command->part(1), "authentication") == 0) && (strcmp(command->part(3), "disallowed") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sVirtual Authentication Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if ((strcmp(command->part(1), "primary") == 0) && (authMethods != 0)) + { + previousPointer = 0; + authPointer = authMethods; + while ((authPointer != 0) && (found == false)) + { + if (authPointer->appliesTo.compare(i18n("Virtual")) == 0) + { + found = true; + if (previousPointer == 0) + { + previousPointer = new (authConfig); + previousPointer->next = authMethods; + authPointer = previousPointer; + } + else + { + previousPointer->next = new (authConfig); + previousPointer->next->next = authPointer; + authPointer = previousPointer->next; + } + } + else + { + previousPointer = authPointer; + authPointer = authPointer->next; + } + } + } + else + { + authPointer = addMethod(); + } + authPointer->appliesTo.assign(i18n("Virtual")); + if (strcmp(command->part(2), "local") == 0) + authPointer->method = localAuth; + else if (strcmp(command->part(2), "tacacs") == 0) + authPointer->method = tacacsAuth; + else if (strcmp(command->part(2), "radius") == 0) + authPointer->method = radiusAuth; + } + + // Console... + if ((strcmp(command->part(0), "console") == 0) && (strcmp(command->part(1), "authentication") == 0) && (strcmp(command->part(3), "disallowed") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole Authentication Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if ((strcmp(command->part(1), "primary") == 0) && (authMethods != 0)) + { + previousPointer = 0; + authPointer = authMethods; + while ((authPointer != 0) && (found == false)) + { + if (authPointer->appliesTo.compare(i18n("Console")) == 0) + { + found = true; + if (previousPointer == 0) + { + previousPointer = new (authConfig); + previousPointer->next = authMethods; + authPointer = previousPointer; + } + else + { + previousPointer->next = new (authConfig); + previousPointer->next->next = authPointer; + authPointer = previousPointer->next; + } + } + else + { + previousPointer = authPointer; + authPointer = authPointer->next; + } + } + } + else + { + authPointer = addMethod(); + } + authPointer->appliesTo.assign(i18n("Console")); + if (strcmp(command->part(2), "local") == 0) + authPointer->method = localAuth; + else if (strcmp(command->part(2), "tacacs") == 0) + authPointer->method = tacacsAuth; + else if (strcmp(command->part(2), "radius") == 0) + authPointer->method = radiusAuth; + } + + // tacacs-server... + else if (strcmp(command->part(0), "tacacs-server") == 0) + { + + if (strcmp(command->part(1), "key") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Key Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsKey.assign(command->part(2)); + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + if (tacacsPointer->key.empty()) + tacacsPointer->key.assign(tacacsKey); + tacacsPointer = tacacsPointer->next; + } + } + + else if (strcmp(command->part(1), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsTimeout = atoi(command->part(2)); + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + tacacsPointer->timeout = tacacsTimeout; + tacacsPointer = tacacsPointer->next; + } + } + + else if ((strcmp(command->part(1), "account") != 0) && (strcmp(command->part(1), "authorize") != 0) && (strcmp(command->part(1), "frequency") != 0) && (strcmp(command->part(1), "send-full-command") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = addTacacsServer(); + tacacsPointer->encryption = desEncryption; + tacacsPointer->address.assign(command->part(1)); + tacacsPointer->port = atoi(command->part(2)); + tacacsPointer->description.assign(i18n("Backup")); + tempInt = atoi(command->part(3)); + if ((tempInt != 0) || (strcmp(command->part(3), "0") == 0)) + { + tacacsPointer->timeout = tempInt; + tempInt = 4; + } + else + { + tacacsPointer->timeout = tacacsTimeout; + tempInt = 3; + } + tacacsPointer->key.assign(tacacsKey); + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "primary") == 0) + tacacsPointer->description.assign(i18n("Primary")); + else if (strcmp(command->part(tempInt), "frequency") == 0) + tempInt++; + else + tacacsPointer->key.assign(command->part(tempInt)); + tempInt++; + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + + // radius-server... + if (strcmp(command->part(0), "radius-server") == 0) + { + + if (strcmp(command->part(1), "retransmit") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Retransmit Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusRetransmit = atoi(command->part(2)); + radiusPointer = radiusServer; + while (radiusPointer != 0) + { + radiusPointer->retries = radiusRetransmit; + radiusPointer = radiusPointer->next; + } + } + + else if (strcmp(command->part(1), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusTimeout = atoi(command->part(2)); + radiusPointer = radiusServer; + while (radiusPointer != 0) + { + radiusPointer->timeout = radiusTimeout; + radiusPointer = radiusPointer->next; + } + } + + else if (strcmp(command->part(1), "primary") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Primary Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = addRadiusServer(); + radiusPointer->timeout = radiusTimeout; + radiusPointer->retries = radiusRetransmit; + radiusPointer->description.assign(i18n("Primary")); + radiusPointer->address.assign(command->part(2)); + radiusPointer->key.assign(command->part(4)); + if (command->parts == 7) + radiusPointer->port = atoi(command->part(6)); + } + + else if (strcmp(command->part(1), "secondary") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Secondary Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = addRadiusServer(); + radiusPointer->timeout = radiusTimeout; + radiusPointer->retries = radiusRetransmit; + radiusPointer->description.assign(i18n("Secondary")); + radiusPointer->address.assign(command->part(2)); + radiusPointer->key.assign(command->part(4)); + if (command->parts == 7) + radiusPointer->port = atoi(command->part(6)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return errorCode; +} + + +int CiscoCSSAuthentication::processDefaults(Device *device) +{ + // Variables... + authConfig *authPointer = 0; + bool foundConsole = false; + bool foundVirtual = false; + + authPointer = authMethods; + while (authPointer != 0) + { + if (authPointer->appliesTo.compare(i18n("Virtual")) == 0) + foundVirtual = true; + else if (authPointer->appliesTo.compare(i18n("Console")) == 0) + foundConsole = true; + authPointer = authPointer->next; + } + + if (foundConsole == false) + { + authPointer = addMethod(); + authPointer->appliesTo.assign(i18n("Console")); + authPointer->method = localAuth; + } + + if (foundVirtual == false) + { + authPointer = addMethod(); + authPointer->appliesTo.assign(i18n("Virtual")); + authPointer->method = localAuth; + } + + return 0; +} diff --git a/libnipper-0.12.6/Cisco-CSS/authentication.h b/libnipper-0.12.6/Cisco-CSS/authentication.h new file mode 100644 index 0000000..549d4ca --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/authentication.h @@ -0,0 +1,60 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoCSSauthentication_H +#define CiscoCSSauthentication_H + + +#include "../device/authentication/authentication.h" + + +class CiscoCSSAuthentication : public Authentication +{ + public: + + CiscoCSSAuthentication(); + + + // ----------------------------------------------------------------------- + // Standard Device Class Methods... + // ----------------------------------------------------------------------- + + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + + private: + int tacacsTimeout; + string tacacsKey; + int radiusRetransmit; + int radiusTimeout; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-CSS/banner.cpp b/libnipper-0.12.6/Cisco-CSS/banner.cpp new file mode 100644 index 0000000..1e37f93 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/banner.cpp @@ -0,0 +1,69 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "banner.h" + +CiscoCSSBanner::CiscoCSSBanner() +{ + // Banner settings... + preLogonBanner = true; // Support Banner(s) Before Logon? + configPreLogonBanner = i18n("On *DEVICETYPE* devices, a banner message must be created with a text editor and then the file transfered to the script directory on the device. Once the banner message file is on the device, it can be configured with the following command:*CODE**COMMAND*prelogin-banner \"*CMDUSER*filename*-CMDUSER*\"*-COMMAND**-CODE*"); // The text that explains how to config a prelogon banner, with commands... +} + + +int CiscoCSSBanner::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + bannerStruct *bannerPointer = 0; + + if (device->config->reportFormat == Config::Debug) + printf("%sBanner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(0), "no") != true) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->bannerFile = true; + bannerPointer->connectionType = anyConnection; + bannerPointer->name.assign("PreLogin"); + bannerPointer->description.assign(i18n("The Pre-Login banner message is presented to a user before they logon to the *DEVICETYPE* device.")); + bannerPointer->filename.assign(command->part(1)); + } + + return 0; +} + + diff --git a/libnipper-0.12.6/Cisco-CSS/banner.h b/libnipper-0.12.6/Cisco-CSS/banner.h new file mode 100644 index 0000000..cc1b7be --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/banner.h @@ -0,0 +1,48 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoCSSBanner_H +#define device_CiscoCSSBanner_H + + +#include "../device/banner/banner.h" + + +class CiscoCSSBanner : public Banner +{ + public: + CiscoCSSBanner(); + + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-CSS/device.cpp b/libnipper-0.12.6/Cisco-CSS/device.cpp new file mode 100644 index 0000000..ca88e25 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/device.cpp @@ -0,0 +1,235 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" +#include "administration.h" +#include "banner.h" +#include "snmp.h" +#include "dns.h" +#include "filter.h" +#include "authentication.h" +#include "interfaces.h" + + +CiscoCSSDevice::CiscoCSSDevice() +{ + deviceMake = "Cisco"; + deviceType = "*ABBREV*CSS*-ABBREV*"; + deviceOS = "*ABBREV*CSS*-ABBREV* *ABBREV*OS*-ABBREV*"; + + general = new (CiscoCSSGeneral); + administration = new (CiscoCSSAdministration); + banner = new (CiscoCSSBanner); + snmp = new (CiscoCSSSNMP); + dns = new (CiscoCSSDNS); + filter = new (CiscoCSSFilter); + authentication = new (CiscoCSSAuthentication); + interfaces = new (CiscoCSSInterfaces); +} + + +CiscoCSSDevice::~CiscoCSSDevice() +{ + delete general; + delete administration; + delete banner; + delete snmp; + delete dns; + delete filter; + delete authentication; + delete interfaces; +} + + +int CiscoCSSDevice::processDevice() +{ + // Variables... + char line[1024]; + int tempInt = 0; + bool setting = true; + bool deviceOk = false; + ConfigLine command; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (strcmp(command.part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Version (in general)... + if ((strcmp(command.part(0), "!Active") == 0) && (strcmp(command.part(1), "version:") == 0)) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Potential hostname... + else if ((command.part(0)[strlen(command.part(0)) - 1] == '#') && (strncmp(command.part(1), "sh", 2) == 0) && (strncmp(command.part(2), "run", 3) == 0)) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SNMP... + else if (strcmp(command.part(tempInt), "snmp") == 0) + { + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + tempInt++; + if (strcmp(command.part(tempInt), "name") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + } + else if ((strcmp(command.part(tempInt), "restrict") == 0) && (strcmp(command.part(tempInt + 1), "snmp") == 0)) + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Restrict other things... + else if (strcmp(command.part(tempInt), "restrict") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Interfaces... + else if (strcmp(command.part(tempInt), "interface") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Circuites... + else if (strcmp(command.part(tempInt), "circuit") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SSHD... + else if (strcmp(command.part(tempInt), "sshd") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Web-mgmt... + else if (strcmp(command.part(tempInt), "web-mgmt") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // ACL... + else if (strcmp(command.part(tempInt), "acl") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // NQL... + else if (strcmp(command.part(tempInt), "nql") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Banner... + else if (strcmp(command.part(tempInt), "prelogin-banner") == 0) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // DNS... + else if (strcmp(command.part(tempInt), "dns") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // DNS Records... + else if (strcmp(command.part(tempInt), "dns-record") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // DNS Server... + else if (strcmp(command.part(tempInt), "dns-server") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // TACACS+... + else if (strcmp(command.part(tempInt), "tacacs-server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // RADIUS... + else if (strcmp(command.part(tempInt), "radius-server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Virtual... + else if (strcmp(command.part(tempInt), "virtual") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Console... + else if (strcmp(command.part(tempInt), "console") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Core Dumps... + else if (strcmp(command.part(tempInt), "dump") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + else if (strncmp(line, "!*************************** GLOBAL ***************************", 63) == 0) + deviceOk = true; + + // All others... + else + lineNotProcessed(line); + } + + if ((deviceOk == false) && (config->deviceTypeChecks == true)) + return libnipper_error_wrongdevice; + + return 0; +} + + +bool CiscoCSSDevice::isDeviceType() +{ + // Variables... + char line[1024]; + bool found = false; + int count = 0; + int returnCode = 0; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (found == false) && (count < 15)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + if (strncmp(line, "!*************************** GLOBAL ***************************", 63) == 0) + found = true; + + count++; + } + fclose(inputFile); + + return found; +} + diff --git a/libnipper-0.12.6/Cisco-CSS/device.h b/libnipper-0.12.6/Cisco-CSS/device.h new file mode 100644 index 0000000..03dbe3e --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/device.h @@ -0,0 +1,51 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoCSS_H +#define device_CiscoCSS_H + + +#include "../device/device.h" + +class CiscoCSSGeneral; + +class CiscoCSSDevice : public Device +{ + public: + CiscoCSSDevice(); + ~CiscoCSSDevice(); + + int processDevice(); + bool isDeviceType(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-CSS/dns.cpp b/libnipper-0.12.6/Cisco-CSS/dns.cpp new file mode 100644 index 0000000..97406fb --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/dns.cpp @@ -0,0 +1,174 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "dns.h" + + +CiscoCSSDNS::CiscoCSSDNS() +{ + nameMappingConfig = i18n("*DEVICETYPE* devices have can be configured to act as a *ABBREV*DNS*-ABBREV* server and perform name lookups. This section details the domain naming settings."); // The text paragraph in the config section + + // Host configuration + showInterface = false; // Are interfaces supported? + + // DNS Client Settings + dnsClientSupported = true; // DNS Client Supported? + dnsLookupEnabled = false; // DNS lookups enabled? + disableLookup = "*ABBREV*DNS*-ABBREV* server name lookups can be disabled on *DEVICETYPE* devices by removing all *ABBREV*DNS*-ABBREV* servers from the configuration. This can be done with the following command:*CODE**COMMAND*no dns *CMDREQUIRE*primary *CMDOR* secondary*-CMDREQUIRE**-COMMAND**-CODE*"; // The text and commands to disable DNS lookup + dnsRetries = 0; // DNS lookup retries + dnsRetriesSupported = false; // DNS lookup retries Supported? + dnsTimeout = 0; // DNS timeout + dnsTimeoutSupported = false; // DNS timeout Supported? + + // DNS Server Options... + dnsRecordKeepAliveSupported = true; // Is the DNS keep Alive message type supported? + returnRecordsSupported = true; // Is the single/multiple record field supported? + dynamicDNSSupported = false; // Is Dynamic DNS Supported? + dnsServerSupported = true; // Is DNS Server Supported? + dnsServiceEnabled = false; // Is the DNS service enabled? + dynamicDNSEnabled = false; // Is dynamic DNS enabled? + dnsProxySupported = false; // Is DNS Proxy Server Supported? + dnsProxyEnabled = false; // Is the DNS Proxy service enabled? + dnsPort = 53; // DNS Server Port +} + + +int CiscoCSSDNS::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + dnsConfig *dnsPointer = 0; + dnsRecordConfig *recordPointer = 0; + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // DNS servers... + if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "suffix") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + { + dnsPointer = addDNSServer(command->part(tempInt + 1)); + dnsPointer->description.assign(command->part(tempInt)); + } + } + + // DNS domain... + else if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "suffix") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Domain Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + + if (setting == true) + { + dnsDomain.assign(command->part(tempInt)); + } + } + + // DNS Records... + else if ((strcmp(command->part(tempInt), "dns-record") == 0) && (strcmp(command->part(tempInt + 1), "zero") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Record Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + { + recordPointer = addDNSRecord(); + recordPointer->recordType.assign(command->part(tempInt)); + tempInt++; + recordPointer->name.assign(command->part(tempInt)); + tempInt++; + recordPointer->address.assign(command->part(tempInt)); + tempInt++; + recordPointer->keepAlive.assign("0"); + recordPointer->singleRecord = true; + if (command->parts > tempInt) + { + recordPointer->keepAlive.assign(command->part(tempInt)); + tempInt++; + if (command->parts > tempInt) + { + if (strcmp(command->part(tempInt), "multiple") == 0) + recordPointer->singleRecord = false; + } + } + } + } + + // DNS server forwarders... + else if ((strcmp(command->part(tempInt), "dns-server") == 0) && (strcmp(command->part(tempInt + 1), "forwarder") == 0) && (strcmp(command->part(tempInt + 2), "zero") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Forwarder Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt +=2; + + if (setting == true) + { + dnsPointer = addForwarder(command->part(tempInt + 1)); + dnsPointer->description.assign(command->part(tempInt)); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoCSSDNS::processDefaults(Device *device) +{ + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-CSS/dns.h b/libnipper-0.12.6/Cisco-CSS/dns.h new file mode 100644 index 0000000..aff44f0 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/dns.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoCSSDNS_H +#define CiscoCSSDNS_H + + +#include "../device/dns/dns.h" + + +class CiscoCSSDNS : public DNS +{ + public: + + CiscoCSSDNS(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-CSS/filter.cpp b/libnipper-0.12.6/Cisco-CSS/filter.cpp new file mode 100644 index 0000000..93adf56 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/filter.cpp @@ -0,0 +1,620 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../device/common/configline.h" +#include "../globaldefs.h" +#include "device.h" +#include "filter.h" +#include "interfaces.h" + + +CiscoCSSFilter::CiscoCSSFilter() +{ + // Object options... + networkObjectName = i18n("Network Objects"); // The name for the object (used in config report) + networkObjectDescription = i18n(""); // The description for the object (config report) + protocolObjectName = i18n("Protocol Objects"); // The name for the object (used in config report) + protocolObjectDescription = i18n(""); // The description for the object (config report) + icmpObjectName = i18n("*ABBREV*ICMP*-ABBREV* Objects"); // The name for the object (used in config report) + icmpObjectDescription = i18n(""); // The description for the object (config report) + serviceObjectName = i18n("Service Objects"); // The name for the object (used in config report) + serviceObjectDescription = i18n(""); // The description for the object (config report) + + // Filter device options... + denyAllAndLogDefault = false; // Does it deny all and log by default? + defaultFilterActionSupported = false; // Default action supported on the device + allowByDefault = false; // Allow by default? + defaultActionIsAllow = false; // Is the default action to allow + logLevelsSupported = false; // Are log Levels supported + logOnlyDenySupported = false; // Is only Deny rule logging supported + noAccessWithoutFilters = false; // Is access not granted if no filters are configured + filterSupportsInstalled = false; // If filtering supports installed (i.e. CheckPoint) + filterSupportsThrough = false; // If a filtering supports through (i.e. CheckPoint) + rejectRulesSupported = false; // If reject rules are supported + bypassRulesSupported = true; // If bypass rules are supported + defaultRulesSupported = false; // If default rules are supported + ruleListsAreAssigned = true; // Rule lists are assigned to specific elements + allowName = i18n("Permit"); // The name given to an allowed filter + denyName = i18n("Deny"); // The name given to a denied filter + rejectName = i18n("Reject"); // The name given to a rejected filter + filterConfigTitle = i18n("*ABBREV*ACL*-ABBREV* Configuration"); // The Title for the configuration report section + filterConfigText = i18n("This section details the configuration of the network filtering *ABBREV*ACL*-ABBREV* on *DEVICENAME*."); // The device specific configuration report section text + filterConfigText2 = i18n(""); // The device specific configuration report section text2 + useFilterID = true; // Use the filter ID to identify a filter (otherwise a line no. is used) + filterIDTitle = i18n("Clause"); // The title for the filter ID/line no. table column + filterListName = i18n("*ABBREV*ACL*-ABBREV*"); // The name of the filter list, for use in text paragraphs + filterListNameTitle = i18n("*ABBREV*ACL*-ABBREV*"); // The name of the filter list, for use in titles + filterListNamePlaural = i18n("*ABBREV*ACLs*-ABBREV*"); // The name of the filter list, for use in text paragraphs + filterTitle = i18n("Clause"); // The name of a filter, for use in titles + filterTitlePlaural = i18n("Clauses"); // The name of a filter, for use in titles + filterName = i18n("clause"); // The name of a filter, for use use in text paragraph + filterNamePlaural = i18n("clauses"); // The name of a filter, for use use in text paragraph + + // Issue titles... + allowAndNotLogIssue = i18n("Not All Permit Clauses Log Access"); // The title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogTable = i18n("Permit clauses that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogConcl = i18n("not all permit clauses log access"); // The conclusions text for the "All Allow Rules Do Not Log" issue + allowAndNotLogReco = i18n("Configure logging for all clauses"); // The recommendations text for "All Allow Rules Do Not Log" (and deny) issue + denyAndNotLogIssue = i18n("Not All Deny Clauses Log Access"); // The title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogTable = i18n("Deny clauses that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogConcl = i18n("not all deny clauses log access"); // The conclusions text for the "All Allow Rules Do Not Log" issue + configRuleLogging = i18n("A clause can be configured with logging on *DEVICETYPE* devices with the following command:*CODE**COMMAND*clause *CMDUSER*number*-CMDUSER* log enable *CMDREQUIRE*permit *CMDOR* deny*-CMDREQUIRE* *CMDUSER*source*-CMDUSER* detination *CMDUSER*destination*-CMDUSER**-COMMAND**-CODE*"); // The text describing how to configure logging for filter rules + noFilteringIssue = i18n("No *ABBREV*ACLs*-ABBREV* Were Configured");// The title text for the "No filtering" issue + noFilteringRec = i18n("Configure *ABBREV*ACLs*-ABBREV* to restict access"); // The title text for the "No filtering" recommendation + noFilteringCon = i18n("no *ABBREV*ACLs*-ABBREV* were configured"); // The title text for the "No filtering" conclusion + legacyIssueFinding = i18n(""); // The finding for the legacy issue + legacyIssueImpact = i18n(""); // The impact for the legacy issue + legacyIssueEase = i18n(""); // The ease for the legacy issue + legacyIssueRec = i18n(""); // The recommendation for the legacy issue + allowAnythingTable = i18n("Clauses permit any access"); // The allow anything table title text + allowWeakTable = i18n("Clauses provide weak filtering"); // Weak source/service/destination/service table title text + allowAnyAnyAnyTable = i18n("Clauses permit any host to access any destination and service"); // The allow any source, destination and service table title text + allowWeakWeakWeakTable = i18n("Clauses provide weak filtering of source, destination and service"); // The allow weak source, destination and service table title text + allowAnyServiceAnyTable = i18n("Clauses allow any source port to any destination and service"); // The allow any source port, destination and service table title text + allowWeakServiceAnyTable = i18n("Clauses provide weak filtering of source port to destination and service"); // The allow weak source, destination and service table title text + allowAnyAnyTable = i18n("Clauses permit any source to any destination"); // The allow any source, destination table title text + allowAnyAnyServiceTable = i18n("Clauses permit any source to any destination service"); // The allow any source, destination service table title text + allowAnyDestServiceTable = i18n("Clauses permit any destination and service"); // The allow any destination and service table title text + allowAnyPortDestTable = i18n("Clauses permit any source port to any destination address"); // The allow any source port to any destination table title text + allowAnyPortServiceTable = i18n("Clauses permit any source port to any destination service"); // The allow any source port to any dest service table title text + allowWeakWeakTable = i18n("Clauses permit weak filtering of source and destination addresses"); // The allow weak source, destination addresses + allowWeakWeakServiceTable = i18n("Clauses permit weak source addresses and destination services"); // The allow weak source, destination service table title text + allowDestAndServiceTable = i18n("Clauses permit weak destination addresses and services");// The allow weak destination and service table title text + allowWeakPortDestTable = i18n("Clauses permit weak source ports and destination"); // The allow weak source port to Destination table title text + allowWeakPortServiceTable = i18n("Clauses permit weak source ports and destination services"); // The allow weak source port to service table title text + allowAnySourceTable = i18n("Clauses permit from any source address"); // The allow any source address table title text + allowNetSourceTable = i18n("Clauses permit from a network source address"); // The allow a network source address table title text + allowAnyPortTable = i18n("Clauses permit from any source port"); // The allow any source port table title text + allowRangePortTable = i18n("Clauses permit from a source port range"); // The allow range source port table title text + allowAnyDestTable = i18n("Clauses permit to any destination"); // The allow any destination table title text + allowNetDestTable = i18n("Clauses permit to a network destination"); // The allow a network destination table title text + allowToAnyDestServiceTable = i18n("Clauses permit to any destination service"); // The allow any destination service table title text + allowToNetDestServiceTable = i18n("Clauses permit to a destination service range"); // The allow a destination service range table title text + bypassContentFilterCon = i18n("Clauses were configured that bypass the content filtering"); // Bypass filter conclusion text + bypassContentFilterRec = i18n("Connfigure clauses that do not bypass the content filtering"); // Bypass filter recommendation text + defaultFilterCon = i18n("Clauses were configured that default to the ports filtering action"); // Default filter conclusion text + defaultFilterRec = i18n("Configure clauses that do not default to the ports filtering action"); // Default filter recommendation text + rejectSecurityIssueTitle = i18n("Reject Clauses Were Configured"); // Reject filter title text + securityRejectTextCon = i18n("Clauses were configured that reject network traffic"); // Reject filter conclusion text + securityRejectTextRec = i18n("Configure clauses to deny rather than reject network traffic"); // Reject filter recommendation text + clearTextServiceCon = i18n("Clauses were configured that permit access to clear text protocol services"); // Clear Text Service conclusions text + clearTextServiceRec = i18n("Configure clauses to deny access to any clear text protocol services"); // Clear Text Service recommendations text2 + configureFilterListRecIssueText = i18n("An *ABBREV*ACL*-ABBREV* can be configured with the following command:*CODE**COMMAND*acl *CMDUSER*index*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a filter list + configureFilterRecIssueText = i18n("A clause can be configured on *DEVICETYPE* devices with the following command:*CODE**COMMAND*clause *CMDUSER*number*-CMDUSER* *CMDREQUIRE*permit *CMDOR* deny*-CMDREQUIRE* *CMDUSER*protocol*-CMDUSER* *CMDUSER*source*-CMDUSER* detination *CMDUSER*destination*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a filter + unnecessaryServiceCon = i18n("Clauses were configured that permit access to potentially unnecessary services"); // Unnecessary Service conclusions text + unnecessaryServiceRec = i18n("Configure clauses to deny access to any unnecessary services"); // Unnecessary Service recommendations text2 + filtersWithNoCommentsTitle = i18n("Not All Clauses Include Comments"); // Filters with no comments title text + noFilterCommentsCon = i18n("not all clauses include comment text indicating their purpose"); // The no comments conclusion text + noFilterCommentsRec = i18n("Configure comment text for all clauses"); // The no comments recommendation text + configureFilterCommentText = i18n(""); // The text and commands to configure a filters comment text + disabledFiltersTitle = i18n("Disabled Clauses Were Configured"); // The disabled filter issues title text + removeFilterText = i18n("A disabled clause can be removed with the following command:*CODE**COMMAND*no clause *CMDUSER*number*-CMDUSER**-COMMAND**-CODE*"); // The commands and text to delete a filter + disabledFilterCon = i18n("disabled clauses were configured"); // The disabled filter conclusion text + disabledFilterRec = i18n("Remove all disabled clauses"); // The disabled filter recommendation text + defaultActionIssueTitle = i18n("The Default Network Filtering Action Permits Access"); // The default filter action issue title + defaultActionIssueCon = i18n("the default *ABBREV*ACL*-ABBREV* action was configured to permit access when a clause does not match"); // The default filter action conclusion text + defaultActionIssueRec = i18n("Set the default *ABBREV*ACL*-ABBREV* action to deny network traffic"); // The default filter action recommendation text + configureDefaultActionText = i18n(""); // The text and commands to configure the default action + unusedFiltersIssueTitle = i18n("Unused Clauses Were Configured At The *ABBREV*ACLs*-ABBREV* End"); // Unused filters at the end of the filter list title + unusedFiltersIssueCon = i18n("unused clauses were configured at the end of the *ABBREV*ACLs*-ABBREV*"); // Unused filters issue conclusions text + unusedFiltersIssueRec = i18n("Remove all unused clauses"); // Unused filters issue recommendation text + denyAllLogIssueTitle = i18n("*ABBREV*ACL*-ABBREV* Does Not End with Deny All And Log"); // Deny All And Log Issue title + denyAllLogConfigure = i18n("A clause to deny everything and log can be added to a *ABBREV*ACL*-ABBREV* with the following command:*CODE**COMMAND*clause *CMDUSER*number*-CMDUSER* log enable deny any any detination any*-COMMAND**-CODE*"); // The text and commands to add a deny all and log line + denyAllLogIssueCon = i18n("not all *ABBREV*ACLs*-ABBREV* end with a deny all and log "); // The deny all and log conclusions text + denyAllLogIssueRec = i18n("Configure a deny all and log Clause as the last Clause in each *ABBREV*ACL*-ABBREV*"); // The deny all and log recommendations text + contradictIssueTitle = i18n("Contradicting Clauses Were Configured"); // The contradict issue title + contradictIssueTable = i18n("contradictions of clause"); // The contradict table issue title + contradictIssueCon = i18n("Clauses were configured that contradict other clauses"); // The contradict issue conclusion + contradictIssueRec = i18n("Reconfigure the clauses so they do not contradict other clause"); // The contradict issue recommendation + duplicateIssueTitle = i18n("Duplicate Clauses Were Configured"); // The duplicate/overlapping issue title + duplicateIssueTable = i18n("duplicates of clause"); // The duplicate/overlapping issue title + duplicateIssueCon = i18n("Clauses were configured that duplicate the configuration of other clauses"); // The duplicate/overlapping issue title + duplicateIssueRec = i18n("Reconfigure the clauses so that the rules do not duplicate other clauses"); // The duplicate/overlapping issue title +} + + +int CiscoCSSFilter::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + filterObjectConfig *filterObjectPointer = 0; + netObjectListConfig *objectListPointer = 0; + filterListConfig *filterListPointer = 0; + filterConfig *filterPointer = 0; + Interfaces::interfaceConfig *interfacePointer = 0; + Interfaces::interfaceListConfig *interfaceListPointer = 0; + fpos_t filePosition; + string tempString; + int tempInt = 0; + int protocolInt = 0; + + // If enabled/disable ... + if ((strcmp(command->part(1), "enable") == 0) || (strcmp(command->part(1), "disable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sACL Enabled/Disabled Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(1), "enable") == 0) + noAccessWithoutFilters = false; + else + noAccessWithoutFilters = true; + } + + // ACL... + else if (strcmp(command->part(0), "acl") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList(command->part(1)); + filterListPointer->type = i18n("*ABBREV*ACL*-ABBREV* Configuration"); // The filter list type name (used in the config report) + filterListPointer->typeDescription = i18n("*DEVICETYPE* device *ABBREV*ACL*-ABBREV* are sequential lists of permit, deny or bypass clauses that are applied to a *ABBREV*VLAN*-ABBREV* circuit. An *ABBREV*ACL*-ABBREV* is processed sequentially with the first clause that matches the incoming traffic applying. If the entire *ABBREV*ACL*-ABBREV* has been processed without a clause matching, then the traffic is denied by a hidden deny all rule. However, *ABBREV*ACL*-ABBREV* have to be enabled on *DEVICETYPE* otherwise all traffic will be permitted regardless of the *ABBREV*ACL*-ABBREV*. Once enabled, any *ABBREV*VLAN*-ABBREV* circuits without an*ABBREV*ACL*-ABBREV* applied will be denied by the hidden deny all rule."); // The filter list type description for the report (used in config report) + filterListPointer->legacyType = false; // Is the filter list a legacy type? + filterListPointer->sourceOnly = false; // The type of filter + filterListPointer->loggingSupport = true; // Does the filter list support logging + filterListPointer->supportsTime = false; // Filter support time (dest only) + filterListPointer->supportsFragments = false; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = false; // Filter support established (dest only) + filterListPointer->sourceServiceSupported = true; // If source services are supported + filterListPointer->disabledFilterSupport = false; // Is it possible to disable filters? + filterListPointer->filterCommentsSupported = false; // Are filter comments supported + filterListPointer->showProtocol = true; // Show the protocol? (some devices use a configured service) + filterListPointer->showFilterZones = false; // Does the filter use filter-based zones (i.e. SonicWALL) + filterListPointer->showStop = false; // Does the filter have a stop status (i.e. Passport devices) + filterListPointer->showFilterType = false; // Does the filter have a type (i.e. like on Passport devices) + filterListPointer->active = true; // Is the filter list used? (for CheckPoint devices) + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + + // Clause... + if (strcasecmp(command->part(0), "clause") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sClause Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer = addFilter(filterListPointer); + tempInt = 1; + + // number + filterPointer->id = atoi(command->part(tempInt)); + tempInt++; + + // Log? + if (strcasecmp(command->part(0), "log") == 0) + { + tempInt++; + if (strcasecmp(command->part(0), "enable") == 0) + filterPointer->log = true; + else + filterPointer->log = false; + tempInt++; + } + + // Action + if (strcasecmp(command->part(0), "bypass") == 0) + filterPointer->action = bypassAction; + else if (strcasecmp(command->part(0), "deny") == 0) + filterPointer->action = denyAction; + else + filterPointer->action = allowAction; + tempInt++; + + // Protocol + filterObjectPointer = addFilterObject(filterPointer, protocol); + if (strcasecmp(command->part(tempInt), "any") == 0) + filterObjectPointer->type = anyObject; + else + filterObjectPointer->type = protocolObject; + filterObjectPointer->serviceOper = serviceOperEqual; + protocolInt = atoi(command->part(tempInt)); + if ((protocolInt != 0) || (strcmp(command->part(tempInt), "0") == 0)) + filterObjectPointer->name.assign(device->getProtocol(protocolInt)); + else + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + + // Source + filterObjectPointer = addFilterObject(filterPointer, source); + filterObjectPointer->serviceOper = serviceOperEqual; + if (strcasecmp(command->part(tempInt), "nql") == 0) + { + tempInt++; + filterObjectPointer->type = groupObject; + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + } + else if (strcasecmp(command->part(tempInt), "any") == 0) + { + tempInt++; + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperAny; + filterObjectPointer->name.assign(i18n("Any")); + } + else + { + filterObjectPointer->type = hostObject; + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + if ((strcmp(command->part(tempInt), "destination") != 0) && (strcmp(command->part(tempInt), "range") != 0) && (strcmp(command->part(tempInt), "neq") != 0) && (strcmp(command->part(tempInt), "gt") != 0) && (strcmp(command->part(tempInt), "lt") != 0) && (strcmp(command->part(tempInt), "eq") != 0)) + { + filterObjectPointer->netmask.assign(command->part(tempInt)); + if (strcmp(filterObjectPointer->netmask.c_str(), "255.255.255.255") != 0) + filterObjectPointer->type = networkObject; + tempInt++; + } + } + + // Source port + if (strcmp(command->part(tempInt), "destination") != 0) + { + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->type = portObject; + + // Equal... + if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + + // Less than + else if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + } + + // Greater than + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + } + + // Not equal to... + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + } + + // Range + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + } + tempInt++; + } + + // destination + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destination); + filterObjectPointer->serviceOper = serviceOperEqual; + if (strcasecmp(command->part(tempInt), "nql") == 0) + { + tempInt++; + filterObjectPointer->type = groupObject; + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + } + else if (strcasecmp(command->part(tempInt), "any") == 0) + { + tempInt++; + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperAny; + filterObjectPointer->name.assign(i18n("Any")); + } + else + { + filterObjectPointer->type = hostObject; + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + if ((tempInt < command->parts) && (strcmp(command->part(tempInt), "prefer") != 0) && (strcmp(command->part(tempInt), "sourcegroup") != 0) && (strcmp(command->part(tempInt), "range") != 0) && (strcmp(command->part(tempInt), "neq") != 0) && (strcmp(command->part(tempInt), "gt") != 0) && (strcmp(command->part(tempInt), "lt") != 0) && (strcmp(command->part(tempInt), "eq") != 0)) + { + filterObjectPointer->netmask.assign(command->part(tempInt)); + if (strcmp(filterObjectPointer->netmask.c_str(), "255.255.255.255") != 0) + filterObjectPointer->type = networkObject; + tempInt++; + } + } + + // destination port + if ((strcmp(command->part(tempInt), "range") == 0) || (strcmp(command->part(tempInt), "neq") == 0) || (strcmp(command->part(tempInt), "gt") == 0) || (strcmp(command->part(tempInt), "lt") == 0) || (strcmp(command->part(tempInt), "eq") == 0)) + { + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->type = portObject; + + // Equal... + if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + + // Less than + else if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + } + + // Greater than + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + } + + // Not equal to... + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + } + + // Range + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + } + tempInt++; + } + } + + // Apply circuit + else if ((strcmp(command->part(0), "apply") == 0) && (strncmp(command->part(1), "circuit-(", 9) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sApply To Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfaceListPointer = device->interfaces->getInterfaceList("CIRCUIT"); + if ((interfaceListPointer != 0) && (filterListPointer != 0)) + { + tempString.assign(command->part(1) + 9); + tempString.resize(tempString.length() - 1); + interfacePointer = device->interfaces->getOnlyInterface(interfaceListPointer, tempString.c_str()); + if (interfacePointer != 0) + { + device->interfaces->addFilterList(interfacePointer, filterListPointer->name.c_str(), true); + } + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + + } + + // NQL... + else if (strcmp(command->part(0), "nql") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNQL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer = getObjectList(command->part(1)); + objectListPointer->title = i18n("*ABBREV*NQL*-ABBREV* Configuration"); // Pointer to the object name text + objectListPointer->description = i18n("*ABBREV*NQL*-ABBREV* are lists of *ABBREV*IP*-ABBREV* addresses and networks that are grouped together to ease administration. The *ABBREV*NQL*-ABBREV* can then be used in an *ABBREV*ACL*-ABBREV*."); // Pointer to the description text + objectListPointer->objectCommentSupported = false; // Enabled object comments + objectListPointer->protocolSupported = false; // Only applies if enhancedServiceObject is not the type + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + + // Description... + if (strcasecmp(command->part(0), "description") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNQL Description Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer->comment.assign(command->part(1)); + } + + // IP Address... + else if ((strcasecmp(command->part(0), "ip") == 0) && (strcasecmp(command->part(1), "address") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNQL IP Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterObjectPointer = addObject(objectListPointer); + filterObjectPointer->type = hostObject; + filterObjectPointer->serviceOper = serviceOperEqual; + + tempString.assign(command->part(2)); + if (tempString.find("/") == string::npos) + { + filterObjectPointer->name.assign(command->part(2)); + filterObjectPointer->netmask.assign(command->part(3)); + if (filterObjectPointer->netmask.compare("255.255.255.255") != 0) + filterObjectPointer->type = networkObject; + } + else + { + filterObjectPointer->name.assign(tempString.substr(0, tempString.find("/") - 1)); + filterObjectPointer->netmask.assign(device->cidrToNetmask(tempString.substr(tempString.find("/") + 1).c_str())); + if (filterObjectPointer->netmask.compare("255.255.255.255") != 0) + filterObjectPointer->type = networkObject; + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoCSSFilter::processDeviceSpecificDefaults(Device *device) +{ + if ((filterList == 0) && (noAccessWithoutFilters == false)) + filterConfigText2 = i18n("No *ABBREV*ACL*-ABBREV* have been configured on *DEVICENAME* and *ABBREV*ACL*-ABBREV* processing is disabled, so all network traffic will be permitted."); + else if ((filterList != 0) && (noAccessWithoutFilters == false)) + filterConfigText2 = i18n("Although *ABBREV*ACL*-ABBREV* have been configured on *DEVICENAME*, *ABBREV*ACL*-ABBREV* processing is disabled, so all network traffic will be permitted regardless."); + else if ((filterList == 0) && (noAccessWithoutFilters == true)) + filterConfigText2 = i18n("No *ABBREV*ACL*-ABBREV* have been configured on *DEVICENAME* and *ABBREV*ACL*-ABBREV* processing is enabled, so all network traffic will be denied."); + else + filterConfigText2 = i18n("*ABBREV*ACL*-ABBREV* processing is enabled on *DEVICENAME*, so all network traffic that does not match an *ABBREV*ACL*-ABBREV* clause will be denied."); + + return 0; +} + + +int CiscoCSSFilter::generateDeviceSpecificFilterSecurityIssues(Device *device) +{ + // Variables... + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + + if (noAccessWithoutFilters == false) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] ACL Were Not Active\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("*ABBREV*ACL*-ABBREV* Were Not Active")); + securityIssuePointer->reference.assign("CSS.FILTNOAC.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*ABBREV*ACLs*-ABBREV* are sequential lists of allow, deny and bypass clauses that determine whether network traffic is permitted or dropped. All *ABBREV*ACLs*-ABBREV* have a hidden deny all clause as the final clause, clause 255. Regardless of whether *ABBREV*ACLs*-ABBREV* are configured, if *ABBREV*ACLs*-ABBREV* are not enabled on *DEVICETYPE* devices then all traffic will be allowed.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *ABBREV*ACLs*-ABBREV* are disabled.")); + + // Issue impact... + securityIssuePointer->impactRating = 6; // Medium + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("With *ABBREV*ACLs*-ABBREV* disabled, an attacker could gain access to hosts and services for which they should not be able to access.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + securityIssuePointer->easeRating = 0; // N/A + paragraphPointer->paragraph.assign(i18n("Network traffic will not be blocked by *DEVICENAME*.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 5; // Planned + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that *ABBREV*ACL*-ABBREV* should be enabled. Once enabled, all traffic is denied by default, so an *ABBREV*ACL*-ABBREV* should be configured to permit traffic to the device prior to enabling *ABBREV*ACLs*-ABBREV*.")); + + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*ABBREV*ACL*-ABBREV* can be enabled with the following command:*CODE**COMMAND*acl enable*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.assign(i18n("*ABBREV*ACL*-ABBREV* was disabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("enable *ABBREV*ACLs*-ABBREV*"), true); + } + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-CSS/filter.h b/libnipper-0.12.6/Cisco-CSS/filter.h new file mode 100644 index 0000000..d91e1e6 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/filter.h @@ -0,0 +1,53 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoCSSFilter_H +#define CiscoCSSFilter_H + + +#include "../device/filter/filter.h" + + +class CiscoCSSFilter : public Filter +{ + public: + CiscoCSSFilter(); + + + private: + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDeviceSpecificDefaults(Device *device); + int generateDeviceSpecificFilterSecurityIssues(Device *device); +}; + + +#endif + diff --git a/libnipper-0.12.6/Cisco-CSS/general.cpp b/libnipper-0.12.6/Cisco-CSS/general.cpp new file mode 100644 index 0000000..82e6ffb --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/general.cpp @@ -0,0 +1,195 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +CiscoCSSGeneral::CiscoCSSGeneral() +{ + coreDumpsEnabled = true; // Core Dumps Enabled? +} + + +int CiscoCSSGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Version (in general)... + if ((strcmp(command->part(0), "!Active") == 0) && (strcmp(command->part(1), "version:") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sVersion Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + version = command->part(2); + } + + // Potential hostname... + else if ((command->part(0)[strlen(command->part(0)) - 1] == '#') && (strncmp(command->part(1), "sh", 2) == 0) && (strncmp(command->part(2), "run", 3) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPotential Hostname Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempHostname.assign(command->part(0)); + tempHostname.erase(tempHostname.find_last_of("#")); + } + + // SNMP name... + else if ((strcmp(command->part(0), "snmp") == 0) && (strcmp(command->part(1), "name") == 0)) + { + if (hostname.empty()) + hostname.assign(command->part(2)); + } + + // dump... + else if (strcmp(command->part(0), "dump") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCore Dump Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (strcmp(command->part(1), "enable") == 0) + coreDumpsEnabled = true; + else + coreDumpsEnabled = false; + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoCSSGeneral::processDefaults(Device *device) +{ + // Variables... + string tempString; + + // Set hostname... + if ((hostname.empty()) && (!tempHostname.empty())) + hostname.assign(tempHostname); + + // Split Version Numbers... + if ((!version.empty()) && (version.length() > 8)) + { + tempString = version.substr(2, 2); + versionMajor = atoi(tempString.c_str()); + tempString = version.substr(4, 2); + versionMinor = atoi(tempString.c_str()); + tempString = version.substr(6, 1); + versionRevision = atoi(tempString.c_str()); + tempString = version.substr(7, 2); + versionTweak = atoi(tempString.c_str()); + } + + return 0; +} + + +int CiscoCSSGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-GENERAL"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-GENERAL-TABLE"); + + // Core Dumps... + device->addTableData(paragraphPointer->table, i18n("Core Dumps")); + if (coreDumpsEnabled == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + return errorCode; +} + + +int CiscoCSSGeneral::generateSecuritySpecificReport(Device *device) +{ + // Variables... + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Service Password Encryption... + if (coreDumpsEnabled == true) + { + + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Core Dumps Enabled\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Core Dumps Enabled")); + securityIssuePointer->reference.assign("CSS.COREDUMP.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*DEVICETYPE* devices have a debug option that causes the memory of the device to be written to the disk (to a core file) when a fatal error occurs. The core file enables developers and technical support to analyse what happened at the time of the fatal error. This functionality is similar to that found on UNIX systems and is enabled by default. After the fatal error has occured, *DEVICETYPE* devices will reboot automatically.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that core dumps were enabled on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 3; // LOW + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker who was able to repeatedly cause fatal errors on *DEVICENAME* may be able to fill the available disk space with core files. A full disk may cause *DEVICENAME* further unexpected problems.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + securityIssuePointer->easeRating = 2; // Challenge + paragraphPointer->paragraph.assign(i18n("The attacker would have to find a vulnerability to cause the fatal errors on the device. However, if *DEVICENAME* is not adequately maintained it may fill with core files over time on its own.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 1; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("Core files are rarely examined by network administrators and are of more use to Cisco technicians when analysing software or hardware faults. Therefore *COMPANY* recommends that, if not used, core dumps should be disabled.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("Core dumps can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*dump disable*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("core dumps were enabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable core dumps")); + } + + return errorCode; +} + + diff --git a/libnipper-0.12.6/Cisco-CSS/general.h b/libnipper-0.12.6/Cisco-CSS/general.h new file mode 100644 index 0000000..4488d68 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/general.h @@ -0,0 +1,55 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoCSSdevicegeneral_H +#define CiscoCSSdevicegeneral_H + +#include "../device/general/general.h" + +class CiscoCSSGeneral : public General +{ + public: + CiscoCSSGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + + private: + string tempHostname; + bool coreDumpsEnabled; // Core Dumps Enabled? +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-CSS/interfaces.cpp b/libnipper-0.12.6/Cisco-CSS/interfaces.cpp new file mode 100644 index 0000000..ecd020b --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/interfaces.cpp @@ -0,0 +1,232 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "interfaces.h" + + +CiscoCSSInterfaces::CiscoCSSInterfaces() +{ + // Interface Options... + useModuleAndPort = false; // Use the module / port instead of the name + useInterfaceZone = false; // Use the interface zone + zoneName = i18n("Zone"); // The name for zone field + filterIn = i18n("*ABBREV*ACL*-ABBREV*"); // The filter in table title text + filterOut = i18n("Filter Out"); // The filter out table title text + showDescription = true; // Show the interface description + cdpGlobalRequired = false; // If CDP needs to be enabled globally as well + disableCDPText = i18n(""); // The text and commands to disable CDP + cdpSupported = false; // Is CDP supported on interfaces + disableProxyARPText = i18n(""); // The text and commands to disable Proxy ARP + disableUnreachablesText = i18n(""); // The text and commands to disable ICMP unreachable messages + disableInformationText = i18n(""); // The text and commands to disable ICMP information messages + disableMaskText = i18n(""); // The text and commands to disable ICMP mask messages + disableRedirectText = i18n(""); // The text and commands to disable ICMP redirect messages + disableDirectedText = i18n(""); // The text and commands to disable directed broadcasts + disableMOPText = i18n(""); // The text and commands to disable MOP + disableActiveText = i18n("Interfaces can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*shut*-COMMAND**-CODE*"); // The text and commands to disable potentially unused interfaces + filterName = i18n("filter lists"); // The filter list name for use in the filter issue text + configFilterText = i18n("An *ABBREV*ACL*-ABBREV* can be configured for a particular circuit with the following *ABBREV*ACL*-ABBREV* command:*CODE**COMMAND*apply circuit-(*CMDUSER*name*-CMDUSER*)*-COMMAND**-CODE*"); // The text and commands to configure network filtering + defaultAutoTrunk = false; // Default to automatically trunk + disableTrunkText = i18n(""); // The text and commands to disable trunking on a port + enablePortSecurityText = i18n(""); // The text and commands to enable port security +} + + +int CiscoCSSInterfaces::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + interfaceListConfig *interfaceListPointer = 0; + interfaceConfig *interfacePointer = 0; + + if (strcmp(command->part(0), "interface") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Sort out the interface list first... + interfaceListPointer = getInterfaceList("INTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Network Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices network interfaces."); + interfaceListPointer->tableTitle = i18n("Network interfaces"); + interfaceListPointer->label = "INTERFACES"; + interfaceListPointer->vlanSupported = true; + interfaceListPointer->portModeSupported = true; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1)); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((command->parts > 0) && (feof(device->inputFile) == 0)) + { + + // Description... + if (strcmp(command->part(0), "description") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Description Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->description.assign(command->part(1)); + } + + // Shut... + else if ((strcmp(command->part(0), "shut") == 0) || (strcmp(command->part(0), "admin-shutdown") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Shutdown Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->enabled = false; + } + + // VLAN... + else if (strcmp(command->part(0), "vlan") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface VLAN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + addVLAN(interfacePointer, command->part(1)); + } + + // VLAN... + else if ((strcmp(command->part(0), "bridge") == 0) && (strcmp(command->part(1), "vlan") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface VLAN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + addVLAN(interfacePointer, command->part(2)); + } + + // Trunk... + else if (strcmp(command->part(0), "trunk") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface VLAN Trunking Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->switchportMode = portModeTrunk; + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + } + + else if (strcmp(command->part(0), "circuit") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCircuit Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Sort out the interface list first... + interfaceListPointer = getInterfaceList("CIRCUIT"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Circuit Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices circuit interfaces."); + interfaceListPointer->tableTitle = i18n("Circuit interfaces"); + interfaceListPointer->label = "CIRCUIT"; + interfaceListPointer->ipAddressSupported = true; // Is it possible to disable interfaces? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1)); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((command->parts > 0) && (feof(device->inputFile) == 0)) + { + + // Description... + if (strcmp(command->part(0), "description") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCircuit Description Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->description.assign(command->part(1)); + } + + // Address... + if ((strcmp(command->part(0), "ip") == 0) && (strcmp(command->part(1), "address") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCircuit IP Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->address.assign(command->part(2)); + interfacePointer->netmask.assign(command->part(3)); + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoCSSInterfaces::processDefaults(Device *device) +{ + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-CSS/interfaces.h b/libnipper-0.12.6/Cisco-CSS/interfaces.h new file mode 100644 index 0000000..3949404 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/interfaces.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoCSSInterfaces_H +#define CiscoCSSInterfaces_H + + +#include "../device/interfaces/interfaces.h" + + +class CiscoCSSInterfaces : public Interfaces +{ + public: + + CiscoCSSInterfaces(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + +}; + +#endif diff --git a/libnipper-0.12.6/Cisco-CSS/snmp-report.cpp b/libnipper-0.12.6/Cisco-CSS/snmp-report.cpp new file mode 100644 index 0000000..0d57375 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/snmp-report.cpp @@ -0,0 +1,212 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include "../globaldefs.h" +#include "device.h" +#include "general.h" +#include "snmp.h" + + +int CiscoCSSSNMP::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-SNMP"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-SNMP-TABLE"); + + // Trap Source... + device->addTableData(paragraphPointer->table, i18n("*ABBREV*SNMP*-ABBREV* Trap Source")); + device->addTableData(paragraphPointer->table, trapSource.c_str()); + + // Server Reload... + device->addTableData(paragraphPointer->table, i18n("Server Reloads")); + if (reloadAllowed == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + return errorCode; +} + + +int CiscoCSSSNMP::generateSecuritySpecificReport(Device *device) +{ + // Variables... + snmpCommunity *snmpCommunityPointer = 0; + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + bool dictionaryCommunity = false; + bool weakCommunity = false; + bool writeAccess = false; + int errorCode = 0; + + // Searching for issues... + snmpCommunityPointer = community; + while (snmpCommunityPointer != 0) + { + if ((snmpCommunityPointer->enabled == true) && (snmpCommunityPointer->type != communityReadOnly) && (((communityRequiresHosts == true) && (hostCommunityExists(snmpCommunityPointer->community.c_str()) == true)) || (communityRequiresHosts == false))) + { + writeAccess = true; + if (snmpCommunityPointer->communityInDict == true) + dictionaryCommunity = true; + else if (snmpCommunityPointer->communityWeak != Device::passwordPassed) + weakCommunity = true; + } + snmpCommunityPointer = snmpCommunityPointer->next; + } + + // System Shutdown via SNMP... + if ((reloadAllowed == true) && (writeAccess == true)) + { + + // Write Access... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWRIT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "CSS.SNMPRELO.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "CSS.SNMPRELO.1"); + } + + // Clear-text SNMP... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPCLEA.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + device->addString(paragraphPointer, "CSS.SNMPRELO.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "CSS.SNMPRELO.1"); + } + + // Dictionary-based Community Strings... + if (dictionaryCommunity == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPDICT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "CSS.SNMPRELO.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "CSS.SNMPRELO.1"); + } + } + + // Weak Community Strings... + if (weakCommunity == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWEAK.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "CSS.SNMPRELO.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "CSS.SNMPRELO.1"); + } + } + + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] SNMP System Reload\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("*ABBREV*SNMP*-ABBREV* Reload Option Enabled")); + securityIssuePointer->reference.assign("CSS.SNMPRELO.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addString(paragraphPointer, snmpFilterText); + paragraphPointer->paragraph.assign(i18n("A *ABBREV*SNMP*-ABBREV* system reload facility can be configured for *DEVICETYPE* so that network administrators can remotely reset the devices. *COMPANY* determined that the *ABBREV*SNMP*-ABBREV* system reload option was enabled on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 7; // High + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker who had *ABBREV*SNMP*-ABBREV* write access could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload.")); + + // Issue ease... + securityIssuePointer->easeRating = 4; // Moderate + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("For an attacker to exploit this issue they would require *ABBREV*SNMP*-ABBREV* query tools, a community string with write access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* and the reload value. *ABBREV*SNMP*-ABBREV* query tools are available on the Internet and some *ABBREV*OS*-ABBREV* install them by default.")); + if (dictionaryCommunity == true) + { + securityIssuePointer->easeRating = 7; // Easy + device->addString(paragraphPointer, "GEN.SNMPDICT.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a dictionary attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + else if (weakCommunity == true) + { + securityIssuePointer->easeRating = 5; // Moderate + device->addString(paragraphPointer, "GEN.SNMPWEAK.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a brute-force attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.append(i18n("The reload number is between 1 to 2*POWER*32*-POWER* and the attacker will require this value in order to reboot *DEVICENAME*. Unless the attacker is aware of what the value could be, they would have to attempt to brute-forece the value as it cannot be read from the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV*.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 3; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that, unless required, the *ABBREV*SNMP*-ABBREV* reload option should be disabled. This can be done with the following command:*CODE**COMMAND*no snmp reload-enable*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("*ABBREV*SNMP*-ABBREV* system reload was enabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable *ABBREV*SNMP*-ABBREV* system reload")); + + // Dependent issues... + device->addDependency(securityIssuePointer, "GEN.SNMPCLEA.1"); + device->addDependency(securityIssuePointer, "GEN.SNMPWRIT.1"); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPDICT.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPWEAK.1"); + } + + return errorCode; +} + diff --git a/libnipper-0.12.6/Cisco-CSS/snmp.cpp b/libnipper-0.12.6/Cisco-CSS/snmp.cpp new file mode 100644 index 0000000..e66cf9e --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/snmp.cpp @@ -0,0 +1,276 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include +#include +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "snmp.h" + +using namespace std; + + +CiscoCSSSNMP::CiscoCSSSNMP() +{ + // Init SNMP support options... + deviceSNMPSupportText = i18n("*DEVICETYPE* support only *ABBREV*SNMP*-ABBREV* versions 1 and 2c. "); // Intro Config section device specific text. + supportSNMP3 = false; // Does this device support SNMPv3? + supportSNMP3Upgrade = false; // Do you have to upgrade to get support for SNMPv3 + // N/A - supportSNMP3UpgText = i18n(""); // SNMP 3 is supported from OS version ... + disableSNMPCmdText = i18n("*ABBREV*SNMP*-ABBREV* can be disabled on *DEVICETYPE* with the following command:*CODE**COMMAND*restrict snmp*-COMMAND**-CODE*"); // The text and command(s) to disable SNMP support + configSNMPCommunityText = i18n("*ABBREV*SNMP*-ABBREV* community strings can be configured with the following command:*CODE**COMMAND*snmp community *CMDUSER*community-string*-CMDUSER* *CMDREQUIRE*read-only *CMDOR* read-write*-CMDREQUIRE**-COMMAND**-CODE*"); // The text and command(s) to configure a community string + // N/A - configSNMP3Text = i18n(""); // The text and command(s) to configure SNMP version 3 + // N/A - configSNMPViewText = i18n(""); // The text and command(s) to configure SNMP views + configSNMPTrapsText = i18n("*ABBREV*SNMP*-ABBREV* trap hosts can be configured using the following command:*CODE**COMMAND*snmp trap-host *CMDUSER*ip-address*-CMDUSER* *CMDUSER*community-string*-CMDUSER* *CMDOPTION*snmpv2*-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP traps + // N/A - configSNMPInformsText = i18n(""); // The text and command(s) to configure SNMP informs + configSNMPReadOnlyText = i18n("*ABBREV*SNMP*-ABBREV* read only community strings can be configured with the following command:*CODE**COMMAND*snmp community *CMDUSER*community-string*-CMDUSER* read-only*-COMMAND**-CODE*"); // The text and command(s) to configure SNMP read only access + // N/A - configSNMPFilterText = i18n(""); // The text and command(s) to configure SNMP filtering + + enabled = true; + + // Community Options... + communityView = false; // SNMP view for the community + communityFilter = false; // SNMP Network Filtering + communityIPv6Filter = false; // SNMP IPv6 Network Filtering + communitySpecificFilters = false; // If the device uses an SNMP specific list. If false, it is std device filters + communityRequiresHosts = false; // If the SNMP community will not work without a list of those who can access it + + // Default communities... + defaultReadOnly = ""; // Default read only community + defaultReadWrite = ""; // Default read/write community + defaultReadWriteAll = ""; // Default read/write all community + + // SNMP Trap/Inform Host Options... + trapsOnly = true; // Only Traps are supported + trapsSNMPv3 = false; // SNMP v3 support for traps + trapsShowPort = false; // Show Trap Host Port in Table + trapsInterface = false; // Show Interface in Table + trapsInterfaceText = i18n("Interface"); // The Traps/Informs Host Table Interface Column Title + trapsShowNotifications = false; // Show Notifications in the Table + trapsShowEventLevel = false; // Show Notification Event Level in the Table + + // Traps/Informs Options... + trapsShowExcluded = false; // Show excluded traps + trapsShowOptions = true; // Show trap options + + // Device specific SNMP settings... + reloadAllowed = false; + trapSource.assign("Management"); +} + + +int CiscoCSSSNMP::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + snmpCommunity *communityPointer = 0; + snmpTrapHost *trapHostPointer = 0; + snmpTrap *snmpTrapPointer = 0; + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 2; + setting = false; + } + else + { + tempInt = 1; + setting = true; + } + + // Restrict SNMP + if ((strcmp(command->part(0), "restrict") == 0) && (strcmp(command->part(1), "snmp") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Restrict Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + enabled = false; + } + + // snmp community? + else if (strcmp(command->part(tempInt), "community") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + communityPointer = addSNMPCommunity(); + communityPointer->community.assign(command->part(tempInt)); + communityPointer->enabled = setting; + tempInt++; + if (strcasecmp(command->part(tempInt), "read-only") == 0) + communityPointer->type = communityReadOnly; + else + communityPointer->type = communityReadWrite; + } + + // Name + else if (strcmp(command->part(tempInt), "name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + name.assign(command->part(tempInt)); + } + + // Location... + else if (strcmp(command->part(tempInt), "location") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Location Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + location.assign(command->part(tempInt)); + } + + // Contact... + else if (strcmp(command->part(tempInt), "contact") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Contact Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + contact.assign(command->part(tempInt)); + } + + // Reload... + else if (strcmp(command->part(tempInt), "reload-enable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Reload Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + { + tempInt++; + if (atoi(command->part(tempInt)) > 0) + reloadAllowed = true; + } + } + + // SNMP Host... + else if (strcmp(command->part(tempInt), "trap-host") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapHostPointer = addSNMPTrapHost(); + trapHostPointer->host.assign(command->part(tempInt)); + tempInt++; + trapHostPointer->community.assign(command->part(tempInt)); + tempInt++; + if (strcmp(command->part(tempInt), "snmpv2") == 0) + trapHostPointer->version = 2; + } + + // Trap Source Address... + else if (strcmp(command->part(tempInt), "trap-source") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Source Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + { + tempInt++; + if (strcmp(command->part(tempInt), "egress-port") == 0) + trapSource.assign("*ABBREV*VLAN*-ABBREV* Egress"); + else if (strcmp(command->part(tempInt), "management") == 0) + trapSource.assign("Management"); + else + trapSource.assign(command->part(tempInt + 1)); + } + } + + // Auth Traps... + else if (strcmp(command->part(tempInt), "auth-traps") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Auth Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign("Authentication"); + } + + // Generic Traps... + else if ((strcmp(command->part(tempInt), "trap-type") == 0) && (strcmp(command->part(tempInt + 1), "generic") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Generic Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign("cold start"); + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign("warm start"); + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign("link down"); + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign("link up"); + } + + // Enterprise Traps... + else if ((strcmp(command->part(tempInt), "trap-type") == 0) && (strcmp(command->part(tempInt + 1), "enterprise") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Enterprise Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign(command->part(tempInt)); + tempInt++; + snmpTrapPointer->options.assign(command->part(tempInt)); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoCSSSNMP::processDefaults(Device *device) +{ + // Variables... + snmpCommunity *communityPointer = community; + + // Enable SNMP Service... + while ((communityPointer != 0) && (snmp12Enabled == false)) + { + if (communityPointer->enabled == true) + snmp12Enabled = true; + communityPointer = communityPointer->next; + } + if (enabled == true) + enabled = snmp12Enabled; + + return 0; +} diff --git a/libnipper-0.12.6/Cisco-CSS/snmp.h b/libnipper-0.12.6/Cisco-CSS/snmp.h new file mode 100644 index 0000000..a5140d2 --- /dev/null +++ b/libnipper-0.12.6/Cisco-CSS/snmp.h @@ -0,0 +1,55 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoCSSdevicesnmp_H +#define CiscoCSSdevicesnmp_H + +#include "../device/snmp/snmp.h" + + +class CiscoCSSSNMP : public SNMP +{ + public: + CiscoCSSSNMP(); + + // Device specific properties... + bool reloadAllowed; + string trapSource; + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst-CatOS/.svn/all-wcprops b/libnipper-0.12.6/Cisco-Catalyst-CatOS/.svn/all-wcprops new file mode 100644 index 0000000..9799496 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst-CatOS/.svn/all-wcprops @@ -0,0 +1,17 @@ +K 25 +svn:wc:ra_dav:version-url +V 59 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst-CatOS +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 68 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.h +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 70 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp +END diff --git a/libnipper-0.12.6/Cisco-Catalyst-CatOS/.svn/entries b/libnipper-0.12.6/Cisco-Catalyst-CatOS/.svn/entries new file mode 100644 index 0000000..8cd5277 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst-CatOS/.svn/entries @@ -0,0 +1,96 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/Cisco-Catalyst-CatOS +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device.cpp +file + + + + +2016-02-13T06:47:10.636160Z +466c664bdf2c02a7ea96e84c26e667fb +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3665 + +device.h +file + + + + +2016-02-13T06:47:10.636160Z +eb8f0a2bceada470d183e8f9d7e9f803 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2556 + diff --git a/libnipper-0.12.6/Cisco-Catalyst-CatOS/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/Cisco-Catalyst-CatOS/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..3cd3004 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst-CatOS/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,94 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" + + +CiscoCatalystCatOSDevice::CiscoCatalystCatOSDevice() +{ + deviceMake = "Cisco"; + deviceType = "Catalyst"; + deviceOS = "CatOS"; +} + + +bool CiscoCatalystCatOSDevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + int count = 0; + int lineCount = 0; + int returnCode = 0; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (count < 3) && (lineCount < 50)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (strcmp(command.part(0), "#version") == 0) + count++; + + else if (strcmp(command.part(0), "#system") == 0) + count++; + + else if ((strcmp(command.part(0), "set") == 0) && (strcmp(command.part(1), "system") == 0) && (strcmp(command.part(2), "name") == 0)) + count++; + + else if ((strcmp(command.part(0), "set") == 0) && (strcmp(command.part(1), "password") == 0)) + count++; + + else if ((strcmp(command.part(0), "set") == 0) && (strcmp(command.part(1), "enablepass") == 0)) + count++; + } + fclose(inputFile); + + if (count > 2) + return true; + else + return false; +} + diff --git a/libnipper-0.12.6/Cisco-Catalyst-CatOS/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/Cisco-Catalyst-CatOS/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..74c9f2e --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst-CatOS/.svn/text-base/device.h.svn-base @@ -0,0 +1,47 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoCatalystCatOS_H +#define device_CiscoCatalystCatOS_H + + +#include "../Cisco-Catalyst/device.h" + + +class CiscoCatalystCatOSDevice : public CatalystDevice +{ + public: + CiscoCatalystCatOSDevice(); + bool isDeviceType(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp b/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp new file mode 100644 index 0000000..3cd3004 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.cpp @@ -0,0 +1,94 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" + + +CiscoCatalystCatOSDevice::CiscoCatalystCatOSDevice() +{ + deviceMake = "Cisco"; + deviceType = "Catalyst"; + deviceOS = "CatOS"; +} + + +bool CiscoCatalystCatOSDevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + int count = 0; + int lineCount = 0; + int returnCode = 0; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (count < 3) && (lineCount < 50)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (strcmp(command.part(0), "#version") == 0) + count++; + + else if (strcmp(command.part(0), "#system") == 0) + count++; + + else if ((strcmp(command.part(0), "set") == 0) && (strcmp(command.part(1), "system") == 0) && (strcmp(command.part(2), "name") == 0)) + count++; + + else if ((strcmp(command.part(0), "set") == 0) && (strcmp(command.part(1), "password") == 0)) + count++; + + else if ((strcmp(command.part(0), "set") == 0) && (strcmp(command.part(1), "enablepass") == 0)) + count++; + } + fclose(inputFile); + + if (count > 2) + return true; + else + return false; +} + diff --git a/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.h b/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.h new file mode 100644 index 0000000..74c9f2e --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst-CatOS/device.h @@ -0,0 +1,47 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoCatalystCatOS_H +#define device_CiscoCatalystCatOS_H + + +#include "../Cisco-Catalyst/device.h" + + +class CiscoCatalystCatOSDevice : public CatalystDevice +{ + public: + CiscoCatalystCatOSDevice(); + bool isDeviceType(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst-NMP/.svn/all-wcprops b/libnipper-0.12.6/Cisco-Catalyst-NMP/.svn/all-wcprops new file mode 100644 index 0000000..f634105 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst-NMP/.svn/all-wcprops @@ -0,0 +1,17 @@ +K 25 +svn:wc:ra_dav:version-url +V 57 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst-NMP +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 66 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst-NMP/device.h +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 68 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp +END diff --git a/libnipper-0.12.6/Cisco-Catalyst-NMP/.svn/entries b/libnipper-0.12.6/Cisco-Catalyst-NMP/.svn/entries new file mode 100644 index 0000000..4a1b139 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst-NMP/.svn/entries @@ -0,0 +1,96 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/Cisco-Catalyst-NMP +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device.h +file + + + + +2016-02-13T06:47:11.088158Z +65a7b211b2714c9fda0b9afe6d0f40e9 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2548 + +device.cpp +file + + + + +2016-02-13T06:47:11.088158Z +1b7f26fd29f9c7e22f128cebc886fbc9 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3339 + diff --git a/libnipper-0.12.6/Cisco-Catalyst-NMP/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/Cisco-Catalyst-NMP/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..d81bb85 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst-NMP/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,87 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" + + +CiscoCatalystNMPDevice::CiscoCatalystNMPDevice() +{ + deviceMake = "Cisco"; + deviceType = "Catalyst"; + deviceOS = "NMP"; +} + + +bool CiscoCatalystNMPDevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + int count = 0; + int lineCount = 0; + int returnCode = 0; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (count < 3) && (lineCount < 50)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (strcmp(command.part(0), "#version") == 0) + count++; + + else if (strcmp(command.part(0), "#system") == 0) + count++; + + else if (strstr(line, "NmpSW") != 0) + count++; + } + fclose(inputFile); + + if (count > 2) + return true; + else + return false; +} diff --git a/libnipper-0.12.6/Cisco-Catalyst-NMP/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/Cisco-Catalyst-NMP/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..0498f20 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst-NMP/.svn/text-base/device.h.svn-base @@ -0,0 +1,47 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoCatalystNMP_H +#define device_CiscoCatalystNMP_H + + +#include "../Cisco-Catalyst/device.h" + + +class CiscoCatalystNMPDevice : public CatalystDevice +{ + public: + CiscoCatalystNMPDevice(); + bool isDeviceType(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp b/libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp new file mode 100644 index 0000000..d81bb85 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst-NMP/device.cpp @@ -0,0 +1,87 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" + + +CiscoCatalystNMPDevice::CiscoCatalystNMPDevice() +{ + deviceMake = "Cisco"; + deviceType = "Catalyst"; + deviceOS = "NMP"; +} + + +bool CiscoCatalystNMPDevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + int count = 0; + int lineCount = 0; + int returnCode = 0; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (count < 3) && (lineCount < 50)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (strcmp(command.part(0), "#version") == 0) + count++; + + else if (strcmp(command.part(0), "#system") == 0) + count++; + + else if (strstr(line, "NmpSW") != 0) + count++; + } + fclose(inputFile); + + if (count > 2) + return true; + else + return false; +} diff --git a/libnipper-0.12.6/Cisco-Catalyst-NMP/device.h b/libnipper-0.12.6/Cisco-Catalyst-NMP/device.h new file mode 100644 index 0000000..0498f20 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst-NMP/device.h @@ -0,0 +1,47 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoCatalystNMP_H +#define device_CiscoCatalystNMP_H + + +#include "../Cisco-Catalyst/device.h" + + +class CiscoCatalystNMPDevice : public CatalystDevice +{ + public: + CiscoCatalystNMPDevice(); + bool isDeviceType(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/all-wcprops b/libnipper-0.12.6/Cisco-Catalyst/.svn/all-wcprops new file mode 100644 index 0000000..14d79f7 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/all-wcprops @@ -0,0 +1,101 @@ +K 25 +svn:wc:ra_dav:version-url +V 53 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst +END +administration.cpp +K 25 +svn:wc:ra_dav:version-url +V 72 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst/administration.cpp +END +interfaces.h +K 25 +svn:wc:ra_dav:version-url +V 66 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst/interfaces.h +END +dns.h +K 25 +svn:wc:ra_dav:version-url +V 59 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst/dns.h +END +administration.h +K 25 +svn:wc:ra_dav:version-url +V 70 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst/administration.h +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst/device.cpp +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 62 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst/device.h +END +banner.cpp +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst/banner.cpp +END +banner.h +K 25 +svn:wc:ra_dav:version-url +V 62 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst/banner.h +END +general.cpp +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst/general.cpp +END +snmp.cpp +K 25 +svn:wc:ra_dav:version-url +V 62 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst/snmp.cpp +END +authentication.cpp +K 25 +svn:wc:ra_dav:version-url +V 72 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst/authentication.cpp +END +snmp.h +K 25 +svn:wc:ra_dav:version-url +V 60 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst/snmp.h +END +general.h +K 25 +svn:wc:ra_dav:version-url +V 63 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst/general.h +END +interfaces.cpp +K 25 +svn:wc:ra_dav:version-url +V 68 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp +END +dns.cpp +K 25 +svn:wc:ra_dav:version-url +V 61 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst/dns.cpp +END +authentication.h +K 25 +svn:wc:ra_dav:version-url +V 70 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Catalyst/authentication.h +END diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/entries b/libnipper-0.12.6/Cisco-Catalyst/.svn/entries new file mode 100644 index 0000000..1bf8d37 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/entries @@ -0,0 +1,572 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/Cisco-Catalyst +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device.h +file + + + + +2016-02-13T06:47:10.516161Z +d957edb350fa662006d92e18b148e522 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2529 + +banner.cpp +file + + + + +2016-02-13T06:47:10.516161Z +a30ad63c188ef7abb484b24fd15755ea +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +10950 + +banner.h +file + + + + +2016-02-13T06:47:10.516161Z +bfc18e798bce4c214cdd7066e2a981f8 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2963 + +general.cpp +file + + + + +2016-02-13T06:47:10.516161Z +3b17c7440df48ca7a5861cef7ddc731f +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6257 + +snmp.cpp +file + + + + +2016-02-13T06:47:10.516161Z +4717e39defc1b471319dd1d9e5da486b +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +23460 + +authentication.cpp +file + + + + +2016-02-13T06:47:10.516161Z +d4d3d3057845f776d975dcf53feaf040 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +12044 + +snmp.h +file + + + + +2016-02-13T06:47:10.516161Z +7d019836b959a24db36bad7c021666b8 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2824 + +general.h +file + + + + +2016-02-13T06:47:10.516161Z +bae11702a1c0a6a0fd18ae8b8a402cdb +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2816 + +interfaces.cpp +file + + + + +2016-02-13T06:47:10.516161Z +fc5c0351bfbb1682bf89a9095c895af3 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +17285 + +dns.cpp +file + + + + +2016-02-13T06:47:10.516161Z +baf734c7c2d2d1fa1ece88031da963c8 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5103 + +authentication.h +file + + + + +2016-02-13T06:47:10.516161Z +9560a7f42df6d7edbe033d796ab2daf9 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2815 + +administration.cpp +file + + + + +2016-02-13T06:47:10.516161Z +171af61b6e47c41d56bf7c38d24f9391 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +12404 + +interfaces.h +file + + + + +2016-02-13T06:47:10.516161Z +2119c2a63dbe22c4ad8befa22dde984f +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2642 + +dns.h +file + + + + +2016-02-13T06:47:10.516161Z +236a8bebdc220f6ad1b1131eb5c98208 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2562 + +administration.h +file + + + + +2016-02-13T06:47:10.516161Z +6a8a20c4153775ed3ee061b4a1527858 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2768 + +device.cpp +file + + + + +2016-02-13T06:47:10.516161Z +32b6d5b1eddb813a43428cbee2b882b4 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +8383 + diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/administration.cpp.svn-base b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/administration.cpp.svn-base new file mode 100644 index 0000000..91980c4 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/administration.cpp.svn-base @@ -0,0 +1,257 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "administration.h" + + +CatalystAdministration::CatalystAdministration() +{ + // General... + generalSettings = false; // Show the general settings section? + consoleEnabled = true; // Is the Console port enabled? + consoleSupported = true; // Is a console port supported? + consoleTimeoutSupported = false; // Is a console timeout supported? + //consoleTimeout = 0; // Console timeout + //configConsoleTimeout = i18n(""); // The text and commands to configure the timeout + connectionTimeoutSupported = false; // Is a connection timeout supported? + //connectionTimeout = 0; // Connection Timeout + //configTimeout = i18n(""); // The text and commands to configure the timeout + + // Host restrictions... + serviceWideHosts = false; // Do all the admin services share a common host restrictions? + serviceConfigHosts = i18n(""); // Text, how to configure administrative host restrictions. + + // Telnet options... + telnetSupported = true; // Is telnet supported? + telnetEnabled = true; // Is Telnet enabled? + telnetPort = 23; // The telnet service port + telnetSpecificHost = false; // Does Telnet have its own access list? + telnetHostsRequired = false; // Is the host configuration required? + configTelnetHostAccess = i18n("Telnet management hosts can be configured using the following commands:*CODE**COMMAND*set ip permit enable telnet*-COMMAND**COMMAND*set ip permit *CMDUSER*ip-address*-CMDUSER* *CMDOPTION**CMDUSER*netmask*-CMDUSER**-CMDOPTION* telnet*-COMMAND**-CODE*"); // How access lists are configured for the telnet service + disableTelnet = i18n("The Telnet service can be disabled on *DEVICENAME* with the following command:*CODE**COMMAND*set ip telnet server disable*-COMMAND**-CODE*"); // How to disable telnet text... + //telnetSpecificTimeout = false; // A Telnet Specific Timeout? + //telnetTimeout = 0; // The Telnet Timeout (secs) + configTelnetTimeout = i18n(""); // The text and commands to configure the timeout + + // TFTP options... + tftpSupported = false; // Is TFTP supported? + //tftpEnabled = false; // Is TFTP enabled? + //tftpPort = 69; // The TFTP service port + //tftpSpecificHost = false; // Does TFTP have its own access list? + //tftpHostsRequired = false; // Is the host configuration required? + //configTFTPHostAccess = i18n(""); // How access lists are configured for the TFTP service + //disableTFTP = i18n(""); // How to disable TFTP text... + + // FTP options... + ftpSupported = false; // Is FTP supported? + //ftpEnabled = false; // Is FTP enabled? + //ftpPort = 21; // The FTP service port + //ftpSpecificHost = false; // Does FTP have its own access list? + //ftpHostsRequired = false; // Is the host configuration required? + //configFTPHostAccess = i18n(""); // How access lists are configured for the FTP service + //disableFTP = i18n(""); // How to disable FTP text... + //ftpSpecificTimeout = false; // A FTP Specific Timeout? + //ftpTimeout = 0; // The FTP Timeout (secs) + //configFTPTimeout = i18n(""); // The text and commands to configure the timeout + + // SFTP options... + sftpSupported = false; // Is SFTP supported? + //sftpEnabled = false; // Is SFTP enabled? + //sftpPort = 21; // The SFTP service port + //sftpUpgrade = false; // Is an upgrade required to support SFTP? + //sftpSpecificHost = false; // Does SFTP have its own access list? + //sftpHostsRequired = false; // Is the host configuration required? + //configSFTPHostAccess = i18n(""); // How access lists are configured for the SFTP service + //configSFTP = i18n(""); // How to configure SFTP + //sftpSpecificTimeout = false; // A SFTP Specific Timeout? + //sftpTimeout = 0; // The SFTP Timeout (secs) + //configSFTPTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH options... + sshSupported = false; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = false; // Is the SSH service enabled? + sshVersion = 0; // What is the SSH Protocol version (0 = 1 and 2) + sshPort = 22; // The SSH port number + configSSHSupport = i18n(""); // How to configure SSH... + sshSpecificHost = false; // Does SSH have its own access list? + sshHostsRequired = false; // Is the host configuration required? + configSSHHostAccess = i18n("*ABBREV*SSH*-ABBREV* management hosts can be configured using the following commands:*CODE**COMMAND*set ip permit enable ssh*-COMMAND**COMMAND*set ip permit *CMDUSER*ip-address*-CMDUSER* *CMDOPTION**CMDUSER*netmask*-CMDUSER**-CMDOPTION* ssh*-COMMAND**-CODE*"); // How to configure SSH... + scpSupported = false; // Is SCP supported? + sshSpecificTimeout = false; // A SSH Specific Timeout? + sshTimeout = 0; // The SSH Timeout (secs) + configSSHTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH 2 support... + ssh2Supported = false; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + configSSHv2Support = i18n("Support for *ABBREV*SSH*-ABBREV* protocol version 2 can be configured with the following command:*CODE**COMMAND*set ssh mode v2*-COMMAND**-CODE*"); // How to configure protocol version 2 support only + + sshConfigProtocolSupport = i18n("The *ABBREV*SSH*-ABBREV* protocol service is supported on *DEVICETYPE* from around *DEVICEOS* version 6 onwards. Support for *ABBREV*SSH*-ABBREV* protocol version 2 was introduced around *DEVICEOS* version 8."); // Config report text on protocol support (e.g. supports both version 1 and 2 of the protocol) + + // HTTP(S) options... + httpSupported = true; // Does this device support HTTP + httpsSupported = false; // Does this device support HTTPS + //httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpPort = 80; // HTTP port + //httpsEnabled = false; // Is the HTTPS service enabled? + //httpsPort = 443; // HTTPS port + //httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? + //httpSpecificTimeout = false; // A HTTP Specific Timeout? + //httpTimeout = 0; // The HTTP Timeout (secs) + //configHTTPTimeout = i18n(""); // The text and commands to configure the timeout + httpLabel = i18n("*ABBREV*HTTP*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*HTTPS*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + //httpSpecificHost = false; // Does HTTP have its own access list? + //httpHostsRequired = false; // Is the host configuration required? + //configHTTPHostAccess = i18n(""); // How to configure HTTP Management hosts... + //httpsRedirectSupported = false; // Is HTTP redirected to HTTPS? + disableHTTP = i18n("The *ABBREV*HTTP*-ABBREV* service can be disabled on *DEVICENAME* with the following command:*CODE**COMMAND*set ip telnet server disable*-COMMAND**-CODE*"); // How to disable HTTP text... + //configHTTPSSupport = i18n(""); // How to configure HTTPS... +} + + +CatalystAdministration::~CatalystAdministration() +{ +} + + +int CatalystAdministration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int tempInt = 0; + bool setting = false; + + // Init + tempInt = 1; + if (strcmp(command->part(0), "set") == 0) + setting = true; + else + setting = false; + + // Telnet... + if ((strcmp(command->part(tempInt), "ip") == 0) && (strcmp(command->part(tempInt + 1), "telnet") == 0) && (strcmp(command->part(tempInt + 2), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTelnet Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 3; + if (strcmp(command->part(tempInt), "enable") == 0) + telnetEnabled = true; + else + telnetEnabled = false; + } + + // HTTP Port... + else if ((strcmp(command->part(tempInt), "ip") == 0) && (strcmp(command->part(tempInt + 1), "http") == 0) && (strcmp(command->part(tempInt + 2), "port") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Server Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 3; + if (strcmp(command->part(tempInt), "default") == 0) + httpPort = 80; + else + httpPort = atoi(command->part(tempInt)); + } + + // HTTP Server... + else if ((strcmp(command->part(tempInt), "ip") == 0) && (strcmp(command->part(tempInt + 1), "http") == 0) && (strcmp(command->part(tempInt + 2), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 3; + if (strcmp(command->part(tempInt), "enable") == 0) + httpEnabled = true; + else + httpEnabled = false; + } + + else if ((strcmp(command->part(tempInt), "ssh") == 0) && (strcmp(command->part(tempInt + 1), "mode") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Mode Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + sshSupported = true; + ssh2Supported = true; + sshEnabled = true; + tempInt += 2; + if (strcmp(command->part(tempInt), "v1") == 0) + sshVersion = 1; + else + sshVersion = 2; + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CatalystAdministration::processDefaults(Device *device) +{ + // SSH Supported... + if (sshSupported == false) + { + if (device->general->versionMajor > 5) + { + sshEnabled = true; + sshSupported = true; // Does this device support SSH? + } + else + sshUpgrade = true; // Do you have to upgrade? + } + + // SSH version 2... + if (ssh2Supported == false) + { + if (device->general->versionMajor > 7) + ssh2Supported = true; + else + ssh2upgrade = true; + } + + // Default SSH Protocol... + if ((device->general->versionMajor > 5) && (device->general->versionMajor < 8) && (sshVersion == 0)) + sshVersion = 1; + + return 0; +} + + diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/administration.h.svn-base b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/administration.h.svn-base new file mode 100644 index 0000000..14727fa --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/administration.h.svn-base @@ -0,0 +1,51 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CatalystAdministration_H +#define device_CatalystAdministration_H + +#include "../device/administration/administration.h" + + +class CatalystAdministration : public Administration +{ + public: + + CatalystAdministration(); + virtual ~CatalystAdministration(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/authentication.cpp.svn-base b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/authentication.cpp.svn-base new file mode 100644 index 0000000..7d98fdf --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/authentication.cpp.svn-base @@ -0,0 +1,300 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "authentication.h" +#include "../device/common/configline.h" + + +CatalystAuthentication::CatalystAuthentication() +{ + // General... + authenticationConfigIntro = i18n("This section describes the various *DEVICETYPE* device authentication settings."); // Introduction text to the whole section + loginAttemptsSupported = false; // Login attempts supported + loginAttempts = 0; // Login attempts allowed (0 = infinite) + accessWithoutAuthentication = false; // Set to true if access is allowed without authentication + configAccessAuthentication = i18n("The following commands can be used to set the initial password and the enable password:*CODE**COMMAND*set password*-COMMAND**COMMAND*set enablepass*-COMMAND**-CODE*"); // The text and commands to configure access authentication with a password + + // Authentication Methods... + authMethodSupported = true; // Authentication Method Supported + appliesToSupported = true; // Applies To Supported + namedAuthSupport = false; // Are auth servers named? + showAuthLevel = true; // Show auth level + + // Local User Options... + encryptionSupported = false; // Show encryption + readOnlySupported = false; // Is read only supported? + outboundACLSupported = false; // Are outbound filtering ACL supported? + privilegeLevelSupported = false; // Are privilege levels supported? + privilegeLevelText = i18n("Privilege Level"); // The table title privilege level text + configDeviceSpecificLocalUsers = i18n(""); // Text for the config report local user section. + filterText = i18n("*ABBREV*ACL*-ABBREV*"); // The table filter column title text + + // TACACS Options... + showTacacsGroupName = false; // Show the TACACS group + showTacacsRetries = true; // Show the TACACS retries + configTacacsKey = i18n("A *ABBREV*TACACS+*-ABBREV* server key can be configured with the following command:*CODE**COMMAND*set tacacs key *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a TACACS+ key + + // RADIUS Options... + showRadiusGroupName = false; // Show the RADIUS group + configRadiusKey = i18n("A *ABBREV*RADIUS*-ABBREV* server key can be configured with the following command:*CODE**COMMAND*set radius key *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a + + // KERBEROS Options... + showKerberosGroupName = false; // Show the KERBEROS group + + // LDAP Options... + showLDAPGroupName = false; // Show the LDAP group + + // SecurID Options... + showSecurIDGroupName = false; // Show the SecurID group + showSecurIDDuress = false; // Show the SecurID Duress + showSecurIDEncryption = false; // Show the SecurID Encryption + + // NT Options... + showNTGroupName = false; // Show the NT group + + + + firstServer = true; +} + + +int CatalystAuthentication::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + localUserConfig *userPointer = 0; + tacacsServerConfig *tacacsPointer = 0; + radiusServerConfig *radiusPointer = 0; + kerberosServerConfig *kerberosPointer = 0; + authConfig *authPointer = 0; + int errorCode = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "set") == 0) + setting = true; + else + setting = false; + + // password... + if (strcmp(command->part(1), "password") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPassword Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + userPointer = getUser("password"); + userPointer->password.assign(command->part(2)); + userPointer->encryption = md5Encryption; + } + + // enable... + else if (strcmp(command->part(1), "enablepass") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sEnable Password Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + userPointer = getUser("enablepass"); + userPointer->password.assign(command->part(2)); + userPointer->encryption = md5Encryption; + userPointer->adminAccess = true; + } + + // authentication... + else if ((strcmp(command->part(1), "authentication") == 0) && (strcmp(command->part(4), "enable") == 0) && ((strcmp(command->part(3), "kerberos") == 0) || (strcmp(command->part(3), "tacacs") == 0) || (strcmp(command->part(3), "local") == 0) || (strcmp(command->part(3), "radius") == 0))) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAuthentication Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + authPointer = addMethod(); + authPointer->level.assign(command->part(2)); + authPointer->appliesTo.assign(command->part(5)); + if (strcmp(command->part(3), "kerberos") == 0) + authPointer->method = kerberosAuth; + else if (strcmp(command->part(3), "tacacs") == 0) + authPointer->method = tacacsAuth; + else if (strcmp(command->part(3), "radius") == 0) + authPointer->method = radiusAuth; + else if (strcmp(command->part(3), "local") == 0) + authPointer->method = localAuth; + } + + // tacacs... + else if ((strcmp(command->part(1), "tacacs") == 0) && (strcmp(command->part(2), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = addTacacsServer(); + tacacsPointer->address.assign(command->part(3)); + tacacsPointer->timeout = 5; + tacacsPointer->retries = 3; + if (strcmp(command->part(4), "primary") == 0) + tacacsPointer->description.assign(i18n("Primary")); + else + tacacsPointer->description.assign(i18n("Secondary")); + } + + // tacacs key... + else if ((strcmp(command->part(1), "tacacs") == 0) && (strcmp(command->part(2), "key") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Key Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + tacacsPointer->key.assign(strstr(line, command->part(3))); + tacacsPointer = tacacsPointer->next; + } + } + + // tacacs timeout... + else if ((strcmp(command->part(1), "tacacs") == 0) && (strcmp(command->part(2), "timeout") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + tacacsPointer->timeout = atoi(command->part(3)); + tacacsPointer = tacacsPointer->next; + } + } + + // tacacs attempts... + else if ((strcmp(command->part(1), "tacacs") == 0) && (strcmp(command->part(2), "attempts") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Attempts Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + tacacsPointer->retries = atoi(command->part(3)); + tacacsPointer = tacacsPointer->next; + } + } + + // kerberos... + else if ((strcmp(command->part(1), "kerberos") == 0) && (strcmp(command->part(2), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sKerberos Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + kerberosPointer = addKerberosServer(); + kerberosPointer->realm.assign(command->part(3)); + kerberosPointer->address.assign(command->part(4)); + if (command->parts == 6) + kerberosPointer->port = atoi(command->part(5)); + if (firstServer == true) + { + kerberosPointer->description.assign(i18n("Primary")); + firstServer = false; + } + else + kerberosPointer->description.assign(i18n("Secondard")); + } + + // radius... + else if ((strcmp(command->part(1), "radius") == 0) && (strcmp(command->part(2), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = addRadiusServer(); + radiusPointer->address.assign(command->part(3)); + radiusPointer->timeout = 5; + radiusPointer->retries = 3; + if (strcmp(command->part(4), "primary") == 0) + radiusPointer->description.assign(i18n("Primary")); + else + radiusPointer->description.assign(i18n("Secondary")); + } + + // radius key... + else if ((strcmp(command->part(1), "radius") == 0) && (strcmp(command->part(2), "key") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Key Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = radiusServer; + while (tacacsPointer != 0) + { + radiusPointer->key.assign(strstr(line, command->part(3))); + radiusPointer = radiusPointer->next; + } + } + + // radius timeout... + else if ((strcmp(command->part(1), "radius") == 0) && (strcmp(command->part(2), "timeout") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = radiusServer; + while (radiusPointer != 0) + { + radiusPointer->timeout = atoi(command->part(3)); + radiusPointer = radiusPointer->next; + } + } + + // radius attempts... + else if ((strcmp(command->part(1), "radius") == 0) && (strcmp(command->part(2), "retransmit") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Attempts Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = radiusServer; + while (radiusPointer != 0) + { + radiusPointer->retries = atoi(command->part(3)); + radiusPointer = radiusPointer->next; + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return errorCode; +} + + +int CatalystAuthentication::processDefaults(Device *device) +{ + return 0; +} diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/authentication.h.svn-base b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/authentication.h.svn-base new file mode 100644 index 0000000..1dfbe49 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/authentication.h.svn-base @@ -0,0 +1,57 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef Catalystauthentication_H +#define Catalystauthentication_H + + +#include "../device/authentication/authentication.h" + + +class CatalystAuthentication : public Authentication +{ + public: + + CatalystAuthentication(); + + + // ----------------------------------------------------------------------- + // Standard Device Class Methods... + // ----------------------------------------------------------------------- + + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + + private: + bool firstServer; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/banner.cpp.svn-base b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/banner.cpp.svn-base new file mode 100644 index 0000000..98aad7c --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/banner.cpp.svn-base @@ -0,0 +1,250 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "banner.h" +#include "general.h" +#include "device.h" + + +CatalystBanner::CatalystBanner() +{ + preLogonBanner = true; // Support Banner(s) Before Logon? + postLogonBanner = false; // Support Banner(s) After Logon? + + configPreLogonBanner = i18n("The *ABBREV*MOTD*-ABBREV* banner is shown when a user connects to *DEVICETYPE* devices. It is configured using a delimiting character, the delimeter is used to mark the start and the end of the banner message. The banner can be configured with the following command:*CODE**COMMAND*set banner motd *CMDUSER*delimeter*-CMDUSER* *CMDUSER*banner-message*-CMDUSER* *CMDUSER*delimeter*-CMDUSER**-COMMAND**-CODE*"); // The text that explains how to config a prelogon banner, with commands... + //configPostLogonBanner; // The text that explains how to config a post logon banner, with commands... + + telnetMessage = true; // Is the Telnet message enabled? + telnetMessageSupported = false; // Is the Telnet message option available? +} + + +int CatalystBanner::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + bannerStruct *bannerPointer = 0; + int tempInt = 0; + bool setting = true; + char delimeter[3] = {0,0,0}; + string tempString; + int position = 0; + bool end = false; + + // Init + tempInt = 2; + if (strcmp(command->part(0), "set") == 0) + setting = true; + else + setting = false; + + // Telnet banner... + if (strcmp(command->part(tempInt), "telnet") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTelnet Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt), "enable") == 0) + telnetMessage = true; + else + telnetMessage = false; + telnetMessageSupported = true; + } + + // MOTD... + else if (strcmp(command->part(tempInt), "motd") == 0) + { + tempInt++; + + // The setup... + if (command->part(tempInt)[0] != '^') + { + delimeter[0] = command->part(tempInt)[0]; + position = 1; + } + else if (strlen(command->part(tempInt)) > 1) + { + delimeter[0] = command->part(tempInt)[0]; + delimeter[1] = command->part(tempInt)[1]; + position = 2; + } + if (strlen(command->part(tempInt) + position) > 0) + { + if (strncmp(command->part(tempInt) + position, (const char *)&delimeter, position) == 0) + end = true; + } + + // Get banner... + if (end == false) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign(i18n("*ABBREV*MOTD*-ABBREV*")); + bannerPointer->description.assign(i18n("The *ABBREV*MOTD*-ABBREV* banner message is presented to users before they logon. The *ABBREV*MOTD*-ABBREV* banner configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = anyConnection; + tempString.assign(strstr(line, (const char *)&delimeter) + position); + + // Get the lines... + while ((end == false) && (feof(device->inputFile) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (tempString.find((const char *)&delimeter) != tempString.npos) + { + end = true; + tempString.erase(tempString.find((const char *)&delimeter)); + } + + addBannerLine(bannerPointer, tempString.c_str()); + + // Read a line from the config... + if (end == false) + { + device->readLine(line, lineSize); + tempString.assign(line); + } + } + } + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CatalystBanner::processDefaults(Device *device) +{ + if ((telnetMessageSupported == false) && (device->general->versionMajor > 6)) + telnetMessageSupported = true; + + return 0; +} + + +int CatalystBanner::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + + if (banner == 0) + generateConfigBannerReport(device); + + configReportPointer = device->getConfigSection("CONFIG-BANNER"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraphTitle.assign(i18n("Telnet Banner Message")); + if (telnetMessageSupported == true) + { + paragraphPointer->paragraph.assign(i18n("*DEVICETYPE* devices are configured with a Telnet banner message by default. Unlike the *ABBREV*MOTD*-ABBREV* banner, the Telnet banner message cannot be defined, it is either switched on or off. The Telnet banner message is \"Cisco Systems Console\".")); + if (telnetMessage == true) + paragraphPointer->paragraph.append(i18n(" This message is enabled on *DEVICENAME*.")); + else + paragraphPointer->paragraph.append(i18n(" This message is disabled on *DEVICENAME*.")); + } + else + paragraphPointer->paragraph.assign(i18n("*DEVICETYPE* devices display a \"Cisco Systems Console\" message, or something similar depending on the *DEVICEOS* version. Unlike the *ABBREV*MOTD*-ABBREV* banner, this message cannot be changed and it cannot be disabled on *DEVICEVERSIONFULL*.")); + + return 0; +} + + +int CatalystBanner::generateSecuritySpecificReport(Device *device) +{ + // Variables... + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + int errorCode = 0; + + if ((telnetMessage == true) || (telnetMessageSupported = false)) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Fixed Telnet Banner Message Enabled\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Fixed Telnet Banner Message Enabled")); + securityIssuePointer->reference.assign("COS.BANNTELN.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("The *DEVICETYPE* devices Telnet banner message is different from the *ABBREV*MOTD*-ABBREV* banner message in that it cannot be configured. If enabled, the Telnet banner message \"Cisco Systems Console\", or something similar depending on the *DEVICEOS* version, will be displayed.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that the Telnet banner message was enabled on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 2; // Informational + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("Because the Telnet banner message cannot be changed and includes the manufacturer, it could help an attacker to identify the device. An attacker will look for any information from a device in order to help determine the type of the device. The information could then be used as part of a targeted attack against *DEVICENAME*.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + securityIssuePointer->easeRating = 9; // Trivial + paragraphPointer->paragraph.assign(i18n("The Telnet banner message is returned when a user connects to start a new session.")); + + // Issue recommendation... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that the Telnet banner should be disabled.")); + if (telnetMessageSupported == false) + { + securityIssuePointer->fixRating = 8; // Involved + paragraphPointer->paragraph.append(i18n(" However, the banner message cannot be disabled on *DEVICEVERSION*. *COMPANY* recommends that the device *ABBREV*OS*-ABBREV* should be upgraded so that the banner message can be disabled.")); + } + else + { + securityIssuePointer->fixRating = 2; // Trivial + paragraphPointer->paragraph.append(i18n(" The Telnet banner message can be disabled with the following command:*CODE**COMMAND*set banner telnet disable*-COMMAND**-CODE*")); + } + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("the fixed Telnet banner message is enabled")); + + // Recommendation list text... + if (telnetMessageSupported == false) + device->addRecommendation(securityIssuePointer, i18n("Upgrade the *DEVICEOS* version")); + device->addRecommendation(securityIssuePointer, i18n("Disable the Telnet banner message")); + } + + return errorCode; +} + diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/banner.h.svn-base b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/banner.h.svn-base new file mode 100644 index 0000000..69b6c18 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/banner.h.svn-base @@ -0,0 +1,55 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CatalystBanner_H +#define device_CatalystBanner_H + +#include "../device/banner/banner.h" + + +class CatalystBanner : public Banner +{ + public: + CatalystBanner(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + // Device specific settings... + bool telnetMessageSupported; // Is the Telnet message option available? + bool telnetMessage; // Is the Telnet message enabled? +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..73ca0ee --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,233 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" +#include "administration.h" +#include "banner.h" +#include "snmp.h" +#include "dns.h" +#include "authentication.h" +#include "interfaces.h" + + +CatalystDevice::CatalystDevice() +{ + deviceMake = "Cisco"; + deviceType = "Catalyst"; + deviceOS = "CatOS"; + + general = new (CatalystGeneral); + administration = new (CatalystAdministration); + banner = new (CatalystBanner); + snmp = new (CatalystSNMP); + dns = new (CatalystDNS); + authentication = new (CatalystAuthentication); + interfaces = new (CatalystInterfaces); +} + + +CatalystDevice::~CatalystDevice() +{ + delete general; + delete administration; + delete banner; + delete snmp; + delete dns; + delete authentication; + delete interfaces; +} + + +int CatalystDevice::processDevice() +{ + // Variables... + char line[1024]; + ConfigLine command; + int tempInt = 0; + bool setting = false; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Init + tempInt = 1; + if (strcmp(command.part(0), "set") == 0) + setting = true; + else + setting = false; + + // Version (in general)... + if (strcmp(command.part(0), "#version") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // System... + else if (strcmp(command.part(tempInt), "system") == 0) + { + tempInt++; + + // Hostname (in general)... + if (strcmp(command.part(tempInt), "name") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Location (in general)... + else if (strcmp(command.part(tempInt), "location") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Contact (in general)... + else if (strcmp(command.part(tempInt), "contact") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Core File (in general)... + else if (strcmp(command.part(tempInt), "core-file") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Syslog File (in general)... + else if (strcmp(command.part(tempInt), "syslog-file") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + // SNMP... + else if (strcmp(command.part(tempInt), "snmp") == 0) + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Set SSH... + else if ((strcmp(command.part(tempInt), "ssh") == 0) && (strcmp(command.part(tempInt + 1), "mode") == 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // VLAN... + else if (strcmp(command.part(tempInt), "vlan") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Port... + else if (strcmp(command.part(tempInt), "port") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // trunking... + else if (strcmp(command.part(tempInt), "trunk") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // CDP... + else if ((strcmp(command.part(tempInt), "cdp") == 0) && ((strcmp(command.part(tempInt + 1), "enable") == 0) || (strcmp(command.part(tempInt + 1), "disable") == 0))) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Interface... + else if (strcmp(command.part(tempInt), "interface") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // IP... + else if (strcmp(command.part(tempInt), "ip") == 0) + { + tempInt++; + + // Telnet... + if (strcmp(command.part(tempInt), "telnet") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // HTTP... + else if (strcmp(command.part(tempInt), "http") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // DNS... + else if (strcmp(command.part(tempInt), "dns") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // unreachable... + else if (strcmp(command.part(tempInt), "unreachable") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // redirect... + else if (strcmp(command.part(tempInt), "redirect") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + // Banner... + else if (strcmp(command.part(tempInt), "banner") == 0) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Authentication... + else if (strcmp(command.part(tempInt), "authentication") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // TACACS... + else if (strcmp(command.part(tempInt), "tacacs") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Kerberos... + else if (strcmp(command.part(tempInt), "kerberos") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Radius... + else if (strcmp(command.part(tempInt), "radius") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // enablepass... + else if (strcmp(command.part(tempInt), "enablepass") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // password... + else if (strcmp(command.part(tempInt), "password") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Prompt (in general)... + else if (strcmp(command.part(tempInt), "prompt") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + if ((general->version.empty()) && (config->deviceTypeChecks == true)) + return libnipper_error_wrongdevice; + + return 0; +} diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..802cac8 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/device.h.svn-base @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_Catalyst_H +#define device_Catalyst_H + + +#include "../device/device.h" + + +class CatalystDevice : public Device +{ + public: + CatalystDevice(); + ~CatalystDevice(); + + virtual int processDevice(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/dns.cpp.svn-base b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/dns.cpp.svn-base new file mode 100644 index 0000000..73c0566 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/dns.cpp.svn-base @@ -0,0 +1,129 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "dns.h" + + +CatalystDNS::CatalystDNS() +{ + nameMappingConfig = i18n("*DEVICETYPE* devices can be configured to resolve name to address mappings. This section details those settings."); // The text paragraph in the config section + + // Host configuration + showInterface = false; // Are interfaces supported? + + // DNS Client Options... + dnsClientSupported = true; // DNS Client Supported? + disableLookup = "*ABBREV*DNS*-ABBREV* lookups can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*set ip dns disable*-COMMAND**-CODE*"; // The text and commands to disable DNS lookup + dnsLookupEnabled = false; // DNS lookups enabled? + dnsRetries = 0; // DNS lookup retries + dnsTimeout = 0; // DNS timeout + + // DNS Server Options... + dnsRecordKeepAliveSupported = false; // Is the DNS keep Alive message type supported? + returnRecordsSupported = false; // Is the single/multiple record field supported? + dynamicDNSSupported = false; // Is Dynamic DNS Supported? + dnsServerSupported = false; // Is DNS Server Supported? + dnsServiceEnabled = false; // Is the DNS service enabled? + dynamicDNSEnabled = false; // Is dynamic DNS enabled? + dnsPort = 53; // DNS Server Port +} + + +int CatalystDNS::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + dnsConfig *dnsPointer = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "set") == 0) + setting = true; + else + setting = false; + + // DNS Server... + if (strcmp(command->part(3), "server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + dnsPointer = addDNSServer(command->part(4)); + if (command->parts == 6) + dnsPointer->description.assign(command->part(5)); + else + dnsPointer->description.assign(i18n("Secondary")); + } + + // DNS Domain... + else if (strcmp(command->part(3), "domain") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Domain Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + dnsPointer = addDomainName(command->part(4)); + } + + // DNS... + else if (strcmp(command->part(2), "dns") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Lookups Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + { + if (strcmp(command->part(3), "enable") == 0) + dnsLookupEnabled = true; + else + dnsLookupEnabled = false; + } + else + dnsLookupEnabled = false; + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CatalystDNS::processDefaults() +{ + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/dns.h.svn-base b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/dns.h.svn-base new file mode 100644 index 0000000..2222ac9 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/dns.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CatalystdeviceDNS_H +#define CatalystdeviceDNS_H + + +#include "../device/dns/dns.h" + + +class CatalystDNS : public DNS +{ + public: + + CatalystDNS(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/general.cpp.svn-base b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/general.cpp.svn-base new file mode 100644 index 0000000..8633eb9 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/general.cpp.svn-base @@ -0,0 +1,182 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +CatalystGeneral::CatalystGeneral() +{ +} + + +int CatalystGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int tempInt = 0; + bool setting = false; + + // Init + tempInt = 1; + if (strcmp(command->part(0), "set") == 0) + setting = true; + else + setting = false; + + // Version + if (strcmp(command->part(0), "#version") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sVersion Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + version.assign(command->part(1)); + } + + else if (strcmp(command->part(tempInt), "system") == 0) + { + tempInt++; + + // Hostname... + if (strcmp(command->part(tempInt), "name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHostname Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + hostname.assign(command->part(tempInt)); + } + + // Location... + else if (strcmp(command->part(tempInt), "location") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLocation Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + location.assign(strstr(line, command->part(tempInt))); + } + + // Contact... + else if (strcmp(command->part(tempInt), "contact") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sContact Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + contact.assign(strstr(line, command->part(tempInt))); + } + + // Core File... + else if (strcmp(command->part(tempInt), "core-file") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCore File Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + coreFile.assign(command->part(tempInt)); + } + + // Syslog File... + else if (strcmp(command->part(tempInt), "syslog-file") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSyslog File Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + syslogFile.assign(command->part(tempInt)); + } + } + + // Prompt + if (strcmp(command->part(tempInt), "prompt") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPrompt Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + cliPrompt.assign(command->part(tempInt)); + } + + return 0; +} + + +int CatalystGeneral::processDefaults(Device *device) +{ + // Split Version Numbers... + if (!version.empty()) + { + versionMajor = atoi(version.c_str()); + versionMinor = atoi(strchr(version.c_str(), '.') + 1); + versionRevision = atoi(strchr(version.c_str(), '(') + 1); + } + + return 0; +} + + +int CatalystGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-GENERAL"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-GENERAL-TABLE"); + + // Core File... + if (!coreFile.empty()) + { + device->addTableData(paragraphPointer->table, i18n("Core File")); + device->addTableData(paragraphPointer->table, coreFile.c_str()); + } + + // Syslog File... + if (!syslogFile.empty()) + { + device->addTableData(paragraphPointer->table, i18n("Syslog File")); + device->addTableData(paragraphPointer->table, syslogFile.c_str()); + } + + // CLI Prompt... + if (!cliPrompt.empty()) + { + device->addTableData(paragraphPointer->table, i18n("*ABBREV*CLI*-ABBREV* Prompt Text")); + device->addTableData(paragraphPointer->table, cliPrompt.c_str()); + } + + return errorCode; +} + diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/general.h.svn-base b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/general.h.svn-base new file mode 100644 index 0000000..cd0b3ff --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/general.h.svn-base @@ -0,0 +1,57 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef Catalystdevicegeneral_H +#define Catalystdevicegeneral_H + +#include "../device/general/general.h" + + +class CatalystGeneral : public General +{ + public: + CatalystGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Reporting... + virtual int generateConfigSpecificReport(Device *device); + + private: + string coreFile; + string syslogFile; + string cliPrompt; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/interfaces.cpp.svn-base b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/interfaces.cpp.svn-base new file mode 100644 index 0000000..0993a94 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/interfaces.cpp.svn-base @@ -0,0 +1,422 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "interfaces.h" + + +CatalystInterfaces::CatalystInterfaces() +{ + // Interface Options... + useModuleAndPort = true; // Use the module / port instead of the name + useInterfaceZone = false; // Use the interface zone + zoneName = i18n("Zone"); // The name for zone field + filterIn = i18n("Filter In"); // The filter in table title text + filterOut = i18n("Filter Out"); // The filter out table title text + showDescription = true; // Show the interface description + cdpGlobalRequired = false; // If CDP needs to be enabled globally as well + disableCDPText = i18n("*ABBREV*CDP*-ABBREV* cab be disabled on individual ports with the following command:*CODE**COMMAND*set cdp disable *CMDUSER*module*-CMDUSER*/*CMDUSER*port*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to disable CDP + cdpSupported = true; // Is CDP supported on interfaces + disableProxyARPText = i18n(""); // The text and commands to disable Proxy ARP + globalIPUnreachableSupported = true; + globalUnreachableEnabled = true; + disableUnreachablesText = i18n("*ABBREV*ICMP*-ABBREV* unreachable messages can be disabled with the following command:*CODE**COMMAND*set ip unreachable disable*-COMMAND**-CODE*"); // The text and commands to disable ICMP unreachable messages + disableInformationText = i18n(""); // The text and commands to disable ICMP information messages + disableMaskText = i18n(""); // The text and commands to disable ICMP mask messages + disableRedirectText = i18n(""); // The text and commands to disable ICMP redirect messages + globalRedirectSupported = true; // Globally rather than on interfaces + globalRedirectEnabled = true; // Globally rather than on interfaces + disableDirectedText = i18n(""); // The text and commands to disable directed broadcasts + disableMOPText = i18n(""); // The text and commands to disable MOP + disableActiveText = i18n("A port can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*set port disable *CMDUSER*module*-CMDUSER*/*CMDUSER*port*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to disable potentially unused interfaces + filterName = i18n("filter lists"); // The filter list name for use in the filter issue text + configFilterText = i18n(""); // The text and commands to configure network filtering + defaultAutoTrunk = true; // Default to automatically trunk + disableTrunkText = i18n("Trunking can be disabled on *DEVICETYPE* device ports with the following command:*CODE**COMMAND*set trunk *CMDUSER*module*-CMDUSER*/*CMDUSER*port*-CMDUSER* off*-COMMAND**-CODE*"); // The text and commands to disable trunking on a port + enablePortSecurityText = i18n(""); // The text and commands to enable port security + + switchportMode = portModeDynamic; + cdpGlobal = true; +} + + +int CatalystInterfaces::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + interfaceListConfig *interfaceListPointer = 0; + interfaceConfig *interfacePointer = 0; + int tempInt = 0; + Device::listStruct *tempList = 0; + Device::listStruct *listPointer = 0; + Device::listStruct *tempVLANList = 0; + Device::listStruct *listVLANPointer = 0; + + // Interface... + if ((strcmp(command->part(0), "set") == 0) && (strcmp(command->part(1), "vlan") == 0) && (strcmp(command->part(3), "firewall-vlan") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sVLAN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfaceListPointer = getInterfaceList("VLANINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*VLAN*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*VLAN*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*VLAN*-ABBREV* interfaces"); + interfaceListPointer->label = "VLANINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = false; + } + + tempList = device->createPortList(command->part(2)); + listPointer = tempList; + while (listPointer != 0) + { + if (command->parts == 4) + { + interfaceListPointer = getInterfaceList("PORTINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Module Ports"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices module ports."); + interfaceListPointer->tableTitle = i18n("Module ports"); + interfaceListPointer->label = "PORTINTERFACES"; + interfaceListPointer->vlanSupported = true; + interfaceListPointer->portModeSupported = true; + interfaceListPointer->interfaceDisableSupport = true; + interfaceListPointer->cdpSupported = true; + } + + tempVLANList = device->createPortList(command->part(3)); + listVLANPointer = tempVLANList; + while (listVLANPointer != 0) + { + interfacePointer = getOnlyInterface(interfaceListPointer, "", atoi(listVLANPointer->listItem.c_str()), atoi(listVLANPointer->listItem.substr(listVLANPointer->listItem.find("/") + 1).c_str())); + if (interfacePointer == 0) + { + interfacePointer = getInterface(interfaceListPointer, "", atoi(listVLANPointer->listItem.c_str()), atoi(listVLANPointer->listItem.substr(listVLANPointer->listItem.find("/") + 1).c_str())); + interfacePointer->switchportMode = switchportMode; + interfacePointer->cdp = cdpGlobal; + } + addVLAN(interfacePointer, listPointer->listItem.c_str()); + listVLANPointer = listVLANPointer->next; + } + + // Delete list + while (tempVLANList != 0) + { + listVLANPointer = tempVLANList->next; + delete tempVLANList; + tempVLANList = listVLANPointer; + } + } + + else + { + interfacePointer = getInterface(interfaceListPointer, listPointer->listItem.c_str()); + + tempInt = 3; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "name") == 0) + { + tempInt++; + interfacePointer->description.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "state") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "active") == 0) + interfacePointer->enabled = true; + else + interfacePointer->enabled = false; + } + + tempInt++; + } + } + + listPointer = listPointer->next; + } + + // Delete list + while (tempList != 0) + { + listPointer = tempList->next; + delete tempList; + tempList = listPointer; + } + } + + // unreachable... + else if ((strcmp(command->part(0), "set") == 0) && (strcmp(command->part(1), "ip") == 0) && (strcmp(command->part(2), "unreachable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sUnreachables Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(3), "disable") == 0) + globalUnreachableEnabled = false; + else + globalUnreachableEnabled = true; + } + + // redirect... + else if ((strcmp(command->part(0), "set") == 0) && (strcmp(command->part(1), "ip") == 0) && (strcmp(command->part(2), "redirect") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRedirect Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(3), "disable") == 0) + globalRedirectEnabled = false; + else + globalRedirectEnabled = true; + } + + // CDP Globally... + else if ((strcmp(command->part(0), "set") == 0) && (strcmp(command->part(1), "cdp") == 0) && (command->parts == 3)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCDP Global Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(2), "disable") == 0) + cdpGlobal = false; + else + cdpGlobal = true; + interfaceListPointer = getInterfaceList("PORTINTERFACES"); + if (interfaceListPointer != 0) + { + interfacePointer = interfaceListPointer->interface; + while (interfacePointer != 0) + { + interfacePointer->cdp = cdpGlobal; + interfacePointer = interfacePointer->next; + } + } + } + + // CDP Individually... + else if ((strcmp(command->part(0), "set") == 0) && (strcmp(command->part(1), "cdp") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCDP Individual Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfaceListPointer = getInterfaceList("PORTINTERFACES"); + tempList = device->createPortList(command->part(3)); + listPointer = tempList; + while (listPointer != 0) + { + interfacePointer = getOnlyInterface(interfaceListPointer, "", atoi(listPointer->listItem.c_str()), atoi(listPointer->listItem.substr(listPointer->listItem.find("/") + 1).c_str())); + if (interfacePointer == 0) + { + interfacePointer = getInterface(interfaceListPointer, "", atoi(listPointer->listItem.c_str()), atoi(listPointer->listItem.substr(listPointer->listItem.find("/") + 1).c_str())); + interfacePointer->switchportMode = switchportMode; + interfacePointer->cdp = cdpGlobal; + } + + if (strcmp(command->part(2), "disable") == 0) + interfacePointer->cdp = false; + else + interfacePointer->cdp = true; + + listPointer = listPointer->next; + } + + // Delete list + while (tempList != 0) + { + listPointer = tempList->next; + delete tempList; + tempList = listPointer; + } + } + + // Trunk all... + else if ((strcmp(command->part(0), "set") == 0) && (strcmp(command->part(1), "trunk") == 0) && (strcmp(command->part(2), "all") == 0) && (strcmp(command->part(3), "off") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPort Trunking Off Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + switchportMode = portModeAccess; + interfaceListPointer = getInterfaceList("PORTINTERFACES"); + if (interfaceListPointer != 0) + { + interfacePointer = interfaceListPointer->interface; + while (interfacePointer != 0) + { + interfacePointer->switchportMode = switchportMode; + interfacePointer = interfacePointer->next; + } + } + } + + // Trunk... + else if ((strcmp(command->part(0), "set") == 0) && (strcmp(command->part(1), "trunk") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPort Trunking Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfaceListPointer = getInterfaceList("PORTINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Module Ports"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices module ports."); + interfaceListPointer->tableTitle = i18n("Module ports"); + interfaceListPointer->label = "PORTINTERFACES"; + interfaceListPointer->vlanSupported = true; + interfaceListPointer->portModeSupported = true; + interfaceListPointer->interfaceDisableSupport = true; + interfaceListPointer->cdpSupported = true; + } + + tempList = device->createPortList(command->part(2)); + listPointer = tempList; + while (listPointer != 0) + { + interfacePointer = getOnlyInterface(interfaceListPointer, "", atoi(listPointer->listItem.c_str()), atoi(listPointer->listItem.substr(listPointer->listItem.find("/") + 1).c_str())); + if (interfacePointer == 0) + { + interfacePointer = getInterface(interfaceListPointer, "", atoi(listPointer->listItem.c_str()), atoi(listPointer->listItem.substr(listPointer->listItem.find("/") + 1).c_str())); + interfacePointer->switchportMode = switchportMode; + interfacePointer->cdp = cdpGlobal; + } + + if ((strcmp(command->part(3), "on") == 0) || (strcmp(command->part(3), "nonegotiate") == 0)) + interfacePointer->switchportMode = portModeTrunk; + + else if (strcmp(command->part(3), "off") == 0) + interfacePointer->switchportMode = portModeAccess; + + else + interfacePointer->switchportMode = portModeDynamic; + + listPointer = listPointer->next; + } + + // Delete list + while (tempList != 0) + { + listPointer = tempList->next; + delete tempList; + tempList = listPointer; + } + } + + // Port... + else if ((strcmp(command->part(0), "set") == 0) && (strcmp(command->part(1), "port") == 0)&& (strcmp(command->part(3), "all") != 0)) + { + + interfaceListPointer = getInterfaceList("PORTINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Module Ports"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices module ports."); + interfaceListPointer->tableTitle = i18n("Module ports"); + interfaceListPointer->label = "PORTINTERFACES"; + interfaceListPointer->vlanSupported = true; + interfaceListPointer->portModeSupported = true; + interfaceListPointer->interfaceDisableSupport = true; + interfaceListPointer->cdpSupported = true; + } + + tempList = device->createPortList(command->part(3)); + listPointer = tempList; + while (listPointer != 0) + { + interfacePointer = getOnlyInterface(interfaceListPointer, "", atoi(listPointer->listItem.c_str()), atoi(listPointer->listItem.substr(listPointer->listItem.find("/") + 1).c_str())); + if (interfacePointer == 0) + { + interfacePointer = getInterface(interfaceListPointer, "", atoi(listPointer->listItem.c_str()), atoi(listPointer->listItem.substr(listPointer->listItem.find("/") + 1).c_str())); + interfacePointer->switchportMode = switchportMode; + interfacePointer->cdp = cdpGlobal; + } + + if (strcmp(command->part(2), "name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPort Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->description.assign(strstr(line, command->part(3))); + } + + else if (strcmp(command->part(2), "disable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPort Disable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->enabled = false; + } + + else if (strcmp(command->part(2), "description") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPort Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->description.assign(strstr(line, command->part(3))); + } + + // All others... + else + device->lineNotProcessed(line); + + listPointer = listPointer->next; + } + + // Delete list + while (tempList != 0) + { + listPointer = tempList->next; + delete tempList; + tempList = listPointer; + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CatalystInterfaces::processDefaults(Device *device) +{ + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/interfaces.h.svn-base b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/interfaces.h.svn-base new file mode 100644 index 0000000..aacc53b --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/interfaces.h.svn-base @@ -0,0 +1,52 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CatalystInterfaces_H +#define CatalystInterfaces_H + + +#include "../device/interfaces/interfaces.h" + + +class CatalystInterfaces : public Interfaces +{ + public: + + CatalystInterfaces(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + + portMode switchportMode; + bool cdpGlobal; +}; + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/snmp.cpp.svn-base b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/snmp.cpp.svn-base new file mode 100644 index 0000000..f9ab053 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/snmp.cpp.svn-base @@ -0,0 +1,569 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include +#include +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "general.h" +#include "device.h" +#include "snmp.h" + +using namespace std; + + +CatalystSNMP::CatalystSNMP() +{ + // Init SNMP support options... + deviceSNMPSupportText = i18n("All *DEVICETYPE* support *ABBREV*SNMP*-ABBREV* versions 1 and 2, *ABBREV*SNMP*-ABBREV* version 3 is supported from *DEVICEOS* 6."); // Intro Config section device specific text. + supportSNMP3 = false; // Does this device support SNMPv3? + supportSNMP3Upgrade = false; // Do you have to upgrade to get support for SNMPv3 + supportSNMP3UpgText = i18n("*ABBREV*SNMP*-ABBREV* version 3 is supported from *DEVICEOS* 6."); // SNMP 3 is supported from OS version ... + disableSNMPCmdText = i18n("*ABBREV*SNMP*-ABBREV* can be disabled with the following command:*CODE**COMMAND*set snmp disable*-COMMAND**-CODE*"); // The text and command(s) to disable SNMP support + configSNMPCommunityText = i18n("*ABBREV*SNMP*-ABBREV* community strings can be configured with the following command:*CODE**COMMAND*set snmp community *CMDREQUIRE*read-only *CMDOR* read-write *CMDOR* read-write-all*-CMDREQUIRE* *CMDUSER*community-string*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure a community string + configSNMP3Text = i18n("*ABBREV*SNMP*-ABBREV* version 3 can be configured by creating a user then adding that user to a group. This can be configured using the following commands:*CODE**COMMAND*set snmp user *CMDUSER*username*-CMDUSER* remote *CMDUSER*engineid*-CMDUSER* *CMDOPTION*authentication *CMDREQUIRE*md5 *CMDOR* sha*-CMDREQUIRE* auth-password*-CMDOPTION* *CMDOPTION*privacy *CMDOPTION*des *CMDOR* 3des *CMDOR* aes *CMDREQUIRE*128 *CMDOR* 192 *CMDOR* 256*-CMDREQUIRE**-CMDOPTION* *CMDUSER*priv-password*-CMDUSER**-CMDOPTION**-COMMAND**COMMAND*set snmp group *CMDUSER*groupname*-CMDUSER* user *CMDUSER*username*-CMDUSER* security-model v3*-COMMAND**-CODE*"); // The text and command(s) to configure SNMP version 3 + configSNMPViewText = i18n("*ABBREV*SNMP*-ABBREV* views can be configured and assigned to a community string using the following commands:*CODE**COMMAND*set snmp view *CMDUSER*viewname*-CMDUSER* *CMDUSER*mib*-CMDUSER* *CMDOPTION*mask*-CMDOPTION* *CMDOPTION*included *CMDOR* excluded*-CMDOPTION**-COMMAND**COMMAND*set snmp community-ext *CMDUSER*community-string*-CMDUSER* *CMDREQUIRE*read-only *CMDOR* read-write *CMDOR* read-write-all*-CMDREQUIRE* view *CMDUSER*viewname*-CMDUSER* *CMDOPTION*access *CMDUSER*access-number*-CMDUSER**-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP views + configSNMPTrapsText = i18n("*ABBREV*SNMP*-ABBREV* traps can be configured with the following command:*CODE**COMMAND*set snmp trap *CMDUSER*ip-address*-CMDUSER* *CMDUSER*community-string*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP traps + configSNMPInformsText = i18n("*ABBREV*SNMP*-ABBREV* informs can be configuerd with the following command:*CODE**COMMAND*set snmp inform *CMDUSER*ip-address*-CMDUSER* *CMDUSER*community-string*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP informs + configSNMPReadOnlyText = i18n("*ABBREV*SNMP*-ABBREV* read-write access can be disabled by clearing the community strings with the following command:*CODE**COMMAND*clear snmp community-ext *CMDUSER*community-string*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP read only access + configSNMPFilterText = i18n("*ABBREV*SNMP*-ABBREV* access list can be configured and assigned to a community string using the following commands:*CODE**COMMAND*set snmp access-list *CMDUSER*access-number*-CMDUSER* *CMDUSER*ip-address*-CMDUSER* *CMDOPTION*ipmask *CMDUSER*network-mask*-CMDUSER**-CMDOPTION**-COMMAND**COMMAND*set snmp community-ext *CMDUSER*community-string*-CMDUSER* *CMDREQUIRE*read-only *CMDOR* read-write *CMDOR* read-write-all*-CMDREQUIRE* *CMDOPTION*view *CMDUSER*viewname*-CMDUSER**-CMDOPTION* access *CMDUSER*access-number*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP filtering + + enabled = true; // Is the SNMP server enabled? + snmp12Enabled = false; // Is SNMP versions 1 or 2 configured? + snmp3Enabled = false; // Is SNMP version 3 configured? + + snmpFilterText = i18n("Access List"); // The device specific description of a filter (i.e. Cisco called them ACL) + + // Community Options... + communityView = true; // SNMP view for the community + communityFilter = true; // SNMP Network Filtering + communityIPv6Filter = false; // SNMP IPv6 Network Filtering + communitySpecificFilters = true; // If the device uses an SNMP specific list. If false, it is std device filters + communityRequiresHosts = false; // If the SNMP community will not work without a list of those who can access it + + // Default communities... + defaultReadOnly = "public"; // Default read only community + defaultReadWrite = "private"; // Default read/write community + defaultReadWriteAll = "secret"; // Default read/write all community + + // View support options... + viewSeperated = false; // Separate the views into different tables + viewExcludes = false; // Show the Include/Exclude View Table column + viewMIBText = i18n("*ABBREV*MIB*-ABBREV*"); // What the MIB column title in the table should be called + + // SNMP Trap/Inform Host Options... + trapsOnly = false; // Only Traps are supported + trapsSNMPv3 = false; // SNMP v3 support for traps + trapsShowPort = true; // Show Trap Host Port in Table + trapsInterface = false; // Show Interface in Table + trapsInterfaceText = i18n("Interface"); // The Traps/Informs Host Table Interface Column Title + trapsShowNotifications = false; // Show Notifications in the Table + trapsShowEventLevel = false; // Show Notification Event Level in the Table + + // Traps/Informs Options... + trapsShowExcluded = true; // Show excluded traps + trapsShowOptions = false; // Show trap options + + // Host Options... + hostShowInterface = false; // Show the Interface in the Table + hostShowCommunity = false; // Show the Community in the Table + hostShowFilterID = true; // Show a filter ID if used + hostFilterText = i18n("Access List"); // The Table column title for the filter text + + // SNMP User Options... + showUserRemote = false; // Show the remote host/port setting + showUserPriv = true; // Show the privacy settings + showUserFilter = false; // Show the Filter column in the table + showUserIPv6Filter = false; // Show the IPv6 Filter column in the table + userFilterText = i18n("Filter"); // The Text for the Filter table column title + userIPv6FilterText = i18n("*ABBREV*IPv6*-ABBREV* Filter"); // The Text for the IPv6 Filter table column title + + // SNMP Group Options... + snmpGroupShowType = false; // Enable/Disable SNMPv3 type in table + snmpGroupReadView = false; // Enable/Disable Read Views + snmpGroupWriteView = false; // Enable/Disable Write Views + snmpGroupNotifyView = false; // Enable/Disable Notify Views + snmpGroupFilter = false; // Enable/Disable Filter support + snmpGroupIPv6Filter = false; // Enable/Disable IPv6 Filter support + groupFilterText = i18n("Filter"); // The Text for the Filter table column title + groupIPv6FilterText = i18n("*ABBREV*IPv6*-ABBREV* Filter"); // The Text for the IPv6 Filter table column title + + // Device Specific settings... + buffer = 95; + rmonMemory = 85; + rmonSupport = false; +} + + +int CatalystSNMP::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + snmpCommunity *communityPointer = 0; + snmpTrapHost *trapHostPointer = 0; + snmpHostStruct *snmpHostPointer = 0; + snmpTrap *snmpTrapPointer = 0; + snmpUserStruct *snmpUserPointer = 0; + snmpGroupStruct *snmpGroupPointer = 0; + int tempInt = 0; + bool setting = false; + + // Init + tempInt = 2; + if (strcmp(command->part(0), "set") == 0) + setting = true; + else + setting = false; + + // Enable/Disable... + if (strcmp(command->part(tempInt), "enable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + enabled = true; + } + else if (strcmp(command->part(tempInt), "disable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Disable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + enabled = false; + } + + // Buffer... + else if (strcmp(command->part(tempInt), "buffer") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Buffer Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + buffer = atoi(command->part(tempInt)); + } + + // Chassis Alias... + else if (strcmp(command->part(tempInt), "chassis-alias") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Chassis Alias Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (tempInt < command->parts) + chassis.assign(strstr(line, command->part(tempInt))); + } + + // Community... + else if ((strcmp(command->part(tempInt), "community") == 0) && (strcmp(command->part(tempInt + 1), "index") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (tempInt + 1 < command->parts) + { + communityPointer = addSNMPCommunity(); + communityPointer->enabled = setting; + + if (strcmp(command->part(tempInt), "read-only") == 0) + communityPointer->type = communityReadOnly; + else if (strcmp(command->part(tempInt), "read-write") == 0) + communityPointer->type = communityReadWrite; + else if (strcmp(command->part(tempInt), "read-write-all") == 0) + communityPointer->type = communityReadWriteAll; + + tempInt++; + communityPointer->community.assign(command->part(tempInt)); + } + } + + // Community-Ext... + else if (strcmp(command->part(tempInt), "community-ext") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community-Ext Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + communityPointer = getSNMPCommunity(command->part(tempInt)); + if (communityPointer == 0) + { + communityPointer = addSNMPCommunity(); + communityPointer->community.assign(command->part(tempInt)); + } + tempInt++; + if (strcmp(command->part(tempInt), "read-only") == 0) + communityPointer->type = communityReadOnly; + else if (strcmp(command->part(tempInt), "read-write") == 0) + communityPointer->type = communityReadWrite; + else if (strcmp(command->part(tempInt), "read-write-all") == 0) + communityPointer->type = communityReadWriteAll; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "view") == 0) + { + tempInt++; + communityPointer->view.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "access") == 0) + { + tempInt++; + communityPointer->filter.assign(command->part(tempInt)); + } + tempInt++; + } + } + + // RMON Support... + else if (strcmp(command->part(tempInt), "rmon") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP RMON Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt), "enable") == 0) + rmonSupport = true; + else + rmonSupport = false; + } + + // RMON Memory Limit... + else if (strcmp(command->part(tempInt), "rmonmemory") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP RMON Memory Limit Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + rmonMemory = atoi(command->part(tempInt)); + } + + // View... + else if (strcasecmp(command->part(tempInt), "view") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP View Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcasecmp(command->part(tempInt), "-hex") == 0) + tempInt++; + if (strcasecmp(command->part(tempInt + 2), "mask") != 0) + { + if (strcasecmp(command->part(tempInt + 2), "included") == 0) + addSNMPView(command->part(tempInt), command->part(tempInt + 1), true); + else + addSNMPView(command->part(tempInt), command->part(tempInt + 1), false); + } + else + { + if (strcasecmp(command->part(tempInt + 3), "included") == 0) + addSNMPView(command->part(tempInt), command->part(tempInt + 1), true); + else + addSNMPView(command->part(tempInt), command->part(tempInt + 1), false); + } + } + + // Access List... + else if (strcasecmp(command->part(tempInt), "access-list") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Access List Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + snmpHostPointer = addHost(); + snmpHostPointer->filter.assign(command->part(tempInt)); + tempInt++; + snmpHostPointer->host.assign(command->part(tempInt)); + tempInt++; + if (strcasecmp(command->part(tempInt), "ipmask") == 0) + { + tempInt++; + snmpHostPointer->networkMask.assign(command->part(tempInt)); + } + } + + // SNMP Informs... + else if ((strcasecmp(command->part(tempInt), "inform") == 0) && (command->parts > 4)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Informs Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapHostPointer = addSNMPTrapHost(); + trapHostPointer->trap = false; + trapHostPointer->host.assign(command->part(tempInt)); + tempInt++; + trapHostPointer->community.assign(command->part(tempInt)); + tempInt++; + while (tempInt < command->parts) + { + if (strcasecmp(command->part(tempInt), "port") == 0) + { + tempInt++; + trapHostPointer->port = atoi(command->part(tempInt)); + } + else if (strcasecmp(command->part(tempInt), "port") == 0) + { + tempInt++; + if ((strcasecmp(command->part(tempInt), "2") == 0) || (strcasecmp(command->part(tempInt), "2c") == 0)) + trapHostPointer->version = 2; + else + trapHostPointer->version = 1; + } + tempInt++; + } + } + + // Trap hosts... + else if ((strcasecmp(command->part(tempInt), "trap") == 0) && (strcasecmp(command->part(tempInt + 1), "enable") != 0) && (strcasecmp(command->part(tempInt + 1), "disable") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapHostPointer = addSNMPTrapHost(); + trapHostPointer->trap = true; + trapHostPointer->host.assign(command->part(tempInt)); + tempInt++; + trapHostPointer->community.assign(command->part(tempInt)); + tempInt++; + while (tempInt < command->parts) + { + if (strcasecmp(command->part(tempInt), "port") == 0) + { + tempInt++; + trapHostPointer->port = atoi(command->part(tempInt)); + } + tempInt++; + } + } + + // Traps... + else if (strcasecmp(command->part(tempInt), "trap") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + snmpTrapPointer = addSNMPTrap(); + tempInt++; + if (strcasecmp(command->part(tempInt), "enable") == 0) + snmpTrapPointer->include = true; + else + snmpTrapPointer->include = false; + tempInt++; + snmpTrapPointer->trap.assign(command->part(tempInt)); + } + + // Users... + else if (strcasecmp(command->part(tempInt), "user") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP User Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcasecmp(command->part(tempInt), "-hex") == 0) + tempInt++; + snmpUserPointer = getSNMPUser(command->part(tempInt)); + if (snmpUserPointer == 0) + { + snmpUserPointer = addSNMPUser(); + snmpUserPointer->snmpv3 = snmpV3NoAuth; + snmpUserPointer->priv = snmpV3PrivDES; + snmpUserPointer->user.assign(command->part(tempInt)); + } + tempInt++; + while (tempInt < command->parts) + { + if (strcasecmp(command->part(tempInt), "authentication") == 0) + { + snmpUserPointer->snmpv3 = snmpV3Auth; + tempInt++; + if (strcasecmp(command->part(tempInt), "sha") == 0) + snmpUserPointer->auth = snmpV3AuthSHA; + else + snmpUserPointer->auth = snmpV3AuthMD5; + tempInt++; + snmpUserPointer->authPassword.assign(command->part(tempInt)); + } + + else if (strcasecmp(command->part(tempInt), "privacy") == 0) + { + snmpUserPointer->snmpv3 = snmpV3Priv; + tempInt++; + if (strcasecmp(command->part(tempInt), "des") == 0) + { + snmpUserPointer->priv = snmpV3PrivDES; + tempInt++; + } + else if (strcasecmp(command->part(tempInt), "3des") == 0) + { + snmpUserPointer->priv = snmpV3Priv3DES; + tempInt++; + } + else if (strcasecmp(command->part(tempInt), "aes") == 0) + { + tempInt++; + if (strcasecmp(command->part(tempInt), "128") == 0) + snmpUserPointer->priv = snmpV3PrivAES128; + else if (strcasecmp(command->part(tempInt), "192") == 0) + snmpUserPointer->priv = snmpV3PrivAES192; + else + snmpUserPointer->priv = snmpV3PrivAES256; + tempInt++; + snmpUserPointer->privPassword.assign(command->part(tempInt)); + } + } + + tempInt++; + } + } + + // Groups... + else if (strcasecmp(command->part(tempInt), "group") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcasecmp(command->part(tempInt), "-hex") == 0) + tempInt++; + snmpGroupPointer = getSNMPGroup(command->part(tempInt)); + if (snmpGroupPointer == 0) + { + snmpGroupPointer = addSNMPGroup(); + snmpGroupPointer->group.assign(command->part(tempInt)); + } + tempInt += 2; + if (strcasecmp(command->part(tempInt), "-hex") == 0) + tempInt++; + snmpUserPointer = getSNMPUser(command->part(tempInt)); + if (snmpUserPointer == 0) + { + snmpUserPointer = addSNMPUser(); + snmpUserPointer->snmpv3 = snmpV3NoAuth; + snmpUserPointer->priv = snmpV3PrivDES; + snmpUserPointer->user.assign(command->part(tempInt)); + } + snmpUserPointer->group.assign(snmpGroupPointer->group); + tempInt += 2; + if (strcasecmp(command->part(tempInt), "v1") == 0) + snmpGroupPointer->version = 1; + else if ((strcasecmp(command->part(tempInt), "v2c") == 0) || (strcasecmp(command->part(tempInt), "v2") == 0)) + snmpGroupPointer->version = 2; + else + snmpGroupPointer->version = 3; + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CatalystSNMP::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + int errorCode = 0; + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-SNMP-TABLE"); + + // RMON Support + device->addTableData(paragraphPointer->table, i18n("*ABBREV*RMON*-ABBREV* Support")); + if (rmonSupport == true) + { + device->addTableData(paragraphPointer->table, i18n("Enabled")); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*RMON*-ABBREV* Memory Limit")); + tempString.assign(device->intToString(rmonMemory)); + tempString.append(i18n(" percent")); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + // Buffer... + device->addTableData(paragraphPointer->table, i18n("*ABBREV*UDP*-ABBREV* Receive Buffer Size")); + tempString.assign(device->intToString(buffer)); + tempString.append(i18n(" packets")); + device->addTableData(paragraphPointer->table, tempString.c_str()); + + return errorCode; +} + + +int CatalystSNMP::processDefaults(Device *device) +{ + // Variables... + snmpCommunity *communityPointer = 0; + bool readFound = false; + bool writeFound = false; + bool writeAllFound = true; + + // SNMP v3 supported? + if (device->general->versionMajor > 5) + supportSNMP3 = true; + else + supportSNMP3Upgrade = true; + + // Add missing default SNMP communities... + communityPointer = community; + while (communityPointer != 0) + { + if (communityPointer->type == communityReadOnly) + readFound = true; + else if (communityPointer->type == communityReadWrite) + writeFound = true; + else + writeAllFound = true; + communityPointer = communityPointer->next; + } + if (readFound == false) + { + communityPointer = addSNMPCommunity(); + communityPointer->type = communityReadOnly; + communityPointer->community.assign(defaultReadOnly); + } + if (writeFound == false) + { + communityPointer = addSNMPCommunity(); + communityPointer->type = communityReadWrite; + communityPointer->community.assign(defaultReadWrite); + } + if (writeAllFound == false) + { + communityPointer = addSNMPCommunity(); + communityPointer->type = communityReadWriteAll; + communityPointer->community.assign(defaultReadWriteAll); + } + + // SNMP v1 & 2 Active? + communityPointer = community; + while ((communityPointer != 0) && (snmp12Enabled == false)) + { + if (communityPointer->enabled == true) + snmp12Enabled = true; + communityPointer = communityPointer->next; + } + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/snmp.h.svn-base b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/snmp.h.svn-base new file mode 100644 index 0000000..cf24880 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/.svn/text-base/snmp.h.svn-base @@ -0,0 +1,55 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef Catalystdevicesnmp_H +#define Catalystdevicesnmp_H + +#include "../device/snmp/snmp.h" + + +class CatalystSNMP : public SNMP +{ + public: + CatalystSNMP(); + + // Device specific properties... + unsigned int buffer; + bool rmonSupport; + unsigned int rmonMemory; + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int generateConfigSpecificReport(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst/administration.cpp b/libnipper-0.12.6/Cisco-Catalyst/administration.cpp new file mode 100644 index 0000000..91980c4 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/administration.cpp @@ -0,0 +1,257 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "administration.h" + + +CatalystAdministration::CatalystAdministration() +{ + // General... + generalSettings = false; // Show the general settings section? + consoleEnabled = true; // Is the Console port enabled? + consoleSupported = true; // Is a console port supported? + consoleTimeoutSupported = false; // Is a console timeout supported? + //consoleTimeout = 0; // Console timeout + //configConsoleTimeout = i18n(""); // The text and commands to configure the timeout + connectionTimeoutSupported = false; // Is a connection timeout supported? + //connectionTimeout = 0; // Connection Timeout + //configTimeout = i18n(""); // The text and commands to configure the timeout + + // Host restrictions... + serviceWideHosts = false; // Do all the admin services share a common host restrictions? + serviceConfigHosts = i18n(""); // Text, how to configure administrative host restrictions. + + // Telnet options... + telnetSupported = true; // Is telnet supported? + telnetEnabled = true; // Is Telnet enabled? + telnetPort = 23; // The telnet service port + telnetSpecificHost = false; // Does Telnet have its own access list? + telnetHostsRequired = false; // Is the host configuration required? + configTelnetHostAccess = i18n("Telnet management hosts can be configured using the following commands:*CODE**COMMAND*set ip permit enable telnet*-COMMAND**COMMAND*set ip permit *CMDUSER*ip-address*-CMDUSER* *CMDOPTION**CMDUSER*netmask*-CMDUSER**-CMDOPTION* telnet*-COMMAND**-CODE*"); // How access lists are configured for the telnet service + disableTelnet = i18n("The Telnet service can be disabled on *DEVICENAME* with the following command:*CODE**COMMAND*set ip telnet server disable*-COMMAND**-CODE*"); // How to disable telnet text... + //telnetSpecificTimeout = false; // A Telnet Specific Timeout? + //telnetTimeout = 0; // The Telnet Timeout (secs) + configTelnetTimeout = i18n(""); // The text and commands to configure the timeout + + // TFTP options... + tftpSupported = false; // Is TFTP supported? + //tftpEnabled = false; // Is TFTP enabled? + //tftpPort = 69; // The TFTP service port + //tftpSpecificHost = false; // Does TFTP have its own access list? + //tftpHostsRequired = false; // Is the host configuration required? + //configTFTPHostAccess = i18n(""); // How access lists are configured for the TFTP service + //disableTFTP = i18n(""); // How to disable TFTP text... + + // FTP options... + ftpSupported = false; // Is FTP supported? + //ftpEnabled = false; // Is FTP enabled? + //ftpPort = 21; // The FTP service port + //ftpSpecificHost = false; // Does FTP have its own access list? + //ftpHostsRequired = false; // Is the host configuration required? + //configFTPHostAccess = i18n(""); // How access lists are configured for the FTP service + //disableFTP = i18n(""); // How to disable FTP text... + //ftpSpecificTimeout = false; // A FTP Specific Timeout? + //ftpTimeout = 0; // The FTP Timeout (secs) + //configFTPTimeout = i18n(""); // The text and commands to configure the timeout + + // SFTP options... + sftpSupported = false; // Is SFTP supported? + //sftpEnabled = false; // Is SFTP enabled? + //sftpPort = 21; // The SFTP service port + //sftpUpgrade = false; // Is an upgrade required to support SFTP? + //sftpSpecificHost = false; // Does SFTP have its own access list? + //sftpHostsRequired = false; // Is the host configuration required? + //configSFTPHostAccess = i18n(""); // How access lists are configured for the SFTP service + //configSFTP = i18n(""); // How to configure SFTP + //sftpSpecificTimeout = false; // A SFTP Specific Timeout? + //sftpTimeout = 0; // The SFTP Timeout (secs) + //configSFTPTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH options... + sshSupported = false; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = false; // Is the SSH service enabled? + sshVersion = 0; // What is the SSH Protocol version (0 = 1 and 2) + sshPort = 22; // The SSH port number + configSSHSupport = i18n(""); // How to configure SSH... + sshSpecificHost = false; // Does SSH have its own access list? + sshHostsRequired = false; // Is the host configuration required? + configSSHHostAccess = i18n("*ABBREV*SSH*-ABBREV* management hosts can be configured using the following commands:*CODE**COMMAND*set ip permit enable ssh*-COMMAND**COMMAND*set ip permit *CMDUSER*ip-address*-CMDUSER* *CMDOPTION**CMDUSER*netmask*-CMDUSER**-CMDOPTION* ssh*-COMMAND**-CODE*"); // How to configure SSH... + scpSupported = false; // Is SCP supported? + sshSpecificTimeout = false; // A SSH Specific Timeout? + sshTimeout = 0; // The SSH Timeout (secs) + configSSHTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH 2 support... + ssh2Supported = false; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + configSSHv2Support = i18n("Support for *ABBREV*SSH*-ABBREV* protocol version 2 can be configured with the following command:*CODE**COMMAND*set ssh mode v2*-COMMAND**-CODE*"); // How to configure protocol version 2 support only + + sshConfigProtocolSupport = i18n("The *ABBREV*SSH*-ABBREV* protocol service is supported on *DEVICETYPE* from around *DEVICEOS* version 6 onwards. Support for *ABBREV*SSH*-ABBREV* protocol version 2 was introduced around *DEVICEOS* version 8."); // Config report text on protocol support (e.g. supports both version 1 and 2 of the protocol) + + // HTTP(S) options... + httpSupported = true; // Does this device support HTTP + httpsSupported = false; // Does this device support HTTPS + //httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpPort = 80; // HTTP port + //httpsEnabled = false; // Is the HTTPS service enabled? + //httpsPort = 443; // HTTPS port + //httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? + //httpSpecificTimeout = false; // A HTTP Specific Timeout? + //httpTimeout = 0; // The HTTP Timeout (secs) + //configHTTPTimeout = i18n(""); // The text and commands to configure the timeout + httpLabel = i18n("*ABBREV*HTTP*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*HTTPS*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + //httpSpecificHost = false; // Does HTTP have its own access list? + //httpHostsRequired = false; // Is the host configuration required? + //configHTTPHostAccess = i18n(""); // How to configure HTTP Management hosts... + //httpsRedirectSupported = false; // Is HTTP redirected to HTTPS? + disableHTTP = i18n("The *ABBREV*HTTP*-ABBREV* service can be disabled on *DEVICENAME* with the following command:*CODE**COMMAND*set ip telnet server disable*-COMMAND**-CODE*"); // How to disable HTTP text... + //configHTTPSSupport = i18n(""); // How to configure HTTPS... +} + + +CatalystAdministration::~CatalystAdministration() +{ +} + + +int CatalystAdministration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int tempInt = 0; + bool setting = false; + + // Init + tempInt = 1; + if (strcmp(command->part(0), "set") == 0) + setting = true; + else + setting = false; + + // Telnet... + if ((strcmp(command->part(tempInt), "ip") == 0) && (strcmp(command->part(tempInt + 1), "telnet") == 0) && (strcmp(command->part(tempInt + 2), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTelnet Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 3; + if (strcmp(command->part(tempInt), "enable") == 0) + telnetEnabled = true; + else + telnetEnabled = false; + } + + // HTTP Port... + else if ((strcmp(command->part(tempInt), "ip") == 0) && (strcmp(command->part(tempInt + 1), "http") == 0) && (strcmp(command->part(tempInt + 2), "port") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Server Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 3; + if (strcmp(command->part(tempInt), "default") == 0) + httpPort = 80; + else + httpPort = atoi(command->part(tempInt)); + } + + // HTTP Server... + else if ((strcmp(command->part(tempInt), "ip") == 0) && (strcmp(command->part(tempInt + 1), "http") == 0) && (strcmp(command->part(tempInt + 2), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 3; + if (strcmp(command->part(tempInt), "enable") == 0) + httpEnabled = true; + else + httpEnabled = false; + } + + else if ((strcmp(command->part(tempInt), "ssh") == 0) && (strcmp(command->part(tempInt + 1), "mode") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Mode Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + sshSupported = true; + ssh2Supported = true; + sshEnabled = true; + tempInt += 2; + if (strcmp(command->part(tempInt), "v1") == 0) + sshVersion = 1; + else + sshVersion = 2; + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CatalystAdministration::processDefaults(Device *device) +{ + // SSH Supported... + if (sshSupported == false) + { + if (device->general->versionMajor > 5) + { + sshEnabled = true; + sshSupported = true; // Does this device support SSH? + } + else + sshUpgrade = true; // Do you have to upgrade? + } + + // SSH version 2... + if (ssh2Supported == false) + { + if (device->general->versionMajor > 7) + ssh2Supported = true; + else + ssh2upgrade = true; + } + + // Default SSH Protocol... + if ((device->general->versionMajor > 5) && (device->general->versionMajor < 8) && (sshVersion == 0)) + sshVersion = 1; + + return 0; +} + + diff --git a/libnipper-0.12.6/Cisco-Catalyst/administration.h b/libnipper-0.12.6/Cisco-Catalyst/administration.h new file mode 100644 index 0000000..14727fa --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/administration.h @@ -0,0 +1,51 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CatalystAdministration_H +#define device_CatalystAdministration_H + +#include "../device/administration/administration.h" + + +class CatalystAdministration : public Administration +{ + public: + + CatalystAdministration(); + virtual ~CatalystAdministration(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst/authentication.cpp b/libnipper-0.12.6/Cisco-Catalyst/authentication.cpp new file mode 100644 index 0000000..7d98fdf --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/authentication.cpp @@ -0,0 +1,300 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "authentication.h" +#include "../device/common/configline.h" + + +CatalystAuthentication::CatalystAuthentication() +{ + // General... + authenticationConfigIntro = i18n("This section describes the various *DEVICETYPE* device authentication settings."); // Introduction text to the whole section + loginAttemptsSupported = false; // Login attempts supported + loginAttempts = 0; // Login attempts allowed (0 = infinite) + accessWithoutAuthentication = false; // Set to true if access is allowed without authentication + configAccessAuthentication = i18n("The following commands can be used to set the initial password and the enable password:*CODE**COMMAND*set password*-COMMAND**COMMAND*set enablepass*-COMMAND**-CODE*"); // The text and commands to configure access authentication with a password + + // Authentication Methods... + authMethodSupported = true; // Authentication Method Supported + appliesToSupported = true; // Applies To Supported + namedAuthSupport = false; // Are auth servers named? + showAuthLevel = true; // Show auth level + + // Local User Options... + encryptionSupported = false; // Show encryption + readOnlySupported = false; // Is read only supported? + outboundACLSupported = false; // Are outbound filtering ACL supported? + privilegeLevelSupported = false; // Are privilege levels supported? + privilegeLevelText = i18n("Privilege Level"); // The table title privilege level text + configDeviceSpecificLocalUsers = i18n(""); // Text for the config report local user section. + filterText = i18n("*ABBREV*ACL*-ABBREV*"); // The table filter column title text + + // TACACS Options... + showTacacsGroupName = false; // Show the TACACS group + showTacacsRetries = true; // Show the TACACS retries + configTacacsKey = i18n("A *ABBREV*TACACS+*-ABBREV* server key can be configured with the following command:*CODE**COMMAND*set tacacs key *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a TACACS+ key + + // RADIUS Options... + showRadiusGroupName = false; // Show the RADIUS group + configRadiusKey = i18n("A *ABBREV*RADIUS*-ABBREV* server key can be configured with the following command:*CODE**COMMAND*set radius key *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a + + // KERBEROS Options... + showKerberosGroupName = false; // Show the KERBEROS group + + // LDAP Options... + showLDAPGroupName = false; // Show the LDAP group + + // SecurID Options... + showSecurIDGroupName = false; // Show the SecurID group + showSecurIDDuress = false; // Show the SecurID Duress + showSecurIDEncryption = false; // Show the SecurID Encryption + + // NT Options... + showNTGroupName = false; // Show the NT group + + + + firstServer = true; +} + + +int CatalystAuthentication::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + localUserConfig *userPointer = 0; + tacacsServerConfig *tacacsPointer = 0; + radiusServerConfig *radiusPointer = 0; + kerberosServerConfig *kerberosPointer = 0; + authConfig *authPointer = 0; + int errorCode = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "set") == 0) + setting = true; + else + setting = false; + + // password... + if (strcmp(command->part(1), "password") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPassword Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + userPointer = getUser("password"); + userPointer->password.assign(command->part(2)); + userPointer->encryption = md5Encryption; + } + + // enable... + else if (strcmp(command->part(1), "enablepass") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sEnable Password Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + userPointer = getUser("enablepass"); + userPointer->password.assign(command->part(2)); + userPointer->encryption = md5Encryption; + userPointer->adminAccess = true; + } + + // authentication... + else if ((strcmp(command->part(1), "authentication") == 0) && (strcmp(command->part(4), "enable") == 0) && ((strcmp(command->part(3), "kerberos") == 0) || (strcmp(command->part(3), "tacacs") == 0) || (strcmp(command->part(3), "local") == 0) || (strcmp(command->part(3), "radius") == 0))) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAuthentication Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + authPointer = addMethod(); + authPointer->level.assign(command->part(2)); + authPointer->appliesTo.assign(command->part(5)); + if (strcmp(command->part(3), "kerberos") == 0) + authPointer->method = kerberosAuth; + else if (strcmp(command->part(3), "tacacs") == 0) + authPointer->method = tacacsAuth; + else if (strcmp(command->part(3), "radius") == 0) + authPointer->method = radiusAuth; + else if (strcmp(command->part(3), "local") == 0) + authPointer->method = localAuth; + } + + // tacacs... + else if ((strcmp(command->part(1), "tacacs") == 0) && (strcmp(command->part(2), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = addTacacsServer(); + tacacsPointer->address.assign(command->part(3)); + tacacsPointer->timeout = 5; + tacacsPointer->retries = 3; + if (strcmp(command->part(4), "primary") == 0) + tacacsPointer->description.assign(i18n("Primary")); + else + tacacsPointer->description.assign(i18n("Secondary")); + } + + // tacacs key... + else if ((strcmp(command->part(1), "tacacs") == 0) && (strcmp(command->part(2), "key") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Key Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + tacacsPointer->key.assign(strstr(line, command->part(3))); + tacacsPointer = tacacsPointer->next; + } + } + + // tacacs timeout... + else if ((strcmp(command->part(1), "tacacs") == 0) && (strcmp(command->part(2), "timeout") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + tacacsPointer->timeout = atoi(command->part(3)); + tacacsPointer = tacacsPointer->next; + } + } + + // tacacs attempts... + else if ((strcmp(command->part(1), "tacacs") == 0) && (strcmp(command->part(2), "attempts") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Attempts Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + tacacsPointer->retries = atoi(command->part(3)); + tacacsPointer = tacacsPointer->next; + } + } + + // kerberos... + else if ((strcmp(command->part(1), "kerberos") == 0) && (strcmp(command->part(2), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sKerberos Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + kerberosPointer = addKerberosServer(); + kerberosPointer->realm.assign(command->part(3)); + kerberosPointer->address.assign(command->part(4)); + if (command->parts == 6) + kerberosPointer->port = atoi(command->part(5)); + if (firstServer == true) + { + kerberosPointer->description.assign(i18n("Primary")); + firstServer = false; + } + else + kerberosPointer->description.assign(i18n("Secondard")); + } + + // radius... + else if ((strcmp(command->part(1), "radius") == 0) && (strcmp(command->part(2), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = addRadiusServer(); + radiusPointer->address.assign(command->part(3)); + radiusPointer->timeout = 5; + radiusPointer->retries = 3; + if (strcmp(command->part(4), "primary") == 0) + radiusPointer->description.assign(i18n("Primary")); + else + radiusPointer->description.assign(i18n("Secondary")); + } + + // radius key... + else if ((strcmp(command->part(1), "radius") == 0) && (strcmp(command->part(2), "key") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Key Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = radiusServer; + while (tacacsPointer != 0) + { + radiusPointer->key.assign(strstr(line, command->part(3))); + radiusPointer = radiusPointer->next; + } + } + + // radius timeout... + else if ((strcmp(command->part(1), "radius") == 0) && (strcmp(command->part(2), "timeout") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = radiusServer; + while (radiusPointer != 0) + { + radiusPointer->timeout = atoi(command->part(3)); + radiusPointer = radiusPointer->next; + } + } + + // radius attempts... + else if ((strcmp(command->part(1), "radius") == 0) && (strcmp(command->part(2), "retransmit") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Attempts Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = radiusServer; + while (radiusPointer != 0) + { + radiusPointer->retries = atoi(command->part(3)); + radiusPointer = radiusPointer->next; + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return errorCode; +} + + +int CatalystAuthentication::processDefaults(Device *device) +{ + return 0; +} diff --git a/libnipper-0.12.6/Cisco-Catalyst/authentication.h b/libnipper-0.12.6/Cisco-Catalyst/authentication.h new file mode 100644 index 0000000..1dfbe49 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/authentication.h @@ -0,0 +1,57 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef Catalystauthentication_H +#define Catalystauthentication_H + + +#include "../device/authentication/authentication.h" + + +class CatalystAuthentication : public Authentication +{ + public: + + CatalystAuthentication(); + + + // ----------------------------------------------------------------------- + // Standard Device Class Methods... + // ----------------------------------------------------------------------- + + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + + private: + bool firstServer; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst/banner.cpp b/libnipper-0.12.6/Cisco-Catalyst/banner.cpp new file mode 100644 index 0000000..98aad7c --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/banner.cpp @@ -0,0 +1,250 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "banner.h" +#include "general.h" +#include "device.h" + + +CatalystBanner::CatalystBanner() +{ + preLogonBanner = true; // Support Banner(s) Before Logon? + postLogonBanner = false; // Support Banner(s) After Logon? + + configPreLogonBanner = i18n("The *ABBREV*MOTD*-ABBREV* banner is shown when a user connects to *DEVICETYPE* devices. It is configured using a delimiting character, the delimeter is used to mark the start and the end of the banner message. The banner can be configured with the following command:*CODE**COMMAND*set banner motd *CMDUSER*delimeter*-CMDUSER* *CMDUSER*banner-message*-CMDUSER* *CMDUSER*delimeter*-CMDUSER**-COMMAND**-CODE*"); // The text that explains how to config a prelogon banner, with commands... + //configPostLogonBanner; // The text that explains how to config a post logon banner, with commands... + + telnetMessage = true; // Is the Telnet message enabled? + telnetMessageSupported = false; // Is the Telnet message option available? +} + + +int CatalystBanner::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + bannerStruct *bannerPointer = 0; + int tempInt = 0; + bool setting = true; + char delimeter[3] = {0,0,0}; + string tempString; + int position = 0; + bool end = false; + + // Init + tempInt = 2; + if (strcmp(command->part(0), "set") == 0) + setting = true; + else + setting = false; + + // Telnet banner... + if (strcmp(command->part(tempInt), "telnet") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTelnet Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt), "enable") == 0) + telnetMessage = true; + else + telnetMessage = false; + telnetMessageSupported = true; + } + + // MOTD... + else if (strcmp(command->part(tempInt), "motd") == 0) + { + tempInt++; + + // The setup... + if (command->part(tempInt)[0] != '^') + { + delimeter[0] = command->part(tempInt)[0]; + position = 1; + } + else if (strlen(command->part(tempInt)) > 1) + { + delimeter[0] = command->part(tempInt)[0]; + delimeter[1] = command->part(tempInt)[1]; + position = 2; + } + if (strlen(command->part(tempInt) + position) > 0) + { + if (strncmp(command->part(tempInt) + position, (const char *)&delimeter, position) == 0) + end = true; + } + + // Get banner... + if (end == false) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign(i18n("*ABBREV*MOTD*-ABBREV*")); + bannerPointer->description.assign(i18n("The *ABBREV*MOTD*-ABBREV* banner message is presented to users before they logon. The *ABBREV*MOTD*-ABBREV* banner configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = anyConnection; + tempString.assign(strstr(line, (const char *)&delimeter) + position); + + // Get the lines... + while ((end == false) && (feof(device->inputFile) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (tempString.find((const char *)&delimeter) != tempString.npos) + { + end = true; + tempString.erase(tempString.find((const char *)&delimeter)); + } + + addBannerLine(bannerPointer, tempString.c_str()); + + // Read a line from the config... + if (end == false) + { + device->readLine(line, lineSize); + tempString.assign(line); + } + } + } + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CatalystBanner::processDefaults(Device *device) +{ + if ((telnetMessageSupported == false) && (device->general->versionMajor > 6)) + telnetMessageSupported = true; + + return 0; +} + + +int CatalystBanner::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + + if (banner == 0) + generateConfigBannerReport(device); + + configReportPointer = device->getConfigSection("CONFIG-BANNER"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraphTitle.assign(i18n("Telnet Banner Message")); + if (telnetMessageSupported == true) + { + paragraphPointer->paragraph.assign(i18n("*DEVICETYPE* devices are configured with a Telnet banner message by default. Unlike the *ABBREV*MOTD*-ABBREV* banner, the Telnet banner message cannot be defined, it is either switched on or off. The Telnet banner message is \"Cisco Systems Console\".")); + if (telnetMessage == true) + paragraphPointer->paragraph.append(i18n(" This message is enabled on *DEVICENAME*.")); + else + paragraphPointer->paragraph.append(i18n(" This message is disabled on *DEVICENAME*.")); + } + else + paragraphPointer->paragraph.assign(i18n("*DEVICETYPE* devices display a \"Cisco Systems Console\" message, or something similar depending on the *DEVICEOS* version. Unlike the *ABBREV*MOTD*-ABBREV* banner, this message cannot be changed and it cannot be disabled on *DEVICEVERSIONFULL*.")); + + return 0; +} + + +int CatalystBanner::generateSecuritySpecificReport(Device *device) +{ + // Variables... + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + int errorCode = 0; + + if ((telnetMessage == true) || (telnetMessageSupported = false)) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Fixed Telnet Banner Message Enabled\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Fixed Telnet Banner Message Enabled")); + securityIssuePointer->reference.assign("COS.BANNTELN.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("The *DEVICETYPE* devices Telnet banner message is different from the *ABBREV*MOTD*-ABBREV* banner message in that it cannot be configured. If enabled, the Telnet banner message \"Cisco Systems Console\", or something similar depending on the *DEVICEOS* version, will be displayed.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that the Telnet banner message was enabled on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 2; // Informational + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("Because the Telnet banner message cannot be changed and includes the manufacturer, it could help an attacker to identify the device. An attacker will look for any information from a device in order to help determine the type of the device. The information could then be used as part of a targeted attack against *DEVICENAME*.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + securityIssuePointer->easeRating = 9; // Trivial + paragraphPointer->paragraph.assign(i18n("The Telnet banner message is returned when a user connects to start a new session.")); + + // Issue recommendation... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that the Telnet banner should be disabled.")); + if (telnetMessageSupported == false) + { + securityIssuePointer->fixRating = 8; // Involved + paragraphPointer->paragraph.append(i18n(" However, the banner message cannot be disabled on *DEVICEVERSION*. *COMPANY* recommends that the device *ABBREV*OS*-ABBREV* should be upgraded so that the banner message can be disabled.")); + } + else + { + securityIssuePointer->fixRating = 2; // Trivial + paragraphPointer->paragraph.append(i18n(" The Telnet banner message can be disabled with the following command:*CODE**COMMAND*set banner telnet disable*-COMMAND**-CODE*")); + } + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("the fixed Telnet banner message is enabled")); + + // Recommendation list text... + if (telnetMessageSupported == false) + device->addRecommendation(securityIssuePointer, i18n("Upgrade the *DEVICEOS* version")); + device->addRecommendation(securityIssuePointer, i18n("Disable the Telnet banner message")); + } + + return errorCode; +} + diff --git a/libnipper-0.12.6/Cisco-Catalyst/banner.h b/libnipper-0.12.6/Cisco-Catalyst/banner.h new file mode 100644 index 0000000..69b6c18 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/banner.h @@ -0,0 +1,55 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CatalystBanner_H +#define device_CatalystBanner_H + +#include "../device/banner/banner.h" + + +class CatalystBanner : public Banner +{ + public: + CatalystBanner(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + // Device specific settings... + bool telnetMessageSupported; // Is the Telnet message option available? + bool telnetMessage; // Is the Telnet message enabled? +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst/device.cpp b/libnipper-0.12.6/Cisco-Catalyst/device.cpp new file mode 100644 index 0000000..73ca0ee --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/device.cpp @@ -0,0 +1,233 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" +#include "administration.h" +#include "banner.h" +#include "snmp.h" +#include "dns.h" +#include "authentication.h" +#include "interfaces.h" + + +CatalystDevice::CatalystDevice() +{ + deviceMake = "Cisco"; + deviceType = "Catalyst"; + deviceOS = "CatOS"; + + general = new (CatalystGeneral); + administration = new (CatalystAdministration); + banner = new (CatalystBanner); + snmp = new (CatalystSNMP); + dns = new (CatalystDNS); + authentication = new (CatalystAuthentication); + interfaces = new (CatalystInterfaces); +} + + +CatalystDevice::~CatalystDevice() +{ + delete general; + delete administration; + delete banner; + delete snmp; + delete dns; + delete authentication; + delete interfaces; +} + + +int CatalystDevice::processDevice() +{ + // Variables... + char line[1024]; + ConfigLine command; + int tempInt = 0; + bool setting = false; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Init + tempInt = 1; + if (strcmp(command.part(0), "set") == 0) + setting = true; + else + setting = false; + + // Version (in general)... + if (strcmp(command.part(0), "#version") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // System... + else if (strcmp(command.part(tempInt), "system") == 0) + { + tempInt++; + + // Hostname (in general)... + if (strcmp(command.part(tempInt), "name") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Location (in general)... + else if (strcmp(command.part(tempInt), "location") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Contact (in general)... + else if (strcmp(command.part(tempInt), "contact") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Core File (in general)... + else if (strcmp(command.part(tempInt), "core-file") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Syslog File (in general)... + else if (strcmp(command.part(tempInt), "syslog-file") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + // SNMP... + else if (strcmp(command.part(tempInt), "snmp") == 0) + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Set SSH... + else if ((strcmp(command.part(tempInt), "ssh") == 0) && (strcmp(command.part(tempInt + 1), "mode") == 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // VLAN... + else if (strcmp(command.part(tempInt), "vlan") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Port... + else if (strcmp(command.part(tempInt), "port") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // trunking... + else if (strcmp(command.part(tempInt), "trunk") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // CDP... + else if ((strcmp(command.part(tempInt), "cdp") == 0) && ((strcmp(command.part(tempInt + 1), "enable") == 0) || (strcmp(command.part(tempInt + 1), "disable") == 0))) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Interface... + else if (strcmp(command.part(tempInt), "interface") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // IP... + else if (strcmp(command.part(tempInt), "ip") == 0) + { + tempInt++; + + // Telnet... + if (strcmp(command.part(tempInt), "telnet") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // HTTP... + else if (strcmp(command.part(tempInt), "http") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // DNS... + else if (strcmp(command.part(tempInt), "dns") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // unreachable... + else if (strcmp(command.part(tempInt), "unreachable") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // redirect... + else if (strcmp(command.part(tempInt), "redirect") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + // Banner... + else if (strcmp(command.part(tempInt), "banner") == 0) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Authentication... + else if (strcmp(command.part(tempInt), "authentication") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // TACACS... + else if (strcmp(command.part(tempInt), "tacacs") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Kerberos... + else if (strcmp(command.part(tempInt), "kerberos") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Radius... + else if (strcmp(command.part(tempInt), "radius") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // enablepass... + else if (strcmp(command.part(tempInt), "enablepass") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // password... + else if (strcmp(command.part(tempInt), "password") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Prompt (in general)... + else if (strcmp(command.part(tempInt), "prompt") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + if ((general->version.empty()) && (config->deviceTypeChecks == true)) + return libnipper_error_wrongdevice; + + return 0; +} diff --git a/libnipper-0.12.6/Cisco-Catalyst/device.h b/libnipper-0.12.6/Cisco-Catalyst/device.h new file mode 100644 index 0000000..802cac8 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/device.h @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_Catalyst_H +#define device_Catalyst_H + + +#include "../device/device.h" + + +class CatalystDevice : public Device +{ + public: + CatalystDevice(); + ~CatalystDevice(); + + virtual int processDevice(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst/dns.cpp b/libnipper-0.12.6/Cisco-Catalyst/dns.cpp new file mode 100644 index 0000000..73c0566 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/dns.cpp @@ -0,0 +1,129 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "dns.h" + + +CatalystDNS::CatalystDNS() +{ + nameMappingConfig = i18n("*DEVICETYPE* devices can be configured to resolve name to address mappings. This section details those settings."); // The text paragraph in the config section + + // Host configuration + showInterface = false; // Are interfaces supported? + + // DNS Client Options... + dnsClientSupported = true; // DNS Client Supported? + disableLookup = "*ABBREV*DNS*-ABBREV* lookups can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*set ip dns disable*-COMMAND**-CODE*"; // The text and commands to disable DNS lookup + dnsLookupEnabled = false; // DNS lookups enabled? + dnsRetries = 0; // DNS lookup retries + dnsTimeout = 0; // DNS timeout + + // DNS Server Options... + dnsRecordKeepAliveSupported = false; // Is the DNS keep Alive message type supported? + returnRecordsSupported = false; // Is the single/multiple record field supported? + dynamicDNSSupported = false; // Is Dynamic DNS Supported? + dnsServerSupported = false; // Is DNS Server Supported? + dnsServiceEnabled = false; // Is the DNS service enabled? + dynamicDNSEnabled = false; // Is dynamic DNS enabled? + dnsPort = 53; // DNS Server Port +} + + +int CatalystDNS::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + dnsConfig *dnsPointer = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "set") == 0) + setting = true; + else + setting = false; + + // DNS Server... + if (strcmp(command->part(3), "server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + dnsPointer = addDNSServer(command->part(4)); + if (command->parts == 6) + dnsPointer->description.assign(command->part(5)); + else + dnsPointer->description.assign(i18n("Secondary")); + } + + // DNS Domain... + else if (strcmp(command->part(3), "domain") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Domain Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + dnsPointer = addDomainName(command->part(4)); + } + + // DNS... + else if (strcmp(command->part(2), "dns") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Lookups Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + { + if (strcmp(command->part(3), "enable") == 0) + dnsLookupEnabled = true; + else + dnsLookupEnabled = false; + } + else + dnsLookupEnabled = false; + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CatalystDNS::processDefaults() +{ + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Catalyst/dns.h b/libnipper-0.12.6/Cisco-Catalyst/dns.h new file mode 100644 index 0000000..2222ac9 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/dns.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CatalystdeviceDNS_H +#define CatalystdeviceDNS_H + + +#include "../device/dns/dns.h" + + +class CatalystDNS : public DNS +{ + public: + + CatalystDNS(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst/general.cpp b/libnipper-0.12.6/Cisco-Catalyst/general.cpp new file mode 100644 index 0000000..8633eb9 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/general.cpp @@ -0,0 +1,182 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +CatalystGeneral::CatalystGeneral() +{ +} + + +int CatalystGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int tempInt = 0; + bool setting = false; + + // Init + tempInt = 1; + if (strcmp(command->part(0), "set") == 0) + setting = true; + else + setting = false; + + // Version + if (strcmp(command->part(0), "#version") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sVersion Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + version.assign(command->part(1)); + } + + else if (strcmp(command->part(tempInt), "system") == 0) + { + tempInt++; + + // Hostname... + if (strcmp(command->part(tempInt), "name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHostname Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + hostname.assign(command->part(tempInt)); + } + + // Location... + else if (strcmp(command->part(tempInt), "location") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLocation Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + location.assign(strstr(line, command->part(tempInt))); + } + + // Contact... + else if (strcmp(command->part(tempInt), "contact") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sContact Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + contact.assign(strstr(line, command->part(tempInt))); + } + + // Core File... + else if (strcmp(command->part(tempInt), "core-file") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCore File Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + coreFile.assign(command->part(tempInt)); + } + + // Syslog File... + else if (strcmp(command->part(tempInt), "syslog-file") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSyslog File Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + syslogFile.assign(command->part(tempInt)); + } + } + + // Prompt + if (strcmp(command->part(tempInt), "prompt") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPrompt Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + cliPrompt.assign(command->part(tempInt)); + } + + return 0; +} + + +int CatalystGeneral::processDefaults(Device *device) +{ + // Split Version Numbers... + if (!version.empty()) + { + versionMajor = atoi(version.c_str()); + versionMinor = atoi(strchr(version.c_str(), '.') + 1); + versionRevision = atoi(strchr(version.c_str(), '(') + 1); + } + + return 0; +} + + +int CatalystGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-GENERAL"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-GENERAL-TABLE"); + + // Core File... + if (!coreFile.empty()) + { + device->addTableData(paragraphPointer->table, i18n("Core File")); + device->addTableData(paragraphPointer->table, coreFile.c_str()); + } + + // Syslog File... + if (!syslogFile.empty()) + { + device->addTableData(paragraphPointer->table, i18n("Syslog File")); + device->addTableData(paragraphPointer->table, syslogFile.c_str()); + } + + // CLI Prompt... + if (!cliPrompt.empty()) + { + device->addTableData(paragraphPointer->table, i18n("*ABBREV*CLI*-ABBREV* Prompt Text")); + device->addTableData(paragraphPointer->table, cliPrompt.c_str()); + } + + return errorCode; +} + diff --git a/libnipper-0.12.6/Cisco-Catalyst/general.h b/libnipper-0.12.6/Cisco-Catalyst/general.h new file mode 100644 index 0000000..cd0b3ff --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/general.h @@ -0,0 +1,57 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef Catalystdevicegeneral_H +#define Catalystdevicegeneral_H + +#include "../device/general/general.h" + + +class CatalystGeneral : public General +{ + public: + CatalystGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Reporting... + virtual int generateConfigSpecificReport(Device *device); + + private: + string coreFile; + string syslogFile; + string cliPrompt; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp b/libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp new file mode 100644 index 0000000..0993a94 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/interfaces.cpp @@ -0,0 +1,422 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "interfaces.h" + + +CatalystInterfaces::CatalystInterfaces() +{ + // Interface Options... + useModuleAndPort = true; // Use the module / port instead of the name + useInterfaceZone = false; // Use the interface zone + zoneName = i18n("Zone"); // The name for zone field + filterIn = i18n("Filter In"); // The filter in table title text + filterOut = i18n("Filter Out"); // The filter out table title text + showDescription = true; // Show the interface description + cdpGlobalRequired = false; // If CDP needs to be enabled globally as well + disableCDPText = i18n("*ABBREV*CDP*-ABBREV* cab be disabled on individual ports with the following command:*CODE**COMMAND*set cdp disable *CMDUSER*module*-CMDUSER*/*CMDUSER*port*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to disable CDP + cdpSupported = true; // Is CDP supported on interfaces + disableProxyARPText = i18n(""); // The text and commands to disable Proxy ARP + globalIPUnreachableSupported = true; + globalUnreachableEnabled = true; + disableUnreachablesText = i18n("*ABBREV*ICMP*-ABBREV* unreachable messages can be disabled with the following command:*CODE**COMMAND*set ip unreachable disable*-COMMAND**-CODE*"); // The text and commands to disable ICMP unreachable messages + disableInformationText = i18n(""); // The text and commands to disable ICMP information messages + disableMaskText = i18n(""); // The text and commands to disable ICMP mask messages + disableRedirectText = i18n(""); // The text and commands to disable ICMP redirect messages + globalRedirectSupported = true; // Globally rather than on interfaces + globalRedirectEnabled = true; // Globally rather than on interfaces + disableDirectedText = i18n(""); // The text and commands to disable directed broadcasts + disableMOPText = i18n(""); // The text and commands to disable MOP + disableActiveText = i18n("A port can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*set port disable *CMDUSER*module*-CMDUSER*/*CMDUSER*port*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to disable potentially unused interfaces + filterName = i18n("filter lists"); // The filter list name for use in the filter issue text + configFilterText = i18n(""); // The text and commands to configure network filtering + defaultAutoTrunk = true; // Default to automatically trunk + disableTrunkText = i18n("Trunking can be disabled on *DEVICETYPE* device ports with the following command:*CODE**COMMAND*set trunk *CMDUSER*module*-CMDUSER*/*CMDUSER*port*-CMDUSER* off*-COMMAND**-CODE*"); // The text and commands to disable trunking on a port + enablePortSecurityText = i18n(""); // The text and commands to enable port security + + switchportMode = portModeDynamic; + cdpGlobal = true; +} + + +int CatalystInterfaces::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + interfaceListConfig *interfaceListPointer = 0; + interfaceConfig *interfacePointer = 0; + int tempInt = 0; + Device::listStruct *tempList = 0; + Device::listStruct *listPointer = 0; + Device::listStruct *tempVLANList = 0; + Device::listStruct *listVLANPointer = 0; + + // Interface... + if ((strcmp(command->part(0), "set") == 0) && (strcmp(command->part(1), "vlan") == 0) && (strcmp(command->part(3), "firewall-vlan") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sVLAN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfaceListPointer = getInterfaceList("VLANINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*VLAN*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*VLAN*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*VLAN*-ABBREV* interfaces"); + interfaceListPointer->label = "VLANINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = false; + } + + tempList = device->createPortList(command->part(2)); + listPointer = tempList; + while (listPointer != 0) + { + if (command->parts == 4) + { + interfaceListPointer = getInterfaceList("PORTINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Module Ports"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices module ports."); + interfaceListPointer->tableTitle = i18n("Module ports"); + interfaceListPointer->label = "PORTINTERFACES"; + interfaceListPointer->vlanSupported = true; + interfaceListPointer->portModeSupported = true; + interfaceListPointer->interfaceDisableSupport = true; + interfaceListPointer->cdpSupported = true; + } + + tempVLANList = device->createPortList(command->part(3)); + listVLANPointer = tempVLANList; + while (listVLANPointer != 0) + { + interfacePointer = getOnlyInterface(interfaceListPointer, "", atoi(listVLANPointer->listItem.c_str()), atoi(listVLANPointer->listItem.substr(listVLANPointer->listItem.find("/") + 1).c_str())); + if (interfacePointer == 0) + { + interfacePointer = getInterface(interfaceListPointer, "", atoi(listVLANPointer->listItem.c_str()), atoi(listVLANPointer->listItem.substr(listVLANPointer->listItem.find("/") + 1).c_str())); + interfacePointer->switchportMode = switchportMode; + interfacePointer->cdp = cdpGlobal; + } + addVLAN(interfacePointer, listPointer->listItem.c_str()); + listVLANPointer = listVLANPointer->next; + } + + // Delete list + while (tempVLANList != 0) + { + listVLANPointer = tempVLANList->next; + delete tempVLANList; + tempVLANList = listVLANPointer; + } + } + + else + { + interfacePointer = getInterface(interfaceListPointer, listPointer->listItem.c_str()); + + tempInt = 3; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "name") == 0) + { + tempInt++; + interfacePointer->description.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "state") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "active") == 0) + interfacePointer->enabled = true; + else + interfacePointer->enabled = false; + } + + tempInt++; + } + } + + listPointer = listPointer->next; + } + + // Delete list + while (tempList != 0) + { + listPointer = tempList->next; + delete tempList; + tempList = listPointer; + } + } + + // unreachable... + else if ((strcmp(command->part(0), "set") == 0) && (strcmp(command->part(1), "ip") == 0) && (strcmp(command->part(2), "unreachable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sUnreachables Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(3), "disable") == 0) + globalUnreachableEnabled = false; + else + globalUnreachableEnabled = true; + } + + // redirect... + else if ((strcmp(command->part(0), "set") == 0) && (strcmp(command->part(1), "ip") == 0) && (strcmp(command->part(2), "redirect") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRedirect Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(3), "disable") == 0) + globalRedirectEnabled = false; + else + globalRedirectEnabled = true; + } + + // CDP Globally... + else if ((strcmp(command->part(0), "set") == 0) && (strcmp(command->part(1), "cdp") == 0) && (command->parts == 3)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCDP Global Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(2), "disable") == 0) + cdpGlobal = false; + else + cdpGlobal = true; + interfaceListPointer = getInterfaceList("PORTINTERFACES"); + if (interfaceListPointer != 0) + { + interfacePointer = interfaceListPointer->interface; + while (interfacePointer != 0) + { + interfacePointer->cdp = cdpGlobal; + interfacePointer = interfacePointer->next; + } + } + } + + // CDP Individually... + else if ((strcmp(command->part(0), "set") == 0) && (strcmp(command->part(1), "cdp") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCDP Individual Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfaceListPointer = getInterfaceList("PORTINTERFACES"); + tempList = device->createPortList(command->part(3)); + listPointer = tempList; + while (listPointer != 0) + { + interfacePointer = getOnlyInterface(interfaceListPointer, "", atoi(listPointer->listItem.c_str()), atoi(listPointer->listItem.substr(listPointer->listItem.find("/") + 1).c_str())); + if (interfacePointer == 0) + { + interfacePointer = getInterface(interfaceListPointer, "", atoi(listPointer->listItem.c_str()), atoi(listPointer->listItem.substr(listPointer->listItem.find("/") + 1).c_str())); + interfacePointer->switchportMode = switchportMode; + interfacePointer->cdp = cdpGlobal; + } + + if (strcmp(command->part(2), "disable") == 0) + interfacePointer->cdp = false; + else + interfacePointer->cdp = true; + + listPointer = listPointer->next; + } + + // Delete list + while (tempList != 0) + { + listPointer = tempList->next; + delete tempList; + tempList = listPointer; + } + } + + // Trunk all... + else if ((strcmp(command->part(0), "set") == 0) && (strcmp(command->part(1), "trunk") == 0) && (strcmp(command->part(2), "all") == 0) && (strcmp(command->part(3), "off") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPort Trunking Off Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + switchportMode = portModeAccess; + interfaceListPointer = getInterfaceList("PORTINTERFACES"); + if (interfaceListPointer != 0) + { + interfacePointer = interfaceListPointer->interface; + while (interfacePointer != 0) + { + interfacePointer->switchportMode = switchportMode; + interfacePointer = interfacePointer->next; + } + } + } + + // Trunk... + else if ((strcmp(command->part(0), "set") == 0) && (strcmp(command->part(1), "trunk") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPort Trunking Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfaceListPointer = getInterfaceList("PORTINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Module Ports"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices module ports."); + interfaceListPointer->tableTitle = i18n("Module ports"); + interfaceListPointer->label = "PORTINTERFACES"; + interfaceListPointer->vlanSupported = true; + interfaceListPointer->portModeSupported = true; + interfaceListPointer->interfaceDisableSupport = true; + interfaceListPointer->cdpSupported = true; + } + + tempList = device->createPortList(command->part(2)); + listPointer = tempList; + while (listPointer != 0) + { + interfacePointer = getOnlyInterface(interfaceListPointer, "", atoi(listPointer->listItem.c_str()), atoi(listPointer->listItem.substr(listPointer->listItem.find("/") + 1).c_str())); + if (interfacePointer == 0) + { + interfacePointer = getInterface(interfaceListPointer, "", atoi(listPointer->listItem.c_str()), atoi(listPointer->listItem.substr(listPointer->listItem.find("/") + 1).c_str())); + interfacePointer->switchportMode = switchportMode; + interfacePointer->cdp = cdpGlobal; + } + + if ((strcmp(command->part(3), "on") == 0) || (strcmp(command->part(3), "nonegotiate") == 0)) + interfacePointer->switchportMode = portModeTrunk; + + else if (strcmp(command->part(3), "off") == 0) + interfacePointer->switchportMode = portModeAccess; + + else + interfacePointer->switchportMode = portModeDynamic; + + listPointer = listPointer->next; + } + + // Delete list + while (tempList != 0) + { + listPointer = tempList->next; + delete tempList; + tempList = listPointer; + } + } + + // Port... + else if ((strcmp(command->part(0), "set") == 0) && (strcmp(command->part(1), "port") == 0)&& (strcmp(command->part(3), "all") != 0)) + { + + interfaceListPointer = getInterfaceList("PORTINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Module Ports"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices module ports."); + interfaceListPointer->tableTitle = i18n("Module ports"); + interfaceListPointer->label = "PORTINTERFACES"; + interfaceListPointer->vlanSupported = true; + interfaceListPointer->portModeSupported = true; + interfaceListPointer->interfaceDisableSupport = true; + interfaceListPointer->cdpSupported = true; + } + + tempList = device->createPortList(command->part(3)); + listPointer = tempList; + while (listPointer != 0) + { + interfacePointer = getOnlyInterface(interfaceListPointer, "", atoi(listPointer->listItem.c_str()), atoi(listPointer->listItem.substr(listPointer->listItem.find("/") + 1).c_str())); + if (interfacePointer == 0) + { + interfacePointer = getInterface(interfaceListPointer, "", atoi(listPointer->listItem.c_str()), atoi(listPointer->listItem.substr(listPointer->listItem.find("/") + 1).c_str())); + interfacePointer->switchportMode = switchportMode; + interfacePointer->cdp = cdpGlobal; + } + + if (strcmp(command->part(2), "name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPort Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->description.assign(strstr(line, command->part(3))); + } + + else if (strcmp(command->part(2), "disable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPort Disable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->enabled = false; + } + + else if (strcmp(command->part(2), "description") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPort Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->description.assign(strstr(line, command->part(3))); + } + + // All others... + else + device->lineNotProcessed(line); + + listPointer = listPointer->next; + } + + // Delete list + while (tempList != 0) + { + listPointer = tempList->next; + delete tempList; + tempList = listPointer; + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CatalystInterfaces::processDefaults(Device *device) +{ + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Catalyst/interfaces.h b/libnipper-0.12.6/Cisco-Catalyst/interfaces.h new file mode 100644 index 0000000..aacc53b --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/interfaces.h @@ -0,0 +1,52 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CatalystInterfaces_H +#define CatalystInterfaces_H + + +#include "../device/interfaces/interfaces.h" + + +class CatalystInterfaces : public Interfaces +{ + public: + + CatalystInterfaces(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + + portMode switchportMode; + bool cdpGlobal; +}; + +#endif diff --git a/libnipper-0.12.6/Cisco-Catalyst/snmp.cpp b/libnipper-0.12.6/Cisco-Catalyst/snmp.cpp new file mode 100644 index 0000000..f9ab053 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/snmp.cpp @@ -0,0 +1,569 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include +#include +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "general.h" +#include "device.h" +#include "snmp.h" + +using namespace std; + + +CatalystSNMP::CatalystSNMP() +{ + // Init SNMP support options... + deviceSNMPSupportText = i18n("All *DEVICETYPE* support *ABBREV*SNMP*-ABBREV* versions 1 and 2, *ABBREV*SNMP*-ABBREV* version 3 is supported from *DEVICEOS* 6."); // Intro Config section device specific text. + supportSNMP3 = false; // Does this device support SNMPv3? + supportSNMP3Upgrade = false; // Do you have to upgrade to get support for SNMPv3 + supportSNMP3UpgText = i18n("*ABBREV*SNMP*-ABBREV* version 3 is supported from *DEVICEOS* 6."); // SNMP 3 is supported from OS version ... + disableSNMPCmdText = i18n("*ABBREV*SNMP*-ABBREV* can be disabled with the following command:*CODE**COMMAND*set snmp disable*-COMMAND**-CODE*"); // The text and command(s) to disable SNMP support + configSNMPCommunityText = i18n("*ABBREV*SNMP*-ABBREV* community strings can be configured with the following command:*CODE**COMMAND*set snmp community *CMDREQUIRE*read-only *CMDOR* read-write *CMDOR* read-write-all*-CMDREQUIRE* *CMDUSER*community-string*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure a community string + configSNMP3Text = i18n("*ABBREV*SNMP*-ABBREV* version 3 can be configured by creating a user then adding that user to a group. This can be configured using the following commands:*CODE**COMMAND*set snmp user *CMDUSER*username*-CMDUSER* remote *CMDUSER*engineid*-CMDUSER* *CMDOPTION*authentication *CMDREQUIRE*md5 *CMDOR* sha*-CMDREQUIRE* auth-password*-CMDOPTION* *CMDOPTION*privacy *CMDOPTION*des *CMDOR* 3des *CMDOR* aes *CMDREQUIRE*128 *CMDOR* 192 *CMDOR* 256*-CMDREQUIRE**-CMDOPTION* *CMDUSER*priv-password*-CMDUSER**-CMDOPTION**-COMMAND**COMMAND*set snmp group *CMDUSER*groupname*-CMDUSER* user *CMDUSER*username*-CMDUSER* security-model v3*-COMMAND**-CODE*"); // The text and command(s) to configure SNMP version 3 + configSNMPViewText = i18n("*ABBREV*SNMP*-ABBREV* views can be configured and assigned to a community string using the following commands:*CODE**COMMAND*set snmp view *CMDUSER*viewname*-CMDUSER* *CMDUSER*mib*-CMDUSER* *CMDOPTION*mask*-CMDOPTION* *CMDOPTION*included *CMDOR* excluded*-CMDOPTION**-COMMAND**COMMAND*set snmp community-ext *CMDUSER*community-string*-CMDUSER* *CMDREQUIRE*read-only *CMDOR* read-write *CMDOR* read-write-all*-CMDREQUIRE* view *CMDUSER*viewname*-CMDUSER* *CMDOPTION*access *CMDUSER*access-number*-CMDUSER**-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP views + configSNMPTrapsText = i18n("*ABBREV*SNMP*-ABBREV* traps can be configured with the following command:*CODE**COMMAND*set snmp trap *CMDUSER*ip-address*-CMDUSER* *CMDUSER*community-string*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP traps + configSNMPInformsText = i18n("*ABBREV*SNMP*-ABBREV* informs can be configuerd with the following command:*CODE**COMMAND*set snmp inform *CMDUSER*ip-address*-CMDUSER* *CMDUSER*community-string*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP informs + configSNMPReadOnlyText = i18n("*ABBREV*SNMP*-ABBREV* read-write access can be disabled by clearing the community strings with the following command:*CODE**COMMAND*clear snmp community-ext *CMDUSER*community-string*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP read only access + configSNMPFilterText = i18n("*ABBREV*SNMP*-ABBREV* access list can be configured and assigned to a community string using the following commands:*CODE**COMMAND*set snmp access-list *CMDUSER*access-number*-CMDUSER* *CMDUSER*ip-address*-CMDUSER* *CMDOPTION*ipmask *CMDUSER*network-mask*-CMDUSER**-CMDOPTION**-COMMAND**COMMAND*set snmp community-ext *CMDUSER*community-string*-CMDUSER* *CMDREQUIRE*read-only *CMDOR* read-write *CMDOR* read-write-all*-CMDREQUIRE* *CMDOPTION*view *CMDUSER*viewname*-CMDUSER**-CMDOPTION* access *CMDUSER*access-number*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP filtering + + enabled = true; // Is the SNMP server enabled? + snmp12Enabled = false; // Is SNMP versions 1 or 2 configured? + snmp3Enabled = false; // Is SNMP version 3 configured? + + snmpFilterText = i18n("Access List"); // The device specific description of a filter (i.e. Cisco called them ACL) + + // Community Options... + communityView = true; // SNMP view for the community + communityFilter = true; // SNMP Network Filtering + communityIPv6Filter = false; // SNMP IPv6 Network Filtering + communitySpecificFilters = true; // If the device uses an SNMP specific list. If false, it is std device filters + communityRequiresHosts = false; // If the SNMP community will not work without a list of those who can access it + + // Default communities... + defaultReadOnly = "public"; // Default read only community + defaultReadWrite = "private"; // Default read/write community + defaultReadWriteAll = "secret"; // Default read/write all community + + // View support options... + viewSeperated = false; // Separate the views into different tables + viewExcludes = false; // Show the Include/Exclude View Table column + viewMIBText = i18n("*ABBREV*MIB*-ABBREV*"); // What the MIB column title in the table should be called + + // SNMP Trap/Inform Host Options... + trapsOnly = false; // Only Traps are supported + trapsSNMPv3 = false; // SNMP v3 support for traps + trapsShowPort = true; // Show Trap Host Port in Table + trapsInterface = false; // Show Interface in Table + trapsInterfaceText = i18n("Interface"); // The Traps/Informs Host Table Interface Column Title + trapsShowNotifications = false; // Show Notifications in the Table + trapsShowEventLevel = false; // Show Notification Event Level in the Table + + // Traps/Informs Options... + trapsShowExcluded = true; // Show excluded traps + trapsShowOptions = false; // Show trap options + + // Host Options... + hostShowInterface = false; // Show the Interface in the Table + hostShowCommunity = false; // Show the Community in the Table + hostShowFilterID = true; // Show a filter ID if used + hostFilterText = i18n("Access List"); // The Table column title for the filter text + + // SNMP User Options... + showUserRemote = false; // Show the remote host/port setting + showUserPriv = true; // Show the privacy settings + showUserFilter = false; // Show the Filter column in the table + showUserIPv6Filter = false; // Show the IPv6 Filter column in the table + userFilterText = i18n("Filter"); // The Text for the Filter table column title + userIPv6FilterText = i18n("*ABBREV*IPv6*-ABBREV* Filter"); // The Text for the IPv6 Filter table column title + + // SNMP Group Options... + snmpGroupShowType = false; // Enable/Disable SNMPv3 type in table + snmpGroupReadView = false; // Enable/Disable Read Views + snmpGroupWriteView = false; // Enable/Disable Write Views + snmpGroupNotifyView = false; // Enable/Disable Notify Views + snmpGroupFilter = false; // Enable/Disable Filter support + snmpGroupIPv6Filter = false; // Enable/Disable IPv6 Filter support + groupFilterText = i18n("Filter"); // The Text for the Filter table column title + groupIPv6FilterText = i18n("*ABBREV*IPv6*-ABBREV* Filter"); // The Text for the IPv6 Filter table column title + + // Device Specific settings... + buffer = 95; + rmonMemory = 85; + rmonSupport = false; +} + + +int CatalystSNMP::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + snmpCommunity *communityPointer = 0; + snmpTrapHost *trapHostPointer = 0; + snmpHostStruct *snmpHostPointer = 0; + snmpTrap *snmpTrapPointer = 0; + snmpUserStruct *snmpUserPointer = 0; + snmpGroupStruct *snmpGroupPointer = 0; + int tempInt = 0; + bool setting = false; + + // Init + tempInt = 2; + if (strcmp(command->part(0), "set") == 0) + setting = true; + else + setting = false; + + // Enable/Disable... + if (strcmp(command->part(tempInt), "enable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + enabled = true; + } + else if (strcmp(command->part(tempInt), "disable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Disable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + enabled = false; + } + + // Buffer... + else if (strcmp(command->part(tempInt), "buffer") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Buffer Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + buffer = atoi(command->part(tempInt)); + } + + // Chassis Alias... + else if (strcmp(command->part(tempInt), "chassis-alias") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Chassis Alias Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (tempInt < command->parts) + chassis.assign(strstr(line, command->part(tempInt))); + } + + // Community... + else if ((strcmp(command->part(tempInt), "community") == 0) && (strcmp(command->part(tempInt + 1), "index") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (tempInt + 1 < command->parts) + { + communityPointer = addSNMPCommunity(); + communityPointer->enabled = setting; + + if (strcmp(command->part(tempInt), "read-only") == 0) + communityPointer->type = communityReadOnly; + else if (strcmp(command->part(tempInt), "read-write") == 0) + communityPointer->type = communityReadWrite; + else if (strcmp(command->part(tempInt), "read-write-all") == 0) + communityPointer->type = communityReadWriteAll; + + tempInt++; + communityPointer->community.assign(command->part(tempInt)); + } + } + + // Community-Ext... + else if (strcmp(command->part(tempInt), "community-ext") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community-Ext Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + communityPointer = getSNMPCommunity(command->part(tempInt)); + if (communityPointer == 0) + { + communityPointer = addSNMPCommunity(); + communityPointer->community.assign(command->part(tempInt)); + } + tempInt++; + if (strcmp(command->part(tempInt), "read-only") == 0) + communityPointer->type = communityReadOnly; + else if (strcmp(command->part(tempInt), "read-write") == 0) + communityPointer->type = communityReadWrite; + else if (strcmp(command->part(tempInt), "read-write-all") == 0) + communityPointer->type = communityReadWriteAll; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "view") == 0) + { + tempInt++; + communityPointer->view.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "access") == 0) + { + tempInt++; + communityPointer->filter.assign(command->part(tempInt)); + } + tempInt++; + } + } + + // RMON Support... + else if (strcmp(command->part(tempInt), "rmon") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP RMON Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt), "enable") == 0) + rmonSupport = true; + else + rmonSupport = false; + } + + // RMON Memory Limit... + else if (strcmp(command->part(tempInt), "rmonmemory") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP RMON Memory Limit Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + rmonMemory = atoi(command->part(tempInt)); + } + + // View... + else if (strcasecmp(command->part(tempInt), "view") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP View Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcasecmp(command->part(tempInt), "-hex") == 0) + tempInt++; + if (strcasecmp(command->part(tempInt + 2), "mask") != 0) + { + if (strcasecmp(command->part(tempInt + 2), "included") == 0) + addSNMPView(command->part(tempInt), command->part(tempInt + 1), true); + else + addSNMPView(command->part(tempInt), command->part(tempInt + 1), false); + } + else + { + if (strcasecmp(command->part(tempInt + 3), "included") == 0) + addSNMPView(command->part(tempInt), command->part(tempInt + 1), true); + else + addSNMPView(command->part(tempInt), command->part(tempInt + 1), false); + } + } + + // Access List... + else if (strcasecmp(command->part(tempInt), "access-list") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Access List Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + snmpHostPointer = addHost(); + snmpHostPointer->filter.assign(command->part(tempInt)); + tempInt++; + snmpHostPointer->host.assign(command->part(tempInt)); + tempInt++; + if (strcasecmp(command->part(tempInt), "ipmask") == 0) + { + tempInt++; + snmpHostPointer->networkMask.assign(command->part(tempInt)); + } + } + + // SNMP Informs... + else if ((strcasecmp(command->part(tempInt), "inform") == 0) && (command->parts > 4)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Informs Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapHostPointer = addSNMPTrapHost(); + trapHostPointer->trap = false; + trapHostPointer->host.assign(command->part(tempInt)); + tempInt++; + trapHostPointer->community.assign(command->part(tempInt)); + tempInt++; + while (tempInt < command->parts) + { + if (strcasecmp(command->part(tempInt), "port") == 0) + { + tempInt++; + trapHostPointer->port = atoi(command->part(tempInt)); + } + else if (strcasecmp(command->part(tempInt), "port") == 0) + { + tempInt++; + if ((strcasecmp(command->part(tempInt), "2") == 0) || (strcasecmp(command->part(tempInt), "2c") == 0)) + trapHostPointer->version = 2; + else + trapHostPointer->version = 1; + } + tempInt++; + } + } + + // Trap hosts... + else if ((strcasecmp(command->part(tempInt), "trap") == 0) && (strcasecmp(command->part(tempInt + 1), "enable") != 0) && (strcasecmp(command->part(tempInt + 1), "disable") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapHostPointer = addSNMPTrapHost(); + trapHostPointer->trap = true; + trapHostPointer->host.assign(command->part(tempInt)); + tempInt++; + trapHostPointer->community.assign(command->part(tempInt)); + tempInt++; + while (tempInt < command->parts) + { + if (strcasecmp(command->part(tempInt), "port") == 0) + { + tempInt++; + trapHostPointer->port = atoi(command->part(tempInt)); + } + tempInt++; + } + } + + // Traps... + else if (strcasecmp(command->part(tempInt), "trap") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + snmpTrapPointer = addSNMPTrap(); + tempInt++; + if (strcasecmp(command->part(tempInt), "enable") == 0) + snmpTrapPointer->include = true; + else + snmpTrapPointer->include = false; + tempInt++; + snmpTrapPointer->trap.assign(command->part(tempInt)); + } + + // Users... + else if (strcasecmp(command->part(tempInt), "user") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP User Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcasecmp(command->part(tempInt), "-hex") == 0) + tempInt++; + snmpUserPointer = getSNMPUser(command->part(tempInt)); + if (snmpUserPointer == 0) + { + snmpUserPointer = addSNMPUser(); + snmpUserPointer->snmpv3 = snmpV3NoAuth; + snmpUserPointer->priv = snmpV3PrivDES; + snmpUserPointer->user.assign(command->part(tempInt)); + } + tempInt++; + while (tempInt < command->parts) + { + if (strcasecmp(command->part(tempInt), "authentication") == 0) + { + snmpUserPointer->snmpv3 = snmpV3Auth; + tempInt++; + if (strcasecmp(command->part(tempInt), "sha") == 0) + snmpUserPointer->auth = snmpV3AuthSHA; + else + snmpUserPointer->auth = snmpV3AuthMD5; + tempInt++; + snmpUserPointer->authPassword.assign(command->part(tempInt)); + } + + else if (strcasecmp(command->part(tempInt), "privacy") == 0) + { + snmpUserPointer->snmpv3 = snmpV3Priv; + tempInt++; + if (strcasecmp(command->part(tempInt), "des") == 0) + { + snmpUserPointer->priv = snmpV3PrivDES; + tempInt++; + } + else if (strcasecmp(command->part(tempInt), "3des") == 0) + { + snmpUserPointer->priv = snmpV3Priv3DES; + tempInt++; + } + else if (strcasecmp(command->part(tempInt), "aes") == 0) + { + tempInt++; + if (strcasecmp(command->part(tempInt), "128") == 0) + snmpUserPointer->priv = snmpV3PrivAES128; + else if (strcasecmp(command->part(tempInt), "192") == 0) + snmpUserPointer->priv = snmpV3PrivAES192; + else + snmpUserPointer->priv = snmpV3PrivAES256; + tempInt++; + snmpUserPointer->privPassword.assign(command->part(tempInt)); + } + } + + tempInt++; + } + } + + // Groups... + else if (strcasecmp(command->part(tempInt), "group") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcasecmp(command->part(tempInt), "-hex") == 0) + tempInt++; + snmpGroupPointer = getSNMPGroup(command->part(tempInt)); + if (snmpGroupPointer == 0) + { + snmpGroupPointer = addSNMPGroup(); + snmpGroupPointer->group.assign(command->part(tempInt)); + } + tempInt += 2; + if (strcasecmp(command->part(tempInt), "-hex") == 0) + tempInt++; + snmpUserPointer = getSNMPUser(command->part(tempInt)); + if (snmpUserPointer == 0) + { + snmpUserPointer = addSNMPUser(); + snmpUserPointer->snmpv3 = snmpV3NoAuth; + snmpUserPointer->priv = snmpV3PrivDES; + snmpUserPointer->user.assign(command->part(tempInt)); + } + snmpUserPointer->group.assign(snmpGroupPointer->group); + tempInt += 2; + if (strcasecmp(command->part(tempInt), "v1") == 0) + snmpGroupPointer->version = 1; + else if ((strcasecmp(command->part(tempInt), "v2c") == 0) || (strcasecmp(command->part(tempInt), "v2") == 0)) + snmpGroupPointer->version = 2; + else + snmpGroupPointer->version = 3; + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CatalystSNMP::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + int errorCode = 0; + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-SNMP-TABLE"); + + // RMON Support + device->addTableData(paragraphPointer->table, i18n("*ABBREV*RMON*-ABBREV* Support")); + if (rmonSupport == true) + { + device->addTableData(paragraphPointer->table, i18n("Enabled")); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*RMON*-ABBREV* Memory Limit")); + tempString.assign(device->intToString(rmonMemory)); + tempString.append(i18n(" percent")); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + // Buffer... + device->addTableData(paragraphPointer->table, i18n("*ABBREV*UDP*-ABBREV* Receive Buffer Size")); + tempString.assign(device->intToString(buffer)); + tempString.append(i18n(" packets")); + device->addTableData(paragraphPointer->table, tempString.c_str()); + + return errorCode; +} + + +int CatalystSNMP::processDefaults(Device *device) +{ + // Variables... + snmpCommunity *communityPointer = 0; + bool readFound = false; + bool writeFound = false; + bool writeAllFound = true; + + // SNMP v3 supported? + if (device->general->versionMajor > 5) + supportSNMP3 = true; + else + supportSNMP3Upgrade = true; + + // Add missing default SNMP communities... + communityPointer = community; + while (communityPointer != 0) + { + if (communityPointer->type == communityReadOnly) + readFound = true; + else if (communityPointer->type == communityReadWrite) + writeFound = true; + else + writeAllFound = true; + communityPointer = communityPointer->next; + } + if (readFound == false) + { + communityPointer = addSNMPCommunity(); + communityPointer->type = communityReadOnly; + communityPointer->community.assign(defaultReadOnly); + } + if (writeFound == false) + { + communityPointer = addSNMPCommunity(); + communityPointer->type = communityReadWrite; + communityPointer->community.assign(defaultReadWrite); + } + if (writeAllFound == false) + { + communityPointer = addSNMPCommunity(); + communityPointer->type = communityReadWriteAll; + communityPointer->community.assign(defaultReadWriteAll); + } + + // SNMP v1 & 2 Active? + communityPointer = community; + while ((communityPointer != 0) && (snmp12Enabled == false)) + { + if (communityPointer->enabled == true) + snmp12Enabled = true; + communityPointer = communityPointer->next; + } + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Catalyst/snmp.h b/libnipper-0.12.6/Cisco-Catalyst/snmp.h new file mode 100644 index 0000000..cf24880 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Catalyst/snmp.h @@ -0,0 +1,55 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef Catalystdevicesnmp_H +#define Catalystdevicesnmp_H + +#include "../device/snmp/snmp.h" + + +class CatalystSNMP : public SNMP +{ + public: + CatalystSNMP(); + + // Device specific properties... + unsigned int buffer; + bool rmonSupport; + unsigned int rmonMemory; + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int generateConfigSpecificReport(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS-Catalyst/.svn/all-wcprops b/libnipper-0.12.6/Cisco-IOS-Catalyst/.svn/all-wcprops new file mode 100644 index 0000000..bd4fbf0 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS-Catalyst/.svn/all-wcprops @@ -0,0 +1,17 @@ +K 25 +svn:wc:ra_dav:version-url +V 57 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS-Catalyst +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 68 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 66 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS-Catalyst/device.h +END diff --git a/libnipper-0.12.6/Cisco-IOS-Catalyst/.svn/entries b/libnipper-0.12.6/Cisco-IOS-Catalyst/.svn/entries new file mode 100644 index 0000000..4af0985 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS-Catalyst/.svn/entries @@ -0,0 +1,96 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/Cisco-IOS-Catalyst +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device.cpp +file + + + + +2016-02-13T06:47:11.092158Z +3b0f35ae543bc480bce60e1a63e8060e +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3984 + +device.h +file + + + + +2016-02-13T06:47:11.092158Z +bf4c6a9b8f9dcb26a7fcfc3d2ae5e362 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2502 + diff --git a/libnipper-0.12.6/Cisco-IOS-Catalyst/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/Cisco-IOS-Catalyst/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..d920dd1 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS-Catalyst/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,102 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include + +#include "../device/common/configline.h" +#include "../globaldefs.h" +#include "device.h" + + +IOSCatDevice::IOSCatDevice() +{ + deviceMake = "Cisco"; + deviceType = "Catalyst"; + deviceOS = "IOS"; + + isRouter = false; // Set to true if it is a router (DONT ENABLE THIS ON CATALYSTS) + isFirewall = false; // Set to true if it is a firewall + isSwitch = true; // Set to true if it is a switch +} + + +bool IOSCatDevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + int count = 0; + int returnCode = 0; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (count < 6)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (strncmp(line, "version", 7) == 0) + count++; + + else if ((strcmp(command.part(0), "enable") == 0) && (strcmp(command.part(1), "secret") == 0)) + count++; + + else if ((strcmp(command.part(0), "enable") == 0) && (strcmp(command.part(1), "password") == 0)) + count++; + + else if ((strcmp(command.part(0), "line") == 0) && (strcmp(command.part(1), "vty") == 0)) + count++; + + else if ((strcmp(command.part(0), "line") == 0) && (strcmp(command.part(1), "con") == 0)) + count++; + + else if ((strcmp(command.part(0), "transport") == 0) && (strcmp(command.part(1), "input") == 0)) + count++; + + else if ((strcmp(command.part(0), "switchport") == 0) && (count > 0)) + count++; + } + fclose(inputFile); + + if (count == 6) + return true; + else + return false; +} diff --git a/libnipper-0.12.6/Cisco-IOS-Catalyst/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/Cisco-IOS-Catalyst/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..3216f9a --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS-Catalyst/.svn/text-base/device.h.svn-base @@ -0,0 +1,48 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_IOSCAT_H +#define device_IOSCAT_H + + +#include "../Cisco-IOS/iosdevice.h" + + +class IOSCatDevice : public IOSDevice +{ + public: + IOSCatDevice(); + + bool isDeviceType(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp b/libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp new file mode 100644 index 0000000..d920dd1 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS-Catalyst/device.cpp @@ -0,0 +1,102 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include + +#include "../device/common/configline.h" +#include "../globaldefs.h" +#include "device.h" + + +IOSCatDevice::IOSCatDevice() +{ + deviceMake = "Cisco"; + deviceType = "Catalyst"; + deviceOS = "IOS"; + + isRouter = false; // Set to true if it is a router (DONT ENABLE THIS ON CATALYSTS) + isFirewall = false; // Set to true if it is a firewall + isSwitch = true; // Set to true if it is a switch +} + + +bool IOSCatDevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + int count = 0; + int returnCode = 0; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (count < 6)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (strncmp(line, "version", 7) == 0) + count++; + + else if ((strcmp(command.part(0), "enable") == 0) && (strcmp(command.part(1), "secret") == 0)) + count++; + + else if ((strcmp(command.part(0), "enable") == 0) && (strcmp(command.part(1), "password") == 0)) + count++; + + else if ((strcmp(command.part(0), "line") == 0) && (strcmp(command.part(1), "vty") == 0)) + count++; + + else if ((strcmp(command.part(0), "line") == 0) && (strcmp(command.part(1), "con") == 0)) + count++; + + else if ((strcmp(command.part(0), "transport") == 0) && (strcmp(command.part(1), "input") == 0)) + count++; + + else if ((strcmp(command.part(0), "switchport") == 0) && (count > 0)) + count++; + } + fclose(inputFile); + + if (count == 6) + return true; + else + return false; +} diff --git a/libnipper-0.12.6/Cisco-IOS-Catalyst/device.h b/libnipper-0.12.6/Cisco-IOS-Catalyst/device.h new file mode 100644 index 0000000..3216f9a --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS-Catalyst/device.h @@ -0,0 +1,48 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_IOSCAT_H +#define device_IOSCAT_H + + +#include "../Cisco-IOS/iosdevice.h" + + +class IOSCatDevice : public IOSDevice +{ + public: + IOSCatDevice(); + + bool isDeviceType(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS-Router/.svn/all-wcprops b/libnipper-0.12.6/Cisco-IOS-Router/.svn/all-wcprops new file mode 100644 index 0000000..c443dd3 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS-Router/.svn/all-wcprops @@ -0,0 +1,17 @@ +K 25 +svn:wc:ra_dav:version-url +V 55 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS-Router +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 66 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS-Router/device.cpp +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS-Router/device.h +END diff --git a/libnipper-0.12.6/Cisco-IOS-Router/.svn/entries b/libnipper-0.12.6/Cisco-IOS-Router/.svn/entries new file mode 100644 index 0000000..ab9276a --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS-Router/.svn/entries @@ -0,0 +1,96 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/Cisco-IOS-Router +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device.cpp +file + + + + +2016-02-13T06:47:11.060158Z +9da4731ace013c4ab3c1dbeec3e1db79 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3420 + +device.h +file + + + + +2016-02-13T06:47:11.060158Z +e2e11e84d1b480df1411eda2ab88a5ae +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2513 + diff --git a/libnipper-0.12.6/Cisco-IOS-Router/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/Cisco-IOS-Router/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..bf05308 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS-Router/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,92 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Includes +#include + +#include "../device/common/configline.h" +#include "../globaldefs.h" +#include "device.h" + + +IOSRouterDevice::IOSRouterDevice() +{ + deviceMake = "Cisco"; + deviceType = "Router"; + deviceOS = "IOS"; + + isRouter = true; // Set to true if it is a router + isFirewall = false; // Set to true if it is a firewall + isSwitch = false; // Set to true if it is a switch +} + + +bool IOSRouterDevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + int count = 0; + int returnCode = 0; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + { + return false; + } + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (count < 2)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (strncmp(line, "version", 7) == 0) + count++; + + else if ((strcmp(command.part(0), "router") == 0) && (count > 0)) + count++; + } + fclose(inputFile); + + if (count == 2) + return true; + else + return false; +} + + diff --git a/libnipper-0.12.6/Cisco-IOS-Router/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/Cisco-IOS-Router/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..ae6db75 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS-Router/.svn/text-base/device.h.svn-base @@ -0,0 +1,47 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_IOSROUTER_H +#define device_IOSROUTER_H + + +#include "../Cisco-IOS/iosdevice.h" + +class IOSRouterDevice : public IOSDevice +{ + public: + IOSRouterDevice(); + + bool isDeviceType(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS-Router/device.cpp b/libnipper-0.12.6/Cisco-IOS-Router/device.cpp new file mode 100644 index 0000000..bf05308 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS-Router/device.cpp @@ -0,0 +1,92 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Includes +#include + +#include "../device/common/configline.h" +#include "../globaldefs.h" +#include "device.h" + + +IOSRouterDevice::IOSRouterDevice() +{ + deviceMake = "Cisco"; + deviceType = "Router"; + deviceOS = "IOS"; + + isRouter = true; // Set to true if it is a router + isFirewall = false; // Set to true if it is a firewall + isSwitch = false; // Set to true if it is a switch +} + + +bool IOSRouterDevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + int count = 0; + int returnCode = 0; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + { + return false; + } + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (count < 2)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (strncmp(line, "version", 7) == 0) + count++; + + else if ((strcmp(command.part(0), "router") == 0) && (count > 0)) + count++; + } + fclose(inputFile); + + if (count == 2) + return true; + else + return false; +} + + diff --git a/libnipper-0.12.6/Cisco-IOS-Router/device.h b/libnipper-0.12.6/Cisco-IOS-Router/device.h new file mode 100644 index 0000000..ae6db75 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS-Router/device.h @@ -0,0 +1,47 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_IOSROUTER_H +#define device_IOSROUTER_H + + +#include "../Cisco-IOS/iosdevice.h" + +class IOSRouterDevice : public IOSDevice +{ + public: + IOSRouterDevice(); + + bool isDeviceType(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/all-wcprops b/libnipper-0.12.6/Cisco-IOS/.svn/all-wcprops new file mode 100644 index 0000000..a04c855 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/all-wcprops @@ -0,0 +1,137 @@ +K 25 +svn:wc:ra_dav:version-url +V 48 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS +END +snmp.h +K 25 +svn:wc:ra_dav:version-url +V 55 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/snmp.h +END +general.h +K 25 +svn:wc:ra_dav:version-url +V 58 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/general.h +END +interfaces.cpp +K 25 +svn:wc:ra_dav:version-url +V 63 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/interfaces.cpp +END +dns.cpp +K 25 +svn:wc:ra_dav:version-url +V 56 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/dns.cpp +END +authentication.h +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/authentication.h +END +filter.cpp +K 25 +svn:wc:ra_dav:version-url +V 59 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/filter.cpp +END +administration.cpp +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/administration.cpp +END +snmp-report.cpp +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/snmp-report.cpp +END +interfaces.h +K 25 +svn:wc:ra_dav:version-url +V 61 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/interfaces.h +END +dns.h +K 25 +svn:wc:ra_dav:version-url +V 54 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/dns.h +END +filter.h +K 25 +svn:wc:ra_dav:version-url +V 57 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/filter.h +END +administration.h +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/administration.h +END +administration-security.cpp +K 25 +svn:wc:ra_dav:version-url +V 76 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/administration-security.cpp +END +administration-report.cpp +K 25 +svn:wc:ra_dav:version-url +V 74 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/administration-report.cpp +END +banner.cpp +K 25 +svn:wc:ra_dav:version-url +V 59 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/banner.cpp +END +iosdevice.cpp +K 25 +svn:wc:ra_dav:version-url +V 62 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/iosdevice.cpp +END +banner.h +K 25 +svn:wc:ra_dav:version-url +V 57 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/banner.h +END +administration-line.cpp +K 25 +svn:wc:ra_dav:version-url +V 72 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/administration-line.cpp +END +general.cpp +K 25 +svn:wc:ra_dav:version-url +V 60 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/general.cpp +END +snmp.cpp +K 25 +svn:wc:ra_dav:version-url +V 57 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/snmp.cpp +END +iosdevice.h +K 25 +svn:wc:ra_dav:version-url +V 60 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/iosdevice.h +END +authentication.cpp +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-IOS/authentication.cpp +END diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/entries b/libnipper-0.12.6/Cisco-IOS/.svn/entries new file mode 100644 index 0000000..a75b2d2 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/entries @@ -0,0 +1,776 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/Cisco-IOS +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +iosdevice.cpp +file + + + + +2016-02-13T06:47:10.628160Z +44873ae5de312dce219b5d84070017b3 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +11077 + +banner.h +file + + + + +2016-02-13T06:47:10.628160Z +41fa9b85cb07a46e8277980fc690f614 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2518 + +administration-line.cpp +file + + + + +2016-02-13T06:47:10.628160Z +d24e51b1e5492bef5c1dbb656ec6b20b +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +14096 + +general.cpp +file + + + + +2016-02-13T06:47:10.628160Z +6614b019bee7563e2b1dfbd8bab18e03 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +10083 + +snmp.cpp +file + + + + +2016-02-13T06:47:10.628160Z +2578999b79333f107eda3aa59caf5faf +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +25115 + +iosdevice.h +file + + + + +2016-02-13T06:47:10.628160Z +d1ddfa223ceabb1598e500b599cf348d +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2545 + +authentication.cpp +file + + + + +2016-02-13T06:47:10.628160Z +39912bae071c5bbb527115ece24bc3a9 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +26788 + +snmp.h +file + + + + +2016-02-13T06:47:10.628160Z +748372c5642c9f65b6cfa0eb74add33f +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3006 + +general.h +file + + + + +2016-02-13T06:47:10.628160Z +47d45cd39eec69e951f4a5da4fdf2949 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2854 + +interfaces.cpp +file + + + + +2016-02-13T06:47:10.628160Z +d5235fa7bc9b2e29493cedcb042862df +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +37858 + +dns.cpp +file + + + + +2016-02-13T06:47:10.628160Z +d56b5de61869d83da7a98ac38e9937cd +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +13245 + +authentication.h +file + + + + +2016-02-13T06:47:10.628160Z +d6baa3a5aef404590c879f5a8afc10d3 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3017 + +administration.cpp +file + + + + +2016-02-13T06:47:10.632160Z +e94756c5c81ab4d820d28edad0bc0d6d +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +31736 + +filter.cpp +file + + + + +2016-02-13T06:47:10.632160Z +0c24e5e917782f348676a7158002f90c +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +33309 + +snmp-report.cpp +file + + + + +2016-02-13T06:47:10.632160Z +e84a71a934b268ed2c9ef2da21ffc0ab +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +22524 + +interfaces.h +file + + + + +2016-02-13T06:47:10.632160Z +5a1c7974c7262ec395a085d91d452284 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2576 + +dns.h +file + + + + +2016-02-13T06:47:10.632160Z +a1f105297a203d5a9aa080d205389a1e +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2649 + +filter.h +file + + + + +2016-02-13T06:47:10.632160Z +879211cd880ab6ba3f3b9e4ce90a7de5 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3008 + +administration.h +file + + + + +2016-02-13T06:47:10.632160Z +e42bbc10f942ab4f79ac28fb3ba3bcf6 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5657 + +administration-security.cpp +file + + + + +2016-02-13T06:47:10.632160Z +88feb760d795d5c3b37d85201e178494 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +51007 + +administration-report.cpp +file + + + + +2016-02-13T06:47:10.628160Z +90594baa791c1a41bd397f42317aacba +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +13707 + +banner.cpp +file + + + + +2016-02-13T06:47:10.628160Z +a415153d0779664a54e38bb402adbd06 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +15124 + diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration-line.cpp.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration-line.cpp.svn-base new file mode 100644 index 0000000..a39ab79 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration-line.cpp.svn-base @@ -0,0 +1,326 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "iosdevice.h" +#include "administration.h" + + +IOSAdministration::lineConfig *IOSAdministration::addLine() +{ + // Variables... + lineConfig *linePointer = 0; + + // Create... + if (line == 0) + { + line = new (lineConfig); + linePointer = line; + } + else + { + linePointer = line; + while (linePointer->next != 0) + linePointer = linePointer->next; + linePointer->next = new (lineConfig); + linePointer = linePointer->next; + } + + // Init... + linePointer->type = lineConsole; // line_console... + linePointer->lineStart = 0; // i.e. VTY - 0 + linePointer->lineEnd = 0; // i.e. VTY - 4 + linePointer->login = loginLinePassword; // login_disabled... + linePointer->exec = true; // true (default) or false + linePointer->privilege = 1; // Privilege level + linePointer->callback = false; // true or false (default) + linePointer->encryption = false; // password encrypted?... + linePointer->passwordInDict = false; // password in the dictionary? + linePointer->passwordWeak = Device::passwordPassed; // password weak? + linePointer->accounting = false; + linePointer->authorization = false; + linePointer->defaultSettings = true; // true if no transport line has been set + linePointer->output = true; + linePointer->ssh = true; // true, false + linePointer->telnet = true; // true, false + linePointer->rlogin = true; // true, false + linePointer->all = true; // true, false + linePointer->execTimeout = 600; // Exec timeout in seconds, 0 = no timeout (default) + linePointer->absoluteTimeout = 0; + linePointer->sessionTimeout = 0; + linePointer->loginTimeout = 30; + linePointer->next = 0; + + return linePointer; +} + + +int IOSAdministration::generateDeviceSpecificConfig(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + lineConfig *linePointer = 0; + string tempString; + int errorCode = 0; + + if (device->isRouter == true) + { + device->addPort("rlogin"); + + // Add service to the services list... + paragraphPointer = device->getTableParagraphPointer("CONFIG-SERVICES-TABLE"); + device->addTableData(paragraphPointer->table, i18n("Rlogin Service")); + if (rloginEnabled == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + // Rlogin Settings section... + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraphTitle.assign(i18n("Rlogin Service Settings")); + paragraphPointer->paragraph.assign(i18n("The Rlogin service enables remote administrative access to a *ABBREV*CLI*-ABBREV* on *DEVICETYPE* devices. The Telnet protocol implemented by the service is simple and provides no encryption of the network communications between the client and the server. This section details the Rlogin service settings.")); + + // Rlogin Settings Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINRLOGIN-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("Rlogin service settings"); + device->addTableHeading(paragraphPointer->table, i18n("Description"), false); + device->addTableHeading(paragraphPointer->table, i18n("Setting"), false); + device->addTableData(paragraphPointer->table, i18n("Rlogin Service")); + if (rloginEnabled == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + device->addTableData(paragraphPointer->table, i18n("Service *ABBREV*TCP*-ABBREV* Port")); + device->addTableData(paragraphPointer->table, "513"); + + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access using the Rlogin service is configured using lines on *DEVICETYPE* devices. These lines are listed in Table *TABLEREF*.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "IOS-RLOGINLINE-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title.assign(i18n("Rlogin line configuration")); + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Exec"), false); + device->addTableHeading(paragraphPointer->table, i18n("Login"), false); + device->addTableHeading(paragraphPointer->table, i18n("Level"), false); + device->addTableHeading(paragraphPointer->table, i18n("Password"), true); + device->addTableHeading(paragraphPointer->table, i18n("Authorisation"), false); + device->addTableHeading(paragraphPointer->table, i18n("Accounting"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*ACL*-ABBREV*"), false); + + linePointer = line; + while (linePointer != 0) + { + + // If line is used... + if ((linePointer->type == lineVTY) && (linePointer->rlogin == true) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + { + switch (linePointer->type) + { + case lineConsole: + device->addTableData(paragraphPointer->table, i18n("Console")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + case lineAUX: + device->addTableData(paragraphPointer->table, i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + if (linePointer->exec == true) + { + device->addTableData(paragraphPointer->table, i18n("Yes")); + switch (linePointer->login) + { + case loginWithNoPassword: + device->addTableData(paragraphPointer->table, i18n("No Authentication")); + break; + case loginLinePassword: + device->addTableData(paragraphPointer->table, i18n("Line Password")); + break; + case loginLocal: + device->addTableData(paragraphPointer->table, i18n("Local Users")); + break; + case loginTACACS: + device->addTableData(paragraphPointer->table, i18n("*ABBREV*TACACS*-ABBREV* Style")); + break; + default: + device->addTableData(paragraphPointer->table, i18n("*ABBREV*AAA*-ABBREV* Authentication")); + break; + } + } + else + { + device->addTableData(paragraphPointer->table, i18n("No")); + device->addTableData(paragraphPointer->table, i18n("N/A")); + } + tempString.assign(device->intToString(linePointer->privilege)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + device->addTableData(paragraphPointer->table, linePointer->password.c_str()); + if (linePointer->accounting == false) + device->addTableData(paragraphPointer->table, i18n("Off")); + else + { + tempString.assign(i18n("On")); + tempString.append(" ("); + tempString.append(linePointer->accList); + tempString.append(")"); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + if (linePointer->authorization == false) + device->addTableData(paragraphPointer->table, i18n("Off")); + else + { + tempString.assign(i18n("On")); + tempString.append(" ("); + tempString.append(linePointer->authList); + tempString.append(")"); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + device->addTableData(paragraphPointer->table, linePointer->aclIn.c_str()); + } + linePointer = linePointer->next; + } + } + + + // Line Settings section... + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraphTitle.assign(i18n("Line Settings")); + paragraphPointer->paragraph.assign(i18n("The line settings are used on *DEVICETYPE* devices to configure inbound and outbound administrative access using a number of different services. The previous sections have covered the specific administration services and their authentication configurations. This section details all the lines configured on *DEVICENAME* and the timeouts and *ABBREV*ACLs*-ABBREV* configured for inbound and outbound connections.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "IOS-LINES-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title.assign(i18n("Line timeout and *ABBREV*ACL*-ABBREV* configuration")); + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Exec"), false); + device->addTableHeading(paragraphPointer->table, i18n("Absolute"), false); + device->addTableHeading(paragraphPointer->table, i18n("Session"), false); + device->addTableHeading(paragraphPointer->table, i18n("Login"), true); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*ACL*-ABBREV* In"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*ACL*-ABBREV* Out"), false); + + linePointer = line; + while (linePointer != 0) + { + + switch (linePointer->type) + { + case lineConsole: + device->addTableData(paragraphPointer->table, i18n("Console")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + case lineAUX: + device->addTableData(paragraphPointer->table, i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + if (linePointer->execTimeout == 0) + device->addTableData(paragraphPointer->table, i18n("None")); + else + { + tempString.assign(device->timeToString(linePointer->execTimeout)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + if (linePointer->absoluteTimeout == 0) + device->addTableData(paragraphPointer->table, i18n("None")); + else + { + tempString.assign(device->timeToString(linePointer->absoluteTimeout)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + if (linePointer->sessionTimeout == 0) + device->addTableData(paragraphPointer->table, i18n("None")); + else + { + tempString.assign(device->timeToString(linePointer->sessionTimeout)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + if (linePointer->loginTimeout == 0) + device->addTableData(paragraphPointer->table, i18n("None")); + else + { + tempString.assign(device->timeToString(linePointer->loginTimeout)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + device->addTableData(paragraphPointer->table, linePointer->aclIn.c_str()); + device->addTableData(paragraphPointer->table, linePointer->aclOut.c_str()); + linePointer = linePointer->next; + } + + return errorCode; +} + diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration-report.cpp.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration-report.cpp.svn-base new file mode 100644 index 0000000..1dcaf1f --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration-report.cpp.svn-base @@ -0,0 +1,329 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "iosdevice.h" +#include "administration.h" + + +int IOSAdministration::generateDeviceTelnetConfig(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + lineConfig *linePointer = line; + string tempString; + bool found = false; + int errorCode = 0; + + if ((linePointer != 0) && (telnetEnabled == true)) + { + + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access to the Telnet service on *DEVICETYPE* devices is configured using lines. Table *TABLEREF* details the Telnet line configuration.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINTELNETLINE-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("Telnet service lines"); + + // Headings... + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Exec"), false); + device->addTableHeading(paragraphPointer->table, i18n("Login"), false); + device->addTableHeading(paragraphPointer->table, i18n("Level"), false); + device->addTableHeading(paragraphPointer->table, i18n("Password"), true); + device->addTableHeading(paragraphPointer->table, i18n("Authorisation"), false); + device->addTableHeading(paragraphPointer->table, i18n("Accounting"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*ACL*-ABBREV*"), false); + + // Data... + while (linePointer != 0) + { + if ((linePointer->telnet == true) && (linePointer->type == lineVTY) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + { + switch (linePointer->type) + { + case lineConsole: + device->addTableData(paragraphPointer->table, i18n("Console")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + case lineAUX: + device->addTableData(paragraphPointer->table, i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + if (linePointer->exec == true) + { + device->addTableData(paragraphPointer->table, i18n("Yes")); + switch (linePointer->login) + { + case loginWithNoPassword: + device->addTableData(paragraphPointer->table, i18n("No Authentication")); + break; + case loginLinePassword: + device->addTableData(paragraphPointer->table, i18n("Line Password")); + if (linePointer->password.empty()) + found = true; + break; + case loginLocal: + device->addTableData(paragraphPointer->table, i18n("Local Users")); + break; + case loginTACACS: + device->addTableData(paragraphPointer->table, i18n("TACACS Style")); + break; + default: + device->addTableData(paragraphPointer->table, i18n("AAA Authentication")); + break; + } + } + else + { + device->addTableData(paragraphPointer->table, i18n("No")); + device->addTableData(paragraphPointer->table, i18n("N/A")); + } + tempString.assign(device->intToString(linePointer->privilege)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + device->addTableData(paragraphPointer->table, linePointer->password.c_str()); + if (linePointer->accounting == false) + device->addTableData(paragraphPointer->table, i18n("Off")); + else + { + tempString.assign(i18n("On")); + tempString.append(" ("); + tempString.append(linePointer->accList); + tempString.append(")"); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + if (linePointer->authorization == false) + device->addTableData(paragraphPointer->table, i18n("Off")); + else + { + tempString.assign(i18n("On")); + tempString.append(" ("); + tempString.append(linePointer->authList); + tempString.append(")"); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + device->addTableData(paragraphPointer->table, linePointer->aclIn.c_str()); + } + linePointer = linePointer->next; + } + + if (found == true) + { + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("It is worth noting that if a line password has not been configured and the line is set to authenticate using the password, an error message is displayed and the connection will be terminated.")); + } + } + return errorCode; +} + + +int IOSAdministration::generateDeviceHTTPConfig(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + + // additional SSH settings... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINHTTP-TABLE"); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*HTTP*-ABBREV* *ABBREV*ACL*-ABBREV*")); + if (httpAcl.empty()) + device->addTableData(paragraphPointer->table, ""); + else + device->addTableData(paragraphPointer->table, httpAcl.c_str()); + + return 0; +} + + +int IOSAdministration::generateDeviceSSHConfig(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + lineConfig *linePointer = line; + string tempString; + bool found = false; + int errorCode = 0; + + if ((linePointer != 0) && (sshEnabled == true)) + { + + // additional SSH settings... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINSSH-TABLE"); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*SSH*-ABBREV* Authentication Retries")); + tempString.assign(device->intToString(sshRetries)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*SSH*-ABBREV* Negotiation Timeout")); + tempString.assign(device->timeToString(sshNegTimeout)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access to the *ABBREV*SSH*-ABBREV* service on *DEVICETYPE* devices is configured using lines. Table *TABLEREF* details the *ABBREV*SSH*-ABBREV* line configuration.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINSSHLINE-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("*ABBREV*SSH*-ABBREV* service lines"); + + // Headings... + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Exec"), false); + device->addTableHeading(paragraphPointer->table, i18n("Login"), false); + device->addTableHeading(paragraphPointer->table, i18n("Level"), false); + device->addTableHeading(paragraphPointer->table, i18n("Password"), true); + device->addTableHeading(paragraphPointer->table, i18n("Authorisation"), false); + device->addTableHeading(paragraphPointer->table, i18n("Accounting"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*ACL*-ABBREV*"), false); + + // Data... + while (linePointer != 0) + { + if ((linePointer->ssh == true) && (linePointer->type == lineVTY) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + { + switch (linePointer->type) + { + case lineConsole: + device->addTableData(paragraphPointer->table, i18n("Console")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + case lineAUX: + device->addTableData(paragraphPointer->table, i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + if (linePointer->exec == true) + { + device->addTableData(paragraphPointer->table, i18n("Yes")); + switch (linePointer->login) + { + case loginWithNoPassword: + device->addTableData(paragraphPointer->table, i18n("No Authentication")); + break; + case loginLinePassword: + device->addTableData(paragraphPointer->table, i18n("Line Password")); + if (linePointer->password.empty()) + found = true; + break; + case loginLocal: + device->addTableData(paragraphPointer->table, i18n("Local Users")); + break; + case loginTACACS: + device->addTableData(paragraphPointer->table, i18n("TACACS Style")); + break; + default: + device->addTableData(paragraphPointer->table, i18n("AAA Authentication")); + break; + } + } + else + { + device->addTableData(paragraphPointer->table, i18n("No")); + device->addTableData(paragraphPointer->table, i18n("N/A")); + } + tempString.assign(device->intToString(linePointer->privilege)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + device->addTableData(paragraphPointer->table, linePointer->password.c_str()); + if (linePointer->accounting == false) + device->addTableData(paragraphPointer->table, i18n("Off")); + else + { + tempString.assign(i18n("On")); + tempString.append(" ("); + tempString.append(linePointer->accList); + tempString.append(")"); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + if (linePointer->authorization == false) + device->addTableData(paragraphPointer->table, i18n("Off")); + else + { + tempString.assign(i18n("On")); + tempString.append(" ("); + tempString.append(linePointer->authList); + tempString.append(")"); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + device->addTableData(paragraphPointer->table, linePointer->aclIn.c_str()); + } + linePointer = linePointer->next; + } + + if (found == true) + { + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("It is worth noting that if a line password has not been configured and the line is set to authenticate using the password, an error message is displayed and the connection will be terminated.")); + } + } + return errorCode; +} diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration-security.cpp.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration-security.cpp.svn-base new file mode 100644 index 0000000..9581f59 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration-security.cpp.svn-base @@ -0,0 +1,993 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "iosdevice.h" +#include "administration.h" + + +int IOSAdministration::generateSecuritySpecificReport(Device *device) +{ + // Variables... + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + lineConfig *linePointer = 0; + string tempString; + int lineAclInMissingCount = 0; + int lineWeakExecTimeoutCount = 0; + int lineWithTACACSCount = 0; + int lineWithoutAuthorisation = 0; + int lineWithoutAccounting = 0; + int lineWithOutputTransport = 0; + int lineOuputNoAcl = 0; + int lineLoginWithoutPassword = 0; + int lineWithTransportInputAll = 0; + int lineWithRLogin = 0; + bool found = false; + bool consoleAccessOnly = false; + int errorCode = 0; + + // Search for issues... + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s Administration IOS Issue Checks\n", device->config->COL_BLUE, device->config->COL_RESET); + + linePointer = line; + while (linePointer != 0) + { + + // If line is used... + if (((linePointer->telnet == true) || (linePointer->ssh == true) || (linePointer->rlogin == true)) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + { + + // Line ACL In is missing... + if ((linePointer->type == lineVTY) && (linePointer->aclIn.empty())) + lineAclInMissingCount++; + + // Line exec timeout is weak... + if ((linePointer->execTimeout > device->config->connectionTimeouts) || (linePointer->execTimeout == 0)) + lineWeakExecTimeoutCount++; + + // Line RLogin... + if ((linePointer->type == lineVTY) && (linePointer->rlogin == true)) + lineWithRLogin++; + + // Line input transport all used... + if ((linePointer->type == lineVTY) && (linePointer->all == true)) + lineWithTransportInputAll++; + + // Line TACACS... + if (linePointer->login == loginTACACS) + lineWithTACACSCount++; + + // Line Login with no password... + if (linePointer->login == loginWithNoPassword) + lineLoginWithoutPassword++; + + // Line accounting... + if (linePointer->accounting == false) + lineWithoutAccounting++; + + // Line authorisation... + if (linePointer->authorization == false) + lineWithoutAuthorisation++; + } + + // Transport Output... + if ((linePointer->type != lineAUX) && (linePointer->type != lineConsole) && (linePointer->output == true)) + { + lineWithOutputTransport++; + if (linePointer->aclOut.empty()) + lineOuputNoAcl++; + } + + linePointer = linePointer->next; + } + + + // Issues... + + + // ACL in + if (lineAclInMissingCount > 0) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Administration Line Without ACL Configured\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Administration Access With No Host Restrictions")); + securityIssuePointer->reference.assign("IOS.LINENACL.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("Remote command-based administrative services such as Telnet and *ABBREV*SSH*-ABBREV* are configured using lines on *DEVICETYPE* devices. These lines determine the method of authentication to be used, restrictions such as timeouts and access restriction *ABBREV*ACLs*-ABBREV*. *ABBREV*ACLs*-ABBREV* can be configured for both inbound and outbound connections to *DEVICETYPE* devices. These enable the restriction of administrative access to and from the hosts and networks defined in the *ABBREV*ACLs*-ABBREV*. If no *ABBREV*ACL*-ABBREV* are configured for the lines, no access restrictions are applied.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addValue(paragraphPointer, lineAclInMissingCount); + if (lineAclInMissingCount > 1) + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* lines were configured with no *ABBREV*ACL*-ABBREV* to restrict administrative access to *DEVICENAME*. These lines are listed in Table *TABLEREF*.")); + else + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* line was configured with no *ABBREV*ACL*-ABBREV* to restrict administrative access to *DEVICENAME*. This line is shown in Table *TABLEREF*.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "SEC-REMOTEADMINLINEACL-TABLE"); + if (errorCode != 0) + return errorCode; + if (lineAclInMissingCount > 1) + paragraphPointer->table->title.assign(i18n("Administration lines without *ABBREV*ACL*-ABBREV*")); + else + paragraphPointer->table->title.assign(i18n("Administration line without *ABBREV*ACL*-ABBREV*")); + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Exec"), false); + device->addTableHeading(paragraphPointer->table, i18n("Login"), false); + device->addTableHeading(paragraphPointer->table, i18n("Level"), false); + device->addTableHeading(paragraphPointer->table, i18n("Telnet"), false); + if (sshSupported == true) + device->addTableHeading(paragraphPointer->table, i18n("SSH"), false); + if (device->isRouter == true) + device->addTableHeading(paragraphPointer->table, i18n("Rlogin"), false); + + linePointer = line; + found = false; + while (linePointer != 0) + { + + // If line is used... + if (((linePointer->type == lineVTY) && (linePointer->aclIn.empty())) && ((linePointer->telnet == true) || (linePointer->ssh == true) || (linePointer->rlogin == true)) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + { + switch (linePointer->type) + { + case lineConsole: + device->addTableData(paragraphPointer->table, i18n("Console")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + case lineAUX: + device->addTableData(paragraphPointer->table, i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + if (linePointer->exec == true) + { + device->addTableData(paragraphPointer->table, i18n("Yes")); + switch (linePointer->login) + { + case loginWithNoPassword: + device->addTableData(paragraphPointer->table, i18n("No Authentication")); + found = true; + break; + case loginLinePassword: + device->addTableData(paragraphPointer->table, i18n("Line Password")); + if (linePointer->password.empty()) + found = true; + break; + case loginLocal: + device->addTableData(paragraphPointer->table, i18n("Local Users")); + break; + case loginTACACS: + device->addTableData(paragraphPointer->table, i18n("TACACS Style")); + break; + default: + device->addTableData(paragraphPointer->table, i18n("AAA Authentication")); + break; + } + } + else + { + device->addTableData(paragraphPointer->table, i18n("No")); + device->addTableData(paragraphPointer->table, i18n("N/A")); + } + tempString.assign(device->intToString(linePointer->privilege)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + if (linePointer->telnet == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + if (sshSupported == true) + { + if (linePointer->ssh == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + } + if (device->isRouter == true) + { + if (linePointer->rlogin == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + } + } + linePointer = linePointer->next; + } + + // Issue impact... + if ((lineWithRLogin > 0) || (telnetEnabled == true)) + securityIssuePointer->impactRating = 7; // High + else + securityIssuePointer->impactRating = 5; // Medium + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("When no *ABBREV*ACL*-ABBREV* has been applied to the line configuration, an attacker or malicious user would not be restricted by *DEVICENAME* from connecting to a line configured administrative service. If a vulnerability were to exist in those services, or the attacker has valid authentication credentials, they could gain full administrative access to *DEVICENAME*.")); + if ((lineWithRLogin > 0) || (telnetEnabled == true)) + paragraphPointer->paragraph.append(i18n(" Furthermore, with clear text protocol services enabled, an attacker could gain the authentication credentials by monitoring administrative connections to the device.")); + if (found == true) + { + securityIssuePointer->impactRating = 9; // Critical + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("To make matters worse, not all the lines require a password in order for an attacker to gain access. The attacker may simply have to connect to the administrative service in order to gain administrative access.")); + } + + // Issue ease... + securityIssuePointer->easeRating = 9; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("For an attacker to gain access to an administrative service, they would simply have to connect to it using the relevant client software. Client software for most administrative services is available on the Internet and some are installed by default on most *ABBREV*OS*-ABBREV*.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 2; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that an *ABBREV*ACL*-ABBREV* is configured and then applied to the line in order to restrict access.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("A *ABBREV*ACL*-ABBREV* can be configured with the following commands:*CODE**COMMAND*ip access-list standard *CMDUSER*access-list-number*-CMDUSER**-COMMAND**COMMAND*remark *CMDUSER*description*-CMDUSER**-COMMAND**COMMAND*permit *CMDUSER*ip-address*-CMDUSER* *CMDUSER*wildcard*-CMDUSER* *CMDOPTION*log*-CMDOPTION**-COMMAND**-CODE*")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("The *ABBREV*ACL*-ABBREV* can then be applied to a line, from line configuration mode, using the following command:*CODE**COMMAND*access-class *CMDUSER*access-list-number*-CMDUSER* in*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("all active lines were not configured with an *ABBREV*ACL*-ABBREV* to restrict access")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Configure an *ABBREV*ACL*-ABBREV* to restrict access")); + device->addRecommendation(securityIssuePointer, i18n("Apply the *ABBREV*ACL*-ABBREV* to the relevant lines")); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "IOS.LINENOPA.1"); + device->addRelatedIssue(securityIssuePointer, "IOR.LINERLOG.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.ADMITELN.1"); + } + + + // Weak Line Exec Timeout + if (lineWeakExecTimeoutCount > 0) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Weak Exec Line Timeout\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Weak Exec Line Timeout Configured")); + securityIssuePointer->reference.assign("IOS.LINETMOT.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("The line exec timeout setting is used by *DEVICETYPE* devices to identify unused connections that can be terminated. The system resources used by *DEVICETYPE* devices can then be freed and session terminated. A connection could become unused for a number of reasons; the network connection may have been disrupted, a connection may not of been properly terminated or an administrator may have left their computer with a connection open. In the case of console connections, the administrator may have disconnected the console cable without properly terminating a session.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addValue(paragraphPointer, lineAclInMissingCount); + if (lineWeakExecTimeoutCount > 1) + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* lines were configured with a weak exec timeout. These lines are listed in Table *TABLEREF*.")); + else + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* line was configured with no exec timeout. This line is shown in Table *TABLEREF*.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "SEC-LINEEXECTIMEOUT-TABLE"); + if (errorCode != 0) + return errorCode; + if (lineWeakExecTimeoutCount > 1) + paragraphPointer->table->title.assign(i18n("Administration lines with weak exec timeouts")); + else + paragraphPointer->table->title.assign(i18n("Administration line with a weak exec timeout")); + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Telnet"), false); + if (sshSupported == true) + device->addTableHeading(paragraphPointer->table, i18n("SSH"), false); + if (device->isRouter == true) + device->addTableHeading(paragraphPointer->table, i18n("Rlogin"), false); + device->addTableHeading(paragraphPointer->table, i18n("Exec Timeout"), false); + + linePointer = line; + found = false; + while (linePointer != 0) + { + + // If line is used... + if (((linePointer->execTimeout > device->config->connectionTimeouts) || (linePointer->execTimeout == 0)) && ((linePointer->telnet == true) || (linePointer->ssh == true) || (linePointer->rlogin == true)) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + { + switch (linePointer->type) + { + case lineConsole: + device->addTableData(paragraphPointer->table, i18n("Console")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + found = true; + break; + case lineAUX: + device->addTableData(paragraphPointer->table, i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + found = true; + break; + } + if ((linePointer->type == lineConsole) || (linePointer->type == lineAUX)) + { + device->addTableData(paragraphPointer->table, i18n("N/A")); + if (sshSupported == true) + device->addTableData(paragraphPointer->table, i18n("N/A")); + if (device->isRouter == true) + device->addTableData(paragraphPointer->table, i18n("N/A")); + } + else + { + if (linePointer->telnet == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + if (sshSupported == true) + { + if (linePointer->ssh == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + } + if (device->isRouter == true) + { + if (linePointer->rlogin == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + } + } + if (linePointer->execTimeout == 0) + device->addTableData(paragraphPointer->table, i18n("None")); + else + { + tempString.assign(device->timeToString(linePointer->execTimeout)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + } + linePointer = linePointer->next; + } + + // Issue impact... + securityIssuePointer->impactRating = 7; // High + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("If a connection is not properly terminated, it may be possible for an attacker to make use of the connection in order to gain access to the device. If successful, the attacker would gain access with the privileges of the previous user.")); + + // Issue ease... + securityIssuePointer->easeRating = 7; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("There are a number of different ways that an attacker could exploit this issue, some are dependent on the service protocol or connection type. To remotely exploit this issue, the attacker would normally have to be able to monitor the remote connection unless the administrators management host is part of the attack. A number of tools are available on the Internet that can monitor network traffic or perform a man in the middle attacks.")); + if (found == false) + { + securityIssuePointer->easeRating = 3; + paragraphPointer->paragraph.append(i18n(" For a console connection to *DEVICENAME*, an attacker would require physical access to the device.")); + } + + // Issue recommendation... + securityIssuePointer->fixRating = 2; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + device->addString(paragraphPointer, device->timeToString(device->config->connectionTimeouts)); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that a timeout period of *DATA* should be configured for exec connections to *DEVICENAME*.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("An exec timeout can be configured on a line with the following line mode command:*CODE**COMMAND*exec-timeout *CMDUSER*minutes*-CMDUSER* *CMDOPTION*seconds*-CMDOPTION**-COMMAND**-CODE*")); + + // Conclusions text... + if (lineAclInMissingCount > 1) + securityIssuePointer->conLine.append(i18n("weak exec line timeouts were configured")); + else + securityIssuePointer->conLine.append(i18n("a weak exec line timeouts was configured")); + + // Recommendation list text... + tempString.assign(i18n("Configure an exec line connection timeout of ")); + tempString.append(device->timeToString(device->config->connectionTimeouts)); + device->addRecommendation(securityIssuePointer, tempString.c_str()); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "GEN.ADMITELN.1"); + } + + + if (lineWithTACACSCount > 0) + { + } + + + if (lineWithoutAuthorisation > 0) + { } + + + if (lineWithoutAccounting > 0) + { } + + + // Output protocol transport support... + if (lineWithOutputTransport > 0) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Outbound Administrative Access Configured\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Outbound Administrative Access Configured")); + securityIssuePointer->reference.assign("IOS.LINETROT.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("It is possible to remotely connect to other devices from *DEVICENAME* using Telnet and other protocols using the built in client software. This enables an administrator who is connected to *DEVICENAME* to quickly connect to other devices on the network, it could be that it is the only way an administrator can connect to the other devices if the network filtering on those devices only allows access from *DEVICENAME*.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addValue(paragraphPointer, lineWithOutputTransport); + if (lineWithOutputTransport > 1) + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* lines were configured to enable outbound administration. These lines are listed in Table *TABLEREF*.")); + else + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* line was configured to enable outbound administration. This line is shown in Table *TABLEREF*.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "SEC-LINEOUTPUTENABLED-TABLE"); + if (errorCode != 0) + return errorCode; + if (lineWithOutputTransport > 1) + paragraphPointer->table->title.assign(i18n("Lines with outbound administration enabled")); + else + paragraphPointer->table->title.assign(i18n("Line with outbound administration enabled")); + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Outbound *ABBREV*ACL*-ABBREV*"), false); + + linePointer = line; + found = true; + consoleAccessOnly = true; + while (linePointer != 0) + { + + // If line is used... + if ((linePointer->type != lineAUX) && (linePointer->type != lineConsole) && (linePointer->output == true)) + { + switch (linePointer->type) + { + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + device->addTableData(paragraphPointer->table, linePointer->aclOut.c_str()); + } + linePointer = linePointer->next; + } + + // Issue impact... + securityIssuePointer->impactRating = 2; // Information + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("If an attacker were able to gain a level of access to *DEVICENAME* they could use the device to attack and potentially gain access to other network hosts. If the attacker had administrative access to *DEVICENAME* they could reconfigure this level of access themselves. However, if they were to have a lower level of access, they would require *DEVICENAME* to already be configured to alow access to other devices.")); + if (lineOuputNoAcl > 0) + { + securityIssuePointer->easeRating = 1; + paragraphPointer->paragraph.append(i18n(" Furthermore, without assigning an *ABBREV*ACL*-ABBREV* for outbound connections the attacker would not be prevented by *DEVICENAME* from connecting to any network host.")); + } + + // Issue ease... + securityIssuePointer->easeRating = 2; // Challenging + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("In order to use *DEVICENAME* to attack other network devices the attacker would already need to have access to *DEVICENAME*.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 2; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that, unless require, *DEVICETYPE* devices should be configured to prevent using the device to access other network devices.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("Administrative outbound access to other network devices can be disabled on *DEVICETYPE* devices with the following line command:*CODE**COMMAND*transport output none*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("outbound administration was enabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable outbound administration")); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "IOS.LINEACLO.1"); + } + + + // Output protocol transport support without acl... + if (lineOuputNoAcl > 0) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Unrestricted Outbound Administrative Access\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Unrestricted Outbound Administrative Access")); + securityIssuePointer->reference.assign("IOS.LINEACLO.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("It is possible to remotely connect to other devices from *DEVICENAME* using Telnet and other protocols using the built in client software. This access can be restricted to specific hosts with the use of an *ABBREV*ACL*-ABBREV* in order to permit access to only a limited number of hosts.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addValue(paragraphPointer, lineOuputNoAcl); + if (lineOuputNoAcl > 1) + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* lines were configured to enable outbound administration without an *ABBREV*ACL*-ABBREV* to restrict host access. These lines are listed in Table *TABLEREF*.")); + else + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* line was configured to enable outbound administration without an *ABBREV*ACL*-ABBREV* to restrict host access. This line is shown in Table *TABLEREF*.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "SEC-LINEOUTPUTNOACL-TABLE"); + if (errorCode != 0) + return errorCode; + if (lineOuputNoAcl > 1) + paragraphPointer->table->title.assign(i18n("Lines with outbound administration enabled")); + else + paragraphPointer->table->title.assign(i18n("Line with outbound administration enabled")); + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + + linePointer = line; + found = true; + consoleAccessOnly = true; + while (linePointer != 0) + { + + // If line is used... + if ((linePointer->type != lineAUX) && (linePointer->type != lineConsole) && (linePointer->output == true) && (linePointer->aclOut.empty())) + { + switch (linePointer->type) + { + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + } + linePointer = linePointer->next; + } + + // Issue impact... + securityIssuePointer->impactRating = 2; // Information + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("If an attacker were able to gain a level of access to *DEVICENAME* they could use the device to attack and potentially gain access to other network hosts. With no *ABBREV*ACL*-ABBREV*, the attacker would not be restricted to specific hosts.")); + + // Issue ease... + securityIssuePointer->easeRating = 2; // Challenging + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("In order to use *DEVICENAME* to attack other network devices the attacker would already need to have access to *DEVICENAME*.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 2; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that, unless require, *DEVICETYPE* devices should be configured to prevent using the device to access other network devices. However, if outbound administrative access is required, *COMPANY* recommends that an *ABBREV*ACL*-ABBREV* is configured to restrict access to specific hosts.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("Administrative outbound access to other network devices can be disabled on *DEVICETYPE* devices with the following line command:*CODE**COMMAND*transport output none*-COMMAND**-CODE*")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("A *ABBREV*ACL*-ABBREV* can be configured with the following commands:*CODE**COMMAND*ip access-list standard *CMDUSER*access-list-number*-CMDUSER**-COMMAND**COMMAND*remark *CMDUSER*description*-CMDUSER**-COMMAND**COMMAND*permit *CMDUSER*ip-address*-CMDUSER* *CMDUSER*wildcard*-CMDUSER* *CMDOPTION*log*-CMDOPTION**-COMMAND**-CODE*")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("The *ABBREV*ACL*-ABBREV* can then be applied to a line, from line configuration mode, using the following command:*CODE**COMMAND*access-class *CMDUSER*access-list-number*-CMDUSER* out*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("outbound administration was enabled without access restrictions")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable outbound administration"), true); + device->addRecommendation(securityIssuePointer, i18n("Configure a *ABBREV*ACL*-ABBREV*")); + device->addRecommendation(securityIssuePointer, i18n("Apply the *ABBREV*ACL*-ABBREV* to the outbound line configuration")); + + // Dependent issues... + device->addDependency(securityIssuePointer, "IOS.LINETROT.1"); + } + + + // Lines not requiring a password to login + if (lineLoginWithoutPassword > 0) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Administrative Service Login With No Password\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Administrative Service Login With No Password")); + securityIssuePointer->reference.assign("IOS.LINENOPA.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("The Telnet, *ABBREV*SSH*-ABBREV* and console-based access to *DEVICETYPE* devices are configured using the line configuration. It is possible to configure different authentication methods to the device, including not requiring any authentication.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addValue(paragraphPointer, lineLoginWithoutPassword); + if (lineLoginWithoutPassword > 1) + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* lines were configured in a way that no authentication is required. These lines are listed in Table *TABLEREF*.")); + else + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* line was configured in a way that no authentication is required. This line is shown in Table *TABLEREF*.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "SEC-LINENOAUTH-TABLE"); + if (errorCode != 0) + return errorCode; + if (lineLoginWithoutPassword > 1) + paragraphPointer->table->title.assign(i18n("Administration lines that do not require authentication")); + else + paragraphPointer->table->title.assign(i18n("Administration line that does not require authentication")); + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Exec"), false); + device->addTableHeading(paragraphPointer->table, i18n("Login"), false); + device->addTableHeading(paragraphPointer->table, i18n("Level"), false); + device->addTableHeading(paragraphPointer->table, i18n("Telnet"), false); + if (sshSupported == true) + device->addTableHeading(paragraphPointer->table, i18n("SSH"), false); + if (device->isRouter == true) + device->addTableHeading(paragraphPointer->table, i18n("Rlogin"), false); + + linePointer = line; + found = true; + consoleAccessOnly = true; + while (linePointer != 0) + { + + // If line is used... + if ((linePointer->login == loginWithNoPassword) && ((linePointer->telnet == true) || (linePointer->ssh == true) || (linePointer->rlogin == true)) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + { + switch (linePointer->type) + { + case lineConsole: + device->addTableData(paragraphPointer->table, i18n("Console")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + case lineAUX: + device->addTableData(paragraphPointer->table, i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + if (linePointer->exec == true) + { + device->addTableData(paragraphPointer->table, i18n("Yes")); + switch (linePointer->login) + { + case loginWithNoPassword: + device->addTableData(paragraphPointer->table, i18n("No Authentication")); + found = true; + break; + case loginLinePassword: + device->addTableData(paragraphPointer->table, i18n("Line Password")); + break; + case loginLocal: + device->addTableData(paragraphPointer->table, i18n("Local Users")); + break; + case loginTACACS: + device->addTableData(paragraphPointer->table, i18n("TACACS Style")); + break; + default: + device->addTableData(paragraphPointer->table, i18n("AAA Authentication")); + break; + } + } + else + { + device->addTableData(paragraphPointer->table, i18n("No")); + device->addTableData(paragraphPointer->table, i18n("N/A")); + } + tempString.assign(device->intToString(linePointer->privilege)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + if (linePointer->telnet == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + if (sshSupported == true) + { + if (linePointer->ssh == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + } + if (device->isRouter == true) + { + if (linePointer->rlogin == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + } + if ((linePointer->type != lineConsole) && (!linePointer->aclIn.empty())) + found = false; + if (linePointer->type != lineConsole) + consoleAccessOnly = false; + } + linePointer = linePointer->next; + } + + // Issue impact... + securityIssuePointer->impactRating = 9; // Critical + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("With no authentication required, an attacker or malicious user who is able to access one of the administration interfaces configured on the lines detailed above would gain access without authenticating.")); + + // Issue ease... + securityIssuePointer->easeRating = 8; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("The attacker or malicious user would simply have to connect to *DEVICENAME*, no authentication would be requested.")); + if (consoleAccessOnly == true) + { + securityIssuePointer->easeRating = 3; + paragraphPointer->paragraph.append(i18n(" However, for console access the attacker would require physical access to the device.")); + } + else if (found == true) + { + securityIssuePointer->easeRating = 4; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.append(i18n("*ABBREV*ACL*-ABBREV* have been configured on the lines in order to restrict administrative access to *DEVICENAME*. However, a skilled attacker may be able to bypass any network access restrictions.")); + } + + // Issue recommendation... + securityIssuePointer->fixRating = 3; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that all administrative access should require authentication.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("Authentication can be configured on lines using the following line mode command:*CODE**COMMAND*login *CMDOPTION*tacacs *CMDOR* local*-CMDOPTION**-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("authentication was not required for all administrative access")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Configure authentication only access for all administrative lines")); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "GEN.ADMITELN.1"); + device->addRelatedIssue(securityIssuePointer, "IOS.LINENACL.1"); + } + + + if (lineWithTransportInputAll > 0) + { } + + + if (lineWithRLogin > 0) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Clear Text Rlogin Protocol Service\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Clear Text Rlogin Protocol Service")); + securityIssuePointer->reference.assign("IOR.LINERLOG.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("The Rlogin service enables network administrators to remotely manage *DEVICETYPE* devices. However, the protocol provides no encryption or encoding, so all network traffic, including the authentication, is transmitted between the client and the server in clear text.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addValue(paragraphPointer, lineWithRLogin); + if (lineWithRLogin > 1) + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* lines had the Rlogin service enabled. These lines are listed in Table *TABLEREF*.")); + else + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* line had the Rlogin service enabled. This line is shown in Table *TABLEREF*.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "SEC-LINERLOGIN-TABLE"); + if (errorCode != 0) + return errorCode; + if (lineWithRLogin > 1) + paragraphPointer->table->title.assign(i18n("Administration lines that have the Rlogin service enabled")); + else + paragraphPointer->table->title.assign(i18n("Administration line that has the Rlogin service enabled")); + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Exec"), false); + device->addTableHeading(paragraphPointer->table, i18n("Login"), false); + device->addTableHeading(paragraphPointer->table, i18n("Level"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*ACL*-ABBREV*"), false); + + linePointer = line; + found = true; + while (linePointer != 0) + { + + // If line is used... + if ((linePointer->type == lineVTY) && (linePointer->rlogin == true) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + { + switch (linePointer->type) + { + case lineConsole: + device->addTableData(paragraphPointer->table, i18n("Console")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + case lineAUX: + device->addTableData(paragraphPointer->table, i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + if (linePointer->exec == true) + { + device->addTableData(paragraphPointer->table, i18n("Yes")); + switch (linePointer->login) + { + case loginWithNoPassword: + device->addTableData(paragraphPointer->table, i18n("No Authentication")); + break; + case loginLinePassword: + device->addTableData(paragraphPointer->table, i18n("Line Password")); + break; + case loginLocal: + device->addTableData(paragraphPointer->table, i18n("Local Users")); + break; + case loginTACACS: + device->addTableData(paragraphPointer->table, i18n("TACACS Style")); + break; + default: + device->addTableData(paragraphPointer->table, i18n("AAA Authentication")); + break; + } + } + else + { + device->addTableData(paragraphPointer->table, i18n("No")); + device->addTableData(paragraphPointer->table, i18n("N/A")); + } + tempString.assign(device->intToString(linePointer->privilege)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + device->addTableData(paragraphPointer->table, linePointer->aclIn.c_str()); + if (linePointer->aclIn.empty()) + found = false; + } + linePointer = linePointer->next; + } + + // Issue impact... + securityIssuePointer->impactRating = 8; // HIGH + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker or malicious user who was able to monitor the network traffic between a Rlogin server and client would be able to capture the authentication credentials and any data. Furthermore, the attacker could then use the authentication credentials to gain a level of access to *DEVICENAME*.")); + + // Issue ease... + securityIssuePointer->easeRating = 7; // EASY + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("Network packet and password sniffing tools are widely available on the Internet and some of the tools are specifically designed to capture clear-text protocol authentication credentials. In a switched environment an attacker may not be able to capture network traffic destined for other devices without performing an additional attack, such as exploiting *ABBREV*ARP*-ABBREV* or routing vulnerabilities.")); + if (found == true) + { + securityIssuePointer->easeRating = 4; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.append(i18n("Although access to the Rlogin service has been restricted with the use of *ABBREV*ACLs*-ABBREV*, a skilled attacker may be able to bypass any network filtering in order to gain access.")); + } + + // Issue recommendation... + securityIssuePointer->fixRating = 3; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that all clear text protocol services should be replaced by their cryptographically secure counterparts.")); + if (sshEnabled == true) + { + paragraphPointer->paragraph.append(i18n(" The *ABBREV*SSH*-ABBREV* service is already configured on *DEVICENAME*. *COMPANY* recommends that this should be used as a cryptographically secure alternative to Rlogin.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("The Rlogin and *ABBREV*SSH*-ABBREV* services are both configured or disabled using the same line command. To disable Rlogin and enable *ABBREV*SSH*-ABBREV* use the following line mode command:*CODE**COMMAND*transport input ssh*-COMMAND**-CODE*")); + } + else if (sshSupported == true) + { + paragraphPointer->paragraph.append(i18n(" *DEVICETYPE* devices support the *ABBREV*SSH*-ABBREV* service, which is a cryptographically secure alternative to Rlogin. *COMPANY* recommends that this service should be used as an alternative.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("The Rlogin and *ABBREV*SSH*-ABBREV* services are both configured or disabled using the same line command. To disable Rlogin and enable *ABBREV*SSH*-ABBREV* use the following line mode command:*CODE**COMMAND*transport input ssh*-COMMAND**-CODE*")); + } + else + { + securityIssuePointer->fixRating = 8; // Involved + paragraphPointer->paragraph.append(i18n(" *COMPANY* recommends that the *ABBREV*SSH*-ABBREV* service is used as a cryptographically secure alternative to Rlogin. However, the *DEVICEOS* will need to be upgraded to a version that supports the *ABBREV*SSH*-ABBREV* service.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("Rlogin can be disabled with the following line mode command:*CODE**COMMAND*transport input none*-COMMAND**-CODE*")); + } + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("the Rlogin service was enabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable the Rlogin service")); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "IOS.LINENACL.1"); + } + + return errorCode; +} diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration.cpp.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration.cpp.svn-base new file mode 100644 index 0000000..78b18a3 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration.cpp.svn-base @@ -0,0 +1,862 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "iosdevice.h" +#include "general.h" +#include "administration.h" +#include "authentication.h" +#include "../device/common/configline.h" + +IOSAdministration::IOSAdministration() +{ + // Device specific options... + rloginEnabled = false; + httpConfigured = false; // Has http-server been configured already? + configIncludesSSH = false; // Set to true if in the lines mention SSH or there is an ssh line + cdpSupported = true; // Is CDP supported (globally, see interfaces for per interface activation) + cdpEnabled = true; // Is CDP enabled + cdpVersionSupported = false; // Is CDP version supported + cdpVersion = 2; // CDP version + + // General... + generalSettings = true; // Show the general settings section? + + // Telnet... + telnetSupported = true; // Is telnet supported? + disableTelnet = i18n("Telnet must be disabled on *DEVICETYPE* devices for each line that the service is enabled. If supported, the *ABBREV*SSH*-ABBREV* protocol can also be enabled using the same command. This can be done using the following command:*CODE**COMMAND*transport input *CMDOPTION*none *CMDOR* ssh*-CMDOPTION**-COMMAND**-CODE*"); // How to disable telnet text... + + // Device specific options... + sshSupported = false; // Does this device support SSH? + ssh2Supported = false; // Does the device support SSH version 2? + sshUpgrade = true; // Do you have to upgrade? + ssh2upgrade = true; + sshRetries = 3; // The SSH login retries + sshNegTimeout = 120; // The SSH negotiation timeout + configSSHSupport = i18n("The *ABBREV*SSH*-ABBREV* service can be configured on each line with the following command:*CODE**COMMAND*transport input ssh*-COMMAND**-CODE*"); // How to configure SSH... + configSSHv2Support = i18n("When *ABBREV*SSH*-ABBREV* protocol version 2 support is configured on *DEVICETYPE* devices, support for version 1 will be disabled. This can be configured with the following command:*CODE**COMMAND*ip ssh version 2*-COMMAND**-CODE*"); // How to configure protocol version 2 support only + sshConfigProtocolSupport = i18n("*DEVICETYPE* devices support both *ABBREV*SSH*-ABBREV* protocol versions 1 and 2. Support for *ABBREV*SSH*-ABBREV* was introduced in *ABBREV*IOS*-ABBREV* version 12.0(5) and support for *ABBREV*SSH*-ABBREV* protocol version 2 was added from *ABBREV*IOS*-ABBREV* version 12.3(2). *ABBREV*IOS*-ABBREV* devices that support both versions of the *ABBREV*SSH*-ABBREV* protocol default to allowing connections from clients using either version."); + + // HTTP(S) options... + httpSupported = false; // Does this device support HTTP + httpsSupported = false; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpPort = 80; // HTTP port + httpsEnabled = false; // Is the HTTPS service enabled? + httpsPort = 443; // HTTPS port + httpSpecificTimeout = true; // A HTTP Specific Timeout? + httpTimeout = 180; // The HTTP Timeout (secs) + configHTTPTimeout = i18n("The *ABBREV*HTTP*-ABBREV* server timeout can be configured with the following command:*CODE**COMMAND*ip http timeout-policy idle *CMDUSER*seconds*-CMDUSER* life *CMDUSER*seconds*-CMDUSER* requests *CMDUSER*number*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure the timeout + httpLabel = i18n("*ABBREV*HTTP*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*HTTPS*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + httpSpecificHost = true; // Does HTTP have its own access list? + httpHostsRequired = false; // Is the host configuration required? + showHTTPHostInterface = false; // Show the Interface column in the host table? + showHTTPHostAccess = false; // Show the Access column in the host table? + configHTTPHostAccess = i18n("Management hosts can be configured by applying an *ABBREV*ACL*-ABBREV*. An *ABBREV*ACL*-ABBREV* can be configured and applied using the following commands:*CODE**COMMAND*ip access-list standard *CMDUSER*access-list-number*-CMDUSER**-COMMAND**COMMAND*remark *CMDUSER*description*-CMDUSER**-COMMAND**COMMAND*permit *CMDUSER*ip-address*-CMDUSER* *CMDUSER*wildcard*-CMDUSER* *CMDOPTION*log*-CMDOPTION**-COMMAND**COMMAND*ip http access-class *CMDUSER*acl-number*-CMDUSER**-COMMAND**-CODE*"); // How to configure HTTP Management hosts... + disableHTTP = i18n("The *ABBREV*HTTP*-ABBREV* server can be disabled using the following command:*CODE**COMMAND*no ip http server*-COMMAND**-CODE*"); // How to disable HTTP text... + configHTTPSSupport = i18n("The *ABBREV*HTTPS*-ABBREV* server can be enabled using the following command:*CODE**COMMAND*ip http secure-server*-COMMAND**-CODE*"); // How to configure HTTPS... + cipherConfigSupported = true; // Can the Ciphers be configured? + configCipherText = i18n("The most secure cipher suite supported by *DEVICETYPE* devices can be configured with the following command:*CODE**COMMAND*ip http secure-ciphersuite 3des-ede-cbc-sha*-COMMAND**-CODE*"); // The text to configure a strong cipher. + + // BOOTP Support... + bootPServerSupported = false; // Is BOOTP supported? + bootPEnabled = true; // Is BOOTP enabled? + configDisableBootP = i18n("The *ABBREV*BOOTP*-ABBREV* service can be disabled with the following command:*CODE**COMMAND*no ip bootp server*-COMMAND**-CODE*"); // Config report text to disable bootp + + // Finger Support... + fingerServiceSupported = true; // Is the finger service supported? + fingerServiceEnabled = false; // Is the finger service enabled? + configDisableFinger = i18n(""); // Config report text to disable finger + + // Device specific inits... + line = 0; + + + aaaUsed = false; // If aaa is used, it overrides the line configuration... +} + + +int IOSAdministration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + lineConfig *linePointer = 0; + cipherConfig *cipherPointer = 0; + bool setting = false; + int tempInt = 0; + int errorCode = 0; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // IP + if (strcmp(command->part(tempInt), "ip") == 0) + { + tempInt++; + + // HTTP... + if (strcmp(command->part(tempInt), "http") == 0) + { + tempInt++; + httpSupported = true; + + // Server... + if (strcmp(command->part(tempInt), "server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + httpConfigured = true; + httpEnabled = setting; + } + + // Server port... + else if (strcmp(command->part(tempInt), "port") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Server Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == false) + httpPort = 80; + else + httpPort = atoi(command->part(tempInt + 1)); + } + + // Server ACL... + else if (strcmp(command->part(tempInt), "access-class") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP ACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + httpSpecificHost = false; + httpAcl.assign(command->part(tempInt + 1)); + } + + // sercure Server... + else if (strcmp(command->part(tempInt), "secure-server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTPS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + httpsSupported = true; + httpsEnabled = setting; + } + + // sercure Server port... + else if (strcmp(command->part(tempInt), "secure-port") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTPS Server Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + httpsSupported = true; + if (setting == false) + httpsPort = 443; + else + httpsPort = atoi(command->part(tempInt + 1)); + } + + // sercure Server ciphers... + else if (strcmp(command->part(tempInt), "secure-ciphersuite") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTPS Server Ciphers Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + httpsSupported = true; + if (setting != false) + { + tempInt += 2; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "3des-ede-cbc-sha") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*3DES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 168; + cipherPointer->ssl3 = true; + } + + else if (strcmp(command->part(tempInt), "rc4-128-sha") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 128; + cipherPointer->ssl3 = true; + } + + else if (strcmp(command->part(tempInt), "rc4-128-md5") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 128; + cipherPointer->ssl3 = true; + } + + else if (strcmp(command->part(tempInt), "des-cbc-sha") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*DES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 56; + cipherPointer->ssl3 = true; + } + tempInt++; + } + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + // SSH... + else if (strcmp(command->part(tempInt), "ssh") == 0) + { + tempInt++; + sshSupported = true; + + // Version... + if (strcmp(command->part(tempInt), "version") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Version Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ssh2Supported = true; + if (setting == false) + sshVersion = 0; + else if (strcmp(command->part(tempInt + 1), "1") == 0) + sshVersion = 1; + else + sshVersion = 2; + } + + // Port... + else if (strcmp(command->part(tempInt), "port") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == false) + sshPort = 22; + else + sshPort = atoi(command->part(tempInt + 1)); + } + + // auth retries... + else if (strcmp(command->part(tempInt), "authentication-retries") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Auth Retry Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == false) + sshRetries = 3; + else + sshRetries = atoi(command->part(tempInt + 1)); + } + + // negotiation timeout... + else if (strcmp(command->part(tempInt), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Neg timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == false) + sshNegTimeout = 120; + else + sshNegTimeout = atoi(command->part(tempInt + 1)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + + // BootP... + else if ((strcmp(command->part(tempInt), "bootp") == 0) && (strcmp(command->part(tempInt + 1), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sBOOTP Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + bootPEnabled = setting; + bootPServerSupported = true; + } + + // Finger... + else if (strcmp(command->part(tempInt), "finger") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFinger Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + fingerServiceEnabled = setting; + fingerServiceSupported = true; + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + // CDP + else if ((strcmp(command->part(tempInt), "cdp") == 0) && (strcmp(command->part(tempInt + 1), "run") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCDP Run Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + cdpEnabled = setting; + } + + // Service... + else if (strcmp(command->part(tempInt), "service") == 0) + { + tempInt++; + + if (strcmp(command->part(tempInt), "finger") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFinger Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + fingerServiceEnabled = setting; + fingerServiceSupported = true; + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + + // Lines... + else if (strcmp(command->part(tempInt), "line") == 0) + { + while ((strcmp(command->part(0), "!") != 0) && (feof(device->inputFile) == 0)) + { + + // New line... + if (strcmp(command->part(tempInt), "line") == 0) + { + tempInt++; + if (device->config->reportFormat == Config::Debug) + printf("%sLine Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + linePointer = addLine(); + + if ((strcmp(command->part(tempInt), "con") == 0) || (strcmp(command->part(tempInt), "concole") == 0)) + { + linePointer->type = lineConsole; + linePointer->defaultSettings = false; + linePointer->ssh = false; + linePointer->telnet = false; + linePointer->rlogin = false; + linePointer->all = false; + } + else if ((strcmp(command->part(tempInt), "aux") == 0) || (strcmp(command->part(tempInt), "auxiliary") == 0)) + { + linePointer->type = lineAUX; + linePointer->defaultSettings = false; + linePointer->ssh = false; + linePointer->telnet = false; + linePointer->rlogin = false; + linePointer->all = false; + } + else if (strcmp(command->part(tempInt), "tty") == 0) + linePointer->type = lineTTY; + else + linePointer->type = lineVTY; + tempInt++; + + linePointer->lineStart = atoi(command->part(tempInt)); + tempInt++; + linePointer->lineEnd = atoi(command->part(tempInt)); + } + + // Exec... + else if ((strcmp(command->part(tempInt), "exec") == 0) && (linePointer != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Exec Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + linePointer->exec = setting; + } + + // Login Timeout + else if ((strcmp(command->part(tempInt), "login") == 0) && (strcmp(command->part(tempInt + 1), "timeout") == 0) && (strcmp(command->part(tempInt + 2), "response") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Session Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 3; + linePointer->loginTimeout = atoi(command->part(tempInt)); + } + + // Login... + else if ((strcmp(command->part(tempInt), "login") == 0) && (linePointer != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Login Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == false) + linePointer->login = loginWithNoPassword; + else if (command->parts == tempInt) + linePointer->login = loginLinePassword; + else if (strcmp(command->part(tempInt), "local") == 0) + linePointer->login = loginLocal; + else if (strcmp(command->part(tempInt), "authentication") == 0) + linePointer->login = loginAuthentication; + else if (strcmp(command->part(tempInt), "tacacs") == 0) + linePointer->login = loginTACACS; + } + + // Password + else if (strcmp(command->part(tempInt), "password") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Password Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == false) + linePointer->password.erase(); + else + { + // If just password... + if (tempInt + 1 == command->parts) + linePointer->password.assign(command->part(tempInt)); + else if (strcmp(command->part(tempInt), "0") == 0) + { + tempInt++; + linePointer->password.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "7") == 0) + { + tempInt++; + linePointer->password.assign(device->ciscoType7Decode(command->part(tempInt))); + } + else + { + tempInt++; + linePointer->encryption = true; + linePointer->password.assign(command->part(tempInt)); + } + } + } + + // Access-Class In + else if ((strcmp(command->part(tempInt), "access-class") == 0) && (strcmp(command->part(tempInt + 2), "in") == 0)) + { + tempInt++; + if (device->config->reportFormat == Config::Debug) + printf("%sLine Access Class In Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + linePointer->aclIn.assign(command->part(tempInt)); + } + + // Access-Class Out + else if ((strcmp(command->part(tempInt), "access-class") == 0) && (strcmp(command->part(tempInt + 2), "out") == 0)) + { + tempInt++; + if (device->config->reportFormat == Config::Debug) + printf("%sLine Access Class Out Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + linePointer->aclOut.assign(command->part(tempInt)); + } + + // Callback + else if (strcmp(command->part(tempInt), "callback") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Call Back Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + linePointer->callback = setting; + } + + // Transport Input... + else if ((strcmp(command->part(tempInt), "transport") == 0) && (strcmp(command->part(tempInt + 1), "input") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Transport Input Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + linePointer->defaultSettings = false; + tempInt += 2; + if (strcmp(command->part(tempInt), "none") == 0) + { + linePointer->ssh = false; + linePointer->telnet = false; + linePointer->rlogin = false; + linePointer->all = false; + } + else if (strcmp(command->part(tempInt), "all") == 0) + { + linePointer->ssh = true; + linePointer->telnet = true; + linePointer->rlogin = true; + linePointer->all = true; + } + else + { + linePointer->ssh = false; + linePointer->telnet = false; + linePointer->rlogin = false; + linePointer->all = false; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "ssh") == 0) + { + linePointer->ssh = true; + configIncludesSSH = true; + sshSupported = true; + } + else if (strcmp(command->part(tempInt), "telnet") == 0) + linePointer->telnet = true; + else if (strcmp(command->part(tempInt), "rlogin") == 0) + linePointer->rlogin = true; + tempInt++; + } + } + } + + // Transport Output... + else if ((strcmp(command->part(tempInt), "transport") == 0) && (strcmp(command->part(tempInt + 1), "output") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Transport Output Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (strcmp(command->part(tempInt + 2), "none") == 0) + linePointer->output = false; + else + linePointer->output = true; + } + + // Privilege Level... + else if ((strcmp(command->part(tempInt), "privilege") == 0) && (strcmp(command->part(tempInt + 1), "level") == 0)) + { + tempInt += 2; + if (device->config->reportFormat == Config::Debug) + printf("%sLine Privilege Level Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting != false) + linePointer->privilege = atoi(command->part(tempInt)); + } + + // AAA - Accounting + else if (strcmp(command->part(tempInt), "accounting") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Accounting Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + linePointer->accounting = true; + if (strcmp(command->part(tempInt), "commands") == 0) + tempInt++; + tempInt++; + linePointer->accList.assign(command->part(tempInt)); + } + + // AAA - Authorization + else if (strcmp(command->part(tempInt), "authorization") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Authorization Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + linePointer->authorization = true; + if (strcmp(command->part(tempInt), "commands") == 0) + tempInt++; + tempInt++; + linePointer->authList.assign(command->part(tempInt)); + } + + // Exec Timeout + else if (strcmp(command->part(tempInt), "exec-timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Exec Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + linePointer->execTimeout = atoi(command->part(tempInt)) * 60; + tempInt++; + if (tempInt < command->parts) + linePointer->execTimeout = linePointer->execTimeout + atoi(command->part(tempInt)); + } + + // Absolute Timeout + else if (strcmp(command->part(tempInt), "absolute-timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Absolute Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + linePointer->absoluteTimeout = atoi(command->part(tempInt)) * 60; + } + + // Session Timeout + else if (strcmp(command->part(tempInt), "session-timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Session Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + linePointer->sessionTimeout = atoi(command->part(tempInt)) * 60; + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return errorCode; +} + + +int IOSAdministration::processDefaults(Device *device) +{ + // Variables... + Authentication::localUserConfig *localPointer = 0; + lineConfig *linePointer = 0; + cipherConfig *cipherPointer = 0; + string tempString; + + // Disable services by default... + telnetEnabled = false; + sshEnabled = false; + rloginEnabled = false; + + // Sort out CDP verison... + if (device->general != 0) + { + if (device->general->versionMajor < 12) + cdpVersion = 1; + } + + // Is this an IOS version that is LIKELY to have SSH? + if (device->general != 0) + { + if (device->general->versionMajor == 0) + { } + else if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 0)) || ((device->general->versionMajor == 12) && (device->general->versionMinor == 0) && (device->general->versionRevision > 0))) + { + configIncludesSSH = true; + sshSupported = true; + if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && ((device->general->versionMinor > 3) || ((device->general->versionMinor == 3) && (device->general->versionRevision > 1))))) + ssh2Supported = true; + } + } + + // BootP + if ((device->general != 0) && (bootPServerSupported == false)) + { + if (device->general->versionMajor == 0) + { } + else if ((device->general->versionMajor > 11) || ((device->general->versionMajor == 11) && (device->general->versionMinor > 1))) + bootPServerSupported = true; + } + + // Finger + if ((device->general != 0) && (fingerServiceSupported == false)) + { + if (device->general->versionMajor == 0) + { } + else if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 1)) || ((device->general->versionMajor == 12) && (device->general->versionMinor == 1) && (device->general->versionRevision > 4))) + { + fingerServiceSupported = true; + fingerServiceEnabled = false; + } + else if ((device->general->versionMajor > 11) || ((device->general->versionMajor == 11) && (device->general->versionMinor > 2))) + { + fingerServiceSupported = true; + fingerServiceEnabled = true; + } + } + + // Is this an IOS version that is LIKELY to have HTTP(S)? + if (device->general != 0) + { + if (device->general->versionMajor == 0) + { } + else if ((device->general->versionMajor > 11) || ((device->general->versionMajor == 11) && (device->general->versionMinor > 1))) + { + httpSupported = true; + httpsUpgrade = true; + if (httpConfigured == false) + httpEnabled = true; + if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && ((device->general->versionMinor > 3) || ((device->general->versionMinor == 3) && (device->general->versionRevision > 14))))) + httpsSupported = true; + } + } + + // HTTPS ciphers... + if (httpsSupported == true) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*3DES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 168; + cipherPointer->ssl3 = true; + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 128; + cipherPointer->ssl3 = true; + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 128; + cipherPointer->ssl3 = true; + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*DES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 56; + cipherPointer->ssl3 = true; + } + + // Fixup the line and service defaults... + linePointer = line; + while (linePointer != 0) + { + + // If AAA is used, the login must be handled by AAA + if (aaaUsed == true) + linePointer->login = loginAuthentication; + + // Add line password to local authentication list... + if (!linePointer->password.empty()) + { + switch (linePointer->type) + { + case lineConsole: + tempString.assign(i18n("Console Line")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + tempString.append(i18n(" Line")); + break; + case lineAUX: + tempString.assign(i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + tempString.append(i18n(" Line")); + break; + } + + localPointer = device->authentication->getUser(tempString.c_str()); + if (linePointer->privilege == 15) + localPointer->adminAccess = true; + tempString.assign(device->intToString(linePointer->privilege)); + localPointer->privilegeLevel.assign(tempString); + localPointer->aclSupported = true; + localPointer->outboundACL.assign(linePointer->aclOut); + localPointer->password.assign(linePointer->password); + if (linePointer->encryption == true) + localPointer->encryption = Authentication::md5Encryption; + else + localPointer->encryption = Authentication::clearText; + } + + // If default... + if (linePointer->defaultSettings == true) + { + if ((device->general->versionMajor < 11) || ((device->general->versionMajor == 11) && (device->general->versionMinor == 0))) + { + linePointer->telnet = true; + linePointer->rlogin = true; + linePointer->all = true; + } + else + { + linePointer->telnet = true; + linePointer->rlogin = true; + linePointer->all = false; + } + } + + // If not a router, terminate the rlogon... + if (device->isRouter == false) + linePointer->rlogin = false; + + // If Nipper THINKS that SSH is not available... + if (configIncludesSSH == false) + linePointer->ssh = false; + + // Telnet... + if ((linePointer->telnet == true) && (linePointer->exec == true)) + telnetEnabled = true; + if ((linePointer->telnet == true) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + telnetLoginAllowed = true; + + // SSH... + if ((linePointer->ssh == true) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + sshEnabled = true; + + // Rlogin... + if (linePointer->rlogin == true) + rloginEnabled = true; + + linePointer = linePointer->next; + } + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration.h.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration.h.svn-base new file mode 100644 index 0000000..afbd97d --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/administration.h.svn-base @@ -0,0 +1,133 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef iosdeviceadministration_H +#define iosdeviceadministration_H + +#include "../device/administration/administration.h" + + +class IOSAdministration : public Administration +{ + public: + IOSAdministration(); + + // Device specific methods... + int generateSecuritySpecificReport(Device *device); + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + int generateDeviceTelnetConfig(Device *device); // A device specific config report output + int generateDeviceSSHConfig(Device *device); // A device specific config report output + + + // ----------------------------------------------------------------------- + // Misc Device Specific Support... + // ----------------------------------------------------------------------- + + virtual int generateDeviceHTTPConfig(Device *device); // A device specific config report output + virtual int generateDeviceSpecificConfig(Device *device); + + bool telnetLoginAllowed; // Are people allowed to login + bool configIncludesSSH; // Set to true if in the lines mention SSH or there is an ssh line + bool httpConfigured; // Has http-server been configured already? + int sshRetries; // The SSH login retries + int sshNegTimeout; // The SSH negotiation timeout + bool rloginEnabled; // Is the Rlogin service enabled? + string httpAcl; // The HTTP server ACL + + bool aaaUsed; // If aaa is used, it overrides the line configuration... + + + // ----------------------------------------------------------------------- + // Lines Support... + // ----------------------------------------------------------------------- + + enum lineType + { + lineConsole = 0, + lineVTY = 1, + lineAUX = 2, + lineTTY = 3 + }; + + enum loginType + { + loginWithNoPassword = 0, // Oh no (doesn't apply to VTY - they need a password) + loginLinePassword = 1, // The Line password (ouch) + loginLocal = 2, // Local Security Database (i.e. username) + loginTACACS = 3, // TACACS-style + loginAuthentication = 4 // AAA (recommended) + }; + + struct lineConfig + { + // Basics... + enum lineType type; // line_console... + int lineStart; // i.e. VTY - 0 + int lineEnd; // i.e. VTY - 4 + // Security... + enum loginType login; // + bool exec; // true (default) or false + int privilege; // The privilege level for the line (0..15) + bool callback; // true or false (default) + string password; // A Line password (if configured) + bool encryption; // true or false for the password + bool passwordInDict; // Is it a dictionary-based password + Device::weakPasswordEnum passwordWeak; // Is it a weak password + string aclIn; + string aclOut; + // AAA... + bool accounting; + string accList; + bool authorization; + string authList; + // Access Services... + bool output; // Output allowed + bool defaultSettings; // true if no transport line has been set + bool ssh; // true, false + bool telnet; // true, false + bool rlogin; // true, false + bool all; // true, false + // Timeouts... + int execTimeout; // Exec timeout in seconds, 0 = no timeout (default) + int absoluteTimeout; + int sessionTimeout; + int loginTimeout; + struct lineConfig *next; + }; + + lineConfig *line; + + lineConfig *addLine(); // Add a new line... +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/authentication.cpp.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/authentication.cpp.svn-base new file mode 100644 index 0000000..8ed9112 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/authentication.cpp.svn-base @@ -0,0 +1,784 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "iosdevice.h" +#include "authentication.h" +#include "administration.h" +#include "../device/common/configline.h" + + +IOSAuthentication::IOSAuthentication() +{ + // General... + authenticationConfigIntro = i18n("This section describes the various *DEVICETYPE* device authentication settings."); // Introduction text to the whole section + loginAttemptsSupported = false; // Login attempts supported + loginAttempts = 0; // Login attempts allowed (0 = infinite) + accessWithoutAuthentication = false; // Set to true if access is allowed without authentication + configAccessAuthentication = "The following commands can be used on *DEVICETYPE* devices to configure the enable password and a local user:*CODE**COMMAND*enable secret *CMDUSER*password*-CMDUSER**-COMMAND**COMMAND*username *CMDUSER*user*-CMDUSER* secret *CMDUSER*password*-CMDUSER**-COMMAND**-CODE*"; // The text and commands to configure access authentication with a password + + // Authentication Methods... + authMethodSupported = true; // Authentication Method Supported + appliesToSupported = true; // Applies To Supported + namedAuthSupport = true; // Are auth servers named? + showAuthLevel = true; // Show auth level + + // Local User Options... + encryptionSupported = true; // Show encryption + readOnlySupported = false; // Is read only supported? + outboundACLSupported = true; // Are outbound filtering ACL supported? + privilegeLevelSupported = true; // Are privilege levels supported? + privilegeLevelText = i18n("Privilege Level"); // The table title privilege level text + configDeviceSpecificLocalUsers = "The users can be assigned to different privilege levels which are configurable and determine the level of access granted. A level 15 user is the highest level and is typically reserved for management of the device. The enable user password is typically used for performing administration on *DEVICETYPE* devices. However if an enable user password has not been configured, a line password will be used instead."; // Text for the config report local user section. + filterText = i18n("*ABBREV*ACL*-ABBREV*"); // The table filter column title text + + // TACACS Options... + showTacacsGroupName = true; // Show the TACACS group + showTacacsRetries = false; // Show the TACACS retries + configTacacsKey = i18n("The following command can be used to set the global *ABBREV*TACACS+*-ABBREV* server key:*CODE*tacacs-server key *CMDUSER*key*-CMDUSER**-CODE*"); // The text and commands to configure a TACACS+ key + + // RADIUS Options... + showRadiusGroupName = true; // Show the RADIUS group + configRadiusKey = i18n("The following command can be used to set the global *ABBREV*RADIUS*-ABBREV* server key:*CODE*radius-server key *CMDUSER*key*-CMDUSER**-CODE*"); // The text and commands to configure a RADIUS key + + // KERBEROS Options... + showKerberosGroupName = false; // Show the KERBEROS group + showKerberosTimeout = false; // Show Kerberos timeout + showKerberosRetries = false; // Show Kerberos retries + + // LDAP Options... + showLDAPGroupName = false; // Show the LDAP group + showLDAPPassword = false; // Show LDAP password + configLDAPPassword = i18n(""); // The text and commands to configure an LDAP server password + + // SecurID Options... + showSecurIDGroupName = false; // Show the SecurID group + showSecurIDDuress = false; // Show the SecurID Duress + showSecurIDEncryption = false; // Show the SecurID Encryption + + // NT Options... + showNTGroupName = false; // Show the NT group + + + tacacsPort = 49; + tacacsTimeout = 5; + radiusPort = 1645; + radiusTimeout = 5; + radiusRetries = 3; + tacacsKeyEnc = clearText; + radiusKeyEnc = clearText; +} + + +int IOSAuthentication::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + localUserConfig *localUserPointer = 0; + tacacsServerConfig *tacacsPointer = 0; + radiusServerConfig *radiusPointer = 0; + kerberosServerConfig *kerberosPointer = 0; + authConfig *authPointer = 0; + string tempString; + bool setting = false; + int tempInt = 0; + int errorCode = 0; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // AAA + if (strcmp(command->part(0), "aaa") == 0) + { + ((IOSAdministration *)device->administration)->aaaUsed = true; + + if ((strcmp(command->part(2), "enable") == 0) || (strcmp(command->part(2), "login") == 0) || (strcmp(command->part(2), "dot1x") == 0) || (strcmp(command->part(2), "ppp") == 0) || (strcmp(command->part(2), "arap") == 0) || (strcmp(command->part(2), "eou") == 0) || (strcmp(command->part(2), "sgbp") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Authentication Method Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempInt = 4; + while (tempInt < command->parts) + { + authPointer = addMethod(); + authPointer->level.assign(command->part(2)); + if (strcmp(command->part(3), "default") != 0) + authPointer->appliesTo.assign(command->part(3)); + if (strcmp(command->part(tempInt), "none") == 0) + authPointer->method = noAuthRequired; + else if (strcmp(command->part(tempInt), "local") == 0) + authPointer->method = localAuth; + else if (strcmp(command->part(tempInt), "local-case") == 0) + authPointer->method = localAuth; + else if (strcmp(command->part(tempInt), "krb5") == 0) + authPointer->method = kerberosAuth; + else if (strcmp(command->part(tempInt), "krb5-telnet") == 0) + authPointer->method = kerberosAuth; + else if (strcmp(command->part(tempInt), "line") == 0) + authPointer->method = lineAuth; + else if (strcmp(command->part(tempInt), "enable") == 0) + authPointer->method = enableAuth; + else if (strcmp(command->part(tempInt), "group") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "radius") == 0) + authPointer->method = radiusAuth; + else if (strcmp(command->part(tempInt), "tacacs+") == 0) + authPointer->method = tacacsAuth; + else + { + authPointer->method = serverGroupAuth; + authPointer->name.assign(command->part(tempInt)); + } + } + tempInt++; + } + } + + else if ((strcmp(command->part(1), "group") == 0) && (strcmp(command->part(3), "tacacs+") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA TACACS+ Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + groupName.assign(command->part(4)); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((feof(device->inputFile) == 0) && (line[0] != '!')) + { + + // Server + if (strcmp(command->part(0), "server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Group Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = addTacacsServer(); + tacacsPointer->groupName.assign(groupName); + tacacsPointer->address.assign(command->part(1)); + tacacsPointer->timeout = tacacsTimeout; + tacacsPointer->port = tacacsPort; + tacacsPointer->key.assign(tacacsKey); + tacacsPointer->encryption = tacacsKeyEnc; + } + + // Private Server + else if (strcmp(command->part(0), "server-private") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Group Server Private Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = addTacacsServer(); + tacacsPointer->groupName.assign(groupName); + tacacsPointer->address.assign(command->part(1)); + tacacsPointer->timeout = tacacsTimeout; + tacacsPointer->port = tacacsPort; + tacacsPointer->key.assign(tacacsKey); + tacacsPointer->encryption = tacacsKeyEnc; + tempInt = 2; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "key") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "0") == 0) + { + tempInt++; + tacacsPointer->key.assign(command->part(tempInt)); + tacacsPointer->encryption = clearText; + } + else if (strcmp(command->part(tempInt), "7") == 0) + { + tempInt++; + tacacsPointer->key.assign(device->ciscoType7Decode(command->part(tempInt))); + tacacsPointer->encryption = cisco7Encryption; + if (tacacsPointer->key.empty()) + { + tacacsPointer->key.assign(command->part(tempInt)); + tempString.assign("tacacs-"); + tempString.append(tacacsPointer->address); + device->addJohnPassword(tempString.c_str(), command->part(tempInt)); + tacacsPointer->encryption = md5Encryption; + } + } + else + { + tacacsPointer->key.assign(command->part(tempInt)); + tacacsPointer->encryption = clearText; + } + } + else if (strcmp(command->part(tempInt), "port") == 0) + { + tempInt++; + tacacsPointer->port = atoi(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "timeout") == 0) + { + tempInt++; + tacacsPointer->timeout = atoi(command->part(tempInt)); + } + tempInt++; + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + } + + else if ((strcmp(command->part(1), "group") == 0) && (strcmp(command->part(3), "radius") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA RADIUS Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + groupName.assign(command->part(4)); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((feof(device->inputFile) == 0) && (line[0] != '!')) + { + + // Server + if (strcmp(command->part(0), "server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Group Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = addRadiusServer(); + radiusPointer->groupName.assign(groupName); + radiusPointer->address.assign(command->part(1)); + radiusPointer->timeout = radiusTimeout; + radiusPointer->port = radiusPort; + radiusPointer->retries = radiusRetries; + if (strcmp(command->part(2), "auth-port") == 0) + radiusPointer->port = atoi(command->part(3)); + } + + // Private Server + else if (strcmp(command->part(0), "server-private") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Group Server Private Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = addRadiusServer(); + radiusPointer->groupName.assign(groupName); + radiusPointer->address.assign(command->part(1)); + radiusPointer->timeout = radiusTimeout; + radiusPointer->port = radiusPort; + radiusPointer->retries = radiusRetries; + tempInt = 2; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "key") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "0") == 0) + { + tempInt++; + radiusPointer->key.assign(command->part(tempInt)); + radiusPointer->encryption = clearText; + } + else if (strcmp(command->part(tempInt), "7") == 0) + { + tempInt++; + radiusPointer->key.assign(device->ciscoType7Decode(command->part(tempInt))); + radiusPointer->encryption = cisco7Encryption; + if (radiusPointer->key.empty()) + { + radiusPointer->key.assign(command->part(tempInt)); + radiusPointer->encryption = md5Encryption; + tempString.assign("radius-"); + tempString.append(radiusPointer->address); + device->addJohnPassword(tempString.c_str(), command->part(tempInt)); + } + } + else + { + radiusPointer->key.assign(command->part(tempInt)); + radiusPointer->encryption = clearText; + } + } + else if (strcmp(command->part(tempInt), "auth-port") == 0) + { + tempInt++; + radiusPointer->port = atoi(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "retransmit") == 0) + { + tempInt++; + radiusPointer->retries = atoi(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "timeout") == 0) + { + tempInt++; + radiusPointer->timeout = atoi(command->part(tempInt)); + } + tempInt++; + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + // TACACS Key + else if ((strcmp(command->part(0), "tacacs-server") == 0) && (strcmp(command->part(1), "key") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Key Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(2), "0") == 0) + { + tacacsKey.assign(command->part(3)); + tacacsKeyEnc = clearText; + } + else if (strcmp(command->part(2), "7") == 0) + { + tacacsKey.assign(device->ciscoType7Decode(command->part(3))); + tacacsKeyEnc = cisco7Encryption; + if (tacacsKey.empty()) + { + tacacsKey.assign(command->part(3)); + device->addJohnPassword("tacacs", command->part(3)); + tacacsKeyEnc = md5Encryption; + } + } + else + { + tacacsKey.assign(command->part(2)); + tacacsKeyEnc = clearText; + } + } + + // TACACS+ Host + else if ((strcmp(command->part(0), "tacacs-server") == 0) && (strcmp(command->part(1), "host") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = addTacacsServer(); + tacacsPointer->groupName.assign(groupName); + tacacsPointer->address.assign(command->part(2)); + tacacsPointer->timeout = tacacsTimeout; + tacacsPointer->port = tacacsPort; + tacacsPointer->key.assign(tacacsKey); + tacacsPointer->encryption = tacacsKeyEnc; + tempInt = 3; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "key") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "0") == 0) + { + tempInt++; + tacacsPointer->key.assign(command->part(tempInt)); + tacacsPointer->encryption = clearText; + } + else if (strcmp(command->part(tempInt), "7") == 0) + { + tempInt++; + tacacsPointer->key.assign(device->ciscoType7Decode(command->part(tempInt))); + tacacsPointer->encryption = cisco7Encryption; + if (tacacsPointer->key.empty()) + { + tacacsPointer->key.assign(command->part(tempInt)); + tempString.assign("tacacs-"); + tempString.append(tacacsPointer->address); + device->addJohnPassword(tempString.c_str(), command->part(tempInt)); + tacacsPointer->encryption = md5Encryption; + } + } + else + { + tacacsPointer->key.assign(command->part(tempInt)); + tacacsPointer->encryption = clearText; + } + } + else if (strcmp(command->part(tempInt), "port") == 0) + { + tempInt++; + tacacsPointer->port = atoi(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "timeout") == 0) + { + tempInt++; + tacacsPointer->timeout = atoi(command->part(tempInt)); + } + tempInt++; + } + } + + // TACACS+ Timeout + else if ((strcmp(command->part(0), "tacacs-server") == 0) && (strcmp(command->part(1), "timeout") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsTimeout = atoi(command->part(2)); + } + + // Kerberos + else if ((strcmp(command->part(0), "kerberos") == 0) && (strcmp(command->part(1), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sKerberos Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + kerberosPointer = addKerberosServer(); + kerberosPointer->address.assign(command->part(3)); + kerberosPointer->realm.assign(command->part(2)); + if (command->parts == 5) + kerberosPointer->port = atoi(command->part(4)); + else + kerberosPointer->port = 88; + } + + // RADIUS Timeout + else if ((strcmp(command->part(0), "radius-server") == 0) && (strcmp(command->part(1), "timeout") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusTimeout = atoi(command->part(2)); + } + + // RADIUS Retransmit + else if ((strcmp(command->part(0), "radius-server") == 0) && (strcmp(command->part(1), "retransmit") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Retransmit Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusRetries= atoi(command->part(2)); + } + + // RADIUS Key + else if ((strcmp(command->part(0), "radius-server") == 0) && (strcmp(command->part(1), "key") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Key Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(2), "0") == 0) + { + radiusKey.assign(command->part(3)); + radiusKeyEnc = clearText; + } + else if (strcmp(command->part(2), "7") == 0) + { + radiusKey.assign(device->ciscoType7Decode(command->part(3))); + radiusKeyEnc = cisco7Encryption; + if (radiusKey.empty()) + { + radiusKey.assign(command->part(3)); + device->addJohnPassword("radius", command->part(3)); + radiusKeyEnc = md5Encryption; + } + } + else + { + radiusKey.assign(command->part(2)); + radiusKeyEnc = clearText; + } + } + + // RADIUS Host + else if ((strcmp(command->part(0), "radius-server") == 0) && (strcmp(command->part(1), "host") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = addRadiusServer(); + radiusPointer->groupName.assign(groupName); + radiusPointer->address.assign(command->part(2)); + radiusPointer->timeout = radiusTimeout; + radiusPointer->port = radiusPort; + radiusPointer->retries = radiusRetries; + tempInt = 3; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "key") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "0") == 0) + { + tempInt++; + radiusPointer->key.assign(command->part(tempInt)); + radiusPointer->encryption = clearText; + } + else if (strcmp(command->part(tempInt), "7") == 0) + { + tempInt++; + radiusPointer->key.assign(device->ciscoType7Decode(command->part(tempInt))); + radiusPointer->encryption = cisco7Encryption; + if (radiusPointer->key.empty()) + { + radiusPointer->key.assign(command->part(tempInt)); + radiusPointer->encryption = md5Encryption; + device->addJohnPassword("radius", command->part(tempInt)); + } + } + else + { + radiusPointer->key.assign(command->part(tempInt)); + radiusPointer->encryption = clearText; + } + } + else if (strcmp(command->part(tempInt), "auth-port") == 0) + { + tempInt++; + radiusPointer->port = atoi(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "retransmit") == 0) + { + tempInt++; + radiusPointer->retries = atoi(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "timeout") == 0) + { + tempInt++; + radiusPointer->timeout = atoi(command->part(tempInt)); + } + tempInt++; + } + } + + // Enable + else if (strcmp(command->part(tempInt), "enable") == 0) + { + tempInt++; + if (device->config->reportFormat == Config::Debug) + printf("%sEnable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Create user... + if (strcmp(command->part(tempInt), "secret") == 0) + localUserPointer = getUser("enable (secret)"); + else + localUserPointer = getUser("enable (password)"); + tempInt++; + + localUserPointer->adminAccess = true; + // Add level... + if ((strcmp(command->part(tempInt), "level") == 0) || (strcmp(command->part(tempInt), "privilege") == 0)) + { + tempInt++; + localUserPointer->privilegeLevel.assign(command->part(tempInt)); + tempInt++; + } + else + localUserPointer->privilegeLevel.assign("15"); + + // Password... + if (strcmp(command->part(tempInt), "0") == 0) + { + tempInt++; + localUserPointer->encryption = clearText; + localUserPointer->password.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "5") == 0) + { + tempInt++; + localUserPointer->encryption = md5Encryption; + localUserPointer->password.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "6") == 0) + { + tempInt++; + localUserPointer->encryption = aesEncryption; + localUserPointer->password.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "7") == 0) + { + tempInt++; + localUserPointer->encryption = cisco7Encryption; + localUserPointer->password.assign(device->ciscoType7Decode(command->part(tempInt))); + } + else + { + localUserPointer->encryption = clearText; + localUserPointer->password.assign(command->part(tempInt)); + } + } + + // Usernames... + else if (strcmp(command->part(tempInt), "username") == 0) + { + tempInt++; + + if (device->config->reportFormat == Config::Debug) + printf("%sUsername Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + localUserPointer = getUser(command->part(tempInt)); + if (localUserPointer->privilegeLevel.empty()) + localUserPointer->privilegeLevel.assign("1"); + tempInt++; + + while (tempInt < command->parts) + { + + // Add level... + if (strcmp(command->part(tempInt), "privilege") == 0) + { + tempInt++; + localUserPointer->privilegeLevel.assign(command->part(tempInt)); + if (strcmp(command->part(tempInt), "15") == 0) + localUserPointer->adminAccess = true; + } + + // Access Class... + else if (strcmp(command->part(tempInt), "access-class") == 0) + { + tempInt++; + localUserPointer->outboundACL.assign(command->part(tempInt)); + localUserPointer->aclSupported = true; + } + + // Password... + else if ((strcmp(command->part(tempInt), "password") == 0) || (strcmp(command->part(tempInt), "secret") == 0)) + { + tempInt++; + + if (strcmp(command->part(tempInt), "0") == 0) + { + tempInt++; + localUserPointer->encryption = clearText; + localUserPointer->password.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "5") == 0) + { + tempInt++; + localUserPointer->encryption = md5Encryption; + localUserPointer->password.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "6") == 0) + { + tempInt++; + localUserPointer->encryption = aesEncryption; + localUserPointer->password.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "7") == 0) + { + tempInt++; + localUserPointer->encryption = cisco7Encryption; + localUserPointer->password.assign(device->ciscoType7Decode(command->part(tempInt))); + } + else + { + localUserPointer->encryption = clearText; + localUserPointer->password.assign(command->part(tempInt)); + } + } + + tempInt++; + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return errorCode; +} + + +int IOSAuthentication::processDefaults(Device *device) +{ + // Variables... + tacacsServerConfig *tacacsPointer = 0; + radiusServerConfig *radiusPointer = 0; + + // Populate keys... + if (!tacacsKey.empty()) + { + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + if (tacacsPointer->key.empty()) + { + tacacsPointer->key.assign(tacacsKey); + tacacsPointer->encryption = tacacsKeyEnc; + } + tacacsPointer = tacacsPointer->next; + } + } + if (!radiusKey.empty()) + { + radiusPointer = radiusServer; + while (radiusPointer != 0) + { + if (radiusPointer->key.empty()) + { + radiusPointer->key.assign(radiusKey); + radiusPointer->encryption = radiusKeyEnc; + } + radiusPointer = radiusPointer->next; + } + } + + return 0; +} diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/authentication.h.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/authentication.h.svn-base new file mode 100644 index 0000000..8dd6016 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/authentication.h.svn-base @@ -0,0 +1,67 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef deviceiosauthentication_H +#define deviceiosauthentication_H + + +#include "../device/authentication/authentication.h" + + +class IOSAuthentication : public Authentication +{ + public: + + IOSAuthentication(); + + + // ----------------------------------------------------------------------- + // Standard Device Class Methods... + // ----------------------------------------------------------------------- + + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + + + private: + string groupName; + int tacacsPort; + int tacacsTimeout; + int radiusPort; + int radiusTimeout; + int radiusRetries; + string tacacsKey; + passwordEncryption tacacsKeyEnc; + string radiusKey; + passwordEncryption radiusKeyEnc; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/banner.cpp.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/banner.cpp.svn-base new file mode 100644 index 0000000..141e6aa --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/banner.cpp.svn-base @@ -0,0 +1,446 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "iosdevice.h" +#include "banner.h" + + +IOSBanner::IOSBanner() +{ + // Banner settings... + preLogonBanner = true; // Support Banner(s) Before Logon? + postLogonBanner = true; // Support Banner(s) After Logon? + configPreLogonBanner = i18n("The *ABBREV*MOTD*-ABBREV* banner message is shown to all connections to *DEVICETYPE* devices prior to the logon. The *ABBREV*MOTD*-ABBREV* banner message can be configured with the following command:*CODE**COMMAND*banner motd *CMDUSER*delimeter*-CMDUSER* *CMDUSER*banner-message*-CMDUSER* *CMDUSER*delimeter*-CMDUSER**-COMMAND**-CODE*"); // The text that explains how to config a prelogon banner, with commands... + configPostLogonBanner = i18n("The Exec banner is shown to remote and console users after a logon occurs. The Exec banner can be configured with the following command:*CODE**COMMAND*banner exec *CMDUSER*delimeter*-CMDUSER* *CMDUSER*banner-message*-CMDUSER* *CMDUSER*delimeter*-CMDUSER**-COMMAND**-CODE*"); // The text that explains how to config a post logon banner, with commands... +} + + +int IOSBanner::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + bannerStruct *bannerPointer = 0; + char delimeter[3] = {0,0,0}; + string tempString; + int position = 0; + bool end = false; + + // Init + if (strcmp(command->part(0), "no") != 0) + { + + // MOTD... + if (strcmp(command->part(1), "motd") == 0) + { + + // The setup... + if (command->part(2)[0] != '^') + { + delimeter[0] = command->part(2)[0]; + position = 1; + } + else if (strlen(command->part(2)) > 1) + { + delimeter[0] = command->part(2)[0]; + delimeter[1] = command->part(2)[1]; + position = 2; + } + if (strlen(command->part(2) + position) > 0) + { + if (strncmp(command->part(2) + position, (const char *)&delimeter, position) == 0) + end = true; + } + + // Get banner... + if (end == false) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign(i18n("*ABBREV*MOTD*-ABBREV*")); + bannerPointer->description.assign(i18n("The *ABBREV*MOTD*-ABBREV* banner message is presented to users before they logon to *DEVICETYPE* devices. The *ABBREV*MOTD*-ABBREV* banner message configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = anyConnection; + tempString.assign(strstr(line, (const char *)&delimeter) + position); + + // Get the lines... + while ((end == false) && (feof(device->inputFile) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (tempString.find((const char *)&delimeter) != tempString.npos) + { + end = true; + tempString.erase(tempString.find((const char *)&delimeter)); + } + + addBannerLine(bannerPointer, tempString.c_str()); + + // Read a line from the config... + if (end == false) + { + device->readLine(line, lineSize); + tempString.assign(line); + } + } + } + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + } + + // Login... + else if (strcmp(command->part(1), "login") == 0) + { + + // The setup... + if (command->part(2)[0] != '^') + { + delimeter[0] = command->part(2)[0]; + position = 1; + } + else if (strlen(command->part(2)) > 1) + { + delimeter[0] = command->part(2)[0]; + delimeter[1] = command->part(2)[1]; + position = 2; + } + if (strlen(command->part(2) + position) > 0) + { + if (strncmp(command->part(2) + position, (const char *)&delimeter, position) == 0) + end = true; + } + + // Get banner... + if (end == false) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign(i18n("Login")); + bannerPointer->description.assign(i18n("The Login banner message is presented to users before they logon to *DEVICETYPE* devices. The Login banner message configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = anyConnection; + tempString.assign(strstr(line, (const char *)&delimeter) + position); + + // Get the lines... + while ((end == false) && (feof(device->inputFile) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLogin Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (tempString.find((const char *)&delimeter) != tempString.npos) + { + end = true; + tempString.erase(tempString.find((const char *)&delimeter)); + } + + addBannerLine(bannerPointer, tempString.c_str()); + + // Read a line from the config... + if (end == false) + { + device->readLine(line, lineSize); + tempString.assign(line); + } + } + } + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sLogin Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + } + + // Exec... + else if (strcmp(command->part(1), "exec") == 0) + { + + // The setup... + if (command->part(2)[0] != '^') + { + delimeter[0] = command->part(2)[0]; + position = 1; + } + else if (strlen(command->part(2)) > 1) + { + delimeter[0] = command->part(2)[0]; + delimeter[1] = command->part(2)[1]; + position = 2; + } + if (strlen(command->part(2) + position) > 0) + { + if (strncmp(command->part(2) + position, (const char *)&delimeter, position) == 0) + end = true; + } + + // Get banner... + if (end == false) + { + bannerPointer = addBanner(); + bannerPointer->banner = postLogon; + bannerPointer->name.assign(i18n("Exec")); + bannerPointer->description.assign(i18n("The Exec banner message is presented to users after they logon to *DEVICETYPE* devices (excluding reverse Telnet users). The Exec banner message configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = anyConnection; + tempString.assign(strstr(line, (const char *)&delimeter) + position); + + // Get the lines... + while ((end == false) && (feof(device->inputFile) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sExec Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (tempString.find((const char *)&delimeter) != tempString.npos) + { + end = true; + tempString.erase(tempString.find((const char *)&delimeter)); + } + + addBannerLine(bannerPointer, tempString.c_str()); + + // Read a line from the config... + if (end == false) + { + device->readLine(line, lineSize); + tempString.assign(line); + } + } + } + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sExec Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + } + + // Incoming... + else if (strcmp(command->part(1), "incoming") == 0) + { + + // The setup... + if (command->part(2)[0] != '^') + { + delimeter[0] = command->part(2)[0]; + position = 1; + } + else if (strlen(command->part(2)) > 1) + { + delimeter[0] = command->part(2)[0]; + delimeter[1] = command->part(2)[1]; + position = 2; + } + if (strlen(command->part(2) + position) > 0) + { + if (strncmp(command->part(2) + position, (const char *)&delimeter, position) == 0) + end = true; + } + + // Get banner... + if (end == false) + { + bannerPointer = addBanner(); + bannerPointer->banner = postLogon; + bannerPointer->name.assign(i18n("Incoming")); + bannerPointer->description.assign(i18n("The Incoming banner message is presented to reverse Telnet users after they logon to *DEVICETYPE* devices. The Incoming banner message configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = reverseTelnetConnection; + tempString.assign(strstr(line, (const char *)&delimeter) + position); + + // Get the lines... + while ((end == false) && (feof(device->inputFile) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sIncoming Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (tempString.find((const char *)&delimeter) != tempString.npos) + { + end = true; + tempString.erase(tempString.find((const char *)&delimeter)); + } + + addBannerLine(bannerPointer, tempString.c_str()); + + // Read a line from the config... + if (end == false) + { + device->readLine(line, lineSize); + tempString.assign(line); + } + } + } + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sIncoming Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + } + + // PPP/SLIP... + else if (strcmp(command->part(1), "slip-ppp") == 0) + { + + // The setup... + if (command->part(2)[0] != '^') + { + delimeter[0] = command->part(2)[0]; + position = 1; + } + else if (strlen(command->part(2)) > 1) + { + delimeter[0] = command->part(2)[0]; + delimeter[1] = command->part(2)[1]; + position = 2; + } + if (strlen(command->part(2) + position) > 0) + { + if (strncmp(command->part(2) + position, (const char *)&delimeter, position) == 0) + end = true; + } + + // SLIP/PPP banner... + if (end == false) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign(i18n("*ABBREV*SLIP*-ABBREV*-*ABBREV*PPP*-ABBREV*")); + bannerPointer->description.assign(i18n("The *ABBREV*SLIP*-ABBREV*-*ABBREV*PPP*-ABBREV* banner message is presented to users connecting to *DEVICETYPE* devices using *ABBREV*SLIP*-ABBREV* or *ABBREV*PPP*-ABBREV*. The *ABBREV*SLIP*-ABBREV*-*ABBREV*PPP*-ABBREV* banner message configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = pppConnection; + tempString.assign(strstr(line, (const char *)&delimeter) + position); + + // Get the lines... + while ((end == false) && (feof(device->inputFile) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSLIP-PPP Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (tempString.find((const char *)&delimeter) != tempString.npos) + { + end = true; + tempString.erase(tempString.find((const char *)&delimeter)); + } + + addBannerLine(bannerPointer, tempString.c_str()); + + // Read a line from the config... + if (end == false) + { + device->readLine(line, lineSize); + tempString.assign(line); + } + } + } + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sSLIP-PPP Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + } + + + + // Exec... + else if (strcmp(command->part(1), "aaa") == 0) + { + + // The setup... + if (command->part(3)[0] != '^') + { + delimeter[0] = command->part(3)[0]; + position = 1; + } + else if (strlen(command->part(3)) > 1) + { + delimeter[0] = command->part(3)[0]; + delimeter[1] = command->part(3)[1]; + position = 2; + } + if (strlen(command->part(3) + position) > 0) + { + if (strncmp(command->part(3) + position, (const char *)&delimeter, position) == 0) + end = true; + } + + // Get banner... + if (end == false) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign(i18n("*ABBREV*AAA*-ABBREV*")); + bannerPointer->description.assign(i18n("The *ABBREV*AAA*-ABBREV* banner message is presented to users before they logon to *DEVICETYPE* devices (except in cases where *ABBREV*TACACS+*-ABBREV* is the first authentication method). The *ABBREV*AAA*-ABBREV* banner message configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = anyConnection; + tempString.assign(strstr(line, (const char *)&delimeter) + position); + + // Get the lines... + while ((end == false) && (feof(device->inputFile) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (tempString.find((const char *)&delimeter) != tempString.npos) + { + end = true; + tempString.erase(tempString.find((const char *)&delimeter)); + } + + addBannerLine(bannerPointer, tempString.c_str()); + + // Read a line from the config... + if (end == false) + { + device->readLine(line, lineSize); + tempString.assign(line); + } + } + } + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + } + + + + + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/banner.h.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/banner.h.svn-base new file mode 100644 index 0000000..0d4b97e --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/banner.h.svn-base @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef IOSbanner_H +#define IOSbanner_H + + +#include "../device/banner/banner.h" + + +class IOSBanner : public Banner +{ + public: + + IOSBanner(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/dns.cpp.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/dns.cpp.svn-base new file mode 100644 index 0000000..161f015 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/dns.cpp.svn-base @@ -0,0 +1,323 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "iosdevice.h" +#include "dns.h" +#include "general.h" + + +IOSDNS::IOSDNS() +{ + nameMappingConfig = i18n("*DEVICETYPE* devices can be configured to resolve name to address mappings. This section details those settings."); // The text paragraph in the config section + + // Host configuration + showInterface = false; // Are interfaces supported? + + // DNS Client Settings + dnsClientSupported = true; // DNS Client Supported? + dnsLookupEnabled = true; // DNS lookups enabled? + disableLookup = "Domain lookups can be disabled on *DEVICETYPE* devices with the following commands (the last command is for *DEVICEOS* 12.1 and older):*CODE**COMMAND*no ip domain lookup*-COMMAND**COMMAND*no ip domain-lookup*-COMMAND**-CODE*"; // The text and commands to disable DNS lookup + dnsRetries = 2; // DNS lookup retries + dnsRetriesSupported = false; // DNS lookup retries Supported? + dnsTimeout = 3; // DNS timeout + dnsTimeoutSupported = false; // DNS timeout Supported? + dnsRoundRobin = false; // DNS Round Robin + dnsRoundRobinSupported = false; // DNS Round Robin Supported? + + // DNS Server Options... + dnsRecordKeepAliveSupported = false; // Is the DNS keep Alive message type supported? + returnRecordsSupported = false; // Is the single/multiple record field supported? + dynamicDNSSupported = false; // Is Dynamic DNS Supported? + dnsServerSupported = false; // Is DNS Server Supported? + dnsServiceEnabled = false; // Is the DNS service enabled? + dynamicDNSEnabled = false; // Is dynamic DNS enabled? + dnsProxySupported = false; // Is DNS Proxy Server Supported? + dnsProxyEnabled = false; // Is the DNS Proxy service enabled? + dnsPort = 53; // DNS Server Port + + broadcastLookups = true; +} + + +int IOSDNS::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + dnsConfig *dnsPointer = 0; + int tempInt = 0; + bool setting = false; + bool first = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 2; + setting = false; + } + else + { + tempInt = 1; + setting = true; + } + + // Proxy Server... + if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "spoofing") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Spoofing(Proxy) Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + dnsProxyEnabled = true; + dnsProxySupported = true; + dnsServerSupported = true; + } + + // DNS Server... + else if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + dnsServiceEnabled = setting; + dnsServerSupported = true; + } + + // domain list... + else if (((strcmp(command->part(tempInt), "domain") == 0) && (strcmp(command->part(tempInt + 1), "list") == 0)) || (strcmp(command->part(tempInt), "domain-list") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Domain List Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt), "list") == 0) + tempInt++; + + if (setting == true) + { + dnsPointer = addDomainName(command->part(tempInt)); + } + } + + // domain lookup... + else if (((strcmp(command->part(tempInt), "domain") == 0) && (strcmp(command->part(tempInt + 1), "lookup") == 0)) || (strcmp(command->part(tempInt), "domain-lookup") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Domain Lookup Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt), "lookup") == 0) + tempInt++; + + dnsLookupEnabled = setting; + broadcastLookups = setting; + } + + // domain name... + else if (((strcmp(command->part(tempInt), "domain") == 0) && (strcmp(command->part(tempInt + 1), "name") == 0)) || (strcmp(command->part(tempInt), "domain-name") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Domain Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt), "name") == 0) + tempInt++; + + if (setting == true) + dnsDomain.assign(command->part(tempInt)); + } + + // domain retry... + else if ((strcmp(command->part(tempInt), "domain") == 0) && (strcmp(command->part(tempInt + 1), "retry") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDomain Retries Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + + dnsRetriesSupported = true; + + if (setting == true) + dnsRetries = atoi(command->part(tempInt)); + } + + // round robin... + else if ((strcmp(command->part(tempInt), "domain") == 0) && (strcmp(command->part(tempInt + 1), "round-robin") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Round Robin Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + + dnsRoundRobinSupported = true; + dnsRoundRobin = setting; + } + + // timeout... + else if ((strcmp(command->part(tempInt), "domain") == 0) && (strcmp(command->part(tempInt + 1), "timeout") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + + dnsTimeoutSupported = true; + if (setting == true) + dnsTimeout = atoi(command->part(tempInt)); + } + + // dns name-server... + else if (strcmp(command->part(tempInt), "name-server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Name Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (dnsServer == 0) + first = true; + while (tempInt < command->parts) + { + if (first == true) + { + dnsPointer = addDNSServer(command->part(tempInt)); + dnsPointer->description.assign(i18n("Primary")); + first = false; + } + else + { + dnsPointer = addDNSServer(command->part(tempInt)); + dnsPointer->description.assign(i18n("Secondary")); + } + tempInt++; + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int IOSDNS::processDefaults(Device *device) +{ + // Enable features... + if (device->general != 0) + { + if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 3)) || ((device->general->versionMajor == 12) && (device->general->versionMinor == 3) && (device->general->versionRevision > 2))) + { + if (device->isRouter == true) + { + dnsProxySupported = true; + dnsServerSupported = true; + } + dnsRetriesSupported = true; + dnsTimeoutSupported = true; + dnsRoundRobinSupported = true; + } + else if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 2)) || ((device->general->versionMajor == 12) && (device->general->versionMinor == 2) && (device->general->versionRevision > 3))) + { + if (device->isRouter == true) + dnsServerSupported = true; + dnsRetriesSupported = true; + dnsTimeoutSupported = true; + dnsRoundRobinSupported = true; + } + else if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 2))) + { + dnsRetriesSupported = true; + dnsTimeoutSupported = true; + dnsRoundRobinSupported = true; + } + else if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 0))) + { + dnsRoundRobinSupported = true; + } + } + + // Disable domain lookups if there are no servers to lookup with... + if (dnsServer == 0) + dnsLookupEnabled = false; + + return 0; +} + + +int IOSDNS::generateDeviceSpecificSecurityReport(Device *device) +{ + // Variables... + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + + if ((dnsLookupEnabled == false) && (broadcastLookups == true) && (dnsClientSupported == true)) + { + + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Broadcast Domain Lookups Enabled\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Broadcast Domain Lookups Enabled")); + securityIssuePointer->reference.assign("IOS.DNSCLOOK.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*DEVICETYPE* devices can make use host names rather than the *ABBREV*IP*-ABBREV* by looking up the address using *ABBREV*DNS*-ABBREV* services. If no *ABBREV*DNS*-ABBREV* servers are configured, the lookups are broadcast on *DEVICETYPE* devices rather than sent directly to a *ABBREV*DNS*-ABBREV* server.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that name lookups were configured to broadcast from *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 2; // Medium + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker who was able to capture network traffic could monitor *ABBREV*DNS*-ABBREV* queries from the *DEVICETYPE* devices. Furthermore, vulnerabilities have been previously identified where mistyped commands on *DEVICETYPE* devices are interpreted as an attempt to contact a Telnet server. An attacker listening for such connections could create a connection back to the device in order to perform a man in the middle attack.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + securityIssuePointer->easeRating = 8; // Easy + paragraphPointer->paragraph.assign(i18n("Network packet capture tools are available on the Internet that can allow an attacker to monitor the network traffic. The attack is made easier due to the lookups being broadcast on the network.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 3; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that, if not required, domain lookups should be disabled.")); + if (strlen(disableLookup) > 0) + { + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(disableLookup); + } + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("domain lookups were enabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable domain lookups")); + } + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/dns.h.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/dns.h.svn-base new file mode 100644 index 0000000..7c4bdc2 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/dns.h.svn-base @@ -0,0 +1,55 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef IOSDNS_H +#define IOSDNS_H + + +#include "../device/dns/dns.h" + + +class IOSDNS : public DNS +{ + public: + + IOSDNS(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int generateDeviceSpecificSecurityReport(Device *device); + + + private: + bool broadcastLookups; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/filter.cpp.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/filter.cpp.svn-base new file mode 100644 index 0000000..d22822b --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/filter.cpp.svn-base @@ -0,0 +1,828 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "iosdevice.h" +#include "filter.h" + + +IOSFilter::IOSFilter() +{ + // Filter text... + standardACLText = i18n("Standard *ABBREV*ACL*-ABBREV*"); + standardACLDescription = i18n("Standard *ABBREV*ACLs*-ABBREV* only define the source address and process the packet solely based on that, they are typically used to restrict access to device services or protocols."); + extendedACLText = i18n("Extended *ABBREV*ACL*-ABBREV*"); + extendedACLDescription = i18n("Extended *ABBREV*ACLs*-ABBREV* permit or deny network traffic based on the source and destination addresses and network ports. Extended *ABBREV*ACLs*-ABBREV* are used for checks on traffic passing through the *DEVICENAME*."); + + // Filter device options... + noAccessWithoutFilters = false; // Is access not granted if no filters are configured + allowName = i18n("Permit"); // The name given to an allowed filter + denyName = i18n("Deny"); // The name given to a denied filter + ruleListsAreAssigned = true; // Rule lists are assigned to specific elements + filterConfigTitle = i18n("*ABBREV*ACL*-ABBREV* Configuration"); // The Title for the configuration report section + filterConfigText = i18n("*ABBREV*ACL*-ABBREV* are sequential lists of apply or deny *ABBREV*ACEs*-ABBREV* that a *DEVICETYPE* device will apply to the network traffic. The *DEVICETYPE* device will check network traffic against the *ABBREV*ACL*-ABBREV* and the first *ABBREV*ACE*-ABBREV* that matches will determine whether the network traffic is permitted or denied. If the *DEVICETYPE* device does not have an *ABBREV*ACE*-ABBREV* that applies then the packet is denied."); // The device specific configuration report section text + filterConfigText2 = i18n("There are two different types of *ABBREV*ACLs*-ABBREV* on IOS-based Cisco devices, standard and extended. For numbered *ABBREV*ACLs*-ABBREV*, standard *ABBREV*ACLs*-ABBREV* have an access list number between 1 to 99 or 1300 to 1999, all others are extended *ABBREV*ACLs*-ABBREV*. Standard *ABBREV*ACLs*-ABBREV* only define the source address and process the packet solely based on that, they are typically used to restrict access to device services or protocols. Extended *ABBREV*ACLs*-ABBREV* contain additional checks, such as destination address and network port numbers, and are used for filtering network traffic passing through the device."); // The device specific configuration report section text2 + filterIDTitle = i18n("Line"); // The title for the filter ID/line no. table column + filterListName = i18n("*ABBREV*ACL*-ABBREV*"); // The name of the filter list, for use in text paragraphs + filterListNamePlaural = i18n("*ABBREV*ACLs*-ABBREV*"); // The name of the filter list, for use in text paragraphs + filterListNameTitle = i18n("*ABBREV*ACL*-ABBREV*"); // The name of the filter list, for use in titles + filterTitle = i18n("*ABBREV*ACE*-ABBREV*"); // The name of a filter, for use in titles + filterTitlePlaural = i18n("*ABBREV*ACEs*-ABBREV*"); // The name of a filter, for use in titles + filterName = i18n("*ABBREV*ACE*-ABBREV*"); // The name of a filter, for use use in text paragraph + filterNamePlaural = i18n("*ABBREV*ACEs*-ABBREV*"); // The name of a filter, for use use in text paragraph + + // Issue titles... + allowAndNotLogIssue = i18n("All Permit *ABBREV*ACE*-ABBREV* Do Not Log"); // The title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogTable = i18n("permit *ABBREV*ACE*-ABBREV* that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogConcl = i18n("all permit *ABBREV*ACE*-ABBREV* do not log"); // The conclusions text for the "All Allow Rules Do Not Log" issue + allowAndNotLogReco = i18n("Configure logging for all *ABBREV*ACE*-ABBREV*");// The recommendations text for the "All Allow Rules Do Not Log" issue + denyAndNotLogIssue = i18n("All Deny *ABBREV*ACE*-ABBREV* Do Not Log"); // The title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogTable = i18n("deny *ABBREV*ACE*-ABBREV* that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogConcl = i18n("all deny *ABBREV*ACE*-ABBREV* do not log"); // The conclusions text for the "All Allow Rules Do Not Log" issue + configRuleLogging = i18n("Logging can be enabled on extended *COMMAND*access-list*-COMMAND* with the following command:*CODE**COMMAND*access-list *CMDUSER*list-id*-CMDUSER* extended *CMDREQUIRE*deny *CMDOR* permit*-CMDREQUIRE* *CMDUSER*protocol*-CMDUSER* *CMDUSER*source*-CMDUSER* *CMDUSER*destination*-CMDUSER* log*-COMMAND**-CODE*"); // The text describing how to configure logging for filter rules + noFilteringIssue = i18n("No *ABBREV*ACL*-ABBREV* Were Configured"); // The title text for the "No filtering" issue + noFilteringRec = i18n("Configure *ABBREV*ACL*-ABBREV* to restrict access"); // The title text for the "No filtering" recommendation + noFilteringCon = i18n("no *ABBREV*ACL*-ABBREV* were configured"); // The title text for the "No filtering" conclusion + + // IOS specific + turboAccessListSupported = false; // Are turbo ACL supported? + turboAccessList = false; // Are turbo ACL enabled? +} + + +IOSFilter::~IOSFilter() +{ +} + + +int IOSFilter::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + filterObjectConfig *filterObjectPointer = 0; + filterConfig *filterPointer = 0; + filterListConfig *filterListPointer = 0; + int tempInt = 0; + int tempInt2 = 0; + bool specificProtocol = false; + bool icmpProtocol = false; + fpos_t filePosition; + + if (strcmp(command->part(0), "no") != 0) + { + + // IP Access List... + if ((strcmp(command->part(0), "ip") == 0) && (strcmp(command->part(1), "access-list") == 0) && (strcmp(command->part(2), "log-update") != 0)) + { + while ((strcmp(command->part(0), "!") != 0) && ((line[0] == ' ') || (strcmp(command->part(1), "access-list") == 0)) && (strcmp(command->part(2), "log-update") != 0) && (feof(device->inputFile) == 0)) + { + + // Access-List... + if ((strcmp(command->part(0), "ip") == 0) && (strcmp(command->part(1), "access-list") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAccess List Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList(command->part(3)); + if (strcmp(command->part(2), "standard") == 0) + { + filterListPointer->sourceOnly = true; + filterListPointer->type = standardACLText; + filterListPointer->typeDescription = standardACLDescription; + } + else + { + filterListPointer->type = extendedACLText; + filterListPointer->typeDescription = extendedACLDescription; + filterListPointer->sourceServiceSupported = true; // If source services are supported + filterListPointer->sourceOnly = false; + filterListPointer->supportsTime = true; // Filter support time (dest only) + filterListPointer->supportsFragments = true; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = true; // Filter support established (dest only) + } + filterListPointer->loggingSupport = true; // Does the filter list support logging + } + + // Remark... + else if ((strcmp(command->part(0), "remark") == 0) && (command->parts > 1)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRemark Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + filterPointer = addFilter(filterListPointer); + filterPointer->remarkFilter = true; + filterPointer->number--; + filterPointer->comment.assign(strstr(line, command->part(1))); + } + + // Permit/Deny... + else if ((strcmp(command->part(0), "permit") == 0) || (strcmp(command->part(0), "deny") == 0)) + { + if ((strcmp(command->part(0), "permit") == 0) && (device->config->reportFormat == Config::Debug)) + printf("%sPermit Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + else if (device->config->reportFormat == Config::Debug) + printf("%sDeny Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer = addFilter(filterListPointer); + + // Permit/Deny + if (strcmp(command->part(0), "permit") == 0) + filterPointer->action = allowAction; + else + filterPointer->action = denyAction; + tempInt = 1; + + // Protocol... + if (filterListPointer->sourceOnly == false) + { + filterObjectPointer = addFilterObject(filterPointer, protocol); + filterObjectPointer->type = protocolObject; + tempInt2 = atoi(command->part(tempInt)); + if ((tempInt2 > 0) || (strcmp(command->part(tempInt), "0") == 0)) + { + filterObjectPointer->name.assign(device->getProtocol(tempInt2)); + if (filterObjectPointer->name.empty()) + filterObjectPointer->name.assign(command->part(tempInt)); + } + else + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + tempInt++; + if (strcmp(command->part(tempInt), "icmp") == 0) + { + specificProtocol = true; + icmpProtocol = true; + } + else if (strcmp(command->part(tempInt), "igmp") == 0) + { + specificProtocol = true; + icmpProtocol = false; + } + } + + // Source + filterObjectPointer = addFilterObject(filterPointer, source); + if (strcasecmp(command->part(tempInt), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + } + else if (strcasecmp(command->part(tempInt), "host") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = hostObject; + } + else + { + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + if (tempInt < command->parts) + { + filterObjectPointer->netmask.assign(wildcardToNetmask(device, command->part(tempInt))); + filterObjectPointer->type = networkObject; + } + } + tempInt++; + + if (filterListPointer->sourceOnly == false) + { + + // Is operator used with source? + if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->type = serviceObject; + tempInt++; + } + + // Destination + filterObjectPointer = addFilterObject(filterPointer, destination); + if (strcasecmp(command->part(tempInt), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + } + else if (strcasecmp(command->part(tempInt), "host") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = hostObject; + } + else + { + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(wildcardToNetmask(device, command->part(tempInt))); + filterObjectPointer->type = networkObject; + } + tempInt++; + + // Is operator used with destination? + if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->type = serviceObject; + tempInt++; + } + + if (specificProtocol == true) + { + // IGMP.. + if (icmpProtocol == false) + { + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + + // ICMP... + else + { + filterObjectPointer = addFilterObject(filterPointer, destinationService); + tempInt2 = atoi(command->part(tempInt)); + if ((tempInt2 > 0) || (strcmp(command->part(tempInt), "0") == 0)) + { + filterObjectPointer->name.assign(device->getICMPName(tempInt2)); + if (filterObjectPointer->name.empty()) + filterObjectPointer->name.assign(command->part(tempInt)); + } + else + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + // If an ICMP CODE is specified... + if (((atoi(command->part(tempInt + 1)) > 0) && (atoi(command->part(tempInt + 1)) < 256)) || (strcmp(command->part(tempInt + 1), "0") == 0)) + { + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + device->addICMPType(filterObjectPointer->name.c_str(), atoi(command->part(tempInt))); + } + else + device->addICMPType(filterObjectPointer->name.c_str()); + tempInt++; + } + } + + // Other options... + while (tempInt < command->parts) + { + // Fragments... + if (strcmp(command->part(tempInt), "fragments") == 0) + filterPointer->fragments = true; + + // Established... + else if (strcmp(command->part(tempInt), "established") == 0) + filterPointer->established = true; + + // Log... + else if (strcmp(command->part(tempInt), "log") == 0) + filterPointer->log = true; + + // Time... + else if (strcmp(command->part(tempInt), "time-range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, timeLimit); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = timeObject; + } + + tempInt++; + } + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + // Compiled Access List... + else if ((strcmp(command->part(0), "access-list") == 0) && (strcmp(command->part(1), "compiled") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCompiled ACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + turboAccessListSupported = true; + turboAccessList = true; + } + + // Access List... + else if ((strcmp(command->part(0), "access-list") == 0) && (command->parts > 2)) + { + filterListPointer = getFilterList(command->part(1)); + if ((atoi(command->part(1)) < 100) || ((atoi(command->part(1)) > 1299) && (atoi(command->part(1)) < 2000))) + filterListPointer->sourceOnly = true; + else + filterListPointer->sourceOnly = false; + filterListPointer->loggingSupport = true; // Does the filter list support logging + filterPointer = addFilter(filterListPointer); + + // Remark... + if (strcmp(command->part(2), "remark") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sACL Remark Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + filterPointer->remarkFilter = true; + filterPointer->number--; + filterPointer->comment.assign(strstr(line, command->part(2))); + } + + // Standard ACL + else if (filterListPointer->sourceOnly == true) + { + if (device->config->reportFormat == Config::Debug) + printf("%sStandard ACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer->type = standardACLText; + filterListPointer->typeDescription = standardACLDescription; + + // Permit/Deny + if (strcmp(command->part(2), "permit") == 0) + filterPointer->action = allowAction; + else + filterPointer->action = denyAction; + + // Name + filterObjectPointer = addFilterObject(filterPointer, source); + if (strcasecmp(command->part(3), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + } + else + { + filterObjectPointer->name.assign(command->part(3)); + + // Mask/Wildcard + if ((command->parts > 4) && (strcmp(command->part(4), "log") != 0)) + filterObjectPointer->netmask.assign(wildcardToNetmask(device, command->part(4))); + else + filterObjectPointer->netmask.assign("255.255.255.255"); + + // Check type... + if (filterObjectPointer->netmask.compare("255.255.255.255") == 0) + filterObjectPointer->type = hostObject; + else + filterObjectPointer->type = networkObject; + } + + // Log + if (strcmp(command->part(command->parts - 1), "log") == 0) + filterPointer->log = true; + } + + // Extended ACL + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sExtended ACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + specificProtocol = false; + + filterListPointer->type = extendedACLText; + filterListPointer->typeDescription = extendedACLDescription; + filterListPointer->supportsTime = true; // Filter support time (dest only) + filterListPointer->supportsFragments = true; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = true; // Filter support established (dest only) + + // Permit/Deny + tempInt = 2; + while ((strcmp(command->part(tempInt), "permit") != 0) && (strcmp(command->part(tempInt), "deny") != 0) && (tempInt < command->parts)) + tempInt++; + if (strcmp(command->part(tempInt), "permit") == 0) + filterPointer->action = allowAction; + else + filterPointer->action = denyAction; + + // Protocol... + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, protocol); + filterObjectPointer->type = protocolObject; + tempInt2 = atoi(command->part(tempInt)); + if ((tempInt2 > 0) || (strcmp(command->part(tempInt), "0") == 0)) + { + filterObjectPointer->name.assign(device->getProtocol(tempInt2)); + if (filterObjectPointer->name.empty()) + filterObjectPointer->name.assign(command->part(tempInt)); + } + else + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + if (strcmp(command->part(tempInt), "icmp") == 0) + { + specificProtocol = true; + icmpProtocol = true; + } + else if (strcmp(command->part(tempInt), "igmp") == 0) + { + specificProtocol = true; + icmpProtocol = false; + } + + // Source + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, source); + if (strcasecmp(command->part(tempInt), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + } + else if (strcasecmp(command->part(tempInt), "host") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = hostObject; + } + else + { + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(wildcardToNetmask(device, command->part(tempInt))); + filterObjectPointer->type = networkObject; + } + tempInt++; + + // Is operator used with source? + if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->type = serviceObject; + tempInt++; + } + + // Destination + filterObjectPointer = addFilterObject(filterPointer, destination); + if (strcasecmp(command->part(tempInt), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + } + else if (strcasecmp(command->part(tempInt), "host") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = hostObject; + } + else + { + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(wildcardToNetmask(device, command->part(tempInt))); + filterObjectPointer->type = networkObject; + } + tempInt++; + + // Is operator used with destination? + if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->type = serviceObject; + tempInt++; + } + + if (specificProtocol == true) + { + // IGMP.. + if (icmpProtocol == false) + { + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + + // ICMP... + else + { + filterObjectPointer = addFilterObject(filterPointer, destinationService); + tempInt2 = atoi(command->part(tempInt)); + if ((tempInt2 > 0) || (strcmp(command->part(tempInt), "0") == 0)) + { + filterObjectPointer->name.assign(device->getICMPName(tempInt2)); + if (filterObjectPointer->name.empty()) + filterObjectPointer->name.assign(command->part(tempInt)); + } + else + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + // If an ICMP CODE is specified... + if (((atoi(command->part(tempInt + 1)) > 0) && (atoi(command->part(tempInt + 1)) < 256)) || (strcmp(command->part(tempInt + 1), "0") == 0)) + { + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + device->addICMPType(filterObjectPointer->name.c_str(), atoi(command->part(tempInt))); + } + else + device->addICMPType(filterObjectPointer->name.c_str()); + tempInt++; + } + } + + // Other options... + while (tempInt < command->parts) + { + // Fragments... + if (strcmp(command->part(tempInt), "fragments") == 0) + filterPointer->fragments = true; + + // Established... + else if (strcmp(command->part(tempInt), "established") == 0) + filterPointer->established = true; + + // Log... + else if ((strcmp(command->part(tempInt), "log") == 0) || (strcmp(command->part(tempInt), "log-input") == 0)) + filterPointer->log = true; + + // Time... + else if (strcmp(command->part(tempInt), "time-range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, timeLimit); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = timeObject; + } + + tempInt++; + } + } + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +string tempWildcard; +const char *IOSFilter::wildcardToNetmask(Device *device, const char *wildcard) +{ + // Variables... + int stringLength = strlen(wildcard); + const char *tempPointer = wildcard; + unsigned char octet1 = 0; + unsigned char octet2 = 0; + unsigned char octet3 = 0; + unsigned char octet4 = 0; + + // Obvious Errors... + if (wildcard == 0) + return "255.255.255.255"; + if (stringLength < 8) + return "255.255.255.255"; + + // Octet1... + octet1 = atoi(tempPointer); + octet1 = ~octet1; + + // Octet2... + tempPointer = strchr(tempPointer, '.'); + if (tempPointer == 0) + return "255.255.255.255"; + tempPointer++; + octet2 = atoi(tempPointer); + octet2 = ~octet2; + + // Octet3... + tempPointer = strchr(tempPointer, '.'); + if (tempPointer == 0) + return "255.255.255.255"; + tempPointer++; + octet3 = atoi(tempPointer); + octet3 = ~octet3; + + // Octet4... + tempPointer = strchr(tempPointer, '.'); + if (tempPointer == 0) + return "255.255.255.255"; + tempPointer++; + octet4 = atoi(tempPointer); + octet4 = ~octet4; + + // Return... + tempWildcard.assign(device->intToString(octet1)); + tempWildcard.append("."); + tempWildcard.append(device->intToString(octet2)); + tempWildcard.append("."); + tempWildcard.append(device->intToString(octet3)); + tempWildcard.append("."); + tempWildcard.append(device->intToString(octet4)); + return tempWildcard.c_str(); +} diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/filter.h.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/filter.h.svn-base new file mode 100644 index 0000000..1ae6f75 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/filter.h.svn-base @@ -0,0 +1,66 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef IOSFilter_H +#define IOSFilter_H + + +#include "../device/filter/filter.h" + + +class IOSFilter : public Filter +{ + public: + IOSFilter(); + virtual ~IOSFilter(); + + protected: + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + + private: + // Filter text... + const char *standardACLText; + const char *standardACLDescription; + const char *extendedACLText; + const char *extendedACLDescription; + + // IOS Specific methods... + const char *wildcardToNetmask(Device *device, const char *wildcard); // Convert a wildcard to a netmask + + // IOS Specific options... + bool turboAccessListSupported; // Are turbo ACL supported? + bool turboAccessList; // Are turbo ACL enabled? + +}; + + +#endif + diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/general.cpp.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/general.cpp.svn-base new file mode 100644 index 0000000..e9e3f12 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/general.cpp.svn-base @@ -0,0 +1,216 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "iosdevice.h" +#include "general.h" + + +//vulnerabilityConfig ios-vuln6 {i18n("Multiple DLSw Denial of Service"), true, false, "CVE-2008-1152", "28465", "cisco-amb-20080326-dlsw", &ios-vuln6-ver, false, 0}; +//vulnerabilityConfig ios-vuln5 {i18n("Dual-stack Router IPv6 Denial Of Service"), true, false, "CVE-2008-1153", "28461", "cisco-sa-20080326-IPv4IPv6", &ios-vuln5-ver, false, &ios-vuln6}; +//vulnerabilityConfig ios-vuln4 {i18n("SSH Multiple Denial of Service"), true, false, "CVE-2008-1159", "29314", "cisco-sa-20080521-ssh", &ios-vuln4-ver, false, &ios-vuln5}; +//vulnerabilityConfig ios-vuln3 {i18n("Failure to Handle Exceptional Conditions"), true, false, "CVE-2006-3906", "19176", "cisco-sr-20060726-ike", &ios-vuln3-ver, false, &ios-vuln4}; +//vulnerabilityConfig ios-vuln2 {i18n("FTP Server Multiple Vulnerabilities"), false, true, "", "23885", "cisco-sa-20070509-iosftp", &ios-vuln2-ver, false, &ios-vuln3}; +//vulnerabilityConfig ios-vuln1 {i18n("SNMP Remote Authentication Bypass"), false, true, "CVE-2008-0960", "29623", "cisco-sa-20080610-snmpv3", &ios-vuln1-ver, false, &ios-vuln2}; +/* + struct vulnVersionConfig ios_vuln_ver3 {12, 3, 0, 0, 12, 3, 13, 0, 0}; + struct vulnVersionConfig ios_vuln_ver2 {12, 2, 0, 0, 12, 2, 7, 0, &ios_vuln_ver3}; + struct vulnVersionConfig ios_vuln_ver1 {12, 1, 0, 0, 12, 1, 21, 0, &ios_vuln_ver2}; + struct vulnVersionConfig ios_vuln_ver {12, 0, 7, 0, 12, 0, 7, 0, &ios_vuln_ver1}; + struct vulnerabilityConfig ios_vuln {"DNS Protocol Insufficient Transaction ID Randomization DNS Spoofing", false, false, "CVE-2008-1447", "30131", "cisco-sa-20080708-dns", &ios_vuln_ver, false, 0};//&ios-vuln1}; +*/ + +// Initialisation... +IOSGeneral::IOSGeneral() +{ + servicePasswordEncryption = true; +} + + +int IOSGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Hostname + if (strcmp(command->part(tempInt), "hostname") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHostname Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostname = command->part(tempInt + 1); + } + + // Version + else if (strcmp(command->part(tempInt), "version") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sVersion Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (versionMajor == 0) + { + version = command->part(tempInt + 1); + if (!version.empty()) + { + versionMajor = atoi(version.c_str()); + if ((version.find_first_of('.') != string::npos) && (version.length() > version.find_first_of('.') + 1)) + versionMinor = atoi(version.c_str() + version.find_first_of('.') + 1); + } + noMinor = false; + } + } + + // Service lines... + else if (strcmp(command->part(tempInt), "service") == 0) + { + tempInt++; + + // Password Encryption... + if (strcmp(command->part(tempInt), "password-encryption") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Password-Encryption Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == false) + servicePasswordEncryption = off; + else + servicePasswordEncryption = on; + } + } + + return 0; +} + + +int IOSGeneral::processDefaults(Device *device) +{ + // Password Encryption + if (servicePasswordEncryption == unconfigured) + { + // No version, default to off + if (version.empty()) + servicePasswordEncryption = off; + else if (versionMajor >= 10) + servicePasswordEncryption = off; + } + + return 0; +} + +int IOSGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-GENERAL"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-GENERAL-TABLE"); + + // Password Encryption... + if (servicePasswordEncryption != unconfigured) + { + device->addTableData(paragraphPointer->table, i18n("Service Password Encryption")); + if (servicePasswordEncryption == on) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + } + + return errorCode; +} + + +int IOSGeneral::generateSecuritySpecificReport(Device *device) +{ + // Variables... + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Service Password Encryption... + if (servicePasswordEncryption == off) + { + + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Service Password Encryption Disabled\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Service Password Encryption Disabled")); + securityIssuePointer->reference.assign("IOS.PASSENCR.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("The *DEVICETYPE* service password encryption option instructs *DEVICENAME* to store the passwords using Cisco type-7 encryption. By default on *DEVICETYPE* devices the passwords are stored in the configuration file in their clear text form. *COMPANY* determined that encrypted password storage had not been enabled on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 5; // MEDIUM + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("A malicious user or an attacker with access to the device's configuration could quickly extract clear text passwords without having to decode or brute-force them. Alternatively, a malicious user could gain a clear text password if they were closely watching a network administrator. The attacker could then make use of the stolen credentials to gain a level of access to *DEVICENAME*.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + securityIssuePointer->easeRating = 2; // Challenge + paragraphPointer->paragraph.assign(i18n("An attacker would require access to the device configuration or would have to be closely watching a network administrator. This issue may require the attacker to have access to the device or a backup copy of the configuration for *DEVICENAME*.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 1; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("Although Cisco type-7 passwords are easily reversed and there are a number of programs that reverse them, they do provide an effective barrier against a casual observer. Therefore, *COMPANY* recommends that password encryption should be enabled. This can be done with the following Cisco *ABBREV*IOS*-ABBREV* command:")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*CODE**COMMAND*service password-encryption*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("service password encryption was disabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Enable service password encryption")); + } + return errorCode; +} diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/general.h.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/general.h.svn-base new file mode 100644 index 0000000..209aa22 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/general.h.svn-base @@ -0,0 +1,57 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef iosdevicegeneral_H +#define iosdevicegeneral_H + +#include "../device/general/general.h" + +class Device; + +class IOSGeneral : public General +{ + public: + IOSGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Reporting... + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + private: + unsigned int servicePasswordEncryption; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/interfaces.cpp.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/interfaces.cpp.svn-base new file mode 100644 index 0000000..129b4b9 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/interfaces.cpp.svn-base @@ -0,0 +1,783 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "iosdevice.h" +#include "interfaces.h" +#include "general.h" + + +IOSInterfaces::IOSInterfaces() +{ + // Interface Options... + filterIn = i18n("*ABBREV*ACL*-ABBREV* In"); // The filter in table title text + filterOut = i18n("*ABBREV*ACL*-ABBREV* Out"); // The filter out table title text + showDescription = true; // Show the interface description + cdpGlobalRequired = true; // If CDP needs to be enabled globally as well + disableCDPText = i18n("The following commands can be used to disable *ABBREV*CDP*-ABBREV* on *DEVICETYPE* devices. The first command disables *ABBREV*CDP*-ABBREV* for the entire device, whilst the second can be used to disable *ABBREV*CDP*-ABBREV* on individual interfaces.*CODE**COMMAND*no cdp run*-COMMAND**COMMAND*no cdp enable*-COMMAND**-CODE*"); // The text and commands to disable CDP + cdpSupported = true; // Is CDP supported on interfaces + disableProxyARPText = i18n("Proxy *ABBREV*ARP*-ABBREV* can be disabled on interfaces using the following command:*CODE**COMMAND*no ip proxy-arp*-COMMAND**-CODE*");// The text and commands to disable Proxy ARP + disableUnreachablesText = i18n("*ABBREV*ICMP*-ABBREV* unreachable message sending can be disabled on network interfaces with the following command:*CODE**COMMAND*no ip unreachables*-COMMAND**-CODE*"); // The text and commands to disable ICMP unreachable messages + disableInformationText = i18n("*ABBREV*ICMP*-ABBREV* information reply message sending can be disabled on network interfaces with the following command:*CODE**COMMAND*no ip information-reply*-COMMAND**-CODE*"); // The text and commands to disable ICMP information messages + disableMaskText = i18n("*ABBREV*ICMP*-ABBREV* mask reply message sending can be disabled on network interfaces with the following command:*CODE**COMMAND*no ip mask-reply*-COMMAND**-CODE*"); // The text and commands to disable ICMP mask messages + disableRedirectText = i18n("*ABBREV*ICMP*-ABBREV* redirect message sending can be disabled on network interfaces with the following command:*CODE**COMMAND*no ip redirects*-COMMAND**-CODE*"); // The text and commands to disable ICMP redirect messages + disableDirectedText = i18n("Directed broadcases can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*no ip directed broadcast*-COMMAND**-CODE*"); // The text and commands to disable directed broadcasts + disableMOPText = i18n("*ABBREV*MOP*-ABBREV* can be disabled on each interface with the following command:*CODE**COMMAND*no mop enabled*-COMMAND**-CODE*"); // The text and commands to disable MOP + disableActiveText = i18n("Unused interfaces can be disabled with the following command:*CODE**COMMAND*shutdown*-COMMAND**-CODE*"); // The text and commands to disable potentially unused interfaces + filterName = i18n("*ABBREV*ACL*-ABBREV*"); // The filter list name for use in the filter issue text + configFilterText = i18n("*DEVICETYPE* device filtering can be configured on interfaces with the following command:*CODE**COMMAND*ip access-group *CMDUSER*ACL*-CMDUSER* *CMDOPTION*in *CMDOR* out*-CMDOPTION**-COMMAND**-CODE*"); // The text and commands to configure network filtering + defaultAutoTrunk = true; // Default to automatically trunk + disableTrunkText = i18n("Switch ports can be configured to provide no trunking on each interface with the following command:*CODE**COMMAND*switchport mode access*-COMMAND**-CODE*"); // The text and commands to disable trunking on a port + enablePortSecurityText = i18n("Switch port security with *ABBREV*MAC*-ABBREV* address learning and port shutdown on a violation can be configured for each interface with the following commands:*CODE**COMMAND*switchport port-security*-COMMAND**COMMAND*switchport port-security violation shutdown*-COMMAND**COMMAND*switchport port-security mac-address sticky*-COMMAND**-CODE*"); // The text and commands to enable port security +} + + +int IOSInterfaces::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + interfaceListConfig *interfaceListPointer = 0; + interfaceConfig *interfacePointer = 0; + string tempString; + bool setting = false; + int tempInt = 0; + + // Interface... + if ((strcmp(command->part(0), "interface") == 0) && (strcmp(command->part(1), "service-engine") != 0) && (strcmp(command->part(1), "range") != 0) && (strcmp(command->part(1), "content-engine") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Get the correct list for the type of interface... + if (strncasecmp(command->part(1), "GigabitEthernet", 15) == 0) + { + interfaceListPointer = getInterfaceList("GETHERINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Gigabit Ethernet Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices gigabit ethernet interfaces."); + interfaceListPointer->tableTitle = i18n("Gigabit ethernet interfaces"); + interfaceListPointer->label = "GETHERINTERFACES"; + interfaceListPointer->proxyArpSupported = true; + interfaceListPointer->mopSupported = true; + interfaceListPointer->unreachablesSupported = true; + interfaceListPointer->redirectsSupported = true; + interfaceListPointer->ipMaskReplySupported = true; + interfaceListPointer->ipDirectBroadcastSupported = true; + interfaceListPointer->vlanSupported = true; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + interfaceListPointer->portSecuritySupported = false; + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + if (device->general != 0) + { + if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 1))) + { + interfaceListPointer->informationReplySupported = true; + if (device->isSwitch) + { + interfaceListPointer->portSecuritySupported = true; + } + } + } + interfaceListPointer->cdpSupported = true; + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 15); + interfacePointer->proxyARP = true; + interfacePointer->mop = true; + interfacePointer->ipUnreachables = true; + interfacePointer->ipRedirects = true; + interfacePointer->cdp = true; + if (device->general != 0) + { + if (device->general->versionMajor < 12) + interfacePointer->ipDirectBroadcast.assign(i18n("All")); + } + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "FastEthernet", 12) == 0) + { + interfaceListPointer = getInterfaceList("FETHERINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Fast Ethernet Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices fast ethernet interfaces."); + interfaceListPointer->tableTitle = i18n("Fast Ethernet interfaces"); + interfaceListPointer->label = "FETHERINTERFACES"; + interfaceListPointer->proxyArpSupported = true; + interfaceListPointer->mopSupported = true; + interfaceListPointer->unreachablesSupported = true; + interfaceListPointer->redirectsSupported = true; + interfaceListPointer->ipMaskReplySupported = true; + interfaceListPointer->ipDirectBroadcastSupported = true; + interfaceListPointer->vlanSupported = true; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + interfaceListPointer->portSecuritySupported = false; + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + if (device->general != 0) + { + if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 1))) + { + interfaceListPointer->informationReplySupported = true; + if (device->isSwitch) + { + interfaceListPointer->portSecuritySupported = true; + } + } + } + interfaceListPointer->cdpSupported = true; + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 12); + interfacePointer->proxyARP = true; + interfacePointer->mop = true; + interfacePointer->ipUnreachables = true; + interfacePointer->ipRedirects = true; + interfacePointer->cdp = true; + if (device->general != 0) + { + if (device->general->versionMajor < 12) + interfacePointer->ipDirectBroadcast.assign(i18n("All")); + } + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "Ethernet", 8) == 0) + { + interfaceListPointer = getInterfaceList("ETHERINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Ethernet Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices ethernet interfaces."); + interfaceListPointer->tableTitle = i18n("Ethernet interfaces"); + interfaceListPointer->label = "ETHERINTERFACES"; + interfaceListPointer->proxyArpSupported = true; + interfaceListPointer->mopSupported = true; + interfaceListPointer->unreachablesSupported = true; + interfaceListPointer->redirectsSupported = true; + interfaceListPointer->ipMaskReplySupported = true; + interfaceListPointer->ipDirectBroadcastSupported = true; + interfaceListPointer->vlanSupported = true; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + interfaceListPointer->portSecuritySupported = false; + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + if (device->general != 0) + { + if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 1))) + { + interfaceListPointer->informationReplySupported = true; + if (device->isSwitch) + { + interfaceListPointer->portSecuritySupported = true; + } + } + } + interfaceListPointer->cdpSupported = true; + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 8); + interfacePointer->proxyARP = true; + interfacePointer->mop = true; + interfacePointer->ipUnreachables = true; + interfacePointer->ipRedirects = true; + interfacePointer->cdp = true; + if (device->general != 0) + { + if (device->general->versionMajor < 12) + interfacePointer->ipDirectBroadcast.assign(i18n("All")); + } + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "Vlan", 4) == 0) + { + interfaceListPointer = getInterfaceList("VLANINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*VLAN*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*VLAN*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*VLAN*-ABBREV* interfaces"); + interfaceListPointer->label = "VLANINTERFACES"; + interfaceListPointer->proxyArpSupported = true; + interfaceListPointer->unreachablesSupported = true; + interfaceListPointer->redirectsSupported = true; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 4); + interfacePointer->proxyARP = true; + interfacePointer->ipUnreachables = true; + interfacePointer->ipRedirects = true; + } + else if (strncasecmp(command->part(1), "Loopback", 8) == 0) + { + interfaceListPointer = getInterfaceList("LOOPBACKINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Loopback Interfaces"); + interfaceListPointer->description = i18n("Loopback interfaces are virutal interfaces that are handled by software and are always up. This section describes the configuration of the loopback interfaces."); + interfaceListPointer->tableTitle = i18n("Loopback interfaces"); + interfaceListPointer->label = "LOOPBACKINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 8); + } + else if (strncasecmp(command->part(1), "Serial", 6) == 0) + { + interfaceListPointer = getInterfaceList("SERIALINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Serial Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices serial interfaces."); + interfaceListPointer->tableTitle = i18n("Serial interfaces"); + interfaceListPointer->label = "SERIALINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 6); + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "hssi", 4) == 0) + { + interfaceListPointer = getInterfaceList("HSSIINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*HSSI*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*HSSI*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*HSSI*-ABBREV* interfaces"); + interfaceListPointer->label = "HSSIINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 4); + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "fddi", 4) == 0) + { + interfaceListPointer = getInterfaceList("FDDIINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*FDDI*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*FDDI*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*FDDI*-ABBREV* interfaces"); + interfaceListPointer->label = "FDDIINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 4); + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "Dot11Radio", 10) == 0) + { + interfaceListPointer = getInterfaceList("WIRELESSINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Wireless Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices wireless interfaces."); + interfaceListPointer->tableTitle = i18n("Wireless interfaces"); + interfaceListPointer->label = "WIRELESSINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 10); + } + else if (strncasecmp(command->part(1), "Dialer", 6) == 0) + { + interfaceListPointer = getInterfaceList("DIALINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Dialer Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices dialer interfaces."); + interfaceListPointer->tableTitle = i18n("Dialer interfaces"); + interfaceListPointer->label = "DIALINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 6); + } + else if (strncasecmp(command->part(1), "BRI", 3) == 0) + { + interfaceListPointer = getInterfaceList("ISDNINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*ISDN*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*ISDN*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*ISDN*-ABBREV* interfaces"); + interfaceListPointer->label = "ISDNINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 3); + } + else if (strncasecmp(command->part(1), "POS", 3) == 0) + { + interfaceListPointer = getInterfaceList("POSINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*POS*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*POS*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*POS*-ABBREV* interfaces"); + interfaceListPointer->label = "POSINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 3); + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "ATM", 3) == 0) + { + interfaceListPointer = getInterfaceList("ATMINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*ATM*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*ATM*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*ATM*-ABBREV* interfaces"); + interfaceListPointer->label = "ATMINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 3); + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "Tunnel", 6) == 0) + { + interfaceListPointer = getInterfaceList("TUNINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Tunnel Interfaces"); + interfaceListPointer->description = i18n("Tunnel interfaces are virtual interfaces. This section describes the configuration of the tunnel interfaces."); + interfaceListPointer->tableTitle = i18n("Tunnel interfaces"); + interfaceListPointer->label = "TUNINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 6); + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "Port-channel", 12) == 0) + { + interfaceListPointer = getInterfaceList("PORTINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Port Channel Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the port channel interfaces."); + interfaceListPointer->tableTitle = i18n("Port channel interfaces"); + interfaceListPointer->label = "PORTINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 12); + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else + { + interfaceListPointer = getInterfaceList("OTHERINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Other Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the other interfaces configured on *DEVICENAME*."); + interfaceListPointer->tableTitle = i18n("Other interfaces"); + interfaceListPointer->label = "OTHERINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1)); + } + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((line[0] != '!') && (feof(device->inputFile) == 0)) + { + + if (strcmp(command->part(0), "no") == 0) + { + setting = false; + tempInt = 1; + } + else + { + setting = true; + tempInt = 0; + } + + // IP + if (strcmp(command->part(tempInt), "ip") == 0) + { + tempInt++; + + // address... + if (strcmp(command->part(1), "address") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface IP address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->address.assign(command->part(2)); + interfacePointer->netmask.assign(command->part(3)); + } + + else if (strcmp(command->part(1), "access-group") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface ACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (strcmp(command->part(3), "in") == 0) + addFilterList(interfacePointer, command->part(2), true); + else + addFilterList(interfacePointer, command->part(2), false); + } + + else if (strcmp(command->part(tempInt), "proxy-arp") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Proxy ARP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->proxyARP = setting; + } + + else if (strcmp(command->part(tempInt), "unreachables") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface IP Unreachables Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->ipUnreachables = setting; + } + + else if (strcmp(command->part(tempInt), "redirects") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface IP Redirect Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->ipRedirects = setting; + } + + else if (strcmp(command->part(tempInt), "mask-reply") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface IP Mask Reply Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->ipMaskReply = setting; + } + + else if (strcmp(command->part(tempInt), "information-reply") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface IP Information Reply Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->infoReply = setting; + } + + else if (strcmp(command->part(tempInt), "directed-broadcast") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface IP Directed Broadcast Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + { + if (command->parts == 2) + interfacePointer->ipDirectBroadcast.assign(i18n("On")); + else + { + tempString.assign(i18n("On (")); + tempString.append(command->part(2)); + tempString.append(")"); + interfacePointer->ipDirectBroadcast.assign(tempString); + } + } + } + + // All others... + else + device->lineNotProcessed(line); + } + + // shutdown... + else if (strcmp(command->part(0), "shutdown") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Shutdown Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->enabled = false; + } + + // switchport... + else if ((strcmp(command->part(0), "switchport") == 0) && (strcmp(command->part(1), "mode") == 0) && ((strcmp(command->part(2), "access") == 0) || (strcmp(command->part(2), "dynamic") == 0) || (strcmp(command->part(2), "trunk") == 0))) + { + device->isSwitch = true; + + if (device->config->reportFormat == Config::Debug) + printf("%sSwitchport mode Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(2), "access") == 0) + interfacePointer->switchportMode = portModeAccess; + else if (strcmp(command->part(2), "dynamic") == 0) + interfacePointer->switchportMode = portModeDynamic; + else + interfacePointer->switchportMode = portModeTrunk; + } + else if ((strcmp(command->part(0), "switchport") == 0) && (strcmp(command->part(1), "port-security") == 0) && (command->parts == 2)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSwitchport port-security Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->switchportSecurity = true; + interfaceListPointer->portSecuritySupported = true; + } + else if ((strcmp(command->part(0), "switchport") == 0) && (strcmp(command->part(1), "access") == 0) && (strcmp(command->part(2), "vlan") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSwitchport VLAN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + addVLAN(interfacePointer, command->part(3)); + } + else if ((strcmp(command->part(0), "switchport") == 0) && (strcmp(command->part(1), "port-security") == 0) && (strcmp(command->part(2), "violation") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSwitchport port-security Violation Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(3), "restrict") == 0) + interfacePointer->switchportViolation = onViolationRestrict; + else if (strcmp(command->part(3), "protect") == 0) + interfacePointer->switchportViolation = onViolationProtect; + else + interfacePointer->switchportViolation = onViolationShutdown; + interfaceListPointer->portSecuritySupported = true; + } + else if (strcmp(command->part(tempInt), "switchport") == 0) + { + device->isSwitch = true; + device->lineNotProcessed(line); + } + + // Description + else if (strcmp(command->part(0), "description") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Description Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->description.assign(strstr(line, command->part(1))); + } + + // mop + else if ((strcmp(command->part(tempInt), "mop") == 0) && (strncmp(command->part(tempInt + 1), "enable", 6) != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface MOP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->mop = setting; + } + + // cdp + else if ((strcmp(command->part(tempInt), "cdp") == 0) && (strcmp(command->part(tempInt + 1), "enable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface CDP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->cdp = setting; + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int IOSInterfaces::processDefaults(Device *device) +{ + interfaceListConfig *interfaceListPointer = 0; + interfaceConfig *interfacePointer = 0; + + interfaceListPointer = interfaceList; + while (interfaceListPointer != 0) + { + interfacePointer = interfaceListPointer->interface; + while (interfacePointer != 0) + { + if (interfacePointer->vlan == 0) + addVLAN(interfacePointer, "1"); + interfacePointer = interfacePointer->next; + } + interfaceListPointer = interfaceListPointer->next; + } + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/interfaces.h.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/interfaces.h.svn-base new file mode 100644 index 0000000..489cb5e --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/interfaces.h.svn-base @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef IOSInterfaces_H +#define IOSInterfaces_H + + +#include "../device/interfaces/interfaces.h" + + +class IOSInterfaces : public Interfaces +{ + public: + + IOSInterfaces(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); +}; + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/iosdevice.cpp.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/iosdevice.cpp.svn-base new file mode 100644 index 0000000..82045e0 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/iosdevice.cpp.svn-base @@ -0,0 +1,325 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "iosdevice.h" +#include "../device/common/configline.h" +#include "general.h" +#include "administration.h" +#include "authentication.h" +#include "banner.h" +#include "snmp.h" +#include "filter.h" +#include "dns.h" +#include "interfaces.h" + + +IOSDevice::IOSDevice() +{ + general = new (IOSGeneral); + administration = new (IOSAdministration); + authentication = new (IOSAuthentication); + banner = new (IOSBanner); + snmp = new (IOSSNMP); + filter = new (IOSFilter); + dns = new (IOSDNS); + interfaces = new (IOSInterfaces); + + deviceMake = "Cisco"; + deviceType = "IOS Generic"; + deviceOS = "IOS"; +} + + +IOSDevice::~IOSDevice() +{ + delete general; + delete administration; + delete authentication; + delete banner; + delete snmp; + delete filter; + delete dns; + delete interfaces; +} + + +int IOSDevice::processDevice() +{ + // Variables... + char line[MAX_SIZE]; + ConfigLine command; + unsigned int tempInt = 0; + int tempVersion = 0; + bool setting = false; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, MAX_SIZE); + + // Split it up into parts... + command.setConfigLine(line); + + // Init + if (strcmp(command.part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + if (line[0] == '!') + { } + + // Hostname (in general)... + else if (strcmp(command.part(tempInt), "hostname") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Version (in general)... + else if (strcmp(command.part(tempInt), "version") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Enable... + else if (strcmp(command.part(tempInt), "enable") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Usernames... + else if (strcmp(command.part(tempInt), "username") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Interface... + else if (strcmp(command.part(tempInt), "interface") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // aaa authentication... + else if ((strcmp(command.part(tempInt), "aaa") == 0) && (strcmp(command.part(tempInt + 1), "authentication") == 0) && (strcmp(command.part(tempInt + 2), "banner") != 0)) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // aaa authentication... + else if ((strcmp(command.part(tempInt), "aaa") == 0) && (strcmp(command.part(tempInt + 1), "group") == 0)) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // radius... + else if (strcmp(command.part(tempInt), "radius-server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // tacacs... + else if (strcmp(command.part(tempInt), "tacacs-server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // kerberos... + else if ((strcmp(command.part(tempInt), "kerberos") == 0) && (strcmp(command.part(tempInt + 1), "server") == 0)) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Service lines... + else if (strcmp(command.part(tempInt), "service") == 0) + { + tempInt++; + + // Password Encryption (in general)... + if (strcmp(command.part(tempInt), "password-encryption") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Finger... + else if (strcmp(command.part(tempInt), "finger") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // NOT PROCESSED... + else + lineNotProcessed(line); + } + + // IP lines... + else if (strcmp(command.part(tempInt), "ip") == 0) + { + tempInt++; + + // ACL... + if (strcmp(command.part(tempInt), "access-list") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SSH... + else if (strcmp(command.part(tempInt), "ssh") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // HTTP... + else if (strcmp(command.part(tempInt), "http") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // dns... + else if (strcmp(command.part(tempInt), "dns") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // dns... + else if (strcmp(command.part(tempInt), "domain") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // dns... + else if (strcmp(command.part(tempInt), "domain-list") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // dns... + else if (strcmp(command.part(tempInt), "domain-lookup") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // dns... + else if (strcmp(command.part(tempInt), "domain-name") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // dns... + else if (strcmp(command.part(tempInt), "name-server") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // BootP... + else if (strcmp(command.part(tempInt), "bootp") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Finger... + else if (strcmp(command.part(tempInt), "finger") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // NOT PROCESSED... + else + lineNotProcessed(line); + } + + // SNMP (in snmp)... + else if (strcmp(command.part(tempInt), "snmp-server") == 0) + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Banner... + else if (strcmp(command.part(tempInt), "banner") == 0) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // aaa authentication... + else if ((strcmp(command.part(tempInt), "aaa") == 0) && (strcmp(command.part(tempInt + 1), "authentication") == 0) && (strcmp(command.part(tempInt + 2), "banner") == 0)) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Access List... + else if (strcmp(command.part(tempInt), "access-list") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Line (in Administration)... + else if (strcmp(command.part(tempInt), "line") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // CDP... + else if ((strcmp(command.part(tempInt), "cdp") == 0) && (strcmp(command.part(tempInt), "run") == 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // NOT PROCESSED... + else + lineNotProcessed(line); + } + + if ((general->version.empty()) && (config->deviceTypeChecks == true)) + return libnipper_error_wrongdevice; + + // Sort out any specified version... + if (config->osVersion != 0) + { + if (strlen(config->osVersion) > 0) + { + general->version.assign(config->osVersion); + + // Version Major... + tempVersion = atoi(config->osVersion); + if ((tempVersion != 0) || (config->osVersion[0] == '0')) + { + general->versionMajor = tempVersion; + tempInt = 0; + while ((tempInt < strlen(config->osVersion)) && (config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Minor... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionMinor = tempVersion; + general->noMinor = false; + + while ((tempInt < strlen(config->osVersion)) && (config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Revision... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionRevision = tempVersion; + general->noRevision = false; + + while ((tempInt < strlen(config->osVersion)) &&(config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Tweak... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionTweak = tempVersion; + general->noTweak = false; + } + } + } + } + } + } + } + } + } + + return 0; +} + + +void IOSDevice::setPostDefaults() +{ +} + diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/iosdevice.h.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/iosdevice.h.svn-base new file mode 100644 index 0000000..e78f029 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/iosdevice.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_IOS_H +#define device_IOS_H + + +#include "../device/device.h" + + +class IOSDevice : public Device +{ + public: + IOSDevice(); + virtual ~IOSDevice(); + + virtual int processDevice(); + virtual void setPostDefaults(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/snmp-report.cpp.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/snmp-report.cpp.svn-base new file mode 100644 index 0000000..5864174 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/snmp-report.cpp.svn-base @@ -0,0 +1,419 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include "../globaldefs.h" +#include "iosdevice.h" +#include "general.h" +#include "snmp.h" + + +int IOSSNMP::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-SNMP"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-SNMP-TABLE"); + + // System Shutdown... + device->addTableData(paragraphPointer->table, i18n("*ABBREV*SNMP*-ABBREV* System Shutdown")); + if (systemShutdown == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + // SNMP Server Manager... + if (device->general != 0) + { + if ((device->general->versionMajor > 11) || ((device->general->versionMajor == 11) && (device->general->versionMinor > 2)) || (device->general->versionMajor == 0)) + { + device->addTableData(paragraphPointer->table, i18n("Manager")); + if (managerEnabled == true) + { + device->addTableData(paragraphPointer->table, i18n("Enabled")); + device->addTableData(paragraphPointer->table, i18n("Manager Session Timeout")); + tempString.assign(device->intToString(managerTimeout)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + } + } + + // TFTP Server List ACL... + if (!tftpServerList.empty()) + { + device->addTableData(paragraphPointer->table, i18n("*ABBREV*TFTP*-ABBREV* Server List *ABBREV*ACL*-ABBREV*")); + device->addTableData(paragraphPointer->table, tftpServerList.c_str()); + } + + // Trap Source Interface... + if (!trapSource.empty()) + { + device->addTableData(paragraphPointer->table, i18n("Trap Source Interface")); + device->addTableData(paragraphPointer->table, trapSource.c_str()); + } + + // Trap Queue Length... + device->addTableData(paragraphPointer->table, i18n("Maximum Trap Queue Length")); + tempString.assign(device->intToString(trapQueueLength)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + + // Trap Timeout... + device->addTableData(paragraphPointer->table, i18n("Trap Timeout")); + tempString.assign(device->intToString(trapTimeout)); + tempString.append(i18n(" seconds")); + device->addTableData(paragraphPointer->table, tempString.c_str()); + + // Packet Size... + device->addTableData(paragraphPointer->table, i18n("Maximum Packet Size")); + tempString.assign(device->intToString(packetSize)); + tempString.append(i18n(" bytes")); + device->addTableData(paragraphPointer->table, tempString.c_str()); + + return errorCode; +} + + +int IOSSNMP::generateSecuritySpecificReport(Device *device) +{ + // Variables... + snmpCommunity *snmpCommunityPointer = 0; + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + bool dictionaryCommunity = false; + bool weakCommunity = false; + bool writeAccess = false; + bool noCommunityFilter = false; + int errorCode = 0; + + // Searching for issues... + snmpCommunityPointer = community; + while (snmpCommunityPointer != 0) + { + if ((snmpCommunityPointer->enabled == true) && (snmpCommunityPointer->type != communityReadOnly) && (((communityRequiresHosts == true) && (hostCommunityExists(snmpCommunityPointer->community.c_str()) == true)) || (communityRequiresHosts == false))) + { + writeAccess = true; + if (snmpCommunityPointer->communityInDict == true) + dictionaryCommunity = true; + else if (snmpCommunityPointer->communityWeak != Device::passwordPassed) + weakCommunity = true; + if ((communityFilter == true) && (snmpCommunityPointer->filter.empty())) + noCommunityFilter = true; + } + snmpCommunityPointer = snmpCommunityPointer->next; + } + + // System Shutdown via SNMP... + if ((systemShutdown == true) && (writeAccess == true)) + { + + // Write Access... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWRIT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "IOS.SNMPSHUT.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPSHUT.1"); + } + + // Clear-text SNMP... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPCLEA.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + device->addString(paragraphPointer, "IOS.SNMPSHUT.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPSHUT.1"); + } + + // Dictionary-based Community Strings... + if (dictionaryCommunity == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPDICT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "IOS.SNMPSHUT.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPSHUT.1"); + } + } + + // Weak Community Strings... + if (weakCommunity == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWEAK.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "IOS.SNMPSHUT.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPSHUT.1"); + } + } + + // No Filtering... + if (noCommunityFilter == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPFILT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + device->addString(paragraphPointer, "IOS.SNMPSHUT.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPSHUT.1"); + } + } + + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] SNMP Shutdown Configured\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("*ABBREV*SNMP*-ABBREV* System Shutdown Enabled")); + securityIssuePointer->reference.assign("IOS.SNMPSHUT.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addString(paragraphPointer, snmpFilterText); + paragraphPointer->paragraph.assign(i18n("A *ABBREV*SNMP*-ABBREV* system shutdown facility can be configured for *DEVICETYPE* so that network administrators can remotely reset the devices. *COMPANY* determined that the *ABBREV*SNMP*-ABBREV* system shutdown option was enabled on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 8; // High + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker who had *ABBREV*SNMP*-ABBREV* write access could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("For an attacker to exploit this issue they would require *ABBREV*SNMP*-ABBREV* query tools and a community string with write access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV*. *ABBREV*SNMP*-ABBREV* query tools are available on the Internet and some *ABBREV*OS*-ABBREV* install them by default.")); + if (dictionaryCommunity == true) + { + securityIssuePointer->easeRating = 8; // Easy + device->addString(paragraphPointer, "GEN.SNMPDICT.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a dictionary attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + else if (weakCommunity == true) + { + securityIssuePointer->easeRating = 5; // Moderate + device->addString(paragraphPointer, "GEN.SNMPWEAK.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a brute-force attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + if (noCommunityFilter == true) + { + device->addString(paragraphPointer, "GEN.SNMPFILT.1"); + paragraphPointer->paragraph.append(i18n(" *ABBREV*ACL*-ABBREV* were not fully configured to restrict access to specific *ABBREV*NMS*-ABBREV* or *ABBREV*SNMP*-ABBREV* management hosts (see section *SECTIONNO*).")); + } + else + { + securityIssuePointer->easeRating = 2; // Challenging + paragraphPointer->paragraph.append(i18n(" Although *ABBREV*ACL*-ABBREV* were configured to restrict *ABBREV*SNMP*-ABBREV* access from specific host, although a skilled attacker may be able to bypass any host-based access restrictions.")); + } + + // Issue recommendation... + securityIssuePointer->fixRating = 3; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("Generally the *ABBREV*SNMP*-ABBREV* system shutdown is not saved to the *DEVICETYPE* configuration file. *COMPANY* recommends that the *ABBREV*SNMP*-ABBREV* system shutdown facility should be disabled. This can be done with the following command:*CODE**COMMAND*no snmp-server system-shutdown*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("*ABBREV*SNMP*-ABBREV* system shutdown was enabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable *ABBREV*SNMP*-ABBREV* system shutdown")); + + // Dependent issues... + device->addDependency(securityIssuePointer, "GEN.SNMPCLEA.1"); + device->addDependency(securityIssuePointer, "GEN.SNMPWRIT.1"); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPDICT.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPWEAK.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPFILT.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPWEFI.1"); + } + + if ((tftpServerList.empty()) && (writeAccess == true)) + { + // Write Access... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWRIT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "IOS.SNMPTFTP.1"); + paragraphPointer->paragraph.append(i18n("On *DEVICETYPE*, an attacker with write access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* could remotely obtain a copy of the *DEVICENAME* configuration using *ABBREV*TFTP*-ABBREV* (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPTFTP.1"); + } + + // Clear-text SNMP... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPCLEA.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "IOS.SNMPTFTP.1"); + paragraphPointer->paragraph.append(i18n("On *DEVICETYPE*, an attacker with write access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* could remotely obtain a copy of the *DEVICENAME* configuration using *ABBREV*TFTP*-ABBREV* (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPTFTP.1"); + } + + // Dictionary-based Community Strings... + if (dictionaryCommunity == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPDICT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "IOS.SNMPTFTP.1"); + paragraphPointer->paragraph.append(i18n("On *DEVICETYPE*, an attacker with write access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* could remotely obtain a copy of the *DEVICENAME* configuration using *ABBREV*TFTP*-ABBREV* (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPTFTP.1"); + } + } + + // Weak Community Strings... + if (weakCommunity == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWEAK.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "IOS.SNMPTFTP.1"); + paragraphPointer->paragraph.append(i18n("On *DEVICETYPE*, an attacker with write access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* could remotely obtain a copy of the *DEVICENAME* configuration using *ABBREV*TFTP*-ABBREV* (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPTFTP.1"); + } + } + + // No Filtering... + if (noCommunityFilter == true) + { + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "IOS.SNMPTFTP.1"); + paragraphPointer->paragraph.append(i18n("On *DEVICETYPE*, an attacker with write access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* could remotely obtain a copy of the *DEVICENAME* configuration using *ABBREV*TFTP*-ABBREV* (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPTFTP.1"); + } + } + + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] SNMP TFTP Server List ACL\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("No *ABBREV*SNMP*-ABBREV* *ABBREV*TFTP*-ABBREV* Server List *ABBREV*ACL*-ABBREV* Configured")); + securityIssuePointer->reference.assign("IOS.SNMPTFTP.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("Using *ABBREV*SNMP*-ABBREV*, a *DEVICETYPE* can be instructed to save its configuration to a file on a *ABBREV*TFTP*-ABBREV* server. This feature enables network administrators and management software to quickly obtain a copy of the *DEVICETYPE* configuration. An *ABBREV*ACL*-ABBREV* can be configured on *DEVICETYPE* from *ABBREV*IOS*-ABBREV* version 10.2 to help secure access to this functionality.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that no *ABBREV*TFTP*-ABBREV* server *ABBREV*ACL*-ABBREV* had been configured on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 6; // Medium + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker who had *ABBREV*SNMP*-ABBREV* write access could remotely obtain the *DEVICENAME* configuration. The configuration would include any passwords for *DEVICENAME*.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("For an attacker to exploit this issue they would require *ABBREV*SNMP*-ABBREV* query tools, a *ABBREV*TFTP*-ABBREV* server and a community string with write access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV*. *ABBREV*SNMP*-ABBREV* query tools and *ABBREV*TFTP*-ABBREV* server software are available on the Internet and some *ABBREV*OS*-ABBREV* install them by default.")); + if (dictionaryCommunity == true) + { + securityIssuePointer->easeRating = 5; // Moderate + device->addString(paragraphPointer, "GEN.SNMPDICT.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a dictionary attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + else if (weakCommunity == true) + { + securityIssuePointer->easeRating = 3; // Moderate + device->addString(paragraphPointer, "GEN.SNMPWEAK.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a brute-force attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + if (noCommunityFilter == true) + { + device->addString(paragraphPointer, "GEN.SNMPFILT.1"); + paragraphPointer->paragraph.append(i18n(" *ABBREV*ACL*-ABBREV* were not fully configured to restrict access to specific *ABBREV*NMS*-ABBREV* or *ABBREV*SNMP*-ABBREV* management hosts (see section *SECTIONNO*).")); + } + else + { + securityIssuePointer->easeRating = 2; // Challenging + paragraphPointer->paragraph.append(i18n(" Although *ABBREV*ACL*-ABBREV* were configured to restrict *ABBREV*SNMP*-ABBREV* access from specific host, although a skilled attacker may be able to bypass any host-based access restrictions.")); + } + + // Issue recommendation... + securityIssuePointer->fixRating = 2; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that a *ABBREV*SNMP*-ABBREV* *ABBREV*TFTP*-ABBREV* server list *ABBREV*ACL*-ABBREV* should be configured to ensure that configurations are only saved to specific hosts.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("The following example configures *ABBREV*ACL*-ABBREV* number 20 for use as a *ABBREV*SNMP*-ABBREV* *ABBREV*TFTP*-ABBREV* server list and gives access to a single host with logging.*CODE**COMMAND*access-list 20 permit 192.168.0.50 255.255.255.255 log*-COMMAND**COMMAND*access-list 20 deny any log*-COMMAND**-CODE*")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("The *ABBREV*ACL*-ABBREV* can then be assigned as the *ABBREV*SNMP*-ABBREV* *ABBREV*TFTP*-ABBREV* server list with the following command:*CODE**COMMAND*snmp-server tftp-server-list 20*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("a *ABBREV*SNMP*-ABBREV* *ABBREV*TFTP*-ABBREV* server list was not configured")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Configure a *ABBREV*SNMP*-ABBREV* *ABBREV*TFTP*-ABBREV* server list")); + + // Dependent issues... + device->addDependency(securityIssuePointer, "GEN.SNMPCLEA.1"); + device->addDependency(securityIssuePointer, "GEN.SNMPWRIT.1"); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPDICT.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPWEAK.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPFILT.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPWEFI.1"); + } + + return errorCode; +} + + diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/snmp.cpp.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/snmp.cpp.svn-base new file mode 100644 index 0000000..5858536 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/snmp.cpp.svn-base @@ -0,0 +1,662 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "iosdevice.h" +#include "general.h" +#include "snmp.h" + +using namespace std; + + +IOSSNMP::IOSSNMP() +{ + + // Init SNMP support options... + deviceSNMPSupportText = i18n("*DEVICETYPE* support *ABBREV*SNMP*-ABBREV* from *ABBREV*IOS*-ABBREV* version 10 and *ABBREV*SNMP*-ABBREV* version 3 from *ABBREV*IOS*-ABBREV* version 12."); // Intro Config section device specific text. + supportSNMP3 = false; // Does this device support SNMPv3? + supportSNMP3Upgrade = false; // Do you have to upgrade to get support for SNMPv3 + supportSNMP3UpgText = i18n("*ABBREV*SNMP*-ABBREV* version 3 is supported from *ABBREV*IOS*-ABBREV* version 12."); // SNMP 3 is supported from OS version ... + disableSNMPCmdText = i18n("*ABBREV*SNMP*-ABBREV* can be disabled with the following command:*CODE**COMMAND*no snmp-server*-COMMAND**-CODE*"); // The text and command(s) to disable SNMP support + configSNMPCommunityText = i18n("A *ABBREV*SNMP*-ABBREV* community string can be configured with the following command:*CODE**COMMAND*snmp-server community *CMDUSER*community-string*-CMDUSER* *CMDOPTION*view *CMDUSER*view-name*-CMDUSER**-CMDOPTION* *CMDOPTION*ro *CMDOR* rw*-CMDOPTION* *CMDOPTION**CMDUSER*acl-number*-CMDUSER**-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure a community string + configSNMP3Text = i18n("To configure *ABBREV*SNMP*-ABBREV* version 3, you configure a group and then add users to the group. The following commands can be used to create a group and add a user to it:*CODE**COMMAND*snmp-server group *CMDUSER*group-name*-CMDUSER* v3 *CMDREQUIRE*noauth *CMDOR* auth *CMDOR* priv*-CMDREQUIRE* *CMDOPTION*read *CMDUSER*read-view*-CMDUSER**-CMDOPTION* *CMDOPTION*write *CMDUSER*write-view*-CMDUSER**-CMDOPTION* *CMDOPTION*notify *CMDUSER*notify-view*-CMDUSER**-CMDOPTION* *CMDOPTION*access *CMDUSER*acl*-CMDUSER**-CMDOPTION**-COMMAND**COMMAND*snmp-server user *CMDUSER*username*-CMDUSER* *CMDUSER*group-name*-CMDUSER* v3 *CMDOPTION*auth *CMDREQUIRE*md5 *CMDOR* sha*-CMDREQUIRE* *CMDUSER*auth-password*-CMDUSER**-CMDOPTION* *CMDOPTION*access *CMDUSER*acl*-CMDUSER**-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP version 3 + configSNMPViewText = i18n("A *ABBREV*SNMP*-ABBREV* view can be configured and then assigned to a community string with the following commands:*CODE**COMMAND*snmp-server view *CMDUSER*view-name*-CMDUSER* *CMDUSER*oid*-CMDUSER* *CMDREQUIRE*included *CMDOR* excluded*-CMDREQUIRE**-COMMAND**COMMAND*snmp-server community *CMDUSER*community-string*-CMDUSER* *CMDOPTION*view *CMDUSER*view-name*-CMDUSER**-CMDOPTION* *CMDOPTION*ro *CMDOR* rw*-CMDOPTION* *CMDOPTION**CMDUSER*acl-number*-CMDUSER**-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP views + configSNMPTrapsText = i18n("A *ABBREV*SNMP*-ABBREV* trap can be configured with the following command:*CODE*snmp-server host *CMDUSER*ip-address*-CMDUSER* traps *CMDOPTION*version *CMDREQUIRE*1 *CMDOR* 2c *CMDOR* 3 *CMDOPTION*noauth *CMDOR* auth *CMDOR* priv*-CMDOPTION**-CMDREQUIRE**-CMDOPTION* *CMDUSER*community-string*-CMDUSER**-CODE*"); // The text and command(s) to configure SNMP traps + configSNMPInformsText = i18n("A *ABBREV*SNMP*-ABBREV* inform can be configured with the following command:*CODE*snmp-server host *CMDUSER*ip-address*-CMDUSER* informs *CMDOPTION*version *CMDREQUIRE*1 *CMDOR* 2c *CMDOR* 3 *CMDOPTION*noauth *CMDOR* auth *CMDOR* priv*-CMDOPTION**-CMDREQUIRE**-CMDOPTION* *CMDUSER*community-string*-CMDUSER**-CODE*"); // The text and command(s) to configure SNMP informs + configSNMPReadOnlyText = i18n("Read only *ABBREV*SNMP*-ABBREV* community strings can be configured with the following command:*CODE**COMMAND*snmp-server community *CMDUSER*community-string*-CMDUSER* *CMDOPTION*view *CMDUSER*view-name*-CMDUSER**-CMDOPTION* ro *CMDOPTION**CMDUSER*acl-number*-CMDUSER**-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP read only access + configSNMPFilterText = i18n("The following commands can be used to configure an *ABBREV*ACL*-ABBREV* and assign it to a community string:*CODE**COMMAND*access-list *CMDUSER*acl-number*-CMDUSER* permit *CMDUSER*ip-address*-CMDUSER* *CMDUSER*network-mask*-CMDUSER* log*-COMMAND**COMMAND*access-list *CMDUSER*acl-number*-CMDUSER* deny any log*-COMMAND**COMMAND*snmp-server community *CMDUSER*community-string*-CMDUSER* *CMDOPTION*view *CMDUSER*view-name*-CMDUSER**-CMDOPTION* *CMDOPTION*ro *CMDOR* rw*-CMDOPTION* *CMDOPTION**CMDUSER*acl-number*-CMDUSER**-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP filtering + + snmpFilterText = i18n("*ABBREV*ACL*-ABBREV*"); // The device specific description of a filter (i.e. Cisco called them ACL) + snmpFilterIPv6Text = i18n("*ABBREV*IPv6*-ABBREV* *ABBREV*ACL*-ABBREV*"); + + // Community Options... + communityView = true; // SNMP view for the community + communityFilter = true; // SNMP Network Filtering + communityIPv6Filter = true; // SNMP IPv6 Network Filtering + communitySpecificFilters = false; // If the device uses an SNMP specific list. If false, it is std device filters + communityRequiresHosts = false; // If the SNMP community will not work without a list of those who can access it + + // View Options... + viewSeperated = true; // Separate the views into different tables + viewExcludes = true; // Show the Include/Exclude View Table column + + // SNMP Trap/Inform Host Options... + trapsOnly = false; // Only Traps are supported + trapsSNMPv3 = true; // SNMP v3 support for traps + trapsShowPort = true; // Show Trap Host Port in Table + trapsInterface = true; // Show Interface in Table + trapsInterfaceText = i18n("*ABBREV*VRF*-ABBREV*"); // The Traps/Informs Host Table Interface Column Title + trapsShowNotifications = true; // Show Notifications in the Table + trapsShowEventLevel = false; // Show Notification Event Level in the Table + + // Traps/Informs Options... + trapsShowExcluded = true; // Show excluded traps + trapsShowOptions = true; // Show trap options + + // SNMP User Options... + showUserRemote = true; // Show the remote host/port setting + showUserPriv = false; // Show the privacy settings + showUserFilter = true; // Show the Filter column in the table + showUserIPv6Filter = true; // Show the IPv6 Filter column in the table + userFilterText = i18n("*ABBREV*ACL*-ABBREV*"); // The Text for the Filter table column title + userIPv6FilterText = i18n("*ABBREV*IPv6*-ABBREV* *ABBREV*ACL*-ABBREV*"); // The Text for the IPv6 Filter table column title + + // SNMP Group Options... + snmpGroupShowType = true; // Enable/Disable SNMPv3 type in table + snmpGroupReadView = true; // Enable/Disable Read Views + snmpGroupWriteView = true; // Enable/Disable Write Views + snmpGroupNotifyView = true; // Enable/Disable Notify Views + snmpGroupFilter = true; // Enable/Disable Filter support + snmpGroupIPv6Filter = true; // Enable/Disable IPv6 Filter support + groupFilterText = i18n("*ABBREV*ACL*-ABBREV*"); // The Text for the Filter table column title + groupIPv6FilterText = i18n("*ABBREV*IPv6*-ABBREV* *ABBREV*ACL*-ABBREV*"); // The Text for the IPv6 Filter table column title + + // Device specific stuff... + managerEnabled = false; + managerTimeout = 600; + packetSize = 1500; + trapQueueLength = 10; + systemShutdown = false; + trapTimeout = 30; +} + + +int IOSSNMP::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + snmpCommunity *communityPointer = 0; + snmpTrapHost *trapHostPointer = 0; + snmpTrap *snmpTrapPointer = 0; + snmpUserStruct *snmpUserPointer = 0; + snmpGroupStruct *snmpGroupPointer = 0; + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 2; + setting = false; + } + else + { + tempInt = 1; + setting = true; + } + + // Server... + if (command->parts == tempInt + 1) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + enabled = setting; + snmp12Enabled = setting; + snmp3Enabled = setting; + } + + // Location... + else if (strcmp(command->part(tempInt), "location") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Location Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + location.assign(line + 9 + string(line).find("location")); + } + + // Contact... + else if (strcmp(command->part(tempInt), "contact") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Contact Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + contact.assign(line + 8 + string(line).find("contact")); + } + + // TFTP Server List... + else if (strcmp(command->part(tempInt), "tftp-server-list") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP TFTP Server List Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tftpServerList.assign(command->part(tempInt + 1)); + } + + // Chassis ID... + else if (strcmp(command->part(tempInt), "chassis-id") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Chassis ID Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + chassis.assign(command->part(tempInt + 1)); + } + + // SNMP Manager Timeout... + else if ((strcmp(command->part(tempInt), "manager") == 0) && (strcmp(command->part(tempInt + 1), "session-timeout") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Manager Session Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + managerTimeout = atoi(command->part(tempInt)); + } + + // SNMP Manager... + else if (strcmp(command->part(tempInt), "manager") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Manager Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + managerEnabled = setting; + } + + // SNMP Packet Size... + else if (strcmp(command->part(tempInt), "packetsize") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Packet Size Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + packetSize = atoi(command->part(tempInt)); + } + + // SNMP Trap Queue Length... + else if (strcmp(command->part(tempInt), "queue-length") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Queue Length Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapQueueLength = atoi(command->part(tempInt)); + } + + // SNMP Trap Tiemout... + else if (strcmp(command->part(tempInt), "trap-timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapTimeout = atoi(command->part(tempInt)); + } + + // SNMP System Shutdown... + else if (strcmp(command->part(tempInt), "system-shutdown") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP System Shutdown Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + systemShutdown = setting; + } + + // snmp community? + else if (strcmp(command->part(tempInt), "community") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + communityPointer = addSNMPCommunity(); + communityPointer->community.assign(command->part(tempInt)); + communityPointer->enabled = setting; + snmp12Enabled = setting; + + // Get options... + tempInt++; + while (tempInt < command->parts) + { + + // RO + if (strcasecmp(command->part(tempInt), "ro") == 0) + communityPointer->type = communityReadOnly; + + // RW + else if (strcasecmp(command->part(tempInt), "rw") == 0) + communityPointer->type = communityReadWrite; + + // View + else if (strcasecmp(command->part(tempInt), "view") == 0) + { + tempInt++; + communityPointer->view.assign(command->part(tempInt)); + } + + // IP v6 Filter + else if (strcasecmp(command->part(tempInt), "ipv6") == 0) + { + tempInt++; + communityPointer->ipv6Filter.assign(command->part(tempInt)); + } + + // Filter + else if (tempInt == command->parts - 1) + communityPointer->filter.assign(command->part(tempInt)); + + tempInt++; + } + } + + // SNMP View... + else if (strcmp(command->part(tempInt), "view") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP View Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt + 2), "excluded") == 0) + addSNMPView(command->part(tempInt), command->part(tempInt + 1), false); + else + addSNMPView(command->part(tempInt), command->part(tempInt + 1), true); + } + + // SNMP Host... + else if (strcmp(command->part(tempInt), "host") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapHostPointer = addSNMPTrapHost(); + trapHostPointer->host.assign(command->part(tempInt)); + trapHostPointer->version = 1; + trapHostPointer->snmpv3 = snmpV3NoAuth; + trapHostPointer->port = 162; + trapHostPointer->trap = true; + tempInt++; + + // VRF... + if (strcmp(command->part(tempInt), "vrf") == 0) + { + tempInt++; + trapHostPointer->interface.assign(command->part(tempInt)); + tempInt++; + } + + // Traps... + if (strcmp(command->part(tempInt), "traps") == 0) + { + trapHostPointer->trap = true; + tempInt++; + } + + // Informs... + if (strcmp(command->part(tempInt), "informs") == 0) + { + trapHostPointer->trap = false; + tempInt++; + } + + // Version... + if (strcmp(command->part(tempInt), "version") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "1") == 0) + { + tempInt++; + trapHostPointer->version = 1; + } + else if (strcmp(command->part(tempInt), "2c") == 0) + { + trapHostPointer->version = 2; + tempInt++; + } + else if (strcmp(command->part(tempInt), "3") == 0) + { + trapHostPointer->version = 3; + tempInt++; + if (strcmp(command->part(tempInt), "auth") == 0) + { + trapHostPointer->snmpv3 = snmpV3Auth; + tempInt++; + } + else if (strcmp(command->part(tempInt), "noauth") == 0) + { + trapHostPointer->snmpv3 = snmpV3NoAuth; + tempInt++; + } + else if (strcmp(command->part(tempInt), "priv") == 0) + { + trapHostPointer->snmpv3 = snmpV3Priv; + tempInt++; + } + } + } + + // Community + trapHostPointer->community.assign(command->part(tempInt)); + tempInt++; + + // UDP Port... + if (strcmp(command->part(tempInt), "udp-port") == 0) + { + trapHostPointer->port = atoi(command->part(tempInt)); + tempInt++; + } + + // Notifications... + while (tempInt < command->parts) + { + + // VRRP... + if (strcmp(command->part(tempInt), "vrrp") == 0) + { } + + // Notification... + if (!trapHostPointer->notification.empty()) + { + trapHostPointer->notification.append(" "); + trapHostPointer->notification.append(command->part(tempInt)); + } + else + trapHostPointer->notification.assign(command->part(tempInt)); + + tempInt++; + } + + // If no notifications were configured... + if (trapHostPointer->notification.empty()) + trapHostPointer->notification.assign(i18n("All")); + } + + // SNMP Traps... + else if ((strcmp(command->part(tempInt), "enable") == 0) && (strcmp(command->part(tempInt + 1), "traps") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->include = setting; + + // All traps... + if ((strcmp(command->part(tempInt), "vrrp") == 0) || (command->parts == tempInt)) + snmpTrapPointer->trap.assign("All"); + + // Traps + options... + else if (command->parts > tempInt + 1) + { + snmpTrapPointer->trap.assign(command->part(tempInt)); + snmpTrapPointer->options.assign(line + 1 + string(line).find(command->part(tempInt)) + strlen(command->part(tempInt))); + } + + // Trap only... + else + snmpTrapPointer->trap.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "trap") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->include = setting; + snmpTrapPointer->trap.assign(command->part(tempInt)); + if (command->parts > tempInt + 1) + snmpTrapPointer->options.assign(line + 1 + string(line).find(command->part(tempInt)) + strlen(command->part(tempInt))); + } + else if (strcmp(command->part(tempInt), "trap-authentication") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->include = setting; + snmpTrapPointer->trap.assign("Authentication"); + } + + // SNMP Trap Source Interface... + else if (strcmp(command->part(tempInt), "trap-source") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Source Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapSource.assign(command->part(tempInt)); + } + + // snmp group? + else if (strcmp(command->part(tempInt), "group") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + snmp3Enabled = setting; + snmpGroupPointer = addSNMPGroup(); + snmpGroupPointer->group.assign(command->part(tempInt)); + tempInt++; + + // SNMP version... + if (strcmp(command->part(tempInt), "v1") == 0) + snmpGroupPointer->version = 1; + else if (strcmp(command->part(tempInt), "v2c") == 0) + snmpGroupPointer->version = 2; + else if (strcmp(command->part(tempInt), "v3") == 0) + { + snmpGroupPointer->version = 3; + tempInt++; + if (strcmp(command->part(tempInt), "noauth") == 0) + snmpGroupPointer->snmpv3 = snmpV3NoAuth; + else if (strcmp(command->part(tempInt), "auth") == 0) + snmpGroupPointer->snmpv3 = snmpV3Auth; + else if (strcmp(command->part(tempInt), "priv") == 0) + snmpGroupPointer->snmpv3 = snmpV3Priv; + } + tempInt++; + + // Options... + while (tempInt < command->parts) + { + + // Read view... + if (strcmp(command->part(tempInt), "read") == 0) + { + tempInt++; + snmpGroupPointer->readView.assign(command->part(tempInt)); + } + + // Write View... + else if (strcmp(command->part(tempInt), "write") == 0) + { + tempInt++; + snmpGroupPointer->writeView.assign(command->part(tempInt)); + } + + // Notify View... + else if (strcmp(command->part(tempInt), "notify") == 0) + { + tempInt++; + snmpGroupPointer->notifyView.assign(command->part(tempInt)); + } + + // Filtering... + else if (strcmp(command->part(tempInt), "access") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "ipv6") == 0) + { + tempInt++; + snmpGroupPointer->ipv6Filter.assign(command->part(tempInt)); + tempInt++; + } + snmpGroupPointer->filter.assign(command->part(tempInt)); + } + + tempInt++; + } + } + + // snmp user? + else if (strcmp(command->part(tempInt), "user") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP User Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + snmp3Enabled = setting; + tempInt++; + snmpUserPointer = addSNMPUser(); + snmpUserPointer->user.assign(command->part(tempInt)); + tempInt++; + + // Group... + snmpUserPointer->group.assign(command->part(tempInt)); + tempInt++; + + // Remote... + if (strcmp(command->part(tempInt), "remote") == 0) + { + tempInt++; + snmpUserPointer->host.assign(command->part(tempInt)); + tempInt++; + if (strcmp(command->part(tempInt), "udp-port") == 0) + { + tempInt++; + snmpUserPointer->port = atoi(command->part(tempInt)); + tempInt++; + } + } + + // SNMP version... + if (strcmp(command->part(tempInt), "v1") == 0) + { + snmpUserPointer->version = 1; + tempInt++; + } + else if (strcmp(command->part(tempInt), "v2c") == 0) + { + snmpUserPointer->version = 2; + tempInt++; + } + else if (strcmp(command->part(tempInt), "v3") == 0) + { + snmpUserPointer->version = 3; + snmpUserPointer->snmpv3 = snmpV3NoAuth; + tempInt++; + + // Encrypted... + if (strcmp(command->part(tempInt), "encrypted") == 0) + tempInt++; + + // Auth... + if (strcmp(command->part(tempInt), "auth") == 0) + { + snmpUserPointer->snmpv3 = snmpV3Auth; + tempInt++; + if (strcmp(command->part(tempInt), "sha") == 0) + snmpUserPointer->auth = snmpV3AuthSHA; + else + snmpUserPointer->auth = snmpV3AuthMD5; + tempInt++; + snmpUserPointer->authPassword.assign(command->part(tempInt)); + tempInt++; + } + } + + // Access... + if (strcmp(command->part(tempInt), "access") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "ipv6") == 0) + { + tempInt++; + snmpUserPointer->ipv6Filter.assign(command->part(tempInt)); + tempInt++; + } + snmpUserPointer->filter.assign(command->part(tempInt)); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int IOSSNMP::processDefaults(Device *device) +{ + // Variables... + snmpTrapHost *trapHostPointer = 0; + snmpCommunity *communityPointer = 0; + + // Enable SNMP Service... + if ((enabled == false) && (snmp12Enabled == true)) + { + communityPointer = community; + while ((communityPointer != 0) && (enabled == false)) + { + enabled = communityPointer->enabled; + communityPointer = communityPointer->next; + } + } + if ((enabled == false) && (snmp3Enabled == true)) + enabled = true; + + // SNMP v3 supported? + if (device->general->versionMajor > 11) + supportSNMP3 = true; + else + supportSNMP3Upgrade = true; + + // Check IOS version for Trap Hosts... + // Plus add default communities if they don't already exist (default on IOS 12.0(3)+)... + if (device->general->versionMajor < 12) + trapsSNMPv3 = false; + else if ((device->general->versionMajor == 12) && (device->general->versionMinor == 0) && (device->general->versionRevision < 3)) + trapsSNMPv3 = false; + else + { + + trapHostPointer = trapHost; + while (trapHostPointer != 0) + { + communityPointer = getSNMPCommunity(trapHostPointer->community.c_str()); + if (communityPointer == 0) + { + communityPointer = addSNMPCommunity(); + communityPointer->community.assign(trapHostPointer->community); + communityPointer->type = communityReadOnly; + } + trapHostPointer = trapHostPointer->next; + } + } + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-IOS/.svn/text-base/snmp.h.svn-base b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/snmp.h.svn-base new file mode 100644 index 0000000..ec075c4 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/.svn/text-base/snmp.h.svn-base @@ -0,0 +1,61 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef iosdevicesnmp_H +#define iosdevicesnmp_H + +#include "../device/snmp/snmp.h" + + +class IOSSNMP : public SNMP +{ + public: + IOSSNMP(); + + // Device specific properties... + string tftpServerList; + bool managerEnabled; + unsigned int managerTimeout; + unsigned int packetSize; + unsigned int trapQueueLength; + bool systemShutdown; + string trapSource; + unsigned int trapTimeout; + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS/administration-line.cpp b/libnipper-0.12.6/Cisco-IOS/administration-line.cpp new file mode 100644 index 0000000..a39ab79 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/administration-line.cpp @@ -0,0 +1,326 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "iosdevice.h" +#include "administration.h" + + +IOSAdministration::lineConfig *IOSAdministration::addLine() +{ + // Variables... + lineConfig *linePointer = 0; + + // Create... + if (line == 0) + { + line = new (lineConfig); + linePointer = line; + } + else + { + linePointer = line; + while (linePointer->next != 0) + linePointer = linePointer->next; + linePointer->next = new (lineConfig); + linePointer = linePointer->next; + } + + // Init... + linePointer->type = lineConsole; // line_console... + linePointer->lineStart = 0; // i.e. VTY - 0 + linePointer->lineEnd = 0; // i.e. VTY - 4 + linePointer->login = loginLinePassword; // login_disabled... + linePointer->exec = true; // true (default) or false + linePointer->privilege = 1; // Privilege level + linePointer->callback = false; // true or false (default) + linePointer->encryption = false; // password encrypted?... + linePointer->passwordInDict = false; // password in the dictionary? + linePointer->passwordWeak = Device::passwordPassed; // password weak? + linePointer->accounting = false; + linePointer->authorization = false; + linePointer->defaultSettings = true; // true if no transport line has been set + linePointer->output = true; + linePointer->ssh = true; // true, false + linePointer->telnet = true; // true, false + linePointer->rlogin = true; // true, false + linePointer->all = true; // true, false + linePointer->execTimeout = 600; // Exec timeout in seconds, 0 = no timeout (default) + linePointer->absoluteTimeout = 0; + linePointer->sessionTimeout = 0; + linePointer->loginTimeout = 30; + linePointer->next = 0; + + return linePointer; +} + + +int IOSAdministration::generateDeviceSpecificConfig(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + lineConfig *linePointer = 0; + string tempString; + int errorCode = 0; + + if (device->isRouter == true) + { + device->addPort("rlogin"); + + // Add service to the services list... + paragraphPointer = device->getTableParagraphPointer("CONFIG-SERVICES-TABLE"); + device->addTableData(paragraphPointer->table, i18n("Rlogin Service")); + if (rloginEnabled == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + // Rlogin Settings section... + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraphTitle.assign(i18n("Rlogin Service Settings")); + paragraphPointer->paragraph.assign(i18n("The Rlogin service enables remote administrative access to a *ABBREV*CLI*-ABBREV* on *DEVICETYPE* devices. The Telnet protocol implemented by the service is simple and provides no encryption of the network communications between the client and the server. This section details the Rlogin service settings.")); + + // Rlogin Settings Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINRLOGIN-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("Rlogin service settings"); + device->addTableHeading(paragraphPointer->table, i18n("Description"), false); + device->addTableHeading(paragraphPointer->table, i18n("Setting"), false); + device->addTableData(paragraphPointer->table, i18n("Rlogin Service")); + if (rloginEnabled == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + device->addTableData(paragraphPointer->table, i18n("Service *ABBREV*TCP*-ABBREV* Port")); + device->addTableData(paragraphPointer->table, "513"); + + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access using the Rlogin service is configured using lines on *DEVICETYPE* devices. These lines are listed in Table *TABLEREF*.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "IOS-RLOGINLINE-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title.assign(i18n("Rlogin line configuration")); + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Exec"), false); + device->addTableHeading(paragraphPointer->table, i18n("Login"), false); + device->addTableHeading(paragraphPointer->table, i18n("Level"), false); + device->addTableHeading(paragraphPointer->table, i18n("Password"), true); + device->addTableHeading(paragraphPointer->table, i18n("Authorisation"), false); + device->addTableHeading(paragraphPointer->table, i18n("Accounting"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*ACL*-ABBREV*"), false); + + linePointer = line; + while (linePointer != 0) + { + + // If line is used... + if ((linePointer->type == lineVTY) && (linePointer->rlogin == true) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + { + switch (linePointer->type) + { + case lineConsole: + device->addTableData(paragraphPointer->table, i18n("Console")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + case lineAUX: + device->addTableData(paragraphPointer->table, i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + if (linePointer->exec == true) + { + device->addTableData(paragraphPointer->table, i18n("Yes")); + switch (linePointer->login) + { + case loginWithNoPassword: + device->addTableData(paragraphPointer->table, i18n("No Authentication")); + break; + case loginLinePassword: + device->addTableData(paragraphPointer->table, i18n("Line Password")); + break; + case loginLocal: + device->addTableData(paragraphPointer->table, i18n("Local Users")); + break; + case loginTACACS: + device->addTableData(paragraphPointer->table, i18n("*ABBREV*TACACS*-ABBREV* Style")); + break; + default: + device->addTableData(paragraphPointer->table, i18n("*ABBREV*AAA*-ABBREV* Authentication")); + break; + } + } + else + { + device->addTableData(paragraphPointer->table, i18n("No")); + device->addTableData(paragraphPointer->table, i18n("N/A")); + } + tempString.assign(device->intToString(linePointer->privilege)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + device->addTableData(paragraphPointer->table, linePointer->password.c_str()); + if (linePointer->accounting == false) + device->addTableData(paragraphPointer->table, i18n("Off")); + else + { + tempString.assign(i18n("On")); + tempString.append(" ("); + tempString.append(linePointer->accList); + tempString.append(")"); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + if (linePointer->authorization == false) + device->addTableData(paragraphPointer->table, i18n("Off")); + else + { + tempString.assign(i18n("On")); + tempString.append(" ("); + tempString.append(linePointer->authList); + tempString.append(")"); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + device->addTableData(paragraphPointer->table, linePointer->aclIn.c_str()); + } + linePointer = linePointer->next; + } + } + + + // Line Settings section... + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraphTitle.assign(i18n("Line Settings")); + paragraphPointer->paragraph.assign(i18n("The line settings are used on *DEVICETYPE* devices to configure inbound and outbound administrative access using a number of different services. The previous sections have covered the specific administration services and their authentication configurations. This section details all the lines configured on *DEVICENAME* and the timeouts and *ABBREV*ACLs*-ABBREV* configured for inbound and outbound connections.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "IOS-LINES-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title.assign(i18n("Line timeout and *ABBREV*ACL*-ABBREV* configuration")); + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Exec"), false); + device->addTableHeading(paragraphPointer->table, i18n("Absolute"), false); + device->addTableHeading(paragraphPointer->table, i18n("Session"), false); + device->addTableHeading(paragraphPointer->table, i18n("Login"), true); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*ACL*-ABBREV* In"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*ACL*-ABBREV* Out"), false); + + linePointer = line; + while (linePointer != 0) + { + + switch (linePointer->type) + { + case lineConsole: + device->addTableData(paragraphPointer->table, i18n("Console")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + case lineAUX: + device->addTableData(paragraphPointer->table, i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + if (linePointer->execTimeout == 0) + device->addTableData(paragraphPointer->table, i18n("None")); + else + { + tempString.assign(device->timeToString(linePointer->execTimeout)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + if (linePointer->absoluteTimeout == 0) + device->addTableData(paragraphPointer->table, i18n("None")); + else + { + tempString.assign(device->timeToString(linePointer->absoluteTimeout)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + if (linePointer->sessionTimeout == 0) + device->addTableData(paragraphPointer->table, i18n("None")); + else + { + tempString.assign(device->timeToString(linePointer->sessionTimeout)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + if (linePointer->loginTimeout == 0) + device->addTableData(paragraphPointer->table, i18n("None")); + else + { + tempString.assign(device->timeToString(linePointer->loginTimeout)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + device->addTableData(paragraphPointer->table, linePointer->aclIn.c_str()); + device->addTableData(paragraphPointer->table, linePointer->aclOut.c_str()); + linePointer = linePointer->next; + } + + return errorCode; +} + diff --git a/libnipper-0.12.6/Cisco-IOS/administration-report.cpp b/libnipper-0.12.6/Cisco-IOS/administration-report.cpp new file mode 100644 index 0000000..1dcaf1f --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/administration-report.cpp @@ -0,0 +1,329 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "iosdevice.h" +#include "administration.h" + + +int IOSAdministration::generateDeviceTelnetConfig(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + lineConfig *linePointer = line; + string tempString; + bool found = false; + int errorCode = 0; + + if ((linePointer != 0) && (telnetEnabled == true)) + { + + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access to the Telnet service on *DEVICETYPE* devices is configured using lines. Table *TABLEREF* details the Telnet line configuration.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINTELNETLINE-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("Telnet service lines"); + + // Headings... + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Exec"), false); + device->addTableHeading(paragraphPointer->table, i18n("Login"), false); + device->addTableHeading(paragraphPointer->table, i18n("Level"), false); + device->addTableHeading(paragraphPointer->table, i18n("Password"), true); + device->addTableHeading(paragraphPointer->table, i18n("Authorisation"), false); + device->addTableHeading(paragraphPointer->table, i18n("Accounting"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*ACL*-ABBREV*"), false); + + // Data... + while (linePointer != 0) + { + if ((linePointer->telnet == true) && (linePointer->type == lineVTY) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + { + switch (linePointer->type) + { + case lineConsole: + device->addTableData(paragraphPointer->table, i18n("Console")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + case lineAUX: + device->addTableData(paragraphPointer->table, i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + if (linePointer->exec == true) + { + device->addTableData(paragraphPointer->table, i18n("Yes")); + switch (linePointer->login) + { + case loginWithNoPassword: + device->addTableData(paragraphPointer->table, i18n("No Authentication")); + break; + case loginLinePassword: + device->addTableData(paragraphPointer->table, i18n("Line Password")); + if (linePointer->password.empty()) + found = true; + break; + case loginLocal: + device->addTableData(paragraphPointer->table, i18n("Local Users")); + break; + case loginTACACS: + device->addTableData(paragraphPointer->table, i18n("TACACS Style")); + break; + default: + device->addTableData(paragraphPointer->table, i18n("AAA Authentication")); + break; + } + } + else + { + device->addTableData(paragraphPointer->table, i18n("No")); + device->addTableData(paragraphPointer->table, i18n("N/A")); + } + tempString.assign(device->intToString(linePointer->privilege)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + device->addTableData(paragraphPointer->table, linePointer->password.c_str()); + if (linePointer->accounting == false) + device->addTableData(paragraphPointer->table, i18n("Off")); + else + { + tempString.assign(i18n("On")); + tempString.append(" ("); + tempString.append(linePointer->accList); + tempString.append(")"); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + if (linePointer->authorization == false) + device->addTableData(paragraphPointer->table, i18n("Off")); + else + { + tempString.assign(i18n("On")); + tempString.append(" ("); + tempString.append(linePointer->authList); + tempString.append(")"); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + device->addTableData(paragraphPointer->table, linePointer->aclIn.c_str()); + } + linePointer = linePointer->next; + } + + if (found == true) + { + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("It is worth noting that if a line password has not been configured and the line is set to authenticate using the password, an error message is displayed and the connection will be terminated.")); + } + } + return errorCode; +} + + +int IOSAdministration::generateDeviceHTTPConfig(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + + // additional SSH settings... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINHTTP-TABLE"); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*HTTP*-ABBREV* *ABBREV*ACL*-ABBREV*")); + if (httpAcl.empty()) + device->addTableData(paragraphPointer->table, ""); + else + device->addTableData(paragraphPointer->table, httpAcl.c_str()); + + return 0; +} + + +int IOSAdministration::generateDeviceSSHConfig(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + lineConfig *linePointer = line; + string tempString; + bool found = false; + int errorCode = 0; + + if ((linePointer != 0) && (sshEnabled == true)) + { + + // additional SSH settings... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINSSH-TABLE"); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*SSH*-ABBREV* Authentication Retries")); + tempString.assign(device->intToString(sshRetries)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*SSH*-ABBREV* Negotiation Timeout")); + tempString.assign(device->timeToString(sshNegTimeout)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access to the *ABBREV*SSH*-ABBREV* service on *DEVICETYPE* devices is configured using lines. Table *TABLEREF* details the *ABBREV*SSH*-ABBREV* line configuration.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINSSHLINE-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("*ABBREV*SSH*-ABBREV* service lines"); + + // Headings... + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Exec"), false); + device->addTableHeading(paragraphPointer->table, i18n("Login"), false); + device->addTableHeading(paragraphPointer->table, i18n("Level"), false); + device->addTableHeading(paragraphPointer->table, i18n("Password"), true); + device->addTableHeading(paragraphPointer->table, i18n("Authorisation"), false); + device->addTableHeading(paragraphPointer->table, i18n("Accounting"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*ACL*-ABBREV*"), false); + + // Data... + while (linePointer != 0) + { + if ((linePointer->ssh == true) && (linePointer->type == lineVTY) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + { + switch (linePointer->type) + { + case lineConsole: + device->addTableData(paragraphPointer->table, i18n("Console")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + case lineAUX: + device->addTableData(paragraphPointer->table, i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + if (linePointer->exec == true) + { + device->addTableData(paragraphPointer->table, i18n("Yes")); + switch (linePointer->login) + { + case loginWithNoPassword: + device->addTableData(paragraphPointer->table, i18n("No Authentication")); + break; + case loginLinePassword: + device->addTableData(paragraphPointer->table, i18n("Line Password")); + if (linePointer->password.empty()) + found = true; + break; + case loginLocal: + device->addTableData(paragraphPointer->table, i18n("Local Users")); + break; + case loginTACACS: + device->addTableData(paragraphPointer->table, i18n("TACACS Style")); + break; + default: + device->addTableData(paragraphPointer->table, i18n("AAA Authentication")); + break; + } + } + else + { + device->addTableData(paragraphPointer->table, i18n("No")); + device->addTableData(paragraphPointer->table, i18n("N/A")); + } + tempString.assign(device->intToString(linePointer->privilege)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + device->addTableData(paragraphPointer->table, linePointer->password.c_str()); + if (linePointer->accounting == false) + device->addTableData(paragraphPointer->table, i18n("Off")); + else + { + tempString.assign(i18n("On")); + tempString.append(" ("); + tempString.append(linePointer->accList); + tempString.append(")"); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + if (linePointer->authorization == false) + device->addTableData(paragraphPointer->table, i18n("Off")); + else + { + tempString.assign(i18n("On")); + tempString.append(" ("); + tempString.append(linePointer->authList); + tempString.append(")"); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + device->addTableData(paragraphPointer->table, linePointer->aclIn.c_str()); + } + linePointer = linePointer->next; + } + + if (found == true) + { + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("It is worth noting that if a line password has not been configured and the line is set to authenticate using the password, an error message is displayed and the connection will be terminated.")); + } + } + return errorCode; +} diff --git a/libnipper-0.12.6/Cisco-IOS/administration-security.cpp b/libnipper-0.12.6/Cisco-IOS/administration-security.cpp new file mode 100644 index 0000000..9581f59 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/administration-security.cpp @@ -0,0 +1,993 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "iosdevice.h" +#include "administration.h" + + +int IOSAdministration::generateSecuritySpecificReport(Device *device) +{ + // Variables... + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + lineConfig *linePointer = 0; + string tempString; + int lineAclInMissingCount = 0; + int lineWeakExecTimeoutCount = 0; + int lineWithTACACSCount = 0; + int lineWithoutAuthorisation = 0; + int lineWithoutAccounting = 0; + int lineWithOutputTransport = 0; + int lineOuputNoAcl = 0; + int lineLoginWithoutPassword = 0; + int lineWithTransportInputAll = 0; + int lineWithRLogin = 0; + bool found = false; + bool consoleAccessOnly = false; + int errorCode = 0; + + // Search for issues... + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s Administration IOS Issue Checks\n", device->config->COL_BLUE, device->config->COL_RESET); + + linePointer = line; + while (linePointer != 0) + { + + // If line is used... + if (((linePointer->telnet == true) || (linePointer->ssh == true) || (linePointer->rlogin == true)) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + { + + // Line ACL In is missing... + if ((linePointer->type == lineVTY) && (linePointer->aclIn.empty())) + lineAclInMissingCount++; + + // Line exec timeout is weak... + if ((linePointer->execTimeout > device->config->connectionTimeouts) || (linePointer->execTimeout == 0)) + lineWeakExecTimeoutCount++; + + // Line RLogin... + if ((linePointer->type == lineVTY) && (linePointer->rlogin == true)) + lineWithRLogin++; + + // Line input transport all used... + if ((linePointer->type == lineVTY) && (linePointer->all == true)) + lineWithTransportInputAll++; + + // Line TACACS... + if (linePointer->login == loginTACACS) + lineWithTACACSCount++; + + // Line Login with no password... + if (linePointer->login == loginWithNoPassword) + lineLoginWithoutPassword++; + + // Line accounting... + if (linePointer->accounting == false) + lineWithoutAccounting++; + + // Line authorisation... + if (linePointer->authorization == false) + lineWithoutAuthorisation++; + } + + // Transport Output... + if ((linePointer->type != lineAUX) && (linePointer->type != lineConsole) && (linePointer->output == true)) + { + lineWithOutputTransport++; + if (linePointer->aclOut.empty()) + lineOuputNoAcl++; + } + + linePointer = linePointer->next; + } + + + // Issues... + + + // ACL in + if (lineAclInMissingCount > 0) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Administration Line Without ACL Configured\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Administration Access With No Host Restrictions")); + securityIssuePointer->reference.assign("IOS.LINENACL.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("Remote command-based administrative services such as Telnet and *ABBREV*SSH*-ABBREV* are configured using lines on *DEVICETYPE* devices. These lines determine the method of authentication to be used, restrictions such as timeouts and access restriction *ABBREV*ACLs*-ABBREV*. *ABBREV*ACLs*-ABBREV* can be configured for both inbound and outbound connections to *DEVICETYPE* devices. These enable the restriction of administrative access to and from the hosts and networks defined in the *ABBREV*ACLs*-ABBREV*. If no *ABBREV*ACL*-ABBREV* are configured for the lines, no access restrictions are applied.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addValue(paragraphPointer, lineAclInMissingCount); + if (lineAclInMissingCount > 1) + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* lines were configured with no *ABBREV*ACL*-ABBREV* to restrict administrative access to *DEVICENAME*. These lines are listed in Table *TABLEREF*.")); + else + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* line was configured with no *ABBREV*ACL*-ABBREV* to restrict administrative access to *DEVICENAME*. This line is shown in Table *TABLEREF*.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "SEC-REMOTEADMINLINEACL-TABLE"); + if (errorCode != 0) + return errorCode; + if (lineAclInMissingCount > 1) + paragraphPointer->table->title.assign(i18n("Administration lines without *ABBREV*ACL*-ABBREV*")); + else + paragraphPointer->table->title.assign(i18n("Administration line without *ABBREV*ACL*-ABBREV*")); + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Exec"), false); + device->addTableHeading(paragraphPointer->table, i18n("Login"), false); + device->addTableHeading(paragraphPointer->table, i18n("Level"), false); + device->addTableHeading(paragraphPointer->table, i18n("Telnet"), false); + if (sshSupported == true) + device->addTableHeading(paragraphPointer->table, i18n("SSH"), false); + if (device->isRouter == true) + device->addTableHeading(paragraphPointer->table, i18n("Rlogin"), false); + + linePointer = line; + found = false; + while (linePointer != 0) + { + + // If line is used... + if (((linePointer->type == lineVTY) && (linePointer->aclIn.empty())) && ((linePointer->telnet == true) || (linePointer->ssh == true) || (linePointer->rlogin == true)) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + { + switch (linePointer->type) + { + case lineConsole: + device->addTableData(paragraphPointer->table, i18n("Console")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + case lineAUX: + device->addTableData(paragraphPointer->table, i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + if (linePointer->exec == true) + { + device->addTableData(paragraphPointer->table, i18n("Yes")); + switch (linePointer->login) + { + case loginWithNoPassword: + device->addTableData(paragraphPointer->table, i18n("No Authentication")); + found = true; + break; + case loginLinePassword: + device->addTableData(paragraphPointer->table, i18n("Line Password")); + if (linePointer->password.empty()) + found = true; + break; + case loginLocal: + device->addTableData(paragraphPointer->table, i18n("Local Users")); + break; + case loginTACACS: + device->addTableData(paragraphPointer->table, i18n("TACACS Style")); + break; + default: + device->addTableData(paragraphPointer->table, i18n("AAA Authentication")); + break; + } + } + else + { + device->addTableData(paragraphPointer->table, i18n("No")); + device->addTableData(paragraphPointer->table, i18n("N/A")); + } + tempString.assign(device->intToString(linePointer->privilege)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + if (linePointer->telnet == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + if (sshSupported == true) + { + if (linePointer->ssh == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + } + if (device->isRouter == true) + { + if (linePointer->rlogin == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + } + } + linePointer = linePointer->next; + } + + // Issue impact... + if ((lineWithRLogin > 0) || (telnetEnabled == true)) + securityIssuePointer->impactRating = 7; // High + else + securityIssuePointer->impactRating = 5; // Medium + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("When no *ABBREV*ACL*-ABBREV* has been applied to the line configuration, an attacker or malicious user would not be restricted by *DEVICENAME* from connecting to a line configured administrative service. If a vulnerability were to exist in those services, or the attacker has valid authentication credentials, they could gain full administrative access to *DEVICENAME*.")); + if ((lineWithRLogin > 0) || (telnetEnabled == true)) + paragraphPointer->paragraph.append(i18n(" Furthermore, with clear text protocol services enabled, an attacker could gain the authentication credentials by monitoring administrative connections to the device.")); + if (found == true) + { + securityIssuePointer->impactRating = 9; // Critical + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("To make matters worse, not all the lines require a password in order for an attacker to gain access. The attacker may simply have to connect to the administrative service in order to gain administrative access.")); + } + + // Issue ease... + securityIssuePointer->easeRating = 9; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("For an attacker to gain access to an administrative service, they would simply have to connect to it using the relevant client software. Client software for most administrative services is available on the Internet and some are installed by default on most *ABBREV*OS*-ABBREV*.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 2; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that an *ABBREV*ACL*-ABBREV* is configured and then applied to the line in order to restrict access.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("A *ABBREV*ACL*-ABBREV* can be configured with the following commands:*CODE**COMMAND*ip access-list standard *CMDUSER*access-list-number*-CMDUSER**-COMMAND**COMMAND*remark *CMDUSER*description*-CMDUSER**-COMMAND**COMMAND*permit *CMDUSER*ip-address*-CMDUSER* *CMDUSER*wildcard*-CMDUSER* *CMDOPTION*log*-CMDOPTION**-COMMAND**-CODE*")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("The *ABBREV*ACL*-ABBREV* can then be applied to a line, from line configuration mode, using the following command:*CODE**COMMAND*access-class *CMDUSER*access-list-number*-CMDUSER* in*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("all active lines were not configured with an *ABBREV*ACL*-ABBREV* to restrict access")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Configure an *ABBREV*ACL*-ABBREV* to restrict access")); + device->addRecommendation(securityIssuePointer, i18n("Apply the *ABBREV*ACL*-ABBREV* to the relevant lines")); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "IOS.LINENOPA.1"); + device->addRelatedIssue(securityIssuePointer, "IOR.LINERLOG.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.ADMITELN.1"); + } + + + // Weak Line Exec Timeout + if (lineWeakExecTimeoutCount > 0) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Weak Exec Line Timeout\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Weak Exec Line Timeout Configured")); + securityIssuePointer->reference.assign("IOS.LINETMOT.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("The line exec timeout setting is used by *DEVICETYPE* devices to identify unused connections that can be terminated. The system resources used by *DEVICETYPE* devices can then be freed and session terminated. A connection could become unused for a number of reasons; the network connection may have been disrupted, a connection may not of been properly terminated or an administrator may have left their computer with a connection open. In the case of console connections, the administrator may have disconnected the console cable without properly terminating a session.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addValue(paragraphPointer, lineAclInMissingCount); + if (lineWeakExecTimeoutCount > 1) + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* lines were configured with a weak exec timeout. These lines are listed in Table *TABLEREF*.")); + else + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* line was configured with no exec timeout. This line is shown in Table *TABLEREF*.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "SEC-LINEEXECTIMEOUT-TABLE"); + if (errorCode != 0) + return errorCode; + if (lineWeakExecTimeoutCount > 1) + paragraphPointer->table->title.assign(i18n("Administration lines with weak exec timeouts")); + else + paragraphPointer->table->title.assign(i18n("Administration line with a weak exec timeout")); + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Telnet"), false); + if (sshSupported == true) + device->addTableHeading(paragraphPointer->table, i18n("SSH"), false); + if (device->isRouter == true) + device->addTableHeading(paragraphPointer->table, i18n("Rlogin"), false); + device->addTableHeading(paragraphPointer->table, i18n("Exec Timeout"), false); + + linePointer = line; + found = false; + while (linePointer != 0) + { + + // If line is used... + if (((linePointer->execTimeout > device->config->connectionTimeouts) || (linePointer->execTimeout == 0)) && ((linePointer->telnet == true) || (linePointer->ssh == true) || (linePointer->rlogin == true)) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + { + switch (linePointer->type) + { + case lineConsole: + device->addTableData(paragraphPointer->table, i18n("Console")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + found = true; + break; + case lineAUX: + device->addTableData(paragraphPointer->table, i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + found = true; + break; + } + if ((linePointer->type == lineConsole) || (linePointer->type == lineAUX)) + { + device->addTableData(paragraphPointer->table, i18n("N/A")); + if (sshSupported == true) + device->addTableData(paragraphPointer->table, i18n("N/A")); + if (device->isRouter == true) + device->addTableData(paragraphPointer->table, i18n("N/A")); + } + else + { + if (linePointer->telnet == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + if (sshSupported == true) + { + if (linePointer->ssh == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + } + if (device->isRouter == true) + { + if (linePointer->rlogin == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + } + } + if (linePointer->execTimeout == 0) + device->addTableData(paragraphPointer->table, i18n("None")); + else + { + tempString.assign(device->timeToString(linePointer->execTimeout)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + } + linePointer = linePointer->next; + } + + // Issue impact... + securityIssuePointer->impactRating = 7; // High + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("If a connection is not properly terminated, it may be possible for an attacker to make use of the connection in order to gain access to the device. If successful, the attacker would gain access with the privileges of the previous user.")); + + // Issue ease... + securityIssuePointer->easeRating = 7; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("There are a number of different ways that an attacker could exploit this issue, some are dependent on the service protocol or connection type. To remotely exploit this issue, the attacker would normally have to be able to monitor the remote connection unless the administrators management host is part of the attack. A number of tools are available on the Internet that can monitor network traffic or perform a man in the middle attacks.")); + if (found == false) + { + securityIssuePointer->easeRating = 3; + paragraphPointer->paragraph.append(i18n(" For a console connection to *DEVICENAME*, an attacker would require physical access to the device.")); + } + + // Issue recommendation... + securityIssuePointer->fixRating = 2; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + device->addString(paragraphPointer, device->timeToString(device->config->connectionTimeouts)); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that a timeout period of *DATA* should be configured for exec connections to *DEVICENAME*.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("An exec timeout can be configured on a line with the following line mode command:*CODE**COMMAND*exec-timeout *CMDUSER*minutes*-CMDUSER* *CMDOPTION*seconds*-CMDOPTION**-COMMAND**-CODE*")); + + // Conclusions text... + if (lineAclInMissingCount > 1) + securityIssuePointer->conLine.append(i18n("weak exec line timeouts were configured")); + else + securityIssuePointer->conLine.append(i18n("a weak exec line timeouts was configured")); + + // Recommendation list text... + tempString.assign(i18n("Configure an exec line connection timeout of ")); + tempString.append(device->timeToString(device->config->connectionTimeouts)); + device->addRecommendation(securityIssuePointer, tempString.c_str()); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "GEN.ADMITELN.1"); + } + + + if (lineWithTACACSCount > 0) + { + } + + + if (lineWithoutAuthorisation > 0) + { } + + + if (lineWithoutAccounting > 0) + { } + + + // Output protocol transport support... + if (lineWithOutputTransport > 0) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Outbound Administrative Access Configured\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Outbound Administrative Access Configured")); + securityIssuePointer->reference.assign("IOS.LINETROT.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("It is possible to remotely connect to other devices from *DEVICENAME* using Telnet and other protocols using the built in client software. This enables an administrator who is connected to *DEVICENAME* to quickly connect to other devices on the network, it could be that it is the only way an administrator can connect to the other devices if the network filtering on those devices only allows access from *DEVICENAME*.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addValue(paragraphPointer, lineWithOutputTransport); + if (lineWithOutputTransport > 1) + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* lines were configured to enable outbound administration. These lines are listed in Table *TABLEREF*.")); + else + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* line was configured to enable outbound administration. This line is shown in Table *TABLEREF*.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "SEC-LINEOUTPUTENABLED-TABLE"); + if (errorCode != 0) + return errorCode; + if (lineWithOutputTransport > 1) + paragraphPointer->table->title.assign(i18n("Lines with outbound administration enabled")); + else + paragraphPointer->table->title.assign(i18n("Line with outbound administration enabled")); + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Outbound *ABBREV*ACL*-ABBREV*"), false); + + linePointer = line; + found = true; + consoleAccessOnly = true; + while (linePointer != 0) + { + + // If line is used... + if ((linePointer->type != lineAUX) && (linePointer->type != lineConsole) && (linePointer->output == true)) + { + switch (linePointer->type) + { + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + device->addTableData(paragraphPointer->table, linePointer->aclOut.c_str()); + } + linePointer = linePointer->next; + } + + // Issue impact... + securityIssuePointer->impactRating = 2; // Information + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("If an attacker were able to gain a level of access to *DEVICENAME* they could use the device to attack and potentially gain access to other network hosts. If the attacker had administrative access to *DEVICENAME* they could reconfigure this level of access themselves. However, if they were to have a lower level of access, they would require *DEVICENAME* to already be configured to alow access to other devices.")); + if (lineOuputNoAcl > 0) + { + securityIssuePointer->easeRating = 1; + paragraphPointer->paragraph.append(i18n(" Furthermore, without assigning an *ABBREV*ACL*-ABBREV* for outbound connections the attacker would not be prevented by *DEVICENAME* from connecting to any network host.")); + } + + // Issue ease... + securityIssuePointer->easeRating = 2; // Challenging + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("In order to use *DEVICENAME* to attack other network devices the attacker would already need to have access to *DEVICENAME*.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 2; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that, unless require, *DEVICETYPE* devices should be configured to prevent using the device to access other network devices.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("Administrative outbound access to other network devices can be disabled on *DEVICETYPE* devices with the following line command:*CODE**COMMAND*transport output none*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("outbound administration was enabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable outbound administration")); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "IOS.LINEACLO.1"); + } + + + // Output protocol transport support without acl... + if (lineOuputNoAcl > 0) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Unrestricted Outbound Administrative Access\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Unrestricted Outbound Administrative Access")); + securityIssuePointer->reference.assign("IOS.LINEACLO.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("It is possible to remotely connect to other devices from *DEVICENAME* using Telnet and other protocols using the built in client software. This access can be restricted to specific hosts with the use of an *ABBREV*ACL*-ABBREV* in order to permit access to only a limited number of hosts.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addValue(paragraphPointer, lineOuputNoAcl); + if (lineOuputNoAcl > 1) + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* lines were configured to enable outbound administration without an *ABBREV*ACL*-ABBREV* to restrict host access. These lines are listed in Table *TABLEREF*.")); + else + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* line was configured to enable outbound administration without an *ABBREV*ACL*-ABBREV* to restrict host access. This line is shown in Table *TABLEREF*.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "SEC-LINEOUTPUTNOACL-TABLE"); + if (errorCode != 0) + return errorCode; + if (lineOuputNoAcl > 1) + paragraphPointer->table->title.assign(i18n("Lines with outbound administration enabled")); + else + paragraphPointer->table->title.assign(i18n("Line with outbound administration enabled")); + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + + linePointer = line; + found = true; + consoleAccessOnly = true; + while (linePointer != 0) + { + + // If line is used... + if ((linePointer->type != lineAUX) && (linePointer->type != lineConsole) && (linePointer->output == true) && (linePointer->aclOut.empty())) + { + switch (linePointer->type) + { + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + } + linePointer = linePointer->next; + } + + // Issue impact... + securityIssuePointer->impactRating = 2; // Information + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("If an attacker were able to gain a level of access to *DEVICENAME* they could use the device to attack and potentially gain access to other network hosts. With no *ABBREV*ACL*-ABBREV*, the attacker would not be restricted to specific hosts.")); + + // Issue ease... + securityIssuePointer->easeRating = 2; // Challenging + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("In order to use *DEVICENAME* to attack other network devices the attacker would already need to have access to *DEVICENAME*.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 2; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that, unless require, *DEVICETYPE* devices should be configured to prevent using the device to access other network devices. However, if outbound administrative access is required, *COMPANY* recommends that an *ABBREV*ACL*-ABBREV* is configured to restrict access to specific hosts.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("Administrative outbound access to other network devices can be disabled on *DEVICETYPE* devices with the following line command:*CODE**COMMAND*transport output none*-COMMAND**-CODE*")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("A *ABBREV*ACL*-ABBREV* can be configured with the following commands:*CODE**COMMAND*ip access-list standard *CMDUSER*access-list-number*-CMDUSER**-COMMAND**COMMAND*remark *CMDUSER*description*-CMDUSER**-COMMAND**COMMAND*permit *CMDUSER*ip-address*-CMDUSER* *CMDUSER*wildcard*-CMDUSER* *CMDOPTION*log*-CMDOPTION**-COMMAND**-CODE*")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("The *ABBREV*ACL*-ABBREV* can then be applied to a line, from line configuration mode, using the following command:*CODE**COMMAND*access-class *CMDUSER*access-list-number*-CMDUSER* out*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("outbound administration was enabled without access restrictions")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable outbound administration"), true); + device->addRecommendation(securityIssuePointer, i18n("Configure a *ABBREV*ACL*-ABBREV*")); + device->addRecommendation(securityIssuePointer, i18n("Apply the *ABBREV*ACL*-ABBREV* to the outbound line configuration")); + + // Dependent issues... + device->addDependency(securityIssuePointer, "IOS.LINETROT.1"); + } + + + // Lines not requiring a password to login + if (lineLoginWithoutPassword > 0) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Administrative Service Login With No Password\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Administrative Service Login With No Password")); + securityIssuePointer->reference.assign("IOS.LINENOPA.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("The Telnet, *ABBREV*SSH*-ABBREV* and console-based access to *DEVICETYPE* devices are configured using the line configuration. It is possible to configure different authentication methods to the device, including not requiring any authentication.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addValue(paragraphPointer, lineLoginWithoutPassword); + if (lineLoginWithoutPassword > 1) + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* lines were configured in a way that no authentication is required. These lines are listed in Table *TABLEREF*.")); + else + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* line was configured in a way that no authentication is required. This line is shown in Table *TABLEREF*.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "SEC-LINENOAUTH-TABLE"); + if (errorCode != 0) + return errorCode; + if (lineLoginWithoutPassword > 1) + paragraphPointer->table->title.assign(i18n("Administration lines that do not require authentication")); + else + paragraphPointer->table->title.assign(i18n("Administration line that does not require authentication")); + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Exec"), false); + device->addTableHeading(paragraphPointer->table, i18n("Login"), false); + device->addTableHeading(paragraphPointer->table, i18n("Level"), false); + device->addTableHeading(paragraphPointer->table, i18n("Telnet"), false); + if (sshSupported == true) + device->addTableHeading(paragraphPointer->table, i18n("SSH"), false); + if (device->isRouter == true) + device->addTableHeading(paragraphPointer->table, i18n("Rlogin"), false); + + linePointer = line; + found = true; + consoleAccessOnly = true; + while (linePointer != 0) + { + + // If line is used... + if ((linePointer->login == loginWithNoPassword) && ((linePointer->telnet == true) || (linePointer->ssh == true) || (linePointer->rlogin == true)) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + { + switch (linePointer->type) + { + case lineConsole: + device->addTableData(paragraphPointer->table, i18n("Console")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + case lineAUX: + device->addTableData(paragraphPointer->table, i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + if (linePointer->exec == true) + { + device->addTableData(paragraphPointer->table, i18n("Yes")); + switch (linePointer->login) + { + case loginWithNoPassword: + device->addTableData(paragraphPointer->table, i18n("No Authentication")); + found = true; + break; + case loginLinePassword: + device->addTableData(paragraphPointer->table, i18n("Line Password")); + break; + case loginLocal: + device->addTableData(paragraphPointer->table, i18n("Local Users")); + break; + case loginTACACS: + device->addTableData(paragraphPointer->table, i18n("TACACS Style")); + break; + default: + device->addTableData(paragraphPointer->table, i18n("AAA Authentication")); + break; + } + } + else + { + device->addTableData(paragraphPointer->table, i18n("No")); + device->addTableData(paragraphPointer->table, i18n("N/A")); + } + tempString.assign(device->intToString(linePointer->privilege)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + if (linePointer->telnet == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + if (sshSupported == true) + { + if (linePointer->ssh == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + } + if (device->isRouter == true) + { + if (linePointer->rlogin == true) + device->addTableData(paragraphPointer->table, i18n("Yes")); + else + device->addTableData(paragraphPointer->table, i18n("No")); + } + if ((linePointer->type != lineConsole) && (!linePointer->aclIn.empty())) + found = false; + if (linePointer->type != lineConsole) + consoleAccessOnly = false; + } + linePointer = linePointer->next; + } + + // Issue impact... + securityIssuePointer->impactRating = 9; // Critical + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("With no authentication required, an attacker or malicious user who is able to access one of the administration interfaces configured on the lines detailed above would gain access without authenticating.")); + + // Issue ease... + securityIssuePointer->easeRating = 8; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("The attacker or malicious user would simply have to connect to *DEVICENAME*, no authentication would be requested.")); + if (consoleAccessOnly == true) + { + securityIssuePointer->easeRating = 3; + paragraphPointer->paragraph.append(i18n(" However, for console access the attacker would require physical access to the device.")); + } + else if (found == true) + { + securityIssuePointer->easeRating = 4; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.append(i18n("*ABBREV*ACL*-ABBREV* have been configured on the lines in order to restrict administrative access to *DEVICENAME*. However, a skilled attacker may be able to bypass any network access restrictions.")); + } + + // Issue recommendation... + securityIssuePointer->fixRating = 3; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that all administrative access should require authentication.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("Authentication can be configured on lines using the following line mode command:*CODE**COMMAND*login *CMDOPTION*tacacs *CMDOR* local*-CMDOPTION**-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("authentication was not required for all administrative access")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Configure authentication only access for all administrative lines")); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "GEN.ADMITELN.1"); + device->addRelatedIssue(securityIssuePointer, "IOS.LINENACL.1"); + } + + + if (lineWithTransportInputAll > 0) + { } + + + if (lineWithRLogin > 0) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Clear Text Rlogin Protocol Service\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Clear Text Rlogin Protocol Service")); + securityIssuePointer->reference.assign("IOR.LINERLOG.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("The Rlogin service enables network administrators to remotely manage *DEVICETYPE* devices. However, the protocol provides no encryption or encoding, so all network traffic, including the authentication, is transmitted between the client and the server in clear text.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addValue(paragraphPointer, lineWithRLogin); + if (lineWithRLogin > 1) + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* lines had the Rlogin service enabled. These lines are listed in Table *TABLEREF*.")); + else + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* line had the Rlogin service enabled. This line is shown in Table *TABLEREF*.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "SEC-LINERLOGIN-TABLE"); + if (errorCode != 0) + return errorCode; + if (lineWithRLogin > 1) + paragraphPointer->table->title.assign(i18n("Administration lines that have the Rlogin service enabled")); + else + paragraphPointer->table->title.assign(i18n("Administration line that has the Rlogin service enabled")); + device->addTableHeading(paragraphPointer->table, i18n("Line"), false); + device->addTableHeading(paragraphPointer->table, i18n("Exec"), false); + device->addTableHeading(paragraphPointer->table, i18n("Login"), false); + device->addTableHeading(paragraphPointer->table, i18n("Level"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*ACL*-ABBREV*"), false); + + linePointer = line; + found = true; + while (linePointer != 0) + { + + // If line is used... + if ((linePointer->type == lineVTY) && (linePointer->rlogin == true) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + { + switch (linePointer->type) + { + case lineConsole: + device->addTableData(paragraphPointer->table, i18n("Console")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + case lineAUX: + device->addTableData(paragraphPointer->table, i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + device->addTableData(paragraphPointer->table, tempString.c_str()); + break; + } + if (linePointer->exec == true) + { + device->addTableData(paragraphPointer->table, i18n("Yes")); + switch (linePointer->login) + { + case loginWithNoPassword: + device->addTableData(paragraphPointer->table, i18n("No Authentication")); + break; + case loginLinePassword: + device->addTableData(paragraphPointer->table, i18n("Line Password")); + break; + case loginLocal: + device->addTableData(paragraphPointer->table, i18n("Local Users")); + break; + case loginTACACS: + device->addTableData(paragraphPointer->table, i18n("TACACS Style")); + break; + default: + device->addTableData(paragraphPointer->table, i18n("AAA Authentication")); + break; + } + } + else + { + device->addTableData(paragraphPointer->table, i18n("No")); + device->addTableData(paragraphPointer->table, i18n("N/A")); + } + tempString.assign(device->intToString(linePointer->privilege)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + device->addTableData(paragraphPointer->table, linePointer->aclIn.c_str()); + if (linePointer->aclIn.empty()) + found = false; + } + linePointer = linePointer->next; + } + + // Issue impact... + securityIssuePointer->impactRating = 8; // HIGH + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker or malicious user who was able to monitor the network traffic between a Rlogin server and client would be able to capture the authentication credentials and any data. Furthermore, the attacker could then use the authentication credentials to gain a level of access to *DEVICENAME*.")); + + // Issue ease... + securityIssuePointer->easeRating = 7; // EASY + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("Network packet and password sniffing tools are widely available on the Internet and some of the tools are specifically designed to capture clear-text protocol authentication credentials. In a switched environment an attacker may not be able to capture network traffic destined for other devices without performing an additional attack, such as exploiting *ABBREV*ARP*-ABBREV* or routing vulnerabilities.")); + if (found == true) + { + securityIssuePointer->easeRating = 4; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.append(i18n("Although access to the Rlogin service has been restricted with the use of *ABBREV*ACLs*-ABBREV*, a skilled attacker may be able to bypass any network filtering in order to gain access.")); + } + + // Issue recommendation... + securityIssuePointer->fixRating = 3; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that all clear text protocol services should be replaced by their cryptographically secure counterparts.")); + if (sshEnabled == true) + { + paragraphPointer->paragraph.append(i18n(" The *ABBREV*SSH*-ABBREV* service is already configured on *DEVICENAME*. *COMPANY* recommends that this should be used as a cryptographically secure alternative to Rlogin.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("The Rlogin and *ABBREV*SSH*-ABBREV* services are both configured or disabled using the same line command. To disable Rlogin and enable *ABBREV*SSH*-ABBREV* use the following line mode command:*CODE**COMMAND*transport input ssh*-COMMAND**-CODE*")); + } + else if (sshSupported == true) + { + paragraphPointer->paragraph.append(i18n(" *DEVICETYPE* devices support the *ABBREV*SSH*-ABBREV* service, which is a cryptographically secure alternative to Rlogin. *COMPANY* recommends that this service should be used as an alternative.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("The Rlogin and *ABBREV*SSH*-ABBREV* services are both configured or disabled using the same line command. To disable Rlogin and enable *ABBREV*SSH*-ABBREV* use the following line mode command:*CODE**COMMAND*transport input ssh*-COMMAND**-CODE*")); + } + else + { + securityIssuePointer->fixRating = 8; // Involved + paragraphPointer->paragraph.append(i18n(" *COMPANY* recommends that the *ABBREV*SSH*-ABBREV* service is used as a cryptographically secure alternative to Rlogin. However, the *DEVICEOS* will need to be upgraded to a version that supports the *ABBREV*SSH*-ABBREV* service.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("Rlogin can be disabled with the following line mode command:*CODE**COMMAND*transport input none*-COMMAND**-CODE*")); + } + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("the Rlogin service was enabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable the Rlogin service")); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "IOS.LINENACL.1"); + } + + return errorCode; +} diff --git a/libnipper-0.12.6/Cisco-IOS/administration.cpp b/libnipper-0.12.6/Cisco-IOS/administration.cpp new file mode 100644 index 0000000..78b18a3 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/administration.cpp @@ -0,0 +1,862 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "iosdevice.h" +#include "general.h" +#include "administration.h" +#include "authentication.h" +#include "../device/common/configline.h" + +IOSAdministration::IOSAdministration() +{ + // Device specific options... + rloginEnabled = false; + httpConfigured = false; // Has http-server been configured already? + configIncludesSSH = false; // Set to true if in the lines mention SSH or there is an ssh line + cdpSupported = true; // Is CDP supported (globally, see interfaces for per interface activation) + cdpEnabled = true; // Is CDP enabled + cdpVersionSupported = false; // Is CDP version supported + cdpVersion = 2; // CDP version + + // General... + generalSettings = true; // Show the general settings section? + + // Telnet... + telnetSupported = true; // Is telnet supported? + disableTelnet = i18n("Telnet must be disabled on *DEVICETYPE* devices for each line that the service is enabled. If supported, the *ABBREV*SSH*-ABBREV* protocol can also be enabled using the same command. This can be done using the following command:*CODE**COMMAND*transport input *CMDOPTION*none *CMDOR* ssh*-CMDOPTION**-COMMAND**-CODE*"); // How to disable telnet text... + + // Device specific options... + sshSupported = false; // Does this device support SSH? + ssh2Supported = false; // Does the device support SSH version 2? + sshUpgrade = true; // Do you have to upgrade? + ssh2upgrade = true; + sshRetries = 3; // The SSH login retries + sshNegTimeout = 120; // The SSH negotiation timeout + configSSHSupport = i18n("The *ABBREV*SSH*-ABBREV* service can be configured on each line with the following command:*CODE**COMMAND*transport input ssh*-COMMAND**-CODE*"); // How to configure SSH... + configSSHv2Support = i18n("When *ABBREV*SSH*-ABBREV* protocol version 2 support is configured on *DEVICETYPE* devices, support for version 1 will be disabled. This can be configured with the following command:*CODE**COMMAND*ip ssh version 2*-COMMAND**-CODE*"); // How to configure protocol version 2 support only + sshConfigProtocolSupport = i18n("*DEVICETYPE* devices support both *ABBREV*SSH*-ABBREV* protocol versions 1 and 2. Support for *ABBREV*SSH*-ABBREV* was introduced in *ABBREV*IOS*-ABBREV* version 12.0(5) and support for *ABBREV*SSH*-ABBREV* protocol version 2 was added from *ABBREV*IOS*-ABBREV* version 12.3(2). *ABBREV*IOS*-ABBREV* devices that support both versions of the *ABBREV*SSH*-ABBREV* protocol default to allowing connections from clients using either version."); + + // HTTP(S) options... + httpSupported = false; // Does this device support HTTP + httpsSupported = false; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpPort = 80; // HTTP port + httpsEnabled = false; // Is the HTTPS service enabled? + httpsPort = 443; // HTTPS port + httpSpecificTimeout = true; // A HTTP Specific Timeout? + httpTimeout = 180; // The HTTP Timeout (secs) + configHTTPTimeout = i18n("The *ABBREV*HTTP*-ABBREV* server timeout can be configured with the following command:*CODE**COMMAND*ip http timeout-policy idle *CMDUSER*seconds*-CMDUSER* life *CMDUSER*seconds*-CMDUSER* requests *CMDUSER*number*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure the timeout + httpLabel = i18n("*ABBREV*HTTP*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*HTTPS*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + httpSpecificHost = true; // Does HTTP have its own access list? + httpHostsRequired = false; // Is the host configuration required? + showHTTPHostInterface = false; // Show the Interface column in the host table? + showHTTPHostAccess = false; // Show the Access column in the host table? + configHTTPHostAccess = i18n("Management hosts can be configured by applying an *ABBREV*ACL*-ABBREV*. An *ABBREV*ACL*-ABBREV* can be configured and applied using the following commands:*CODE**COMMAND*ip access-list standard *CMDUSER*access-list-number*-CMDUSER**-COMMAND**COMMAND*remark *CMDUSER*description*-CMDUSER**-COMMAND**COMMAND*permit *CMDUSER*ip-address*-CMDUSER* *CMDUSER*wildcard*-CMDUSER* *CMDOPTION*log*-CMDOPTION**-COMMAND**COMMAND*ip http access-class *CMDUSER*acl-number*-CMDUSER**-COMMAND**-CODE*"); // How to configure HTTP Management hosts... + disableHTTP = i18n("The *ABBREV*HTTP*-ABBREV* server can be disabled using the following command:*CODE**COMMAND*no ip http server*-COMMAND**-CODE*"); // How to disable HTTP text... + configHTTPSSupport = i18n("The *ABBREV*HTTPS*-ABBREV* server can be enabled using the following command:*CODE**COMMAND*ip http secure-server*-COMMAND**-CODE*"); // How to configure HTTPS... + cipherConfigSupported = true; // Can the Ciphers be configured? + configCipherText = i18n("The most secure cipher suite supported by *DEVICETYPE* devices can be configured with the following command:*CODE**COMMAND*ip http secure-ciphersuite 3des-ede-cbc-sha*-COMMAND**-CODE*"); // The text to configure a strong cipher. + + // BOOTP Support... + bootPServerSupported = false; // Is BOOTP supported? + bootPEnabled = true; // Is BOOTP enabled? + configDisableBootP = i18n("The *ABBREV*BOOTP*-ABBREV* service can be disabled with the following command:*CODE**COMMAND*no ip bootp server*-COMMAND**-CODE*"); // Config report text to disable bootp + + // Finger Support... + fingerServiceSupported = true; // Is the finger service supported? + fingerServiceEnabled = false; // Is the finger service enabled? + configDisableFinger = i18n(""); // Config report text to disable finger + + // Device specific inits... + line = 0; + + + aaaUsed = false; // If aaa is used, it overrides the line configuration... +} + + +int IOSAdministration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + lineConfig *linePointer = 0; + cipherConfig *cipherPointer = 0; + bool setting = false; + int tempInt = 0; + int errorCode = 0; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // IP + if (strcmp(command->part(tempInt), "ip") == 0) + { + tempInt++; + + // HTTP... + if (strcmp(command->part(tempInt), "http") == 0) + { + tempInt++; + httpSupported = true; + + // Server... + if (strcmp(command->part(tempInt), "server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + httpConfigured = true; + httpEnabled = setting; + } + + // Server port... + else if (strcmp(command->part(tempInt), "port") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Server Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == false) + httpPort = 80; + else + httpPort = atoi(command->part(tempInt + 1)); + } + + // Server ACL... + else if (strcmp(command->part(tempInt), "access-class") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP ACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + httpSpecificHost = false; + httpAcl.assign(command->part(tempInt + 1)); + } + + // sercure Server... + else if (strcmp(command->part(tempInt), "secure-server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTPS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + httpsSupported = true; + httpsEnabled = setting; + } + + // sercure Server port... + else if (strcmp(command->part(tempInt), "secure-port") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTPS Server Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + httpsSupported = true; + if (setting == false) + httpsPort = 443; + else + httpsPort = atoi(command->part(tempInt + 1)); + } + + // sercure Server ciphers... + else if (strcmp(command->part(tempInt), "secure-ciphersuite") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTPS Server Ciphers Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + httpsSupported = true; + if (setting != false) + { + tempInt += 2; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "3des-ede-cbc-sha") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*3DES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 168; + cipherPointer->ssl3 = true; + } + + else if (strcmp(command->part(tempInt), "rc4-128-sha") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 128; + cipherPointer->ssl3 = true; + } + + else if (strcmp(command->part(tempInt), "rc4-128-md5") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 128; + cipherPointer->ssl3 = true; + } + + else if (strcmp(command->part(tempInt), "des-cbc-sha") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*DES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 56; + cipherPointer->ssl3 = true; + } + tempInt++; + } + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + // SSH... + else if (strcmp(command->part(tempInt), "ssh") == 0) + { + tempInt++; + sshSupported = true; + + // Version... + if (strcmp(command->part(tempInt), "version") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Version Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ssh2Supported = true; + if (setting == false) + sshVersion = 0; + else if (strcmp(command->part(tempInt + 1), "1") == 0) + sshVersion = 1; + else + sshVersion = 2; + } + + // Port... + else if (strcmp(command->part(tempInt), "port") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == false) + sshPort = 22; + else + sshPort = atoi(command->part(tempInt + 1)); + } + + // auth retries... + else if (strcmp(command->part(tempInt), "authentication-retries") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Auth Retry Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == false) + sshRetries = 3; + else + sshRetries = atoi(command->part(tempInt + 1)); + } + + // negotiation timeout... + else if (strcmp(command->part(tempInt), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Neg timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == false) + sshNegTimeout = 120; + else + sshNegTimeout = atoi(command->part(tempInt + 1)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + + // BootP... + else if ((strcmp(command->part(tempInt), "bootp") == 0) && (strcmp(command->part(tempInt + 1), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sBOOTP Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + bootPEnabled = setting; + bootPServerSupported = true; + } + + // Finger... + else if (strcmp(command->part(tempInt), "finger") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFinger Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + fingerServiceEnabled = setting; + fingerServiceSupported = true; + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + // CDP + else if ((strcmp(command->part(tempInt), "cdp") == 0) && (strcmp(command->part(tempInt + 1), "run") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCDP Run Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + cdpEnabled = setting; + } + + // Service... + else if (strcmp(command->part(tempInt), "service") == 0) + { + tempInt++; + + if (strcmp(command->part(tempInt), "finger") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFinger Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + fingerServiceEnabled = setting; + fingerServiceSupported = true; + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + + // Lines... + else if (strcmp(command->part(tempInt), "line") == 0) + { + while ((strcmp(command->part(0), "!") != 0) && (feof(device->inputFile) == 0)) + { + + // New line... + if (strcmp(command->part(tempInt), "line") == 0) + { + tempInt++; + if (device->config->reportFormat == Config::Debug) + printf("%sLine Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + linePointer = addLine(); + + if ((strcmp(command->part(tempInt), "con") == 0) || (strcmp(command->part(tempInt), "concole") == 0)) + { + linePointer->type = lineConsole; + linePointer->defaultSettings = false; + linePointer->ssh = false; + linePointer->telnet = false; + linePointer->rlogin = false; + linePointer->all = false; + } + else if ((strcmp(command->part(tempInt), "aux") == 0) || (strcmp(command->part(tempInt), "auxiliary") == 0)) + { + linePointer->type = lineAUX; + linePointer->defaultSettings = false; + linePointer->ssh = false; + linePointer->telnet = false; + linePointer->rlogin = false; + linePointer->all = false; + } + else if (strcmp(command->part(tempInt), "tty") == 0) + linePointer->type = lineTTY; + else + linePointer->type = lineVTY; + tempInt++; + + linePointer->lineStart = atoi(command->part(tempInt)); + tempInt++; + linePointer->lineEnd = atoi(command->part(tempInt)); + } + + // Exec... + else if ((strcmp(command->part(tempInt), "exec") == 0) && (linePointer != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Exec Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + linePointer->exec = setting; + } + + // Login Timeout + else if ((strcmp(command->part(tempInt), "login") == 0) && (strcmp(command->part(tempInt + 1), "timeout") == 0) && (strcmp(command->part(tempInt + 2), "response") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Session Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 3; + linePointer->loginTimeout = atoi(command->part(tempInt)); + } + + // Login... + else if ((strcmp(command->part(tempInt), "login") == 0) && (linePointer != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Login Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == false) + linePointer->login = loginWithNoPassword; + else if (command->parts == tempInt) + linePointer->login = loginLinePassword; + else if (strcmp(command->part(tempInt), "local") == 0) + linePointer->login = loginLocal; + else if (strcmp(command->part(tempInt), "authentication") == 0) + linePointer->login = loginAuthentication; + else if (strcmp(command->part(tempInt), "tacacs") == 0) + linePointer->login = loginTACACS; + } + + // Password + else if (strcmp(command->part(tempInt), "password") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Password Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == false) + linePointer->password.erase(); + else + { + // If just password... + if (tempInt + 1 == command->parts) + linePointer->password.assign(command->part(tempInt)); + else if (strcmp(command->part(tempInt), "0") == 0) + { + tempInt++; + linePointer->password.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "7") == 0) + { + tempInt++; + linePointer->password.assign(device->ciscoType7Decode(command->part(tempInt))); + } + else + { + tempInt++; + linePointer->encryption = true; + linePointer->password.assign(command->part(tempInt)); + } + } + } + + // Access-Class In + else if ((strcmp(command->part(tempInt), "access-class") == 0) && (strcmp(command->part(tempInt + 2), "in") == 0)) + { + tempInt++; + if (device->config->reportFormat == Config::Debug) + printf("%sLine Access Class In Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + linePointer->aclIn.assign(command->part(tempInt)); + } + + // Access-Class Out + else if ((strcmp(command->part(tempInt), "access-class") == 0) && (strcmp(command->part(tempInt + 2), "out") == 0)) + { + tempInt++; + if (device->config->reportFormat == Config::Debug) + printf("%sLine Access Class Out Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + linePointer->aclOut.assign(command->part(tempInt)); + } + + // Callback + else if (strcmp(command->part(tempInt), "callback") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Call Back Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + linePointer->callback = setting; + } + + // Transport Input... + else if ((strcmp(command->part(tempInt), "transport") == 0) && (strcmp(command->part(tempInt + 1), "input") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Transport Input Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + linePointer->defaultSettings = false; + tempInt += 2; + if (strcmp(command->part(tempInt), "none") == 0) + { + linePointer->ssh = false; + linePointer->telnet = false; + linePointer->rlogin = false; + linePointer->all = false; + } + else if (strcmp(command->part(tempInt), "all") == 0) + { + linePointer->ssh = true; + linePointer->telnet = true; + linePointer->rlogin = true; + linePointer->all = true; + } + else + { + linePointer->ssh = false; + linePointer->telnet = false; + linePointer->rlogin = false; + linePointer->all = false; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "ssh") == 0) + { + linePointer->ssh = true; + configIncludesSSH = true; + sshSupported = true; + } + else if (strcmp(command->part(tempInt), "telnet") == 0) + linePointer->telnet = true; + else if (strcmp(command->part(tempInt), "rlogin") == 0) + linePointer->rlogin = true; + tempInt++; + } + } + } + + // Transport Output... + else if ((strcmp(command->part(tempInt), "transport") == 0) && (strcmp(command->part(tempInt + 1), "output") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Transport Output Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (strcmp(command->part(tempInt + 2), "none") == 0) + linePointer->output = false; + else + linePointer->output = true; + } + + // Privilege Level... + else if ((strcmp(command->part(tempInt), "privilege") == 0) && (strcmp(command->part(tempInt + 1), "level") == 0)) + { + tempInt += 2; + if (device->config->reportFormat == Config::Debug) + printf("%sLine Privilege Level Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting != false) + linePointer->privilege = atoi(command->part(tempInt)); + } + + // AAA - Accounting + else if (strcmp(command->part(tempInt), "accounting") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Accounting Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + linePointer->accounting = true; + if (strcmp(command->part(tempInt), "commands") == 0) + tempInt++; + tempInt++; + linePointer->accList.assign(command->part(tempInt)); + } + + // AAA - Authorization + else if (strcmp(command->part(tempInt), "authorization") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Authorization Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + linePointer->authorization = true; + if (strcmp(command->part(tempInt), "commands") == 0) + tempInt++; + tempInt++; + linePointer->authList.assign(command->part(tempInt)); + } + + // Exec Timeout + else if (strcmp(command->part(tempInt), "exec-timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Exec Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + linePointer->execTimeout = atoi(command->part(tempInt)) * 60; + tempInt++; + if (tempInt < command->parts) + linePointer->execTimeout = linePointer->execTimeout + atoi(command->part(tempInt)); + } + + // Absolute Timeout + else if (strcmp(command->part(tempInt), "absolute-timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Absolute Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + linePointer->absoluteTimeout = atoi(command->part(tempInt)) * 60; + } + + // Session Timeout + else if (strcmp(command->part(tempInt), "session-timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLine Session Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + linePointer->sessionTimeout = atoi(command->part(tempInt)) * 60; + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return errorCode; +} + + +int IOSAdministration::processDefaults(Device *device) +{ + // Variables... + Authentication::localUserConfig *localPointer = 0; + lineConfig *linePointer = 0; + cipherConfig *cipherPointer = 0; + string tempString; + + // Disable services by default... + telnetEnabled = false; + sshEnabled = false; + rloginEnabled = false; + + // Sort out CDP verison... + if (device->general != 0) + { + if (device->general->versionMajor < 12) + cdpVersion = 1; + } + + // Is this an IOS version that is LIKELY to have SSH? + if (device->general != 0) + { + if (device->general->versionMajor == 0) + { } + else if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 0)) || ((device->general->versionMajor == 12) && (device->general->versionMinor == 0) && (device->general->versionRevision > 0))) + { + configIncludesSSH = true; + sshSupported = true; + if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && ((device->general->versionMinor > 3) || ((device->general->versionMinor == 3) && (device->general->versionRevision > 1))))) + ssh2Supported = true; + } + } + + // BootP + if ((device->general != 0) && (bootPServerSupported == false)) + { + if (device->general->versionMajor == 0) + { } + else if ((device->general->versionMajor > 11) || ((device->general->versionMajor == 11) && (device->general->versionMinor > 1))) + bootPServerSupported = true; + } + + // Finger + if ((device->general != 0) && (fingerServiceSupported == false)) + { + if (device->general->versionMajor == 0) + { } + else if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 1)) || ((device->general->versionMajor == 12) && (device->general->versionMinor == 1) && (device->general->versionRevision > 4))) + { + fingerServiceSupported = true; + fingerServiceEnabled = false; + } + else if ((device->general->versionMajor > 11) || ((device->general->versionMajor == 11) && (device->general->versionMinor > 2))) + { + fingerServiceSupported = true; + fingerServiceEnabled = true; + } + } + + // Is this an IOS version that is LIKELY to have HTTP(S)? + if (device->general != 0) + { + if (device->general->versionMajor == 0) + { } + else if ((device->general->versionMajor > 11) || ((device->general->versionMajor == 11) && (device->general->versionMinor > 1))) + { + httpSupported = true; + httpsUpgrade = true; + if (httpConfigured == false) + httpEnabled = true; + if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && ((device->general->versionMinor > 3) || ((device->general->versionMinor == 3) && (device->general->versionRevision > 14))))) + httpsSupported = true; + } + } + + // HTTPS ciphers... + if (httpsSupported == true) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*3DES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 168; + cipherPointer->ssl3 = true; + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 128; + cipherPointer->ssl3 = true; + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 128; + cipherPointer->ssl3 = true; + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*DES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 56; + cipherPointer->ssl3 = true; + } + + // Fixup the line and service defaults... + linePointer = line; + while (linePointer != 0) + { + + // If AAA is used, the login must be handled by AAA + if (aaaUsed == true) + linePointer->login = loginAuthentication; + + // Add line password to local authentication list... + if (!linePointer->password.empty()) + { + switch (linePointer->type) + { + case lineConsole: + tempString.assign(i18n("Console Line")); + break; + case lineVTY: + tempString.assign(i18n("*ABBREV*VTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + tempString.append(i18n(" Line")); + break; + case lineAUX: + tempString.assign(i18n("Auxillary")); + break; + default: + tempString.assign(i18n("*ABBREV*TTY*-ABBREV* ")); + tempString.append(device->intToString(linePointer->lineStart)); + if (linePointer->lineEnd != 0) + { + tempString.append(" - "); + tempString.append(device->intToString(linePointer->lineEnd)); + } + tempString.append(i18n(" Line")); + break; + } + + localPointer = device->authentication->getUser(tempString.c_str()); + if (linePointer->privilege == 15) + localPointer->adminAccess = true; + tempString.assign(device->intToString(linePointer->privilege)); + localPointer->privilegeLevel.assign(tempString); + localPointer->aclSupported = true; + localPointer->outboundACL.assign(linePointer->aclOut); + localPointer->password.assign(linePointer->password); + if (linePointer->encryption == true) + localPointer->encryption = Authentication::md5Encryption; + else + localPointer->encryption = Authentication::clearText; + } + + // If default... + if (linePointer->defaultSettings == true) + { + if ((device->general->versionMajor < 11) || ((device->general->versionMajor == 11) && (device->general->versionMinor == 0))) + { + linePointer->telnet = true; + linePointer->rlogin = true; + linePointer->all = true; + } + else + { + linePointer->telnet = true; + linePointer->rlogin = true; + linePointer->all = false; + } + } + + // If not a router, terminate the rlogon... + if (device->isRouter == false) + linePointer->rlogin = false; + + // If Nipper THINKS that SSH is not available... + if (configIncludesSSH == false) + linePointer->ssh = false; + + // Telnet... + if ((linePointer->telnet == true) && (linePointer->exec == true)) + telnetEnabled = true; + if ((linePointer->telnet == true) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + telnetLoginAllowed = true; + + // SSH... + if ((linePointer->ssh == true) && (linePointer->exec == true) && !((linePointer->password.empty()) && (linePointer->login == loginLinePassword))) + sshEnabled = true; + + // Rlogin... + if (linePointer->rlogin == true) + rloginEnabled = true; + + linePointer = linePointer->next; + } + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-IOS/administration.h b/libnipper-0.12.6/Cisco-IOS/administration.h new file mode 100644 index 0000000..afbd97d --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/administration.h @@ -0,0 +1,133 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef iosdeviceadministration_H +#define iosdeviceadministration_H + +#include "../device/administration/administration.h" + + +class IOSAdministration : public Administration +{ + public: + IOSAdministration(); + + // Device specific methods... + int generateSecuritySpecificReport(Device *device); + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + int generateDeviceTelnetConfig(Device *device); // A device specific config report output + int generateDeviceSSHConfig(Device *device); // A device specific config report output + + + // ----------------------------------------------------------------------- + // Misc Device Specific Support... + // ----------------------------------------------------------------------- + + virtual int generateDeviceHTTPConfig(Device *device); // A device specific config report output + virtual int generateDeviceSpecificConfig(Device *device); + + bool telnetLoginAllowed; // Are people allowed to login + bool configIncludesSSH; // Set to true if in the lines mention SSH or there is an ssh line + bool httpConfigured; // Has http-server been configured already? + int sshRetries; // The SSH login retries + int sshNegTimeout; // The SSH negotiation timeout + bool rloginEnabled; // Is the Rlogin service enabled? + string httpAcl; // The HTTP server ACL + + bool aaaUsed; // If aaa is used, it overrides the line configuration... + + + // ----------------------------------------------------------------------- + // Lines Support... + // ----------------------------------------------------------------------- + + enum lineType + { + lineConsole = 0, + lineVTY = 1, + lineAUX = 2, + lineTTY = 3 + }; + + enum loginType + { + loginWithNoPassword = 0, // Oh no (doesn't apply to VTY - they need a password) + loginLinePassword = 1, // The Line password (ouch) + loginLocal = 2, // Local Security Database (i.e. username) + loginTACACS = 3, // TACACS-style + loginAuthentication = 4 // AAA (recommended) + }; + + struct lineConfig + { + // Basics... + enum lineType type; // line_console... + int lineStart; // i.e. VTY - 0 + int lineEnd; // i.e. VTY - 4 + // Security... + enum loginType login; // + bool exec; // true (default) or false + int privilege; // The privilege level for the line (0..15) + bool callback; // true or false (default) + string password; // A Line password (if configured) + bool encryption; // true or false for the password + bool passwordInDict; // Is it a dictionary-based password + Device::weakPasswordEnum passwordWeak; // Is it a weak password + string aclIn; + string aclOut; + // AAA... + bool accounting; + string accList; + bool authorization; + string authList; + // Access Services... + bool output; // Output allowed + bool defaultSettings; // true if no transport line has been set + bool ssh; // true, false + bool telnet; // true, false + bool rlogin; // true, false + bool all; // true, false + // Timeouts... + int execTimeout; // Exec timeout in seconds, 0 = no timeout (default) + int absoluteTimeout; + int sessionTimeout; + int loginTimeout; + struct lineConfig *next; + }; + + lineConfig *line; + + lineConfig *addLine(); // Add a new line... +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS/authentication.cpp b/libnipper-0.12.6/Cisco-IOS/authentication.cpp new file mode 100644 index 0000000..8ed9112 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/authentication.cpp @@ -0,0 +1,784 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "iosdevice.h" +#include "authentication.h" +#include "administration.h" +#include "../device/common/configline.h" + + +IOSAuthentication::IOSAuthentication() +{ + // General... + authenticationConfigIntro = i18n("This section describes the various *DEVICETYPE* device authentication settings."); // Introduction text to the whole section + loginAttemptsSupported = false; // Login attempts supported + loginAttempts = 0; // Login attempts allowed (0 = infinite) + accessWithoutAuthentication = false; // Set to true if access is allowed without authentication + configAccessAuthentication = "The following commands can be used on *DEVICETYPE* devices to configure the enable password and a local user:*CODE**COMMAND*enable secret *CMDUSER*password*-CMDUSER**-COMMAND**COMMAND*username *CMDUSER*user*-CMDUSER* secret *CMDUSER*password*-CMDUSER**-COMMAND**-CODE*"; // The text and commands to configure access authentication with a password + + // Authentication Methods... + authMethodSupported = true; // Authentication Method Supported + appliesToSupported = true; // Applies To Supported + namedAuthSupport = true; // Are auth servers named? + showAuthLevel = true; // Show auth level + + // Local User Options... + encryptionSupported = true; // Show encryption + readOnlySupported = false; // Is read only supported? + outboundACLSupported = true; // Are outbound filtering ACL supported? + privilegeLevelSupported = true; // Are privilege levels supported? + privilegeLevelText = i18n("Privilege Level"); // The table title privilege level text + configDeviceSpecificLocalUsers = "The users can be assigned to different privilege levels which are configurable and determine the level of access granted. A level 15 user is the highest level and is typically reserved for management of the device. The enable user password is typically used for performing administration on *DEVICETYPE* devices. However if an enable user password has not been configured, a line password will be used instead."; // Text for the config report local user section. + filterText = i18n("*ABBREV*ACL*-ABBREV*"); // The table filter column title text + + // TACACS Options... + showTacacsGroupName = true; // Show the TACACS group + showTacacsRetries = false; // Show the TACACS retries + configTacacsKey = i18n("The following command can be used to set the global *ABBREV*TACACS+*-ABBREV* server key:*CODE*tacacs-server key *CMDUSER*key*-CMDUSER**-CODE*"); // The text and commands to configure a TACACS+ key + + // RADIUS Options... + showRadiusGroupName = true; // Show the RADIUS group + configRadiusKey = i18n("The following command can be used to set the global *ABBREV*RADIUS*-ABBREV* server key:*CODE*radius-server key *CMDUSER*key*-CMDUSER**-CODE*"); // The text and commands to configure a RADIUS key + + // KERBEROS Options... + showKerberosGroupName = false; // Show the KERBEROS group + showKerberosTimeout = false; // Show Kerberos timeout + showKerberosRetries = false; // Show Kerberos retries + + // LDAP Options... + showLDAPGroupName = false; // Show the LDAP group + showLDAPPassword = false; // Show LDAP password + configLDAPPassword = i18n(""); // The text and commands to configure an LDAP server password + + // SecurID Options... + showSecurIDGroupName = false; // Show the SecurID group + showSecurIDDuress = false; // Show the SecurID Duress + showSecurIDEncryption = false; // Show the SecurID Encryption + + // NT Options... + showNTGroupName = false; // Show the NT group + + + tacacsPort = 49; + tacacsTimeout = 5; + radiusPort = 1645; + radiusTimeout = 5; + radiusRetries = 3; + tacacsKeyEnc = clearText; + radiusKeyEnc = clearText; +} + + +int IOSAuthentication::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + localUserConfig *localUserPointer = 0; + tacacsServerConfig *tacacsPointer = 0; + radiusServerConfig *radiusPointer = 0; + kerberosServerConfig *kerberosPointer = 0; + authConfig *authPointer = 0; + string tempString; + bool setting = false; + int tempInt = 0; + int errorCode = 0; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // AAA + if (strcmp(command->part(0), "aaa") == 0) + { + ((IOSAdministration *)device->administration)->aaaUsed = true; + + if ((strcmp(command->part(2), "enable") == 0) || (strcmp(command->part(2), "login") == 0) || (strcmp(command->part(2), "dot1x") == 0) || (strcmp(command->part(2), "ppp") == 0) || (strcmp(command->part(2), "arap") == 0) || (strcmp(command->part(2), "eou") == 0) || (strcmp(command->part(2), "sgbp") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Authentication Method Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempInt = 4; + while (tempInt < command->parts) + { + authPointer = addMethod(); + authPointer->level.assign(command->part(2)); + if (strcmp(command->part(3), "default") != 0) + authPointer->appliesTo.assign(command->part(3)); + if (strcmp(command->part(tempInt), "none") == 0) + authPointer->method = noAuthRequired; + else if (strcmp(command->part(tempInt), "local") == 0) + authPointer->method = localAuth; + else if (strcmp(command->part(tempInt), "local-case") == 0) + authPointer->method = localAuth; + else if (strcmp(command->part(tempInt), "krb5") == 0) + authPointer->method = kerberosAuth; + else if (strcmp(command->part(tempInt), "krb5-telnet") == 0) + authPointer->method = kerberosAuth; + else if (strcmp(command->part(tempInt), "line") == 0) + authPointer->method = lineAuth; + else if (strcmp(command->part(tempInt), "enable") == 0) + authPointer->method = enableAuth; + else if (strcmp(command->part(tempInt), "group") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "radius") == 0) + authPointer->method = radiusAuth; + else if (strcmp(command->part(tempInt), "tacacs+") == 0) + authPointer->method = tacacsAuth; + else + { + authPointer->method = serverGroupAuth; + authPointer->name.assign(command->part(tempInt)); + } + } + tempInt++; + } + } + + else if ((strcmp(command->part(1), "group") == 0) && (strcmp(command->part(3), "tacacs+") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA TACACS+ Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + groupName.assign(command->part(4)); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((feof(device->inputFile) == 0) && (line[0] != '!')) + { + + // Server + if (strcmp(command->part(0), "server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Group Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = addTacacsServer(); + tacacsPointer->groupName.assign(groupName); + tacacsPointer->address.assign(command->part(1)); + tacacsPointer->timeout = tacacsTimeout; + tacacsPointer->port = tacacsPort; + tacacsPointer->key.assign(tacacsKey); + tacacsPointer->encryption = tacacsKeyEnc; + } + + // Private Server + else if (strcmp(command->part(0), "server-private") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Group Server Private Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = addTacacsServer(); + tacacsPointer->groupName.assign(groupName); + tacacsPointer->address.assign(command->part(1)); + tacacsPointer->timeout = tacacsTimeout; + tacacsPointer->port = tacacsPort; + tacacsPointer->key.assign(tacacsKey); + tacacsPointer->encryption = tacacsKeyEnc; + tempInt = 2; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "key") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "0") == 0) + { + tempInt++; + tacacsPointer->key.assign(command->part(tempInt)); + tacacsPointer->encryption = clearText; + } + else if (strcmp(command->part(tempInt), "7") == 0) + { + tempInt++; + tacacsPointer->key.assign(device->ciscoType7Decode(command->part(tempInt))); + tacacsPointer->encryption = cisco7Encryption; + if (tacacsPointer->key.empty()) + { + tacacsPointer->key.assign(command->part(tempInt)); + tempString.assign("tacacs-"); + tempString.append(tacacsPointer->address); + device->addJohnPassword(tempString.c_str(), command->part(tempInt)); + tacacsPointer->encryption = md5Encryption; + } + } + else + { + tacacsPointer->key.assign(command->part(tempInt)); + tacacsPointer->encryption = clearText; + } + } + else if (strcmp(command->part(tempInt), "port") == 0) + { + tempInt++; + tacacsPointer->port = atoi(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "timeout") == 0) + { + tempInt++; + tacacsPointer->timeout = atoi(command->part(tempInt)); + } + tempInt++; + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + } + + else if ((strcmp(command->part(1), "group") == 0) && (strcmp(command->part(3), "radius") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA RADIUS Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + groupName.assign(command->part(4)); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((feof(device->inputFile) == 0) && (line[0] != '!')) + { + + // Server + if (strcmp(command->part(0), "server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Group Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = addRadiusServer(); + radiusPointer->groupName.assign(groupName); + radiusPointer->address.assign(command->part(1)); + radiusPointer->timeout = radiusTimeout; + radiusPointer->port = radiusPort; + radiusPointer->retries = radiusRetries; + if (strcmp(command->part(2), "auth-port") == 0) + radiusPointer->port = atoi(command->part(3)); + } + + // Private Server + else if (strcmp(command->part(0), "server-private") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Group Server Private Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = addRadiusServer(); + radiusPointer->groupName.assign(groupName); + radiusPointer->address.assign(command->part(1)); + radiusPointer->timeout = radiusTimeout; + radiusPointer->port = radiusPort; + radiusPointer->retries = radiusRetries; + tempInt = 2; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "key") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "0") == 0) + { + tempInt++; + radiusPointer->key.assign(command->part(tempInt)); + radiusPointer->encryption = clearText; + } + else if (strcmp(command->part(tempInt), "7") == 0) + { + tempInt++; + radiusPointer->key.assign(device->ciscoType7Decode(command->part(tempInt))); + radiusPointer->encryption = cisco7Encryption; + if (radiusPointer->key.empty()) + { + radiusPointer->key.assign(command->part(tempInt)); + radiusPointer->encryption = md5Encryption; + tempString.assign("radius-"); + tempString.append(radiusPointer->address); + device->addJohnPassword(tempString.c_str(), command->part(tempInt)); + } + } + else + { + radiusPointer->key.assign(command->part(tempInt)); + radiusPointer->encryption = clearText; + } + } + else if (strcmp(command->part(tempInt), "auth-port") == 0) + { + tempInt++; + radiusPointer->port = atoi(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "retransmit") == 0) + { + tempInt++; + radiusPointer->retries = atoi(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "timeout") == 0) + { + tempInt++; + radiusPointer->timeout = atoi(command->part(tempInt)); + } + tempInt++; + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + // TACACS Key + else if ((strcmp(command->part(0), "tacacs-server") == 0) && (strcmp(command->part(1), "key") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Key Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(2), "0") == 0) + { + tacacsKey.assign(command->part(3)); + tacacsKeyEnc = clearText; + } + else if (strcmp(command->part(2), "7") == 0) + { + tacacsKey.assign(device->ciscoType7Decode(command->part(3))); + tacacsKeyEnc = cisco7Encryption; + if (tacacsKey.empty()) + { + tacacsKey.assign(command->part(3)); + device->addJohnPassword("tacacs", command->part(3)); + tacacsKeyEnc = md5Encryption; + } + } + else + { + tacacsKey.assign(command->part(2)); + tacacsKeyEnc = clearText; + } + } + + // TACACS+ Host + else if ((strcmp(command->part(0), "tacacs-server") == 0) && (strcmp(command->part(1), "host") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = addTacacsServer(); + tacacsPointer->groupName.assign(groupName); + tacacsPointer->address.assign(command->part(2)); + tacacsPointer->timeout = tacacsTimeout; + tacacsPointer->port = tacacsPort; + tacacsPointer->key.assign(tacacsKey); + tacacsPointer->encryption = tacacsKeyEnc; + tempInt = 3; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "key") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "0") == 0) + { + tempInt++; + tacacsPointer->key.assign(command->part(tempInt)); + tacacsPointer->encryption = clearText; + } + else if (strcmp(command->part(tempInt), "7") == 0) + { + tempInt++; + tacacsPointer->key.assign(device->ciscoType7Decode(command->part(tempInt))); + tacacsPointer->encryption = cisco7Encryption; + if (tacacsPointer->key.empty()) + { + tacacsPointer->key.assign(command->part(tempInt)); + tempString.assign("tacacs-"); + tempString.append(tacacsPointer->address); + device->addJohnPassword(tempString.c_str(), command->part(tempInt)); + tacacsPointer->encryption = md5Encryption; + } + } + else + { + tacacsPointer->key.assign(command->part(tempInt)); + tacacsPointer->encryption = clearText; + } + } + else if (strcmp(command->part(tempInt), "port") == 0) + { + tempInt++; + tacacsPointer->port = atoi(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "timeout") == 0) + { + tempInt++; + tacacsPointer->timeout = atoi(command->part(tempInt)); + } + tempInt++; + } + } + + // TACACS+ Timeout + else if ((strcmp(command->part(0), "tacacs-server") == 0) && (strcmp(command->part(1), "timeout") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsTimeout = atoi(command->part(2)); + } + + // Kerberos + else if ((strcmp(command->part(0), "kerberos") == 0) && (strcmp(command->part(1), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sKerberos Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + kerberosPointer = addKerberosServer(); + kerberosPointer->address.assign(command->part(3)); + kerberosPointer->realm.assign(command->part(2)); + if (command->parts == 5) + kerberosPointer->port = atoi(command->part(4)); + else + kerberosPointer->port = 88; + } + + // RADIUS Timeout + else if ((strcmp(command->part(0), "radius-server") == 0) && (strcmp(command->part(1), "timeout") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusTimeout = atoi(command->part(2)); + } + + // RADIUS Retransmit + else if ((strcmp(command->part(0), "radius-server") == 0) && (strcmp(command->part(1), "retransmit") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Retransmit Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusRetries= atoi(command->part(2)); + } + + // RADIUS Key + else if ((strcmp(command->part(0), "radius-server") == 0) && (strcmp(command->part(1), "key") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Key Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(2), "0") == 0) + { + radiusKey.assign(command->part(3)); + radiusKeyEnc = clearText; + } + else if (strcmp(command->part(2), "7") == 0) + { + radiusKey.assign(device->ciscoType7Decode(command->part(3))); + radiusKeyEnc = cisco7Encryption; + if (radiusKey.empty()) + { + radiusKey.assign(command->part(3)); + device->addJohnPassword("radius", command->part(3)); + radiusKeyEnc = md5Encryption; + } + } + else + { + radiusKey.assign(command->part(2)); + radiusKeyEnc = clearText; + } + } + + // RADIUS Host + else if ((strcmp(command->part(0), "radius-server") == 0) && (strcmp(command->part(1), "host") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = addRadiusServer(); + radiusPointer->groupName.assign(groupName); + radiusPointer->address.assign(command->part(2)); + radiusPointer->timeout = radiusTimeout; + radiusPointer->port = radiusPort; + radiusPointer->retries = radiusRetries; + tempInt = 3; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "key") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "0") == 0) + { + tempInt++; + radiusPointer->key.assign(command->part(tempInt)); + radiusPointer->encryption = clearText; + } + else if (strcmp(command->part(tempInt), "7") == 0) + { + tempInt++; + radiusPointer->key.assign(device->ciscoType7Decode(command->part(tempInt))); + radiusPointer->encryption = cisco7Encryption; + if (radiusPointer->key.empty()) + { + radiusPointer->key.assign(command->part(tempInt)); + radiusPointer->encryption = md5Encryption; + device->addJohnPassword("radius", command->part(tempInt)); + } + } + else + { + radiusPointer->key.assign(command->part(tempInt)); + radiusPointer->encryption = clearText; + } + } + else if (strcmp(command->part(tempInt), "auth-port") == 0) + { + tempInt++; + radiusPointer->port = atoi(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "retransmit") == 0) + { + tempInt++; + radiusPointer->retries = atoi(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "timeout") == 0) + { + tempInt++; + radiusPointer->timeout = atoi(command->part(tempInt)); + } + tempInt++; + } + } + + // Enable + else if (strcmp(command->part(tempInt), "enable") == 0) + { + tempInt++; + if (device->config->reportFormat == Config::Debug) + printf("%sEnable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Create user... + if (strcmp(command->part(tempInt), "secret") == 0) + localUserPointer = getUser("enable (secret)"); + else + localUserPointer = getUser("enable (password)"); + tempInt++; + + localUserPointer->adminAccess = true; + // Add level... + if ((strcmp(command->part(tempInt), "level") == 0) || (strcmp(command->part(tempInt), "privilege") == 0)) + { + tempInt++; + localUserPointer->privilegeLevel.assign(command->part(tempInt)); + tempInt++; + } + else + localUserPointer->privilegeLevel.assign("15"); + + // Password... + if (strcmp(command->part(tempInt), "0") == 0) + { + tempInt++; + localUserPointer->encryption = clearText; + localUserPointer->password.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "5") == 0) + { + tempInt++; + localUserPointer->encryption = md5Encryption; + localUserPointer->password.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "6") == 0) + { + tempInt++; + localUserPointer->encryption = aesEncryption; + localUserPointer->password.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "7") == 0) + { + tempInt++; + localUserPointer->encryption = cisco7Encryption; + localUserPointer->password.assign(device->ciscoType7Decode(command->part(tempInt))); + } + else + { + localUserPointer->encryption = clearText; + localUserPointer->password.assign(command->part(tempInt)); + } + } + + // Usernames... + else if (strcmp(command->part(tempInt), "username") == 0) + { + tempInt++; + + if (device->config->reportFormat == Config::Debug) + printf("%sUsername Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + localUserPointer = getUser(command->part(tempInt)); + if (localUserPointer->privilegeLevel.empty()) + localUserPointer->privilegeLevel.assign("1"); + tempInt++; + + while (tempInt < command->parts) + { + + // Add level... + if (strcmp(command->part(tempInt), "privilege") == 0) + { + tempInt++; + localUserPointer->privilegeLevel.assign(command->part(tempInt)); + if (strcmp(command->part(tempInt), "15") == 0) + localUserPointer->adminAccess = true; + } + + // Access Class... + else if (strcmp(command->part(tempInt), "access-class") == 0) + { + tempInt++; + localUserPointer->outboundACL.assign(command->part(tempInt)); + localUserPointer->aclSupported = true; + } + + // Password... + else if ((strcmp(command->part(tempInt), "password") == 0) || (strcmp(command->part(tempInt), "secret") == 0)) + { + tempInt++; + + if (strcmp(command->part(tempInt), "0") == 0) + { + tempInt++; + localUserPointer->encryption = clearText; + localUserPointer->password.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "5") == 0) + { + tempInt++; + localUserPointer->encryption = md5Encryption; + localUserPointer->password.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "6") == 0) + { + tempInt++; + localUserPointer->encryption = aesEncryption; + localUserPointer->password.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "7") == 0) + { + tempInt++; + localUserPointer->encryption = cisco7Encryption; + localUserPointer->password.assign(device->ciscoType7Decode(command->part(tempInt))); + } + else + { + localUserPointer->encryption = clearText; + localUserPointer->password.assign(command->part(tempInt)); + } + } + + tempInt++; + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return errorCode; +} + + +int IOSAuthentication::processDefaults(Device *device) +{ + // Variables... + tacacsServerConfig *tacacsPointer = 0; + radiusServerConfig *radiusPointer = 0; + + // Populate keys... + if (!tacacsKey.empty()) + { + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + if (tacacsPointer->key.empty()) + { + tacacsPointer->key.assign(tacacsKey); + tacacsPointer->encryption = tacacsKeyEnc; + } + tacacsPointer = tacacsPointer->next; + } + } + if (!radiusKey.empty()) + { + radiusPointer = radiusServer; + while (radiusPointer != 0) + { + if (radiusPointer->key.empty()) + { + radiusPointer->key.assign(radiusKey); + radiusPointer->encryption = radiusKeyEnc; + } + radiusPointer = radiusPointer->next; + } + } + + return 0; +} diff --git a/libnipper-0.12.6/Cisco-IOS/authentication.h b/libnipper-0.12.6/Cisco-IOS/authentication.h new file mode 100644 index 0000000..8dd6016 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/authentication.h @@ -0,0 +1,67 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef deviceiosauthentication_H +#define deviceiosauthentication_H + + +#include "../device/authentication/authentication.h" + + +class IOSAuthentication : public Authentication +{ + public: + + IOSAuthentication(); + + + // ----------------------------------------------------------------------- + // Standard Device Class Methods... + // ----------------------------------------------------------------------- + + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + + + private: + string groupName; + int tacacsPort; + int tacacsTimeout; + int radiusPort; + int radiusTimeout; + int radiusRetries; + string tacacsKey; + passwordEncryption tacacsKeyEnc; + string radiusKey; + passwordEncryption radiusKeyEnc; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS/banner.cpp b/libnipper-0.12.6/Cisco-IOS/banner.cpp new file mode 100644 index 0000000..141e6aa --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/banner.cpp @@ -0,0 +1,446 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "iosdevice.h" +#include "banner.h" + + +IOSBanner::IOSBanner() +{ + // Banner settings... + preLogonBanner = true; // Support Banner(s) Before Logon? + postLogonBanner = true; // Support Banner(s) After Logon? + configPreLogonBanner = i18n("The *ABBREV*MOTD*-ABBREV* banner message is shown to all connections to *DEVICETYPE* devices prior to the logon. The *ABBREV*MOTD*-ABBREV* banner message can be configured with the following command:*CODE**COMMAND*banner motd *CMDUSER*delimeter*-CMDUSER* *CMDUSER*banner-message*-CMDUSER* *CMDUSER*delimeter*-CMDUSER**-COMMAND**-CODE*"); // The text that explains how to config a prelogon banner, with commands... + configPostLogonBanner = i18n("The Exec banner is shown to remote and console users after a logon occurs. The Exec banner can be configured with the following command:*CODE**COMMAND*banner exec *CMDUSER*delimeter*-CMDUSER* *CMDUSER*banner-message*-CMDUSER* *CMDUSER*delimeter*-CMDUSER**-COMMAND**-CODE*"); // The text that explains how to config a post logon banner, with commands... +} + + +int IOSBanner::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + bannerStruct *bannerPointer = 0; + char delimeter[3] = {0,0,0}; + string tempString; + int position = 0; + bool end = false; + + // Init + if (strcmp(command->part(0), "no") != 0) + { + + // MOTD... + if (strcmp(command->part(1), "motd") == 0) + { + + // The setup... + if (command->part(2)[0] != '^') + { + delimeter[0] = command->part(2)[0]; + position = 1; + } + else if (strlen(command->part(2)) > 1) + { + delimeter[0] = command->part(2)[0]; + delimeter[1] = command->part(2)[1]; + position = 2; + } + if (strlen(command->part(2) + position) > 0) + { + if (strncmp(command->part(2) + position, (const char *)&delimeter, position) == 0) + end = true; + } + + // Get banner... + if (end == false) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign(i18n("*ABBREV*MOTD*-ABBREV*")); + bannerPointer->description.assign(i18n("The *ABBREV*MOTD*-ABBREV* banner message is presented to users before they logon to *DEVICETYPE* devices. The *ABBREV*MOTD*-ABBREV* banner message configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = anyConnection; + tempString.assign(strstr(line, (const char *)&delimeter) + position); + + // Get the lines... + while ((end == false) && (feof(device->inputFile) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (tempString.find((const char *)&delimeter) != tempString.npos) + { + end = true; + tempString.erase(tempString.find((const char *)&delimeter)); + } + + addBannerLine(bannerPointer, tempString.c_str()); + + // Read a line from the config... + if (end == false) + { + device->readLine(line, lineSize); + tempString.assign(line); + } + } + } + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + } + + // Login... + else if (strcmp(command->part(1), "login") == 0) + { + + // The setup... + if (command->part(2)[0] != '^') + { + delimeter[0] = command->part(2)[0]; + position = 1; + } + else if (strlen(command->part(2)) > 1) + { + delimeter[0] = command->part(2)[0]; + delimeter[1] = command->part(2)[1]; + position = 2; + } + if (strlen(command->part(2) + position) > 0) + { + if (strncmp(command->part(2) + position, (const char *)&delimeter, position) == 0) + end = true; + } + + // Get banner... + if (end == false) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign(i18n("Login")); + bannerPointer->description.assign(i18n("The Login banner message is presented to users before they logon to *DEVICETYPE* devices. The Login banner message configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = anyConnection; + tempString.assign(strstr(line, (const char *)&delimeter) + position); + + // Get the lines... + while ((end == false) && (feof(device->inputFile) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLogin Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (tempString.find((const char *)&delimeter) != tempString.npos) + { + end = true; + tempString.erase(tempString.find((const char *)&delimeter)); + } + + addBannerLine(bannerPointer, tempString.c_str()); + + // Read a line from the config... + if (end == false) + { + device->readLine(line, lineSize); + tempString.assign(line); + } + } + } + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sLogin Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + } + + // Exec... + else if (strcmp(command->part(1), "exec") == 0) + { + + // The setup... + if (command->part(2)[0] != '^') + { + delimeter[0] = command->part(2)[0]; + position = 1; + } + else if (strlen(command->part(2)) > 1) + { + delimeter[0] = command->part(2)[0]; + delimeter[1] = command->part(2)[1]; + position = 2; + } + if (strlen(command->part(2) + position) > 0) + { + if (strncmp(command->part(2) + position, (const char *)&delimeter, position) == 0) + end = true; + } + + // Get banner... + if (end == false) + { + bannerPointer = addBanner(); + bannerPointer->banner = postLogon; + bannerPointer->name.assign(i18n("Exec")); + bannerPointer->description.assign(i18n("The Exec banner message is presented to users after they logon to *DEVICETYPE* devices (excluding reverse Telnet users). The Exec banner message configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = anyConnection; + tempString.assign(strstr(line, (const char *)&delimeter) + position); + + // Get the lines... + while ((end == false) && (feof(device->inputFile) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sExec Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (tempString.find((const char *)&delimeter) != tempString.npos) + { + end = true; + tempString.erase(tempString.find((const char *)&delimeter)); + } + + addBannerLine(bannerPointer, tempString.c_str()); + + // Read a line from the config... + if (end == false) + { + device->readLine(line, lineSize); + tempString.assign(line); + } + } + } + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sExec Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + } + + // Incoming... + else if (strcmp(command->part(1), "incoming") == 0) + { + + // The setup... + if (command->part(2)[0] != '^') + { + delimeter[0] = command->part(2)[0]; + position = 1; + } + else if (strlen(command->part(2)) > 1) + { + delimeter[0] = command->part(2)[0]; + delimeter[1] = command->part(2)[1]; + position = 2; + } + if (strlen(command->part(2) + position) > 0) + { + if (strncmp(command->part(2) + position, (const char *)&delimeter, position) == 0) + end = true; + } + + // Get banner... + if (end == false) + { + bannerPointer = addBanner(); + bannerPointer->banner = postLogon; + bannerPointer->name.assign(i18n("Incoming")); + bannerPointer->description.assign(i18n("The Incoming banner message is presented to reverse Telnet users after they logon to *DEVICETYPE* devices. The Incoming banner message configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = reverseTelnetConnection; + tempString.assign(strstr(line, (const char *)&delimeter) + position); + + // Get the lines... + while ((end == false) && (feof(device->inputFile) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sIncoming Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (tempString.find((const char *)&delimeter) != tempString.npos) + { + end = true; + tempString.erase(tempString.find((const char *)&delimeter)); + } + + addBannerLine(bannerPointer, tempString.c_str()); + + // Read a line from the config... + if (end == false) + { + device->readLine(line, lineSize); + tempString.assign(line); + } + } + } + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sIncoming Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + } + + // PPP/SLIP... + else if (strcmp(command->part(1), "slip-ppp") == 0) + { + + // The setup... + if (command->part(2)[0] != '^') + { + delimeter[0] = command->part(2)[0]; + position = 1; + } + else if (strlen(command->part(2)) > 1) + { + delimeter[0] = command->part(2)[0]; + delimeter[1] = command->part(2)[1]; + position = 2; + } + if (strlen(command->part(2) + position) > 0) + { + if (strncmp(command->part(2) + position, (const char *)&delimeter, position) == 0) + end = true; + } + + // SLIP/PPP banner... + if (end == false) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign(i18n("*ABBREV*SLIP*-ABBREV*-*ABBREV*PPP*-ABBREV*")); + bannerPointer->description.assign(i18n("The *ABBREV*SLIP*-ABBREV*-*ABBREV*PPP*-ABBREV* banner message is presented to users connecting to *DEVICETYPE* devices using *ABBREV*SLIP*-ABBREV* or *ABBREV*PPP*-ABBREV*. The *ABBREV*SLIP*-ABBREV*-*ABBREV*PPP*-ABBREV* banner message configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = pppConnection; + tempString.assign(strstr(line, (const char *)&delimeter) + position); + + // Get the lines... + while ((end == false) && (feof(device->inputFile) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSLIP-PPP Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (tempString.find((const char *)&delimeter) != tempString.npos) + { + end = true; + tempString.erase(tempString.find((const char *)&delimeter)); + } + + addBannerLine(bannerPointer, tempString.c_str()); + + // Read a line from the config... + if (end == false) + { + device->readLine(line, lineSize); + tempString.assign(line); + } + } + } + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sSLIP-PPP Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + } + + + + // Exec... + else if (strcmp(command->part(1), "aaa") == 0) + { + + // The setup... + if (command->part(3)[0] != '^') + { + delimeter[0] = command->part(3)[0]; + position = 1; + } + else if (strlen(command->part(3)) > 1) + { + delimeter[0] = command->part(3)[0]; + delimeter[1] = command->part(3)[1]; + position = 2; + } + if (strlen(command->part(3) + position) > 0) + { + if (strncmp(command->part(3) + position, (const char *)&delimeter, position) == 0) + end = true; + } + + // Get banner... + if (end == false) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign(i18n("*ABBREV*AAA*-ABBREV*")); + bannerPointer->description.assign(i18n("The *ABBREV*AAA*-ABBREV* banner message is presented to users before they logon to *DEVICETYPE* devices (except in cases where *ABBREV*TACACS+*-ABBREV* is the first authentication method). The *ABBREV*AAA*-ABBREV* banner message configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = anyConnection; + tempString.assign(strstr(line, (const char *)&delimeter) + position); + + // Get the lines... + while ((end == false) && (feof(device->inputFile) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (tempString.find((const char *)&delimeter) != tempString.npos) + { + end = true; + tempString.erase(tempString.find((const char *)&delimeter)); + } + + addBannerLine(bannerPointer, tempString.c_str()); + + // Read a line from the config... + if (end == false) + { + device->readLine(line, lineSize); + tempString.assign(line); + } + } + } + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + } + + + + + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-IOS/banner.h b/libnipper-0.12.6/Cisco-IOS/banner.h new file mode 100644 index 0000000..0d4b97e --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/banner.h @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef IOSbanner_H +#define IOSbanner_H + + +#include "../device/banner/banner.h" + + +class IOSBanner : public Banner +{ + public: + + IOSBanner(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS/dns.cpp b/libnipper-0.12.6/Cisco-IOS/dns.cpp new file mode 100644 index 0000000..161f015 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/dns.cpp @@ -0,0 +1,323 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "iosdevice.h" +#include "dns.h" +#include "general.h" + + +IOSDNS::IOSDNS() +{ + nameMappingConfig = i18n("*DEVICETYPE* devices can be configured to resolve name to address mappings. This section details those settings."); // The text paragraph in the config section + + // Host configuration + showInterface = false; // Are interfaces supported? + + // DNS Client Settings + dnsClientSupported = true; // DNS Client Supported? + dnsLookupEnabled = true; // DNS lookups enabled? + disableLookup = "Domain lookups can be disabled on *DEVICETYPE* devices with the following commands (the last command is for *DEVICEOS* 12.1 and older):*CODE**COMMAND*no ip domain lookup*-COMMAND**COMMAND*no ip domain-lookup*-COMMAND**-CODE*"; // The text and commands to disable DNS lookup + dnsRetries = 2; // DNS lookup retries + dnsRetriesSupported = false; // DNS lookup retries Supported? + dnsTimeout = 3; // DNS timeout + dnsTimeoutSupported = false; // DNS timeout Supported? + dnsRoundRobin = false; // DNS Round Robin + dnsRoundRobinSupported = false; // DNS Round Robin Supported? + + // DNS Server Options... + dnsRecordKeepAliveSupported = false; // Is the DNS keep Alive message type supported? + returnRecordsSupported = false; // Is the single/multiple record field supported? + dynamicDNSSupported = false; // Is Dynamic DNS Supported? + dnsServerSupported = false; // Is DNS Server Supported? + dnsServiceEnabled = false; // Is the DNS service enabled? + dynamicDNSEnabled = false; // Is dynamic DNS enabled? + dnsProxySupported = false; // Is DNS Proxy Server Supported? + dnsProxyEnabled = false; // Is the DNS Proxy service enabled? + dnsPort = 53; // DNS Server Port + + broadcastLookups = true; +} + + +int IOSDNS::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + dnsConfig *dnsPointer = 0; + int tempInt = 0; + bool setting = false; + bool first = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 2; + setting = false; + } + else + { + tempInt = 1; + setting = true; + } + + // Proxy Server... + if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "spoofing") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Spoofing(Proxy) Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + dnsProxyEnabled = true; + dnsProxySupported = true; + dnsServerSupported = true; + } + + // DNS Server... + else if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + dnsServiceEnabled = setting; + dnsServerSupported = true; + } + + // domain list... + else if (((strcmp(command->part(tempInt), "domain") == 0) && (strcmp(command->part(tempInt + 1), "list") == 0)) || (strcmp(command->part(tempInt), "domain-list") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Domain List Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt), "list") == 0) + tempInt++; + + if (setting == true) + { + dnsPointer = addDomainName(command->part(tempInt)); + } + } + + // domain lookup... + else if (((strcmp(command->part(tempInt), "domain") == 0) && (strcmp(command->part(tempInt + 1), "lookup") == 0)) || (strcmp(command->part(tempInt), "domain-lookup") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Domain Lookup Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt), "lookup") == 0) + tempInt++; + + dnsLookupEnabled = setting; + broadcastLookups = setting; + } + + // domain name... + else if (((strcmp(command->part(tempInt), "domain") == 0) && (strcmp(command->part(tempInt + 1), "name") == 0)) || (strcmp(command->part(tempInt), "domain-name") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Domain Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt), "name") == 0) + tempInt++; + + if (setting == true) + dnsDomain.assign(command->part(tempInt)); + } + + // domain retry... + else if ((strcmp(command->part(tempInt), "domain") == 0) && (strcmp(command->part(tempInt + 1), "retry") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDomain Retries Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + + dnsRetriesSupported = true; + + if (setting == true) + dnsRetries = atoi(command->part(tempInt)); + } + + // round robin... + else if ((strcmp(command->part(tempInt), "domain") == 0) && (strcmp(command->part(tempInt + 1), "round-robin") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Round Robin Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + + dnsRoundRobinSupported = true; + dnsRoundRobin = setting; + } + + // timeout... + else if ((strcmp(command->part(tempInt), "domain") == 0) && (strcmp(command->part(tempInt + 1), "timeout") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + + dnsTimeoutSupported = true; + if (setting == true) + dnsTimeout = atoi(command->part(tempInt)); + } + + // dns name-server... + else if (strcmp(command->part(tempInt), "name-server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Name Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (dnsServer == 0) + first = true; + while (tempInt < command->parts) + { + if (first == true) + { + dnsPointer = addDNSServer(command->part(tempInt)); + dnsPointer->description.assign(i18n("Primary")); + first = false; + } + else + { + dnsPointer = addDNSServer(command->part(tempInt)); + dnsPointer->description.assign(i18n("Secondary")); + } + tempInt++; + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int IOSDNS::processDefaults(Device *device) +{ + // Enable features... + if (device->general != 0) + { + if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 3)) || ((device->general->versionMajor == 12) && (device->general->versionMinor == 3) && (device->general->versionRevision > 2))) + { + if (device->isRouter == true) + { + dnsProxySupported = true; + dnsServerSupported = true; + } + dnsRetriesSupported = true; + dnsTimeoutSupported = true; + dnsRoundRobinSupported = true; + } + else if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 2)) || ((device->general->versionMajor == 12) && (device->general->versionMinor == 2) && (device->general->versionRevision > 3))) + { + if (device->isRouter == true) + dnsServerSupported = true; + dnsRetriesSupported = true; + dnsTimeoutSupported = true; + dnsRoundRobinSupported = true; + } + else if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 2))) + { + dnsRetriesSupported = true; + dnsTimeoutSupported = true; + dnsRoundRobinSupported = true; + } + else if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 0))) + { + dnsRoundRobinSupported = true; + } + } + + // Disable domain lookups if there are no servers to lookup with... + if (dnsServer == 0) + dnsLookupEnabled = false; + + return 0; +} + + +int IOSDNS::generateDeviceSpecificSecurityReport(Device *device) +{ + // Variables... + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + + if ((dnsLookupEnabled == false) && (broadcastLookups == true) && (dnsClientSupported == true)) + { + + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Broadcast Domain Lookups Enabled\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Broadcast Domain Lookups Enabled")); + securityIssuePointer->reference.assign("IOS.DNSCLOOK.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*DEVICETYPE* devices can make use host names rather than the *ABBREV*IP*-ABBREV* by looking up the address using *ABBREV*DNS*-ABBREV* services. If no *ABBREV*DNS*-ABBREV* servers are configured, the lookups are broadcast on *DEVICETYPE* devices rather than sent directly to a *ABBREV*DNS*-ABBREV* server.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that name lookups were configured to broadcast from *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 2; // Medium + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker who was able to capture network traffic could monitor *ABBREV*DNS*-ABBREV* queries from the *DEVICETYPE* devices. Furthermore, vulnerabilities have been previously identified where mistyped commands on *DEVICETYPE* devices are interpreted as an attempt to contact a Telnet server. An attacker listening for such connections could create a connection back to the device in order to perform a man in the middle attack.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + securityIssuePointer->easeRating = 8; // Easy + paragraphPointer->paragraph.assign(i18n("Network packet capture tools are available on the Internet that can allow an attacker to monitor the network traffic. The attack is made easier due to the lookups being broadcast on the network.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 3; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that, if not required, domain lookups should be disabled.")); + if (strlen(disableLookup) > 0) + { + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(disableLookup); + } + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("domain lookups were enabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable domain lookups")); + } + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-IOS/dns.h b/libnipper-0.12.6/Cisco-IOS/dns.h new file mode 100644 index 0000000..7c4bdc2 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/dns.h @@ -0,0 +1,55 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef IOSDNS_H +#define IOSDNS_H + + +#include "../device/dns/dns.h" + + +class IOSDNS : public DNS +{ + public: + + IOSDNS(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int generateDeviceSpecificSecurityReport(Device *device); + + + private: + bool broadcastLookups; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS/filter.cpp b/libnipper-0.12.6/Cisco-IOS/filter.cpp new file mode 100644 index 0000000..d22822b --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/filter.cpp @@ -0,0 +1,828 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "iosdevice.h" +#include "filter.h" + + +IOSFilter::IOSFilter() +{ + // Filter text... + standardACLText = i18n("Standard *ABBREV*ACL*-ABBREV*"); + standardACLDescription = i18n("Standard *ABBREV*ACLs*-ABBREV* only define the source address and process the packet solely based on that, they are typically used to restrict access to device services or protocols."); + extendedACLText = i18n("Extended *ABBREV*ACL*-ABBREV*"); + extendedACLDescription = i18n("Extended *ABBREV*ACLs*-ABBREV* permit or deny network traffic based on the source and destination addresses and network ports. Extended *ABBREV*ACLs*-ABBREV* are used for checks on traffic passing through the *DEVICENAME*."); + + // Filter device options... + noAccessWithoutFilters = false; // Is access not granted if no filters are configured + allowName = i18n("Permit"); // The name given to an allowed filter + denyName = i18n("Deny"); // The name given to a denied filter + ruleListsAreAssigned = true; // Rule lists are assigned to specific elements + filterConfigTitle = i18n("*ABBREV*ACL*-ABBREV* Configuration"); // The Title for the configuration report section + filterConfigText = i18n("*ABBREV*ACL*-ABBREV* are sequential lists of apply or deny *ABBREV*ACEs*-ABBREV* that a *DEVICETYPE* device will apply to the network traffic. The *DEVICETYPE* device will check network traffic against the *ABBREV*ACL*-ABBREV* and the first *ABBREV*ACE*-ABBREV* that matches will determine whether the network traffic is permitted or denied. If the *DEVICETYPE* device does not have an *ABBREV*ACE*-ABBREV* that applies then the packet is denied."); // The device specific configuration report section text + filterConfigText2 = i18n("There are two different types of *ABBREV*ACLs*-ABBREV* on IOS-based Cisco devices, standard and extended. For numbered *ABBREV*ACLs*-ABBREV*, standard *ABBREV*ACLs*-ABBREV* have an access list number between 1 to 99 or 1300 to 1999, all others are extended *ABBREV*ACLs*-ABBREV*. Standard *ABBREV*ACLs*-ABBREV* only define the source address and process the packet solely based on that, they are typically used to restrict access to device services or protocols. Extended *ABBREV*ACLs*-ABBREV* contain additional checks, such as destination address and network port numbers, and are used for filtering network traffic passing through the device."); // The device specific configuration report section text2 + filterIDTitle = i18n("Line"); // The title for the filter ID/line no. table column + filterListName = i18n("*ABBREV*ACL*-ABBREV*"); // The name of the filter list, for use in text paragraphs + filterListNamePlaural = i18n("*ABBREV*ACLs*-ABBREV*"); // The name of the filter list, for use in text paragraphs + filterListNameTitle = i18n("*ABBREV*ACL*-ABBREV*"); // The name of the filter list, for use in titles + filterTitle = i18n("*ABBREV*ACE*-ABBREV*"); // The name of a filter, for use in titles + filterTitlePlaural = i18n("*ABBREV*ACEs*-ABBREV*"); // The name of a filter, for use in titles + filterName = i18n("*ABBREV*ACE*-ABBREV*"); // The name of a filter, for use use in text paragraph + filterNamePlaural = i18n("*ABBREV*ACEs*-ABBREV*"); // The name of a filter, for use use in text paragraph + + // Issue titles... + allowAndNotLogIssue = i18n("All Permit *ABBREV*ACE*-ABBREV* Do Not Log"); // The title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogTable = i18n("permit *ABBREV*ACE*-ABBREV* that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogConcl = i18n("all permit *ABBREV*ACE*-ABBREV* do not log"); // The conclusions text for the "All Allow Rules Do Not Log" issue + allowAndNotLogReco = i18n("Configure logging for all *ABBREV*ACE*-ABBREV*");// The recommendations text for the "All Allow Rules Do Not Log" issue + denyAndNotLogIssue = i18n("All Deny *ABBREV*ACE*-ABBREV* Do Not Log"); // The title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogTable = i18n("deny *ABBREV*ACE*-ABBREV* that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogConcl = i18n("all deny *ABBREV*ACE*-ABBREV* do not log"); // The conclusions text for the "All Allow Rules Do Not Log" issue + configRuleLogging = i18n("Logging can be enabled on extended *COMMAND*access-list*-COMMAND* with the following command:*CODE**COMMAND*access-list *CMDUSER*list-id*-CMDUSER* extended *CMDREQUIRE*deny *CMDOR* permit*-CMDREQUIRE* *CMDUSER*protocol*-CMDUSER* *CMDUSER*source*-CMDUSER* *CMDUSER*destination*-CMDUSER* log*-COMMAND**-CODE*"); // The text describing how to configure logging for filter rules + noFilteringIssue = i18n("No *ABBREV*ACL*-ABBREV* Were Configured"); // The title text for the "No filtering" issue + noFilteringRec = i18n("Configure *ABBREV*ACL*-ABBREV* to restrict access"); // The title text for the "No filtering" recommendation + noFilteringCon = i18n("no *ABBREV*ACL*-ABBREV* were configured"); // The title text for the "No filtering" conclusion + + // IOS specific + turboAccessListSupported = false; // Are turbo ACL supported? + turboAccessList = false; // Are turbo ACL enabled? +} + + +IOSFilter::~IOSFilter() +{ +} + + +int IOSFilter::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + filterObjectConfig *filterObjectPointer = 0; + filterConfig *filterPointer = 0; + filterListConfig *filterListPointer = 0; + int tempInt = 0; + int tempInt2 = 0; + bool specificProtocol = false; + bool icmpProtocol = false; + fpos_t filePosition; + + if (strcmp(command->part(0), "no") != 0) + { + + // IP Access List... + if ((strcmp(command->part(0), "ip") == 0) && (strcmp(command->part(1), "access-list") == 0) && (strcmp(command->part(2), "log-update") != 0)) + { + while ((strcmp(command->part(0), "!") != 0) && ((line[0] == ' ') || (strcmp(command->part(1), "access-list") == 0)) && (strcmp(command->part(2), "log-update") != 0) && (feof(device->inputFile) == 0)) + { + + // Access-List... + if ((strcmp(command->part(0), "ip") == 0) && (strcmp(command->part(1), "access-list") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAccess List Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList(command->part(3)); + if (strcmp(command->part(2), "standard") == 0) + { + filterListPointer->sourceOnly = true; + filterListPointer->type = standardACLText; + filterListPointer->typeDescription = standardACLDescription; + } + else + { + filterListPointer->type = extendedACLText; + filterListPointer->typeDescription = extendedACLDescription; + filterListPointer->sourceServiceSupported = true; // If source services are supported + filterListPointer->sourceOnly = false; + filterListPointer->supportsTime = true; // Filter support time (dest only) + filterListPointer->supportsFragments = true; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = true; // Filter support established (dest only) + } + filterListPointer->loggingSupport = true; // Does the filter list support logging + } + + // Remark... + else if ((strcmp(command->part(0), "remark") == 0) && (command->parts > 1)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRemark Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + filterPointer = addFilter(filterListPointer); + filterPointer->remarkFilter = true; + filterPointer->number--; + filterPointer->comment.assign(strstr(line, command->part(1))); + } + + // Permit/Deny... + else if ((strcmp(command->part(0), "permit") == 0) || (strcmp(command->part(0), "deny") == 0)) + { + if ((strcmp(command->part(0), "permit") == 0) && (device->config->reportFormat == Config::Debug)) + printf("%sPermit Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + else if (device->config->reportFormat == Config::Debug) + printf("%sDeny Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer = addFilter(filterListPointer); + + // Permit/Deny + if (strcmp(command->part(0), "permit") == 0) + filterPointer->action = allowAction; + else + filterPointer->action = denyAction; + tempInt = 1; + + // Protocol... + if (filterListPointer->sourceOnly == false) + { + filterObjectPointer = addFilterObject(filterPointer, protocol); + filterObjectPointer->type = protocolObject; + tempInt2 = atoi(command->part(tempInt)); + if ((tempInt2 > 0) || (strcmp(command->part(tempInt), "0") == 0)) + { + filterObjectPointer->name.assign(device->getProtocol(tempInt2)); + if (filterObjectPointer->name.empty()) + filterObjectPointer->name.assign(command->part(tempInt)); + } + else + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + tempInt++; + if (strcmp(command->part(tempInt), "icmp") == 0) + { + specificProtocol = true; + icmpProtocol = true; + } + else if (strcmp(command->part(tempInt), "igmp") == 0) + { + specificProtocol = true; + icmpProtocol = false; + } + } + + // Source + filterObjectPointer = addFilterObject(filterPointer, source); + if (strcasecmp(command->part(tempInt), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + } + else if (strcasecmp(command->part(tempInt), "host") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = hostObject; + } + else + { + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + if (tempInt < command->parts) + { + filterObjectPointer->netmask.assign(wildcardToNetmask(device, command->part(tempInt))); + filterObjectPointer->type = networkObject; + } + } + tempInt++; + + if (filterListPointer->sourceOnly == false) + { + + // Is operator used with source? + if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->type = serviceObject; + tempInt++; + } + + // Destination + filterObjectPointer = addFilterObject(filterPointer, destination); + if (strcasecmp(command->part(tempInt), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + } + else if (strcasecmp(command->part(tempInt), "host") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = hostObject; + } + else + { + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(wildcardToNetmask(device, command->part(tempInt))); + filterObjectPointer->type = networkObject; + } + tempInt++; + + // Is operator used with destination? + if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->type = serviceObject; + tempInt++; + } + + if (specificProtocol == true) + { + // IGMP.. + if (icmpProtocol == false) + { + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + + // ICMP... + else + { + filterObjectPointer = addFilterObject(filterPointer, destinationService); + tempInt2 = atoi(command->part(tempInt)); + if ((tempInt2 > 0) || (strcmp(command->part(tempInt), "0") == 0)) + { + filterObjectPointer->name.assign(device->getICMPName(tempInt2)); + if (filterObjectPointer->name.empty()) + filterObjectPointer->name.assign(command->part(tempInt)); + } + else + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + // If an ICMP CODE is specified... + if (((atoi(command->part(tempInt + 1)) > 0) && (atoi(command->part(tempInt + 1)) < 256)) || (strcmp(command->part(tempInt + 1), "0") == 0)) + { + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + device->addICMPType(filterObjectPointer->name.c_str(), atoi(command->part(tempInt))); + } + else + device->addICMPType(filterObjectPointer->name.c_str()); + tempInt++; + } + } + + // Other options... + while (tempInt < command->parts) + { + // Fragments... + if (strcmp(command->part(tempInt), "fragments") == 0) + filterPointer->fragments = true; + + // Established... + else if (strcmp(command->part(tempInt), "established") == 0) + filterPointer->established = true; + + // Log... + else if (strcmp(command->part(tempInt), "log") == 0) + filterPointer->log = true; + + // Time... + else if (strcmp(command->part(tempInt), "time-range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, timeLimit); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = timeObject; + } + + tempInt++; + } + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + // Compiled Access List... + else if ((strcmp(command->part(0), "access-list") == 0) && (strcmp(command->part(1), "compiled") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCompiled ACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + turboAccessListSupported = true; + turboAccessList = true; + } + + // Access List... + else if ((strcmp(command->part(0), "access-list") == 0) && (command->parts > 2)) + { + filterListPointer = getFilterList(command->part(1)); + if ((atoi(command->part(1)) < 100) || ((atoi(command->part(1)) > 1299) && (atoi(command->part(1)) < 2000))) + filterListPointer->sourceOnly = true; + else + filterListPointer->sourceOnly = false; + filterListPointer->loggingSupport = true; // Does the filter list support logging + filterPointer = addFilter(filterListPointer); + + // Remark... + if (strcmp(command->part(2), "remark") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sACL Remark Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + filterPointer->remarkFilter = true; + filterPointer->number--; + filterPointer->comment.assign(strstr(line, command->part(2))); + } + + // Standard ACL + else if (filterListPointer->sourceOnly == true) + { + if (device->config->reportFormat == Config::Debug) + printf("%sStandard ACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer->type = standardACLText; + filterListPointer->typeDescription = standardACLDescription; + + // Permit/Deny + if (strcmp(command->part(2), "permit") == 0) + filterPointer->action = allowAction; + else + filterPointer->action = denyAction; + + // Name + filterObjectPointer = addFilterObject(filterPointer, source); + if (strcasecmp(command->part(3), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + } + else + { + filterObjectPointer->name.assign(command->part(3)); + + // Mask/Wildcard + if ((command->parts > 4) && (strcmp(command->part(4), "log") != 0)) + filterObjectPointer->netmask.assign(wildcardToNetmask(device, command->part(4))); + else + filterObjectPointer->netmask.assign("255.255.255.255"); + + // Check type... + if (filterObjectPointer->netmask.compare("255.255.255.255") == 0) + filterObjectPointer->type = hostObject; + else + filterObjectPointer->type = networkObject; + } + + // Log + if (strcmp(command->part(command->parts - 1), "log") == 0) + filterPointer->log = true; + } + + // Extended ACL + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sExtended ACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + specificProtocol = false; + + filterListPointer->type = extendedACLText; + filterListPointer->typeDescription = extendedACLDescription; + filterListPointer->supportsTime = true; // Filter support time (dest only) + filterListPointer->supportsFragments = true; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = true; // Filter support established (dest only) + + // Permit/Deny + tempInt = 2; + while ((strcmp(command->part(tempInt), "permit") != 0) && (strcmp(command->part(tempInt), "deny") != 0) && (tempInt < command->parts)) + tempInt++; + if (strcmp(command->part(tempInt), "permit") == 0) + filterPointer->action = allowAction; + else + filterPointer->action = denyAction; + + // Protocol... + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, protocol); + filterObjectPointer->type = protocolObject; + tempInt2 = atoi(command->part(tempInt)); + if ((tempInt2 > 0) || (strcmp(command->part(tempInt), "0") == 0)) + { + filterObjectPointer->name.assign(device->getProtocol(tempInt2)); + if (filterObjectPointer->name.empty()) + filterObjectPointer->name.assign(command->part(tempInt)); + } + else + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + if (strcmp(command->part(tempInt), "icmp") == 0) + { + specificProtocol = true; + icmpProtocol = true; + } + else if (strcmp(command->part(tempInt), "igmp") == 0) + { + specificProtocol = true; + icmpProtocol = false; + } + + // Source + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, source); + if (strcasecmp(command->part(tempInt), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + } + else if (strcasecmp(command->part(tempInt), "host") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = hostObject; + } + else + { + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(wildcardToNetmask(device, command->part(tempInt))); + filterObjectPointer->type = networkObject; + } + tempInt++; + + // Is operator used with source? + if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->type = serviceObject; + tempInt++; + } + + // Destination + filterObjectPointer = addFilterObject(filterPointer, destination); + if (strcasecmp(command->part(tempInt), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + } + else if (strcasecmp(command->part(tempInt), "host") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = hostObject; + } + else + { + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(wildcardToNetmask(device, command->part(tempInt))); + filterObjectPointer->type = networkObject; + } + tempInt++; + + // Is operator used with destination? + if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->type = serviceObject; + tempInt++; + } + + if (specificProtocol == true) + { + // IGMP.. + if (icmpProtocol == false) + { + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + + // ICMP... + else + { + filterObjectPointer = addFilterObject(filterPointer, destinationService); + tempInt2 = atoi(command->part(tempInt)); + if ((tempInt2 > 0) || (strcmp(command->part(tempInt), "0") == 0)) + { + filterObjectPointer->name.assign(device->getICMPName(tempInt2)); + if (filterObjectPointer->name.empty()) + filterObjectPointer->name.assign(command->part(tempInt)); + } + else + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + // If an ICMP CODE is specified... + if (((atoi(command->part(tempInt + 1)) > 0) && (atoi(command->part(tempInt + 1)) < 256)) || (strcmp(command->part(tempInt + 1), "0") == 0)) + { + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + device->addICMPType(filterObjectPointer->name.c_str(), atoi(command->part(tempInt))); + } + else + device->addICMPType(filterObjectPointer->name.c_str()); + tempInt++; + } + } + + // Other options... + while (tempInt < command->parts) + { + // Fragments... + if (strcmp(command->part(tempInt), "fragments") == 0) + filterPointer->fragments = true; + + // Established... + else if (strcmp(command->part(tempInt), "established") == 0) + filterPointer->established = true; + + // Log... + else if ((strcmp(command->part(tempInt), "log") == 0) || (strcmp(command->part(tempInt), "log-input") == 0)) + filterPointer->log = true; + + // Time... + else if (strcmp(command->part(tempInt), "time-range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, timeLimit); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = timeObject; + } + + tempInt++; + } + } + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +string tempWildcard; +const char *IOSFilter::wildcardToNetmask(Device *device, const char *wildcard) +{ + // Variables... + int stringLength = strlen(wildcard); + const char *tempPointer = wildcard; + unsigned char octet1 = 0; + unsigned char octet2 = 0; + unsigned char octet3 = 0; + unsigned char octet4 = 0; + + // Obvious Errors... + if (wildcard == 0) + return "255.255.255.255"; + if (stringLength < 8) + return "255.255.255.255"; + + // Octet1... + octet1 = atoi(tempPointer); + octet1 = ~octet1; + + // Octet2... + tempPointer = strchr(tempPointer, '.'); + if (tempPointer == 0) + return "255.255.255.255"; + tempPointer++; + octet2 = atoi(tempPointer); + octet2 = ~octet2; + + // Octet3... + tempPointer = strchr(tempPointer, '.'); + if (tempPointer == 0) + return "255.255.255.255"; + tempPointer++; + octet3 = atoi(tempPointer); + octet3 = ~octet3; + + // Octet4... + tempPointer = strchr(tempPointer, '.'); + if (tempPointer == 0) + return "255.255.255.255"; + tempPointer++; + octet4 = atoi(tempPointer); + octet4 = ~octet4; + + // Return... + tempWildcard.assign(device->intToString(octet1)); + tempWildcard.append("."); + tempWildcard.append(device->intToString(octet2)); + tempWildcard.append("."); + tempWildcard.append(device->intToString(octet3)); + tempWildcard.append("."); + tempWildcard.append(device->intToString(octet4)); + return tempWildcard.c_str(); +} diff --git a/libnipper-0.12.6/Cisco-IOS/filter.h b/libnipper-0.12.6/Cisco-IOS/filter.h new file mode 100644 index 0000000..1ae6f75 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/filter.h @@ -0,0 +1,66 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef IOSFilter_H +#define IOSFilter_H + + +#include "../device/filter/filter.h" + + +class IOSFilter : public Filter +{ + public: + IOSFilter(); + virtual ~IOSFilter(); + + protected: + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + + private: + // Filter text... + const char *standardACLText; + const char *standardACLDescription; + const char *extendedACLText; + const char *extendedACLDescription; + + // IOS Specific methods... + const char *wildcardToNetmask(Device *device, const char *wildcard); // Convert a wildcard to a netmask + + // IOS Specific options... + bool turboAccessListSupported; // Are turbo ACL supported? + bool turboAccessList; // Are turbo ACL enabled? + +}; + + +#endif + diff --git a/libnipper-0.12.6/Cisco-IOS/general.cpp b/libnipper-0.12.6/Cisco-IOS/general.cpp new file mode 100644 index 0000000..e9e3f12 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/general.cpp @@ -0,0 +1,216 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "iosdevice.h" +#include "general.h" + + +//vulnerabilityConfig ios-vuln6 {i18n("Multiple DLSw Denial of Service"), true, false, "CVE-2008-1152", "28465", "cisco-amb-20080326-dlsw", &ios-vuln6-ver, false, 0}; +//vulnerabilityConfig ios-vuln5 {i18n("Dual-stack Router IPv6 Denial Of Service"), true, false, "CVE-2008-1153", "28461", "cisco-sa-20080326-IPv4IPv6", &ios-vuln5-ver, false, &ios-vuln6}; +//vulnerabilityConfig ios-vuln4 {i18n("SSH Multiple Denial of Service"), true, false, "CVE-2008-1159", "29314", "cisco-sa-20080521-ssh", &ios-vuln4-ver, false, &ios-vuln5}; +//vulnerabilityConfig ios-vuln3 {i18n("Failure to Handle Exceptional Conditions"), true, false, "CVE-2006-3906", "19176", "cisco-sr-20060726-ike", &ios-vuln3-ver, false, &ios-vuln4}; +//vulnerabilityConfig ios-vuln2 {i18n("FTP Server Multiple Vulnerabilities"), false, true, "", "23885", "cisco-sa-20070509-iosftp", &ios-vuln2-ver, false, &ios-vuln3}; +//vulnerabilityConfig ios-vuln1 {i18n("SNMP Remote Authentication Bypass"), false, true, "CVE-2008-0960", "29623", "cisco-sa-20080610-snmpv3", &ios-vuln1-ver, false, &ios-vuln2}; +/* + struct vulnVersionConfig ios_vuln_ver3 {12, 3, 0, 0, 12, 3, 13, 0, 0}; + struct vulnVersionConfig ios_vuln_ver2 {12, 2, 0, 0, 12, 2, 7, 0, &ios_vuln_ver3}; + struct vulnVersionConfig ios_vuln_ver1 {12, 1, 0, 0, 12, 1, 21, 0, &ios_vuln_ver2}; + struct vulnVersionConfig ios_vuln_ver {12, 0, 7, 0, 12, 0, 7, 0, &ios_vuln_ver1}; + struct vulnerabilityConfig ios_vuln {"DNS Protocol Insufficient Transaction ID Randomization DNS Spoofing", false, false, "CVE-2008-1447", "30131", "cisco-sa-20080708-dns", &ios_vuln_ver, false, 0};//&ios-vuln1}; +*/ + +// Initialisation... +IOSGeneral::IOSGeneral() +{ + servicePasswordEncryption = true; +} + + +int IOSGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Hostname + if (strcmp(command->part(tempInt), "hostname") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHostname Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostname = command->part(tempInt + 1); + } + + // Version + else if (strcmp(command->part(tempInt), "version") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sVersion Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (versionMajor == 0) + { + version = command->part(tempInt + 1); + if (!version.empty()) + { + versionMajor = atoi(version.c_str()); + if ((version.find_first_of('.') != string::npos) && (version.length() > version.find_first_of('.') + 1)) + versionMinor = atoi(version.c_str() + version.find_first_of('.') + 1); + } + noMinor = false; + } + } + + // Service lines... + else if (strcmp(command->part(tempInt), "service") == 0) + { + tempInt++; + + // Password Encryption... + if (strcmp(command->part(tempInt), "password-encryption") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Password-Encryption Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == false) + servicePasswordEncryption = off; + else + servicePasswordEncryption = on; + } + } + + return 0; +} + + +int IOSGeneral::processDefaults(Device *device) +{ + // Password Encryption + if (servicePasswordEncryption == unconfigured) + { + // No version, default to off + if (version.empty()) + servicePasswordEncryption = off; + else if (versionMajor >= 10) + servicePasswordEncryption = off; + } + + return 0; +} + +int IOSGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-GENERAL"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-GENERAL-TABLE"); + + // Password Encryption... + if (servicePasswordEncryption != unconfigured) + { + device->addTableData(paragraphPointer->table, i18n("Service Password Encryption")); + if (servicePasswordEncryption == on) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + } + + return errorCode; +} + + +int IOSGeneral::generateSecuritySpecificReport(Device *device) +{ + // Variables... + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Service Password Encryption... + if (servicePasswordEncryption == off) + { + + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Service Password Encryption Disabled\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Service Password Encryption Disabled")); + securityIssuePointer->reference.assign("IOS.PASSENCR.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("The *DEVICETYPE* service password encryption option instructs *DEVICENAME* to store the passwords using Cisco type-7 encryption. By default on *DEVICETYPE* devices the passwords are stored in the configuration file in their clear text form. *COMPANY* determined that encrypted password storage had not been enabled on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 5; // MEDIUM + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("A malicious user or an attacker with access to the device's configuration could quickly extract clear text passwords without having to decode or brute-force them. Alternatively, a malicious user could gain a clear text password if they were closely watching a network administrator. The attacker could then make use of the stolen credentials to gain a level of access to *DEVICENAME*.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + securityIssuePointer->easeRating = 2; // Challenge + paragraphPointer->paragraph.assign(i18n("An attacker would require access to the device configuration or would have to be closely watching a network administrator. This issue may require the attacker to have access to the device or a backup copy of the configuration for *DEVICENAME*.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 1; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("Although Cisco type-7 passwords are easily reversed and there are a number of programs that reverse them, they do provide an effective barrier against a casual observer. Therefore, *COMPANY* recommends that password encryption should be enabled. This can be done with the following Cisco *ABBREV*IOS*-ABBREV* command:")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*CODE**COMMAND*service password-encryption*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("service password encryption was disabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Enable service password encryption")); + } + return errorCode; +} diff --git a/libnipper-0.12.6/Cisco-IOS/general.h b/libnipper-0.12.6/Cisco-IOS/general.h new file mode 100644 index 0000000..209aa22 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/general.h @@ -0,0 +1,57 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef iosdevicegeneral_H +#define iosdevicegeneral_H + +#include "../device/general/general.h" + +class Device; + +class IOSGeneral : public General +{ + public: + IOSGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Reporting... + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + private: + unsigned int servicePasswordEncryption; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS/interfaces.cpp b/libnipper-0.12.6/Cisco-IOS/interfaces.cpp new file mode 100644 index 0000000..129b4b9 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/interfaces.cpp @@ -0,0 +1,783 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "iosdevice.h" +#include "interfaces.h" +#include "general.h" + + +IOSInterfaces::IOSInterfaces() +{ + // Interface Options... + filterIn = i18n("*ABBREV*ACL*-ABBREV* In"); // The filter in table title text + filterOut = i18n("*ABBREV*ACL*-ABBREV* Out"); // The filter out table title text + showDescription = true; // Show the interface description + cdpGlobalRequired = true; // If CDP needs to be enabled globally as well + disableCDPText = i18n("The following commands can be used to disable *ABBREV*CDP*-ABBREV* on *DEVICETYPE* devices. The first command disables *ABBREV*CDP*-ABBREV* for the entire device, whilst the second can be used to disable *ABBREV*CDP*-ABBREV* on individual interfaces.*CODE**COMMAND*no cdp run*-COMMAND**COMMAND*no cdp enable*-COMMAND**-CODE*"); // The text and commands to disable CDP + cdpSupported = true; // Is CDP supported on interfaces + disableProxyARPText = i18n("Proxy *ABBREV*ARP*-ABBREV* can be disabled on interfaces using the following command:*CODE**COMMAND*no ip proxy-arp*-COMMAND**-CODE*");// The text and commands to disable Proxy ARP + disableUnreachablesText = i18n("*ABBREV*ICMP*-ABBREV* unreachable message sending can be disabled on network interfaces with the following command:*CODE**COMMAND*no ip unreachables*-COMMAND**-CODE*"); // The text and commands to disable ICMP unreachable messages + disableInformationText = i18n("*ABBREV*ICMP*-ABBREV* information reply message sending can be disabled on network interfaces with the following command:*CODE**COMMAND*no ip information-reply*-COMMAND**-CODE*"); // The text and commands to disable ICMP information messages + disableMaskText = i18n("*ABBREV*ICMP*-ABBREV* mask reply message sending can be disabled on network interfaces with the following command:*CODE**COMMAND*no ip mask-reply*-COMMAND**-CODE*"); // The text and commands to disable ICMP mask messages + disableRedirectText = i18n("*ABBREV*ICMP*-ABBREV* redirect message sending can be disabled on network interfaces with the following command:*CODE**COMMAND*no ip redirects*-COMMAND**-CODE*"); // The text and commands to disable ICMP redirect messages + disableDirectedText = i18n("Directed broadcases can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*no ip directed broadcast*-COMMAND**-CODE*"); // The text and commands to disable directed broadcasts + disableMOPText = i18n("*ABBREV*MOP*-ABBREV* can be disabled on each interface with the following command:*CODE**COMMAND*no mop enabled*-COMMAND**-CODE*"); // The text and commands to disable MOP + disableActiveText = i18n("Unused interfaces can be disabled with the following command:*CODE**COMMAND*shutdown*-COMMAND**-CODE*"); // The text and commands to disable potentially unused interfaces + filterName = i18n("*ABBREV*ACL*-ABBREV*"); // The filter list name for use in the filter issue text + configFilterText = i18n("*DEVICETYPE* device filtering can be configured on interfaces with the following command:*CODE**COMMAND*ip access-group *CMDUSER*ACL*-CMDUSER* *CMDOPTION*in *CMDOR* out*-CMDOPTION**-COMMAND**-CODE*"); // The text and commands to configure network filtering + defaultAutoTrunk = true; // Default to automatically trunk + disableTrunkText = i18n("Switch ports can be configured to provide no trunking on each interface with the following command:*CODE**COMMAND*switchport mode access*-COMMAND**-CODE*"); // The text and commands to disable trunking on a port + enablePortSecurityText = i18n("Switch port security with *ABBREV*MAC*-ABBREV* address learning and port shutdown on a violation can be configured for each interface with the following commands:*CODE**COMMAND*switchport port-security*-COMMAND**COMMAND*switchport port-security violation shutdown*-COMMAND**COMMAND*switchport port-security mac-address sticky*-COMMAND**-CODE*"); // The text and commands to enable port security +} + + +int IOSInterfaces::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + interfaceListConfig *interfaceListPointer = 0; + interfaceConfig *interfacePointer = 0; + string tempString; + bool setting = false; + int tempInt = 0; + + // Interface... + if ((strcmp(command->part(0), "interface") == 0) && (strcmp(command->part(1), "service-engine") != 0) && (strcmp(command->part(1), "range") != 0) && (strcmp(command->part(1), "content-engine") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Get the correct list for the type of interface... + if (strncasecmp(command->part(1), "GigabitEthernet", 15) == 0) + { + interfaceListPointer = getInterfaceList("GETHERINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Gigabit Ethernet Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices gigabit ethernet interfaces."); + interfaceListPointer->tableTitle = i18n("Gigabit ethernet interfaces"); + interfaceListPointer->label = "GETHERINTERFACES"; + interfaceListPointer->proxyArpSupported = true; + interfaceListPointer->mopSupported = true; + interfaceListPointer->unreachablesSupported = true; + interfaceListPointer->redirectsSupported = true; + interfaceListPointer->ipMaskReplySupported = true; + interfaceListPointer->ipDirectBroadcastSupported = true; + interfaceListPointer->vlanSupported = true; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + interfaceListPointer->portSecuritySupported = false; + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + if (device->general != 0) + { + if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 1))) + { + interfaceListPointer->informationReplySupported = true; + if (device->isSwitch) + { + interfaceListPointer->portSecuritySupported = true; + } + } + } + interfaceListPointer->cdpSupported = true; + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 15); + interfacePointer->proxyARP = true; + interfacePointer->mop = true; + interfacePointer->ipUnreachables = true; + interfacePointer->ipRedirects = true; + interfacePointer->cdp = true; + if (device->general != 0) + { + if (device->general->versionMajor < 12) + interfacePointer->ipDirectBroadcast.assign(i18n("All")); + } + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "FastEthernet", 12) == 0) + { + interfaceListPointer = getInterfaceList("FETHERINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Fast Ethernet Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices fast ethernet interfaces."); + interfaceListPointer->tableTitle = i18n("Fast Ethernet interfaces"); + interfaceListPointer->label = "FETHERINTERFACES"; + interfaceListPointer->proxyArpSupported = true; + interfaceListPointer->mopSupported = true; + interfaceListPointer->unreachablesSupported = true; + interfaceListPointer->redirectsSupported = true; + interfaceListPointer->ipMaskReplySupported = true; + interfaceListPointer->ipDirectBroadcastSupported = true; + interfaceListPointer->vlanSupported = true; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + interfaceListPointer->portSecuritySupported = false; + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + if (device->general != 0) + { + if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 1))) + { + interfaceListPointer->informationReplySupported = true; + if (device->isSwitch) + { + interfaceListPointer->portSecuritySupported = true; + } + } + } + interfaceListPointer->cdpSupported = true; + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 12); + interfacePointer->proxyARP = true; + interfacePointer->mop = true; + interfacePointer->ipUnreachables = true; + interfacePointer->ipRedirects = true; + interfacePointer->cdp = true; + if (device->general != 0) + { + if (device->general->versionMajor < 12) + interfacePointer->ipDirectBroadcast.assign(i18n("All")); + } + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "Ethernet", 8) == 0) + { + interfaceListPointer = getInterfaceList("ETHERINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Ethernet Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices ethernet interfaces."); + interfaceListPointer->tableTitle = i18n("Ethernet interfaces"); + interfaceListPointer->label = "ETHERINTERFACES"; + interfaceListPointer->proxyArpSupported = true; + interfaceListPointer->mopSupported = true; + interfaceListPointer->unreachablesSupported = true; + interfaceListPointer->redirectsSupported = true; + interfaceListPointer->ipMaskReplySupported = true; + interfaceListPointer->ipDirectBroadcastSupported = true; + interfaceListPointer->vlanSupported = true; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + interfaceListPointer->portSecuritySupported = false; + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + if (device->general != 0) + { + if ((device->general->versionMajor > 12) || ((device->general->versionMajor == 12) && (device->general->versionMinor > 1))) + { + interfaceListPointer->informationReplySupported = true; + if (device->isSwitch) + { + interfaceListPointer->portSecuritySupported = true; + } + } + } + interfaceListPointer->cdpSupported = true; + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 8); + interfacePointer->proxyARP = true; + interfacePointer->mop = true; + interfacePointer->ipUnreachables = true; + interfacePointer->ipRedirects = true; + interfacePointer->cdp = true; + if (device->general != 0) + { + if (device->general->versionMajor < 12) + interfacePointer->ipDirectBroadcast.assign(i18n("All")); + } + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "Vlan", 4) == 0) + { + interfaceListPointer = getInterfaceList("VLANINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*VLAN*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*VLAN*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*VLAN*-ABBREV* interfaces"); + interfaceListPointer->label = "VLANINTERFACES"; + interfaceListPointer->proxyArpSupported = true; + interfaceListPointer->unreachablesSupported = true; + interfaceListPointer->redirectsSupported = true; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 4); + interfacePointer->proxyARP = true; + interfacePointer->ipUnreachables = true; + interfacePointer->ipRedirects = true; + } + else if (strncasecmp(command->part(1), "Loopback", 8) == 0) + { + interfaceListPointer = getInterfaceList("LOOPBACKINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Loopback Interfaces"); + interfaceListPointer->description = i18n("Loopback interfaces are virutal interfaces that are handled by software and are always up. This section describes the configuration of the loopback interfaces."); + interfaceListPointer->tableTitle = i18n("Loopback interfaces"); + interfaceListPointer->label = "LOOPBACKINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 8); + } + else if (strncasecmp(command->part(1), "Serial", 6) == 0) + { + interfaceListPointer = getInterfaceList("SERIALINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Serial Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices serial interfaces."); + interfaceListPointer->tableTitle = i18n("Serial interfaces"); + interfaceListPointer->label = "SERIALINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 6); + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "hssi", 4) == 0) + { + interfaceListPointer = getInterfaceList("HSSIINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*HSSI*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*HSSI*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*HSSI*-ABBREV* interfaces"); + interfaceListPointer->label = "HSSIINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 4); + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "fddi", 4) == 0) + { + interfaceListPointer = getInterfaceList("FDDIINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*FDDI*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*FDDI*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*FDDI*-ABBREV* interfaces"); + interfaceListPointer->label = "FDDIINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 4); + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "Dot11Radio", 10) == 0) + { + interfaceListPointer = getInterfaceList("WIRELESSINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Wireless Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices wireless interfaces."); + interfaceListPointer->tableTitle = i18n("Wireless interfaces"); + interfaceListPointer->label = "WIRELESSINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 10); + } + else if (strncasecmp(command->part(1), "Dialer", 6) == 0) + { + interfaceListPointer = getInterfaceList("DIALINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Dialer Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices dialer interfaces."); + interfaceListPointer->tableTitle = i18n("Dialer interfaces"); + interfaceListPointer->label = "DIALINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 6); + } + else if (strncasecmp(command->part(1), "BRI", 3) == 0) + { + interfaceListPointer = getInterfaceList("ISDNINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*ISDN*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*ISDN*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*ISDN*-ABBREV* interfaces"); + interfaceListPointer->label = "ISDNINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 3); + } + else if (strncasecmp(command->part(1), "POS", 3) == 0) + { + interfaceListPointer = getInterfaceList("POSINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*POS*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*POS*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*POS*-ABBREV* interfaces"); + interfaceListPointer->label = "POSINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 3); + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "ATM", 3) == 0) + { + interfaceListPointer = getInterfaceList("ATMINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*ATM*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*ATM*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*ATM*-ABBREV* interfaces"); + interfaceListPointer->label = "ATMINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 3); + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "Tunnel", 6) == 0) + { + interfaceListPointer = getInterfaceList("TUNINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Tunnel Interfaces"); + interfaceListPointer->description = i18n("Tunnel interfaces are virtual interfaces. This section describes the configuration of the tunnel interfaces."); + interfaceListPointer->tableTitle = i18n("Tunnel interfaces"); + interfaceListPointer->label = "TUNINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 6); + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else if (strncasecmp(command->part(1), "Port-channel", 12) == 0) + { + interfaceListPointer = getInterfaceList("PORTINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Port Channel Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the port channel interfaces."); + interfaceListPointer->tableTitle = i18n("Port channel interfaces"); + interfaceListPointer->label = "PORTINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + if (device->isSwitch == true) + { + interfaceListPointer->portModeSupported = true; + } + } + interfacePointer = getInterface(interfaceListPointer, command->part(1) + 12); + if (device->isSwitch == true) + { + if (device->isRouter == true) + interfacePointer->switchportMode = portModeAccess; + else + interfacePointer->switchportMode = portModeDynamic; + } + } + else + { + interfaceListPointer = getInterfaceList("OTHERINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Other Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the other interfaces configured on *DEVICENAME*."); + interfaceListPointer->tableTitle = i18n("Other interfaces"); + interfaceListPointer->label = "OTHERINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1)); + } + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((line[0] != '!') && (feof(device->inputFile) == 0)) + { + + if (strcmp(command->part(0), "no") == 0) + { + setting = false; + tempInt = 1; + } + else + { + setting = true; + tempInt = 0; + } + + // IP + if (strcmp(command->part(tempInt), "ip") == 0) + { + tempInt++; + + // address... + if (strcmp(command->part(1), "address") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface IP address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->address.assign(command->part(2)); + interfacePointer->netmask.assign(command->part(3)); + } + + else if (strcmp(command->part(1), "access-group") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface ACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (strcmp(command->part(3), "in") == 0) + addFilterList(interfacePointer, command->part(2), true); + else + addFilterList(interfacePointer, command->part(2), false); + } + + else if (strcmp(command->part(tempInt), "proxy-arp") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Proxy ARP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->proxyARP = setting; + } + + else if (strcmp(command->part(tempInt), "unreachables") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface IP Unreachables Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->ipUnreachables = setting; + } + + else if (strcmp(command->part(tempInt), "redirects") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface IP Redirect Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->ipRedirects = setting; + } + + else if (strcmp(command->part(tempInt), "mask-reply") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface IP Mask Reply Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->ipMaskReply = setting; + } + + else if (strcmp(command->part(tempInt), "information-reply") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface IP Information Reply Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->infoReply = setting; + } + + else if (strcmp(command->part(tempInt), "directed-broadcast") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface IP Directed Broadcast Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + { + if (command->parts == 2) + interfacePointer->ipDirectBroadcast.assign(i18n("On")); + else + { + tempString.assign(i18n("On (")); + tempString.append(command->part(2)); + tempString.append(")"); + interfacePointer->ipDirectBroadcast.assign(tempString); + } + } + } + + // All others... + else + device->lineNotProcessed(line); + } + + // shutdown... + else if (strcmp(command->part(0), "shutdown") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Shutdown Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->enabled = false; + } + + // switchport... + else if ((strcmp(command->part(0), "switchport") == 0) && (strcmp(command->part(1), "mode") == 0) && ((strcmp(command->part(2), "access") == 0) || (strcmp(command->part(2), "dynamic") == 0) || (strcmp(command->part(2), "trunk") == 0))) + { + device->isSwitch = true; + + if (device->config->reportFormat == Config::Debug) + printf("%sSwitchport mode Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(2), "access") == 0) + interfacePointer->switchportMode = portModeAccess; + else if (strcmp(command->part(2), "dynamic") == 0) + interfacePointer->switchportMode = portModeDynamic; + else + interfacePointer->switchportMode = portModeTrunk; + } + else if ((strcmp(command->part(0), "switchport") == 0) && (strcmp(command->part(1), "port-security") == 0) && (command->parts == 2)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSwitchport port-security Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->switchportSecurity = true; + interfaceListPointer->portSecuritySupported = true; + } + else if ((strcmp(command->part(0), "switchport") == 0) && (strcmp(command->part(1), "access") == 0) && (strcmp(command->part(2), "vlan") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSwitchport VLAN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + addVLAN(interfacePointer, command->part(3)); + } + else if ((strcmp(command->part(0), "switchport") == 0) && (strcmp(command->part(1), "port-security") == 0) && (strcmp(command->part(2), "violation") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSwitchport port-security Violation Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(3), "restrict") == 0) + interfacePointer->switchportViolation = onViolationRestrict; + else if (strcmp(command->part(3), "protect") == 0) + interfacePointer->switchportViolation = onViolationProtect; + else + interfacePointer->switchportViolation = onViolationShutdown; + interfaceListPointer->portSecuritySupported = true; + } + else if (strcmp(command->part(tempInt), "switchport") == 0) + { + device->isSwitch = true; + device->lineNotProcessed(line); + } + + // Description + else if (strcmp(command->part(0), "description") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Description Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->description.assign(strstr(line, command->part(1))); + } + + // mop + else if ((strcmp(command->part(tempInt), "mop") == 0) && (strncmp(command->part(tempInt + 1), "enable", 6) != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface MOP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->mop = setting; + } + + // cdp + else if ((strcmp(command->part(tempInt), "cdp") == 0) && (strcmp(command->part(tempInt + 1), "enable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface CDP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + interfacePointer->cdp = setting; + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int IOSInterfaces::processDefaults(Device *device) +{ + interfaceListConfig *interfaceListPointer = 0; + interfaceConfig *interfacePointer = 0; + + interfaceListPointer = interfaceList; + while (interfaceListPointer != 0) + { + interfacePointer = interfaceListPointer->interface; + while (interfacePointer != 0) + { + if (interfacePointer->vlan == 0) + addVLAN(interfacePointer, "1"); + interfacePointer = interfacePointer->next; + } + interfaceListPointer = interfaceListPointer->next; + } + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-IOS/interfaces.h b/libnipper-0.12.6/Cisco-IOS/interfaces.h new file mode 100644 index 0000000..489cb5e --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/interfaces.h @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef IOSInterfaces_H +#define IOSInterfaces_H + + +#include "../device/interfaces/interfaces.h" + + +class IOSInterfaces : public Interfaces +{ + public: + + IOSInterfaces(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); +}; + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS/iosdevice.cpp b/libnipper-0.12.6/Cisco-IOS/iosdevice.cpp new file mode 100644 index 0000000..82045e0 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/iosdevice.cpp @@ -0,0 +1,325 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "iosdevice.h" +#include "../device/common/configline.h" +#include "general.h" +#include "administration.h" +#include "authentication.h" +#include "banner.h" +#include "snmp.h" +#include "filter.h" +#include "dns.h" +#include "interfaces.h" + + +IOSDevice::IOSDevice() +{ + general = new (IOSGeneral); + administration = new (IOSAdministration); + authentication = new (IOSAuthentication); + banner = new (IOSBanner); + snmp = new (IOSSNMP); + filter = new (IOSFilter); + dns = new (IOSDNS); + interfaces = new (IOSInterfaces); + + deviceMake = "Cisco"; + deviceType = "IOS Generic"; + deviceOS = "IOS"; +} + + +IOSDevice::~IOSDevice() +{ + delete general; + delete administration; + delete authentication; + delete banner; + delete snmp; + delete filter; + delete dns; + delete interfaces; +} + + +int IOSDevice::processDevice() +{ + // Variables... + char line[MAX_SIZE]; + ConfigLine command; + unsigned int tempInt = 0; + int tempVersion = 0; + bool setting = false; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, MAX_SIZE); + + // Split it up into parts... + command.setConfigLine(line); + + // Init + if (strcmp(command.part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + if (line[0] == '!') + { } + + // Hostname (in general)... + else if (strcmp(command.part(tempInt), "hostname") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Version (in general)... + else if (strcmp(command.part(tempInt), "version") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Enable... + else if (strcmp(command.part(tempInt), "enable") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Usernames... + else if (strcmp(command.part(tempInt), "username") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Interface... + else if (strcmp(command.part(tempInt), "interface") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // aaa authentication... + else if ((strcmp(command.part(tempInt), "aaa") == 0) && (strcmp(command.part(tempInt + 1), "authentication") == 0) && (strcmp(command.part(tempInt + 2), "banner") != 0)) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // aaa authentication... + else if ((strcmp(command.part(tempInt), "aaa") == 0) && (strcmp(command.part(tempInt + 1), "group") == 0)) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // radius... + else if (strcmp(command.part(tempInt), "radius-server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // tacacs... + else if (strcmp(command.part(tempInt), "tacacs-server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // kerberos... + else if ((strcmp(command.part(tempInt), "kerberos") == 0) && (strcmp(command.part(tempInt + 1), "server") == 0)) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Service lines... + else if (strcmp(command.part(tempInt), "service") == 0) + { + tempInt++; + + // Password Encryption (in general)... + if (strcmp(command.part(tempInt), "password-encryption") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Finger... + else if (strcmp(command.part(tempInt), "finger") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // NOT PROCESSED... + else + lineNotProcessed(line); + } + + // IP lines... + else if (strcmp(command.part(tempInt), "ip") == 0) + { + tempInt++; + + // ACL... + if (strcmp(command.part(tempInt), "access-list") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SSH... + else if (strcmp(command.part(tempInt), "ssh") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // HTTP... + else if (strcmp(command.part(tempInt), "http") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // dns... + else if (strcmp(command.part(tempInt), "dns") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // dns... + else if (strcmp(command.part(tempInt), "domain") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // dns... + else if (strcmp(command.part(tempInt), "domain-list") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // dns... + else if (strcmp(command.part(tempInt), "domain-lookup") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // dns... + else if (strcmp(command.part(tempInt), "domain-name") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // dns... + else if (strcmp(command.part(tempInt), "name-server") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // BootP... + else if (strcmp(command.part(tempInt), "bootp") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Finger... + else if (strcmp(command.part(tempInt), "finger") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // NOT PROCESSED... + else + lineNotProcessed(line); + } + + // SNMP (in snmp)... + else if (strcmp(command.part(tempInt), "snmp-server") == 0) + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Banner... + else if (strcmp(command.part(tempInt), "banner") == 0) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // aaa authentication... + else if ((strcmp(command.part(tempInt), "aaa") == 0) && (strcmp(command.part(tempInt + 1), "authentication") == 0) && (strcmp(command.part(tempInt + 2), "banner") == 0)) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Access List... + else if (strcmp(command.part(tempInt), "access-list") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Line (in Administration)... + else if (strcmp(command.part(tempInt), "line") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // CDP... + else if ((strcmp(command.part(tempInt), "cdp") == 0) && (strcmp(command.part(tempInt), "run") == 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // NOT PROCESSED... + else + lineNotProcessed(line); + } + + if ((general->version.empty()) && (config->deviceTypeChecks == true)) + return libnipper_error_wrongdevice; + + // Sort out any specified version... + if (config->osVersion != 0) + { + if (strlen(config->osVersion) > 0) + { + general->version.assign(config->osVersion); + + // Version Major... + tempVersion = atoi(config->osVersion); + if ((tempVersion != 0) || (config->osVersion[0] == '0')) + { + general->versionMajor = tempVersion; + tempInt = 0; + while ((tempInt < strlen(config->osVersion)) && (config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Minor... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionMinor = tempVersion; + general->noMinor = false; + + while ((tempInt < strlen(config->osVersion)) && (config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Revision... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionRevision = tempVersion; + general->noRevision = false; + + while ((tempInt < strlen(config->osVersion)) &&(config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Tweak... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionTweak = tempVersion; + general->noTweak = false; + } + } + } + } + } + } + } + } + } + + return 0; +} + + +void IOSDevice::setPostDefaults() +{ +} + diff --git a/libnipper-0.12.6/Cisco-IOS/iosdevice.h b/libnipper-0.12.6/Cisco-IOS/iosdevice.h new file mode 100644 index 0000000..e78f029 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/iosdevice.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_IOS_H +#define device_IOS_H + + +#include "../device/device.h" + + +class IOSDevice : public Device +{ + public: + IOSDevice(); + virtual ~IOSDevice(); + + virtual int processDevice(); + virtual void setPostDefaults(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-IOS/snmp-report.cpp b/libnipper-0.12.6/Cisco-IOS/snmp-report.cpp new file mode 100644 index 0000000..5864174 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/snmp-report.cpp @@ -0,0 +1,419 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include "../globaldefs.h" +#include "iosdevice.h" +#include "general.h" +#include "snmp.h" + + +int IOSSNMP::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-SNMP"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-SNMP-TABLE"); + + // System Shutdown... + device->addTableData(paragraphPointer->table, i18n("*ABBREV*SNMP*-ABBREV* System Shutdown")); + if (systemShutdown == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + // SNMP Server Manager... + if (device->general != 0) + { + if ((device->general->versionMajor > 11) || ((device->general->versionMajor == 11) && (device->general->versionMinor > 2)) || (device->general->versionMajor == 0)) + { + device->addTableData(paragraphPointer->table, i18n("Manager")); + if (managerEnabled == true) + { + device->addTableData(paragraphPointer->table, i18n("Enabled")); + device->addTableData(paragraphPointer->table, i18n("Manager Session Timeout")); + tempString.assign(device->intToString(managerTimeout)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + } + } + + // TFTP Server List ACL... + if (!tftpServerList.empty()) + { + device->addTableData(paragraphPointer->table, i18n("*ABBREV*TFTP*-ABBREV* Server List *ABBREV*ACL*-ABBREV*")); + device->addTableData(paragraphPointer->table, tftpServerList.c_str()); + } + + // Trap Source Interface... + if (!trapSource.empty()) + { + device->addTableData(paragraphPointer->table, i18n("Trap Source Interface")); + device->addTableData(paragraphPointer->table, trapSource.c_str()); + } + + // Trap Queue Length... + device->addTableData(paragraphPointer->table, i18n("Maximum Trap Queue Length")); + tempString.assign(device->intToString(trapQueueLength)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + + // Trap Timeout... + device->addTableData(paragraphPointer->table, i18n("Trap Timeout")); + tempString.assign(device->intToString(trapTimeout)); + tempString.append(i18n(" seconds")); + device->addTableData(paragraphPointer->table, tempString.c_str()); + + // Packet Size... + device->addTableData(paragraphPointer->table, i18n("Maximum Packet Size")); + tempString.assign(device->intToString(packetSize)); + tempString.append(i18n(" bytes")); + device->addTableData(paragraphPointer->table, tempString.c_str()); + + return errorCode; +} + + +int IOSSNMP::generateSecuritySpecificReport(Device *device) +{ + // Variables... + snmpCommunity *snmpCommunityPointer = 0; + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + bool dictionaryCommunity = false; + bool weakCommunity = false; + bool writeAccess = false; + bool noCommunityFilter = false; + int errorCode = 0; + + // Searching for issues... + snmpCommunityPointer = community; + while (snmpCommunityPointer != 0) + { + if ((snmpCommunityPointer->enabled == true) && (snmpCommunityPointer->type != communityReadOnly) && (((communityRequiresHosts == true) && (hostCommunityExists(snmpCommunityPointer->community.c_str()) == true)) || (communityRequiresHosts == false))) + { + writeAccess = true; + if (snmpCommunityPointer->communityInDict == true) + dictionaryCommunity = true; + else if (snmpCommunityPointer->communityWeak != Device::passwordPassed) + weakCommunity = true; + if ((communityFilter == true) && (snmpCommunityPointer->filter.empty())) + noCommunityFilter = true; + } + snmpCommunityPointer = snmpCommunityPointer->next; + } + + // System Shutdown via SNMP... + if ((systemShutdown == true) && (writeAccess == true)) + { + + // Write Access... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWRIT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "IOS.SNMPSHUT.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPSHUT.1"); + } + + // Clear-text SNMP... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPCLEA.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + device->addString(paragraphPointer, "IOS.SNMPSHUT.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPSHUT.1"); + } + + // Dictionary-based Community Strings... + if (dictionaryCommunity == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPDICT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "IOS.SNMPSHUT.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPSHUT.1"); + } + } + + // Weak Community Strings... + if (weakCommunity == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWEAK.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "IOS.SNMPSHUT.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPSHUT.1"); + } + } + + // No Filtering... + if (noCommunityFilter == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPFILT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + device->addString(paragraphPointer, "IOS.SNMPSHUT.1"); + paragraphPointer->paragraph.append(i18n(" Additionally, the attacker could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPSHUT.1"); + } + } + + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] SNMP Shutdown Configured\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("*ABBREV*SNMP*-ABBREV* System Shutdown Enabled")); + securityIssuePointer->reference.assign("IOS.SNMPSHUT.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addString(paragraphPointer, snmpFilterText); + paragraphPointer->paragraph.assign(i18n("A *ABBREV*SNMP*-ABBREV* system shutdown facility can be configured for *DEVICETYPE* so that network administrators can remotely reset the devices. *COMPANY* determined that the *ABBREV*SNMP*-ABBREV* system shutdown option was enabled on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 8; // High + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker who had *ABBREV*SNMP*-ABBREV* write access could cause a *ABBREV*DoS*-ABBREV* condition by causing *DEVICENAME* to reload.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("For an attacker to exploit this issue they would require *ABBREV*SNMP*-ABBREV* query tools and a community string with write access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV*. *ABBREV*SNMP*-ABBREV* query tools are available on the Internet and some *ABBREV*OS*-ABBREV* install them by default.")); + if (dictionaryCommunity == true) + { + securityIssuePointer->easeRating = 8; // Easy + device->addString(paragraphPointer, "GEN.SNMPDICT.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a dictionary attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + else if (weakCommunity == true) + { + securityIssuePointer->easeRating = 5; // Moderate + device->addString(paragraphPointer, "GEN.SNMPWEAK.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a brute-force attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + if (noCommunityFilter == true) + { + device->addString(paragraphPointer, "GEN.SNMPFILT.1"); + paragraphPointer->paragraph.append(i18n(" *ABBREV*ACL*-ABBREV* were not fully configured to restrict access to specific *ABBREV*NMS*-ABBREV* or *ABBREV*SNMP*-ABBREV* management hosts (see section *SECTIONNO*).")); + } + else + { + securityIssuePointer->easeRating = 2; // Challenging + paragraphPointer->paragraph.append(i18n(" Although *ABBREV*ACL*-ABBREV* were configured to restrict *ABBREV*SNMP*-ABBREV* access from specific host, although a skilled attacker may be able to bypass any host-based access restrictions.")); + } + + // Issue recommendation... + securityIssuePointer->fixRating = 3; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("Generally the *ABBREV*SNMP*-ABBREV* system shutdown is not saved to the *DEVICETYPE* configuration file. *COMPANY* recommends that the *ABBREV*SNMP*-ABBREV* system shutdown facility should be disabled. This can be done with the following command:*CODE**COMMAND*no snmp-server system-shutdown*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("*ABBREV*SNMP*-ABBREV* system shutdown was enabled")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable *ABBREV*SNMP*-ABBREV* system shutdown")); + + // Dependent issues... + device->addDependency(securityIssuePointer, "GEN.SNMPCLEA.1"); + device->addDependency(securityIssuePointer, "GEN.SNMPWRIT.1"); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPDICT.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPWEAK.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPFILT.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPWEFI.1"); + } + + if ((tftpServerList.empty()) && (writeAccess == true)) + { + // Write Access... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWRIT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "IOS.SNMPTFTP.1"); + paragraphPointer->paragraph.append(i18n("On *DEVICETYPE*, an attacker with write access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* could remotely obtain a copy of the *DEVICENAME* configuration using *ABBREV*TFTP*-ABBREV* (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPTFTP.1"); + } + + // Clear-text SNMP... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPCLEA.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "IOS.SNMPTFTP.1"); + paragraphPointer->paragraph.append(i18n("On *DEVICETYPE*, an attacker with write access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* could remotely obtain a copy of the *DEVICENAME* configuration using *ABBREV*TFTP*-ABBREV* (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPTFTP.1"); + } + + // Dictionary-based Community Strings... + if (dictionaryCommunity == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPDICT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "IOS.SNMPTFTP.1"); + paragraphPointer->paragraph.append(i18n("On *DEVICETYPE*, an attacker with write access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* could remotely obtain a copy of the *DEVICENAME* configuration using *ABBREV*TFTP*-ABBREV* (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPTFTP.1"); + } + } + + // Weak Community Strings... + if (weakCommunity == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWEAK.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "IOS.SNMPTFTP.1"); + paragraphPointer->paragraph.append(i18n("On *DEVICETYPE*, an attacker with write access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* could remotely obtain a copy of the *DEVICENAME* configuration using *ABBREV*TFTP*-ABBREV* (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPTFTP.1"); + } + } + + // No Filtering... + if (noCommunityFilter == true) + { + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "IOS.SNMPTFTP.1"); + paragraphPointer->paragraph.append(i18n("On *DEVICETYPE*, an attacker with write access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* could remotely obtain a copy of the *DEVICENAME* configuration using *ABBREV*TFTP*-ABBREV* (see section *SECTIONNO*).")); + device->addRelatedIssue(securityIssuePointer, "IOS.SNMPTFTP.1"); + } + } + + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] SNMP TFTP Server List ACL\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("No *ABBREV*SNMP*-ABBREV* *ABBREV*TFTP*-ABBREV* Server List *ABBREV*ACL*-ABBREV* Configured")); + securityIssuePointer->reference.assign("IOS.SNMPTFTP.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("Using *ABBREV*SNMP*-ABBREV*, a *DEVICETYPE* can be instructed to save its configuration to a file on a *ABBREV*TFTP*-ABBREV* server. This feature enables network administrators and management software to quickly obtain a copy of the *DEVICETYPE* configuration. An *ABBREV*ACL*-ABBREV* can be configured on *DEVICETYPE* from *ABBREV*IOS*-ABBREV* version 10.2 to help secure access to this functionality.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that no *ABBREV*TFTP*-ABBREV* server *ABBREV*ACL*-ABBREV* had been configured on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 6; // Medium + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker who had *ABBREV*SNMP*-ABBREV* write access could remotely obtain the *DEVICENAME* configuration. The configuration would include any passwords for *DEVICENAME*.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("For an attacker to exploit this issue they would require *ABBREV*SNMP*-ABBREV* query tools, a *ABBREV*TFTP*-ABBREV* server and a community string with write access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV*. *ABBREV*SNMP*-ABBREV* query tools and *ABBREV*TFTP*-ABBREV* server software are available on the Internet and some *ABBREV*OS*-ABBREV* install them by default.")); + if (dictionaryCommunity == true) + { + securityIssuePointer->easeRating = 5; // Moderate + device->addString(paragraphPointer, "GEN.SNMPDICT.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a dictionary attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + else if (weakCommunity == true) + { + securityIssuePointer->easeRating = 3; // Moderate + device->addString(paragraphPointer, "GEN.SNMPWEAK.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a brute-force attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + if (noCommunityFilter == true) + { + device->addString(paragraphPointer, "GEN.SNMPFILT.1"); + paragraphPointer->paragraph.append(i18n(" *ABBREV*ACL*-ABBREV* were not fully configured to restrict access to specific *ABBREV*NMS*-ABBREV* or *ABBREV*SNMP*-ABBREV* management hosts (see section *SECTIONNO*).")); + } + else + { + securityIssuePointer->easeRating = 2; // Challenging + paragraphPointer->paragraph.append(i18n(" Although *ABBREV*ACL*-ABBREV* were configured to restrict *ABBREV*SNMP*-ABBREV* access from specific host, although a skilled attacker may be able to bypass any host-based access restrictions.")); + } + + // Issue recommendation... + securityIssuePointer->fixRating = 2; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that a *ABBREV*SNMP*-ABBREV* *ABBREV*TFTP*-ABBREV* server list *ABBREV*ACL*-ABBREV* should be configured to ensure that configurations are only saved to specific hosts.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("The following example configures *ABBREV*ACL*-ABBREV* number 20 for use as a *ABBREV*SNMP*-ABBREV* *ABBREV*TFTP*-ABBREV* server list and gives access to a single host with logging.*CODE**COMMAND*access-list 20 permit 192.168.0.50 255.255.255.255 log*-COMMAND**COMMAND*access-list 20 deny any log*-COMMAND**-CODE*")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("The *ABBREV*ACL*-ABBREV* can then be assigned as the *ABBREV*SNMP*-ABBREV* *ABBREV*TFTP*-ABBREV* server list with the following command:*CODE**COMMAND*snmp-server tftp-server-list 20*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("a *ABBREV*SNMP*-ABBREV* *ABBREV*TFTP*-ABBREV* server list was not configured")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Configure a *ABBREV*SNMP*-ABBREV* *ABBREV*TFTP*-ABBREV* server list")); + + // Dependent issues... + device->addDependency(securityIssuePointer, "GEN.SNMPCLEA.1"); + device->addDependency(securityIssuePointer, "GEN.SNMPWRIT.1"); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPDICT.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPWEAK.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPFILT.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPWEFI.1"); + } + + return errorCode; +} + + diff --git a/libnipper-0.12.6/Cisco-IOS/snmp.cpp b/libnipper-0.12.6/Cisco-IOS/snmp.cpp new file mode 100644 index 0000000..5858536 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/snmp.cpp @@ -0,0 +1,662 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "iosdevice.h" +#include "general.h" +#include "snmp.h" + +using namespace std; + + +IOSSNMP::IOSSNMP() +{ + + // Init SNMP support options... + deviceSNMPSupportText = i18n("*DEVICETYPE* support *ABBREV*SNMP*-ABBREV* from *ABBREV*IOS*-ABBREV* version 10 and *ABBREV*SNMP*-ABBREV* version 3 from *ABBREV*IOS*-ABBREV* version 12."); // Intro Config section device specific text. + supportSNMP3 = false; // Does this device support SNMPv3? + supportSNMP3Upgrade = false; // Do you have to upgrade to get support for SNMPv3 + supportSNMP3UpgText = i18n("*ABBREV*SNMP*-ABBREV* version 3 is supported from *ABBREV*IOS*-ABBREV* version 12."); // SNMP 3 is supported from OS version ... + disableSNMPCmdText = i18n("*ABBREV*SNMP*-ABBREV* can be disabled with the following command:*CODE**COMMAND*no snmp-server*-COMMAND**-CODE*"); // The text and command(s) to disable SNMP support + configSNMPCommunityText = i18n("A *ABBREV*SNMP*-ABBREV* community string can be configured with the following command:*CODE**COMMAND*snmp-server community *CMDUSER*community-string*-CMDUSER* *CMDOPTION*view *CMDUSER*view-name*-CMDUSER**-CMDOPTION* *CMDOPTION*ro *CMDOR* rw*-CMDOPTION* *CMDOPTION**CMDUSER*acl-number*-CMDUSER**-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure a community string + configSNMP3Text = i18n("To configure *ABBREV*SNMP*-ABBREV* version 3, you configure a group and then add users to the group. The following commands can be used to create a group and add a user to it:*CODE**COMMAND*snmp-server group *CMDUSER*group-name*-CMDUSER* v3 *CMDREQUIRE*noauth *CMDOR* auth *CMDOR* priv*-CMDREQUIRE* *CMDOPTION*read *CMDUSER*read-view*-CMDUSER**-CMDOPTION* *CMDOPTION*write *CMDUSER*write-view*-CMDUSER**-CMDOPTION* *CMDOPTION*notify *CMDUSER*notify-view*-CMDUSER**-CMDOPTION* *CMDOPTION*access *CMDUSER*acl*-CMDUSER**-CMDOPTION**-COMMAND**COMMAND*snmp-server user *CMDUSER*username*-CMDUSER* *CMDUSER*group-name*-CMDUSER* v3 *CMDOPTION*auth *CMDREQUIRE*md5 *CMDOR* sha*-CMDREQUIRE* *CMDUSER*auth-password*-CMDUSER**-CMDOPTION* *CMDOPTION*access *CMDUSER*acl*-CMDUSER**-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP version 3 + configSNMPViewText = i18n("A *ABBREV*SNMP*-ABBREV* view can be configured and then assigned to a community string with the following commands:*CODE**COMMAND*snmp-server view *CMDUSER*view-name*-CMDUSER* *CMDUSER*oid*-CMDUSER* *CMDREQUIRE*included *CMDOR* excluded*-CMDREQUIRE**-COMMAND**COMMAND*snmp-server community *CMDUSER*community-string*-CMDUSER* *CMDOPTION*view *CMDUSER*view-name*-CMDUSER**-CMDOPTION* *CMDOPTION*ro *CMDOR* rw*-CMDOPTION* *CMDOPTION**CMDUSER*acl-number*-CMDUSER**-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP views + configSNMPTrapsText = i18n("A *ABBREV*SNMP*-ABBREV* trap can be configured with the following command:*CODE*snmp-server host *CMDUSER*ip-address*-CMDUSER* traps *CMDOPTION*version *CMDREQUIRE*1 *CMDOR* 2c *CMDOR* 3 *CMDOPTION*noauth *CMDOR* auth *CMDOR* priv*-CMDOPTION**-CMDREQUIRE**-CMDOPTION* *CMDUSER*community-string*-CMDUSER**-CODE*"); // The text and command(s) to configure SNMP traps + configSNMPInformsText = i18n("A *ABBREV*SNMP*-ABBREV* inform can be configured with the following command:*CODE*snmp-server host *CMDUSER*ip-address*-CMDUSER* informs *CMDOPTION*version *CMDREQUIRE*1 *CMDOR* 2c *CMDOR* 3 *CMDOPTION*noauth *CMDOR* auth *CMDOR* priv*-CMDOPTION**-CMDREQUIRE**-CMDOPTION* *CMDUSER*community-string*-CMDUSER**-CODE*"); // The text and command(s) to configure SNMP informs + configSNMPReadOnlyText = i18n("Read only *ABBREV*SNMP*-ABBREV* community strings can be configured with the following command:*CODE**COMMAND*snmp-server community *CMDUSER*community-string*-CMDUSER* *CMDOPTION*view *CMDUSER*view-name*-CMDUSER**-CMDOPTION* ro *CMDOPTION**CMDUSER*acl-number*-CMDUSER**-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP read only access + configSNMPFilterText = i18n("The following commands can be used to configure an *ABBREV*ACL*-ABBREV* and assign it to a community string:*CODE**COMMAND*access-list *CMDUSER*acl-number*-CMDUSER* permit *CMDUSER*ip-address*-CMDUSER* *CMDUSER*network-mask*-CMDUSER* log*-COMMAND**COMMAND*access-list *CMDUSER*acl-number*-CMDUSER* deny any log*-COMMAND**COMMAND*snmp-server community *CMDUSER*community-string*-CMDUSER* *CMDOPTION*view *CMDUSER*view-name*-CMDUSER**-CMDOPTION* *CMDOPTION*ro *CMDOR* rw*-CMDOPTION* *CMDOPTION**CMDUSER*acl-number*-CMDUSER**-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP filtering + + snmpFilterText = i18n("*ABBREV*ACL*-ABBREV*"); // The device specific description of a filter (i.e. Cisco called them ACL) + snmpFilterIPv6Text = i18n("*ABBREV*IPv6*-ABBREV* *ABBREV*ACL*-ABBREV*"); + + // Community Options... + communityView = true; // SNMP view for the community + communityFilter = true; // SNMP Network Filtering + communityIPv6Filter = true; // SNMP IPv6 Network Filtering + communitySpecificFilters = false; // If the device uses an SNMP specific list. If false, it is std device filters + communityRequiresHosts = false; // If the SNMP community will not work without a list of those who can access it + + // View Options... + viewSeperated = true; // Separate the views into different tables + viewExcludes = true; // Show the Include/Exclude View Table column + + // SNMP Trap/Inform Host Options... + trapsOnly = false; // Only Traps are supported + trapsSNMPv3 = true; // SNMP v3 support for traps + trapsShowPort = true; // Show Trap Host Port in Table + trapsInterface = true; // Show Interface in Table + trapsInterfaceText = i18n("*ABBREV*VRF*-ABBREV*"); // The Traps/Informs Host Table Interface Column Title + trapsShowNotifications = true; // Show Notifications in the Table + trapsShowEventLevel = false; // Show Notification Event Level in the Table + + // Traps/Informs Options... + trapsShowExcluded = true; // Show excluded traps + trapsShowOptions = true; // Show trap options + + // SNMP User Options... + showUserRemote = true; // Show the remote host/port setting + showUserPriv = false; // Show the privacy settings + showUserFilter = true; // Show the Filter column in the table + showUserIPv6Filter = true; // Show the IPv6 Filter column in the table + userFilterText = i18n("*ABBREV*ACL*-ABBREV*"); // The Text for the Filter table column title + userIPv6FilterText = i18n("*ABBREV*IPv6*-ABBREV* *ABBREV*ACL*-ABBREV*"); // The Text for the IPv6 Filter table column title + + // SNMP Group Options... + snmpGroupShowType = true; // Enable/Disable SNMPv3 type in table + snmpGroupReadView = true; // Enable/Disable Read Views + snmpGroupWriteView = true; // Enable/Disable Write Views + snmpGroupNotifyView = true; // Enable/Disable Notify Views + snmpGroupFilter = true; // Enable/Disable Filter support + snmpGroupIPv6Filter = true; // Enable/Disable IPv6 Filter support + groupFilterText = i18n("*ABBREV*ACL*-ABBREV*"); // The Text for the Filter table column title + groupIPv6FilterText = i18n("*ABBREV*IPv6*-ABBREV* *ABBREV*ACL*-ABBREV*"); // The Text for the IPv6 Filter table column title + + // Device specific stuff... + managerEnabled = false; + managerTimeout = 600; + packetSize = 1500; + trapQueueLength = 10; + systemShutdown = false; + trapTimeout = 30; +} + + +int IOSSNMP::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + snmpCommunity *communityPointer = 0; + snmpTrapHost *trapHostPointer = 0; + snmpTrap *snmpTrapPointer = 0; + snmpUserStruct *snmpUserPointer = 0; + snmpGroupStruct *snmpGroupPointer = 0; + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 2; + setting = false; + } + else + { + tempInt = 1; + setting = true; + } + + // Server... + if (command->parts == tempInt + 1) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + enabled = setting; + snmp12Enabled = setting; + snmp3Enabled = setting; + } + + // Location... + else if (strcmp(command->part(tempInt), "location") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Location Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + location.assign(line + 9 + string(line).find("location")); + } + + // Contact... + else if (strcmp(command->part(tempInt), "contact") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Contact Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + contact.assign(line + 8 + string(line).find("contact")); + } + + // TFTP Server List... + else if (strcmp(command->part(tempInt), "tftp-server-list") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP TFTP Server List Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tftpServerList.assign(command->part(tempInt + 1)); + } + + // Chassis ID... + else if (strcmp(command->part(tempInt), "chassis-id") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Chassis ID Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + chassis.assign(command->part(tempInt + 1)); + } + + // SNMP Manager Timeout... + else if ((strcmp(command->part(tempInt), "manager") == 0) && (strcmp(command->part(tempInt + 1), "session-timeout") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Manager Session Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + managerTimeout = atoi(command->part(tempInt)); + } + + // SNMP Manager... + else if (strcmp(command->part(tempInt), "manager") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Manager Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + managerEnabled = setting; + } + + // SNMP Packet Size... + else if (strcmp(command->part(tempInt), "packetsize") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Packet Size Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + packetSize = atoi(command->part(tempInt)); + } + + // SNMP Trap Queue Length... + else if (strcmp(command->part(tempInt), "queue-length") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Queue Length Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapQueueLength = atoi(command->part(tempInt)); + } + + // SNMP Trap Tiemout... + else if (strcmp(command->part(tempInt), "trap-timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapTimeout = atoi(command->part(tempInt)); + } + + // SNMP System Shutdown... + else if (strcmp(command->part(tempInt), "system-shutdown") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP System Shutdown Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + systemShutdown = setting; + } + + // snmp community? + else if (strcmp(command->part(tempInt), "community") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + communityPointer = addSNMPCommunity(); + communityPointer->community.assign(command->part(tempInt)); + communityPointer->enabled = setting; + snmp12Enabled = setting; + + // Get options... + tempInt++; + while (tempInt < command->parts) + { + + // RO + if (strcasecmp(command->part(tempInt), "ro") == 0) + communityPointer->type = communityReadOnly; + + // RW + else if (strcasecmp(command->part(tempInt), "rw") == 0) + communityPointer->type = communityReadWrite; + + // View + else if (strcasecmp(command->part(tempInt), "view") == 0) + { + tempInt++; + communityPointer->view.assign(command->part(tempInt)); + } + + // IP v6 Filter + else if (strcasecmp(command->part(tempInt), "ipv6") == 0) + { + tempInt++; + communityPointer->ipv6Filter.assign(command->part(tempInt)); + } + + // Filter + else if (tempInt == command->parts - 1) + communityPointer->filter.assign(command->part(tempInt)); + + tempInt++; + } + } + + // SNMP View... + else if (strcmp(command->part(tempInt), "view") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP View Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt + 2), "excluded") == 0) + addSNMPView(command->part(tempInt), command->part(tempInt + 1), false); + else + addSNMPView(command->part(tempInt), command->part(tempInt + 1), true); + } + + // SNMP Host... + else if (strcmp(command->part(tempInt), "host") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapHostPointer = addSNMPTrapHost(); + trapHostPointer->host.assign(command->part(tempInt)); + trapHostPointer->version = 1; + trapHostPointer->snmpv3 = snmpV3NoAuth; + trapHostPointer->port = 162; + trapHostPointer->trap = true; + tempInt++; + + // VRF... + if (strcmp(command->part(tempInt), "vrf") == 0) + { + tempInt++; + trapHostPointer->interface.assign(command->part(tempInt)); + tempInt++; + } + + // Traps... + if (strcmp(command->part(tempInt), "traps") == 0) + { + trapHostPointer->trap = true; + tempInt++; + } + + // Informs... + if (strcmp(command->part(tempInt), "informs") == 0) + { + trapHostPointer->trap = false; + tempInt++; + } + + // Version... + if (strcmp(command->part(tempInt), "version") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "1") == 0) + { + tempInt++; + trapHostPointer->version = 1; + } + else if (strcmp(command->part(tempInt), "2c") == 0) + { + trapHostPointer->version = 2; + tempInt++; + } + else if (strcmp(command->part(tempInt), "3") == 0) + { + trapHostPointer->version = 3; + tempInt++; + if (strcmp(command->part(tempInt), "auth") == 0) + { + trapHostPointer->snmpv3 = snmpV3Auth; + tempInt++; + } + else if (strcmp(command->part(tempInt), "noauth") == 0) + { + trapHostPointer->snmpv3 = snmpV3NoAuth; + tempInt++; + } + else if (strcmp(command->part(tempInt), "priv") == 0) + { + trapHostPointer->snmpv3 = snmpV3Priv; + tempInt++; + } + } + } + + // Community + trapHostPointer->community.assign(command->part(tempInt)); + tempInt++; + + // UDP Port... + if (strcmp(command->part(tempInt), "udp-port") == 0) + { + trapHostPointer->port = atoi(command->part(tempInt)); + tempInt++; + } + + // Notifications... + while (tempInt < command->parts) + { + + // VRRP... + if (strcmp(command->part(tempInt), "vrrp") == 0) + { } + + // Notification... + if (!trapHostPointer->notification.empty()) + { + trapHostPointer->notification.append(" "); + trapHostPointer->notification.append(command->part(tempInt)); + } + else + trapHostPointer->notification.assign(command->part(tempInt)); + + tempInt++; + } + + // If no notifications were configured... + if (trapHostPointer->notification.empty()) + trapHostPointer->notification.assign(i18n("All")); + } + + // SNMP Traps... + else if ((strcmp(command->part(tempInt), "enable") == 0) && (strcmp(command->part(tempInt + 1), "traps") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->include = setting; + + // All traps... + if ((strcmp(command->part(tempInt), "vrrp") == 0) || (command->parts == tempInt)) + snmpTrapPointer->trap.assign("All"); + + // Traps + options... + else if (command->parts > tempInt + 1) + { + snmpTrapPointer->trap.assign(command->part(tempInt)); + snmpTrapPointer->options.assign(line + 1 + string(line).find(command->part(tempInt)) + strlen(command->part(tempInt))); + } + + // Trap only... + else + snmpTrapPointer->trap.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "trap") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->include = setting; + snmpTrapPointer->trap.assign(command->part(tempInt)); + if (command->parts > tempInt + 1) + snmpTrapPointer->options.assign(line + 1 + string(line).find(command->part(tempInt)) + strlen(command->part(tempInt))); + } + else if (strcmp(command->part(tempInt), "trap-authentication") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->include = setting; + snmpTrapPointer->trap.assign("Authentication"); + } + + // SNMP Trap Source Interface... + else if (strcmp(command->part(tempInt), "trap-source") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Source Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapSource.assign(command->part(tempInt)); + } + + // snmp group? + else if (strcmp(command->part(tempInt), "group") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + snmp3Enabled = setting; + snmpGroupPointer = addSNMPGroup(); + snmpGroupPointer->group.assign(command->part(tempInt)); + tempInt++; + + // SNMP version... + if (strcmp(command->part(tempInt), "v1") == 0) + snmpGroupPointer->version = 1; + else if (strcmp(command->part(tempInt), "v2c") == 0) + snmpGroupPointer->version = 2; + else if (strcmp(command->part(tempInt), "v3") == 0) + { + snmpGroupPointer->version = 3; + tempInt++; + if (strcmp(command->part(tempInt), "noauth") == 0) + snmpGroupPointer->snmpv3 = snmpV3NoAuth; + else if (strcmp(command->part(tempInt), "auth") == 0) + snmpGroupPointer->snmpv3 = snmpV3Auth; + else if (strcmp(command->part(tempInt), "priv") == 0) + snmpGroupPointer->snmpv3 = snmpV3Priv; + } + tempInt++; + + // Options... + while (tempInt < command->parts) + { + + // Read view... + if (strcmp(command->part(tempInt), "read") == 0) + { + tempInt++; + snmpGroupPointer->readView.assign(command->part(tempInt)); + } + + // Write View... + else if (strcmp(command->part(tempInt), "write") == 0) + { + tempInt++; + snmpGroupPointer->writeView.assign(command->part(tempInt)); + } + + // Notify View... + else if (strcmp(command->part(tempInt), "notify") == 0) + { + tempInt++; + snmpGroupPointer->notifyView.assign(command->part(tempInt)); + } + + // Filtering... + else if (strcmp(command->part(tempInt), "access") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "ipv6") == 0) + { + tempInt++; + snmpGroupPointer->ipv6Filter.assign(command->part(tempInt)); + tempInt++; + } + snmpGroupPointer->filter.assign(command->part(tempInt)); + } + + tempInt++; + } + } + + // snmp user? + else if (strcmp(command->part(tempInt), "user") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP User Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + snmp3Enabled = setting; + tempInt++; + snmpUserPointer = addSNMPUser(); + snmpUserPointer->user.assign(command->part(tempInt)); + tempInt++; + + // Group... + snmpUserPointer->group.assign(command->part(tempInt)); + tempInt++; + + // Remote... + if (strcmp(command->part(tempInt), "remote") == 0) + { + tempInt++; + snmpUserPointer->host.assign(command->part(tempInt)); + tempInt++; + if (strcmp(command->part(tempInt), "udp-port") == 0) + { + tempInt++; + snmpUserPointer->port = atoi(command->part(tempInt)); + tempInt++; + } + } + + // SNMP version... + if (strcmp(command->part(tempInt), "v1") == 0) + { + snmpUserPointer->version = 1; + tempInt++; + } + else if (strcmp(command->part(tempInt), "v2c") == 0) + { + snmpUserPointer->version = 2; + tempInt++; + } + else if (strcmp(command->part(tempInt), "v3") == 0) + { + snmpUserPointer->version = 3; + snmpUserPointer->snmpv3 = snmpV3NoAuth; + tempInt++; + + // Encrypted... + if (strcmp(command->part(tempInt), "encrypted") == 0) + tempInt++; + + // Auth... + if (strcmp(command->part(tempInt), "auth") == 0) + { + snmpUserPointer->snmpv3 = snmpV3Auth; + tempInt++; + if (strcmp(command->part(tempInt), "sha") == 0) + snmpUserPointer->auth = snmpV3AuthSHA; + else + snmpUserPointer->auth = snmpV3AuthMD5; + tempInt++; + snmpUserPointer->authPassword.assign(command->part(tempInt)); + tempInt++; + } + } + + // Access... + if (strcmp(command->part(tempInt), "access") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "ipv6") == 0) + { + tempInt++; + snmpUserPointer->ipv6Filter.assign(command->part(tempInt)); + tempInt++; + } + snmpUserPointer->filter.assign(command->part(tempInt)); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int IOSSNMP::processDefaults(Device *device) +{ + // Variables... + snmpTrapHost *trapHostPointer = 0; + snmpCommunity *communityPointer = 0; + + // Enable SNMP Service... + if ((enabled == false) && (snmp12Enabled == true)) + { + communityPointer = community; + while ((communityPointer != 0) && (enabled == false)) + { + enabled = communityPointer->enabled; + communityPointer = communityPointer->next; + } + } + if ((enabled == false) && (snmp3Enabled == true)) + enabled = true; + + // SNMP v3 supported? + if (device->general->versionMajor > 11) + supportSNMP3 = true; + else + supportSNMP3Upgrade = true; + + // Check IOS version for Trap Hosts... + // Plus add default communities if they don't already exist (default on IOS 12.0(3)+)... + if (device->general->versionMajor < 12) + trapsSNMPv3 = false; + else if ((device->general->versionMajor == 12) && (device->general->versionMinor == 0) && (device->general->versionRevision < 3)) + trapsSNMPv3 = false; + else + { + + trapHostPointer = trapHost; + while (trapHostPointer != 0) + { + communityPointer = getSNMPCommunity(trapHostPointer->community.c_str()); + if (communityPointer == 0) + { + communityPointer = addSNMPCommunity(); + communityPointer->community.assign(trapHostPointer->community); + communityPointer->type = communityReadOnly; + } + trapHostPointer = trapHostPointer->next; + } + } + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-IOS/snmp.h b/libnipper-0.12.6/Cisco-IOS/snmp.h new file mode 100644 index 0000000..ec075c4 --- /dev/null +++ b/libnipper-0.12.6/Cisco-IOS/snmp.h @@ -0,0 +1,61 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef iosdevicesnmp_H +#define iosdevicesnmp_H + +#include "../device/snmp/snmp.h" + + +class IOSSNMP : public SNMP +{ + public: + IOSSNMP(); + + // Device specific properties... + string tftpServerList; + bool managerEnabled; + unsigned int managerTimeout; + unsigned int packetSize; + unsigned int trapQueueLength; + bool systemShutdown; + string trapSource; + unsigned int trapTimeout; + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security-ASA/.svn/all-wcprops b/libnipper-0.12.6/Cisco-Security-ASA/.svn/all-wcprops new file mode 100644 index 0000000..ffab329 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-ASA/.svn/all-wcprops @@ -0,0 +1,41 @@ +K 25 +svn:wc:ra_dav:version-url +V 57 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-ASA +END +administration.h +K 25 +svn:wc:ra_dav:version-url +V 74 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-ASA/administration.h +END +general.cpp +K 25 +svn:wc:ra_dav:version-url +V 69 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-ASA/general.cpp +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 68 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-ASA/device.cpp +END +general.h +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-ASA/general.h +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 66 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-ASA/device.h +END +administration.cpp +K 25 +svn:wc:ra_dav:version-url +V 76 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-ASA/administration.cpp +END diff --git a/libnipper-0.12.6/Cisco-Security-ASA/.svn/entries b/libnipper-0.12.6/Cisco-Security-ASA/.svn/entries new file mode 100644 index 0000000..a812b44 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-ASA/.svn/entries @@ -0,0 +1,232 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/Cisco-Security-ASA +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +general.h +file + + + + +2016-02-13T06:47:11.076158Z +7173ed8e4f8d5d54ac8f2fd6bcdee905 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2581 + +device.h +file + + + + +2016-02-13T06:47:11.076158Z +47799f44c59721bb8cef335edd7b99ba +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2613 + +administration.cpp +file + + + + +2016-02-13T06:47:11.076158Z +ea3c1c417e2c1f453323725720b1a530 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3606 + +administration.h +file + + + + +2016-02-13T06:47:11.076158Z +a027ff290ffe0bed48ffac94e860d780 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2464 + +general.cpp +file + + + + +2016-02-13T06:47:11.080158Z +6995152c50d7feb34ab1fa246bfdd2ff +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2791 + +device.cpp +file + + + + +2016-02-13T06:47:11.076158Z +d089c9aaa13b38ccf390073ed4d03cce +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3852 + diff --git a/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/administration.cpp.svn-base b/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/administration.cpp.svn-base new file mode 100644 index 0000000..b6dc97f --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/administration.cpp.svn-base @@ -0,0 +1,68 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "device.h" +#include "administration.h" +#include "../Cisco-Security/general.h" + + +CiscoASAAdministration::CiscoASAAdministration() +{ + + // ----------------------------------------------------------------------- + // ASA Specific Settings... + // ----------------------------------------------------------------------- + + // SSH options... + sshSupported = true; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = false; // Is the SSH service enabled? + sshVersion = 0; // What is the SSH Protocol version (0 = 1 and 2) + + // SSH 2 support... + ssh2Supported = true; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + scpSupported = true; // Is SCP supported? + + // Config report SSH support text + sshConfigProtocolSupport = i18n("*DEVICETYPE* devices support both *ABBREV*SSH*-ABBREV* protocol versions 1 and 2."); + + // HTTP(S) options... + httpSupported = true; // Does this device support HTTP + httpsSupported = true; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpsEnabled = false; // Is the HTTPS service enabled? + httpsRedirect = true; // Is HTTP to HTTPS redirect enabled? +} + + diff --git a/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/administration.h.svn-base b/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/administration.h.svn-base new file mode 100644 index 0000000..fe504d8 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/administration.h.svn-base @@ -0,0 +1,46 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoASAadministration_H +#define CiscoASAadministration_H + + +#include "../Cisco-Security/administration.h" + + +class CiscoASAAdministration : public CiscoSecAdministration +{ + public: + + CiscoASAAdministration(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..e9bb3c1 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,110 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "administration.h" +#include "../Cisco-Security/general.h" +#include "../device/common/configline.h" + + +CiscoASADevice::CiscoASADevice() +{ + deviceMake = "Cisco"; + deviceType = "ASA"; + deviceOS = "ASA"; + + administration = new (CiscoASAAdministration); +} + + +CiscoASADevice::~CiscoASADevice() +{ + delete administration; +} + + +int CiscoASADevice::processDeviceSpecific(ConfigLine *command, char *line, int lineSize) +{ + + // Version (in general)... + if ((strcmp(command->part(0), "ASA") == 0) && (strcmp(command->part(1), "Version") == 0)) + { + if (config->reportFormat == Config::Debug) + printf("%sVersion Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + if (general->version.empty()) + general->version = command->part(2); + } + + else + lineNotProcessed(line); + + return 0; +} + + +bool CiscoASADevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + int lineCount = 0; + int returnCode = 0; + bool found = false; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (lineCount < 12)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if ((strcmp(command.part(0), "ASA") == 0) && (strcmp(command.part(1), "Version") == 0)) + found = true; + + lineCount++; + } + fclose(inputFile); + + return found; +} + diff --git a/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..e16c714 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/device.h.svn-base @@ -0,0 +1,51 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoASA_H +#define device_CiscoASA_H + + +#include "../Cisco-Security/device.h" + + +class CiscoASADevice : public CiscoSecDevice +{ + public: + CiscoASADevice(); + ~CiscoASADevice(); + + bool isDeviceType(); + + int processDeviceSpecific(ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/general.cpp.svn-base b/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/general.cpp.svn-base new file mode 100644 index 0000000..535acf0 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/general.cpp.svn-base @@ -0,0 +1,55 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#include "../globaldefs.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +CiscoASAGeneral::CiscoASAGeneral() +{ +} + + +int CiscoASAGeneral::processSpecificDefaults() +{ + // Split Version Numbers... +/* if (!version.empty()) + { + versionMajor = atoi(version.c_str()); + if ((version.find_first_of('.') != string::npos) && (version.length() > version.find_first_of('.') + 1)) + versionMinor = atoi(version.c_str() + version.find_first_of('.') + 1); + }*/ + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/general.h.svn-base b/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/general.h.svn-base new file mode 100644 index 0000000..f6ac04c --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-ASA/.svn/text-base/general.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ciscoasadevicegeneral_H +#define ciscoasadevicegeneral_H + +#include "../Cisco-Security/general.h" + + +class CiscoASAGeneral : public CiscoSecGeneral +{ + public: + CiscoASAGeneral(); + + // Processing... + virtual int processSpecificDefaults(); + + private: +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security-ASA/administration.cpp b/libnipper-0.12.6/Cisco-Security-ASA/administration.cpp new file mode 100644 index 0000000..b6dc97f --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-ASA/administration.cpp @@ -0,0 +1,68 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "device.h" +#include "administration.h" +#include "../Cisco-Security/general.h" + + +CiscoASAAdministration::CiscoASAAdministration() +{ + + // ----------------------------------------------------------------------- + // ASA Specific Settings... + // ----------------------------------------------------------------------- + + // SSH options... + sshSupported = true; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = false; // Is the SSH service enabled? + sshVersion = 0; // What is the SSH Protocol version (0 = 1 and 2) + + // SSH 2 support... + ssh2Supported = true; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + scpSupported = true; // Is SCP supported? + + // Config report SSH support text + sshConfigProtocolSupport = i18n("*DEVICETYPE* devices support both *ABBREV*SSH*-ABBREV* protocol versions 1 and 2."); + + // HTTP(S) options... + httpSupported = true; // Does this device support HTTP + httpsSupported = true; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpsEnabled = false; // Is the HTTPS service enabled? + httpsRedirect = true; // Is HTTP to HTTPS redirect enabled? +} + + diff --git a/libnipper-0.12.6/Cisco-Security-ASA/administration.h b/libnipper-0.12.6/Cisco-Security-ASA/administration.h new file mode 100644 index 0000000..fe504d8 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-ASA/administration.h @@ -0,0 +1,46 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoASAadministration_H +#define CiscoASAadministration_H + + +#include "../Cisco-Security/administration.h" + + +class CiscoASAAdministration : public CiscoSecAdministration +{ + public: + + CiscoASAAdministration(); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security-ASA/device.cpp b/libnipper-0.12.6/Cisco-Security-ASA/device.cpp new file mode 100644 index 0000000..e9bb3c1 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-ASA/device.cpp @@ -0,0 +1,110 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "administration.h" +#include "../Cisco-Security/general.h" +#include "../device/common/configline.h" + + +CiscoASADevice::CiscoASADevice() +{ + deviceMake = "Cisco"; + deviceType = "ASA"; + deviceOS = "ASA"; + + administration = new (CiscoASAAdministration); +} + + +CiscoASADevice::~CiscoASADevice() +{ + delete administration; +} + + +int CiscoASADevice::processDeviceSpecific(ConfigLine *command, char *line, int lineSize) +{ + + // Version (in general)... + if ((strcmp(command->part(0), "ASA") == 0) && (strcmp(command->part(1), "Version") == 0)) + { + if (config->reportFormat == Config::Debug) + printf("%sVersion Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + if (general->version.empty()) + general->version = command->part(2); + } + + else + lineNotProcessed(line); + + return 0; +} + + +bool CiscoASADevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + int lineCount = 0; + int returnCode = 0; + bool found = false; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (lineCount < 12)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if ((strcmp(command.part(0), "ASA") == 0) && (strcmp(command.part(1), "Version") == 0)) + found = true; + + lineCount++; + } + fclose(inputFile); + + return found; +} + diff --git a/libnipper-0.12.6/Cisco-Security-ASA/device.h b/libnipper-0.12.6/Cisco-Security-ASA/device.h new file mode 100644 index 0000000..e16c714 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-ASA/device.h @@ -0,0 +1,51 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoASA_H +#define device_CiscoASA_H + + +#include "../Cisco-Security/device.h" + + +class CiscoASADevice : public CiscoSecDevice +{ + public: + CiscoASADevice(); + ~CiscoASADevice(); + + bool isDeviceType(); + + int processDeviceSpecific(ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security-ASA/general.cpp b/libnipper-0.12.6/Cisco-Security-ASA/general.cpp new file mode 100644 index 0000000..535acf0 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-ASA/general.cpp @@ -0,0 +1,55 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#include "../globaldefs.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +CiscoASAGeneral::CiscoASAGeneral() +{ +} + + +int CiscoASAGeneral::processSpecificDefaults() +{ + // Split Version Numbers... +/* if (!version.empty()) + { + versionMajor = atoi(version.c_str()); + if ((version.find_first_of('.') != string::npos) && (version.length() > version.find_first_of('.') + 1)) + versionMinor = atoi(version.c_str() + version.find_first_of('.') + 1); + }*/ + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Security-ASA/general.h b/libnipper-0.12.6/Cisco-Security-ASA/general.h new file mode 100644 index 0000000..f6ac04c --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-ASA/general.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ciscoasadevicegeneral_H +#define ciscoasadevicegeneral_H + +#include "../Cisco-Security/general.h" + + +class CiscoASAGeneral : public CiscoSecGeneral +{ + public: + CiscoASAGeneral(); + + // Processing... + virtual int processSpecificDefaults(); + + private: +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security-FWSM/.svn/all-wcprops b/libnipper-0.12.6/Cisco-Security-FWSM/.svn/all-wcprops new file mode 100644 index 0000000..c0abc15 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-FWSM/.svn/all-wcprops @@ -0,0 +1,29 @@ +K 25 +svn:wc:ra_dav:version-url +V 58 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-FWSM +END +administration.h +K 25 +svn:wc:ra_dav:version-url +V 75 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-FWSM/administration.h +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 69 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-FWSM/device.cpp +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-FWSM/device.h +END +administration.cpp +K 25 +svn:wc:ra_dav:version-url +V 77 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp +END diff --git a/libnipper-0.12.6/Cisco-Security-FWSM/.svn/entries b/libnipper-0.12.6/Cisco-Security-FWSM/.svn/entries new file mode 100644 index 0000000..ee3fe39 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-FWSM/.svn/entries @@ -0,0 +1,164 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/Cisco-Security-FWSM +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device.h +file + + + + +2016-02-13T06:47:11.228157Z +f0eed4d14debd093c7828717b4916457 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2617 + +administration.cpp +file + + + + +2016-02-13T06:47:11.228157Z +71d48a746ad8a4a36d1a1c10f66b878d +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4181 + +administration.h +file + + + + +2016-02-13T06:47:11.228157Z +84d5a8a83a868ba3868cd44040def801 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2530 + +device.cpp +file + + + + +2016-02-13T06:47:11.228157Z +e20b2cd8d9ed3e974c28e93810a01841 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3881 + diff --git a/libnipper-0.12.6/Cisco-Security-FWSM/.svn/text-base/administration.cpp.svn-base b/libnipper-0.12.6/Cisco-Security-FWSM/.svn/text-base/administration.cpp.svn-base new file mode 100644 index 0000000..f1ea806 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-FWSM/.svn/text-base/administration.cpp.svn-base @@ -0,0 +1,94 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "device.h" +#include "administration.h" +#include "../Cisco-Security/general.h" + + +CiscoFWSMAdministration::CiscoFWSMAdministration() +{ + + // ----------------------------------------------------------------------- + // FWSM Specific Settings... + // ----------------------------------------------------------------------- + + // SSH options... + sshSupported = true; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = false; // Is the SSH service enabled? + sshVersion = 0; // What is the SSH Protocol version (0 = 1 and 2) + + // SSH 2 support... + ssh2Supported = false; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + + // Config report SSH support text + sshConfigProtocolSupport = i18n("*DEVICETYPE* devices support *ABBREV*SSH*-ABBREV* protocol version 1. Support for *ABBREV*SSH*-ABBREV* protocol version 2 was added around *DEVICEOS* version 3."); + + // HTTP(S) options... + httpSupported = false; // Does this device support HTTP + httpsSupported = false; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpsEnabled = false; // Is the HTTPS service enabled? + httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? +} + + +int CiscoFWSMAdministration::processDeviceSpecificDefaults(Device *device) +{ + // Defaults Settings... + if (device->general != 0) + { + if (device->general->versionMajor != 0) + { + // SSH defaults... + if (device->general->versionMajor > 2) + { + ssh2Supported = true; + scpSupported = true; // Is SCP supported? + } + else if (ssh2Supported == false) + ssh2upgrade = true; + + // HTTP defaults... + if (device->general->versionMajor > 2) + httpsSupported = true; + else + httpsUpgrade = true; + } + } + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Security-FWSM/.svn/text-base/administration.h.svn-base b/libnipper-0.12.6/Cisco-Security-FWSM/.svn/text-base/administration.h.svn-base new file mode 100644 index 0000000..8e65b88 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-FWSM/.svn/text-base/administration.h.svn-base @@ -0,0 +1,48 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoFWSMadministration_H +#define CiscoFWSMadministration_H + + +#include "../Cisco-Security/administration.h" + + +class CiscoFWSMAdministration : public CiscoSecAdministration +{ + public: + + CiscoFWSMAdministration(); + + virtual int processDeviceSpecificDefaults(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security-FWSM/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/Cisco-Security-FWSM/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..ec3a50f --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-FWSM/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,109 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "../Cisco-Security/general.h" +#include "administration.h" + + +CiscoFWSMDevice::CiscoFWSMDevice() +{ + deviceMake = "Cisco"; + deviceType = "FWSM Security Appliance"; + deviceOS = "FWSM"; + + administration = new (CiscoFWSMAdministration); +} + + +CiscoFWSMDevice::~CiscoFWSMDevice() +{ + delete administration; +} + + +int CiscoFWSMDevice::processDeviceSpecific(ConfigLine *command, char *line, int lineSize) +{ + + // Version (in general)... + if ((strcmp(command->part(0), "FWSM") == 0) && (strcmp(command->part(1), "Version") == 0)) + { + if (config->reportFormat == Config::Debug) + printf("%sVersion Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + if (general->version.empty()) + general->version = command->part(2); + } + + else + lineNotProcessed(line); + + return 0; +} + + +bool CiscoFWSMDevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + int lineCount = 0; + int returnCode = 0; + bool found = false; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (lineCount < 12)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if ((strcmp(command.part(0), "FWSM") == 0) && (strcmp(command.part(1), "Version") == 0)) + found = true; + + lineCount++; + } + fclose(inputFile); + + return found; +} diff --git a/libnipper-0.12.6/Cisco-Security-FWSM/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/Cisco-Security-FWSM/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..1822bd9 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-FWSM/.svn/text-base/device.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoFWSM_H +#define device_CiscoFWSM_H + + +#include "../Cisco-Security/device.h" + + +class CiscoFWSMDevice : public CiscoSecDevice +{ + public: + CiscoFWSMDevice(); + ~CiscoFWSMDevice(); + + bool isDeviceType(); + int processDeviceSpecific(ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp b/libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp new file mode 100644 index 0000000..f1ea806 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-FWSM/administration.cpp @@ -0,0 +1,94 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "device.h" +#include "administration.h" +#include "../Cisco-Security/general.h" + + +CiscoFWSMAdministration::CiscoFWSMAdministration() +{ + + // ----------------------------------------------------------------------- + // FWSM Specific Settings... + // ----------------------------------------------------------------------- + + // SSH options... + sshSupported = true; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = false; // Is the SSH service enabled? + sshVersion = 0; // What is the SSH Protocol version (0 = 1 and 2) + + // SSH 2 support... + ssh2Supported = false; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + + // Config report SSH support text + sshConfigProtocolSupport = i18n("*DEVICETYPE* devices support *ABBREV*SSH*-ABBREV* protocol version 1. Support for *ABBREV*SSH*-ABBREV* protocol version 2 was added around *DEVICEOS* version 3."); + + // HTTP(S) options... + httpSupported = false; // Does this device support HTTP + httpsSupported = false; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpsEnabled = false; // Is the HTTPS service enabled? + httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? +} + + +int CiscoFWSMAdministration::processDeviceSpecificDefaults(Device *device) +{ + // Defaults Settings... + if (device->general != 0) + { + if (device->general->versionMajor != 0) + { + // SSH defaults... + if (device->general->versionMajor > 2) + { + ssh2Supported = true; + scpSupported = true; // Is SCP supported? + } + else if (ssh2Supported == false) + ssh2upgrade = true; + + // HTTP defaults... + if (device->general->versionMajor > 2) + httpsSupported = true; + else + httpsUpgrade = true; + } + } + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Security-FWSM/administration.h b/libnipper-0.12.6/Cisco-Security-FWSM/administration.h new file mode 100644 index 0000000..8e65b88 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-FWSM/administration.h @@ -0,0 +1,48 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoFWSMadministration_H +#define CiscoFWSMadministration_H + + +#include "../Cisco-Security/administration.h" + + +class CiscoFWSMAdministration : public CiscoSecAdministration +{ + public: + + CiscoFWSMAdministration(); + + virtual int processDeviceSpecificDefaults(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security-FWSM/device.cpp b/libnipper-0.12.6/Cisco-Security-FWSM/device.cpp new file mode 100644 index 0000000..ec3a50f --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-FWSM/device.cpp @@ -0,0 +1,109 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "../Cisco-Security/general.h" +#include "administration.h" + + +CiscoFWSMDevice::CiscoFWSMDevice() +{ + deviceMake = "Cisco"; + deviceType = "FWSM Security Appliance"; + deviceOS = "FWSM"; + + administration = new (CiscoFWSMAdministration); +} + + +CiscoFWSMDevice::~CiscoFWSMDevice() +{ + delete administration; +} + + +int CiscoFWSMDevice::processDeviceSpecific(ConfigLine *command, char *line, int lineSize) +{ + + // Version (in general)... + if ((strcmp(command->part(0), "FWSM") == 0) && (strcmp(command->part(1), "Version") == 0)) + { + if (config->reportFormat == Config::Debug) + printf("%sVersion Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + if (general->version.empty()) + general->version = command->part(2); + } + + else + lineNotProcessed(line); + + return 0; +} + + +bool CiscoFWSMDevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + int lineCount = 0; + int returnCode = 0; + bool found = false; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (lineCount < 12)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if ((strcmp(command.part(0), "FWSM") == 0) && (strcmp(command.part(1), "Version") == 0)) + found = true; + + lineCount++; + } + fclose(inputFile); + + return found; +} diff --git a/libnipper-0.12.6/Cisco-Security-FWSM/device.h b/libnipper-0.12.6/Cisco-Security-FWSM/device.h new file mode 100644 index 0000000..1822bd9 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-FWSM/device.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoFWSM_H +#define device_CiscoFWSM_H + + +#include "../Cisco-Security/device.h" + + +class CiscoFWSMDevice : public CiscoSecDevice +{ + public: + CiscoFWSMDevice(); + ~CiscoFWSMDevice(); + + bool isDeviceType(); + int processDeviceSpecific(ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security-PIX/.svn/all-wcprops b/libnipper-0.12.6/Cisco-Security-PIX/.svn/all-wcprops new file mode 100644 index 0000000..b08314f --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-PIX/.svn/all-wcprops @@ -0,0 +1,29 @@ +K 25 +svn:wc:ra_dav:version-url +V 57 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-PIX +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 68 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-PIX/device.cpp +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 66 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-PIX/device.h +END +administration.cpp +K 25 +svn:wc:ra_dav:version-url +V 76 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-PIX/administration.cpp +END +administration.h +K 25 +svn:wc:ra_dav:version-url +V 74 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security-PIX/administration.h +END diff --git a/libnipper-0.12.6/Cisco-Security-PIX/.svn/entries b/libnipper-0.12.6/Cisco-Security-PIX/.svn/entries new file mode 100644 index 0000000..f3fec4d --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-PIX/.svn/entries @@ -0,0 +1,164 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/Cisco-Security-PIX +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device.h +file + + + + +2016-02-13T06:47:11.332157Z +3309ffbba7a2ac90a9537fd2525369d1 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2612 + +administration.cpp +file + + + + +2016-02-13T06:47:11.332157Z +5ff2f59310826189136a90ff6619bd87 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4455 + +administration.h +file + + + + +2016-02-13T06:47:11.332157Z +c7bfaaabcf9fa9636d514f5027733214 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2526 + +device.cpp +file + + + + +2016-02-13T06:47:11.332157Z +3e1bcca0fbf778f981e1c3df951cda31 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3870 + diff --git a/libnipper-0.12.6/Cisco-Security-PIX/.svn/text-base/administration.cpp.svn-base b/libnipper-0.12.6/Cisco-Security-PIX/.svn/text-base/administration.cpp.svn-base new file mode 100644 index 0000000..894e96c --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-PIX/.svn/text-base/administration.cpp.svn-base @@ -0,0 +1,104 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "device.h" +#include "administration.h" +#include "../Cisco-Security/general.h" + + +CiscoPIXAdministration::CiscoPIXAdministration() +{ + + // ----------------------------------------------------------------------- + // PIX Specific Settings... + // ----------------------------------------------------------------------- + + // SSH options... + sshSupported = false; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = false; // Is the SSH service enabled? + sshVersion = 0; // What is the SSH Protocol version (0 = 1 and 2) + + // SSH 2 support... + ssh2Supported = false; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + + // Config report SSH support text + sshConfigProtocolSupport = i18n("*DEVICETYPE* devices support *ABBREV*SSH*-ABBREV* protocol version 1 from around *DEVICEOS* version 6. Support for *ABBREV*SSH*-ABBREV* protocol version 2 was added with *DEVICEOS* version 7.0"); // Config report text on protocol support (e.g. supports both version 1 and 2 of the protocol) + + // HTTP(S) options... + httpSupported = false; // Does this device support HTTP + httpsSupported = false; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpsEnabled = false; // Is the HTTPS service enabled? + httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? +} + + +int CiscoPIXAdministration::processDeviceSpecificDefaults(Device *device) +{ + // Defaults Settings... + if (device->general != 0) + { + if (device->general->versionMajor != 0) + { + // SSH defaults... + if (device->general->versionMajor > 5) + sshSupported = true; + else + sshUpgrade = true; + if (device->general->versionMajor > 6) + { + ssh2Supported = true; + scpSupported = true; + } + else + ssh2upgrade = true; + + // HTTP defaults... + if (device->general->versionMajor > 5) + httpsSupported = true; + else + httpsUpgrade = true; + if (device->general->versionMajor > 6) + { + httpSupported = true; + httpsRedirect = true; + } + } + } + + return 0; +} + + diff --git a/libnipper-0.12.6/Cisco-Security-PIX/.svn/text-base/administration.h.svn-base b/libnipper-0.12.6/Cisco-Security-PIX/.svn/text-base/administration.h.svn-base new file mode 100644 index 0000000..427a478 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-PIX/.svn/text-base/administration.h.svn-base @@ -0,0 +1,48 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoPIXadministration_H +#define CiscoPIXadministration_H + + +#include "../Cisco-Security/administration.h" + + +class CiscoPIXAdministration : public CiscoSecAdministration +{ + public: + + CiscoPIXAdministration(); + + virtual int processDeviceSpecificDefaults(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security-PIX/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/Cisco-Security-PIX/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..37fbd74 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-PIX/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,109 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "../Cisco-Security/general.h" +#include "administration.h" + + +CiscoPIXDevice::CiscoPIXDevice() +{ + deviceMake = "Cisco"; + deviceType = "PIX Security Appliance"; + deviceOS = "PIX"; + + administration = new (CiscoPIXAdministration); +} + + +CiscoPIXDevice::~CiscoPIXDevice() +{ + delete administration; +} + + +int CiscoPIXDevice::processDeviceSpecific(ConfigLine *command, char *line, int lineSize) +{ + + // Version (in general)... + if ((strcmp(command->part(0), "PIX") == 0) && (strcmp(command->part(1), "Version") == 0)) + { + if (config->reportFormat == Config::Debug) + printf("%sVersion Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + if (general->version.empty()) + general->version = command->part(2); + } + + else + lineNotProcessed(line); + + return 0; +} + + +bool CiscoPIXDevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + int lineCount = 0; + int returnCode = 0; + bool found = false; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (lineCount < 12)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if ((strcmp(command.part(0), "PIX") == 0) && (strcmp(command.part(1), "Version") == 0)) + found = true; + + lineCount++; + } + fclose(inputFile); + + return found; +} diff --git a/libnipper-0.12.6/Cisco-Security-PIX/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/Cisco-Security-PIX/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..1a216c0 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-PIX/.svn/text-base/device.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoPIX_H +#define device_CiscoPIX_H + + +#include "../Cisco-Security/device.h" + + +class CiscoPIXDevice : public CiscoSecDevice +{ + public: + CiscoPIXDevice(); + ~CiscoPIXDevice(); + + bool isDeviceType(); + int processDeviceSpecific(ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security-PIX/administration.cpp b/libnipper-0.12.6/Cisco-Security-PIX/administration.cpp new file mode 100644 index 0000000..894e96c --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-PIX/administration.cpp @@ -0,0 +1,104 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "device.h" +#include "administration.h" +#include "../Cisco-Security/general.h" + + +CiscoPIXAdministration::CiscoPIXAdministration() +{ + + // ----------------------------------------------------------------------- + // PIX Specific Settings... + // ----------------------------------------------------------------------- + + // SSH options... + sshSupported = false; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = false; // Is the SSH service enabled? + sshVersion = 0; // What is the SSH Protocol version (0 = 1 and 2) + + // SSH 2 support... + ssh2Supported = false; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + + // Config report SSH support text + sshConfigProtocolSupport = i18n("*DEVICETYPE* devices support *ABBREV*SSH*-ABBREV* protocol version 1 from around *DEVICEOS* version 6. Support for *ABBREV*SSH*-ABBREV* protocol version 2 was added with *DEVICEOS* version 7.0"); // Config report text on protocol support (e.g. supports both version 1 and 2 of the protocol) + + // HTTP(S) options... + httpSupported = false; // Does this device support HTTP + httpsSupported = false; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpsEnabled = false; // Is the HTTPS service enabled? + httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? +} + + +int CiscoPIXAdministration::processDeviceSpecificDefaults(Device *device) +{ + // Defaults Settings... + if (device->general != 0) + { + if (device->general->versionMajor != 0) + { + // SSH defaults... + if (device->general->versionMajor > 5) + sshSupported = true; + else + sshUpgrade = true; + if (device->general->versionMajor > 6) + { + ssh2Supported = true; + scpSupported = true; + } + else + ssh2upgrade = true; + + // HTTP defaults... + if (device->general->versionMajor > 5) + httpsSupported = true; + else + httpsUpgrade = true; + if (device->general->versionMajor > 6) + { + httpSupported = true; + httpsRedirect = true; + } + } + } + + return 0; +} + + diff --git a/libnipper-0.12.6/Cisco-Security-PIX/administration.h b/libnipper-0.12.6/Cisco-Security-PIX/administration.h new file mode 100644 index 0000000..427a478 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-PIX/administration.h @@ -0,0 +1,48 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoPIXadministration_H +#define CiscoPIXadministration_H + + +#include "../Cisco-Security/administration.h" + + +class CiscoPIXAdministration : public CiscoSecAdministration +{ + public: + + CiscoPIXAdministration(); + + virtual int processDeviceSpecificDefaults(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security-PIX/device.cpp b/libnipper-0.12.6/Cisco-Security-PIX/device.cpp new file mode 100644 index 0000000..37fbd74 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-PIX/device.cpp @@ -0,0 +1,109 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "../Cisco-Security/general.h" +#include "administration.h" + + +CiscoPIXDevice::CiscoPIXDevice() +{ + deviceMake = "Cisco"; + deviceType = "PIX Security Appliance"; + deviceOS = "PIX"; + + administration = new (CiscoPIXAdministration); +} + + +CiscoPIXDevice::~CiscoPIXDevice() +{ + delete administration; +} + + +int CiscoPIXDevice::processDeviceSpecific(ConfigLine *command, char *line, int lineSize) +{ + + // Version (in general)... + if ((strcmp(command->part(0), "PIX") == 0) && (strcmp(command->part(1), "Version") == 0)) + { + if (config->reportFormat == Config::Debug) + printf("%sVersion Line:%s %s\n", config->COL_GREEN, config->COL_RESET, line); + if (general->version.empty()) + general->version = command->part(2); + } + + else + lineNotProcessed(line); + + return 0; +} + + +bool CiscoPIXDevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + int lineCount = 0; + int returnCode = 0; + bool found = false; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (lineCount < 12)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if ((strcmp(command.part(0), "PIX") == 0) && (strcmp(command.part(1), "Version") == 0)) + found = true; + + lineCount++; + } + fclose(inputFile); + + return found; +} diff --git a/libnipper-0.12.6/Cisco-Security-PIX/device.h b/libnipper-0.12.6/Cisco-Security-PIX/device.h new file mode 100644 index 0000000..1a216c0 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security-PIX/device.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoPIX_H +#define device_CiscoPIX_H + + +#include "../Cisco-Security/device.h" + + +class CiscoPIXDevice : public CiscoSecDevice +{ + public: + CiscoPIXDevice(); + ~CiscoPIXDevice(); + + bool isDeviceType(); + int processDeviceSpecific(ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security/.svn/all-wcprops b/libnipper-0.12.6/Cisco-Security/.svn/all-wcprops new file mode 100644 index 0000000..5897a66 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/all-wcprops @@ -0,0 +1,113 @@ +K 25 +svn:wc:ra_dav:version-url +V 53 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/device.cpp +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 62 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/device.h +END +banner.cpp +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/banner.cpp +END +banner.h +K 25 +svn:wc:ra_dav:version-url +V 62 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/banner.h +END +general.cpp +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/general.cpp +END +snmp.cpp +K 25 +svn:wc:ra_dav:version-url +V 62 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/snmp.cpp +END +authentication.cpp +K 25 +svn:wc:ra_dav:version-url +V 72 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/authentication.cpp +END +snmp.h +K 25 +svn:wc:ra_dav:version-url +V 60 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/snmp.h +END +general.h +K 25 +svn:wc:ra_dav:version-url +V 63 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/general.h +END +interfaces.cpp +K 25 +svn:wc:ra_dav:version-url +V 68 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/interfaces.cpp +END +dns.cpp +K 25 +svn:wc:ra_dav:version-url +V 61 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/dns.cpp +END +authentication.h +K 25 +svn:wc:ra_dav:version-url +V 70 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/authentication.h +END +filter.cpp +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/filter.cpp +END +administration.cpp +K 25 +svn:wc:ra_dav:version-url +V 72 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/administration.cpp +END +interfaces.h +K 25 +svn:wc:ra_dav:version-url +V 66 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/interfaces.h +END +dns.h +K 25 +svn:wc:ra_dav:version-url +V 59 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/dns.h +END +administration.h +K 25 +svn:wc:ra_dav:version-url +V 70 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/administration.h +END +filter.h +K 25 +svn:wc:ra_dav:version-url +V 62 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Cisco-Security/filter.h +END diff --git a/libnipper-0.12.6/Cisco-Security/.svn/entries b/libnipper-0.12.6/Cisco-Security/.svn/entries new file mode 100644 index 0000000..8b050bc --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/entries @@ -0,0 +1,640 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/Cisco-Security +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device.h +file + + + + +2016-02-13T06:47:11.020158Z +ef5cb67898d681379ff0ba46c4020773 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2635 + +banner.cpp +file + + + + +2016-02-13T06:47:11.020158Z +c54f452fee5f68c25bcd7962fb2d8332 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6041 + +banner.h +file + + + + +2016-02-13T06:47:11.020158Z +f33b709cdf88795a7654d9b4c5aa7fa0 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2538 + +general.cpp +file + + + + +2016-02-13T06:47:11.020158Z +cb7ff9259e2d859637d7a6a2c8e27c43 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3792 + +snmp.cpp +file + + + + +2016-02-13T06:47:11.020158Z +751363550e6e72ccd1f5aee44ae8ccc4 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +11799 + +authentication.cpp +file + + + + +2016-02-13T06:47:11.020158Z +9c95c9e803d03390bd32fe0763d2617d +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +28747 + +snmp.h +file + + + + +2016-02-13T06:47:11.020158Z +a0d430630a83017168978e8d5ea73d59 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2670 + +general.h +file + + + + +2016-02-13T06:47:11.020158Z +ab97525b9d920f873cd48accb34a18f2 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2903 + +interfaces.cpp +file + + + + +2016-02-13T06:47:11.020158Z +797d297c5996849114c0d6f9228ecd42 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +11735 + +dns.cpp +file + + + + +2016-02-13T06:47:11.020158Z +0c376301e1d210fb3e87b0142c841092 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +10733 + +authentication.h +file + + + + +2016-02-13T06:47:11.020158Z +b671f68f63635957b28ef4a2619b36e2 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2900 + +filter.cpp +file + + + + +2016-02-13T06:47:11.020158Z +fe2a84e81b3925d127cd3c14e2130e97 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +41650 + +administration.cpp +file + + + + +2016-02-13T06:47:11.020158Z +dfc3221c4f9ffecf1668ef95e8bd164a +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +22265 + +interfaces.h +file + + + + +2016-02-13T06:47:11.020158Z +0cbd3d73af0c8123295e09e366924210 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2596 + +dns.h +file + + + + +2016-02-13T06:47:11.024158Z +446c3c2169d8f46b8e080af2db548fed +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2598 + +administration.h +file + + + + +2016-02-13T06:47:11.024158Z +75ca406f007b12254cfce7b8e9b7d6cf +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3638 + +filter.h +file + + + + +2016-02-13T06:47:11.024158Z +e24469d0ea73ff1b7764c903bdd76037 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2843 + +device.cpp +file + + + + +2016-02-13T06:47:11.020158Z +e6bbeaf8c7efcba9af14d81590725cb5 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +11473 + diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/administration.cpp.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/administration.cpp.svn-base new file mode 100644 index 0000000..777a95e --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/administration.cpp.svn-base @@ -0,0 +1,593 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "administration.h" + + +CiscoSecAdministration::CiscoSecAdministration() +{ + sslCiphers = 0; + sslProtocolVersion.assign("any"); + + + // ----------------------------------------------------------------------- + // Device Specific Settings... + // ----------------------------------------------------------------------- + + // General... + generalSettings = true; // Show the general settings section? + consoleEnabled = true; // Is the Console port enabled? + consoleSupported = true; // Is a console port supported? + consoleTimeoutSupported = true; // Is a console timeout supported? + consoleTimeout = 0; // Console timeout + configConsoleTimeout = i18n("The console timeout can be configured with the following command:*CODE**COMMAND*console timeout *CMDUSER*timeout-minutes*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure the timeout + + // Host restrictions... + serviceWideHosts = false; // Do all the admin services share a common host restrictions? + serviceConfigHosts = i18n(""); // Text, how to configure administrative host restrictions. + + // Telnet options... + telnetSupported = true; // Is telnet supported? + telnetEnabled = false; // Is Telnet enabled? + telnetPort = 23; // The telnet service port + telnetSpecificHost = true; // Does Telnet have its own access list? + telnetHostsRequired = true; // Is the host configuration required? + showTelnetHostInterface = true; // Show the Interface column in the host table? + configTelnetHostAccess = i18n("Telnet management hosts can be configured with the following command:*CODE**COMMAND*telnet *CMDREQUIRE**CMDUSER*hostname*-CMDUSER* *CMROR* *CMDUSER*ip-address*-CMDUSER* *CMDUSER*interface*-CMDUSER**-CMDREQUIRE**-COMMAND**-CODE*"); // How access lists are configured for the telnet service + disableTelnet = i18n("Telnet access to *DEVICENAME* can be disabled by removing access from all the configured management hosts. This can be done with the following command:*CODE**COMMAND*no telnet *CMDREQUIRE**CMDUSER*hostname*-CMDUSER* *CMROR* *CMDUSER*ip-address*-CMDUSER* *CMDUSER*interface*-CMDUSER**-CMDREQUIRE**-COMMAND**-CODE*"); // How to disable telnet text... + telnetSpecificTimeout = true; // A Telnet Specific Timeout? + telnetTimeout = 300; // The Telnet Timeout (secs) + configTelnetTimeout = i18n("Telnet connection timeouts can be configured with the following command:*CODE**COMMAND*telnet timeout *CMDUSER*timeout-minutes*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure the timeout + + // SSH options... + sshPort = 22; // The SSH port number + configSSHSupport = i18n("*ABBREV*SSH*-ABBREV* is enabled on *DEVICETYPE* devices by adding management hosts. This can be done with the following command:*CODE**COMMAND*ssh *CMDUSER*ip-address*-CMDUSER* *CMDUSER*netmask*-CMDUSER* *CMDUSER*interface*-CMDUSER**-COMMAND**-CODE*"); // How to configure SSH... + sshSpecificHost = true; // Does SSH have its own access list? + sshHostsRequired = true; // Is the host configuration required? + showSSHHostInterface = true; // Show the Interface column in the host table? + configSSHHostAccess = i18n("*ABBREV*SSH*-ABBREV* management hosts can be configured with the following command:*CODE**COMMAND*ssh *CMDUSER*ip-address*-CMDUSER* *CMDUSER*netmask*-CMDUSER* *CMDUSER*interface*-CMDUSER**-COMMAND**-CODE*"); // How to configure SSH... + scpSupported = false; // Is SCP supported? + sshSpecificTimeout = true; // A SSH Specific Timeout? + sshTimeout = 300; // The SSH Timeout (secs) + configSSHTimeout = i18n("The *ABBREV*SSH*-ABBREV* connection timeout can be configured with the following command:*CODE**COMMAND*ssh timeout *CMDUSER*timeout-minutes*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure the timeout + + // SSH 2 support... + configSSHv2Support = i18n("*DEVICETYPE* devices can be configured to support only *ABBREV*SSH*-ABBREV* protocol version 2 with the following command:*CODE**COMMAND*ssh version 2*-COMMAND**-CODE*"); // How to configure protocol version 2 support only + + // HTTP(S) options... + httpPort = 80; // HTTP port + httpsPort = 443; // HTTPS port + httpSpecificTimeout = false; // A HTTP Specific Timeout? + httpTimeout = 0; // The HTTP Timeout (secs) + configHTTPTimeout = i18n(""); // The text and commands to configure the timeout + httpLabel = i18n("*ABBREV*HTTP*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*HTTPS*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + httpSpecificHost = true; // Does HTTP have its own access list? + httpHostsRequired = true; // Is the host configuration required? + showHTTPHostInterface = true; // Show the Interface column in the host table? + configHTTPHostAccess = i18n("Web-based management hosts can be added with the following command:*CODE**COMMAND*http *CMDUSER*ip-address*-CMDUSER* *CMDUSER*netmask*-CMDUSER* *CMDUSER*interface*-CMDUSER**-COMMAND**-CODE*"); // How to configure HTTP Management hosts... + disableHTTP = i18n("*ABBREV*HTTP*-ABBREV* access to *DEVICENAME* can be disabled by removing the configured management hosts. This can be done with the following command:*CODE**COMMAND*no http *CMDUSER*ip-address*-CMDUSER* *CMDUSER*netmask*-CMDUSER* *CMDUSER*interface*-CMDUSER**-COMMAND**-CODE*"); // How to disable HTTP text... + configHTTPSSupport = i18n("*ABBREV*HTTPS*-ABBREV* access to *DEVICENAME* can be configured by adding management hosts. This can be done with the following command:*CODE**COMMAND*http *CMDUSER*ip-address*-CMDUSER* *CMDUSER*netmask*-CMDUSER* *CMDUSER*interface*-CMDUSER**-COMMAND**-CODE*"); // How to configure HTTPS... + cipherConfigSupported = true; // Can the Ciphers be configured? + configCipherText = i18n("The *ABBREV*SSL*-ABBREV* encryption protocol can be restricted to the more secure *ABBREV*SSL*-ABBREV* version 2 and *ABBREV*TLS*-ABBREV* version 1. Furthermore, the ciphers can be configured to the more secure ciphers with key lengths of at least 128 bits. This can be done with the following commands:*CODE**COMMAND*ssl server-version *CMDREQUIRE*sslv3-only *CMDOR* tlsv1-only*-CMDREQUIRE**-COMMAND**COMMAND*ssl encryption *CMDREQUIRE*3des-sha1 *CMDOR* aes128-sha1 *CMDOR* aes256-sha1*-CMDREQUIRE**-COMMAND**-CODE*"); // The text to configure a strong cipher. +} + + +CiscoSecAdministration::~CiscoSecAdministration() +{ + if (sslCiphers != 0) + delete sslCiphers; +} + + +void CiscoSecAdministration::addCipherProtocol(cipherConfig *cipherPointer) +{ + // Protocols... + if (sslProtocolVersion.compare("sslv3") == 0) + { + cipherPointer->ssl2 = true; + cipherPointer->ssl3 = true; + } + else if (sslProtocolVersion.compare("tlsv1") == 0) + { + cipherPointer->ssl2 = true; + cipherPointer->tls1 = true; + } + else if (sslProtocolVersion.compare("sslv3-only") == 0) + cipherPointer->ssl3 = true; + else if (sslProtocolVersion.compare("tlsv1-only") == 0) + cipherPointer->tls1 = true; + else + { + cipherPointer->ssl2 = true; + cipherPointer->ssl3 = true; + cipherPointer->tls1 = true; + } +} + + +int CiscoSecAdministration::processDefaults(Device *device) +{ + // Variables... + cipherConfig *cipherPointer = 0; + int errorCode = 0; + int totalCiphers = sslCiphers->parts - 2; + + errorCode = processDeviceSpecificDefaults(device); + + // Telnet... + if (telnetHosts != 0) + telnetEnabled = true; + + // SSH... + if (sshHosts != 0) + sshEnabled = true; + + // HTTP... + if (httpHosts != 0) + { + if (httpsSupported == true) + { + httpsEnabled = true; + if (httpsRedirect == true) + httpEnabled = true; + } + else + httpEnabled = true; + } + + // Ciphers... + if (sslCiphers != 0) + { + defaultCiphers = false; + + for (totalCiphers = sslCiphers->parts - 2; totalCiphers < sslCiphers->parts; totalCiphers++) + { + + // 3DES-SHA1... + if (strcmp(sslCiphers->part(totalCiphers), "3des-sha1") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*3DES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 168; + addCipherProtocol(cipherPointer); + } + + // DES-SHA1... + else if (strcmp(sslCiphers->part(totalCiphers), "3des-sha1") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*3DES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 56; + addCipherProtocol(cipherPointer); + } + + // RC4-MD5... + else if (strcmp(sslCiphers->part(totalCiphers), "rc4-md5") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 40; + addCipherProtocol(cipherPointer); + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 56; + addCipherProtocol(cipherPointer); + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 64; + addCipherProtocol(cipherPointer); + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 128; + addCipherProtocol(cipherPointer); + } + + // AES128-SHA1... + else if (strcmp(sslCiphers->part(totalCiphers), "aes128-sha1") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*AES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 128; + addCipherProtocol(cipherPointer); + } + + // AES192-SHA1... + else if (strcmp(sslCiphers->part(totalCiphers), "aes192-sha1") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*AES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 192; + addCipherProtocol(cipherPointer); + } + + // AES256-SHA1... + else if (strcmp(sslCiphers->part(totalCiphers), "aes256-sha1") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*AES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 256; + addCipherProtocol(cipherPointer); + } + } + } + else + { + defaultCiphers = true; + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*3DES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 168; + addCipherProtocol(cipherPointer); + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*3DES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 56; + addCipherProtocol(cipherPointer); + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 40; + addCipherProtocol(cipherPointer); + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 56; + addCipherProtocol(cipherPointer); + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 64; + addCipherProtocol(cipherPointer); + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 128; + addCipherProtocol(cipherPointer); + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*AES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 128; + addCipherProtocol(cipherPointer); + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*AES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 192; + addCipherProtocol(cipherPointer); + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*AES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 256; + addCipherProtocol(cipherPointer); + } + + return errorCode; +} + + +int CiscoSecAdministration::processDeviceSpecificDefaults(Device *device) +{ + return 0; +} + + +int CiscoSecAdministration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + hostFilter *hostPointer = 0; + int errorCode = 0; + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // console timeout... + if ((strcmp(command->part(tempInt), "console") == 0) && (strcmp(command->part(tempInt + 1), "timeout") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + if (setting == true) + consoleTimeout = atoi(command->part(tempInt)) * 60; + else + consoleTimeout = 0; + } + + // SSL... + else if (strcmp(command->part(tempInt), "ssl") == 0) + { + tempInt++; + + // version... + if (strcmp(command->part(tempInt), "server-version") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSL Server Version Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempInt++; + sslProtocolVersion.assign(command->part(tempInt)); + } + + // encryption... + else if (strcmp(command->part(tempInt), "encryption") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSL Encryption Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + { + tempInt++; + sslCiphers = new (ConfigLine); + sslCiphers->setConfigLine(line); + } + } + + // All others... + else + device->lineNotProcessed(line); + } + + // SSH... + else if (strcmp(command->part(tempInt), "ssh") == 0) + { + tempInt++; + + // version... + if (strcmp(command->part(tempInt), "version") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Version Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == false) + sshVersion = 0; + else if (strcmp(command->part(tempInt), "1") == 0) + sshVersion = 1; + else + sshVersion = 2; + sshSupported = true; + sshUpgrade = false; + ssh2Supported = true; + ssh2upgrade = false; + } + + // timeout... + else if (strcmp(command->part(tempInt), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == false) + sshTimeout = 300; + else + sshTimeout = atoi(command->part(tempInt)) * 60; + sshSupported = true; + sshUpgrade = false; + } + + // scopy... + else if (((strcmp(command->part(tempInt), "scopy") == 0) || (strcmp(command->part(tempInt), "copy") == 0)) && (strcmp(command->part(tempInt + 1), "enable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH SCP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + scpSupported = true; + if (setting == false) + scpEnabled = false; + else + scpEnabled = true; + sshSupported = true; + sshUpgrade = false; + } + + // ssh management hosts... + else if (command->parts > 2) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostPointer = addHostFilter(sshService); + hostPointer->host.assign(command->part(tempInt)); + tempInt++; + if (command->parts == 4) + { + hostPointer->netmask.assign(command->part(tempInt)); + tempInt++; + } + hostPointer->interface.assign(command->part(tempInt)); + sshSupported = true; + sshEnabled = true; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // Telnet... + else if (strcmp(command->part(tempInt), "telnet") == 0) + { + tempInt++; + + // timeout... + if (strcmp(command->part(tempInt), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTelnet Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == false) + telnetTimeout = 300; + else + telnetTimeout = atoi(command->part(tempInt)) * 60; + } + + // Telnet management hosts... + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sTelnet Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostPointer = addHostFilter(telnetService); + hostPointer->host.assign(command->part(tempInt)); + if (command->parts == 3) + { + tempInt++; + hostPointer->interface.assign(command->part(tempInt)); + } + else if (command->parts == 4) + { + tempInt++; + hostPointer->netmask.assign(command->part(tempInt)); + tempInt++; + hostPointer->interface.assign(command->part(tempInt)); + } + } + } + + // HTTP... + else if (strcmp(command->part(tempInt), "http") == 0) + { + tempInt++; + + // server enable... + if ((strcmp(command->part(tempInt), "server") == 0) && (strcmp(command->part(tempInt + 1), "enable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Server Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + httpsEnabled = setting; + httpsSupported = true; + tempInt += 2; + if (tempInt < command->parts) + httpsPort = atoi(command->part(tempInt)); + } + + // Redirect... + else if (strcmp(command->part(tempInt), "redirect") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Redirect Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + httpsRedirect = setting; + httpsSupported = true; + httpSupported = true; + httpEnabled = true; + tempInt += 2; + if (tempInt < command->parts) + httpPort = atoi(command->part(tempInt)); + } + + // Certificate Authentication... + else if (strcmp(command->part(tempInt), "authentication-certificate") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Auth Cert Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + httpsSupported = true; + httpSupported = true; + tempInt += 2; + if (tempInt < command->parts) + httpPort = atoi(command->part(tempInt)); + } + + // Hosts... + else if (command->parts == 4) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Hosts Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostPointer = addHostFilter(httpService); + hostPointer->host.assign(command->part(tempInt)); + tempInt++; + hostPointer->netmask.assign(command->part(tempInt)); + tempInt++; + hostPointer->interface.assign(command->part(tempInt)); + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + + return errorCode; +} + + +int CiscoSecAdministration::generateDeviceHTTPConfig(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINHTTP-TABLE"); + + // HTTPS Certificate... + if (!certificateAuthInterface.empty()) + { + device->addTableData(paragraphPointer->table, i18n("Authentication certificate required on interface")); + device->addTableData(paragraphPointer->table, certificateAuthInterface.c_str()); + } + + return errorCode; +} + diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/administration.h.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/administration.h.svn-base new file mode 100644 index 0000000..525fe25 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/administration.h.svn-base @@ -0,0 +1,71 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoSecadministration_H +#define CiscoSecadministration_H + + +#include "../device/administration/administration.h" + + +class CiscoSecAdministration : public Administration +{ + public: + + CiscoSecAdministration(); + ~CiscoSecAdministration(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int processDeviceSpecificDefaults(Device *device); + + // Methods + //virtual int generateDeviceGeneralConfig(Device *device); // A device specific config report output + //virtual int generateDeviceTelnetConfig(Device *device); // A device specific config report output + //virtual int generateDeviceTFTPConfig(Device *device); // A device specific config report output + //virtual int generateDeviceFTPConfig(Device *device); // A device specific config report output + //virtual int generateDeviceSFTPConfig(Device *device); // A device specific config report output + //virtual int generateDeviceSSHConfig(Device *device); // A device specific config report output + virtual int generateDeviceHTTPConfig(Device *device); // A device specific config report output + + + private: + + void addCipherProtocol(cipherConfig *cipherPointer); + + // Custom properties... + string certificateAuthInterface; + string sslProtocolVersion; + ConfigLine *sslCiphers; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/authentication.cpp.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/authentication.cpp.svn-base new file mode 100644 index 0000000..98d02b3 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/authentication.cpp.svn-base @@ -0,0 +1,841 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "authentication.h" +#include "../device/common/configline.h" + + +CiscoSecAuthentication::CiscoSecAuthentication() +{ + // General... + authenticationConfigIntro = i18n("This section describes the various *DEVICETYPE* device authentication settings."); // Introduction text to the whole section + loginAttemptsSupported = false; // Login attempts supported + loginAttempts = 0; // Login attempts allowed (0 = infinite) + accessWithoutAuthentication = true; // Set to true if access is allowed without authentication + configAccessAuthentication = i18n("The following commands can be used on *DEVICETYPE* devices to configure the initial password, enable password and a user account with a password:*CODE**COMMAND*password *CMDUSER*password*-CMDUSER**-COMMAND**COMMAND*enable password *CMDUSER*password*-CMDUSER**-COMMAND**COMMAND*username *CMDUSER*name*-CMDUSER* password *CMDUSER*password*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure access authentication with a password + + // Authentication Methods... + authMethodSupported = true; // Authentication Method Supported + appliesToSupported = true; // Applies To Supported + namedAuthSupport = true; // Are auth servers named? + + // Local User Options... + encryptionSupported = true; // Show encryption + readOnlySupported = false; // Is read only supported? + outboundACLSupported = false; // Are outbound filtering ACL supported? + privilegeLevelSupported = true; // Are privilege levels supported? + privilegeLevelText = i18n("Privilege Level"); // The table title privilege level text + configDeviceSpecificLocalUsers = i18n(""); // Text for the config report local user section. + filterText = i18n("*ABBREV*ACL*-ABBREV*"); // The table filter column title text + + // TACACS Options... + showTacacsGroupName = true; // Show the TACACS group + showTacacsRetries = true; // Show the TACACS retries + configTacacsKey = i18n("The *ABBREV*TACACS+*-ABBREV* server key can be configured with the following command:*CODE**COMMAND*aaa-server *CMDUSER*server-tag*-CMDUSER* *CMDOPTION**CMDUSER*interface*-CMDUSER**-CMDOPTION* host *CMDUSER*address*-CMDUSER* *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a TACACS+ key + + // RADIUS Options... + showRadiusGroupName = true; // Show the RADIUS group + configRadiusKey = i18n("The *ABBREV*TACACS+*-ABBREV* server key can be configured with the following command:*CODE**COMMAND*aaa-server *CMDUSER*server-tag*-CMDUSER* *CMDOPTION**CMDUSER*interface*-CMDUSER**-CMDOPTION* host *CMDUSER*address*-CMDUSER* *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); + + // KERBEROS Options... + showKerberosGroupName = true; // Show the KERBEROS group + showKerberosTimeout = true; // Show Kerberos timeout + showKerberosRetries = true; // Show Kerberos retries + + // LDAP Options... + showLDAPGroupName = true; // Show the LDAP group + configLDAPPassword = i18n("The *ABBREV*TACACS+*-ABBREV* password can be configured using the following command in the aaa-server group command mode:*CODE**COMMAND*ldap-login-password *CMDUSER*password*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure an LDAP server password + + // SecurID Options... + showSecurIDGroupName = true; // Show the SecurID group + + // NT Options... + showNTGroupName = true; // Show the NT group + + + serverProtocol = tacacsAuth; + serverAdded = false; + timeout = 10; +} + + +int CiscoSecAuthentication::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + localUserConfig *userPointer = 0; + tacacsServerConfig *tacacsPointer = 0; + radiusServerConfig *radiusPointer = 0; + kerberosServerConfig *kerberosPointer = 0; + ldapServerConfig *ldapPointer = 0; + securidServerConfig *securidPointer = 0; + ntServerConfig *ntPointer = 0; + authConfig *authPointer = 0; + fpos_t filePosition; + bool setting = false; + int tempInt = 0; + int errorCode = 0; + string tempString; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // username... + if ((strcmp(command->part(tempInt), "username") == 0) && ((strcmp(command->part(tempInt + 2), "password") == 0) || (strcmp(command->part(tempInt + 2), "nopassword") == 0))) + { + if (device->config->reportFormat == Config::Debug) + printf("%sUsername Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + { + userPointer = getUser(command->part(tempInt)); + userPointer->privilegeLevel.assign("2"); + userPointer->encryption = clearText; + tempInt++; + if (strcmp(command->part(tempInt), "password") == 0) + { + tempInt++; + userPointer->password.assign(command->part(tempInt)); + if (strcmp(command->part(tempInt + 1), "encrypted") == 0) + { + userPointer->password.assign(device->isEncryptedDictionaryPassword(command->part(tempInt))); + if (userPointer->password.length() == 0) + { + device->addJohnPassword(userPointer->username.c_str(), command->part(tempInt)); + userPointer->password.assign(command->part(tempInt)); + userPointer->encryption = md5Encryption; + } + tempInt += 2; + } + else if (strcmp(command->part(tempInt + 1), "mschap") == 0) + { + userPointer->password.assign(device->isEncryptedDictionaryPassword(command->part(tempInt))); + if (userPointer->password.length() == 0) + { + device->addJohnPassword(userPointer->username.c_str(), command->part(tempInt)); + userPointer->encryption = md4Encryption; + } + tempInt += 2; + } + else if (strcmp(command->part(tempInt + 1), "nt-encrypted") == 0) + { + userPointer->password.assign(device->isEncryptedDictionaryPassword(command->part(tempInt))); + if (userPointer->password.length() == 0) + { + device->addJohnPassword(userPointer->username.c_str(), command->part(tempInt)); + userPointer->encryption = ntEncryption; + } + tempInt += 2; + } + } + else if (strcmp(command->part(tempInt), "nopassword") == 0) + tempInt++; + + if (strcmp(command->part(tempInt), "privilege") == 0) + { + tempInt++; + userPointer->privilegeLevel.assign(command->part(tempInt)); + if (strcmp(command->part(tempInt), "15") == 0) + userPointer->adminAccess = true; + } + } + } + + // enable... + else if ((strcmp(command->part(tempInt), "enable") == 0) && (strcmp(command->part(tempInt + 1), "password") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sEnable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + + if (setting == true) + { + userPointer = getUser("enable"); + userPointer->privilegeLevel.assign("15"); + userPointer->encryption = clearText; + userPointer->adminAccess = true; + userPointer->password.assign(command->part(tempInt)); + tempInt++; + + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "encrypted") == 0) + { + tempString.assign(device->isEncryptedDictionaryPassword(userPointer->password.c_str())); + if (tempString.length() == 0) + { + device->addJohnPassword(userPointer->username.c_str(), userPointer->password.c_str()); + userPointer->encryption = md5Encryption; + } + else + userPointer->password.assign(tempString.c_str()); + } + + else if (strcmp(command->part(tempInt), "level") == 0) + { + tempInt++; + userPointer->privilegeLevel.assign(command->part(tempInt)); + } + + tempInt++; + } + } + } + + // password... + else if ((strcmp(command->part(tempInt), "password") == 0) || (strcmp(command->part(tempInt), "passwd") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPassword Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + accessWithoutAuthentication = false; + tempInt++; + + if (setting == true) + { + userPointer = getUser("password"); + userPointer->encryption = clearText; + userPointer->password.assign(command->part(tempInt)); + tempInt++; + + if (strcmp(command->part(tempInt), "encrypted") == 0) + { + tempString.assign(device->isEncryptedDictionaryPassword(userPointer->password.c_str())); + if (tempString.length() == 0) + { + device->addJohnPassword(userPointer->username.c_str(), userPointer->password.c_str()); + userPointer->encryption = md5Encryption; + } + else + userPointer->password.assign(tempString.c_str()); + } + } + } + + // aaa authentication... + else if ((strcmp(command->part(tempInt), "aaa") == 0) && (strcmp(command->part(tempInt + 1), "authentication") == 0) && ((strcmp(command->part(tempInt + 2), "serial") == 0) || (strcmp(command->part(tempInt + 2), "enable") == 0) || (strcmp(command->part(tempInt + 2), "http") == 0) || (strcmp(command->part(tempInt + 2), "ssh") == 0) || (strcmp(command->part(tempInt + 2), "telnet") == 0))) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Authentication Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + + authPointer = addMethod(); + authPointer->name.assign(command->part(tempInt + 2)); + authPointer->appliesTo.assign(command->part(tempInt)); + + tempInt += 2; + if (strcasecmp(command->part(tempInt), "LOCAL") != 0) + { + radiusPointer = radiusServer; + while (radiusPointer != 0) + { + if (strcmp(command->part(tempInt), radiusPointer->groupName.c_str()) == 0) + authPointer->method = radiusAuth; + radiusPointer = radiusPointer->next; + } + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + if (strcmp(command->part(tempInt), tacacsPointer->groupName.c_str()) == 0) + authPointer->method = tacacsAuth; + tacacsPointer = tacacsPointer->next; + } + kerberosPointer = kerberosServer; + while (kerberosPointer != 0) + { + if (strcmp(command->part(tempInt), kerberosPointer->groupName.c_str()) == 0) + authPointer->method = kerberosAuth; + kerberosPointer = kerberosPointer->next; + } + securidPointer = securidServer; + while (securidPointer != 0) + { + if (strcmp(command->part(tempInt), securidPointer->groupName.c_str()) == 0) + authPointer->method = securidAuth; + securidPointer = securidPointer->next; + } + ntPointer = ntServer; + while (ntPointer != 0) + { + if (strcmp(command->part(tempInt), ntPointer->groupName.c_str()) == 0) + authPointer->method = ntAuth; + ntPointer = ntPointer->next; + } + ldapPointer = ldapServer; + while (ldapPointer != 0) + { + if (strcmp(command->part(tempInt), ldapPointer->groupName.c_str()) == 0) + authPointer->method = ldapAuth; + ldapPointer = ldapPointer->next; + } + } + } + + // auth protocol... + else if ((strcmp(command->part(tempInt), "aaa-server") == 0) && (strcmp(command->part(tempInt + 2), "protocol") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Server Protocol Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (serverGroup.compare(command->part(tempInt)) != 0) + { + serverAdded = false; + timeout = 10; + key.assign(""); + } + + serverGroup.assign(command->part(tempInt)); + if (strcmp(command->part(tempInt + 2), "tacacs+") == 0) + { + serverProtocol = tacacsAuth; + } + else if (strcmp(command->part(tempInt + 2), "radius") == 0) + { + serverProtocol = radiusAuth; + } + else if (strcmp(command->part(tempInt + 2), "kerberos") == 0) + { + serverProtocol = kerberosAuth; + } + else if (strcmp(command->part(tempInt + 2), "sdi") == 0) + { + serverProtocol = securidAuth; + } + else if (strcmp(command->part(tempInt + 2), "ldap") == 0) + { + serverProtocol = ldapAuth; + } + else if (strcmp(command->part(tempInt + 2), "nt") == 0) + { + serverProtocol = ntAuth; + } + } + + // auth host... + else if ((strcmp(command->part(tempInt), "aaa-server") == 0) && ((strcmp(command->part(tempInt + 2), "host") == 0) || (strcmp(command->part(tempInt + 3), "host") == 0))) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Server Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if ((setting == true) && (strcmp(command->part(tempInt), serverGroup.c_str()) == 0)) + { + tempInt++; + if (strcmp(command->part(tempInt), "host") == 0) + tempInt++; + else + tempInt += 2; + switch (serverProtocol) + { + case radiusAuth: + radiusPointer = addRadiusServer(); + radiusPointer->groupName.assign(serverGroup); + radiusPointer->key.assign(key); + radiusPointer->address.assign(command->part(tempInt)); + if (serverAdded == false) + { + radiusPointer->description.assign(i18n("Primary")); + } + else + { + radiusPointer->description.assign(i18n("Secondary")); + } + serverAdded = true; + radiusPointer->timeout = 10; + radiusPointer->retries = 10; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "timeout") != 0) + { + radiusPointer->key.assign(command->part(tempInt)); + key.assign(command->part(tempInt)); + } + else + { + tempInt++; + timeout = atoi(command->part(tempInt)); + radiusPointer->timeout = timeout; + } + + tempInt++; + } + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + // Split it up into parts... + command->setConfigLine(line); + + if (strcmp(command->part(0), "key") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sKey Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer->key.assign(command->part(1)); + } + else if (strcmp(command->part(0), "retry-interval") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRetry Interval Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer->retries = atoi(command->part(1)); + } + else if (strcmp(command->part(0), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTimeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer->timeout = atoi(command->part(1)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + } + // Set file position back + fsetpos(device->inputFile, &filePosition); + break; + + case tacacsAuth: + tacacsPointer = addTacacsServer(); + tacacsPointer->groupName.assign(serverGroup); + tacacsPointer->key.assign(key); + tacacsPointer->address.assign(command->part(tempInt)); + if (serverAdded == false) + { + tacacsPointer->description.assign(i18n("Primary")); + } + else + { + tacacsPointer->description.assign(i18n("Secondary")); + } + serverAdded = true; + tacacsPointer->timeout = 10; + tacacsPointer->retries = 10; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "timeout") != 0) + { + tacacsPointer->key.assign(command->part(tempInt)); + key.assign(command->part(tempInt)); + } + else + { + tempInt++; + timeout = atoi(command->part(tempInt)); + tacacsPointer->timeout = timeout; + } + + tempInt++; + } + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + // Split it up into parts... + command->setConfigLine(line); + + if (strcmp(command->part(0), "key") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sKey Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer->key.assign(command->part(1)); + } + else if (strcmp(command->part(0), "retry-interval") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRetry Interval Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer->retries = atoi(command->part(1)); + } + else if (strcmp(command->part(0), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTimeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer->timeout = atoi(command->part(1)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + } + // Set file position back + fsetpos(device->inputFile, &filePosition); + break; + + case ldapAuth: + ldapPointer = addLDAPServer(); + ldapPointer->groupName.assign(serverGroup); + ldapPointer->password.assign(key); + ldapPointer->address.assign(command->part(tempInt)); + if (serverAdded == false) + { + ldapPointer->description.assign(i18n("Primary")); + } + else + { + ldapPointer->description.assign(i18n("Secondary")); + } + serverAdded = true; + ldapPointer->timeout = 10; + ldapPointer->retries = 10; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "timeout") == 0) + { + tempInt++; + timeout = atoi(command->part(tempInt)); + ldapPointer->timeout = timeout; + } + + tempInt++; + } + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + // Split it up into parts... + command->setConfigLine(line); + + if (strcmp(command->part(0), "ldap-login-password") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPassword Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ldapPointer->password.assign(command->part(1)); + } + else if (strcmp(command->part(0), "ldap-naming-attribute") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ldapPointer->cn.assign(command->part(1)); + } + else if (strcmp(command->part(0), "ldap-login-dn") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ldapPointer->dn.assign(command->part(1)); + } + else if (strcmp(command->part(0), "ldap-dn") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ldapPointer->dn.assign(command->part(1)); + } + else if (strcmp(command->part(0), "retry-interval") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRetry Interval Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ldapPointer->retries = atoi(command->part(1)); + } + else if (strcmp(command->part(0), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTimeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ldapPointer->timeout = atoi(command->part(1)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + } + // Set file position back + fsetpos(device->inputFile, &filePosition); + break; + + case securidAuth: + securidPointer = addSecurIDServer(); + securidPointer->groupName.assign(serverGroup); + securidPointer->address.assign(command->part(tempInt)); + if (serverAdded == false) + { + securidPointer->description.assign(i18n("Primary")); + } + else + { + securidPointer->description.assign(i18n("Secondary")); + } + serverAdded = true; + securidPointer->timeout = 10; + securidPointer->retries = 10; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "timeout") == 0) + { + tempInt++; + timeout = atoi(command->part(tempInt)); + securidPointer->timeout = timeout; + } + + tempInt++; + } + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + // Split it up into parts... + command->setConfigLine(line); + + if (strcmp(command->part(0), "retry-interval") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRetry Interval Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + securidPointer->retries = atoi(command->part(1)); + } + else if (strcmp(command->part(0), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTimeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + securidPointer->timeout = atoi(command->part(1)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + } + // Set file position back + fsetpos(device->inputFile, &filePosition); + break; + + case kerberosAuth: + kerberosPointer = addKerberosServer(); + kerberosPointer->groupName.assign(serverGroup); + kerberosPointer->address.assign(command->part(tempInt)); + if (serverAdded == false) + { + kerberosPointer->description.assign(i18n("Primary")); + } + else + { + kerberosPointer->description.assign(i18n("Secondary")); + } + serverAdded = true; + kerberosPointer->timeout = 10; + kerberosPointer->retries = 10; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "timeout") != 0) + { + kerberosPointer->realm.assign(command->part(tempInt)); + key.assign(command->part(tempInt)); + } + else + { + tempInt++; + timeout = atoi(command->part(tempInt)); + kerberosPointer->timeout = timeout; + } + + tempInt++; + } + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + // Split it up into parts... + command->setConfigLine(line); + + if (strcmp(command->part(0), "kerberos-realm") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRealm Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + kerberosPointer->realm.assign(command->part(1)); + } + else if (strcmp(command->part(0), "retry-interval") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRetry Interval Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + kerberosPointer->retries = atoi(command->part(1)); + } + else if (strcmp(command->part(0), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTimeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + kerberosPointer->timeout = atoi(command->part(1)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + } + // Set file position back + fsetpos(device->inputFile, &filePosition); + break; + + default: + ntPointer = addNTServer(); + ntPointer->groupName.assign(serverGroup); + ntPointer->address.assign(command->part(tempInt)); + if (serverAdded == false) + { + ntPointer->description.assign(i18n("Primary")); + } + else + { + ntPointer->description.assign(i18n("Secondary")); + } + serverAdded = true; + ntPointer->timeout = 10; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "timeout") != 0) + { + ntPointer->pdc.assign(command->part(tempInt)); + key.assign(command->part(tempInt)); + } + else + { + tempInt++; + timeout = atoi(command->part(tempInt)); + ntPointer->timeout = timeout; + } + + tempInt++; + } + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + // Split it up into parts... + command->setConfigLine(line); + + if (strcmp(command->part(0), "nt-auth-domain-controller") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNT Auth Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ntPointer->pdc.assign(command->part(1)); + } + else if (strcmp(command->part(0), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTimeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ntPointer->timeout = atoi(command->part(1)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + } + // Set file position back + fsetpos(device->inputFile, &filePosition); + break; + } + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return errorCode; +} + + +int CiscoSecAuthentication::processDefaults(Device *device) +{ + return 0; +} diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/authentication.h.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/authentication.h.svn-base new file mode 100644 index 0000000..227751f --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/authentication.h.svn-base @@ -0,0 +1,62 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoSecauthentication_H +#define CiscoSecauthentication_H + + +#include "../device/authentication/authentication.h" + + +class CiscoSecAuthentication : public Authentication +{ + public: + + CiscoSecAuthentication(); + + + // ----------------------------------------------------------------------- + // Standard Device Class Methods... + // ----------------------------------------------------------------------- + + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + + + private: + string serverGroup; + authMethodEnum serverProtocol; + bool serverAdded; + int timeout; + string key; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/banner.cpp.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/banner.cpp.svn-base new file mode 100644 index 0000000..b79514d --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/banner.cpp.svn-base @@ -0,0 +1,139 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "banner.h" + + +CiscoSecBanner::CiscoSecBanner() +{ + // Banner settings... + preLogonBanner = true; // Support Banner(s) Before Logon? + postLogonBanner = true; // Support Banner(s) After Logon? + configPreLogonBanner = i18n("The *ABBREV*MOTD*-ABBREV* banner message is displayed before logon for connections to *DEVICENAME*. The *ABBREV*MOTD*-ABBREV* banner message can be configured with the following command:*CODE**COMMAND*banner motd *CMDUSER*message-text*-CMDUSER**-COMMAND**-CODE*"); // The text that explains how to config a prelogon banner, with commands... + configPostLogonBanner = i18n("The Exec banner message is displayed once a successful logon has occured, before the enable prompt. The Exec banner message can be configured with the following command:*CODE**COMMAND*banner exec *CMDUSER*message-text*-CMDUSER**-COMMAND**-CODE*"); // The text that explains how to config a post logon banner, with commands... +} + + +int CiscoSecBanner::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + bannerStruct *bannerPointer = 0; + int errorCode = 0; + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 2; + setting = false; + } + else + { + tempInt = 1; + setting = true; + } + + // Exec... + if (strcmp(command->part(tempInt), "exec") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sExec Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + { + bannerPointer = getBanner("Exec"); + if (bannerPointer == 0) + { + bannerPointer = addBanner(); + bannerPointer->banner = postLogon; + bannerPointer->name.assign("Exec"); + bannerPointer->description.assign(i18n("The Exec banner is displayed after a connection logon has occured and before the enable prompt.")); + bannerPointer->connectionType = anyConnection; + bannerPointer->bannerFile = false; + } + addBannerLine(bannerPointer, strstr(line, "exec") + 5); + } + } + + // MOTD... + else if (strcmp(command->part(tempInt), "motd") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + { + bannerPointer = getBanner("*ABBREV*MOTD*-ABBREV*"); + if (bannerPointer == 0) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign("*ABBREV*MOTD*-ABBREV*"); + bannerPointer->description.assign(i18n("The *ABBREV*MOTD*-ABBREV* banner is displayed when a user connects, before the logon prompt.")); + bannerPointer->connectionType = anyConnection; + bannerPointer->bannerFile = false; + } + addBannerLine(bannerPointer, strstr(line, "motd") + 5); + } + } + + // Login... + else if (strcmp(command->part(tempInt), "login") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLogin Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + { + bannerPointer = getBanner("Login"); + if (bannerPointer == 0) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign("Login"); + bannerPointer->description.assign(i18n("The Login banner is displayed when a Telnet user connects, before the logon prompt but after any configured *ABBREV*MOTD*-ABBREV* banner message.")); + bannerPointer->connectionType = telnetConnection; + bannerPointer->bannerFile = false; + } + addBannerLine(bannerPointer, strstr(line, "login") + 6); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return errorCode; +} + diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/banner.h.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/banner.h.svn-base new file mode 100644 index 0000000..86461a5 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/banner.h.svn-base @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoSecbanner_H +#define CiscoSecbanner_H + + +#include "../device/banner/banner.h" + + +class CiscoSecBanner : public Banner +{ + public: + + CiscoSecBanner(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..7a9a835 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,311 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" +#include "administration.h" +#include "banner.h" +#include "snmp.h" +#include "filter.h" +#include "dns.h" +#include "authentication.h" +#include "interfaces.h" + + +CiscoSecDevice::CiscoSecDevice() +{ + deviceMake = "Cisco"; + deviceType = "Security Appliance Generic"; + deviceOS = "PIX"; + + general = new (CiscoSecGeneral); + banner = new (CiscoSecBanner); + snmp = new (CiscoSecSNMP); + filter = new (CiscoSecFilter); + dns = new (CiscoSecDNS); + authentication = new (CiscoSecAuthentication); + interfaces = new (CiscoSecInterfaces); +} + + +CiscoSecDevice::~CiscoSecDevice() +{ + delete general; + delete banner; + delete snmp; + delete filter; + delete dns; + delete authentication; + delete interfaces; +} + + +Device::encryptDictionaryStruct builtincsencdict8 = {"7S8ePYKfPDzMXKcC", "network", 0}; +Device::encryptDictionaryStruct builtincsencdict7 = {"BGogFIdB6jmwTyg7", "secret", &builtincsencdict8}; +Device::encryptDictionaryStruct builtincsencdict6 = {"Owo3Y8stBKQ1SpVk", "administrator", &builtincsencdict7}; +Device::encryptDictionaryStruct builtincsencdict5 = {"F2J0OlM3WTw7kVED", "supervisor", &builtincsencdict6}; +Device::encryptDictionaryStruct builtincsencdict4 = {"PVSASRJovmamnVkD", "admin", &builtincsencdict5}; +Device::encryptDictionaryStruct builtincsencdict3 = {"9jNfZuG3TC5tCVH0", "cisco123", &builtincsencdict4}; +Device::encryptDictionaryStruct builtincsencdict2 = {"XejxZFfyt2wxqfff", "Cisco", &builtincsencdict3}; +Device::encryptDictionaryStruct builtincsencdict1 = {"2KFQnbNIdI.2KYOU", "cisco", &builtincsencdict2}; +Device::encryptDictionaryStruct builtincsencdict = {"NuLKvvWGg.x9HEKO", "password", &builtincsencdict1}; + + +int CiscoSecDevice::processDevice() +{ + // Variables... + char line[1024]; + ConfigLine command; + unsigned int tempInt = 0; + int tempVersion = 0; + bool setting = false; + + // Set encrypted dictionary... + encryptedDictionary = &builtincsencdict; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Init + if (strcmp(command.part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + if (line[0] == '!') + { } + + // Object Group... + else if (strcmp(command.part(tempInt), "object-group") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Access List... + else if (strcmp(command.part(tempInt), "access-list") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Conduit... + else if (strcmp(command.part(tempInt), "conduit") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Outbound... + else if (strcmp(command.part(tempInt), "outbound") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Time Range... + else if (strcmp(command.part(tempInt), "time-range") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Enable... + else if (strcmp(command.part(tempInt), "enable") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Username... + else if (strcmp(command.part(tempInt), "username") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // aaa authentication... + else if ((strcmp(command.part(tempInt), "aaa") == 0) && (strcmp(command.part(tempInt + 1), "authentication") == 0)) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // auth server... + else if (strcmp(command.part(tempInt), "aaa-server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Password... + else if (strcmp(command.part(tempInt), "password") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Passwd... + else if (strcmp(command.part(tempInt), "passwd") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // nameif... + else if (strcmp(command.part(tempInt), "nameif") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // interface... + else if (strcmp(command.part(tempInt), "interface") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // ip address... + else if ((strcmp(command.part(tempInt), "ip") == 0) && (strcmp(command.part(tempInt + 1), "address") == 0)) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // failover... + else if (strcmp(command.part(tempInt), "failover") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Access Group... + else if (strcmp(command.part(tempInt), "access-group") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Hostname (in general)... + else if (strcmp(command.part(tempInt), "hostname") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SNMP (in SNMP)... + else if (strcmp(command.part(tempInt), "snmp-server") == 0) + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Console... + else if ((strcmp(command.part(tempInt), "console") == 0) && (strcmp(command.part(tempInt + 1), "timeout") == 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // HTTP... + else if (strcmp(command.part(tempInt), "http") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Name... + else if (strcmp(command.part(tempInt), "name") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // domain-name... + else if (strcmp(command.part(tempInt), "domain-name") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // dns... + else if (strcmp(command.part(tempInt), "dns") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SSH... + else if (strcmp(command.part(tempInt), "ssh") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Telnet... + else if (strcmp(command.part(tempInt), "telnet") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Banner... + else if ((strcmp(command.part(tempInt), "banner") == 0) && ((strcmp(command.part(tempInt + 1), "exec") == 0) || (strcmp(command.part(tempInt + 1), "login") == 0) || (strcmp(command.part(tempInt + 1), "exec") == 0))) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SSL... + else if (strcmp(command.part(tempInt), "ssl") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + processDeviceSpecific(&command, (char *)&line, sizeof(line)); + } + + if ((general->version.empty()) && (config->deviceTypeChecks == true)) + return libnipper_error_wrongdevice; + + // Sort out any specified version... + if (config->osVersion != 0) + { + if (strlen(config->osVersion) > 0) + { + general->version.assign(config->osVersion); + + // Version Major... + tempVersion = atoi(config->osVersion); + if ((tempVersion != 0) || (config->osVersion[0] == '0')) + { + general->versionMajor = tempVersion; + tempInt = 0; + while ((tempInt < strlen(config->osVersion)) && (config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Minor... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionMinor = tempVersion; + general->noMinor = false; + + while ((tempInt < strlen(config->osVersion)) && (config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Revision... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionRevision = tempVersion; + general->noRevision = false; + + while ((tempInt < strlen(config->osVersion)) &&(config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Tweak... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionTweak = tempVersion; + general->noTweak = false; + } + } + } + } + } + } + } + } + } + + return 0; +} + + +int CiscoSecDevice::processDeviceSpecific(ConfigLine *command, char *line, int lineSize) +{ + lineNotProcessed(line); + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..ebef816 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/device.h.svn-base @@ -0,0 +1,51 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoSec_H +#define device_CiscoSec_H + + +#include "../device/device.h" + +class CiscoSecGeneral; + +class CiscoSecDevice : public Device +{ + public: + CiscoSecDevice(); + ~CiscoSecDevice(); + + virtual int processDevice(); + virtual int processDeviceSpecific(ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/dns.cpp.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/dns.cpp.svn-base new file mode 100644 index 0000000..36ba55c --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/dns.cpp.svn-base @@ -0,0 +1,308 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "dns.h" +#include "general.h" + + +CiscoSecDNS::CiscoSecDNS() +{ + nameMappingConfig = i18n("*DEVICETYPE* devices can be configured with a list of host name to *ABBREV*IP*-ABBREV* address mappings for use within the configuration. This section details those settings."); // The text paragraph in the config section + + // Host configuration + showInterface = false; // Are interfaces supported? + + // DNS Client Settings + dnsClientSupported = false; // DNS Client Supported? + dnsLookupEnabled = false; // DNS lookups enabled? + disableLookup = "*ABBREV*DNS*-ABBREV* lookups are disabled or enabled on specific interfaces on *DEVICETYPE* devices. The following command can be used to disable *ABBREV*DNS*-ABBREV* lookups:*CODE**COMMAND*no dns domain-lookup *CMDUSER*interface*-CMDUSER**-COMMAND**-CODE*"; // The text and commands to disable DNS lookup + dnsRetries = 2; // DNS lookup retries + dnsRetriesSupported = false; // DNS lookup retries Supported? + dnsTimeout = 2; // DNS timeout + dnsTimeoutSupported = false; // DNS timeout Supported? + + // DNS Server Options... + dnsRecordKeepAliveSupported = false; // Is the DNS keep Alive message type supported? + returnRecordsSupported = false; // Is the single/multiple record field supported? + dynamicDNSSupported = false; // Is Dynamic DNS Supported? + dnsServerSupported = false; // Is DNS Server Supported? + dnsServiceEnabled = false; // Is the DNS service enabled? + dynamicDNSEnabled = false; // Is dynamic DNS enabled? + dnsPort = 53; // DNS Server Port + + + // Device specific... + dnsClientUsed = false; +} + + +int CiscoSecDNS::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + dnsConfig *dnsPointer = 0; + hostNameConfig *namePointer = 0; + fpos_t filePosition; + int tempInt = 0; + bool setting = false; + bool first = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // name... + if (strcmp(command->part(tempInt), "name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sName Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + namePointer = addHostName(command->part(tempInt + 1), command->part(tempInt)); + } + + // domain name... + else if (strcmp(command->part(tempInt), "domain-name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDomain Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + dnsDomain.assign(command->part(tempInt)); + } + + // dns lookups... + else if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "domain-lookup") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Domain Lookup Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + dnsClientUsed = true; + + if (setting == true) + dnsLookupEnabled = true; + } + + // dns name-server... + else if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "name-server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Name Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + dnsClientUsed = true; + + first = true; + while (tempInt < command->parts) + { + if (first == true) + { + dnsPointer = addDNSServer(command->part(tempInt)); + dnsPointer->description.assign(i18n("Primary")); + first = false; + } + else + { + dnsPointer = addDNSServer(command->part(tempInt)); + dnsPointer->description.assign(i18n("Secondary")); + } + tempInt++; + } + } + + // dns retries... + else if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "retries") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Retries Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + dnsClientUsed = true; + + if (setting == true) + dnsRetries = atoi(command->part(tempInt)); + } + + // dns timeout... + else if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "timeout") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + dnsClientUsed = true; + + if (setting == true) + dnsTimeout = atoi(command->part(tempInt)); + } + + // dns server groupt... + else if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "server-group") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Server Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + dnsClientUsed = true; + + fgetpos(device->inputFile, &filePosition); + + while (((line[0] == ' ') || (strcmp(command->part(0), "server-group") == 0)) && (feof(device->inputFile) == 0)) + { + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Domain-name + if (strcmp(command->part(tempInt), "domain-name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDomain Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + dnsDomain.assign(command->part(tempInt)); + } + + else if (strcmp(command->part(tempInt), "name-server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Name Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + + first = true; + while (tempInt < command->parts) + { + if (first == true) + { + dnsPointer = addDNSServer(command->part(tempInt)); + dnsPointer->description.assign(i18n("Primary")); + first = false; + } + else + { + dnsPointer = addDNSServer(command->part(tempInt)); + dnsPointer->description.assign(i18n("Secondary")); + } + tempInt++; + } + } + + // dns retries... + else if (strcmp(command->part(tempInt), "retries") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Retries Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + dnsRetries = atoi(command->part(tempInt)); + } + + // dns timeout... + else if (strcmp(command->part(tempInt), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + dnsTimeout = atoi(command->part(tempInt)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoSecDNS::processDefaults(Device *device) +{ + // Enable DNS client? + if (dnsClientUsed == false) + { + if (device->general != 0) + { + if ((device->general->versionMajor > 7) || ((device->general->versionMajor == 7) && (device->general->versionMinor > 0)) || ((device->general->versionMajor == 7) && (device->general->versionMinor == 0) && (device->general->versionRevision > 0))) + dnsClientUsed = true; + } + } + if (dnsClientUsed == true) + { + dnsClientSupported = true; + dnsRetriesSupported = true; + dnsTimeoutSupported = true; + nameMappingConfig = i18n("*DEVICETYPE* devices can be configured with a list of host name to *ABBREV*IP*-ABBREV* address mappings for use within the configuration. Additionally, *DEVICETYPE* devices from *DEVICEOS* version 7.0(1) can be configured to make use of *ABBREV*DNS*-ABBREV* servers to perform name lookups. This section details those settings."); // The text paragraph in the config section + } + + // If there are no name servers, how can there be any lookups? + if (dnsServer == 0) + dnsLookupEnabled = false; + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/dns.h.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/dns.h.svn-base new file mode 100644 index 0000000..ff652cc --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/dns.h.svn-base @@ -0,0 +1,54 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoSecDNS_H +#define CiscoSecDNS_H + + +#include "../device/dns/dns.h" + + +class CiscoSecDNS : public DNS +{ + public: + + CiscoSecDNS(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + private: + + bool dnsClientUsed; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/filter.cpp.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/filter.cpp.svn-base new file mode 100644 index 0000000..3a00fb7 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/filter.cpp.svn-base @@ -0,0 +1,991 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "filter.h" + + +CiscoSecFilter::CiscoSecFilter() +{ + // Filter text... + standardACLText = i18n("Standard *ABBREV*ACL*-ABBREV*"); + standardACLDescription = i18n("Standard *ABBREV*ACLs*-ABBREV* only define the source address and process the packet solely based on that, they are typically used to restrict access to device services or protocols."); + extendedACLText = i18n("Extended *ABBREV*ACL*-ABBREV*"); + extendedACLDescription = i18n("Extended *ABBREV*ACLs*-ABBREV* permit or deny network traffic based on the source and destination addresses and network ports. Extended *ABBREV*ACLs*-ABBREV* are used for checks on traffic passing through the *DEVICENAME*."); + conduitText = i18n("Conduit"); + conduitDescription = i18n("Conduit rules permit or deny network traffic based on the source and destination addresses and network ports. Conduit rules are used for checks on incoming external traffic passing through the *DEVICENAME*. It is worth noting that conduit configurations should be considered legacy and have been replaced with extended *ABBREV*ACL*-ABBREV*"); + outboundText = i18n("Outbound"); + outboundDescription = i18n("Outbound rules permit or deny network traffic based on the address, network port(s) and protocol used. Outbound rules are used for checks on outgoing external traffic and act differently to other network filtering configurations where the first rule that matches is the one that takes precedence. Exception rules can be configured to exclude addresses and ports from the previous permit or deny rule . It is worth noting that outbound configurations should be considered legacy and have been replaced with *ABBREV*ACL*-ABBREV*"); + + // Object options... + networkObjectName = i18n("Network Objects"); // The name for the object (used in config report) + networkObjectDescription = i18n("Network object groups are used to define a group of hosts and networks in order to ease the management of the *DEVICETYPE* device. Additionally, object groups can be added to other object groups."); // The description for the object (config report) + protocolObjectName = i18n("Protocol Objects"); // The name for the object (used in config report) + protocolObjectDescription = i18n("Protocol object groups are used to define a group of network protocols to ease the management of the *DEVICETYPE* device. Additionally, object groups can be added to other object groups."); // The description for the object (config report) + icmpObjectName = i18n("*ABBREV*ICMP*-ABBREV* Objects"); // The name for the object (used in config report) + icmpObjectDescription = i18n("*ABBREV*ICMP*-ABBREV* object groups are used to define a group of *ABBREV*ICMP*-ABBREV* message types in order to ease the management of the *DEVICETYPE* device. Additionally, object groups can be added to other object groups."); // The description for the object (config report) + serviceObjectName = i18n("Service Objects"); // The name for the object (used in config report) + serviceObjectDescription = i18n("Service object groups are used to define a group of network services in order to ease the management of the *DEVICETYPE* device. Additionally, object groups can be added to other object groups."); // The description for the object (config report) + + // Filter device options... + logLevelsSupported = true; // Are log Levels supported + logOnlyDenySupported = true; // Is only Deny rule logging supported + noAccessWithoutFilters = true; // Is access not granted if no filters are configured + allowName = i18n("Permit"); // The name given to an allowed filter + denyName = i18n("Deny"); // The name given to a denied filter + ruleListsAreAssigned = true; // Rule lists are assigned to specific elements + filterConfigTitle = i18n("*ABBREV*ACL*-ABBREV* Configuration"); // The Title for the configuration report section + filterConfigText = i18n("*ABBREV*ACL*-ABBREV* are sequential lists of apply or deny *ABBREV*ACEs*-ABBREV* that a *DEVICETYPE* device will apply to the network traffic. The *DEVICETYPE* device will check network traffic against the *ABBREV*ACL*-ABBREV* and the first *ABBREV*ACE*-ABBREV* that matches will determine whether the network traffic is permited or denied. If the *DEVICETYPE* device does not have an *ABBREV*ACE*-ABBREV* that applies then the packet is denied."); // The device specific configuration report section text + filterConfigText2 = i18n("There are two different types of *ABBREV*ACLs*-ABBREV* on modern Cisco security appliances, standard and extended."); // The device specific configuration report section text2 + filterIDTitle = i18n("Line"); // The title for the filter ID/line no. table column + filterListName = i18n("*ABBREV*ACL*-ABBREV*"); // The name of the filter list, for use in text paragraphs + filterListNamePlaural = i18n("*ABBREV*ACLs*-ABBREV*"); // The name of the filter list, for use in text paragraphs + filterName = i18n("*ABBREV*ACE*-ABBREV*"); // The name of a filter, for use use in text paragraph + filterNamePlaural = i18n("*ABBREV*ACEs*-ABBREV*"); // The name of a filter, for use use in text paragraph + + // Issue titles... + allowAndNotLogIssue = i18n("All Permit *ABBREV*ACE*-ABBREV* Do Not Log"); // The title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogTable = i18n("permit *ABBREV*ACE*-ABBREV* that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogConcl = i18n("all permit *ABBREV*ACE*-ABBREV* do not log"); // The conclusions text for the "All Allow Rules Do Not Log" issue + allowAndNotLogReco = i18n("Configure logging for all *ABBREV*ACE*-ABBREV*");// The recommendations text for the "All Allow Rules Do Not Log" issue + denyAndNotLogIssue = i18n("All Deny *ABBREV*ACE*-ABBREV* Do Not Log"); // The title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogTable = i18n("deny *ABBREV*ACE*-ABBREV* that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogConcl = i18n("all deny *ABBREV*ACE*-ABBREV* do not log"); // The conclusions text for the "All Allow Rules Do Not Log" issue + configRuleLogging = i18n("Logging can be enabled on extended *COMMAND*access-list*-COMMAND* with the following command:*CODE**COMMAND*access-list *CMDUSER*list-id*-CMDUSER* *CMDREQUIRE*deny *CMDOR* permit*-CMDREQUIRE* *CMDUSER*protocol*-CMDUSER* *CMDUSER*source*-CMDUSER* *CMDUSER*destination*-CMDUSER* log*-COMMAND**-CODE*"); // The text describing how to configure logging for filter rules + noFilteringIssue = i18n("No *ABBREV*ACL*-ABBREV* Were Configured"); // The title text for the "No filtering" issue + noFilteringRec = i18n("Configure *ABBREV*ACL*-ABBREV* to restrict access"); // The title text for the "No filtering" recommendation + noFilteringCon = i18n("no *ABBREV*ACL*-ABBREV* were configured"); // The title text for the "No filtering" conclusion + legacyIssueFinding = i18n("*DEVICETYPE* device network filtering used to be configured using *COMMAND*conduit*-COMMAND* commands to configure incoming connections and *COMMAND*outbound*-COMMAND* commands to configure users access. Those commands have since been replaced with *ABBREV*ACLs*-ABBREV* which offer additional facilities and greater flexibility, although some *DEVICEOS* versions still support the commands for backwards compatability. *COMPANY* determined that legacy network filtering was configured on *DEVICENAME*."); // The finding for the legacy issue + legacyIssueImpact = i18n("Although the legacy configuration does not pose a direct security issue, they don't offer the more advanced configuration options."); // The impact for the legacy issue + legacyIssueEase = i18n("The legacy configuration applies to incoming and outbound network traffic."); // The ease for the legacy issue + legacyIssueRec = i18n("*COMPANY* recommends that the legacy network filtering is moved to *ABBREV*ACLs*-ABBREV* as soon as possible. Cisco provides documentation and procedures for the transfer of the network filtering to *ABBREV*ACLs*-ABBREV*."); // The recommendation for the legacy issue +} + + +int CiscoSecFilter::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + filterObjectConfig *filterObjectPointer = 0; + filterConfig *filterPointer = 0; + filterListConfig *filterListPointer = 0; + netObjectListConfig *objectListPointer = 0; + fpos_t filePosition; + string tempString; + int tempInt = 0; + int tempInt2 = 0; + bool create = false; + + // Extended ACL... + if (strcmp(command->part(0), "access-list") == 0) + { + if ((strcmp(command->part(2), "extended") == 0) || (strcmp(command->part(2), "permit") == 0) || (strcmp(command->part(2), "deny") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sExtended ACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList(command->part(1)); + filterListPointer->type = extendedACLText; + filterListPointer->typeDescription = extendedACLDescription; + filterListPointer->sourceOnly = false; + filterListPointer->loggingSupport = true; + filterListPointer->supportsTime = true; + filterListPointer->disabledFilterSupport = true; + filterListPointer->sourceServiceSupported = true; + filterPointer = addFilter(filterListPointer); + + if (strcmp(command->part(2), "extended") == 0) + tempInt = 3; + else + tempInt = 2; + + // Permit/Deny + if (strcmp(command->part(tempInt), "permit") == 0) + filterPointer->action = allowAction; + else + { + filterPointer->action = denyAction; + filterPointer->log = true; + } + filterPointer->logLevel = 6; + tempInt++; + + // Protocol + filterObjectPointer = addFilterObject(filterPointer, protocol); + if (strcmp(command->part(tempInt), "object-group") == 0) + { + tempInt++; + filterObjectPointer->type = groupObject; + tempInt2 = atoi(command->part(tempInt)); + if ((tempInt2 > 0) || (strcmp(command->part(tempInt), "0") == 0)) + { + filterObjectPointer->name.assign(device->getProtocol(tempInt2)); + if (filterObjectPointer->name.empty()) + filterObjectPointer->name.assign(command->part(tempInt)); + } + else + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + else + { + filterObjectPointer->type = protocolObject; + tempInt2 = atoi(command->part(tempInt)); + if ((tempInt2 > 0) || (strcmp(command->part(tempInt), "0") == 0)) + { + filterObjectPointer->name.assign(device->getProtocol(tempInt2)); + if (filterObjectPointer->name.empty()) + filterObjectPointer->name.assign(command->part(tempInt)); + } + else + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + tempInt++; + + // Source + filterObjectPointer = addFilterObject(filterPointer, source); + if (strcasecmp(command->part(tempInt), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "host") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = hostObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "interface") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = interfaceObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "object-group") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = groupObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else + { + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->type = networkObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + tempInt++; + + // Source Service + if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "object-group") == 0) + { + create = false; + filterObjectPointer = getObject(command->part(tempInt + 1)); + if (filterObjectPointer != 0) + { + if (filterObjectPointer->type == serviceObject) + create = true; + } + if (create == true) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + } + + // Destination... + filterObjectPointer = addFilterObject(filterPointer, destination); + if (strcasecmp(command->part(tempInt), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "host") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = hostObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "interface") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = interfaceObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "object-group") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = groupObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else + { + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->type = networkObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + tempInt++; + + // Destination service... + if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "object-group") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + + while (tempInt < command->parts) + { + // Inactive + if (strcmp(command->part(tempInt), "inactive") == 0) + filterPointer->enabled = false; + + // Time + else if (strcmp(command->part(tempInt), "time-range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, timeLimit); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = timeObject; + } + + // Log + else if (strcmp(command->part(tempInt), "log") == 0) + { + tempInt++; + if ((strcmp(command->part(tempInt), "interval") != 0) || (strcmp(command->part(tempInt), "disable") != 0) || (strcmp(command->part(tempInt), "default") != 0)) + { + filterPointer->logLevel = atoi(command->part(tempInt)); + tempInt++; + } + if (strcmp(command->part(tempInt), "disable") == 0) + filterPointer->log = false; + } + + tempInt++; + } + } + + // Standard ACL... + else if (strcmp(command->part(2), "standard") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sStandard ACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList(command->part(1)); + filterListPointer->sourceOnly = true; + filterListPointer->type = standardACLText; + filterListPointer->typeDescription = standardACLDescription; + filterPointer = addFilter(filterListPointer); + + // Permit/Deny + if (strcmp(command->part(3), "permit") == 0) + filterPointer->action = allowAction; + else + { + filterPointer->action = denyAction; + filterPointer->log = true; + } + + // Address + filterObjectPointer = addFilterObject(filterPointer, source); + filterObjectPointer->serviceOper = serviceOperEqual; + if (strcasecmp(command->part(4), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(4), "host") == 0) + { + filterObjectPointer->name.assign(command->part(5)); + filterObjectPointer->type = hostObject; + } + else + { + filterObjectPointer->name.assign(command->part(4)); + filterObjectPointer->netmask.assign(command->part(5)); + filterObjectPointer->type = networkObject; + } + } + + // Remark ACL... + else if (strcmp(command->part(2), "remark") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRemark ACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList(command->part(1)); + filterPointer = addFilter(filterListPointer); + filterPointer->remarkFilter = true; + filterPointer->number--; + filterPointer->comment.assign(strstr(line, command->part(3))); + } + + // All others... + else + device->lineNotProcessed(line); + } + + // Conduit... + else if (strcmp(command->part(0), "conduit") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConduit Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList("incoming"); + filterListPointer->type = conduitText; + filterListPointer->typeDescription = conduitDescription; + filterListPointer->legacyType = true; + filterListPointer->sourceOnly = false; + filterListPointer->sourceServiceSupported = true; + filterListPointer->loggingSupport = false; + filterListPointer->supportsTime = false; + filterPointer = addFilter(filterListPointer); + tempInt = 1; + + // Permit/Deny + if (strcmp(command->part(tempInt), "permit") == 0) + filterPointer->action = allowAction; + else + filterPointer->action = denyAction; + tempInt++; + + // Protocol + filterObjectPointer = addFilterObject(filterPointer, protocol); + if (strcmp(command->part(tempInt), "object-group") == 0) + { + tempInt++; + filterObjectPointer->type = groupObject; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + else + { + filterObjectPointer->type = protocolObject; + tempInt2 = atoi(command->part(tempInt)); + if ((tempInt2 != 0) ||( strcmp(command->part(tempInt), "0") == 0)) + filterObjectPointer->name.assign(device->getProtocol(tempInt2)); + else + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + tempInt++; + + // Destination + filterObjectPointer = addFilterObject(filterPointer, destination); + if (strcasecmp(command->part(tempInt), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "host") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = hostObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "object-group") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = groupObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else + { + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->type = networkObject; + filterObjectPointer->serviceOper = serviceOperEqual; + if (((filterObjectPointer->name.compare("0.0.0.0") == 0) || (filterObjectPointer->name.compare("0") == 0)) && ((filterObjectPointer->netmask.compare("0.0.0.0") == 0) || (filterObjectPointer->netmask.compare("0") == 0))) + { + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (filterObjectPointer->name.compare("255.255.255.255") == 0) + filterObjectPointer->type = hostObject; + } + tempInt++; + + // Destination Service + if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "object-group") == 0) + { + create = false; + filterObjectPointer = getObject(command->part(tempInt + 1)); + if (filterObjectPointer != 0) + { + if (filterObjectPointer->type == serviceObject) + create = true; + } + if (create == true) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + } + + // Source... + filterObjectPointer = addFilterObject(filterPointer, source); + if (strcasecmp(command->part(tempInt), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "host") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = hostObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "interface") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = interfaceObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "object-group") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = groupObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else + { + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->type = networkObject; + filterObjectPointer->serviceOper = serviceOperEqual; + if (((filterObjectPointer->name.compare("0.0.0.0") == 0) || (filterObjectPointer->name.compare("0") == 0)) && ((filterObjectPointer->netmask.compare("0.0.0.0") == 0) || (filterObjectPointer->netmask.compare("0") == 0))) + { + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (filterObjectPointer->name.compare("255.255.255.255") == 0) + filterObjectPointer->type = hostObject; + } + tempInt++; + + // Source service... + if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "object-group") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + } + + // Outbound... + else if (strcmp(command->part(0), "outbound") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sOutbound Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList(command->part(1)); + filterListPointer->type = outboundText; + filterListPointer->typeDescription = outboundDescription; + filterListPointer->legacyType = true; + filterListPointer->sourceOnly = true; + filterListPointer->loggingSupport = false; + filterListPointer->supportsTime = false; + filterListPointer->sourceServiceSupported = true; + filterPointer = addFilter(filterListPointer); + tempInt = 2; + + // Permit/Deny/Except + if (strcmp(command->part(tempInt), "permit") == 0) + filterPointer->action = allowAction; + else if (strcmp(command->part(tempInt), "deny") == 0) + filterPointer->action = denyAction; + else + filterPointer->action = exceptAction; + tempInt++; + + // Source + filterObjectPointer = addFilterObject(filterPointer, source); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + if (((filterObjectPointer->name.compare("0.0.0.0") == 0) || (filterObjectPointer->name.compare("0") == 0)) && ((filterObjectPointer->netmask.compare("0.0.0.0") == 0) || (filterObjectPointer->netmask.compare("0") == 0))) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (filterObjectPointer->netmask.compare("255.255.255.255") == 0) + filterObjectPointer->type = hostObject; + else + filterObjectPointer->type = networkObject; + tempInt++; + + // Source Service + if (tempInt < command->parts) + { + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->type = serviceObject; + if (strcmp(command->part(tempInt), "0") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->serviceOper = serviceOperAny; + } + else if (strchr(command->part(tempInt), '-') == 0) + { + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + else + { + tempString.assign(command->part(tempInt)); + tempString.erase(tempString.find("-")); + filterObjectPointer->name.assign(command->part(tempInt)); + tempString.assign(command->part(tempInt)); + tempString.erase(0, tempString.find("-")); + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + } + tempInt++; + } + + // Protocol... + if (tempInt < command->parts) + { + filterObjectPointer = addFilterObject(filterPointer, protocol); + filterObjectPointer->type = protocolObject; + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->name.assign(command->part(tempInt)); + } + } + + // Object Group... + else if (strcmp(command->part(0), "object-group") == 0) + { + fgetpos(device->inputFile, &filePosition); + + while (((line[0] == ' ') || (strcmp(command->part(0), "object-group") == 0)) && (feof(device->inputFile) == 0)) + { + + // Object Group... + if (strcmp(command->part(0), "object-group") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer = getObjectList(command->part(2)); + + if (strcmp(command->part(1), "protocol") == 0) + { + objectListPointer->type = protocolObject; + objectListPointer->title = protocolObjectName; + objectListPointer->description = protocolObjectDescription; + } + else if (strcmp(command->part(1), "network") == 0) + { + objectListPointer->type = networkObject; + objectListPointer->title = networkObjectName; + objectListPointer->description = networkObjectDescription; + } + else if (strcmp(command->part(1), "service") == 0) + { + objectListPointer->type = serviceObject; + objectListPointer->title = serviceObjectName; + objectListPointer->description = serviceObjectDescription; + if (command->parts == 4) + { + if (strcmp(command->part(3), "tcp") == 0) + objectListPointer->tcp = true; + else if (strcmp(command->part(3), "udp") == 0) + objectListPointer->udp = true; + else + { + objectListPointer->tcp = true; + objectListPointer->udp = true; + } + } + } + else // ICMP + { + objectListPointer->type = icmpObject; + objectListPointer->title = serviceObjectName; + objectListPointer->description = serviceObjectDescription; + } + } + + // Description + else if (strcmp(command->part(0), "description") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Description Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + objectListPointer->comment.assign(strstr(line, command->part(1))); + } + + // Group-Object + else if (strcmp(command->part(0), "group-object") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + filterObjectPointer = addObject(objectListPointer); + filterObjectPointer->type = groupObject; + filterObjectPointer->name.assign(command->part(1)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + + // ICMP-Object + else if (strcmp(command->part(0), "icmp-object") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group ICMP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + filterObjectPointer = addObject(objectListPointer); + filterObjectPointer->type = icmpObject; + tempInt2 = atoi(command->part(1)); + if ((tempInt2 > 0) || (strcmp(command->part(1), "0") == 0)) + { + filterObjectPointer->name.assign(device->getICMPName(tempInt2)); + if (filterObjectPointer->name.empty()) + filterObjectPointer->name.assign(command->part(1)); + } + else + filterObjectPointer->name.assign(command->part(1)); + device->addICMPType(filterObjectPointer->name.c_str()); + filterObjectPointer->serviceOper = serviceOperEqual; + } + + // Network-Object + else if (strcmp(command->part(0), "network-object") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Network Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + filterObjectPointer = addObject(objectListPointer); + filterObjectPointer->type = networkObject; + if (strcmp(command->part(1), "host") == 0) + { + filterObjectPointer->type = hostObject; + filterObjectPointer->name.assign(command->part(2)); + } + else + { + filterObjectPointer->name.assign(command->part(1)); + filterObjectPointer->netmask.assign(command->part(2)); + if (strcmp(command->part(2), "255.255.255.255") == 0) + filterObjectPointer->type = hostObject; + } + filterObjectPointer->serviceOper = serviceOperEqual; + } + + // Protocol-Object + else if (strcmp(command->part(0), "protocol-object") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Protocol Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + filterObjectPointer = addObject(objectListPointer); + filterObjectPointer->type = protocolObject; + tempInt2 = atoi(command->part(1)); + if ((tempInt2 > 0) || (strcmp(command->part(1), "0") == 0)) + { + filterObjectPointer->name.assign(device->getProtocol(tempInt2)); + if (filterObjectPointer->name.empty()) + filterObjectPointer->name.assign(command->part(1)); + } + else + filterObjectPointer->name.assign(command->part(1)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + + // Port-Object + else if (strcmp(command->part(0), "port-object") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + filterObjectPointer = addObject(objectListPointer); + filterObjectPointer->type = portObject; + if (strcmp(command->part(1), "eq") == 0) + { + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->name.assign(command->part(2)); + } + else + { + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->name.assign(command->part(2)); + filterObjectPointer->netmask.assign(command->part(3)); + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/filter.h.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/filter.h.svn-base new file mode 100644 index 0000000..20ef2dc --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/filter.h.svn-base @@ -0,0 +1,61 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoSecFilter_H +#define CiscoSecFilter_H + + +#include "../device/filter/filter.h" + + +class CiscoSecFilter : public Filter +{ + public: + CiscoSecFilter(); + + protected: + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + + private: + // Filter text... + const char *standardACLText; + const char *standardACLDescription; + const char *extendedACLText; + const char *extendedACLDescription; + const char *conduitText; + const char *conduitDescription; + const char *outboundText; + const char *outboundDescription; +}; + + +#endif + diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/general.cpp.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/general.cpp.svn-base new file mode 100644 index 0000000..6b39afe --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/general.cpp.svn-base @@ -0,0 +1,115 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +CiscoSecGeneral::CiscoSecGeneral() +{ +} + + +int CiscoSecGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Hostname + if (strcmp(command->part(tempInt), "hostname") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHostname Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostname = command->part(tempInt + 1); + } + + return 0; +} + + +int CiscoSecGeneral::processDefaults(Device *device) +{ + // Split Version Numbers... + if ((!version.empty()) && (versionMajor == 0)) + { + versionMajor = atoi(version.c_str()); + versionMinor = atoi(strchr(version.c_str(), '.') + 1); + versionRevision = atoi(strchr(version.c_str(), '(') + 1); + noMinor = false; + noRevision = false; + } + + return 0; +} + + +int CiscoSecGeneral::processSpecificDefaults() +{ + return 0; +} + + +int CiscoSecGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; + + return errorCode; +} + + +int CiscoSecGeneral::generateSecuritySpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; + + return errorCode; +} diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/general.h.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/general.h.svn-base new file mode 100644 index 0000000..f3ddede --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/general.h.svn-base @@ -0,0 +1,57 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ciscosecdevicegeneral_H +#define ciscosecdevicegeneral_H + +#include "../device/general/general.h" + + +class CiscoSecGeneral : public General +{ + public: + CiscoSecGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int processSpecificDefaults(); + + // Reporting... + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + private: + //unsigned int servicePasswordEncryption; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/interfaces.cpp.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/interfaces.cpp.svn-base new file mode 100644 index 0000000..fbf7b88 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/interfaces.cpp.svn-base @@ -0,0 +1,279 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "interfaces.h" +#include "general.h" + + +CiscoSecInterfaces::CiscoSecInterfaces() +{ + // Interface Options... + useModuleAndPort = false; // Use the module / port instead of the name + useInterfaceZone = true; // Use the interface zone + zoneName = i18n("Name"); // The name for zone field + filterIn = i18n("*ABBREV*ACL*-ABBREV*"); // The filter in table title text + filterOut = i18n("*ABBREV*ACL*-ABBREV* Out"); // The filter out table title text + showDescription = false; // Show the interface description + cdpGlobalRequired = false; // If CDP needs to be enabled globally as well + disableCDPText = i18n(""); // The text and commands to disable CDP + cdpSupported = false; // Is CDP supported on interfaces + disableProxyARPText = i18n(""); // The text and commands to disable Proxy ARP + disableUnreachablesText = i18n(""); // The text and commands to disable ICMP unreachable messages + disableInformationText = i18n(""); // The text and commands to disable ICMP information messages + disableMaskText = i18n(""); // The text and commands to disable ICMP mask messages + disableRedirectText = i18n(""); // The text and commands to disable ICMP redirect messages + disableDirectedText = i18n(""); // The text and commands to disable directed broadcasts + disableMOPText = i18n(""); // The text and commands to disable MOP + disableActiveText = i18n("Interfaces can be disabled *DEVICETYPE* device using the following command:*CODE**COMMAND*interface *CMDUSER*interface-name*-CMDUSER* shutdown*-COMMAND**-CODE*"); // The text and commands to disable potentially unused interfaces + filterName = i18n("*ABBREV*ACL*-ABBREV*"); // The filter list name for use in the filter issue text + configFilterText = i18n("An *ABBREV*ACL*-ABBREV* can be configured on an interface with the following command:*CODE**COMMAND*access-group *CMDUSER*acl*-CMDUSER* in interface *CMDUSER*interface-name*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure network filtering + defaultAutoTrunk = false; // Default to automatically trunk + disableTrunkText = i18n(""); // The text and commands to disable trunking on a port + enablePortSecurityText = i18n(""); // The text and commands to enable port security +} + + +int CiscoSecInterfaces::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + interfaceListConfig *interfaceListPointer = 0; + interfaceConfig *interfacePointer = 0; + fpos_t filePosition; + int tempInt = 0; + + // Sort out the interface list first... + interfaceListPointer = getInterfaceList("PHYSINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Physical Network Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices physical network interfaces."); + interfaceListPointer->tableTitle = i18n("Physical network interfaces"); + interfaceListPointer->label = "PHYSINTERFACES"; + interfaceListPointer->useSecurityLevel = true; + interfaceListPointer->useStandbyAddress = true; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = false; // Is the outbound filtering supported? + } + + // nameif... + if (strcmp(command->part(0), "nameif") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(interfaceListPointer, command->part(1)); + interfacePointer->zone.assign(command->part(2)); + interfacePointer->securityLevel = atoi(command->part(3) + 8); + } + + // IP address... + else if ((strcmp(command->part(0), "ip") == 0) && (strcmp(command->part(1), "address") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterfaceByZone(interfaceListPointer, command->part(2)); + if (interfacePointer != 0) + { + interfacePointer->address.assign(command->part(3)); + if (command->parts > 4) + interfacePointer->netmask.assign(command->part(4)); + } + } + + // failover... + else if ((strcmp(command->part(0), "failover") == 0) && (strcmp(command->part(1), "ip") == 0) && (strcmp(command->part(2), "address") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFailover IP Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterfaceByZone(interfaceListPointer, command->part(3)); + if (interfacePointer != 0) + interfacePointer->standbyAddress.assign(command->part(4)); + } + + // Interface... + else if (strcmp(command->part(0), "interface") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getOnlyInterface(interfaceListPointer, command->part(1)); + if (interfacePointer != 0) + { + if (strcmp(command->part(command->parts - 1), "shutdown") == 0) + interfacePointer->enabled = false; + } + + else + { + interfacePointer = getInterface(interfaceListPointer, command->part(1)); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + + // Name... + if (strcmp(command->part(0), "nameif") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->zone.assign(command->part(1)); + } + + // security-level... + else if (strcmp(command->part(0), "security-level") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Security Level Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->securityLevel = atoi(command->part(1)); + } + + // description... + else if (strcmp(command->part(0), "description") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Descriptionl Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + interfacePointer->description.assign(strstr(line, command->part(1))); + } + + // shutdown... + else if (strcmp(command->part(0), "shutdown") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Shutdown Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->enabled = false; + } + + // ip address... + else if ((strcmp(command->part(0), "ip") == 0) && (strcmp(command->part(1), "address") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface IP Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->address.assign(command->part(2)); + if ((command->parts > 3) && (strcmp(command->part(3), "standby") != 0)) + { + interfacePointer->netmask.assign(command->part(3)); + tempInt = 4; + } + else + tempInt = 3; + if (strcmp(command->part(tempInt), "standby") == 0) + interfacePointer->standbyAddress.assign(command->part(tempInt + 1)); + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + } + + // Access Group... + else if (strcmp(command->part(0), "access-group") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAccess Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Old style... + interfacePointer = getInterfaceByZone(interfaceListPointer, command->part(4)); + if (interfacePointer != 0) + { + if (strcmp(command->part(2), "in") == 0) + addFilterList(interfacePointer, command->part(1), true); + else + { + addFilterList(interfacePointer, command->part(1), false); + interfaceListPointer->outboudFilterSupported = true; + } + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoSecInterfaces::processDefaults(Device *device) +{ + // Variables... + interfaceListConfig *interfaceListPointer = 0; + + if (device->general != 0) + { + if (device->general->versionMajor > 6) + { + filterIn = i18n("*ABBREV*ACL*-ABBREV* In"); // The filter in table title text + interfaceListPointer = interfaceList; + while (interfaceListPointer != 0) + { + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + interfaceListPointer = interfaceListPointer->next; + } + } + } + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/interfaces.h.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/interfaces.h.svn-base new file mode 100644 index 0000000..1ba78f1 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/interfaces.h.svn-base @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoSecInterfaces_H +#define CiscoSecInterfaces_H + + +#include "../device/interfaces/interfaces.h" + + +class CiscoSecInterfaces : public Interfaces +{ + public: + + CiscoSecInterfaces(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); +}; + +#endif diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/snmp.cpp.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/snmp.cpp.svn-base new file mode 100644 index 0000000..6b4e872 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/snmp.cpp.svn-base @@ -0,0 +1,299 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include +#include +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "snmp.h" + +using namespace std; + + +CiscoSecSNMP::CiscoSecSNMP() +{ + // Init SNMP support options... + deviceSNMPSupportText = i18n("*DEVICETYPE* do not support version 3 of the *ABBREV*SNMP*-ABBREV*. "); // Intro Config section device specific text. + supportSNMP3 = false; // Does this device support SNMPv3? + supportSNMP3Upgrade = false; // Do you have to upgrade to get support for SNMPv3 + supportSNMP3UpgText = i18n(""); // SNMP 3 is supported from OS version ... + // The following is set in the defaults section, due to slight differences between software versions + //disableSNMPCmdText = i18n(""); // The text and command(s) to disable SNMP support + configSNMPCommunityText = i18n("*ABBREV*SNMP*-ABBREV* community strings can be configured with the following command:*CODE**COMMAND*snmp-server community *CMDUSER*community-string*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure a community string + // Not supported - configSNMP3Text = i18n(""); // The text and command(s) to configure SNMP version 3 + // Not supported - configSNMPViewText = i18n(""); // The text and command(s) to configure SNMP views + configSNMPTrapsText = i18n("*ABBREV*SNMP*-ABBREV* trap hosts can be configured with the following command:*CODE**COMMAND*snmp-server host *CMDUSER*interface*-CMDUSER* *CMDUSER*ip-address*-CMDUSER* trap community *CMDUSER*community-string*-CMDUSER* *CMDOPTION*version *CMDREQUIRE*1 *CMDOR* 2c*-CMDREQUIRE**-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP traps + // Not supported - configSNMPInformsText = i18n(""); // The text and command(s) to configure SNMP informs + // N/A - configSNMPReadOnlyText = i18n(""); // The text and command(s) to configure SNMP read only access + configSNMPFilterText = i18n("Access to *ABBREV*SNMP*-ABBREV* from a *ABBREV*NMS*-ABBREV* or *ABBREV*SNMP*-ABBREV* management host can be configured using the following command:*CODE**COMMAND*snmp-server host *CMDUSER*ip-address*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP filtering + + enabled = false; // Is the SNMP server enabled? + snmp12Enabled = false; // Is SNMP versions 1 or 2 configured? + snmp3Enabled = false; // Is SNMP version 3 configured? + + + // Community Options... + communitySpecificFilters = true; // If the device uses an SNMP specific list. If false, it is std device filters + communityRequiresHosts = true; // If the SNMP community will not work without a list of those who can access it + + // Default communities... + defaultReadOnly = "public"; // Default read only community + + // SNMP Trap/Inform Host Options... + trapsOnly = true; // Only Traps are supported + trapsSNMPv3 = false; // SNMP v3 support for traps + trapsShowPort = true; // Show Trap Host Port in Table + trapsInterface = true; // Show Interface in Table + trapsInterfaceText = i18n("Interface"); // The Traps/Informs Host Table Interface Column Title + trapsShowNotifications = false; // Show Notifications in the Table + trapsShowEventLevel = false; // Show Notification Event Level in the Table + + // Traps/Informs Options... + trapsShowExcluded = false; // Show excluded traps + trapsShowOptions = true; // Show trap options + + // Host Options... + hostShowInterface = false; // Show the Interface in the Table + hostShowCommunity = false; // Show the Community in the Table + hostShowFilterID = false; // Show a filter ID if used + hostFilterText = i18n("Filter"); // The Table column title for the filter text +} + + +int CiscoSecSNMP::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + snmpCommunity *communityPointer = 0; + snmpTrapHost *trapHostPointer = 0; + snmpHostStruct *snmpHostPointer = 0; + snmpTrap *snmpTrapPointer = 0; + int tempInt = 0; + int tempInt2 = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 2; + setting = false; + } + else + { + tempInt = 1; + setting = true; + } + + // Disable SNMP... + if (strcmp(command->part(tempInt), "enable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + enabled = setting; + } + + // Location... + else if (strcmp(command->part(tempInt), "location") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Location Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + location.assign(line + 9 + string(line).find("location")); + } + + // Contact... + else if (strcmp(command->part(tempInt), "contact") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Contact Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + contact.assign(line + 8 + string(line).find("contact")); + } + + // Listen Port... + else if (strcmp(command->part(tempInt), "listen-port") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Listen Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + listenPort = atoi(command->part(tempInt + 1)); + else + listenPort = 161; + } + + // snmp community? + else if (strcmp(command->part(tempInt), "community") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + communityPointer = addSNMPCommunity(); + communityPointer->community.assign(command->part(tempInt)); + communityPointer->type = communityReadOnly; + communityPointer->enabled = setting; + } + + // SNMP Trap Host... + else if ((strcmp(command->part(tempInt), "host") == 0) && (strcmp(command->part(tempInt + 3), "trap") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapHostPointer = addSNMPTrapHost(); + trapHostPointer->version = 1; + trapHostPointer->port = 162; + trapHostPointer->trap = false; + trapHostPointer->interface.assign(command->part(tempInt)); + tempInt++; + trapHostPointer->host.assign(command->part(tempInt)); + tempInt += 2; + + while (tempInt < command->parts) + { + // Community? + if (strcmp(command->part(tempInt), "community") == 0) + { + tempInt++; + trapHostPointer->community.assign(command->part(tempInt)); + } + + // Version? + else if (strcmp(command->part(tempInt), "version") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "2c") == 0) + trapHostPointer->version = 2; + else + trapHostPointer->version = 1; + } + + // UDP Port? + else if (strcmp(command->part(tempInt), "udp-port") == 0) + { + tempInt++; + trapHostPointer->port = atoi(command->part(tempInt)); + } + + tempInt++; + } + } + + // SNMP NMS Host... + else if (strcmp(command->part(tempInt), "host") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP NMS Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + snmpHostPointer = addHost(); + snmpHostPointer->interface.assign(command->part(tempInt)); + tempInt++; + snmpHostPointer->host.assign(command->part(tempInt)); + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "community") == 0) + { + tempInt++; + snmpHostPointer->community.assign(command->part(tempInt)); + } + tempInt++; + } + } + + // SNMP Trap... + else if ((strcmp(command->part(tempInt), "enable") == 0) && (strcmp(command->part(tempInt + 1), "traps") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + { + tempInt += 2; + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign(command->part(tempInt)); + tempInt2 = tempInt; + tempInt++; + if (tempInt < command->parts) + { + snmpTrapPointer->options.assign(command->part(tempInt)); + tempInt++; + } + + while (tempInt < command->parts) + { + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign(command->part(tempInt2)); + snmpTrapPointer->options.assign(command->part(tempInt)); + tempInt++; + } + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoSecSNMP::processDefaults(Device *device) +{ + // Variables... + snmpCommunity *communityPointer = 0; + + // Enable SNMP support? + communityPointer = community; + while (communityPointer != 0) + { + if ((communityPointer->enabled == true) && (hostCommunityExists(communityPointer->community.c_str()) == true)) + { + enabled = true; + snmp12Enabled = true; + } + communityPointer = communityPointer->next; + } + + // Set disable SNMP text... + if (device->general->versionMajor > 6) + disableSNMPCmdText = i18n("*ABBREV*SNMP*-ABBREV* can be disabled with the following command:*CODE**COMMAND*no snmp-server enable*-COMMAND**-CODE*"); // The text and command(s) to disable SNMP support + else + disableSNMPCmdText = i18n("*ABBREV*SNMP*-ABBREV* can be disabled with the following command:*CODE**COMMAND*no snmp-server*-COMMAND**-CODE*"); // The text and command(s) to disable SNMP support + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Security/.svn/text-base/snmp.h.svn-base b/libnipper-0.12.6/Cisco-Security/.svn/text-base/snmp.h.svn-base new file mode 100644 index 0000000..5011061 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/.svn/text-base/snmp.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ciscosecdevicesnmp_H +#define ciscosecdevicesnmp_H + +#include "../device/snmp/snmp.h" + + +class CiscoSecSNMP : public SNMP +{ + public: + CiscoSecSNMP(); + + protected: + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security/administration.cpp b/libnipper-0.12.6/Cisco-Security/administration.cpp new file mode 100644 index 0000000..777a95e --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/administration.cpp @@ -0,0 +1,593 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "administration.h" + + +CiscoSecAdministration::CiscoSecAdministration() +{ + sslCiphers = 0; + sslProtocolVersion.assign("any"); + + + // ----------------------------------------------------------------------- + // Device Specific Settings... + // ----------------------------------------------------------------------- + + // General... + generalSettings = true; // Show the general settings section? + consoleEnabled = true; // Is the Console port enabled? + consoleSupported = true; // Is a console port supported? + consoleTimeoutSupported = true; // Is a console timeout supported? + consoleTimeout = 0; // Console timeout + configConsoleTimeout = i18n("The console timeout can be configured with the following command:*CODE**COMMAND*console timeout *CMDUSER*timeout-minutes*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure the timeout + + // Host restrictions... + serviceWideHosts = false; // Do all the admin services share a common host restrictions? + serviceConfigHosts = i18n(""); // Text, how to configure administrative host restrictions. + + // Telnet options... + telnetSupported = true; // Is telnet supported? + telnetEnabled = false; // Is Telnet enabled? + telnetPort = 23; // The telnet service port + telnetSpecificHost = true; // Does Telnet have its own access list? + telnetHostsRequired = true; // Is the host configuration required? + showTelnetHostInterface = true; // Show the Interface column in the host table? + configTelnetHostAccess = i18n("Telnet management hosts can be configured with the following command:*CODE**COMMAND*telnet *CMDREQUIRE**CMDUSER*hostname*-CMDUSER* *CMROR* *CMDUSER*ip-address*-CMDUSER* *CMDUSER*interface*-CMDUSER**-CMDREQUIRE**-COMMAND**-CODE*"); // How access lists are configured for the telnet service + disableTelnet = i18n("Telnet access to *DEVICENAME* can be disabled by removing access from all the configured management hosts. This can be done with the following command:*CODE**COMMAND*no telnet *CMDREQUIRE**CMDUSER*hostname*-CMDUSER* *CMROR* *CMDUSER*ip-address*-CMDUSER* *CMDUSER*interface*-CMDUSER**-CMDREQUIRE**-COMMAND**-CODE*"); // How to disable telnet text... + telnetSpecificTimeout = true; // A Telnet Specific Timeout? + telnetTimeout = 300; // The Telnet Timeout (secs) + configTelnetTimeout = i18n("Telnet connection timeouts can be configured with the following command:*CODE**COMMAND*telnet timeout *CMDUSER*timeout-minutes*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure the timeout + + // SSH options... + sshPort = 22; // The SSH port number + configSSHSupport = i18n("*ABBREV*SSH*-ABBREV* is enabled on *DEVICETYPE* devices by adding management hosts. This can be done with the following command:*CODE**COMMAND*ssh *CMDUSER*ip-address*-CMDUSER* *CMDUSER*netmask*-CMDUSER* *CMDUSER*interface*-CMDUSER**-COMMAND**-CODE*"); // How to configure SSH... + sshSpecificHost = true; // Does SSH have its own access list? + sshHostsRequired = true; // Is the host configuration required? + showSSHHostInterface = true; // Show the Interface column in the host table? + configSSHHostAccess = i18n("*ABBREV*SSH*-ABBREV* management hosts can be configured with the following command:*CODE**COMMAND*ssh *CMDUSER*ip-address*-CMDUSER* *CMDUSER*netmask*-CMDUSER* *CMDUSER*interface*-CMDUSER**-COMMAND**-CODE*"); // How to configure SSH... + scpSupported = false; // Is SCP supported? + sshSpecificTimeout = true; // A SSH Specific Timeout? + sshTimeout = 300; // The SSH Timeout (secs) + configSSHTimeout = i18n("The *ABBREV*SSH*-ABBREV* connection timeout can be configured with the following command:*CODE**COMMAND*ssh timeout *CMDUSER*timeout-minutes*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure the timeout + + // SSH 2 support... + configSSHv2Support = i18n("*DEVICETYPE* devices can be configured to support only *ABBREV*SSH*-ABBREV* protocol version 2 with the following command:*CODE**COMMAND*ssh version 2*-COMMAND**-CODE*"); // How to configure protocol version 2 support only + + // HTTP(S) options... + httpPort = 80; // HTTP port + httpsPort = 443; // HTTPS port + httpSpecificTimeout = false; // A HTTP Specific Timeout? + httpTimeout = 0; // The HTTP Timeout (secs) + configHTTPTimeout = i18n(""); // The text and commands to configure the timeout + httpLabel = i18n("*ABBREV*HTTP*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*HTTPS*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + httpSpecificHost = true; // Does HTTP have its own access list? + httpHostsRequired = true; // Is the host configuration required? + showHTTPHostInterface = true; // Show the Interface column in the host table? + configHTTPHostAccess = i18n("Web-based management hosts can be added with the following command:*CODE**COMMAND*http *CMDUSER*ip-address*-CMDUSER* *CMDUSER*netmask*-CMDUSER* *CMDUSER*interface*-CMDUSER**-COMMAND**-CODE*"); // How to configure HTTP Management hosts... + disableHTTP = i18n("*ABBREV*HTTP*-ABBREV* access to *DEVICENAME* can be disabled by removing the configured management hosts. This can be done with the following command:*CODE**COMMAND*no http *CMDUSER*ip-address*-CMDUSER* *CMDUSER*netmask*-CMDUSER* *CMDUSER*interface*-CMDUSER**-COMMAND**-CODE*"); // How to disable HTTP text... + configHTTPSSupport = i18n("*ABBREV*HTTPS*-ABBREV* access to *DEVICENAME* can be configured by adding management hosts. This can be done with the following command:*CODE**COMMAND*http *CMDUSER*ip-address*-CMDUSER* *CMDUSER*netmask*-CMDUSER* *CMDUSER*interface*-CMDUSER**-COMMAND**-CODE*"); // How to configure HTTPS... + cipherConfigSupported = true; // Can the Ciphers be configured? + configCipherText = i18n("The *ABBREV*SSL*-ABBREV* encryption protocol can be restricted to the more secure *ABBREV*SSL*-ABBREV* version 2 and *ABBREV*TLS*-ABBREV* version 1. Furthermore, the ciphers can be configured to the more secure ciphers with key lengths of at least 128 bits. This can be done with the following commands:*CODE**COMMAND*ssl server-version *CMDREQUIRE*sslv3-only *CMDOR* tlsv1-only*-CMDREQUIRE**-COMMAND**COMMAND*ssl encryption *CMDREQUIRE*3des-sha1 *CMDOR* aes128-sha1 *CMDOR* aes256-sha1*-CMDREQUIRE**-COMMAND**-CODE*"); // The text to configure a strong cipher. +} + + +CiscoSecAdministration::~CiscoSecAdministration() +{ + if (sslCiphers != 0) + delete sslCiphers; +} + + +void CiscoSecAdministration::addCipherProtocol(cipherConfig *cipherPointer) +{ + // Protocols... + if (sslProtocolVersion.compare("sslv3") == 0) + { + cipherPointer->ssl2 = true; + cipherPointer->ssl3 = true; + } + else if (sslProtocolVersion.compare("tlsv1") == 0) + { + cipherPointer->ssl2 = true; + cipherPointer->tls1 = true; + } + else if (sslProtocolVersion.compare("sslv3-only") == 0) + cipherPointer->ssl3 = true; + else if (sslProtocolVersion.compare("tlsv1-only") == 0) + cipherPointer->tls1 = true; + else + { + cipherPointer->ssl2 = true; + cipherPointer->ssl3 = true; + cipherPointer->tls1 = true; + } +} + + +int CiscoSecAdministration::processDefaults(Device *device) +{ + // Variables... + cipherConfig *cipherPointer = 0; + int errorCode = 0; + int totalCiphers = sslCiphers->parts - 2; + + errorCode = processDeviceSpecificDefaults(device); + + // Telnet... + if (telnetHosts != 0) + telnetEnabled = true; + + // SSH... + if (sshHosts != 0) + sshEnabled = true; + + // HTTP... + if (httpHosts != 0) + { + if (httpsSupported == true) + { + httpsEnabled = true; + if (httpsRedirect == true) + httpEnabled = true; + } + else + httpEnabled = true; + } + + // Ciphers... + if (sslCiphers != 0) + { + defaultCiphers = false; + + for (totalCiphers = sslCiphers->parts - 2; totalCiphers < sslCiphers->parts; totalCiphers++) + { + + // 3DES-SHA1... + if (strcmp(sslCiphers->part(totalCiphers), "3des-sha1") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*3DES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 168; + addCipherProtocol(cipherPointer); + } + + // DES-SHA1... + else if (strcmp(sslCiphers->part(totalCiphers), "3des-sha1") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*3DES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 56; + addCipherProtocol(cipherPointer); + } + + // RC4-MD5... + else if (strcmp(sslCiphers->part(totalCiphers), "rc4-md5") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 40; + addCipherProtocol(cipherPointer); + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 56; + addCipherProtocol(cipherPointer); + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 64; + addCipherProtocol(cipherPointer); + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 128; + addCipherProtocol(cipherPointer); + } + + // AES128-SHA1... + else if (strcmp(sslCiphers->part(totalCiphers), "aes128-sha1") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*AES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 128; + addCipherProtocol(cipherPointer); + } + + // AES192-SHA1... + else if (strcmp(sslCiphers->part(totalCiphers), "aes192-sha1") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*AES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 192; + addCipherProtocol(cipherPointer); + } + + // AES256-SHA1... + else if (strcmp(sslCiphers->part(totalCiphers), "aes256-sha1") == 0) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*AES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 256; + addCipherProtocol(cipherPointer); + } + } + } + else + { + defaultCiphers = true; + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*3DES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 168; + addCipherProtocol(cipherPointer); + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*3DES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 56; + addCipherProtocol(cipherPointer); + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 40; + addCipherProtocol(cipherPointer); + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 56; + addCipherProtocol(cipherPointer); + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 64; + addCipherProtocol(cipherPointer); + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + cipherPointer->bits = 128; + addCipherProtocol(cipherPointer); + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*AES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 128; + addCipherProtocol(cipherPointer); + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*AES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 192; + addCipherProtocol(cipherPointer); + + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*AES*-ABBREV*"); + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + cipherPointer->bits = 256; + addCipherProtocol(cipherPointer); + } + + return errorCode; +} + + +int CiscoSecAdministration::processDeviceSpecificDefaults(Device *device) +{ + return 0; +} + + +int CiscoSecAdministration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + hostFilter *hostPointer = 0; + int errorCode = 0; + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // console timeout... + if ((strcmp(command->part(tempInt), "console") == 0) && (strcmp(command->part(tempInt + 1), "timeout") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + if (setting == true) + consoleTimeout = atoi(command->part(tempInt)) * 60; + else + consoleTimeout = 0; + } + + // SSL... + else if (strcmp(command->part(tempInt), "ssl") == 0) + { + tempInt++; + + // version... + if (strcmp(command->part(tempInt), "server-version") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSL Server Version Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempInt++; + sslProtocolVersion.assign(command->part(tempInt)); + } + + // encryption... + else if (strcmp(command->part(tempInt), "encryption") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSL Encryption Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + { + tempInt++; + sslCiphers = new (ConfigLine); + sslCiphers->setConfigLine(line); + } + } + + // All others... + else + device->lineNotProcessed(line); + } + + // SSH... + else if (strcmp(command->part(tempInt), "ssh") == 0) + { + tempInt++; + + // version... + if (strcmp(command->part(tempInt), "version") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Version Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == false) + sshVersion = 0; + else if (strcmp(command->part(tempInt), "1") == 0) + sshVersion = 1; + else + sshVersion = 2; + sshSupported = true; + sshUpgrade = false; + ssh2Supported = true; + ssh2upgrade = false; + } + + // timeout... + else if (strcmp(command->part(tempInt), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == false) + sshTimeout = 300; + else + sshTimeout = atoi(command->part(tempInt)) * 60; + sshSupported = true; + sshUpgrade = false; + } + + // scopy... + else if (((strcmp(command->part(tempInt), "scopy") == 0) || (strcmp(command->part(tempInt), "copy") == 0)) && (strcmp(command->part(tempInt + 1), "enable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH SCP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + scpSupported = true; + if (setting == false) + scpEnabled = false; + else + scpEnabled = true; + sshSupported = true; + sshUpgrade = false; + } + + // ssh management hosts... + else if (command->parts > 2) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostPointer = addHostFilter(sshService); + hostPointer->host.assign(command->part(tempInt)); + tempInt++; + if (command->parts == 4) + { + hostPointer->netmask.assign(command->part(tempInt)); + tempInt++; + } + hostPointer->interface.assign(command->part(tempInt)); + sshSupported = true; + sshEnabled = true; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // Telnet... + else if (strcmp(command->part(tempInt), "telnet") == 0) + { + tempInt++; + + // timeout... + if (strcmp(command->part(tempInt), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTelnet Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == false) + telnetTimeout = 300; + else + telnetTimeout = atoi(command->part(tempInt)) * 60; + } + + // Telnet management hosts... + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sTelnet Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostPointer = addHostFilter(telnetService); + hostPointer->host.assign(command->part(tempInt)); + if (command->parts == 3) + { + tempInt++; + hostPointer->interface.assign(command->part(tempInt)); + } + else if (command->parts == 4) + { + tempInt++; + hostPointer->netmask.assign(command->part(tempInt)); + tempInt++; + hostPointer->interface.assign(command->part(tempInt)); + } + } + } + + // HTTP... + else if (strcmp(command->part(tempInt), "http") == 0) + { + tempInt++; + + // server enable... + if ((strcmp(command->part(tempInt), "server") == 0) && (strcmp(command->part(tempInt + 1), "enable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Server Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + httpsEnabled = setting; + httpsSupported = true; + tempInt += 2; + if (tempInt < command->parts) + httpsPort = atoi(command->part(tempInt)); + } + + // Redirect... + else if (strcmp(command->part(tempInt), "redirect") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Redirect Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + httpsRedirect = setting; + httpsSupported = true; + httpSupported = true; + httpEnabled = true; + tempInt += 2; + if (tempInt < command->parts) + httpPort = atoi(command->part(tempInt)); + } + + // Certificate Authentication... + else if (strcmp(command->part(tempInt), "authentication-certificate") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Auth Cert Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + httpsSupported = true; + httpSupported = true; + tempInt += 2; + if (tempInt < command->parts) + httpPort = atoi(command->part(tempInt)); + } + + // Hosts... + else if (command->parts == 4) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Hosts Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostPointer = addHostFilter(httpService); + hostPointer->host.assign(command->part(tempInt)); + tempInt++; + hostPointer->netmask.assign(command->part(tempInt)); + tempInt++; + hostPointer->interface.assign(command->part(tempInt)); + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + + return errorCode; +} + + +int CiscoSecAdministration::generateDeviceHTTPConfig(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINHTTP-TABLE"); + + // HTTPS Certificate... + if (!certificateAuthInterface.empty()) + { + device->addTableData(paragraphPointer->table, i18n("Authentication certificate required on interface")); + device->addTableData(paragraphPointer->table, certificateAuthInterface.c_str()); + } + + return errorCode; +} + diff --git a/libnipper-0.12.6/Cisco-Security/administration.h b/libnipper-0.12.6/Cisco-Security/administration.h new file mode 100644 index 0000000..525fe25 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/administration.h @@ -0,0 +1,71 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoSecadministration_H +#define CiscoSecadministration_H + + +#include "../device/administration/administration.h" + + +class CiscoSecAdministration : public Administration +{ + public: + + CiscoSecAdministration(); + ~CiscoSecAdministration(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int processDeviceSpecificDefaults(Device *device); + + // Methods + //virtual int generateDeviceGeneralConfig(Device *device); // A device specific config report output + //virtual int generateDeviceTelnetConfig(Device *device); // A device specific config report output + //virtual int generateDeviceTFTPConfig(Device *device); // A device specific config report output + //virtual int generateDeviceFTPConfig(Device *device); // A device specific config report output + //virtual int generateDeviceSFTPConfig(Device *device); // A device specific config report output + //virtual int generateDeviceSSHConfig(Device *device); // A device specific config report output + virtual int generateDeviceHTTPConfig(Device *device); // A device specific config report output + + + private: + + void addCipherProtocol(cipherConfig *cipherPointer); + + // Custom properties... + string certificateAuthInterface; + string sslProtocolVersion; + ConfigLine *sslCiphers; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security/authentication.cpp b/libnipper-0.12.6/Cisco-Security/authentication.cpp new file mode 100644 index 0000000..98d02b3 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/authentication.cpp @@ -0,0 +1,841 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "authentication.h" +#include "../device/common/configline.h" + + +CiscoSecAuthentication::CiscoSecAuthentication() +{ + // General... + authenticationConfigIntro = i18n("This section describes the various *DEVICETYPE* device authentication settings."); // Introduction text to the whole section + loginAttemptsSupported = false; // Login attempts supported + loginAttempts = 0; // Login attempts allowed (0 = infinite) + accessWithoutAuthentication = true; // Set to true if access is allowed without authentication + configAccessAuthentication = i18n("The following commands can be used on *DEVICETYPE* devices to configure the initial password, enable password and a user account with a password:*CODE**COMMAND*password *CMDUSER*password*-CMDUSER**-COMMAND**COMMAND*enable password *CMDUSER*password*-CMDUSER**-COMMAND**COMMAND*username *CMDUSER*name*-CMDUSER* password *CMDUSER*password*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure access authentication with a password + + // Authentication Methods... + authMethodSupported = true; // Authentication Method Supported + appliesToSupported = true; // Applies To Supported + namedAuthSupport = true; // Are auth servers named? + + // Local User Options... + encryptionSupported = true; // Show encryption + readOnlySupported = false; // Is read only supported? + outboundACLSupported = false; // Are outbound filtering ACL supported? + privilegeLevelSupported = true; // Are privilege levels supported? + privilegeLevelText = i18n("Privilege Level"); // The table title privilege level text + configDeviceSpecificLocalUsers = i18n(""); // Text for the config report local user section. + filterText = i18n("*ABBREV*ACL*-ABBREV*"); // The table filter column title text + + // TACACS Options... + showTacacsGroupName = true; // Show the TACACS group + showTacacsRetries = true; // Show the TACACS retries + configTacacsKey = i18n("The *ABBREV*TACACS+*-ABBREV* server key can be configured with the following command:*CODE**COMMAND*aaa-server *CMDUSER*server-tag*-CMDUSER* *CMDOPTION**CMDUSER*interface*-CMDUSER**-CMDOPTION* host *CMDUSER*address*-CMDUSER* *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a TACACS+ key + + // RADIUS Options... + showRadiusGroupName = true; // Show the RADIUS group + configRadiusKey = i18n("The *ABBREV*TACACS+*-ABBREV* server key can be configured with the following command:*CODE**COMMAND*aaa-server *CMDUSER*server-tag*-CMDUSER* *CMDOPTION**CMDUSER*interface*-CMDUSER**-CMDOPTION* host *CMDUSER*address*-CMDUSER* *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); + + // KERBEROS Options... + showKerberosGroupName = true; // Show the KERBEROS group + showKerberosTimeout = true; // Show Kerberos timeout + showKerberosRetries = true; // Show Kerberos retries + + // LDAP Options... + showLDAPGroupName = true; // Show the LDAP group + configLDAPPassword = i18n("The *ABBREV*TACACS+*-ABBREV* password can be configured using the following command in the aaa-server group command mode:*CODE**COMMAND*ldap-login-password *CMDUSER*password*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure an LDAP server password + + // SecurID Options... + showSecurIDGroupName = true; // Show the SecurID group + + // NT Options... + showNTGroupName = true; // Show the NT group + + + serverProtocol = tacacsAuth; + serverAdded = false; + timeout = 10; +} + + +int CiscoSecAuthentication::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + localUserConfig *userPointer = 0; + tacacsServerConfig *tacacsPointer = 0; + radiusServerConfig *radiusPointer = 0; + kerberosServerConfig *kerberosPointer = 0; + ldapServerConfig *ldapPointer = 0; + securidServerConfig *securidPointer = 0; + ntServerConfig *ntPointer = 0; + authConfig *authPointer = 0; + fpos_t filePosition; + bool setting = false; + int tempInt = 0; + int errorCode = 0; + string tempString; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // username... + if ((strcmp(command->part(tempInt), "username") == 0) && ((strcmp(command->part(tempInt + 2), "password") == 0) || (strcmp(command->part(tempInt + 2), "nopassword") == 0))) + { + if (device->config->reportFormat == Config::Debug) + printf("%sUsername Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + { + userPointer = getUser(command->part(tempInt)); + userPointer->privilegeLevel.assign("2"); + userPointer->encryption = clearText; + tempInt++; + if (strcmp(command->part(tempInt), "password") == 0) + { + tempInt++; + userPointer->password.assign(command->part(tempInt)); + if (strcmp(command->part(tempInt + 1), "encrypted") == 0) + { + userPointer->password.assign(device->isEncryptedDictionaryPassword(command->part(tempInt))); + if (userPointer->password.length() == 0) + { + device->addJohnPassword(userPointer->username.c_str(), command->part(tempInt)); + userPointer->password.assign(command->part(tempInt)); + userPointer->encryption = md5Encryption; + } + tempInt += 2; + } + else if (strcmp(command->part(tempInt + 1), "mschap") == 0) + { + userPointer->password.assign(device->isEncryptedDictionaryPassword(command->part(tempInt))); + if (userPointer->password.length() == 0) + { + device->addJohnPassword(userPointer->username.c_str(), command->part(tempInt)); + userPointer->encryption = md4Encryption; + } + tempInt += 2; + } + else if (strcmp(command->part(tempInt + 1), "nt-encrypted") == 0) + { + userPointer->password.assign(device->isEncryptedDictionaryPassword(command->part(tempInt))); + if (userPointer->password.length() == 0) + { + device->addJohnPassword(userPointer->username.c_str(), command->part(tempInt)); + userPointer->encryption = ntEncryption; + } + tempInt += 2; + } + } + else if (strcmp(command->part(tempInt), "nopassword") == 0) + tempInt++; + + if (strcmp(command->part(tempInt), "privilege") == 0) + { + tempInt++; + userPointer->privilegeLevel.assign(command->part(tempInt)); + if (strcmp(command->part(tempInt), "15") == 0) + userPointer->adminAccess = true; + } + } + } + + // enable... + else if ((strcmp(command->part(tempInt), "enable") == 0) && (strcmp(command->part(tempInt + 1), "password") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sEnable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + + if (setting == true) + { + userPointer = getUser("enable"); + userPointer->privilegeLevel.assign("15"); + userPointer->encryption = clearText; + userPointer->adminAccess = true; + userPointer->password.assign(command->part(tempInt)); + tempInt++; + + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "encrypted") == 0) + { + tempString.assign(device->isEncryptedDictionaryPassword(userPointer->password.c_str())); + if (tempString.length() == 0) + { + device->addJohnPassword(userPointer->username.c_str(), userPointer->password.c_str()); + userPointer->encryption = md5Encryption; + } + else + userPointer->password.assign(tempString.c_str()); + } + + else if (strcmp(command->part(tempInt), "level") == 0) + { + tempInt++; + userPointer->privilegeLevel.assign(command->part(tempInt)); + } + + tempInt++; + } + } + } + + // password... + else if ((strcmp(command->part(tempInt), "password") == 0) || (strcmp(command->part(tempInt), "passwd") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPassword Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + accessWithoutAuthentication = false; + tempInt++; + + if (setting == true) + { + userPointer = getUser("password"); + userPointer->encryption = clearText; + userPointer->password.assign(command->part(tempInt)); + tempInt++; + + if (strcmp(command->part(tempInt), "encrypted") == 0) + { + tempString.assign(device->isEncryptedDictionaryPassword(userPointer->password.c_str())); + if (tempString.length() == 0) + { + device->addJohnPassword(userPointer->username.c_str(), userPointer->password.c_str()); + userPointer->encryption = md5Encryption; + } + else + userPointer->password.assign(tempString.c_str()); + } + } + } + + // aaa authentication... + else if ((strcmp(command->part(tempInt), "aaa") == 0) && (strcmp(command->part(tempInt + 1), "authentication") == 0) && ((strcmp(command->part(tempInt + 2), "serial") == 0) || (strcmp(command->part(tempInt + 2), "enable") == 0) || (strcmp(command->part(tempInt + 2), "http") == 0) || (strcmp(command->part(tempInt + 2), "ssh") == 0) || (strcmp(command->part(tempInt + 2), "telnet") == 0))) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Authentication Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + + authPointer = addMethod(); + authPointer->name.assign(command->part(tempInt + 2)); + authPointer->appliesTo.assign(command->part(tempInt)); + + tempInt += 2; + if (strcasecmp(command->part(tempInt), "LOCAL") != 0) + { + radiusPointer = radiusServer; + while (radiusPointer != 0) + { + if (strcmp(command->part(tempInt), radiusPointer->groupName.c_str()) == 0) + authPointer->method = radiusAuth; + radiusPointer = radiusPointer->next; + } + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + if (strcmp(command->part(tempInt), tacacsPointer->groupName.c_str()) == 0) + authPointer->method = tacacsAuth; + tacacsPointer = tacacsPointer->next; + } + kerberosPointer = kerberosServer; + while (kerberosPointer != 0) + { + if (strcmp(command->part(tempInt), kerberosPointer->groupName.c_str()) == 0) + authPointer->method = kerberosAuth; + kerberosPointer = kerberosPointer->next; + } + securidPointer = securidServer; + while (securidPointer != 0) + { + if (strcmp(command->part(tempInt), securidPointer->groupName.c_str()) == 0) + authPointer->method = securidAuth; + securidPointer = securidPointer->next; + } + ntPointer = ntServer; + while (ntPointer != 0) + { + if (strcmp(command->part(tempInt), ntPointer->groupName.c_str()) == 0) + authPointer->method = ntAuth; + ntPointer = ntPointer->next; + } + ldapPointer = ldapServer; + while (ldapPointer != 0) + { + if (strcmp(command->part(tempInt), ldapPointer->groupName.c_str()) == 0) + authPointer->method = ldapAuth; + ldapPointer = ldapPointer->next; + } + } + } + + // auth protocol... + else if ((strcmp(command->part(tempInt), "aaa-server") == 0) && (strcmp(command->part(tempInt + 2), "protocol") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Server Protocol Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (serverGroup.compare(command->part(tempInt)) != 0) + { + serverAdded = false; + timeout = 10; + key.assign(""); + } + + serverGroup.assign(command->part(tempInt)); + if (strcmp(command->part(tempInt + 2), "tacacs+") == 0) + { + serverProtocol = tacacsAuth; + } + else if (strcmp(command->part(tempInt + 2), "radius") == 0) + { + serverProtocol = radiusAuth; + } + else if (strcmp(command->part(tempInt + 2), "kerberos") == 0) + { + serverProtocol = kerberosAuth; + } + else if (strcmp(command->part(tempInt + 2), "sdi") == 0) + { + serverProtocol = securidAuth; + } + else if (strcmp(command->part(tempInt + 2), "ldap") == 0) + { + serverProtocol = ldapAuth; + } + else if (strcmp(command->part(tempInt + 2), "nt") == 0) + { + serverProtocol = ntAuth; + } + } + + // auth host... + else if ((strcmp(command->part(tempInt), "aaa-server") == 0) && ((strcmp(command->part(tempInt + 2), "host") == 0) || (strcmp(command->part(tempInt + 3), "host") == 0))) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Server Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if ((setting == true) && (strcmp(command->part(tempInt), serverGroup.c_str()) == 0)) + { + tempInt++; + if (strcmp(command->part(tempInt), "host") == 0) + tempInt++; + else + tempInt += 2; + switch (serverProtocol) + { + case radiusAuth: + radiusPointer = addRadiusServer(); + radiusPointer->groupName.assign(serverGroup); + radiusPointer->key.assign(key); + radiusPointer->address.assign(command->part(tempInt)); + if (serverAdded == false) + { + radiusPointer->description.assign(i18n("Primary")); + } + else + { + radiusPointer->description.assign(i18n("Secondary")); + } + serverAdded = true; + radiusPointer->timeout = 10; + radiusPointer->retries = 10; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "timeout") != 0) + { + radiusPointer->key.assign(command->part(tempInt)); + key.assign(command->part(tempInt)); + } + else + { + tempInt++; + timeout = atoi(command->part(tempInt)); + radiusPointer->timeout = timeout; + } + + tempInt++; + } + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + // Split it up into parts... + command->setConfigLine(line); + + if (strcmp(command->part(0), "key") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sKey Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer->key.assign(command->part(1)); + } + else if (strcmp(command->part(0), "retry-interval") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRetry Interval Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer->retries = atoi(command->part(1)); + } + else if (strcmp(command->part(0), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTimeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer->timeout = atoi(command->part(1)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + } + // Set file position back + fsetpos(device->inputFile, &filePosition); + break; + + case tacacsAuth: + tacacsPointer = addTacacsServer(); + tacacsPointer->groupName.assign(serverGroup); + tacacsPointer->key.assign(key); + tacacsPointer->address.assign(command->part(tempInt)); + if (serverAdded == false) + { + tacacsPointer->description.assign(i18n("Primary")); + } + else + { + tacacsPointer->description.assign(i18n("Secondary")); + } + serverAdded = true; + tacacsPointer->timeout = 10; + tacacsPointer->retries = 10; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "timeout") != 0) + { + tacacsPointer->key.assign(command->part(tempInt)); + key.assign(command->part(tempInt)); + } + else + { + tempInt++; + timeout = atoi(command->part(tempInt)); + tacacsPointer->timeout = timeout; + } + + tempInt++; + } + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + // Split it up into parts... + command->setConfigLine(line); + + if (strcmp(command->part(0), "key") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sKey Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer->key.assign(command->part(1)); + } + else if (strcmp(command->part(0), "retry-interval") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRetry Interval Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer->retries = atoi(command->part(1)); + } + else if (strcmp(command->part(0), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTimeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer->timeout = atoi(command->part(1)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + } + // Set file position back + fsetpos(device->inputFile, &filePosition); + break; + + case ldapAuth: + ldapPointer = addLDAPServer(); + ldapPointer->groupName.assign(serverGroup); + ldapPointer->password.assign(key); + ldapPointer->address.assign(command->part(tempInt)); + if (serverAdded == false) + { + ldapPointer->description.assign(i18n("Primary")); + } + else + { + ldapPointer->description.assign(i18n("Secondary")); + } + serverAdded = true; + ldapPointer->timeout = 10; + ldapPointer->retries = 10; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "timeout") == 0) + { + tempInt++; + timeout = atoi(command->part(tempInt)); + ldapPointer->timeout = timeout; + } + + tempInt++; + } + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + // Split it up into parts... + command->setConfigLine(line); + + if (strcmp(command->part(0), "ldap-login-password") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPassword Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ldapPointer->password.assign(command->part(1)); + } + else if (strcmp(command->part(0), "ldap-naming-attribute") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sCN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ldapPointer->cn.assign(command->part(1)); + } + else if (strcmp(command->part(0), "ldap-login-dn") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ldapPointer->dn.assign(command->part(1)); + } + else if (strcmp(command->part(0), "ldap-dn") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ldapPointer->dn.assign(command->part(1)); + } + else if (strcmp(command->part(0), "retry-interval") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRetry Interval Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ldapPointer->retries = atoi(command->part(1)); + } + else if (strcmp(command->part(0), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTimeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ldapPointer->timeout = atoi(command->part(1)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + } + // Set file position back + fsetpos(device->inputFile, &filePosition); + break; + + case securidAuth: + securidPointer = addSecurIDServer(); + securidPointer->groupName.assign(serverGroup); + securidPointer->address.assign(command->part(tempInt)); + if (serverAdded == false) + { + securidPointer->description.assign(i18n("Primary")); + } + else + { + securidPointer->description.assign(i18n("Secondary")); + } + serverAdded = true; + securidPointer->timeout = 10; + securidPointer->retries = 10; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "timeout") == 0) + { + tempInt++; + timeout = atoi(command->part(tempInt)); + securidPointer->timeout = timeout; + } + + tempInt++; + } + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + // Split it up into parts... + command->setConfigLine(line); + + if (strcmp(command->part(0), "retry-interval") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRetry Interval Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + securidPointer->retries = atoi(command->part(1)); + } + else if (strcmp(command->part(0), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTimeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + securidPointer->timeout = atoi(command->part(1)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + } + // Set file position back + fsetpos(device->inputFile, &filePosition); + break; + + case kerberosAuth: + kerberosPointer = addKerberosServer(); + kerberosPointer->groupName.assign(serverGroup); + kerberosPointer->address.assign(command->part(tempInt)); + if (serverAdded == false) + { + kerberosPointer->description.assign(i18n("Primary")); + } + else + { + kerberosPointer->description.assign(i18n("Secondary")); + } + serverAdded = true; + kerberosPointer->timeout = 10; + kerberosPointer->retries = 10; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "timeout") != 0) + { + kerberosPointer->realm.assign(command->part(tempInt)); + key.assign(command->part(tempInt)); + } + else + { + tempInt++; + timeout = atoi(command->part(tempInt)); + kerberosPointer->timeout = timeout; + } + + tempInt++; + } + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + // Split it up into parts... + command->setConfigLine(line); + + if (strcmp(command->part(0), "kerberos-realm") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRealm Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + kerberosPointer->realm.assign(command->part(1)); + } + else if (strcmp(command->part(0), "retry-interval") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRetry Interval Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + kerberosPointer->retries = atoi(command->part(1)); + } + else if (strcmp(command->part(0), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTimeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + kerberosPointer->timeout = atoi(command->part(1)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + } + // Set file position back + fsetpos(device->inputFile, &filePosition); + break; + + default: + ntPointer = addNTServer(); + ntPointer->groupName.assign(serverGroup); + ntPointer->address.assign(command->part(tempInt)); + if (serverAdded == false) + { + ntPointer->description.assign(i18n("Primary")); + } + else + { + ntPointer->description.assign(i18n("Secondary")); + } + serverAdded = true; + ntPointer->timeout = 10; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "timeout") != 0) + { + ntPointer->pdc.assign(command->part(tempInt)); + key.assign(command->part(tempInt)); + } + else + { + tempInt++; + timeout = atoi(command->part(tempInt)); + ntPointer->timeout = timeout; + } + + tempInt++; + } + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + // Split it up into parts... + command->setConfigLine(line); + + if (strcmp(command->part(0), "nt-auth-domain-controller") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sNT Auth Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ntPointer->pdc.assign(command->part(1)); + } + else if (strcmp(command->part(0), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTimeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ntPointer->timeout = atoi(command->part(1)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + } + // Set file position back + fsetpos(device->inputFile, &filePosition); + break; + } + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return errorCode; +} + + +int CiscoSecAuthentication::processDefaults(Device *device) +{ + return 0; +} diff --git a/libnipper-0.12.6/Cisco-Security/authentication.h b/libnipper-0.12.6/Cisco-Security/authentication.h new file mode 100644 index 0000000..227751f --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/authentication.h @@ -0,0 +1,62 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoSecauthentication_H +#define CiscoSecauthentication_H + + +#include "../device/authentication/authentication.h" + + +class CiscoSecAuthentication : public Authentication +{ + public: + + CiscoSecAuthentication(); + + + // ----------------------------------------------------------------------- + // Standard Device Class Methods... + // ----------------------------------------------------------------------- + + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + + + private: + string serverGroup; + authMethodEnum serverProtocol; + bool serverAdded; + int timeout; + string key; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security/banner.cpp b/libnipper-0.12.6/Cisco-Security/banner.cpp new file mode 100644 index 0000000..b79514d --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/banner.cpp @@ -0,0 +1,139 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "banner.h" + + +CiscoSecBanner::CiscoSecBanner() +{ + // Banner settings... + preLogonBanner = true; // Support Banner(s) Before Logon? + postLogonBanner = true; // Support Banner(s) After Logon? + configPreLogonBanner = i18n("The *ABBREV*MOTD*-ABBREV* banner message is displayed before logon for connections to *DEVICENAME*. The *ABBREV*MOTD*-ABBREV* banner message can be configured with the following command:*CODE**COMMAND*banner motd *CMDUSER*message-text*-CMDUSER**-COMMAND**-CODE*"); // The text that explains how to config a prelogon banner, with commands... + configPostLogonBanner = i18n("The Exec banner message is displayed once a successful logon has occured, before the enable prompt. The Exec banner message can be configured with the following command:*CODE**COMMAND*banner exec *CMDUSER*message-text*-CMDUSER**-COMMAND**-CODE*"); // The text that explains how to config a post logon banner, with commands... +} + + +int CiscoSecBanner::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + bannerStruct *bannerPointer = 0; + int errorCode = 0; + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 2; + setting = false; + } + else + { + tempInt = 1; + setting = true; + } + + // Exec... + if (strcmp(command->part(tempInt), "exec") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sExec Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + { + bannerPointer = getBanner("Exec"); + if (bannerPointer == 0) + { + bannerPointer = addBanner(); + bannerPointer->banner = postLogon; + bannerPointer->name.assign("Exec"); + bannerPointer->description.assign(i18n("The Exec banner is displayed after a connection logon has occured and before the enable prompt.")); + bannerPointer->connectionType = anyConnection; + bannerPointer->bannerFile = false; + } + addBannerLine(bannerPointer, strstr(line, "exec") + 5); + } + } + + // MOTD... + else if (strcmp(command->part(tempInt), "motd") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + { + bannerPointer = getBanner("*ABBREV*MOTD*-ABBREV*"); + if (bannerPointer == 0) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign("*ABBREV*MOTD*-ABBREV*"); + bannerPointer->description.assign(i18n("The *ABBREV*MOTD*-ABBREV* banner is displayed when a user connects, before the logon prompt.")); + bannerPointer->connectionType = anyConnection; + bannerPointer->bannerFile = false; + } + addBannerLine(bannerPointer, strstr(line, "motd") + 5); + } + } + + // Login... + else if (strcmp(command->part(tempInt), "login") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLogin Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + { + bannerPointer = getBanner("Login"); + if (bannerPointer == 0) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign("Login"); + bannerPointer->description.assign(i18n("The Login banner is displayed when a Telnet user connects, before the logon prompt but after any configured *ABBREV*MOTD*-ABBREV* banner message.")); + bannerPointer->connectionType = telnetConnection; + bannerPointer->bannerFile = false; + } + addBannerLine(bannerPointer, strstr(line, "login") + 6); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return errorCode; +} + diff --git a/libnipper-0.12.6/Cisco-Security/banner.h b/libnipper-0.12.6/Cisco-Security/banner.h new file mode 100644 index 0000000..86461a5 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/banner.h @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoSecbanner_H +#define CiscoSecbanner_H + + +#include "../device/banner/banner.h" + + +class CiscoSecBanner : public Banner +{ + public: + + CiscoSecBanner(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security/device.cpp b/libnipper-0.12.6/Cisco-Security/device.cpp new file mode 100644 index 0000000..7a9a835 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/device.cpp @@ -0,0 +1,311 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" +#include "administration.h" +#include "banner.h" +#include "snmp.h" +#include "filter.h" +#include "dns.h" +#include "authentication.h" +#include "interfaces.h" + + +CiscoSecDevice::CiscoSecDevice() +{ + deviceMake = "Cisco"; + deviceType = "Security Appliance Generic"; + deviceOS = "PIX"; + + general = new (CiscoSecGeneral); + banner = new (CiscoSecBanner); + snmp = new (CiscoSecSNMP); + filter = new (CiscoSecFilter); + dns = new (CiscoSecDNS); + authentication = new (CiscoSecAuthentication); + interfaces = new (CiscoSecInterfaces); +} + + +CiscoSecDevice::~CiscoSecDevice() +{ + delete general; + delete banner; + delete snmp; + delete filter; + delete dns; + delete authentication; + delete interfaces; +} + + +Device::encryptDictionaryStruct builtincsencdict8 = {"7S8ePYKfPDzMXKcC", "network", 0}; +Device::encryptDictionaryStruct builtincsencdict7 = {"BGogFIdB6jmwTyg7", "secret", &builtincsencdict8}; +Device::encryptDictionaryStruct builtincsencdict6 = {"Owo3Y8stBKQ1SpVk", "administrator", &builtincsencdict7}; +Device::encryptDictionaryStruct builtincsencdict5 = {"F2J0OlM3WTw7kVED", "supervisor", &builtincsencdict6}; +Device::encryptDictionaryStruct builtincsencdict4 = {"PVSASRJovmamnVkD", "admin", &builtincsencdict5}; +Device::encryptDictionaryStruct builtincsencdict3 = {"9jNfZuG3TC5tCVH0", "cisco123", &builtincsencdict4}; +Device::encryptDictionaryStruct builtincsencdict2 = {"XejxZFfyt2wxqfff", "Cisco", &builtincsencdict3}; +Device::encryptDictionaryStruct builtincsencdict1 = {"2KFQnbNIdI.2KYOU", "cisco", &builtincsencdict2}; +Device::encryptDictionaryStruct builtincsencdict = {"NuLKvvWGg.x9HEKO", "password", &builtincsencdict1}; + + +int CiscoSecDevice::processDevice() +{ + // Variables... + char line[1024]; + ConfigLine command; + unsigned int tempInt = 0; + int tempVersion = 0; + bool setting = false; + + // Set encrypted dictionary... + encryptedDictionary = &builtincsencdict; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Init + if (strcmp(command.part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + if (line[0] == '!') + { } + + // Object Group... + else if (strcmp(command.part(tempInt), "object-group") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Access List... + else if (strcmp(command.part(tempInt), "access-list") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Conduit... + else if (strcmp(command.part(tempInt), "conduit") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Outbound... + else if (strcmp(command.part(tempInt), "outbound") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Time Range... + else if (strcmp(command.part(tempInt), "time-range") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Enable... + else if (strcmp(command.part(tempInt), "enable") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Username... + else if (strcmp(command.part(tempInt), "username") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // aaa authentication... + else if ((strcmp(command.part(tempInt), "aaa") == 0) && (strcmp(command.part(tempInt + 1), "authentication") == 0)) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // auth server... + else if (strcmp(command.part(tempInt), "aaa-server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Password... + else if (strcmp(command.part(tempInt), "password") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Passwd... + else if (strcmp(command.part(tempInt), "passwd") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // nameif... + else if (strcmp(command.part(tempInt), "nameif") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // interface... + else if (strcmp(command.part(tempInt), "interface") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // ip address... + else if ((strcmp(command.part(tempInt), "ip") == 0) && (strcmp(command.part(tempInt + 1), "address") == 0)) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // failover... + else if (strcmp(command.part(tempInt), "failover") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Access Group... + else if (strcmp(command.part(tempInt), "access-group") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Hostname (in general)... + else if (strcmp(command.part(tempInt), "hostname") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SNMP (in SNMP)... + else if (strcmp(command.part(tempInt), "snmp-server") == 0) + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Console... + else if ((strcmp(command.part(tempInt), "console") == 0) && (strcmp(command.part(tempInt + 1), "timeout") == 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // HTTP... + else if (strcmp(command.part(tempInt), "http") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Name... + else if (strcmp(command.part(tempInt), "name") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // domain-name... + else if (strcmp(command.part(tempInt), "domain-name") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // dns... + else if (strcmp(command.part(tempInt), "dns") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SSH... + else if (strcmp(command.part(tempInt), "ssh") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Telnet... + else if (strcmp(command.part(tempInt), "telnet") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Banner... + else if ((strcmp(command.part(tempInt), "banner") == 0) && ((strcmp(command.part(tempInt + 1), "exec") == 0) || (strcmp(command.part(tempInt + 1), "login") == 0) || (strcmp(command.part(tempInt + 1), "exec") == 0))) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SSL... + else if (strcmp(command.part(tempInt), "ssl") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + processDeviceSpecific(&command, (char *)&line, sizeof(line)); + } + + if ((general->version.empty()) && (config->deviceTypeChecks == true)) + return libnipper_error_wrongdevice; + + // Sort out any specified version... + if (config->osVersion != 0) + { + if (strlen(config->osVersion) > 0) + { + general->version.assign(config->osVersion); + + // Version Major... + tempVersion = atoi(config->osVersion); + if ((tempVersion != 0) || (config->osVersion[0] == '0')) + { + general->versionMajor = tempVersion; + tempInt = 0; + while ((tempInt < strlen(config->osVersion)) && (config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Minor... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionMinor = tempVersion; + general->noMinor = false; + + while ((tempInt < strlen(config->osVersion)) && (config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Revision... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionRevision = tempVersion; + general->noRevision = false; + + while ((tempInt < strlen(config->osVersion)) &&(config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Tweak... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionTweak = tempVersion; + general->noTweak = false; + } + } + } + } + } + } + } + } + } + + return 0; +} + + +int CiscoSecDevice::processDeviceSpecific(ConfigLine *command, char *line, int lineSize) +{ + lineNotProcessed(line); + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Security/device.h b/libnipper-0.12.6/Cisco-Security/device.h new file mode 100644 index 0000000..ebef816 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/device.h @@ -0,0 +1,51 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_CiscoSec_H +#define device_CiscoSec_H + + +#include "../device/device.h" + +class CiscoSecGeneral; + +class CiscoSecDevice : public Device +{ + public: + CiscoSecDevice(); + ~CiscoSecDevice(); + + virtual int processDevice(); + virtual int processDeviceSpecific(ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security/dns.cpp b/libnipper-0.12.6/Cisco-Security/dns.cpp new file mode 100644 index 0000000..36ba55c --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/dns.cpp @@ -0,0 +1,308 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "dns.h" +#include "general.h" + + +CiscoSecDNS::CiscoSecDNS() +{ + nameMappingConfig = i18n("*DEVICETYPE* devices can be configured with a list of host name to *ABBREV*IP*-ABBREV* address mappings for use within the configuration. This section details those settings."); // The text paragraph in the config section + + // Host configuration + showInterface = false; // Are interfaces supported? + + // DNS Client Settings + dnsClientSupported = false; // DNS Client Supported? + dnsLookupEnabled = false; // DNS lookups enabled? + disableLookup = "*ABBREV*DNS*-ABBREV* lookups are disabled or enabled on specific interfaces on *DEVICETYPE* devices. The following command can be used to disable *ABBREV*DNS*-ABBREV* lookups:*CODE**COMMAND*no dns domain-lookup *CMDUSER*interface*-CMDUSER**-COMMAND**-CODE*"; // The text and commands to disable DNS lookup + dnsRetries = 2; // DNS lookup retries + dnsRetriesSupported = false; // DNS lookup retries Supported? + dnsTimeout = 2; // DNS timeout + dnsTimeoutSupported = false; // DNS timeout Supported? + + // DNS Server Options... + dnsRecordKeepAliveSupported = false; // Is the DNS keep Alive message type supported? + returnRecordsSupported = false; // Is the single/multiple record field supported? + dynamicDNSSupported = false; // Is Dynamic DNS Supported? + dnsServerSupported = false; // Is DNS Server Supported? + dnsServiceEnabled = false; // Is the DNS service enabled? + dynamicDNSEnabled = false; // Is dynamic DNS enabled? + dnsPort = 53; // DNS Server Port + + + // Device specific... + dnsClientUsed = false; +} + + +int CiscoSecDNS::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + dnsConfig *dnsPointer = 0; + hostNameConfig *namePointer = 0; + fpos_t filePosition; + int tempInt = 0; + bool setting = false; + bool first = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // name... + if (strcmp(command->part(tempInt), "name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sName Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + namePointer = addHostName(command->part(tempInt + 1), command->part(tempInt)); + } + + // domain name... + else if (strcmp(command->part(tempInt), "domain-name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDomain Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + dnsDomain.assign(command->part(tempInt)); + } + + // dns lookups... + else if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "domain-lookup") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Domain Lookup Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + dnsClientUsed = true; + + if (setting == true) + dnsLookupEnabled = true; + } + + // dns name-server... + else if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "name-server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Name Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + dnsClientUsed = true; + + first = true; + while (tempInt < command->parts) + { + if (first == true) + { + dnsPointer = addDNSServer(command->part(tempInt)); + dnsPointer->description.assign(i18n("Primary")); + first = false; + } + else + { + dnsPointer = addDNSServer(command->part(tempInt)); + dnsPointer->description.assign(i18n("Secondary")); + } + tempInt++; + } + } + + // dns retries... + else if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "retries") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Retries Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + dnsClientUsed = true; + + if (setting == true) + dnsRetries = atoi(command->part(tempInt)); + } + + // dns timeout... + else if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "timeout") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + dnsClientUsed = true; + + if (setting == true) + dnsTimeout = atoi(command->part(tempInt)); + } + + // dns server groupt... + else if ((strcmp(command->part(tempInt), "dns") == 0) && (strcmp(command->part(tempInt + 1), "server-group") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Server Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + dnsClientUsed = true; + + fgetpos(device->inputFile, &filePosition); + + while (((line[0] == ' ') || (strcmp(command->part(0), "server-group") == 0)) && (feof(device->inputFile) == 0)) + { + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Domain-name + if (strcmp(command->part(tempInt), "domain-name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDomain Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + dnsDomain.assign(command->part(tempInt)); + } + + else if (strcmp(command->part(tempInt), "name-server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Name Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + + first = true; + while (tempInt < command->parts) + { + if (first == true) + { + dnsPointer = addDNSServer(command->part(tempInt)); + dnsPointer->description.assign(i18n("Primary")); + first = false; + } + else + { + dnsPointer = addDNSServer(command->part(tempInt)); + dnsPointer->description.assign(i18n("Secondary")); + } + tempInt++; + } + } + + // dns retries... + else if (strcmp(command->part(tempInt), "retries") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Retries Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + dnsRetries = atoi(command->part(tempInt)); + } + + // dns timeout... + else if (strcmp(command->part(tempInt), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + dnsTimeout = atoi(command->part(tempInt)); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoSecDNS::processDefaults(Device *device) +{ + // Enable DNS client? + if (dnsClientUsed == false) + { + if (device->general != 0) + { + if ((device->general->versionMajor > 7) || ((device->general->versionMajor == 7) && (device->general->versionMinor > 0)) || ((device->general->versionMajor == 7) && (device->general->versionMinor == 0) && (device->general->versionRevision > 0))) + dnsClientUsed = true; + } + } + if (dnsClientUsed == true) + { + dnsClientSupported = true; + dnsRetriesSupported = true; + dnsTimeoutSupported = true; + nameMappingConfig = i18n("*DEVICETYPE* devices can be configured with a list of host name to *ABBREV*IP*-ABBREV* address mappings for use within the configuration. Additionally, *DEVICETYPE* devices from *DEVICEOS* version 7.0(1) can be configured to make use of *ABBREV*DNS*-ABBREV* servers to perform name lookups. This section details those settings."); // The text paragraph in the config section + } + + // If there are no name servers, how can there be any lookups? + if (dnsServer == 0) + dnsLookupEnabled = false; + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Security/dns.h b/libnipper-0.12.6/Cisco-Security/dns.h new file mode 100644 index 0000000..ff652cc --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/dns.h @@ -0,0 +1,54 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoSecDNS_H +#define CiscoSecDNS_H + + +#include "../device/dns/dns.h" + + +class CiscoSecDNS : public DNS +{ + public: + + CiscoSecDNS(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + private: + + bool dnsClientUsed; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security/filter.cpp b/libnipper-0.12.6/Cisco-Security/filter.cpp new file mode 100644 index 0000000..3a00fb7 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/filter.cpp @@ -0,0 +1,991 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "filter.h" + + +CiscoSecFilter::CiscoSecFilter() +{ + // Filter text... + standardACLText = i18n("Standard *ABBREV*ACL*-ABBREV*"); + standardACLDescription = i18n("Standard *ABBREV*ACLs*-ABBREV* only define the source address and process the packet solely based on that, they are typically used to restrict access to device services or protocols."); + extendedACLText = i18n("Extended *ABBREV*ACL*-ABBREV*"); + extendedACLDescription = i18n("Extended *ABBREV*ACLs*-ABBREV* permit or deny network traffic based on the source and destination addresses and network ports. Extended *ABBREV*ACLs*-ABBREV* are used for checks on traffic passing through the *DEVICENAME*."); + conduitText = i18n("Conduit"); + conduitDescription = i18n("Conduit rules permit or deny network traffic based on the source and destination addresses and network ports. Conduit rules are used for checks on incoming external traffic passing through the *DEVICENAME*. It is worth noting that conduit configurations should be considered legacy and have been replaced with extended *ABBREV*ACL*-ABBREV*"); + outboundText = i18n("Outbound"); + outboundDescription = i18n("Outbound rules permit or deny network traffic based on the address, network port(s) and protocol used. Outbound rules are used for checks on outgoing external traffic and act differently to other network filtering configurations where the first rule that matches is the one that takes precedence. Exception rules can be configured to exclude addresses and ports from the previous permit or deny rule . It is worth noting that outbound configurations should be considered legacy and have been replaced with *ABBREV*ACL*-ABBREV*"); + + // Object options... + networkObjectName = i18n("Network Objects"); // The name for the object (used in config report) + networkObjectDescription = i18n("Network object groups are used to define a group of hosts and networks in order to ease the management of the *DEVICETYPE* device. Additionally, object groups can be added to other object groups."); // The description for the object (config report) + protocolObjectName = i18n("Protocol Objects"); // The name for the object (used in config report) + protocolObjectDescription = i18n("Protocol object groups are used to define a group of network protocols to ease the management of the *DEVICETYPE* device. Additionally, object groups can be added to other object groups."); // The description for the object (config report) + icmpObjectName = i18n("*ABBREV*ICMP*-ABBREV* Objects"); // The name for the object (used in config report) + icmpObjectDescription = i18n("*ABBREV*ICMP*-ABBREV* object groups are used to define a group of *ABBREV*ICMP*-ABBREV* message types in order to ease the management of the *DEVICETYPE* device. Additionally, object groups can be added to other object groups."); // The description for the object (config report) + serviceObjectName = i18n("Service Objects"); // The name for the object (used in config report) + serviceObjectDescription = i18n("Service object groups are used to define a group of network services in order to ease the management of the *DEVICETYPE* device. Additionally, object groups can be added to other object groups."); // The description for the object (config report) + + // Filter device options... + logLevelsSupported = true; // Are log Levels supported + logOnlyDenySupported = true; // Is only Deny rule logging supported + noAccessWithoutFilters = true; // Is access not granted if no filters are configured + allowName = i18n("Permit"); // The name given to an allowed filter + denyName = i18n("Deny"); // The name given to a denied filter + ruleListsAreAssigned = true; // Rule lists are assigned to specific elements + filterConfigTitle = i18n("*ABBREV*ACL*-ABBREV* Configuration"); // The Title for the configuration report section + filterConfigText = i18n("*ABBREV*ACL*-ABBREV* are sequential lists of apply or deny *ABBREV*ACEs*-ABBREV* that a *DEVICETYPE* device will apply to the network traffic. The *DEVICETYPE* device will check network traffic against the *ABBREV*ACL*-ABBREV* and the first *ABBREV*ACE*-ABBREV* that matches will determine whether the network traffic is permited or denied. If the *DEVICETYPE* device does not have an *ABBREV*ACE*-ABBREV* that applies then the packet is denied."); // The device specific configuration report section text + filterConfigText2 = i18n("There are two different types of *ABBREV*ACLs*-ABBREV* on modern Cisco security appliances, standard and extended."); // The device specific configuration report section text2 + filterIDTitle = i18n("Line"); // The title for the filter ID/line no. table column + filterListName = i18n("*ABBREV*ACL*-ABBREV*"); // The name of the filter list, for use in text paragraphs + filterListNamePlaural = i18n("*ABBREV*ACLs*-ABBREV*"); // The name of the filter list, for use in text paragraphs + filterName = i18n("*ABBREV*ACE*-ABBREV*"); // The name of a filter, for use use in text paragraph + filterNamePlaural = i18n("*ABBREV*ACEs*-ABBREV*"); // The name of a filter, for use use in text paragraph + + // Issue titles... + allowAndNotLogIssue = i18n("All Permit *ABBREV*ACE*-ABBREV* Do Not Log"); // The title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogTable = i18n("permit *ABBREV*ACE*-ABBREV* that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogConcl = i18n("all permit *ABBREV*ACE*-ABBREV* do not log"); // The conclusions text for the "All Allow Rules Do Not Log" issue + allowAndNotLogReco = i18n("Configure logging for all *ABBREV*ACE*-ABBREV*");// The recommendations text for the "All Allow Rules Do Not Log" issue + denyAndNotLogIssue = i18n("All Deny *ABBREV*ACE*-ABBREV* Do Not Log"); // The title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogTable = i18n("deny *ABBREV*ACE*-ABBREV* that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogConcl = i18n("all deny *ABBREV*ACE*-ABBREV* do not log"); // The conclusions text for the "All Allow Rules Do Not Log" issue + configRuleLogging = i18n("Logging can be enabled on extended *COMMAND*access-list*-COMMAND* with the following command:*CODE**COMMAND*access-list *CMDUSER*list-id*-CMDUSER* *CMDREQUIRE*deny *CMDOR* permit*-CMDREQUIRE* *CMDUSER*protocol*-CMDUSER* *CMDUSER*source*-CMDUSER* *CMDUSER*destination*-CMDUSER* log*-COMMAND**-CODE*"); // The text describing how to configure logging for filter rules + noFilteringIssue = i18n("No *ABBREV*ACL*-ABBREV* Were Configured"); // The title text for the "No filtering" issue + noFilteringRec = i18n("Configure *ABBREV*ACL*-ABBREV* to restrict access"); // The title text for the "No filtering" recommendation + noFilteringCon = i18n("no *ABBREV*ACL*-ABBREV* were configured"); // The title text for the "No filtering" conclusion + legacyIssueFinding = i18n("*DEVICETYPE* device network filtering used to be configured using *COMMAND*conduit*-COMMAND* commands to configure incoming connections and *COMMAND*outbound*-COMMAND* commands to configure users access. Those commands have since been replaced with *ABBREV*ACLs*-ABBREV* which offer additional facilities and greater flexibility, although some *DEVICEOS* versions still support the commands for backwards compatability. *COMPANY* determined that legacy network filtering was configured on *DEVICENAME*."); // The finding for the legacy issue + legacyIssueImpact = i18n("Although the legacy configuration does not pose a direct security issue, they don't offer the more advanced configuration options."); // The impact for the legacy issue + legacyIssueEase = i18n("The legacy configuration applies to incoming and outbound network traffic."); // The ease for the legacy issue + legacyIssueRec = i18n("*COMPANY* recommends that the legacy network filtering is moved to *ABBREV*ACLs*-ABBREV* as soon as possible. Cisco provides documentation and procedures for the transfer of the network filtering to *ABBREV*ACLs*-ABBREV*."); // The recommendation for the legacy issue +} + + +int CiscoSecFilter::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + filterObjectConfig *filterObjectPointer = 0; + filterConfig *filterPointer = 0; + filterListConfig *filterListPointer = 0; + netObjectListConfig *objectListPointer = 0; + fpos_t filePosition; + string tempString; + int tempInt = 0; + int tempInt2 = 0; + bool create = false; + + // Extended ACL... + if (strcmp(command->part(0), "access-list") == 0) + { + if ((strcmp(command->part(2), "extended") == 0) || (strcmp(command->part(2), "permit") == 0) || (strcmp(command->part(2), "deny") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sExtended ACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList(command->part(1)); + filterListPointer->type = extendedACLText; + filterListPointer->typeDescription = extendedACLDescription; + filterListPointer->sourceOnly = false; + filterListPointer->loggingSupport = true; + filterListPointer->supportsTime = true; + filterListPointer->disabledFilterSupport = true; + filterListPointer->sourceServiceSupported = true; + filterPointer = addFilter(filterListPointer); + + if (strcmp(command->part(2), "extended") == 0) + tempInt = 3; + else + tempInt = 2; + + // Permit/Deny + if (strcmp(command->part(tempInt), "permit") == 0) + filterPointer->action = allowAction; + else + { + filterPointer->action = denyAction; + filterPointer->log = true; + } + filterPointer->logLevel = 6; + tempInt++; + + // Protocol + filterObjectPointer = addFilterObject(filterPointer, protocol); + if (strcmp(command->part(tempInt), "object-group") == 0) + { + tempInt++; + filterObjectPointer->type = groupObject; + tempInt2 = atoi(command->part(tempInt)); + if ((tempInt2 > 0) || (strcmp(command->part(tempInt), "0") == 0)) + { + filterObjectPointer->name.assign(device->getProtocol(tempInt2)); + if (filterObjectPointer->name.empty()) + filterObjectPointer->name.assign(command->part(tempInt)); + } + else + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + else + { + filterObjectPointer->type = protocolObject; + tempInt2 = atoi(command->part(tempInt)); + if ((tempInt2 > 0) || (strcmp(command->part(tempInt), "0") == 0)) + { + filterObjectPointer->name.assign(device->getProtocol(tempInt2)); + if (filterObjectPointer->name.empty()) + filterObjectPointer->name.assign(command->part(tempInt)); + } + else + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + tempInt++; + + // Source + filterObjectPointer = addFilterObject(filterPointer, source); + if (strcasecmp(command->part(tempInt), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "host") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = hostObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "interface") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = interfaceObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "object-group") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = groupObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else + { + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->type = networkObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + tempInt++; + + // Source Service + if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "object-group") == 0) + { + create = false; + filterObjectPointer = getObject(command->part(tempInt + 1)); + if (filterObjectPointer != 0) + { + if (filterObjectPointer->type == serviceObject) + create = true; + } + if (create == true) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + } + + // Destination... + filterObjectPointer = addFilterObject(filterPointer, destination); + if (strcasecmp(command->part(tempInt), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "host") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = hostObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "interface") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = interfaceObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "object-group") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = groupObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else + { + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->type = networkObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + tempInt++; + + // Destination service... + if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "object-group") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + + while (tempInt < command->parts) + { + // Inactive + if (strcmp(command->part(tempInt), "inactive") == 0) + filterPointer->enabled = false; + + // Time + else if (strcmp(command->part(tempInt), "time-range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, timeLimit); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = timeObject; + } + + // Log + else if (strcmp(command->part(tempInt), "log") == 0) + { + tempInt++; + if ((strcmp(command->part(tempInt), "interval") != 0) || (strcmp(command->part(tempInt), "disable") != 0) || (strcmp(command->part(tempInt), "default") != 0)) + { + filterPointer->logLevel = atoi(command->part(tempInt)); + tempInt++; + } + if (strcmp(command->part(tempInt), "disable") == 0) + filterPointer->log = false; + } + + tempInt++; + } + } + + // Standard ACL... + else if (strcmp(command->part(2), "standard") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sStandard ACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList(command->part(1)); + filterListPointer->sourceOnly = true; + filterListPointer->type = standardACLText; + filterListPointer->typeDescription = standardACLDescription; + filterPointer = addFilter(filterListPointer); + + // Permit/Deny + if (strcmp(command->part(3), "permit") == 0) + filterPointer->action = allowAction; + else + { + filterPointer->action = denyAction; + filterPointer->log = true; + } + + // Address + filterObjectPointer = addFilterObject(filterPointer, source); + filterObjectPointer->serviceOper = serviceOperEqual; + if (strcasecmp(command->part(4), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(4), "host") == 0) + { + filterObjectPointer->name.assign(command->part(5)); + filterObjectPointer->type = hostObject; + } + else + { + filterObjectPointer->name.assign(command->part(4)); + filterObjectPointer->netmask.assign(command->part(5)); + filterObjectPointer->type = networkObject; + } + } + + // Remark ACL... + else if (strcmp(command->part(2), "remark") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRemark ACL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList(command->part(1)); + filterPointer = addFilter(filterListPointer); + filterPointer->remarkFilter = true; + filterPointer->number--; + filterPointer->comment.assign(strstr(line, command->part(3))); + } + + // All others... + else + device->lineNotProcessed(line); + } + + // Conduit... + else if (strcmp(command->part(0), "conduit") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConduit Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList("incoming"); + filterListPointer->type = conduitText; + filterListPointer->typeDescription = conduitDescription; + filterListPointer->legacyType = true; + filterListPointer->sourceOnly = false; + filterListPointer->sourceServiceSupported = true; + filterListPointer->loggingSupport = false; + filterListPointer->supportsTime = false; + filterPointer = addFilter(filterListPointer); + tempInt = 1; + + // Permit/Deny + if (strcmp(command->part(tempInt), "permit") == 0) + filterPointer->action = allowAction; + else + filterPointer->action = denyAction; + tempInt++; + + // Protocol + filterObjectPointer = addFilterObject(filterPointer, protocol); + if (strcmp(command->part(tempInt), "object-group") == 0) + { + tempInt++; + filterObjectPointer->type = groupObject; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + else + { + filterObjectPointer->type = protocolObject; + tempInt2 = atoi(command->part(tempInt)); + if ((tempInt2 != 0) ||( strcmp(command->part(tempInt), "0") == 0)) + filterObjectPointer->name.assign(device->getProtocol(tempInt2)); + else + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + tempInt++; + + // Destination + filterObjectPointer = addFilterObject(filterPointer, destination); + if (strcasecmp(command->part(tempInt), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "host") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = hostObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "object-group") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = groupObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else + { + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->type = networkObject; + filterObjectPointer->serviceOper = serviceOperEqual; + if (((filterObjectPointer->name.compare("0.0.0.0") == 0) || (filterObjectPointer->name.compare("0") == 0)) && ((filterObjectPointer->netmask.compare("0.0.0.0") == 0) || (filterObjectPointer->netmask.compare("0") == 0))) + { + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (filterObjectPointer->name.compare("255.255.255.255") == 0) + filterObjectPointer->type = hostObject; + } + tempInt++; + + // Destination Service + if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "object-group") == 0) + { + create = false; + filterObjectPointer = getObject(command->part(tempInt + 1)); + if (filterObjectPointer != 0) + { + if (filterObjectPointer->type == serviceObject) + create = true; + } + if (create == true) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, destinationService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + } + + // Source... + filterObjectPointer = addFilterObject(filterPointer, source); + if (strcasecmp(command->part(tempInt), "any") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "host") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = hostObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "interface") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = interfaceObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (strcasecmp(command->part(tempInt), "object-group") == 0) + { + tempInt++; + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->type = groupObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else + { + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->type = networkObject; + filterObjectPointer->serviceOper = serviceOperEqual; + if (((filterObjectPointer->name.compare("0.0.0.0") == 0) || (filterObjectPointer->name.compare("0") == 0)) && ((filterObjectPointer->netmask.compare("0.0.0.0") == 0) || (filterObjectPointer->netmask.compare("0") == 0))) + { + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (filterObjectPointer->name.compare("255.255.255.255") == 0) + filterObjectPointer->type = hostObject; + } + tempInt++; + + // Source service... + if (strcmp(command->part(tempInt), "lt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperLessThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "gt") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperGreaterThan; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "eq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "neq") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperNotEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "range") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->type = serviceObject; + tempInt++; + } + else if (strcmp(command->part(tempInt), "object-group") == 0) + { + tempInt++; + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->type = serviceObject; + tempInt++; + } + } + + // Outbound... + else if (strcmp(command->part(0), "outbound") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sOutbound Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterListPointer = getFilterList(command->part(1)); + filterListPointer->type = outboundText; + filterListPointer->typeDescription = outboundDescription; + filterListPointer->legacyType = true; + filterListPointer->sourceOnly = true; + filterListPointer->loggingSupport = false; + filterListPointer->supportsTime = false; + filterListPointer->sourceServiceSupported = true; + filterPointer = addFilter(filterListPointer); + tempInt = 2; + + // Permit/Deny/Except + if (strcmp(command->part(tempInt), "permit") == 0) + filterPointer->action = allowAction; + else if (strcmp(command->part(tempInt), "deny") == 0) + filterPointer->action = denyAction; + else + filterPointer->action = exceptAction; + tempInt++; + + // Source + filterObjectPointer = addFilterObject(filterPointer, source); + filterObjectPointer->name.assign(command->part(tempInt)); + tempInt++; + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + if (((filterObjectPointer->name.compare("0.0.0.0") == 0) || (filterObjectPointer->name.compare("0") == 0)) && ((filterObjectPointer->netmask.compare("0.0.0.0") == 0) || (filterObjectPointer->netmask.compare("0") == 0))) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->type = anyObject; + filterObjectPointer->serviceOper = serviceOperEqual; + } + else if (filterObjectPointer->netmask.compare("255.255.255.255") == 0) + filterObjectPointer->type = hostObject; + else + filterObjectPointer->type = networkObject; + tempInt++; + + // Source Service + if (tempInt < command->parts) + { + filterObjectPointer = addFilterObject(filterPointer, sourceService); + filterObjectPointer->type = serviceObject; + if (strcmp(command->part(tempInt), "0") == 0) + { + filterObjectPointer->name.assign(i18n("Any")); + filterObjectPointer->serviceOper = serviceOperAny; + } + else if (strchr(command->part(tempInt), '-') == 0) + { + filterObjectPointer->name.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + else + { + tempString.assign(command->part(tempInt)); + tempString.erase(tempString.find("-")); + filterObjectPointer->name.assign(command->part(tempInt)); + tempString.assign(command->part(tempInt)); + tempString.erase(0, tempString.find("-")); + filterObjectPointer->netmask.assign(command->part(tempInt)); + filterObjectPointer->serviceOper = serviceOperRange; + } + tempInt++; + } + + // Protocol... + if (tempInt < command->parts) + { + filterObjectPointer = addFilterObject(filterPointer, protocol); + filterObjectPointer->type = protocolObject; + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->name.assign(command->part(tempInt)); + } + } + + // Object Group... + else if (strcmp(command->part(0), "object-group") == 0) + { + fgetpos(device->inputFile, &filePosition); + + while (((line[0] == ' ') || (strcmp(command->part(0), "object-group") == 0)) && (feof(device->inputFile) == 0)) + { + + // Object Group... + if (strcmp(command->part(0), "object-group") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer = getObjectList(command->part(2)); + + if (strcmp(command->part(1), "protocol") == 0) + { + objectListPointer->type = protocolObject; + objectListPointer->title = protocolObjectName; + objectListPointer->description = protocolObjectDescription; + } + else if (strcmp(command->part(1), "network") == 0) + { + objectListPointer->type = networkObject; + objectListPointer->title = networkObjectName; + objectListPointer->description = networkObjectDescription; + } + else if (strcmp(command->part(1), "service") == 0) + { + objectListPointer->type = serviceObject; + objectListPointer->title = serviceObjectName; + objectListPointer->description = serviceObjectDescription; + if (command->parts == 4) + { + if (strcmp(command->part(3), "tcp") == 0) + objectListPointer->tcp = true; + else if (strcmp(command->part(3), "udp") == 0) + objectListPointer->udp = true; + else + { + objectListPointer->tcp = true; + objectListPointer->udp = true; + } + } + } + else // ICMP + { + objectListPointer->type = icmpObject; + objectListPointer->title = serviceObjectName; + objectListPointer->description = serviceObjectDescription; + } + } + + // Description + else if (strcmp(command->part(0), "description") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Description Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + objectListPointer->comment.assign(strstr(line, command->part(1))); + } + + // Group-Object + else if (strcmp(command->part(0), "group-object") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + filterObjectPointer = addObject(objectListPointer); + filterObjectPointer->type = groupObject; + filterObjectPointer->name.assign(command->part(1)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + + // ICMP-Object + else if (strcmp(command->part(0), "icmp-object") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group ICMP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + filterObjectPointer = addObject(objectListPointer); + filterObjectPointer->type = icmpObject; + tempInt2 = atoi(command->part(1)); + if ((tempInt2 > 0) || (strcmp(command->part(1), "0") == 0)) + { + filterObjectPointer->name.assign(device->getICMPName(tempInt2)); + if (filterObjectPointer->name.empty()) + filterObjectPointer->name.assign(command->part(1)); + } + else + filterObjectPointer->name.assign(command->part(1)); + device->addICMPType(filterObjectPointer->name.c_str()); + filterObjectPointer->serviceOper = serviceOperEqual; + } + + // Network-Object + else if (strcmp(command->part(0), "network-object") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Network Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + filterObjectPointer = addObject(objectListPointer); + filterObjectPointer->type = networkObject; + if (strcmp(command->part(1), "host") == 0) + { + filterObjectPointer->type = hostObject; + filterObjectPointer->name.assign(command->part(2)); + } + else + { + filterObjectPointer->name.assign(command->part(1)); + filterObjectPointer->netmask.assign(command->part(2)); + if (strcmp(command->part(2), "255.255.255.255") == 0) + filterObjectPointer->type = hostObject; + } + filterObjectPointer->serviceOper = serviceOperEqual; + } + + // Protocol-Object + else if (strcmp(command->part(0), "protocol-object") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Protocol Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + filterObjectPointer = addObject(objectListPointer); + filterObjectPointer->type = protocolObject; + tempInt2 = atoi(command->part(1)); + if ((tempInt2 > 0) || (strcmp(command->part(1), "0") == 0)) + { + filterObjectPointer->name.assign(device->getProtocol(tempInt2)); + if (filterObjectPointer->name.empty()) + filterObjectPointer->name.assign(command->part(1)); + } + else + filterObjectPointer->name.assign(command->part(1)); + filterObjectPointer->serviceOper = serviceOperEqual; + } + + // Port-Object + else if (strcmp(command->part(0), "port-object") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Group Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + filterObjectPointer = addObject(objectListPointer); + filterObjectPointer->type = portObject; + if (strcmp(command->part(1), "eq") == 0) + { + filterObjectPointer->serviceOper = serviceOperEqual; + filterObjectPointer->name.assign(command->part(2)); + } + else + { + filterObjectPointer->serviceOper = serviceOperRange; + filterObjectPointer->name.assign(command->part(2)); + filterObjectPointer->netmask.assign(command->part(3)); + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Security/filter.h b/libnipper-0.12.6/Cisco-Security/filter.h new file mode 100644 index 0000000..20ef2dc --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/filter.h @@ -0,0 +1,61 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoSecFilter_H +#define CiscoSecFilter_H + + +#include "../device/filter/filter.h" + + +class CiscoSecFilter : public Filter +{ + public: + CiscoSecFilter(); + + protected: + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + + private: + // Filter text... + const char *standardACLText; + const char *standardACLDescription; + const char *extendedACLText; + const char *extendedACLDescription; + const char *conduitText; + const char *conduitDescription; + const char *outboundText; + const char *outboundDescription; +}; + + +#endif + diff --git a/libnipper-0.12.6/Cisco-Security/general.cpp b/libnipper-0.12.6/Cisco-Security/general.cpp new file mode 100644 index 0000000..6b39afe --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/general.cpp @@ -0,0 +1,115 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +CiscoSecGeneral::CiscoSecGeneral() +{ +} + + +int CiscoSecGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Hostname + if (strcmp(command->part(tempInt), "hostname") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHostname Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostname = command->part(tempInt + 1); + } + + return 0; +} + + +int CiscoSecGeneral::processDefaults(Device *device) +{ + // Split Version Numbers... + if ((!version.empty()) && (versionMajor == 0)) + { + versionMajor = atoi(version.c_str()); + versionMinor = atoi(strchr(version.c_str(), '.') + 1); + versionRevision = atoi(strchr(version.c_str(), '(') + 1); + noMinor = false; + noRevision = false; + } + + return 0; +} + + +int CiscoSecGeneral::processSpecificDefaults() +{ + return 0; +} + + +int CiscoSecGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; + + return errorCode; +} + + +int CiscoSecGeneral::generateSecuritySpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; + + return errorCode; +} diff --git a/libnipper-0.12.6/Cisco-Security/general.h b/libnipper-0.12.6/Cisco-Security/general.h new file mode 100644 index 0000000..f3ddede --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/general.h @@ -0,0 +1,57 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ciscosecdevicegeneral_H +#define ciscosecdevicegeneral_H + +#include "../device/general/general.h" + + +class CiscoSecGeneral : public General +{ + public: + CiscoSecGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int processSpecificDefaults(); + + // Reporting... + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + private: + //unsigned int servicePasswordEncryption; +}; + + +#endif diff --git a/libnipper-0.12.6/Cisco-Security/interfaces.cpp b/libnipper-0.12.6/Cisco-Security/interfaces.cpp new file mode 100644 index 0000000..fbf7b88 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/interfaces.cpp @@ -0,0 +1,279 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "interfaces.h" +#include "general.h" + + +CiscoSecInterfaces::CiscoSecInterfaces() +{ + // Interface Options... + useModuleAndPort = false; // Use the module / port instead of the name + useInterfaceZone = true; // Use the interface zone + zoneName = i18n("Name"); // The name for zone field + filterIn = i18n("*ABBREV*ACL*-ABBREV*"); // The filter in table title text + filterOut = i18n("*ABBREV*ACL*-ABBREV* Out"); // The filter out table title text + showDescription = false; // Show the interface description + cdpGlobalRequired = false; // If CDP needs to be enabled globally as well + disableCDPText = i18n(""); // The text and commands to disable CDP + cdpSupported = false; // Is CDP supported on interfaces + disableProxyARPText = i18n(""); // The text and commands to disable Proxy ARP + disableUnreachablesText = i18n(""); // The text and commands to disable ICMP unreachable messages + disableInformationText = i18n(""); // The text and commands to disable ICMP information messages + disableMaskText = i18n(""); // The text and commands to disable ICMP mask messages + disableRedirectText = i18n(""); // The text and commands to disable ICMP redirect messages + disableDirectedText = i18n(""); // The text and commands to disable directed broadcasts + disableMOPText = i18n(""); // The text and commands to disable MOP + disableActiveText = i18n("Interfaces can be disabled *DEVICETYPE* device using the following command:*CODE**COMMAND*interface *CMDUSER*interface-name*-CMDUSER* shutdown*-COMMAND**-CODE*"); // The text and commands to disable potentially unused interfaces + filterName = i18n("*ABBREV*ACL*-ABBREV*"); // The filter list name for use in the filter issue text + configFilterText = i18n("An *ABBREV*ACL*-ABBREV* can be configured on an interface with the following command:*CODE**COMMAND*access-group *CMDUSER*acl*-CMDUSER* in interface *CMDUSER*interface-name*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure network filtering + defaultAutoTrunk = false; // Default to automatically trunk + disableTrunkText = i18n(""); // The text and commands to disable trunking on a port + enablePortSecurityText = i18n(""); // The text and commands to enable port security +} + + +int CiscoSecInterfaces::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + interfaceListConfig *interfaceListPointer = 0; + interfaceConfig *interfacePointer = 0; + fpos_t filePosition; + int tempInt = 0; + + // Sort out the interface list first... + interfaceListPointer = getInterfaceList("PHYSINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Physical Network Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices physical network interfaces."); + interfaceListPointer->tableTitle = i18n("Physical network interfaces"); + interfaceListPointer->label = "PHYSINTERFACES"; + interfaceListPointer->useSecurityLevel = true; + interfaceListPointer->useStandbyAddress = true; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = false; // Is the outbound filtering supported? + } + + // nameif... + if (strcmp(command->part(0), "nameif") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(interfaceListPointer, command->part(1)); + interfacePointer->zone.assign(command->part(2)); + interfacePointer->securityLevel = atoi(command->part(3) + 8); + } + + // IP address... + else if ((strcmp(command->part(0), "ip") == 0) && (strcmp(command->part(1), "address") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterfaceByZone(interfaceListPointer, command->part(2)); + if (interfacePointer != 0) + { + interfacePointer->address.assign(command->part(3)); + if (command->parts > 4) + interfacePointer->netmask.assign(command->part(4)); + } + } + + // failover... + else if ((strcmp(command->part(0), "failover") == 0) && (strcmp(command->part(1), "ip") == 0) && (strcmp(command->part(2), "address") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFailover IP Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterfaceByZone(interfaceListPointer, command->part(3)); + if (interfacePointer != 0) + interfacePointer->standbyAddress.assign(command->part(4)); + } + + // Interface... + else if (strcmp(command->part(0), "interface") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getOnlyInterface(interfaceListPointer, command->part(1)); + if (interfacePointer != 0) + { + if (strcmp(command->part(command->parts - 1), "shutdown") == 0) + interfacePointer->enabled = false; + } + + else + { + interfacePointer = getInterface(interfaceListPointer, command->part(1)); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((line[0] == ' ') && (feof(device->inputFile) == 0)) + { + + // Name... + if (strcmp(command->part(0), "nameif") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->zone.assign(command->part(1)); + } + + // security-level... + else if (strcmp(command->part(0), "security-level") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Security Level Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->securityLevel = atoi(command->part(1)); + } + + // description... + else if (strcmp(command->part(0), "description") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Descriptionl Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + interfacePointer->description.assign(strstr(line, command->part(1))); + } + + // shutdown... + else if (strcmp(command->part(0), "shutdown") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Shutdown Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->enabled = false; + } + + // ip address... + else if ((strcmp(command->part(0), "ip") == 0) && (strcmp(command->part(1), "address") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface IP Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->address.assign(command->part(2)); + if ((command->parts > 3) && (strcmp(command->part(3), "standby") != 0)) + { + interfacePointer->netmask.assign(command->part(3)); + tempInt = 4; + } + else + tempInt = 3; + if (strcmp(command->part(tempInt), "standby") == 0) + interfacePointer->standbyAddress.assign(command->part(tempInt + 1)); + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + } + + // Access Group... + else if (strcmp(command->part(0), "access-group") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAccess Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Old style... + interfacePointer = getInterfaceByZone(interfaceListPointer, command->part(4)); + if (interfacePointer != 0) + { + if (strcmp(command->part(2), "in") == 0) + addFilterList(interfacePointer, command->part(1), true); + else + { + addFilterList(interfacePointer, command->part(1), false); + interfaceListPointer->outboudFilterSupported = true; + } + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoSecInterfaces::processDefaults(Device *device) +{ + // Variables... + interfaceListConfig *interfaceListPointer = 0; + + if (device->general != 0) + { + if (device->general->versionMajor > 6) + { + filterIn = i18n("*ABBREV*ACL*-ABBREV* In"); // The filter in table title text + interfaceListPointer = interfaceList; + while (interfaceListPointer != 0) + { + interfaceListPointer->outboudFilterSupported = true; // Is the outbound filtering supported? + interfaceListPointer = interfaceListPointer->next; + } + } + } + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Security/interfaces.h b/libnipper-0.12.6/Cisco-Security/interfaces.h new file mode 100644 index 0000000..1ba78f1 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/interfaces.h @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef CiscoSecInterfaces_H +#define CiscoSecInterfaces_H + + +#include "../device/interfaces/interfaces.h" + + +class CiscoSecInterfaces : public Interfaces +{ + public: + + CiscoSecInterfaces(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); +}; + +#endif diff --git a/libnipper-0.12.6/Cisco-Security/snmp.cpp b/libnipper-0.12.6/Cisco-Security/snmp.cpp new file mode 100644 index 0000000..6b4e872 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/snmp.cpp @@ -0,0 +1,299 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include +#include +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "snmp.h" + +using namespace std; + + +CiscoSecSNMP::CiscoSecSNMP() +{ + // Init SNMP support options... + deviceSNMPSupportText = i18n("*DEVICETYPE* do not support version 3 of the *ABBREV*SNMP*-ABBREV*. "); // Intro Config section device specific text. + supportSNMP3 = false; // Does this device support SNMPv3? + supportSNMP3Upgrade = false; // Do you have to upgrade to get support for SNMPv3 + supportSNMP3UpgText = i18n(""); // SNMP 3 is supported from OS version ... + // The following is set in the defaults section, due to slight differences between software versions + //disableSNMPCmdText = i18n(""); // The text and command(s) to disable SNMP support + configSNMPCommunityText = i18n("*ABBREV*SNMP*-ABBREV* community strings can be configured with the following command:*CODE**COMMAND*snmp-server community *CMDUSER*community-string*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure a community string + // Not supported - configSNMP3Text = i18n(""); // The text and command(s) to configure SNMP version 3 + // Not supported - configSNMPViewText = i18n(""); // The text and command(s) to configure SNMP views + configSNMPTrapsText = i18n("*ABBREV*SNMP*-ABBREV* trap hosts can be configured with the following command:*CODE**COMMAND*snmp-server host *CMDUSER*interface*-CMDUSER* *CMDUSER*ip-address*-CMDUSER* trap community *CMDUSER*community-string*-CMDUSER* *CMDOPTION*version *CMDREQUIRE*1 *CMDOR* 2c*-CMDREQUIRE**-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP traps + // Not supported - configSNMPInformsText = i18n(""); // The text and command(s) to configure SNMP informs + // N/A - configSNMPReadOnlyText = i18n(""); // The text and command(s) to configure SNMP read only access + configSNMPFilterText = i18n("Access to *ABBREV*SNMP*-ABBREV* from a *ABBREV*NMS*-ABBREV* or *ABBREV*SNMP*-ABBREV* management host can be configured using the following command:*CODE**COMMAND*snmp-server host *CMDUSER*ip-address*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP filtering + + enabled = false; // Is the SNMP server enabled? + snmp12Enabled = false; // Is SNMP versions 1 or 2 configured? + snmp3Enabled = false; // Is SNMP version 3 configured? + + + // Community Options... + communitySpecificFilters = true; // If the device uses an SNMP specific list. If false, it is std device filters + communityRequiresHosts = true; // If the SNMP community will not work without a list of those who can access it + + // Default communities... + defaultReadOnly = "public"; // Default read only community + + // SNMP Trap/Inform Host Options... + trapsOnly = true; // Only Traps are supported + trapsSNMPv3 = false; // SNMP v3 support for traps + trapsShowPort = true; // Show Trap Host Port in Table + trapsInterface = true; // Show Interface in Table + trapsInterfaceText = i18n("Interface"); // The Traps/Informs Host Table Interface Column Title + trapsShowNotifications = false; // Show Notifications in the Table + trapsShowEventLevel = false; // Show Notification Event Level in the Table + + // Traps/Informs Options... + trapsShowExcluded = false; // Show excluded traps + trapsShowOptions = true; // Show trap options + + // Host Options... + hostShowInterface = false; // Show the Interface in the Table + hostShowCommunity = false; // Show the Community in the Table + hostShowFilterID = false; // Show a filter ID if used + hostFilterText = i18n("Filter"); // The Table column title for the filter text +} + + +int CiscoSecSNMP::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + snmpCommunity *communityPointer = 0; + snmpTrapHost *trapHostPointer = 0; + snmpHostStruct *snmpHostPointer = 0; + snmpTrap *snmpTrapPointer = 0; + int tempInt = 0; + int tempInt2 = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 2; + setting = false; + } + else + { + tempInt = 1; + setting = true; + } + + // Disable SNMP... + if (strcmp(command->part(tempInt), "enable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + enabled = setting; + } + + // Location... + else if (strcmp(command->part(tempInt), "location") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Location Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + location.assign(line + 9 + string(line).find("location")); + } + + // Contact... + else if (strcmp(command->part(tempInt), "contact") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Contact Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + contact.assign(line + 8 + string(line).find("contact")); + } + + // Listen Port... + else if (strcmp(command->part(tempInt), "listen-port") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Listen Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + listenPort = atoi(command->part(tempInt + 1)); + else + listenPort = 161; + } + + // snmp community? + else if (strcmp(command->part(tempInt), "community") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + communityPointer = addSNMPCommunity(); + communityPointer->community.assign(command->part(tempInt)); + communityPointer->type = communityReadOnly; + communityPointer->enabled = setting; + } + + // SNMP Trap Host... + else if ((strcmp(command->part(tempInt), "host") == 0) && (strcmp(command->part(tempInt + 3), "trap") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapHostPointer = addSNMPTrapHost(); + trapHostPointer->version = 1; + trapHostPointer->port = 162; + trapHostPointer->trap = false; + trapHostPointer->interface.assign(command->part(tempInt)); + tempInt++; + trapHostPointer->host.assign(command->part(tempInt)); + tempInt += 2; + + while (tempInt < command->parts) + { + // Community? + if (strcmp(command->part(tempInt), "community") == 0) + { + tempInt++; + trapHostPointer->community.assign(command->part(tempInt)); + } + + // Version? + else if (strcmp(command->part(tempInt), "version") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "2c") == 0) + trapHostPointer->version = 2; + else + trapHostPointer->version = 1; + } + + // UDP Port? + else if (strcmp(command->part(tempInt), "udp-port") == 0) + { + tempInt++; + trapHostPointer->port = atoi(command->part(tempInt)); + } + + tempInt++; + } + } + + // SNMP NMS Host... + else if (strcmp(command->part(tempInt), "host") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP NMS Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + snmpHostPointer = addHost(); + snmpHostPointer->interface.assign(command->part(tempInt)); + tempInt++; + snmpHostPointer->host.assign(command->part(tempInt)); + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "community") == 0) + { + tempInt++; + snmpHostPointer->community.assign(command->part(tempInt)); + } + tempInt++; + } + } + + // SNMP Trap... + else if ((strcmp(command->part(tempInt), "enable") == 0) && (strcmp(command->part(tempInt + 1), "traps") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + { + tempInt += 2; + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign(command->part(tempInt)); + tempInt2 = tempInt; + tempInt++; + if (tempInt < command->parts) + { + snmpTrapPointer->options.assign(command->part(tempInt)); + tempInt++; + } + + while (tempInt < command->parts) + { + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign(command->part(tempInt2)); + snmpTrapPointer->options.assign(command->part(tempInt)); + tempInt++; + } + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int CiscoSecSNMP::processDefaults(Device *device) +{ + // Variables... + snmpCommunity *communityPointer = 0; + + // Enable SNMP support? + communityPointer = community; + while (communityPointer != 0) + { + if ((communityPointer->enabled == true) && (hostCommunityExists(communityPointer->community.c_str()) == true)) + { + enabled = true; + snmp12Enabled = true; + } + communityPointer = communityPointer->next; + } + + // Set disable SNMP text... + if (device->general->versionMajor > 6) + disableSNMPCmdText = i18n("*ABBREV*SNMP*-ABBREV* can be disabled with the following command:*CODE**COMMAND*no snmp-server enable*-COMMAND**-CODE*"); // The text and command(s) to disable SNMP support + else + disableSNMPCmdText = i18n("*ABBREV*SNMP*-ABBREV* can be disabled with the following command:*CODE**COMMAND*no snmp-server*-COMMAND**-CODE*"); // The text and command(s) to disable SNMP support + + return 0; +} + diff --git a/libnipper-0.12.6/Cisco-Security/snmp.h b/libnipper-0.12.6/Cisco-Security/snmp.h new file mode 100644 index 0000000..5011061 --- /dev/null +++ b/libnipper-0.12.6/Cisco-Security/snmp.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ciscosecdevicesnmp_H +#define ciscosecdevicesnmp_H + +#include "../device/snmp/snmp.h" + + +class CiscoSecSNMP : public SNMP +{ + public: + CiscoSecSNMP(); + + protected: + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/all-wcprops b/libnipper-0.12.6/HP-ProCurve/.svn/all-wcprops new file mode 100644 index 0000000..9c5b541 --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/all-wcprops @@ -0,0 +1,107 @@ +K 25 +svn:wc:ra_dav:version-url +V 50 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve +END +snmp.h +K 25 +svn:wc:ra_dav:version-url +V 57 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/snmp.h +END +general.h +K 25 +svn:wc:ra_dav:version-url +V 60 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/general.h +END +interfaces.cpp +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/interfaces.cpp +END +dns.cpp +K 25 +svn:wc:ra_dav:version-url +V 58 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/dns.cpp +END +authentication.h +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/authentication.h +END +administration.cpp +K 25 +svn:wc:ra_dav:version-url +V 69 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/administration.cpp +END +snmp-report.cpp +K 25 +svn:wc:ra_dav:version-url +V 66 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/snmp-report.cpp +END +interfaces.h +K 25 +svn:wc:ra_dav:version-url +V 63 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/interfaces.h +END +dns.h +K 25 +svn:wc:ra_dav:version-url +V 56 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/dns.h +END +administration.h +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/administration.h +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 61 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/device.cpp +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 59 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/device.h +END +banner.cpp +K 25 +svn:wc:ra_dav:version-url +V 61 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/banner.cpp +END +banner.h +K 25 +svn:wc:ra_dav:version-url +V 59 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/banner.h +END +general.cpp +K 25 +svn:wc:ra_dav:version-url +V 62 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/general.cpp +END +snmp.cpp +K 25 +svn:wc:ra_dav:version-url +V 59 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/snmp.cpp +END +authentication.cpp +K 25 +svn:wc:ra_dav:version-url +V 69 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/HP-ProCurve/authentication.cpp +END diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/entries b/libnipper-0.12.6/HP-ProCurve/.svn/entries new file mode 100644 index 0000000..1d64a89 --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/entries @@ -0,0 +1,606 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/HP-ProCurve +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +general.cpp +file + + + + +2016-02-13T06:47:11.404156Z +49ffb00600530fab99f869a16d3ffba7 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7756 + +snmp.cpp +file + + + + +2016-02-13T06:47:11.400156Z +3541fd7049f09ffbc400a4b34bd25e9e +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +15421 + +authentication.cpp +file + + + + +2016-02-13T06:47:11.404156Z +b0e66e61e0b64846cf5688ea269c6643 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +11376 + +snmp.h +file + + + + +2016-02-13T06:47:11.404156Z +f687a58b517c9a01d5b6ec4f93db69c5 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2839 + +general.h +file + + + + +2016-02-13T06:47:11.404156Z +2b7a50820c1631f4cbfe59037b8fd3f0 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2862 + +interfaces.cpp +file + + + + +2016-02-13T06:47:11.404156Z +c8f288f1b85013fa1e962009ab21a003 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6865 + +dns.cpp +file + + + + +2016-02-13T06:47:11.404156Z +049580e075b5cfc39e5e8f14382f8c6d +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5500 + +authentication.h +file + + + + +2016-02-13T06:47:11.404156Z +00aeab50947918a8f4808d8200142368 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2989 + +administration.cpp +file + + + + +2016-02-13T06:47:11.404156Z +d13de3236d2d5bc59fefe92be917ca4a +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +20732 + +snmp-report.cpp +file + + + + +2016-02-13T06:47:11.404156Z +7f2b77dd970a06f856128b3aafa6a042 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +17343 + +interfaces.h +file + + + + +2016-02-13T06:47:11.404156Z +48b3b99b4bfd90b4eb225e0ae1093746 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2597 + +dns.h +file + + + + +2016-02-13T06:47:11.404156Z +9f84fd5506bbf92abad56a11fd2d4c72 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2597 + +administration.h +file + + + + +2016-02-13T06:47:11.404156Z +95fb7983b000b4d427ea879cae9849d6 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3723 + +device.cpp +file + + + + +2016-02-13T06:47:11.400156Z +aee0dec10a786aa705e0ecfc88b84ffb +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7920 + +device.h +file + + + + +2016-02-13T06:47:11.400156Z +494b47ae773ff8a33e5d43d04d3ee77e +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2543 + +banner.cpp +file + + + + +2016-02-13T06:47:11.400156Z +da20aab4ac3a6128b3b0b04c94e02af7 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4747 + +banner.h +file + + + + +2016-02-13T06:47:11.400156Z +27f9c6a6d8d35687957bb025ec7e527d +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2538 + diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/administration.cpp.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/administration.cpp.svn-base new file mode 100644 index 0000000..b817a6b --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/administration.cpp.svn-base @@ -0,0 +1,573 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "administration.h" + + +ProCurveAdministration::ProCurveAdministration() +{ + + // ----------------------------------------------------------------------- + // Device Specific Settings... + // ----------------------------------------------------------------------- + + // General... + generalSettings = true; // Show the general settings section? + consoleEnabled = true; // Is the Console port enabled? + consoleSupported = true; // Is a console port supported? + consoleTimeoutSupported = false; // Is a console timeout supported? + consoleTimeout = 0; // Console timeout + configConsoleTimeout = i18n(""); // The text and commands to configure the timeout + connectionTimeoutSupported = true; // Is a connection timeout supported? + connectionTimeout = 0; // Connection Timeout + configTimeout = i18n("An inactivity timeout can be configured with the following command:*CODE**COMMAND*console inactivity-timer *CMDUSER*timeout-minutes*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure the timeout + + // Host restrictions... + serviceWideHosts = true; // Do all the admin services share a common host restrictions? + showHostAccess = true; // Show the Access column in the host table? + serviceConfigHosts = i18n("Management hosts can be configured with the following command:*CODE**COMMAND*ip authorized-managers *CMDUSER*ip-address*-CMDUSER* *CMDUSER*netmask*-CMDUSER**-COMMAND**-CODE*"); // Text, how to configure administrative host restrictions. + + // Telnet options... + telnetSupported = true; // Is telnet supported? + telnetEnabled = true; // Is Telnet enabled? + telnetPort = 23; // The telnet service port + telnetHostsRequired = true; // Is the host configuration required? + disableTelnet = i18n("The Telnet service can be disabled on *DEVICETYPE* devices with the following command:*CODE*no telnet-server*-CODE*"); // How to disable telnet text... + + // TFTP options... + tftpSupported = true; // Is TFTP supported? + tftpEnabled = true; // Is TFTP enabled? + tftpPort = 69; // The TFTP service port + tftpSpecificHost = false; // Does TFTP have its own access list? + tftpHostsRequired = false; // Is the host configuration required? + showTFTPHostInterface = false; // Show the Interface column in the host table? + configTFTPHostAccess = i18n(""); // How access lists are configured for the TFTP service + disableTFTP = i18n("The *ABBREV*TFTP*-ABBREV* service can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*no tftp server*-COMMAND**-CODE*"); // How to disable TFTP text... + + // SSH options... + sshSupported = true; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = false; // Is the SSH service enabled? + sshVersion = 2; // What is the SSH Protocol version (0 = 1 and 2) + sshPort = 22; // The SSH port number + configSSHSupport = i18n("The *ABBREV*SSH*-ABBREV* service can be enabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*ip ssh*-COMMAND**-CODE*"); // How to configure SSH... + sshHostsRequired = true; // Is the host configuration required? + + sftpEnabled = false; // Is SFTP enabled? + sftpSupported = true; // Is SFTP supported? + configSFTP = i18n("*ABBREV*SFTP*-ABBREV* can be enabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*ip ssh filetransfer*-COMMAND**-CODE*"); // Text and commands to configure SFTP + scpSupported = true; // Is SCP supported? + scpEnabled = false; // Is SCP enabled? + + // SSH 2 support... + ssh2Supported = true; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + configSSHv2Support = i18n(""); // How to configure protocol version 2 support only + + // Config report SSH support text + sshConfigProtocolSupport = i18n(""); // Config report text on protocol support (e.g. supports both version 1 and 2 of the protocol) + + // HTTP(S) options... + httpSupported = true; // Does this device support HTTP + httpsSupported = true; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = true; // Is the HTTP service enabled? + httpPort = 80; // HTTP port + httpsEnabled = false; // Is the HTTPS service enabled? + httpsPort = 443; // HTTPS port + httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? + httpSpecificTimeout = false; // A HTTP Specific Timeout? + httpTimeout = 0; // The HTTP Timeout (secs) + configHTTPTimeout = i18n(""); // The text and commands to configure the timeout + httpLabel = i18n("*ABBREV*HTTP*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*HTTPS*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + httpSpecificHost = false; // Does HTTP have its own access list? + httpHostsRequired = false; // Is the host configuration required? + showHTTPHostInterface = false; // Show the Interface column in the host table? + configHTTPHostAccess = i18n(""); // How to configure HTTP Management hosts... + disableHTTP = i18n(""); // How to disable HTTP text... + configHTTPSSupport = i18n(""); // How to configure HTTPS... + + // HP Procurve specific settings... + consoleBaudRate = 0; // The console line baud rate + consoleFlowXONControl = true; // Flow Control 0 = none, 1 = XON, 2 = XOFF + consoleLocalType = 0; // 0 = VT100, 1 = none, 2 = ANSI + consoleAllType = 0; // 0 = VT100, 1 = none, 2 = ANSI + telnet6ServerEnabled = true; // Telnet IPv6 Server + tftp6ServerEnabled = true; // TFTP IPv6 Server + sshIPProtocol = 0; // SSH IP (0 = 4 & 6, 4 = 4, 6 =6) +} + + +int ProCurveAdministration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + hostFilter *hostPointer = 0; + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Console... + if (strcmp(command->part(tempInt), "console") == 0) + { + tempInt++; + + // timeout... + if (strcmp(command->part(tempInt), "console") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + connectionTimeout = atoi(command->part(tempInt)); + if (connectionTimeout != 0) + connectionTimeout = connectionTimeout * 60; + } + + // baud rate + else if (strcmp(command->part(tempInt), "baud-rate") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole Baud Rate Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt), "speed-sense") == 0) + consoleBaudRate = 0; + else + consoleBaudRate = atoi(command->part(tempInt)); + } + + // flow control + else if (strcmp(command->part(tempInt), "flow-control") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFlow Control Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcasecmp(command->part(tempInt), "none") == 0) + consoleFlowXONControl = false; + else + consoleFlowXONControl = true; + } + + // local terminal + else if (strcmp(command->part(tempInt), "local-terminal") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLocal Terminal Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcasecmp(command->part(tempInt), "none") == 0) + consoleLocalType = 1; + else if (strcasecmp(command->part(tempInt), "ansi") == 0) + consoleLocalType = 2; + else + consoleLocalType = 0; + } + + // terminal + else if (strcmp(command->part(tempInt), "terminal") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTerminal Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcasecmp(command->part(tempInt), "none") == 0) + consoleLocalType = 1; + else if (strcasecmp(command->part(tempInt), "ansi") == 0) + consoleLocalType = 2; + else + consoleLocalType = 0; + consoleAllType = consoleLocalType; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // Web Management... + else if (strcmp(command->part(tempInt), "web-management") == 0) + { + tempInt++; + + // Management URL + if (strcmp(command->part(tempInt), "management-url") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sWeb Manage URL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + webManagementURL.assign(command->part(tempInt)); + } + + // Support URL + else if (strcmp(command->part(tempInt), "support-url") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sWeb Support URL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + webSupportURL.assign(command->part(tempInt)); + } + + // HTTP + else if ((strcmp(command->part(tempInt), "plaintext") == 0) || (tempInt == command->parts)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sWeb Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + httpEnabled = setting; + } + + // HTTPS + else if (strcmp(command->part(tempInt), "ssl") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sWeb Secure Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + httpsEnabled = setting; + tempInt++; + if (tempInt < command->parts) + httpsPort = atoi(command->part(tempInt)); + } + + // All others... + else + device->lineNotProcessed(line); + } + + // Telnet... + else if (strcmp(command->part(tempInt), "telnet-server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTelnet Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + telnetEnabled = setting; + } + + // Telnet IPv6... + else if (strcmp(command->part(tempInt), "telnet6-server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTelnet IPv6 Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + telnet6ServerEnabled = setting; + } + + // TFTP Server... + else if ((strcmp(command->part(tempInt), "tftp") == 0) && (strcmp(command->part(tempInt + 1), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTFTP Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tftpEnabled = setting; + } + + // TFTP6 Server... + else if ((strcmp(command->part(tempInt), "tftp6") == 0) && (strcmp(command->part(tempInt + 1), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTFTP 6 Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tftp6ServerEnabled = setting; + } + + else if (strcmp(command->part(tempInt), "ip") == 0) + { + tempInt++; + + // Authorised Managers... + if (strcmp(command->part(tempInt), "authorized-managers") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sManagement Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostPointer = addHostFilter(allServices); + hostPointer->access.assign("manager"); + tempInt++; + hostPointer->host.assign(command->part(tempInt)); + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "access") == 0) + { + tempInt++; + hostPointer->access.assign(command->part(tempInt)); + } + else + hostPointer->netmask.assign(command->part(tempInt)); + tempInt++; + } + } + + // SSH + else if (strcmp(command->part(tempInt), "ssh") == 0) + { + tempInt++; + + // filetransfer + if (strcmp(command->part(tempInt), "filetransfer") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH SCP/SFTP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + { + sftpEnabled = true; + scpEnabled = true; + tftpEnabled = false; + tftp6ServerEnabled = false; + } + else + { + sftpEnabled = false; + scpEnabled = false; + } + } + + // Port + else if (strcmp(command->part(tempInt), "port") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt), "default") == 0) + sshPort = 22; + else + sshPort = atoi(command->part(tempInt)); + } + + // SSH IP protocol version + else if (strcmp(command->part(tempInt), "ip-version") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH IP Protocol Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt), "4or6") == 0) + sshIPProtocol = 0; + else if (command->part(tempInt)[0] == '4') + sshIPProtocol = 4; + else + sshIPProtocol = 6; + } + + // SSH + else if (command->parts == tempInt) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + sshEnabled = setting; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int ProCurveAdministration::processDefaults(Device *device) +{ + // No administrative hosts? + if (serviceHosts == 0) + { + telnetEnabled = false; + sshEnabled = false; + } + + return 0; +} + + +int ProCurveAdministration::generateDeviceGeneralConfig(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINGENERAL-TABLE"); + + // Type... + device->addTableData(paragraphPointer->table, i18n("Console type")); + switch (consoleLocalType) + { + case 1: + device->addTableData(paragraphPointer->table, i18n("None")); + break; + case 2: + device->addTableData(paragraphPointer->table, i18n("*ABBREV*ANSI*-ABBREV*")); + break; + default: + device->addTableData(paragraphPointer->table, i18n("VT100")); + break; + } + + // Speed... + device->addTableData(paragraphPointer->table, i18n("Console data transmission speed")); + if (consoleBaudRate == 0) + device->addTableData(paragraphPointer->table, i18n("Auto")); + else + { + tempString.assign(device->intToString(consoleBaudRate)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + + // Control + device->addTableData(paragraphPointer->table, i18n("Flow Control")); + if (consoleFlowXONControl == true) + device->addTableData(paragraphPointer->table, i18n("XON/XOFF")); + else + device->addTableData(paragraphPointer->table, i18n("None")); + + return 0; +} + + +int ProCurveAdministration::generateDeviceTelnetConfig(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + + paragraphPointer = device->getTableParagraphPointer("CONFIG-SERVICES-TABLE"); + device->addTableData(paragraphPointer->table, i18n("Telnet *ABBREV*IPv6*-ABBREV* Service")); + if (telnet6ServerEnabled == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINTELNET-TABLE"); + + // IP Protocol Versions... + device->addTableData(paragraphPointer->table, i18n("Telnet *ABBREV*IPv6*-ABBREV* service")); + if (telnet6ServerEnabled == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + return 0; +} + + +int ProCurveAdministration::generateDeviceHTTPConfig(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINHTTP-TABLE"); + + // URLs + if (!webManagementURL.empty()) + { + device->addTableData(paragraphPointer->table, i18n("Management *ABBREV*URL*-ABBREV*")); + device->addTableData(paragraphPointer->table, webManagementURL.c_str()); + } + if (!webSupportURL.empty()) + { + device->addTableData(paragraphPointer->table, i18n("Support *ABBREV*URL*-ABBREV*")); + device->addTableData(paragraphPointer->table, webSupportURL.c_str()); + } + + return 0; +} + + +int ProCurveAdministration::generateDeviceTFTPConfig(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + + paragraphPointer = device->getTableParagraphPointer("CONFIG-SERVICES-TABLE"); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*TFTP*-ABBREV* *ABBREV*IPv6*-ABBREV* Service")); + if (tftp6ServerEnabled == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINTFTP-TABLE"); + + // IP Protocol Versions... + device->addTableData(paragraphPointer->table, i18n("*ABBREV*TFTP*-ABBREV* *ABBREV*IPv6*-ABBREV* service")); + if (tftp6ServerEnabled == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + return 0; +} + + +int ProCurveAdministration::generateDeviceSSHConfig(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINSSH-TABLE"); + + // IP Protocol Versions... + device->addTableData(paragraphPointer->table, i18n("*ABBREV*IP*-ABBREV* protocol version(s)")); + switch (sshIPProtocol) + { + case 4: + device->addTableData(paragraphPointer->table, i18n("*ABBREV*IPv4*-ABBREV*")); + break; + case 6: + device->addTableData(paragraphPointer->table, i18n("*ABBREV*IPv6*-ABBREV*")); + break; + default: + device->addTableData(paragraphPointer->table, i18n("*ABBREV*IPv4*-ABBREV* and *ABBREV*IPv6*-ABBREV*")); + break; + } + + return 0; +} diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/administration.h.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/administration.h.svn-base new file mode 100644 index 0000000..0a49353 --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/administration.h.svn-base @@ -0,0 +1,68 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ProCurveadministration_H +#define ProCurveadministration_H + + +#include "../device/administration/administration.h" + + +class ProCurveAdministration : public Administration +{ + public: + + ProCurveAdministration(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Methods + virtual int generateDeviceGeneralConfig(Device *device); // A device specific config report output + virtual int generateDeviceTelnetConfig(Device *device); // A device specific config report output + virtual int generateDeviceTFTPConfig(Device *device); // A device specific config report output + virtual int generateDeviceSSHConfig(Device *device); // A device specific config report output + virtual int generateDeviceHTTPConfig(Device *device); // A device specific config report output + + // HP Procurve specific settings... + int consoleBaudRate; // The console line baud rate + bool consoleFlowXONControl; // Flow Control + int consoleLocalType; // 0 = VT100, 1 = none, 2 = ANSI + int consoleAllType; // 0 = VT100, 1 = none, 2 = ANSI + bool telnet6ServerEnabled; // Telnet IPv6 Server + bool tftp6ServerEnabled; // TFTP IPv6 Server + int sshIPProtocol; // SSH IP (0 = 4 & 6, 4 = 4, 6 =6) + string webManagementURL; // The URL to go to when ? is clicked + string webSupportURL; // The URL to go to when the support tab is clicked +}; + + +#endif diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/authentication.cpp.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/authentication.cpp.svn-base new file mode 100644 index 0000000..942bf6c --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/authentication.cpp.svn-base @@ -0,0 +1,285 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "authentication.h" +#include "../device/common/configline.h" + + +ProCurveAuthentication::ProCurveAuthentication() +{ + // General... + authenticationConfigIntro = i18n("This section describes the various *DEVICETYPE* device authentication settings."); // Introduction text to the whole section + loginAttemptsSupported = false; // Login attempts supported + loginAttempts = 0; // Login attempts allowed (0 = infinite) + accessWithoutAuthentication = false; // Set to true if access is allowed without authentication + configAccessAuthentication = "The manager and operator passwords can be configured with the following commands:*CODE**COMMAND*password manager*-COMMAND**COMMAND*password operator*-COMMAND**-CODE*"; // The text and commands to configure access authentication with a password + + // Authentication Methods... + authMethodSupported = true; // Authentication Method Supported + appliesToSupported = true; // Applies To Supported + namedAuthSupport = false; // Are auth servers named? + showAuthLevel = true; // Show auth level + + // Local User Options... + encryptionSupported = false; // Show encryption + readOnlySupported = false; // Is read only supported? + outboundACLSupported = false; // Are outbound filtering ACL supported? + privilegeLevelSupported = false; // Are privilege levels supported? + privilegeLevelText = i18n("Privilege Level"); // The table title privilege level text + configDeviceSpecificLocalUsers = "*DEVICETYPE* device local users are not listed in the configuration file. However, if the configuration does indicate as to whether the manager or operator users have had their passwords set. If the respective passwords have not been configured, the users are listed in this section."; // Text for the config report local user section. + filterText = i18n("*ABBREV*ACL*-ABBREV*"); // The table filter column title text + + // TACACS Options... + showTacacsGroupName = false; // Show the TACACS group + showTacacsRetries = false; // Show the TACACS retries + configTacacsKey = i18n("On *DEVICETYPE* devices a *ABBREV*TACACS+*-ABBREV* server key can be configured with the following command:*CODE**COMMAND*tacacs-server key *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a TACACS+ key + + // RADIUS Options... + showRadiusGroupName = false; // Show the RADIUS group + configRadiusKey = i18n("On *DEVICETYPE* devices a *ABBREV*RADIUS*-ABBREV* server key can be configured with the following command:*CODE**COMMAND*radius-server key *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a RADIUS key + + // KERBEROS Options... + showKerberosGroupName = false; // Show the KERBEROS group + showKerberosTimeout = false; // Show Kerberos timeout + showKerberosRetries = false; // Show Kerberos retries + + // LDAP Options... + showLDAPGroupName = false; // Show the LDAP group + showLDAPPassword = false; // Show LDAP password + configLDAPPassword = i18n(""); // The text and commands to configure an LDAP server password + + // SecurID Options... + showSecurIDGroupName = false; // Show the SecurID group + showSecurIDDuress = false; // Show the SecurID Duress + showSecurIDEncryption = false; // Show the SecurID Encryption + + // NT Options... + showNTGroupName = false; // Show the NT group + + + tacacsTimeout = 5; + tacacsFirst = true; + radiusTimeout = 5; + radiusRetransmit = 3; + radiusFirst = true; + operatorPresent = false; + managerPresent = false; +} + + +int ProCurveAuthentication::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + authConfig *authPointer = 0; + tacacsServerConfig *tacacsPointer = 0; + radiusServerConfig *radiusPointer = 0; + int tempInt = 0; + int errorCode = 0; + + // tacacs... + if (strcasecmp(command->part(0), "tacacs-server") == 0) + { + + // key... + if (strcasecmp(command->part(1), "key") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Key Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsKey.assign(command->part(2)); + } + + // timeout... + else if (strcasecmp(command->part(1), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsTimeout = atoi(command->part(2)); + } + + // host... + else if (strcasecmp(command->part(1), "host") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = addTacacsServer(); + tacacsPointer->address.assign(command->part(2)); + if (strcasecmp(command->part(3), "key") == 0) + tacacsPointer->key.assign(command->part(4)); + else + tacacsPointer->key.assign(tacacsKey); + tacacsPointer->timeout = tacacsTimeout; + if (tacacsFirst == true) + tacacsPointer->description.assign(i18n("Primary")); + else + tacacsPointer->description.assign(i18n("Backup")); + tacacsFirst = false; + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + // radius... + else if (strcasecmp(command->part(0), "radius-server") == 0) + { + + // key... + if (strcasecmp(command->part(1), "key") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Key Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusKey.assign(command->part(2)); + } + + // timeout... + else if (strcasecmp(command->part(1), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusTimeout = atoi(command->part(2)); + } + + // host... + else if (strcasecmp(command->part(1), "host") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = addRadiusServer(); + radiusPointer->address.assign(command->part(2)); + radiusPointer->key.assign(radiusKey); + tempInt = 3; + while (tempInt < command->parts) + { + if (strcasecmp(command->part(3), "key") == 0) + { + tempInt++; + radiusPointer->key.assign(command->part(tempInt)); + } + tempInt++; + } + radiusPointer->timeout = radiusTimeout; + if (radiusFirst == true) + radiusPointer->description.assign(i18n("Primary")); + else + radiusPointer->description.assign(i18n("Backup")); + radiusFirst = false; + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + // password manager... + else if ((strcasecmp(command->part(0), "password") == 0) && (strcasecmp(command->part(1), "manager") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sManager Password Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + managerPresent = true; + } + + // password operator... + else if ((strcasecmp(command->part(0), "password") == 0) && (strcasecmp(command->part(1), "operator") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sOperator Password Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + operatorPresent = true; + } + + // aaa authentication... + else if ((strcasecmp(command->part(0), "aaa") == 0) && (strcasecmp(command->part(1), "authentication") == 0) && ((strcasecmp(command->part(3), "login") == 0) || (strcasecmp(command->part(3), "enable") == 0))) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Authentication Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + authPointer = addMethod(); + authPointer->appliesTo.assign(command->part(2)); + authPointer->level.assign(command->part(3)); + if (strcasecmp(command->part(4), "local") == 0) + authPointer->method = localAuth; + else if (strcasecmp(command->part(4), "radius") == 0) + authPointer->method = radiusAuth; + else if (strcasecmp(command->part(4), "tacacs") == 0) + authPointer->method = tacacsAuth; + + if (command->parts == 6) + { + authPointer = addMethod(); + authPointer->appliesTo.assign(command->part(2)); + authPointer->level.assign(command->part(3)); + if (strcasecmp(command->part(5), "local") == 0) + authPointer->method = localAuth; + else if (strcasecmp(command->part(5), "radius") == 0) + authPointer->method = radiusAuth; + else if (strcasecmp(command->part(5), "tacacs") == 0) + authPointer->method = tacacsAuth; + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return errorCode; +} + + +int ProCurveAuthentication::processDefaults(Device *device) +{ + // Variables... + localUserConfig *userPointer; + + if (operatorPresent == false) + { + userPointer = getUser("operator"); + userPointer->adminAccess = false; + } + + if (managerPresent == false) + { + userPointer = getUser("manager"); + userPointer->adminAccess = true; + } + + return 0; +} diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/authentication.h.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/authentication.h.svn-base new file mode 100644 index 0000000..2cf1d78 --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/authentication.h.svn-base @@ -0,0 +1,66 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ProCurveauthentication_H +#define ProCurveauthentication_H + + +#include "../device/authentication/authentication.h" + + +class ProCurveAuthentication : public Authentication +{ + public: + + ProCurveAuthentication(); + + + // ----------------------------------------------------------------------- + // Standard Device Class Methods... + // ----------------------------------------------------------------------- + + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + + private: + string tacacsKey; + int tacacsTimeout; + bool tacacsFirst; + string radiusKey; + int radiusTimeout; + int radiusRetransmit; + bool radiusFirst; + + bool operatorPresent; + bool managerPresent; +}; + + +#endif diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/banner.cpp.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/banner.cpp.svn-base new file mode 100644 index 0000000..4ab2769 --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/banner.cpp.svn-base @@ -0,0 +1,111 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "banner.h" + + +ProCurveBanner::ProCurveBanner() +{ + // Banner settings... + preLogonBanner = true; // Support Banner(s) Before Logon? + postLogonBanner = false; // Support Banner(s) After Logon? + configPreLogonBanner = i18n("The *ABBREV*MOTD*-ABBREV* banner message is shown before users logon. The *ABBREV*MOTD*-ABBREV* banner message can be configured by entering the following command:*CODE**COMMAND*banner motd *CMDUSER*delimiter*-CMDUSER**-COMMAND**-CODE*"); // The text that explains how to config a prelogon banner, with commands... + configPostLogonBanner = i18n(""); // The text that explains how to config a post logon banner, with commands... +} + + +int ProCurveBanner::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + bannerStruct *bannerPointer = 0; + string tempString; + bool end = false; + + // Telnet banner... + if ((strcmp(command->part(0), "banner") == 0) && (strcmp(command->part(1), "motd") == 0)) + { + if (strlen(command->part(2)) == 2) + { + if (command->part(2)[1] == '\"') + end = true; + } + + // Get banner... + if (end == false) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign(i18n("*ABBREV*MOTD*-ABBREV*")); + bannerPointer->description.assign(i18n("The *ABBREV*MOTD*-ABBREV* banner message is presented to users before they logon. The *ABBREV*MOTD*-ABBREV* banner configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = anyConnection; + tempString.assign(strstr(line, command->part(2) + 1)); + + // Get the lines... + while ((end == false) && (feof(device->inputFile) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (tempString.find("\"") != tempString.npos) + { + end = true; + tempString.erase(tempString.find("\"")); + } + + addBannerLine(bannerPointer, tempString.c_str()); + + // Read a line from the config... + if (end == false) + { + device->readLine(line, lineSize); + tempString.assign(line); + } + } + } + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/banner.h.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/banner.h.svn-base new file mode 100644 index 0000000..fc41d44 --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/banner.h.svn-base @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ProCurvebanner_H +#define ProCurvebanner_H + + +#include "../device/banner/banner.h" + + +class ProCurveBanner : public Banner +{ + public: + + ProCurveBanner(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..880958d --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,226 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" +#include "administration.h" +#include "banner.h" +#include "snmp.h" +#include "dns.h" +#include "authentication.h" +#include "interfaces.h" + + +ProCurveDevice::ProCurveDevice() +{ + deviceMake = "HP"; + deviceType = "ProCurve"; + deviceOS = "ProCurve *ABBREV*OS*-ABBREV*"; + + isSwitch = true; + + general = new (ProCurveGeneral); + administration = new (ProCurveAdministration); + banner = new (ProCurveBanner); + snmp = new (ProCurveSNMP); + dns = new (ProCurveDNS); + authentication = new (ProCurveAuthentication); + interfaces = new (ProCurveInterfaces); +} + + +ProCurveDevice::~ProCurveDevice() +{ + delete general; + delete administration; + delete banner; + delete snmp; + delete dns; + delete authentication; + delete interfaces; +} + + +int ProCurveDevice::processDevice() +{ + // Variables... + char line[1024]; + ConfigLine command; + int tempInt = 0; + bool setting = false; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Init + if (strcmp(command.part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Hostname (in general)... + if (strcasecmp(command.part(tempInt), "hostname") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + + // Device Model / Version... + else if ((strcmp(command.part(tempInt), ";") == 0) && (strcasecmp(command.part(tempInt + 2), "Configuration") == 0) && (strcasecmp(command.part(tempInt + 3), "Editor;") == 0)) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Modules... + else if ((strcmp(command.part(tempInt), "module") == 0) && (strcasecmp(command.part(tempInt + 2), "type") == 0)) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // IP... + else if (strcmp(command.part(tempInt), "ip") == 0) + { + tempInt++; + + // SSH... + if (strcmp(command.part(tempInt), "ssh") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Authorised Managers... + else if (strcmp(command.part(tempInt), "authorized-managers") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // DNS... + else if (strcmp(command.part(tempInt), "dns") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + // VLAN... + else if (strcmp(command.part(tempInt), "vlan") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Telnet... + else if ((strcasecmp(command.part(tempInt), "telnet-server") == 0) || (strcasecmp(command.part(tempInt), "telnet6-server") == 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // TFTP Server... + else if ((strcasecmp(command.part(tempInt), "tftp") == 0) && (strcasecmp(command.part(tempInt + 1), "server") == 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // TACACS+ Server... + else if (strcasecmp(command.part(tempInt), "tacacs-server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // RADIUS Server... + else if (strcasecmp(command.part(tempInt), "radius-server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // AAA Authentication... + else if ((strcasecmp(command.part(tempInt), "aaa") == 0) && (strcasecmp(command.part(tempInt + 1), "authentication") == 0)) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Password... + else if (strcasecmp(command.part(tempInt), "password") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SNMP... + else if ((strcasecmp(command.part(tempInt), "snmp-server") == 0) || (strcasecmp(command.part(tempInt), "snmpv3") == 0)) + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Web Management... + else if (strcasecmp(command.part(tempInt), "web-management") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Banner MOTD... + else if ((strcmp(command.part(0), "banner") == 0) && (strcmp(command.part(1), "motd") == 0)) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Console... + else if ((strcmp(command.part(tempInt), "console") == 0) && (strcmp(command.part(tempInt + 1), "events") != 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + if ((general->version.empty()) && (config->deviceTypeChecks == true)) + return libnipper_error_wrongdevice; + + return 0; +} + + +bool ProCurveDevice::isDeviceType() +{ + // Variables... + char line[1024]; + bool found = false; + int readCount = 0; + int returnCode = 0; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (found == false) && (readCount < 5)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + if ((strncmp(line, "; J", 3) == 0) && (strstr(line, "Configuration Editor; Created on release") != 0)) + found = true; + + readCount++; + } + fclose(inputFile); + + return found; +} diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..5346c9a --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/device.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_ProCurve_H +#define device_ProCurve_H + + +#include "../device/device.h" + + +class ProCurveDevice : public Device +{ + public: + ProCurveDevice(); + ~ProCurveDevice(); + + int processDevice(); + bool isDeviceType(); +}; + + +#endif diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/dns.cpp.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/dns.cpp.svn-base new file mode 100644 index 0000000..0f0c29a --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/dns.cpp.svn-base @@ -0,0 +1,140 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "dns.h" + + +ProCurveDNS::ProCurveDNS() +{ + nameMappingConfig = i18n("*DEVICETYPE* devices can be configured to resolve name to address mappings. This section details those settings."); // The text paragraph in the config section + + // Host configuration + showInterface = false; // Are interfaces supported? + + // DNS Client Settings + dnsClientSupported = false; // DNS Client Supported? + dnsLookupEnabled = false; // DNS lookups enabled? + disableLookup = "*ABBREV*DNS*-ABBREV* lookups can be disabled on *DEVICETYPE* devices by removing all the configured *ABBREV*DNS*-ABBREV* servers. This can be done with the following command:*CODE**COMMAND*no ip dns server-address priority *CMDUSER*priority*-CMDUSER* *CMDUSER*ip-address*-CMDUSER**-COMMAND**-CODE*"; // The text and commands to disable DNS lookup + dnsRetries = 0; // DNS lookup retries + dnsRetriesSupported = false; // DNS lookup retries Supported? + dnsTimeout = 0; // DNS timeout + dnsTimeoutSupported = false; // DNS timeout Supported? + + // DNS Server Options... + dnsRecordKeepAliveSupported = false; // Is the DNS keep Alive message type supported? + returnRecordsSupported = false; // Is the single/multiple record field supported? + dynamicDNSSupported = false; // Is Dynamic DNS Supported? + dnsServerSupported = false; // Is DNS Server Supported? + dnsServiceEnabled = false; // Is the DNS service enabled? + dynamicDNSEnabled = false; // Is dynamic DNS enabled? + dnsProxySupported = false; // Is DNS Proxy Server Supported? + dnsProxyEnabled = false; // Is the DNS Proxy service enabled? + dnsPort = 53; // DNS Server Port + + // Internal HP Procurve... + dnsSupported = false; +} + + +int ProCurveDNS::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + dnsConfig *dnsPointer = 0; + int tempInt = 0; + bool setting = false; + + dnsSupported = true; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 3; + setting = false; + } + else + { + tempInt = 2; + setting = true; + } + + // domain name... + if (strcasecmp(command->part(tempInt), "domain-name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDomain Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + dnsDomain.assign(command->part(tempInt)); + } + + // dns server... + else if (strcasecmp(command->part(tempInt), "server-address") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + { + dnsPointer = addDNSServer(command->part(5)); + dnsPointer->description.assign(i18n("Priority: ")); + dnsPointer->description.append(command->part(4)); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int ProCurveDNS::processDefaults(Device *device) +{ + // Enable DNS support (not all ProCurves support DNS) + if (dnsSupported == true) + { + dnsClientSupported = true; + if (dnsServer != 0) + dnsLookupEnabled = true; + } + + return 0; +} + diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/dns.h.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/dns.h.svn-base new file mode 100644 index 0000000..9988846 --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/dns.h.svn-base @@ -0,0 +1,54 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ProCurveDNS_H +#define ProCurveDNS_H + + +#include "../device/dns/dns.h" + + +class ProCurveDNS : public DNS +{ + public: + + ProCurveDNS(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + + private: + bool dnsSupported; +}; + + +#endif diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/general.cpp.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/general.cpp.svn-base new file mode 100644 index 0000000..21308cf --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/general.cpp.svn-base @@ -0,0 +1,167 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +ProCurveGeneral::ProCurveGeneral() +{ +} + + +int ProCurveGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Hostname + if (strcasecmp(command->part(tempInt), "hostname") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHostname Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostname = command->part(tempInt + 1); + } + + // Model & Version... + else if ((strcmp(command->part(tempInt), ";") == 0) && (strcasecmp(command->part(tempInt + 2), "Configuration") == 0) && (strcasecmp(command->part(tempInt + 3), "Editor;") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sModel And Version Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + deviceModel.assign(command->part(tempInt)); + tempInt += 6; + version.assign(command->part(tempInt)); + version.erase(0, 1); + } + + // Modules + else if ((strcasecmp(command->part(tempInt), "module") == 0) && (strcasecmp(command->part(tempInt + 2), "type") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sModule Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + addDeviceModule(atoi(command->part(tempInt)), command->part(tempInt + 2)); + } + + return 0; +} + + +int ProCurveGeneral::processDefaults(Device *device) +{ + // Split Version Numbers... + if (!version.empty()) + { + versionMajor = version[0]; + versionMinor = atoi(strchr(version.c_str(), '.') + 1); + versionRevision = atoi(strchr(strchr(version.c_str(), '.') + 1, '.') + 1); + } + + return 0; +} + + +int ProCurveGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; +/* + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-GENERAL"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-GENERAL-TABLE"); + + // Password Encryption... + if (servicePasswordEncryption != unconfigured) + { + device->addTableData(paragraphPointer->table, i18n("Service Password Encryption")); + if (servicePasswordEncryption == on) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + }*/ + + return errorCode; +} + + +int ProCurveGeneral::generateSecuritySpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; +/* + // Service Password Encryption... + if (servicePasswordEncryption == off) + { + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Service Password Encryption Disabled")); + securityIssuePointer->reference.assign("IOS.PASSENCR.1"); + securityIssuePointer->overallRating = 8; + securityIssuePointer->impactRating = 9; + securityIssuePointer->easeRating = 2; + securityIssuePointer->fixRating = 1; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("Cisco service passwords by default are stored in their clear text form rather than being encrypted. However, it is possible to have these passwords stored using the reversible Cisco type-7 encryption. *COMPANY* determined that the service password encryption that helps to provide a basic level of encryption for passwords that otherwise would be stored in clear text was disabled on the Cisco device *DEVICENAME*.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("The Cisco type-7 password encryption provides little in the way of protection against an attacker who has access to the configuration file. However, the Cisco type-7 password encryption would provide a level of protect against a malicious user who had managed to briefly view a devices configuration.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("If a malicious user were able to glance a password from a devices configuration they could use it to gain a level of access to *DEVICENAME*. If the passwords were encrypted using the Cisco type-7 routine, a malicious user that had access to the devices configuration would have to decode the password first. Tools are widely available on the Internet that can reverse Cisco type-7 passwords.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that the Cisco password encryption service be enabled. The Cisco password encryption service can be started with the following Cisco *ABBREV*IOS*-ABBREV* command:")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*CODE**COMMAND*service password-encryption*-COMMAND**-CODE*")); + securityIssuePointer->conLine.assign(i18n("service password encryption was disabled")); + securityIssuePointer->recLine.assign(i18n("enable the service password encryption")); + }*/ + return errorCode; +} diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/general.h.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/general.h.svn-base new file mode 100644 index 0000000..ead267b --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/general.h.svn-base @@ -0,0 +1,56 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ProCurvedevicegeneral_H +#define ProCurvedevicegeneral_H + +#include "../device/general/general.h" + + +class ProCurveGeneral : public General +{ + public: + ProCurveGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Reporting... + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + private: + //unsigned int servicePasswordEncryption; +}; + + +#endif diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/interfaces.cpp.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/interfaces.cpp.svn-base new file mode 100644 index 0000000..e3ad071 --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/interfaces.cpp.svn-base @@ -0,0 +1,160 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "interfaces.h" + + +ProCurveInterfaces::ProCurveInterfaces() +{ + // Interface Options... + useModuleAndPort = false; // Use the module / port instead of the name + useInterfaceZone = false; // Use the interface zone + zoneName = i18n("Zone"); // The name for zone field + filterIn = i18n("Filter In"); // The filter in table title text + filterOut = i18n("Filter Out"); // The filter out table title text + showDescription = true; // Show the interface description + cdpGlobalRequired = false; // If CDP needs to be enabled globally as well + disableCDPText = i18n(""); // The text and commands to disable CDP + cdpSupported = false; // Is CDP supported on interfaces + disableProxyARPText = i18n(""); // The text and commands to disable Proxy ARP + disableUnreachablesText = i18n(""); // The text and commands to disable ICMP unreachable messages + disableInformationText = i18n(""); // The text and commands to disable ICMP information messages + disableMaskText = i18n(""); // The text and commands to disable ICMP mask messages + disableRedirectText = i18n(""); // The text and commands to disable ICMP redirect messages + disableDirectedText = i18n(""); // The text and commands to disable directed broadcasts + disableMOPText = i18n(""); // The text and commands to disable MOP + disableActiveText = i18n(""); // The text and commands to disable potentially unused interfaces + filterName = i18n("filter lists"); // The filter list name for use in the filter issue text + configFilterText = i18n(""); // The text and commands to configure network filtering + defaultAutoTrunk = false; // Default to automatically trunk + disableTrunkText = i18n(""); // The text and commands to disable trunking on a port + enablePortSecurityText = i18n(""); // The text and commands to enable port security +} + + +int ProCurveInterfaces::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + interfaceListConfig *interfaceListPointer = 0; + interfaceConfig *interfacePointer = 0; + int tempInt = 0; + bool setting = false; + + // VLAN... + if (strcasecmp(command->part(0), "vlan") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sVLAN Interface Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Sort out the interface list first... + interfaceListPointer = getInterfaceList("VLANINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*VLAN*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*VLAN*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*VLAN*-ABBREV* interfaces"); + interfaceListPointer->label = "VLANINTERFACES"; + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1)); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((strcasecmp(command->part(0), "exit") != 0) && (feof(device->inputFile) == 0)) + { + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Name + if (strcasecmp(command->part(0), "name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sVLAN Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->name.assign(command->part(1)); + } + + // address + if ((strcasecmp(command->part(0), "ip") == 0) && (strcasecmp(command->part(1), "address") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sVLAN Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->address.assign(command->part(2)); + interfacePointer->netmask.assign(command->part(3)); + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int ProCurveInterfaces::processDefaults(Device *device) +{ + return 0; +} + diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/interfaces.h.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/interfaces.h.svn-base new file mode 100644 index 0000000..1048d6c --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/interfaces.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ProCurveInterfaces_H +#define ProCurveInterfaces_H + + +#include "../device/interfaces/interfaces.h" + + +class ProCurveInterfaces : public Interfaces +{ + public: + + ProCurveInterfaces(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + +}; + +#endif diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/snmp-report.cpp.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/snmp-report.cpp.svn-base new file mode 100644 index 0000000..1e7dac6 --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/snmp-report.cpp.svn-base @@ -0,0 +1,342 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include "../globaldefs.h" +#include "device.h" +#include "general.h" +#include "snmp.h" + + +int ProCurveSNMP::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-SNMP"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-SNMP-TABLE"); + + // Authentication MIB + device->addTableData(paragraphPointer->table, i18n("Authentication *ABBREV*MIB*-ABBREV*")); + if (authenticationMIB == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + return errorCode; +} + + +int ProCurveSNMP::generateSecuritySpecificReport(Device *device) +{ + // Variables... + snmpCommunity *snmpCommunityPointer = 0; + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + const char *snmpAuthAccessIssue = i18n("Additionally, the attacker would have read/write access to the *DEVICETYPE* authentication *ABBREV*MIB*-ABBREV* (see section *SECTIONNO*)."); + const char *snmpManagerIssue = i18n(" With a Manager view of the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV*, an attacker would be able to extract a large quantity of configuration information from *DEVICENAME* (see section *SECTIONNO*)."); + bool managerAccess = false; + bool managerDictionary = false; + bool managerWeak = false; + bool managerUnrest = false; + bool managerUnrestDict = false; + bool managerUnrestWeak = false; + int errorCode = 0; + + // Searching for issues... + snmpCommunityPointer = community; + while (snmpCommunityPointer != 0) + { + if ((snmpCommunityPointer->enabled == true) && (snmpCommunityPointer->view.compare("Manager") == 0)) + { + managerAccess = true; + if (snmpCommunityPointer->communityInDict == true) + managerDictionary = true; + else if (snmpCommunityPointer->communityWeak != Device::passwordPassed) + managerWeak = true; + if (snmpCommunityPointer->type != communityReadOnly) + { + managerUnrest = true; + if (snmpCommunityPointer->communityInDict == true) + managerUnrestDict = true; + else if (snmpCommunityPointer->communityWeak != Device::passwordPassed) + managerUnrestWeak = true; + } + } + snmpCommunityPointer = snmpCommunityPointer->next; + } + + // Manager View... + if (managerAccess == true) + { + + // Write Access... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWRIT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "HPP.SNMPMANA.1"); + paragraphPointer->paragraph.append(snmpManagerIssue); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPMANA.1"); + } + + // Clear-text SNMP... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPCLEA.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + device->addString(paragraphPointer, "HPP.SNMPMANA.1"); + paragraphPointer->paragraph.append(snmpManagerIssue); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPMANA.1"); + } + + // Dictionary-based Community Strings... + if (managerUnrestDict == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPDICT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "HPP.SNMPMANA.1"); + paragraphPointer->paragraph.append(snmpManagerIssue); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPMANA.1"); + } + } + + // Weak Community Strings... + if (managerUnrestWeak == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWEAK.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "HPP.SNMPMANA.1"); + paragraphPointer->paragraph.append(snmpManagerIssue); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPMANA.1"); + } + } + + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] SNMP Manager Access\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("*ABBREV*SNMP*-ABBREV* Access To All *ABBREV*MIB*-ABBREV* Objects")); + securityIssuePointer->reference.assign("HPP.SNMPMANA.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*DEVICETYPE* community strings can be configured with either a Manager or Operator view of the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV*. A community string with a Manager view can access all *ABBREV*MIB*-ABBREV* objects, while a community string with a Operator view can access all *ABBREV*MIB*-ABBREV* objects except the configuration *ABBREV*MIB*-ABBREV*.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that a Manager view of the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* was configured on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 6; // Medium + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker who has *ABBREV*SNMP*-ABBREV* access to the *DEVICETYPE* using a community string with a Manager view of the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* could extract a large quantity of configuration information from *DEVICENAME*.")); + if (managerUnrest == true) + { + securityIssuePointer->impactRating = 7; // High + paragraphPointer->paragraph.append(i18n(" With write *ABBREV*SNMP*-ABBREV* access to *DEVICENAME*, an attacker could modify the devices configuration.")); + if (authenticationMIB == true) + { + securityIssuePointer->impactRating = 8; // High + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "HPP.SNMPAUTH.1"); + paragraphPointer->paragraph.append(i18n("Additionally, the attacker could access and modify the authentication information stored on *DEVICENAME* (see section *SECTIONNO*).")); + } + } + + // Issue ease... + securityIssuePointer->easeRating = 4; // Moderate + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("For an attacker to exploit this issue they would require *ABBREV*SNMP*-ABBREV* query tools, a community string with a Manager view of the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV*. *ABBREV*SNMP*-ABBREV* query tools are available on the Internet and some *ABBREV*OS*-ABBREV* install them by default.")); + if (managerDictionary == true) + { + securityIssuePointer->easeRating = 8; // Easy + device->addString(paragraphPointer, "GEN.SNMPDICT.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a dictionary attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + else if (managerWeak == true) + { + securityIssuePointer->easeRating = 6; // Easy + device->addString(paragraphPointer, "GEN.SNMPWEAK.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a brute-force attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + + // Issue recommendation... + securityIssuePointer->fixRating = 2; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that, unless required, access to the configuration *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* should be disabled. This can be done with the following command:*CODE**COMMAND*snmp-server community *CMDUSER*community-string*-CMDUSER* operator *CMDOPTION*restricted *CMDOR* unrestricted*-CMDOPTION**-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("access to configuration information was possible using *ABBREV*SNMP*-ABBREV*")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable access to configuration information using *ABBREV*SNMP*-ABBREV*")); + + // Dependent issues... + device->addDependency(securityIssuePointer, "GEN.SNMPCLEA.1"); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPDICT.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPWEAK.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPWRIT.1"); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPAUTH.1"); + } + + // Authentication MIB... + if ((managerUnrest == true) && (authenticationMIB == true)) + { + + // Write Access... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWRIT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "HPP.SNMPAUTH.1"); + paragraphPointer->paragraph.assign(snmpAuthAccessIssue); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPAUTH.1"); + } + + // Clear-text SNMP... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPCLEA.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "HPP.SNMPAUTH.1"); + paragraphPointer->paragraph.assign(snmpAuthAccessIssue); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPAUTH.1"); + } + + // Dictionary-based Community Strings... + if (managerUnrestDict == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPDICT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "HPP.SNMPAUTH.1"); + paragraphPointer->paragraph.assign(snmpAuthAccessIssue); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPAUTH.1"); + } + } + + // Weak Community Strings... + if (managerUnrestWeak == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWEAK.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "HPP.SNMPAUTH.1"); + paragraphPointer->paragraph.assign(snmpAuthAccessIssue); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPAUTH.1"); + } + } + + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] SNMP Authentication MIB Access\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("*ABBREV*SNMP*-ABBREV* Access To The Authentication *ABBREV*MIB*-ABBREV*")); + securityIssuePointer->reference.assign("HPP.SNMPAUTH.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addString(paragraphPointer, snmpFilterText); + paragraphPointer->paragraph.assign(i18n("*DEVICETYPE* devices can be configured to allow access to authentication information using *ABBREV*SNMP*-ABBREV*. *COMPANY* determined that the access to the authentication information in the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* was allowed on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 8; // High + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker who has *ABBREV*SNMP*-ABBREV* access to the *DEVICETYPE* authentication *ABBREV*MIB*-ABBREV* could extract authentication details, and with write access they could modify the authentication information.")); + + // Issue ease... + securityIssuePointer->easeRating = 4; // Moderate + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("For an attacker to exploit this issue they would require *ABBREV*SNMP*-ABBREV* query tools, a community string in the Manager group. *ABBREV*SNMP*-ABBREV* query tools are available on the Internet and some *ABBREV*OS*-ABBREV* install them by default.")); + if (managerUnrestDict == true) + { + securityIssuePointer->easeRating = 8; // Easy + device->addString(paragraphPointer, "GEN.SNMPDICT.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a dictionary attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + else if (managerUnrestWeak == true) + { + securityIssuePointer->easeRating = 6; // Easy + device->addString(paragraphPointer, "GEN.SNMPWEAK.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a brute-force attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + + // Issue recommendation... + securityIssuePointer->fixRating = 2; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that, unless required, access to the authentication information using *ABBREV*SNMP*-ABBREV* should be disabled. This can be done with the following command:*CODE**COMMAND*snmp-server mib hpSwitchAuthMIB excluded*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("access to authentication information was possible using *ABBREV*SNMP*-ABBREV*")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable access to authentication information using *ABBREV*SNMP*-ABBREV*")); + + // Dependent issues... + device->addDependency(securityIssuePointer, "GEN.SNMPCLEA.1"); + device->addDependency(securityIssuePointer, "GEN.SNMPWRIT.1"); + device->addDependency(securityIssuePointer, "HPP.SNMPMANA.1"); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPDICT.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPWEAK.1"); + } + + return errorCode; +} diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/snmp.cpp.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/snmp.cpp.svn-base new file mode 100644 index 0000000..58a34de --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/snmp.cpp.svn-base @@ -0,0 +1,359 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "snmp.h" + +using namespace std; + + +ProCurveSNMP::ProCurveSNMP() +{ + // Init SNMP support options... + deviceSNMPSupportText = i18n("*DEVICETYPE* support all three versions of the *ABBREV*SNMP*-ABBREV*. "); // Intro Config section device specific text. + supportSNMP3 = true; // Does this device support SNMPv3? + // N/A - supportSNMP3Upgrade = false; // Do you have to upgrade to get support for SNMPv3 + // N/A - supportSNMP3UpgText = i18n(""); // SNMP 3 is supported from OS version ... + disableSNMPCmdText = i18n("*ABBREV*SNMP*-ABBREV* versions 1 and 2 can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*no snmp-server enable*-COMMAND**-CODE*"); // The text and command(s) to disable SNMP support + configSNMPCommunityText = i18n("*ABBREV*SNMP*-ABBREV* community strings can be configured with the following command:*CODE**COMMAND*snmp-server community *CMDUSER*community-string*-CMDUSER* *CMDOPTION*manager *CMDOR* operator*-CMDOPTION* *CMDOPTION*restricted *CMDOR* unrestricted*-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure a community string + configSNMP3Text = i18n("*ABBREV*SNMP*-ABBREV* version 3 access can be configured by creating a user and adding the user to a group. This can be configured using the following commands:*CODE**COMMAND*snmpv3 user *CMDUSER*username*-CMDUSER* *CMDOPTION*auth *CMDREQUIRE*md5 *CMDOR* sha*-CMDREQUIRE* *CMDUSER*auth-password*-CMDUSER**-CMDOPTION* *CMDOPTION*priv *CMDREQUIRE*des *CMDOR* aes*-CMDREQUIRE* *CMDUSER*priv-password*-CMDUSER**-CMDOPTION**-COMMAND**COMMAND*snmpv3 group *CMDUSER*groupname*-CMDUSER* user *CMDUSER*username*-CMDUSER* sec-model ver3*-COMMAND**-CODE*"); // The text and command(s) to configure SNMP version 3 + // N/A - configSNMPViewText = i18n(""); // The text and command(s) to configure SNMP views + configSNMPTrapsText = i18n("*ABBREV*SNMP*-ABBREV* trap hosts can be configured using the following command:*CODE**COMMAND*snmp-server host *CMDUSER*ip-address*-CMDUSER* *CMDUSER*community-string*-CMDUSER* *CMDOPTION*none *CMDOR* debug *CMDOR* all *CMDOR* not-info *CMDOR* critical*-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP traps + // N/A - configSNMPInformsText = i18n(""); // The text and command(s) to configure SNMP informs + configSNMPReadOnlyText = i18n("Read only community string access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* can be configured using the following command:*CODE**COMMAND*snmp-server community *CMDUSER*community-string*-CMDUSER* *CMDOPTION*manager *CMDOR* operator*-CMDOPTION* restricted*-COMMAND**-CODE*"); // The text and command(s) to configure SNMP read only access + // N/A - configSNMPFilterText = i18n(""); // The text and command(s) to configure SNMP filtering + + enabled = false; // Is the SNMP server enabled? + snmp12Enabled = true; // Is SNMP versions 1 or 2 configured? + snmp3Enabled = false; // Is SNMP version 3 configured? + + // Community Options... + communityView = true; // SNMP view for the community + communityFilter = false; // SNMP Network Filtering + communityIPv6Filter = false; // SNMP IPv6 Network Filtering + communitySpecificFilters = false; // If the device uses an SNMP specific list. If false, it is std device filters + communityRequiresHosts = false; // If the SNMP community will not work without a list of those who can access it + + // Default communities... + defaultReadOnly = ""; // Default read only community + defaultReadWrite = ""; // Default read/write community + defaultReadWriteAll = ""; // Default read/write all community + + // View support options... + viewSeperated = false; // Separate the views into different tables + viewExcludes = false; // Show the Include/Exclude View Table column + viewMIBText = i18n("Description"); // What the MIB column title in the table should be called + + // SNMP Trap/Inform Host Options... + trapsOnly = true; // Only Traps are supported + trapsSNMPv3 = false; // SNMP v3 support for traps + trapsShowPort = false; // Show Trap Host Port in Table + trapsInterface = false; // Show Interface in Table + trapsInterfaceText = i18n("Interface"); // The Traps/Informs Host Table Interface Column Title + trapsShowNotifications = false; // Show Notifications in the Table + trapsShowEventLevel = true; // Show Notification Event Level in the Table + + // Traps/Informs Options... + trapsShowExcluded = false; // Show excluded traps + trapsShowOptions = true; // Show trap options + + // SNMP User Options... + showUserRemote = false; // Show the remote host/port setting + showUserPriv = true; // Show the privacy settings + showUserFilter = false; // Show the Filter column in the table + showUserIPv6Filter = false; // Show the IPv6 Filter column in the table + userFilterText = i18n("Filter"); // The Text for the Filter table column title + userIPv6FilterText = i18n("*ABBREV*IPv6*-ABBREV* Filter"); // The Text for the IPv6 Filter table column title + + // SNMP Group Options... + snmpGroupShowType = false; // Enable/Disable SNMPv3 type in table + snmpGroupReadView = false; // Enable/Disable Read Views + snmpGroupWriteView = false; // Enable/Disable Write Views + snmpGroupNotifyView = false; // Enable/Disable Notify Views + snmpGroupFilter = false; // Enable/Disable Filter support + snmpGroupIPv6Filter = false; // Enable/Disable IPv6 Filter support + groupFilterText = i18n("Filter"); // The Text for the Filter table column title + groupIPv6FilterText = i18n("*ABBREV*IPv6*-ABBREV* Filter"); // The Text for the IPv6 Filter table column title + + // Device specific options... + authenticationMIB = false; +} + + +int ProCurveSNMP::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + snmpCommunity *communityPointer = 0; + snmpTrapHost *trapHostPointer = 0; + snmpView *viewPointer = 0; + snmpTrap *snmpTrapPointer = 0; + snmpUserStruct *snmpUserPointer = 0; + snmpGroupStruct *snmpGroupPointer = 0; + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 2; + setting = false; + } + else + { + tempInt = 1; + setting = true; + } + + // Location... + if (strcasecmp(command->part(tempInt), "location") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Location Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + location.assign(command->part(tempInt)); + } + + // Contact... + else if (strcasecmp(command->part(tempInt), "contact") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Contact Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + location.assign(command->part(tempInt)); + } + + // Community... + else if (strcasecmp(command->part(tempInt), "community") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + communityPointer = addSNMPCommunity(); + communityPointer->community.assign(command->part(tempInt)); + communityPointer->enabled = setting; + communityPointer->type = communityReadOnly; + communityPointer->view.assign("Operator"); + tempInt++; + while (tempInt < command->parts) + { + if (strcasecmp(command->part(tempInt), "manager") == 0) + communityPointer->view.assign("Manager"); + else if (strcasecmp(command->part(tempInt), "operator") == 0) + communityPointer->view.assign("Operator"); + else if (strcasecmp(command->part(tempInt), "restricted") == 0) + communityPointer->type = communityReadOnly; + else if (strcasecmp(command->part(tempInt), "unrestricted") == 0) + communityPointer->type = communityReadWrite; + + tempInt++; + } + + // Create view for the community... + if (getSNMPView(communityPointer->view.c_str()) == 0) + { + if (communityPointer->view.compare("Operator") == 0) + addSNMPView(communityPointer->view.c_str(), i18n("Access to all *ABBREV*MIB*-ABBREV* objects except CONFIG.")); + else + { + addSNMPView(communityPointer->view.c_str(), i18n("Access to all *ABBREV*MIB*-ABBREV* objects.")); + viewPointer = getSNMPView(communityPointer->view.c_str()); + viewPointer->everything = true; + } + } + } + + // SNMP Host... + else if (strcmp(command->part(tempInt), "host") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapHostPointer = addSNMPTrapHost(); + trapHostPointer->trap = true; + trapHostPointer->version = 1; + trapHostPointer->host.assign(command->part(tempInt)); + tempInt++; + trapHostPointer->community.assign(command->part(tempInt)); + tempInt++; + if (tempInt < command->parts) + trapHostPointer->eventLevel.assign(command->part(tempInt)); + } + + // SNMP Traps... + else if ((strcmp(command->part(tempInt), "enable") == 0) && (strcmp(command->part(tempInt), "traps") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->include = setting; + snmpTrapPointer->trap.assign(command->part(tempInt)); + tempInt++; + if (tempInt < command->parts) + snmpTrapPointer->options.assign(command->part(tempInt)); + } + + // SNMP Enable... + else if (strcmp(command->part(tempInt), "enable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + snmp12Enabled = setting; + } + + // SNMP User... + else if (strcmp(command->part(tempInt), "user") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMPv3 User Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + snmpUserPointer = addSNMPUser(); + snmpUserPointer->user.assign(command->part(tempInt)); + snmpUserPointer->snmpv3 = snmpV3NoAuth; + snmpUserPointer->version = 3; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "auth") == 0) + { + snmpUserPointer->snmpv3 = snmpV3Auth; + tempInt++; + if (strcmp(command->part(tempInt), "sha") == 0) + snmpUserPointer->auth = snmpV3AuthSHA; + else + snmpUserPointer->auth = snmpV3AuthMD5; + tempInt++; + snmpUserPointer->authPassword.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "priv") == 0) + { + snmpUserPointer->snmpv3 = snmpV3Auth; + tempInt++; + if (strcmp(command->part(tempInt), "aes") == 0) + { + snmpUserPointer->priv = snmpV3PrivAES128; + tempInt++; + } + else if (strcmp(command->part(tempInt), "des") == 0) + { + snmpUserPointer->priv = snmpV3PrivDES; + tempInt++; + } + snmpUserPointer->privPassword.assign(command->part(tempInt)); + } + tempInt++; + } + } + + // SNMP Group... + else if (strcmp(command->part(tempInt), "group") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMPv3 Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + snmpGroupPointer = addSNMPGroup(); + snmpGroupPointer->group.assign(command->part(tempInt)); + snmpGroupPointer->version = 3; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "user") == 0) + { + tempInt++; + snmpUserPointer = getSNMPUser(command->part(tempInt)); + if (snmpUserPointer != 0) + snmpUserPointer->group.assign(snmpGroupPointer->group); + } + else if (strcmp(command->part(tempInt), "sec-model") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "ver3") == 0) + snmpGroupPointer->version = 3; + else if (strcmp(command->part(tempInt), "ver2c") == 0) + snmpGroupPointer->version = 2; + else if (strcmp(command->part(tempInt), "ver1") == 0) + snmpGroupPointer->version = 1; + } + tempInt++; + } + } + + // Authentication MIB... + else if ((strcasecmp(command->part(tempInt), "mib") == 0) && (strcasecmp(command->part(tempInt + 1), "hpSwitchAuthMIB") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Authentication MIB Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + if (strcasecmp(command->part(tempInt), "included") == 0) + authenticationMIB = true; + else + authenticationMIB = false; + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int ProCurveSNMP::processDefaults(Device *device) +{ + // Variables... + snmpCommunity *communityPointer = 0; + + // Enable SNMP server... + if (snmp12Enabled == true) + { + communityPointer = community; + while ((communityPointer != 0) && (enabled == false)) + { + if (communityPointer->enabled == true) + enabled = true; + communityPointer = communityPointer->next; + } + } + + return 0; +} + diff --git a/libnipper-0.12.6/HP-ProCurve/.svn/text-base/snmp.h.svn-base b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/snmp.h.svn-base new file mode 100644 index 0000000..522963f --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/.svn/text-base/snmp.h.svn-base @@ -0,0 +1,54 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ProCurvedevicesnmp_H +#define ProCurvedevicesnmp_H + +#include "../device/snmp/snmp.h" + + +class ProCurveSNMP : public SNMP +{ + public: + ProCurveSNMP(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + // Device specific setting... + bool authenticationMIB; +}; + + +#endif diff --git a/libnipper-0.12.6/HP-ProCurve/administration.cpp b/libnipper-0.12.6/HP-ProCurve/administration.cpp new file mode 100644 index 0000000..b817a6b --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/administration.cpp @@ -0,0 +1,573 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "administration.h" + + +ProCurveAdministration::ProCurveAdministration() +{ + + // ----------------------------------------------------------------------- + // Device Specific Settings... + // ----------------------------------------------------------------------- + + // General... + generalSettings = true; // Show the general settings section? + consoleEnabled = true; // Is the Console port enabled? + consoleSupported = true; // Is a console port supported? + consoleTimeoutSupported = false; // Is a console timeout supported? + consoleTimeout = 0; // Console timeout + configConsoleTimeout = i18n(""); // The text and commands to configure the timeout + connectionTimeoutSupported = true; // Is a connection timeout supported? + connectionTimeout = 0; // Connection Timeout + configTimeout = i18n("An inactivity timeout can be configured with the following command:*CODE**COMMAND*console inactivity-timer *CMDUSER*timeout-minutes*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure the timeout + + // Host restrictions... + serviceWideHosts = true; // Do all the admin services share a common host restrictions? + showHostAccess = true; // Show the Access column in the host table? + serviceConfigHosts = i18n("Management hosts can be configured with the following command:*CODE**COMMAND*ip authorized-managers *CMDUSER*ip-address*-CMDUSER* *CMDUSER*netmask*-CMDUSER**-COMMAND**-CODE*"); // Text, how to configure administrative host restrictions. + + // Telnet options... + telnetSupported = true; // Is telnet supported? + telnetEnabled = true; // Is Telnet enabled? + telnetPort = 23; // The telnet service port + telnetHostsRequired = true; // Is the host configuration required? + disableTelnet = i18n("The Telnet service can be disabled on *DEVICETYPE* devices with the following command:*CODE*no telnet-server*-CODE*"); // How to disable telnet text... + + // TFTP options... + tftpSupported = true; // Is TFTP supported? + tftpEnabled = true; // Is TFTP enabled? + tftpPort = 69; // The TFTP service port + tftpSpecificHost = false; // Does TFTP have its own access list? + tftpHostsRequired = false; // Is the host configuration required? + showTFTPHostInterface = false; // Show the Interface column in the host table? + configTFTPHostAccess = i18n(""); // How access lists are configured for the TFTP service + disableTFTP = i18n("The *ABBREV*TFTP*-ABBREV* service can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*no tftp server*-COMMAND**-CODE*"); // How to disable TFTP text... + + // SSH options... + sshSupported = true; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = false; // Is the SSH service enabled? + sshVersion = 2; // What is the SSH Protocol version (0 = 1 and 2) + sshPort = 22; // The SSH port number + configSSHSupport = i18n("The *ABBREV*SSH*-ABBREV* service can be enabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*ip ssh*-COMMAND**-CODE*"); // How to configure SSH... + sshHostsRequired = true; // Is the host configuration required? + + sftpEnabled = false; // Is SFTP enabled? + sftpSupported = true; // Is SFTP supported? + configSFTP = i18n("*ABBREV*SFTP*-ABBREV* can be enabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*ip ssh filetransfer*-COMMAND**-CODE*"); // Text and commands to configure SFTP + scpSupported = true; // Is SCP supported? + scpEnabled = false; // Is SCP enabled? + + // SSH 2 support... + ssh2Supported = true; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + configSSHv2Support = i18n(""); // How to configure protocol version 2 support only + + // Config report SSH support text + sshConfigProtocolSupport = i18n(""); // Config report text on protocol support (e.g. supports both version 1 and 2 of the protocol) + + // HTTP(S) options... + httpSupported = true; // Does this device support HTTP + httpsSupported = true; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = true; // Is the HTTP service enabled? + httpPort = 80; // HTTP port + httpsEnabled = false; // Is the HTTPS service enabled? + httpsPort = 443; // HTTPS port + httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? + httpSpecificTimeout = false; // A HTTP Specific Timeout? + httpTimeout = 0; // The HTTP Timeout (secs) + configHTTPTimeout = i18n(""); // The text and commands to configure the timeout + httpLabel = i18n("*ABBREV*HTTP*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*HTTPS*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + httpSpecificHost = false; // Does HTTP have its own access list? + httpHostsRequired = false; // Is the host configuration required? + showHTTPHostInterface = false; // Show the Interface column in the host table? + configHTTPHostAccess = i18n(""); // How to configure HTTP Management hosts... + disableHTTP = i18n(""); // How to disable HTTP text... + configHTTPSSupport = i18n(""); // How to configure HTTPS... + + // HP Procurve specific settings... + consoleBaudRate = 0; // The console line baud rate + consoleFlowXONControl = true; // Flow Control 0 = none, 1 = XON, 2 = XOFF + consoleLocalType = 0; // 0 = VT100, 1 = none, 2 = ANSI + consoleAllType = 0; // 0 = VT100, 1 = none, 2 = ANSI + telnet6ServerEnabled = true; // Telnet IPv6 Server + tftp6ServerEnabled = true; // TFTP IPv6 Server + sshIPProtocol = 0; // SSH IP (0 = 4 & 6, 4 = 4, 6 =6) +} + + +int ProCurveAdministration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + hostFilter *hostPointer = 0; + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Console... + if (strcmp(command->part(tempInt), "console") == 0) + { + tempInt++; + + // timeout... + if (strcmp(command->part(tempInt), "console") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + connectionTimeout = atoi(command->part(tempInt)); + if (connectionTimeout != 0) + connectionTimeout = connectionTimeout * 60; + } + + // baud rate + else if (strcmp(command->part(tempInt), "baud-rate") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole Baud Rate Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt), "speed-sense") == 0) + consoleBaudRate = 0; + else + consoleBaudRate = atoi(command->part(tempInt)); + } + + // flow control + else if (strcmp(command->part(tempInt), "flow-control") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFlow Control Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcasecmp(command->part(tempInt), "none") == 0) + consoleFlowXONControl = false; + else + consoleFlowXONControl = true; + } + + // local terminal + else if (strcmp(command->part(tempInt), "local-terminal") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLocal Terminal Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcasecmp(command->part(tempInt), "none") == 0) + consoleLocalType = 1; + else if (strcasecmp(command->part(tempInt), "ansi") == 0) + consoleLocalType = 2; + else + consoleLocalType = 0; + } + + // terminal + else if (strcmp(command->part(tempInt), "terminal") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTerminal Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcasecmp(command->part(tempInt), "none") == 0) + consoleLocalType = 1; + else if (strcasecmp(command->part(tempInt), "ansi") == 0) + consoleLocalType = 2; + else + consoleLocalType = 0; + consoleAllType = consoleLocalType; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // Web Management... + else if (strcmp(command->part(tempInt), "web-management") == 0) + { + tempInt++; + + // Management URL + if (strcmp(command->part(tempInt), "management-url") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sWeb Manage URL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + webManagementURL.assign(command->part(tempInt)); + } + + // Support URL + else if (strcmp(command->part(tempInt), "support-url") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sWeb Support URL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + webSupportURL.assign(command->part(tempInt)); + } + + // HTTP + else if ((strcmp(command->part(tempInt), "plaintext") == 0) || (tempInt == command->parts)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sWeb Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + httpEnabled = setting; + } + + // HTTPS + else if (strcmp(command->part(tempInt), "ssl") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sWeb Secure Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + httpsEnabled = setting; + tempInt++; + if (tempInt < command->parts) + httpsPort = atoi(command->part(tempInt)); + } + + // All others... + else + device->lineNotProcessed(line); + } + + // Telnet... + else if (strcmp(command->part(tempInt), "telnet-server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTelnet Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + telnetEnabled = setting; + } + + // Telnet IPv6... + else if (strcmp(command->part(tempInt), "telnet6-server") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTelnet IPv6 Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + telnet6ServerEnabled = setting; + } + + // TFTP Server... + else if ((strcmp(command->part(tempInt), "tftp") == 0) && (strcmp(command->part(tempInt + 1), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTFTP Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tftpEnabled = setting; + } + + // TFTP6 Server... + else if ((strcmp(command->part(tempInt), "tftp6") == 0) && (strcmp(command->part(tempInt + 1), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTFTP 6 Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tftp6ServerEnabled = setting; + } + + else if (strcmp(command->part(tempInt), "ip") == 0) + { + tempInt++; + + // Authorised Managers... + if (strcmp(command->part(tempInt), "authorized-managers") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sManagement Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostPointer = addHostFilter(allServices); + hostPointer->access.assign("manager"); + tempInt++; + hostPointer->host.assign(command->part(tempInt)); + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "access") == 0) + { + tempInt++; + hostPointer->access.assign(command->part(tempInt)); + } + else + hostPointer->netmask.assign(command->part(tempInt)); + tempInt++; + } + } + + // SSH + else if (strcmp(command->part(tempInt), "ssh") == 0) + { + tempInt++; + + // filetransfer + if (strcmp(command->part(tempInt), "filetransfer") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH SCP/SFTP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + if (setting == true) + { + sftpEnabled = true; + scpEnabled = true; + tftpEnabled = false; + tftp6ServerEnabled = false; + } + else + { + sftpEnabled = false; + scpEnabled = false; + } + } + + // Port + else if (strcmp(command->part(tempInt), "port") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt), "default") == 0) + sshPort = 22; + else + sshPort = atoi(command->part(tempInt)); + } + + // SSH IP protocol version + else if (strcmp(command->part(tempInt), "ip-version") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH IP Protocol Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (strcmp(command->part(tempInt), "4or6") == 0) + sshIPProtocol = 0; + else if (command->part(tempInt)[0] == '4') + sshIPProtocol = 4; + else + sshIPProtocol = 6; + } + + // SSH + else if (command->parts == tempInt) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + sshEnabled = setting; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int ProCurveAdministration::processDefaults(Device *device) +{ + // No administrative hosts? + if (serviceHosts == 0) + { + telnetEnabled = false; + sshEnabled = false; + } + + return 0; +} + + +int ProCurveAdministration::generateDeviceGeneralConfig(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINGENERAL-TABLE"); + + // Type... + device->addTableData(paragraphPointer->table, i18n("Console type")); + switch (consoleLocalType) + { + case 1: + device->addTableData(paragraphPointer->table, i18n("None")); + break; + case 2: + device->addTableData(paragraphPointer->table, i18n("*ABBREV*ANSI*-ABBREV*")); + break; + default: + device->addTableData(paragraphPointer->table, i18n("VT100")); + break; + } + + // Speed... + device->addTableData(paragraphPointer->table, i18n("Console data transmission speed")); + if (consoleBaudRate == 0) + device->addTableData(paragraphPointer->table, i18n("Auto")); + else + { + tempString.assign(device->intToString(consoleBaudRate)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + } + + // Control + device->addTableData(paragraphPointer->table, i18n("Flow Control")); + if (consoleFlowXONControl == true) + device->addTableData(paragraphPointer->table, i18n("XON/XOFF")); + else + device->addTableData(paragraphPointer->table, i18n("None")); + + return 0; +} + + +int ProCurveAdministration::generateDeviceTelnetConfig(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + + paragraphPointer = device->getTableParagraphPointer("CONFIG-SERVICES-TABLE"); + device->addTableData(paragraphPointer->table, i18n("Telnet *ABBREV*IPv6*-ABBREV* Service")); + if (telnet6ServerEnabled == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINTELNET-TABLE"); + + // IP Protocol Versions... + device->addTableData(paragraphPointer->table, i18n("Telnet *ABBREV*IPv6*-ABBREV* service")); + if (telnet6ServerEnabled == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + return 0; +} + + +int ProCurveAdministration::generateDeviceHTTPConfig(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINHTTP-TABLE"); + + // URLs + if (!webManagementURL.empty()) + { + device->addTableData(paragraphPointer->table, i18n("Management *ABBREV*URL*-ABBREV*")); + device->addTableData(paragraphPointer->table, webManagementURL.c_str()); + } + if (!webSupportURL.empty()) + { + device->addTableData(paragraphPointer->table, i18n("Support *ABBREV*URL*-ABBREV*")); + device->addTableData(paragraphPointer->table, webSupportURL.c_str()); + } + + return 0; +} + + +int ProCurveAdministration::generateDeviceTFTPConfig(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + + paragraphPointer = device->getTableParagraphPointer("CONFIG-SERVICES-TABLE"); + device->addTableData(paragraphPointer->table, i18n("*ABBREV*TFTP*-ABBREV* *ABBREV*IPv6*-ABBREV* Service")); + if (tftp6ServerEnabled == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINTFTP-TABLE"); + + // IP Protocol Versions... + device->addTableData(paragraphPointer->table, i18n("*ABBREV*TFTP*-ABBREV* *ABBREV*IPv6*-ABBREV* service")); + if (tftp6ServerEnabled == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + return 0; +} + + +int ProCurveAdministration::generateDeviceSSHConfig(Device *device) +{ + // Variables... + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-ADMINSSH-TABLE"); + + // IP Protocol Versions... + device->addTableData(paragraphPointer->table, i18n("*ABBREV*IP*-ABBREV* protocol version(s)")); + switch (sshIPProtocol) + { + case 4: + device->addTableData(paragraphPointer->table, i18n("*ABBREV*IPv4*-ABBREV*")); + break; + case 6: + device->addTableData(paragraphPointer->table, i18n("*ABBREV*IPv6*-ABBREV*")); + break; + default: + device->addTableData(paragraphPointer->table, i18n("*ABBREV*IPv4*-ABBREV* and *ABBREV*IPv6*-ABBREV*")); + break; + } + + return 0; +} diff --git a/libnipper-0.12.6/HP-ProCurve/administration.h b/libnipper-0.12.6/HP-ProCurve/administration.h new file mode 100644 index 0000000..0a49353 --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/administration.h @@ -0,0 +1,68 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ProCurveadministration_H +#define ProCurveadministration_H + + +#include "../device/administration/administration.h" + + +class ProCurveAdministration : public Administration +{ + public: + + ProCurveAdministration(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Methods + virtual int generateDeviceGeneralConfig(Device *device); // A device specific config report output + virtual int generateDeviceTelnetConfig(Device *device); // A device specific config report output + virtual int generateDeviceTFTPConfig(Device *device); // A device specific config report output + virtual int generateDeviceSSHConfig(Device *device); // A device specific config report output + virtual int generateDeviceHTTPConfig(Device *device); // A device specific config report output + + // HP Procurve specific settings... + int consoleBaudRate; // The console line baud rate + bool consoleFlowXONControl; // Flow Control + int consoleLocalType; // 0 = VT100, 1 = none, 2 = ANSI + int consoleAllType; // 0 = VT100, 1 = none, 2 = ANSI + bool telnet6ServerEnabled; // Telnet IPv6 Server + bool tftp6ServerEnabled; // TFTP IPv6 Server + int sshIPProtocol; // SSH IP (0 = 4 & 6, 4 = 4, 6 =6) + string webManagementURL; // The URL to go to when ? is clicked + string webSupportURL; // The URL to go to when the support tab is clicked +}; + + +#endif diff --git a/libnipper-0.12.6/HP-ProCurve/authentication.cpp b/libnipper-0.12.6/HP-ProCurve/authentication.cpp new file mode 100644 index 0000000..942bf6c --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/authentication.cpp @@ -0,0 +1,285 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "authentication.h" +#include "../device/common/configline.h" + + +ProCurveAuthentication::ProCurveAuthentication() +{ + // General... + authenticationConfigIntro = i18n("This section describes the various *DEVICETYPE* device authentication settings."); // Introduction text to the whole section + loginAttemptsSupported = false; // Login attempts supported + loginAttempts = 0; // Login attempts allowed (0 = infinite) + accessWithoutAuthentication = false; // Set to true if access is allowed without authentication + configAccessAuthentication = "The manager and operator passwords can be configured with the following commands:*CODE**COMMAND*password manager*-COMMAND**COMMAND*password operator*-COMMAND**-CODE*"; // The text and commands to configure access authentication with a password + + // Authentication Methods... + authMethodSupported = true; // Authentication Method Supported + appliesToSupported = true; // Applies To Supported + namedAuthSupport = false; // Are auth servers named? + showAuthLevel = true; // Show auth level + + // Local User Options... + encryptionSupported = false; // Show encryption + readOnlySupported = false; // Is read only supported? + outboundACLSupported = false; // Are outbound filtering ACL supported? + privilegeLevelSupported = false; // Are privilege levels supported? + privilegeLevelText = i18n("Privilege Level"); // The table title privilege level text + configDeviceSpecificLocalUsers = "*DEVICETYPE* device local users are not listed in the configuration file. However, if the configuration does indicate as to whether the manager or operator users have had their passwords set. If the respective passwords have not been configured, the users are listed in this section."; // Text for the config report local user section. + filterText = i18n("*ABBREV*ACL*-ABBREV*"); // The table filter column title text + + // TACACS Options... + showTacacsGroupName = false; // Show the TACACS group + showTacacsRetries = false; // Show the TACACS retries + configTacacsKey = i18n("On *DEVICETYPE* devices a *ABBREV*TACACS+*-ABBREV* server key can be configured with the following command:*CODE**COMMAND*tacacs-server key *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a TACACS+ key + + // RADIUS Options... + showRadiusGroupName = false; // Show the RADIUS group + configRadiusKey = i18n("On *DEVICETYPE* devices a *ABBREV*RADIUS*-ABBREV* server key can be configured with the following command:*CODE**COMMAND*radius-server key *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a RADIUS key + + // KERBEROS Options... + showKerberosGroupName = false; // Show the KERBEROS group + showKerberosTimeout = false; // Show Kerberos timeout + showKerberosRetries = false; // Show Kerberos retries + + // LDAP Options... + showLDAPGroupName = false; // Show the LDAP group + showLDAPPassword = false; // Show LDAP password + configLDAPPassword = i18n(""); // The text and commands to configure an LDAP server password + + // SecurID Options... + showSecurIDGroupName = false; // Show the SecurID group + showSecurIDDuress = false; // Show the SecurID Duress + showSecurIDEncryption = false; // Show the SecurID Encryption + + // NT Options... + showNTGroupName = false; // Show the NT group + + + tacacsTimeout = 5; + tacacsFirst = true; + radiusTimeout = 5; + radiusRetransmit = 3; + radiusFirst = true; + operatorPresent = false; + managerPresent = false; +} + + +int ProCurveAuthentication::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + authConfig *authPointer = 0; + tacacsServerConfig *tacacsPointer = 0; + radiusServerConfig *radiusPointer = 0; + int tempInt = 0; + int errorCode = 0; + + // tacacs... + if (strcasecmp(command->part(0), "tacacs-server") == 0) + { + + // key... + if (strcasecmp(command->part(1), "key") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Key Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsKey.assign(command->part(2)); + } + + // timeout... + else if (strcasecmp(command->part(1), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsTimeout = atoi(command->part(2)); + } + + // host... + else if (strcasecmp(command->part(1), "host") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = addTacacsServer(); + tacacsPointer->address.assign(command->part(2)); + if (strcasecmp(command->part(3), "key") == 0) + tacacsPointer->key.assign(command->part(4)); + else + tacacsPointer->key.assign(tacacsKey); + tacacsPointer->timeout = tacacsTimeout; + if (tacacsFirst == true) + tacacsPointer->description.assign(i18n("Primary")); + else + tacacsPointer->description.assign(i18n("Backup")); + tacacsFirst = false; + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + // radius... + else if (strcasecmp(command->part(0), "radius-server") == 0) + { + + // key... + if (strcasecmp(command->part(1), "key") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Key Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusKey.assign(command->part(2)); + } + + // timeout... + else if (strcasecmp(command->part(1), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusTimeout = atoi(command->part(2)); + } + + // host... + else if (strcasecmp(command->part(1), "host") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = addRadiusServer(); + radiusPointer->address.assign(command->part(2)); + radiusPointer->key.assign(radiusKey); + tempInt = 3; + while (tempInt < command->parts) + { + if (strcasecmp(command->part(3), "key") == 0) + { + tempInt++; + radiusPointer->key.assign(command->part(tempInt)); + } + tempInt++; + } + radiusPointer->timeout = radiusTimeout; + if (radiusFirst == true) + radiusPointer->description.assign(i18n("Primary")); + else + radiusPointer->description.assign(i18n("Backup")); + radiusFirst = false; + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + // password manager... + else if ((strcasecmp(command->part(0), "password") == 0) && (strcasecmp(command->part(1), "manager") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sManager Password Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + managerPresent = true; + } + + // password operator... + else if ((strcasecmp(command->part(0), "password") == 0) && (strcasecmp(command->part(1), "operator") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sOperator Password Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + operatorPresent = true; + } + + // aaa authentication... + else if ((strcasecmp(command->part(0), "aaa") == 0) && (strcasecmp(command->part(1), "authentication") == 0) && ((strcasecmp(command->part(3), "login") == 0) || (strcasecmp(command->part(3), "enable") == 0))) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAAA Authentication Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + authPointer = addMethod(); + authPointer->appliesTo.assign(command->part(2)); + authPointer->level.assign(command->part(3)); + if (strcasecmp(command->part(4), "local") == 0) + authPointer->method = localAuth; + else if (strcasecmp(command->part(4), "radius") == 0) + authPointer->method = radiusAuth; + else if (strcasecmp(command->part(4), "tacacs") == 0) + authPointer->method = tacacsAuth; + + if (command->parts == 6) + { + authPointer = addMethod(); + authPointer->appliesTo.assign(command->part(2)); + authPointer->level.assign(command->part(3)); + if (strcasecmp(command->part(5), "local") == 0) + authPointer->method = localAuth; + else if (strcasecmp(command->part(5), "radius") == 0) + authPointer->method = radiusAuth; + else if (strcasecmp(command->part(5), "tacacs") == 0) + authPointer->method = tacacsAuth; + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return errorCode; +} + + +int ProCurveAuthentication::processDefaults(Device *device) +{ + // Variables... + localUserConfig *userPointer; + + if (operatorPresent == false) + { + userPointer = getUser("operator"); + userPointer->adminAccess = false; + } + + if (managerPresent == false) + { + userPointer = getUser("manager"); + userPointer->adminAccess = true; + } + + return 0; +} diff --git a/libnipper-0.12.6/HP-ProCurve/authentication.h b/libnipper-0.12.6/HP-ProCurve/authentication.h new file mode 100644 index 0000000..2cf1d78 --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/authentication.h @@ -0,0 +1,66 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ProCurveauthentication_H +#define ProCurveauthentication_H + + +#include "../device/authentication/authentication.h" + + +class ProCurveAuthentication : public Authentication +{ + public: + + ProCurveAuthentication(); + + + // ----------------------------------------------------------------------- + // Standard Device Class Methods... + // ----------------------------------------------------------------------- + + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + + private: + string tacacsKey; + int tacacsTimeout; + bool tacacsFirst; + string radiusKey; + int radiusTimeout; + int radiusRetransmit; + bool radiusFirst; + + bool operatorPresent; + bool managerPresent; +}; + + +#endif diff --git a/libnipper-0.12.6/HP-ProCurve/banner.cpp b/libnipper-0.12.6/HP-ProCurve/banner.cpp new file mode 100644 index 0000000..4ab2769 --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/banner.cpp @@ -0,0 +1,111 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "banner.h" + + +ProCurveBanner::ProCurveBanner() +{ + // Banner settings... + preLogonBanner = true; // Support Banner(s) Before Logon? + postLogonBanner = false; // Support Banner(s) After Logon? + configPreLogonBanner = i18n("The *ABBREV*MOTD*-ABBREV* banner message is shown before users logon. The *ABBREV*MOTD*-ABBREV* banner message can be configured by entering the following command:*CODE**COMMAND*banner motd *CMDUSER*delimiter*-CMDUSER**-COMMAND**-CODE*"); // The text that explains how to config a prelogon banner, with commands... + configPostLogonBanner = i18n(""); // The text that explains how to config a post logon banner, with commands... +} + + +int ProCurveBanner::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + bannerStruct *bannerPointer = 0; + string tempString; + bool end = false; + + // Telnet banner... + if ((strcmp(command->part(0), "banner") == 0) && (strcmp(command->part(1), "motd") == 0)) + { + if (strlen(command->part(2)) == 2) + { + if (command->part(2)[1] == '\"') + end = true; + } + + // Get banner... + if (end == false) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign(i18n("*ABBREV*MOTD*-ABBREV*")); + bannerPointer->description.assign(i18n("The *ABBREV*MOTD*-ABBREV* banner message is presented to users before they logon. The *ABBREV*MOTD*-ABBREV* banner configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = anyConnection; + tempString.assign(strstr(line, command->part(2) + 1)); + + // Get the lines... + while ((end == false) && (feof(device->inputFile) == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (tempString.find("\"") != tempString.npos) + { + end = true; + tempString.erase(tempString.find("\"")); + } + + addBannerLine(bannerPointer, tempString.c_str()); + + // Read a line from the config... + if (end == false) + { + device->readLine(line, lineSize); + tempString.assign(line); + } + } + } + else + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + diff --git a/libnipper-0.12.6/HP-ProCurve/banner.h b/libnipper-0.12.6/HP-ProCurve/banner.h new file mode 100644 index 0000000..fc41d44 --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/banner.h @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ProCurvebanner_H +#define ProCurvebanner_H + + +#include "../device/banner/banner.h" + + +class ProCurveBanner : public Banner +{ + public: + + ProCurveBanner(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/HP-ProCurve/device.cpp b/libnipper-0.12.6/HP-ProCurve/device.cpp new file mode 100644 index 0000000..880958d --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/device.cpp @@ -0,0 +1,226 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" +#include "administration.h" +#include "banner.h" +#include "snmp.h" +#include "dns.h" +#include "authentication.h" +#include "interfaces.h" + + +ProCurveDevice::ProCurveDevice() +{ + deviceMake = "HP"; + deviceType = "ProCurve"; + deviceOS = "ProCurve *ABBREV*OS*-ABBREV*"; + + isSwitch = true; + + general = new (ProCurveGeneral); + administration = new (ProCurveAdministration); + banner = new (ProCurveBanner); + snmp = new (ProCurveSNMP); + dns = new (ProCurveDNS); + authentication = new (ProCurveAuthentication); + interfaces = new (ProCurveInterfaces); +} + + +ProCurveDevice::~ProCurveDevice() +{ + delete general; + delete administration; + delete banner; + delete snmp; + delete dns; + delete authentication; + delete interfaces; +} + + +int ProCurveDevice::processDevice() +{ + // Variables... + char line[1024]; + ConfigLine command; + int tempInt = 0; + bool setting = false; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Init + if (strcmp(command.part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Hostname (in general)... + if (strcasecmp(command.part(tempInt), "hostname") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + + // Device Model / Version... + else if ((strcmp(command.part(tempInt), ";") == 0) && (strcasecmp(command.part(tempInt + 2), "Configuration") == 0) && (strcasecmp(command.part(tempInt + 3), "Editor;") == 0)) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Modules... + else if ((strcmp(command.part(tempInt), "module") == 0) && (strcasecmp(command.part(tempInt + 2), "type") == 0)) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // IP... + else if (strcmp(command.part(tempInt), "ip") == 0) + { + tempInt++; + + // SSH... + if (strcmp(command.part(tempInt), "ssh") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Authorised Managers... + else if (strcmp(command.part(tempInt), "authorized-managers") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // DNS... + else if (strcmp(command.part(tempInt), "dns") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + // VLAN... + else if (strcmp(command.part(tempInt), "vlan") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Telnet... + else if ((strcasecmp(command.part(tempInt), "telnet-server") == 0) || (strcasecmp(command.part(tempInt), "telnet6-server") == 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // TFTP Server... + else if ((strcasecmp(command.part(tempInt), "tftp") == 0) && (strcasecmp(command.part(tempInt + 1), "server") == 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // TACACS+ Server... + else if (strcasecmp(command.part(tempInt), "tacacs-server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // RADIUS Server... + else if (strcasecmp(command.part(tempInt), "radius-server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // AAA Authentication... + else if ((strcasecmp(command.part(tempInt), "aaa") == 0) && (strcasecmp(command.part(tempInt + 1), "authentication") == 0)) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Password... + else if (strcasecmp(command.part(tempInt), "password") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SNMP... + else if ((strcasecmp(command.part(tempInt), "snmp-server") == 0) || (strcasecmp(command.part(tempInt), "snmpv3") == 0)) + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Web Management... + else if (strcasecmp(command.part(tempInt), "web-management") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Banner MOTD... + else if ((strcmp(command.part(0), "banner") == 0) && (strcmp(command.part(1), "motd") == 0)) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Console... + else if ((strcmp(command.part(tempInt), "console") == 0) && (strcmp(command.part(tempInt + 1), "events") != 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + if ((general->version.empty()) && (config->deviceTypeChecks == true)) + return libnipper_error_wrongdevice; + + return 0; +} + + +bool ProCurveDevice::isDeviceType() +{ + // Variables... + char line[1024]; + bool found = false; + int readCount = 0; + int returnCode = 0; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (found == false) && (readCount < 5)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + if ((strncmp(line, "; J", 3) == 0) && (strstr(line, "Configuration Editor; Created on release") != 0)) + found = true; + + readCount++; + } + fclose(inputFile); + + return found; +} diff --git a/libnipper-0.12.6/HP-ProCurve/device.h b/libnipper-0.12.6/HP-ProCurve/device.h new file mode 100644 index 0000000..5346c9a --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/device.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_ProCurve_H +#define device_ProCurve_H + + +#include "../device/device.h" + + +class ProCurveDevice : public Device +{ + public: + ProCurveDevice(); + ~ProCurveDevice(); + + int processDevice(); + bool isDeviceType(); +}; + + +#endif diff --git a/libnipper-0.12.6/HP-ProCurve/dns.cpp b/libnipper-0.12.6/HP-ProCurve/dns.cpp new file mode 100644 index 0000000..0f0c29a --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/dns.cpp @@ -0,0 +1,140 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "dns.h" + + +ProCurveDNS::ProCurveDNS() +{ + nameMappingConfig = i18n("*DEVICETYPE* devices can be configured to resolve name to address mappings. This section details those settings."); // The text paragraph in the config section + + // Host configuration + showInterface = false; // Are interfaces supported? + + // DNS Client Settings + dnsClientSupported = false; // DNS Client Supported? + dnsLookupEnabled = false; // DNS lookups enabled? + disableLookup = "*ABBREV*DNS*-ABBREV* lookups can be disabled on *DEVICETYPE* devices by removing all the configured *ABBREV*DNS*-ABBREV* servers. This can be done with the following command:*CODE**COMMAND*no ip dns server-address priority *CMDUSER*priority*-CMDUSER* *CMDUSER*ip-address*-CMDUSER**-COMMAND**-CODE*"; // The text and commands to disable DNS lookup + dnsRetries = 0; // DNS lookup retries + dnsRetriesSupported = false; // DNS lookup retries Supported? + dnsTimeout = 0; // DNS timeout + dnsTimeoutSupported = false; // DNS timeout Supported? + + // DNS Server Options... + dnsRecordKeepAliveSupported = false; // Is the DNS keep Alive message type supported? + returnRecordsSupported = false; // Is the single/multiple record field supported? + dynamicDNSSupported = false; // Is Dynamic DNS Supported? + dnsServerSupported = false; // Is DNS Server Supported? + dnsServiceEnabled = false; // Is the DNS service enabled? + dynamicDNSEnabled = false; // Is dynamic DNS enabled? + dnsProxySupported = false; // Is DNS Proxy Server Supported? + dnsProxyEnabled = false; // Is the DNS Proxy service enabled? + dnsPort = 53; // DNS Server Port + + // Internal HP Procurve... + dnsSupported = false; +} + + +int ProCurveDNS::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + dnsConfig *dnsPointer = 0; + int tempInt = 0; + bool setting = false; + + dnsSupported = true; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 3; + setting = false; + } + else + { + tempInt = 2; + setting = true; + } + + // domain name... + if (strcasecmp(command->part(tempInt), "domain-name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDomain Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + dnsDomain.assign(command->part(tempInt)); + } + + // dns server... + else if (strcasecmp(command->part(tempInt), "server-address") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + if (setting == true) + { + dnsPointer = addDNSServer(command->part(5)); + dnsPointer->description.assign(i18n("Priority: ")); + dnsPointer->description.append(command->part(4)); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int ProCurveDNS::processDefaults(Device *device) +{ + // Enable DNS support (not all ProCurves support DNS) + if (dnsSupported == true) + { + dnsClientSupported = true; + if (dnsServer != 0) + dnsLookupEnabled = true; + } + + return 0; +} + diff --git a/libnipper-0.12.6/HP-ProCurve/dns.h b/libnipper-0.12.6/HP-ProCurve/dns.h new file mode 100644 index 0000000..9988846 --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/dns.h @@ -0,0 +1,54 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ProCurveDNS_H +#define ProCurveDNS_H + + +#include "../device/dns/dns.h" + + +class ProCurveDNS : public DNS +{ + public: + + ProCurveDNS(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + + private: + bool dnsSupported; +}; + + +#endif diff --git a/libnipper-0.12.6/HP-ProCurve/general.cpp b/libnipper-0.12.6/HP-ProCurve/general.cpp new file mode 100644 index 0000000..21308cf --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/general.cpp @@ -0,0 +1,167 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +ProCurveGeneral::ProCurveGeneral() +{ +} + + +int ProCurveGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Hostname + if (strcasecmp(command->part(tempInt), "hostname") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHostname Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostname = command->part(tempInt + 1); + } + + // Model & Version... + else if ((strcmp(command->part(tempInt), ";") == 0) && (strcasecmp(command->part(tempInt + 2), "Configuration") == 0) && (strcasecmp(command->part(tempInt + 3), "Editor;") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sModel And Version Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + deviceModel.assign(command->part(tempInt)); + tempInt += 6; + version.assign(command->part(tempInt)); + version.erase(0, 1); + } + + // Modules + else if ((strcasecmp(command->part(tempInt), "module") == 0) && (strcasecmp(command->part(tempInt + 2), "type") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sModule Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + addDeviceModule(atoi(command->part(tempInt)), command->part(tempInt + 2)); + } + + return 0; +} + + +int ProCurveGeneral::processDefaults(Device *device) +{ + // Split Version Numbers... + if (!version.empty()) + { + versionMajor = version[0]; + versionMinor = atoi(strchr(version.c_str(), '.') + 1); + versionRevision = atoi(strchr(strchr(version.c_str(), '.') + 1, '.') + 1); + } + + return 0; +} + + +int ProCurveGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; +/* + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-GENERAL"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-GENERAL-TABLE"); + + // Password Encryption... + if (servicePasswordEncryption != unconfigured) + { + device->addTableData(paragraphPointer->table, i18n("Service Password Encryption")); + if (servicePasswordEncryption == on) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + }*/ + + return errorCode; +} + + +int ProCurveGeneral::generateSecuritySpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; +/* + // Service Password Encryption... + if (servicePasswordEncryption == off) + { + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Service Password Encryption Disabled")); + securityIssuePointer->reference.assign("IOS.PASSENCR.1"); + securityIssuePointer->overallRating = 8; + securityIssuePointer->impactRating = 9; + securityIssuePointer->easeRating = 2; + securityIssuePointer->fixRating = 1; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("Cisco service passwords by default are stored in their clear text form rather than being encrypted. However, it is possible to have these passwords stored using the reversible Cisco type-7 encryption. *COMPANY* determined that the service password encryption that helps to provide a basic level of encryption for passwords that otherwise would be stored in clear text was disabled on the Cisco device *DEVICENAME*.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("The Cisco type-7 password encryption provides little in the way of protection against an attacker who has access to the configuration file. However, the Cisco type-7 password encryption would provide a level of protect against a malicious user who had managed to briefly view a devices configuration.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("If a malicious user were able to glance a password from a devices configuration they could use it to gain a level of access to *DEVICENAME*. If the passwords were encrypted using the Cisco type-7 routine, a malicious user that had access to the devices configuration would have to decode the password first. Tools are widely available on the Internet that can reverse Cisco type-7 passwords.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that the Cisco password encryption service be enabled. The Cisco password encryption service can be started with the following Cisco *ABBREV*IOS*-ABBREV* command:")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*CODE**COMMAND*service password-encryption*-COMMAND**-CODE*")); + securityIssuePointer->conLine.assign(i18n("service password encryption was disabled")); + securityIssuePointer->recLine.assign(i18n("enable the service password encryption")); + }*/ + return errorCode; +} diff --git a/libnipper-0.12.6/HP-ProCurve/general.h b/libnipper-0.12.6/HP-ProCurve/general.h new file mode 100644 index 0000000..ead267b --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/general.h @@ -0,0 +1,56 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ProCurvedevicegeneral_H +#define ProCurvedevicegeneral_H + +#include "../device/general/general.h" + + +class ProCurveGeneral : public General +{ + public: + ProCurveGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Reporting... + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + private: + //unsigned int servicePasswordEncryption; +}; + + +#endif diff --git a/libnipper-0.12.6/HP-ProCurve/interfaces.cpp b/libnipper-0.12.6/HP-ProCurve/interfaces.cpp new file mode 100644 index 0000000..e3ad071 --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/interfaces.cpp @@ -0,0 +1,160 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "interfaces.h" + + +ProCurveInterfaces::ProCurveInterfaces() +{ + // Interface Options... + useModuleAndPort = false; // Use the module / port instead of the name + useInterfaceZone = false; // Use the interface zone + zoneName = i18n("Zone"); // The name for zone field + filterIn = i18n("Filter In"); // The filter in table title text + filterOut = i18n("Filter Out"); // The filter out table title text + showDescription = true; // Show the interface description + cdpGlobalRequired = false; // If CDP needs to be enabled globally as well + disableCDPText = i18n(""); // The text and commands to disable CDP + cdpSupported = false; // Is CDP supported on interfaces + disableProxyARPText = i18n(""); // The text and commands to disable Proxy ARP + disableUnreachablesText = i18n(""); // The text and commands to disable ICMP unreachable messages + disableInformationText = i18n(""); // The text and commands to disable ICMP information messages + disableMaskText = i18n(""); // The text and commands to disable ICMP mask messages + disableRedirectText = i18n(""); // The text and commands to disable ICMP redirect messages + disableDirectedText = i18n(""); // The text and commands to disable directed broadcasts + disableMOPText = i18n(""); // The text and commands to disable MOP + disableActiveText = i18n(""); // The text and commands to disable potentially unused interfaces + filterName = i18n("filter lists"); // The filter list name for use in the filter issue text + configFilterText = i18n(""); // The text and commands to configure network filtering + defaultAutoTrunk = false; // Default to automatically trunk + disableTrunkText = i18n(""); // The text and commands to disable trunking on a port + enablePortSecurityText = i18n(""); // The text and commands to enable port security +} + + +int ProCurveInterfaces::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + interfaceListConfig *interfaceListPointer = 0; + interfaceConfig *interfacePointer = 0; + int tempInt = 0; + bool setting = false; + + // VLAN... + if (strcasecmp(command->part(0), "vlan") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sVLAN Interface Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Sort out the interface list first... + interfaceListPointer = getInterfaceList("VLANINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*VLAN*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*VLAN*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*VLAN*-ABBREV* interfaces"); + interfaceListPointer->label = "VLANINTERFACES"; + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1)); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + while ((strcasecmp(command->part(0), "exit") != 0) && (feof(device->inputFile) == 0)) + { + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 0; + setting = true; + } + + // Name + if (strcasecmp(command->part(0), "name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sVLAN Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->name.assign(command->part(1)); + } + + // address + if ((strcasecmp(command->part(0), "ip") == 0) && (strcasecmp(command->part(1), "address") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sVLAN Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->address.assign(command->part(2)); + interfacePointer->netmask.assign(command->part(3)); + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int ProCurveInterfaces::processDefaults(Device *device) +{ + return 0; +} + diff --git a/libnipper-0.12.6/HP-ProCurve/interfaces.h b/libnipper-0.12.6/HP-ProCurve/interfaces.h new file mode 100644 index 0000000..1048d6c --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/interfaces.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ProCurveInterfaces_H +#define ProCurveInterfaces_H + + +#include "../device/interfaces/interfaces.h" + + +class ProCurveInterfaces : public Interfaces +{ + public: + + ProCurveInterfaces(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + +}; + +#endif diff --git a/libnipper-0.12.6/HP-ProCurve/snmp-report.cpp b/libnipper-0.12.6/HP-ProCurve/snmp-report.cpp new file mode 100644 index 0000000..1e7dac6 --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/snmp-report.cpp @@ -0,0 +1,342 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include "../globaldefs.h" +#include "device.h" +#include "general.h" +#include "snmp.h" + + +int ProCurveSNMP::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + string tempString; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-SNMP"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-SNMP-TABLE"); + + // Authentication MIB + device->addTableData(paragraphPointer->table, i18n("Authentication *ABBREV*MIB*-ABBREV*")); + if (authenticationMIB == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + + return errorCode; +} + + +int ProCurveSNMP::generateSecuritySpecificReport(Device *device) +{ + // Variables... + snmpCommunity *snmpCommunityPointer = 0; + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + const char *snmpAuthAccessIssue = i18n("Additionally, the attacker would have read/write access to the *DEVICETYPE* authentication *ABBREV*MIB*-ABBREV* (see section *SECTIONNO*)."); + const char *snmpManagerIssue = i18n(" With a Manager view of the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV*, an attacker would be able to extract a large quantity of configuration information from *DEVICENAME* (see section *SECTIONNO*)."); + bool managerAccess = false; + bool managerDictionary = false; + bool managerWeak = false; + bool managerUnrest = false; + bool managerUnrestDict = false; + bool managerUnrestWeak = false; + int errorCode = 0; + + // Searching for issues... + snmpCommunityPointer = community; + while (snmpCommunityPointer != 0) + { + if ((snmpCommunityPointer->enabled == true) && (snmpCommunityPointer->view.compare("Manager") == 0)) + { + managerAccess = true; + if (snmpCommunityPointer->communityInDict == true) + managerDictionary = true; + else if (snmpCommunityPointer->communityWeak != Device::passwordPassed) + managerWeak = true; + if (snmpCommunityPointer->type != communityReadOnly) + { + managerUnrest = true; + if (snmpCommunityPointer->communityInDict == true) + managerUnrestDict = true; + else if (snmpCommunityPointer->communityWeak != Device::passwordPassed) + managerUnrestWeak = true; + } + } + snmpCommunityPointer = snmpCommunityPointer->next; + } + + // Manager View... + if (managerAccess == true) + { + + // Write Access... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWRIT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "HPP.SNMPMANA.1"); + paragraphPointer->paragraph.append(snmpManagerIssue); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPMANA.1"); + } + + // Clear-text SNMP... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPCLEA.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + device->addString(paragraphPointer, "HPP.SNMPMANA.1"); + paragraphPointer->paragraph.append(snmpManagerIssue); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPMANA.1"); + } + + // Dictionary-based Community Strings... + if (managerUnrestDict == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPDICT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "HPP.SNMPMANA.1"); + paragraphPointer->paragraph.append(snmpManagerIssue); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPMANA.1"); + } + } + + // Weak Community Strings... + if (managerUnrestWeak == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWEAK.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = securityIssuePointer->impact; + while (paragraphPointer->next != 0) + paragraphPointer = paragraphPointer->next; + device->addString(paragraphPointer, "HPP.SNMPMANA.1"); + paragraphPointer->paragraph.append(snmpManagerIssue); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPMANA.1"); + } + } + + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] SNMP Manager Access\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("*ABBREV*SNMP*-ABBREV* Access To All *ABBREV*MIB*-ABBREV* Objects")); + securityIssuePointer->reference.assign("HPP.SNMPMANA.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*DEVICETYPE* community strings can be configured with either a Manager or Operator view of the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV*. A community string with a Manager view can access all *ABBREV*MIB*-ABBREV* objects, while a community string with a Operator view can access all *ABBREV*MIB*-ABBREV* objects except the configuration *ABBREV*MIB*-ABBREV*.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that a Manager view of the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* was configured on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 6; // Medium + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker who has *ABBREV*SNMP*-ABBREV* access to the *DEVICETYPE* using a community string with a Manager view of the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* could extract a large quantity of configuration information from *DEVICENAME*.")); + if (managerUnrest == true) + { + securityIssuePointer->impactRating = 7; // High + paragraphPointer->paragraph.append(i18n(" With write *ABBREV*SNMP*-ABBREV* access to *DEVICENAME*, an attacker could modify the devices configuration.")); + if (authenticationMIB == true) + { + securityIssuePointer->impactRating = 8; // High + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "HPP.SNMPAUTH.1"); + paragraphPointer->paragraph.append(i18n("Additionally, the attacker could access and modify the authentication information stored on *DEVICENAME* (see section *SECTIONNO*).")); + } + } + + // Issue ease... + securityIssuePointer->easeRating = 4; // Moderate + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("For an attacker to exploit this issue they would require *ABBREV*SNMP*-ABBREV* query tools, a community string with a Manager view of the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV*. *ABBREV*SNMP*-ABBREV* query tools are available on the Internet and some *ABBREV*OS*-ABBREV* install them by default.")); + if (managerDictionary == true) + { + securityIssuePointer->easeRating = 8; // Easy + device->addString(paragraphPointer, "GEN.SNMPDICT.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a dictionary attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + else if (managerWeak == true) + { + securityIssuePointer->easeRating = 6; // Easy + device->addString(paragraphPointer, "GEN.SNMPWEAK.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a brute-force attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + + // Issue recommendation... + securityIssuePointer->fixRating = 2; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that, unless required, access to the configuration *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* should be disabled. This can be done with the following command:*CODE**COMMAND*snmp-server community *CMDUSER*community-string*-CMDUSER* operator *CMDOPTION*restricted *CMDOR* unrestricted*-CMDOPTION**-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("access to configuration information was possible using *ABBREV*SNMP*-ABBREV*")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable access to configuration information using *ABBREV*SNMP*-ABBREV*")); + + // Dependent issues... + device->addDependency(securityIssuePointer, "GEN.SNMPCLEA.1"); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPDICT.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPWEAK.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPWRIT.1"); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPAUTH.1"); + } + + // Authentication MIB... + if ((managerUnrest == true) && (authenticationMIB == true)) + { + + // Write Access... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWRIT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "HPP.SNMPAUTH.1"); + paragraphPointer->paragraph.assign(snmpAuthAccessIssue); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPAUTH.1"); + } + + // Clear-text SNMP... + securityIssuePointer = device->getSecurityIssue("GEN.SNMPCLEA.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "HPP.SNMPAUTH.1"); + paragraphPointer->paragraph.assign(snmpAuthAccessIssue); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPAUTH.1"); + } + + // Dictionary-based Community Strings... + if (managerUnrestDict == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPDICT.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "HPP.SNMPAUTH.1"); + paragraphPointer->paragraph.assign(snmpAuthAccessIssue); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPAUTH.1"); + } + } + + // Weak Community Strings... + if (managerUnrestWeak == true) + { + securityIssuePointer = device->getSecurityIssue("GEN.SNMPWEAK.1"); + if (securityIssuePointer != 0) + { + securityIssuePointer->impactRating++; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + device->addString(paragraphPointer, "HPP.SNMPAUTH.1"); + paragraphPointer->paragraph.assign(snmpAuthAccessIssue); + device->addRelatedIssue(securityIssuePointer, "HPP.SNMPAUTH.1"); + } + } + + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] SNMP Authentication MIB Access\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("*ABBREV*SNMP*-ABBREV* Access To The Authentication *ABBREV*MIB*-ABBREV*")); + securityIssuePointer->reference.assign("HPP.SNMPAUTH.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addString(paragraphPointer, snmpFilterText); + paragraphPointer->paragraph.assign(i18n("*DEVICETYPE* devices can be configured to allow access to authentication information using *ABBREV*SNMP*-ABBREV*. *COMPANY* determined that the access to the authentication information in the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* was allowed on *DEVICENAME*.")); + + // Issue impact... + securityIssuePointer->impactRating = 8; // High + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("An attacker who has *ABBREV*SNMP*-ABBREV* access to the *DEVICETYPE* authentication *ABBREV*MIB*-ABBREV* could extract authentication details, and with write access they could modify the authentication information.")); + + // Issue ease... + securityIssuePointer->easeRating = 4; // Moderate + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("For an attacker to exploit this issue they would require *ABBREV*SNMP*-ABBREV* query tools, a community string in the Manager group. *ABBREV*SNMP*-ABBREV* query tools are available on the Internet and some *ABBREV*OS*-ABBREV* install them by default.")); + if (managerUnrestDict == true) + { + securityIssuePointer->easeRating = 8; // Easy + device->addString(paragraphPointer, "GEN.SNMPDICT.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a dictionary attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + else if (managerUnrestWeak == true) + { + securityIssuePointer->easeRating = 6; // Easy + device->addString(paragraphPointer, "GEN.SNMPWEAK.1"); + paragraphPointer->paragraph.append(i18n(" Furthermore, the attacker could make use of a brute-force attack against the *ABBREV*SNMP*-ABBREV* service in order to gain access to a community string (see section *SECTIONNO*).")); + } + + // Issue recommendation... + securityIssuePointer->fixRating = 2; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that, unless required, access to the authentication information using *ABBREV*SNMP*-ABBREV* should be disabled. This can be done with the following command:*CODE**COMMAND*snmp-server mib hpSwitchAuthMIB excluded*-COMMAND**-CODE*")); + + // Conclusions text... + securityIssuePointer->conLine.append(i18n("access to authentication information was possible using *ABBREV*SNMP*-ABBREV*")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("Disable access to authentication information using *ABBREV*SNMP*-ABBREV*")); + + // Dependent issues... + device->addDependency(securityIssuePointer, "GEN.SNMPCLEA.1"); + device->addDependency(securityIssuePointer, "GEN.SNMPWRIT.1"); + device->addDependency(securityIssuePointer, "HPP.SNMPMANA.1"); + + // Related issues... + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPDICT.1"); + device->addRelatedIssue(securityIssuePointer, "GEN.SNMPWEAK.1"); + } + + return errorCode; +} diff --git a/libnipper-0.12.6/HP-ProCurve/snmp.cpp b/libnipper-0.12.6/HP-ProCurve/snmp.cpp new file mode 100644 index 0000000..58a34de --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/snmp.cpp @@ -0,0 +1,359 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "snmp.h" + +using namespace std; + + +ProCurveSNMP::ProCurveSNMP() +{ + // Init SNMP support options... + deviceSNMPSupportText = i18n("*DEVICETYPE* support all three versions of the *ABBREV*SNMP*-ABBREV*. "); // Intro Config section device specific text. + supportSNMP3 = true; // Does this device support SNMPv3? + // N/A - supportSNMP3Upgrade = false; // Do you have to upgrade to get support for SNMPv3 + // N/A - supportSNMP3UpgText = i18n(""); // SNMP 3 is supported from OS version ... + disableSNMPCmdText = i18n("*ABBREV*SNMP*-ABBREV* versions 1 and 2 can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*no snmp-server enable*-COMMAND**-CODE*"); // The text and command(s) to disable SNMP support + configSNMPCommunityText = i18n("*ABBREV*SNMP*-ABBREV* community strings can be configured with the following command:*CODE**COMMAND*snmp-server community *CMDUSER*community-string*-CMDUSER* *CMDOPTION*manager *CMDOR* operator*-CMDOPTION* *CMDOPTION*restricted *CMDOR* unrestricted*-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure a community string + configSNMP3Text = i18n("*ABBREV*SNMP*-ABBREV* version 3 access can be configured by creating a user and adding the user to a group. This can be configured using the following commands:*CODE**COMMAND*snmpv3 user *CMDUSER*username*-CMDUSER* *CMDOPTION*auth *CMDREQUIRE*md5 *CMDOR* sha*-CMDREQUIRE* *CMDUSER*auth-password*-CMDUSER**-CMDOPTION* *CMDOPTION*priv *CMDREQUIRE*des *CMDOR* aes*-CMDREQUIRE* *CMDUSER*priv-password*-CMDUSER**-CMDOPTION**-COMMAND**COMMAND*snmpv3 group *CMDUSER*groupname*-CMDUSER* user *CMDUSER*username*-CMDUSER* sec-model ver3*-COMMAND**-CODE*"); // The text and command(s) to configure SNMP version 3 + // N/A - configSNMPViewText = i18n(""); // The text and command(s) to configure SNMP views + configSNMPTrapsText = i18n("*ABBREV*SNMP*-ABBREV* trap hosts can be configured using the following command:*CODE**COMMAND*snmp-server host *CMDUSER*ip-address*-CMDUSER* *CMDUSER*community-string*-CMDUSER* *CMDOPTION*none *CMDOR* debug *CMDOR* all *CMDOR* not-info *CMDOR* critical*-CMDOPTION**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP traps + // N/A - configSNMPInformsText = i18n(""); // The text and command(s) to configure SNMP informs + configSNMPReadOnlyText = i18n("Read only community string access to the *ABBREV*SNMP*-ABBREV* *ABBREV*MIB*-ABBREV* can be configured using the following command:*CODE**COMMAND*snmp-server community *CMDUSER*community-string*-CMDUSER* *CMDOPTION*manager *CMDOR* operator*-CMDOPTION* restricted*-COMMAND**-CODE*"); // The text and command(s) to configure SNMP read only access + // N/A - configSNMPFilterText = i18n(""); // The text and command(s) to configure SNMP filtering + + enabled = false; // Is the SNMP server enabled? + snmp12Enabled = true; // Is SNMP versions 1 or 2 configured? + snmp3Enabled = false; // Is SNMP version 3 configured? + + // Community Options... + communityView = true; // SNMP view for the community + communityFilter = false; // SNMP Network Filtering + communityIPv6Filter = false; // SNMP IPv6 Network Filtering + communitySpecificFilters = false; // If the device uses an SNMP specific list. If false, it is std device filters + communityRequiresHosts = false; // If the SNMP community will not work without a list of those who can access it + + // Default communities... + defaultReadOnly = ""; // Default read only community + defaultReadWrite = ""; // Default read/write community + defaultReadWriteAll = ""; // Default read/write all community + + // View support options... + viewSeperated = false; // Separate the views into different tables + viewExcludes = false; // Show the Include/Exclude View Table column + viewMIBText = i18n("Description"); // What the MIB column title in the table should be called + + // SNMP Trap/Inform Host Options... + trapsOnly = true; // Only Traps are supported + trapsSNMPv3 = false; // SNMP v3 support for traps + trapsShowPort = false; // Show Trap Host Port in Table + trapsInterface = false; // Show Interface in Table + trapsInterfaceText = i18n("Interface"); // The Traps/Informs Host Table Interface Column Title + trapsShowNotifications = false; // Show Notifications in the Table + trapsShowEventLevel = true; // Show Notification Event Level in the Table + + // Traps/Informs Options... + trapsShowExcluded = false; // Show excluded traps + trapsShowOptions = true; // Show trap options + + // SNMP User Options... + showUserRemote = false; // Show the remote host/port setting + showUserPriv = true; // Show the privacy settings + showUserFilter = false; // Show the Filter column in the table + showUserIPv6Filter = false; // Show the IPv6 Filter column in the table + userFilterText = i18n("Filter"); // The Text for the Filter table column title + userIPv6FilterText = i18n("*ABBREV*IPv6*-ABBREV* Filter"); // The Text for the IPv6 Filter table column title + + // SNMP Group Options... + snmpGroupShowType = false; // Enable/Disable SNMPv3 type in table + snmpGroupReadView = false; // Enable/Disable Read Views + snmpGroupWriteView = false; // Enable/Disable Write Views + snmpGroupNotifyView = false; // Enable/Disable Notify Views + snmpGroupFilter = false; // Enable/Disable Filter support + snmpGroupIPv6Filter = false; // Enable/Disable IPv6 Filter support + groupFilterText = i18n("Filter"); // The Text for the Filter table column title + groupIPv6FilterText = i18n("*ABBREV*IPv6*-ABBREV* Filter"); // The Text for the IPv6 Filter table column title + + // Device specific options... + authenticationMIB = false; +} + + +int ProCurveSNMP::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + snmpCommunity *communityPointer = 0; + snmpTrapHost *trapHostPointer = 0; + snmpView *viewPointer = 0; + snmpTrap *snmpTrapPointer = 0; + snmpUserStruct *snmpUserPointer = 0; + snmpGroupStruct *snmpGroupPointer = 0; + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "no") == 0) + { + tempInt = 2; + setting = false; + } + else + { + tempInt = 1; + setting = true; + } + + // Location... + if (strcasecmp(command->part(tempInt), "location") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Location Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + location.assign(command->part(tempInt)); + } + + // Contact... + else if (strcasecmp(command->part(tempInt), "contact") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Contact Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + location.assign(command->part(tempInt)); + } + + // Community... + else if (strcasecmp(command->part(tempInt), "community") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + communityPointer = addSNMPCommunity(); + communityPointer->community.assign(command->part(tempInt)); + communityPointer->enabled = setting; + communityPointer->type = communityReadOnly; + communityPointer->view.assign("Operator"); + tempInt++; + while (tempInt < command->parts) + { + if (strcasecmp(command->part(tempInt), "manager") == 0) + communityPointer->view.assign("Manager"); + else if (strcasecmp(command->part(tempInt), "operator") == 0) + communityPointer->view.assign("Operator"); + else if (strcasecmp(command->part(tempInt), "restricted") == 0) + communityPointer->type = communityReadOnly; + else if (strcasecmp(command->part(tempInt), "unrestricted") == 0) + communityPointer->type = communityReadWrite; + + tempInt++; + } + + // Create view for the community... + if (getSNMPView(communityPointer->view.c_str()) == 0) + { + if (communityPointer->view.compare("Operator") == 0) + addSNMPView(communityPointer->view.c_str(), i18n("Access to all *ABBREV*MIB*-ABBREV* objects except CONFIG.")); + else + { + addSNMPView(communityPointer->view.c_str(), i18n("Access to all *ABBREV*MIB*-ABBREV* objects.")); + viewPointer = getSNMPView(communityPointer->view.c_str()); + viewPointer->everything = true; + } + } + } + + // SNMP Host... + else if (strcmp(command->part(tempInt), "host") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + trapHostPointer = addSNMPTrapHost(); + trapHostPointer->trap = true; + trapHostPointer->version = 1; + trapHostPointer->host.assign(command->part(tempInt)); + tempInt++; + trapHostPointer->community.assign(command->part(tempInt)); + tempInt++; + if (tempInt < command->parts) + trapHostPointer->eventLevel.assign(command->part(tempInt)); + } + + // SNMP Traps... + else if ((strcmp(command->part(tempInt), "enable") == 0) && (strcmp(command->part(tempInt), "traps") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->include = setting; + snmpTrapPointer->trap.assign(command->part(tempInt)); + tempInt++; + if (tempInt < command->parts) + snmpTrapPointer->options.assign(command->part(tempInt)); + } + + // SNMP Enable... + else if (strcmp(command->part(tempInt), "enable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + snmp12Enabled = setting; + } + + // SNMP User... + else if (strcmp(command->part(tempInt), "user") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMPv3 User Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + snmpUserPointer = addSNMPUser(); + snmpUserPointer->user.assign(command->part(tempInt)); + snmpUserPointer->snmpv3 = snmpV3NoAuth; + snmpUserPointer->version = 3; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "auth") == 0) + { + snmpUserPointer->snmpv3 = snmpV3Auth; + tempInt++; + if (strcmp(command->part(tempInt), "sha") == 0) + snmpUserPointer->auth = snmpV3AuthSHA; + else + snmpUserPointer->auth = snmpV3AuthMD5; + tempInt++; + snmpUserPointer->authPassword.assign(command->part(tempInt)); + } + else if (strcmp(command->part(tempInt), "priv") == 0) + { + snmpUserPointer->snmpv3 = snmpV3Auth; + tempInt++; + if (strcmp(command->part(tempInt), "aes") == 0) + { + snmpUserPointer->priv = snmpV3PrivAES128; + tempInt++; + } + else if (strcmp(command->part(tempInt), "des") == 0) + { + snmpUserPointer->priv = snmpV3PrivDES; + tempInt++; + } + snmpUserPointer->privPassword.assign(command->part(tempInt)); + } + tempInt++; + } + } + + // SNMP Group... + else if (strcmp(command->part(tempInt), "group") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMPv3 Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + snmpGroupPointer = addSNMPGroup(); + snmpGroupPointer->group.assign(command->part(tempInt)); + snmpGroupPointer->version = 3; + tempInt++; + while (tempInt < command->parts) + { + if (strcmp(command->part(tempInt), "user") == 0) + { + tempInt++; + snmpUserPointer = getSNMPUser(command->part(tempInt)); + if (snmpUserPointer != 0) + snmpUserPointer->group.assign(snmpGroupPointer->group); + } + else if (strcmp(command->part(tempInt), "sec-model") == 0) + { + tempInt++; + if (strcmp(command->part(tempInt), "ver3") == 0) + snmpGroupPointer->version = 3; + else if (strcmp(command->part(tempInt), "ver2c") == 0) + snmpGroupPointer->version = 2; + else if (strcmp(command->part(tempInt), "ver1") == 0) + snmpGroupPointer->version = 1; + } + tempInt++; + } + } + + // Authentication MIB... + else if ((strcasecmp(command->part(tempInt), "mib") == 0) && (strcasecmp(command->part(tempInt + 1), "hpSwitchAuthMIB") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Authentication MIB Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + if (strcasecmp(command->part(tempInt), "included") == 0) + authenticationMIB = true; + else + authenticationMIB = false; + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int ProCurveSNMP::processDefaults(Device *device) +{ + // Variables... + snmpCommunity *communityPointer = 0; + + // Enable SNMP server... + if (snmp12Enabled == true) + { + communityPointer = community; + while ((communityPointer != 0) && (enabled == false)) + { + if (communityPointer->enabled == true) + enabled = true; + communityPointer = communityPointer->next; + } + } + + return 0; +} + diff --git a/libnipper-0.12.6/HP-ProCurve/snmp.h b/libnipper-0.12.6/HP-ProCurve/snmp.h new file mode 100644 index 0000000..522963f --- /dev/null +++ b/libnipper-0.12.6/HP-ProCurve/snmp.h @@ -0,0 +1,54 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ProCurvedevicesnmp_H +#define ProCurvedevicesnmp_H + +#include "../device/snmp/snmp.h" + + +class ProCurveSNMP : public SNMP +{ + public: + ProCurveSNMP(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + // Device specific setting... + bool authenticationMIB; +}; + + +#endif diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/all-wcprops b/libnipper-0.12.6/Juniper-ScreenOS/.svn/all-wcprops new file mode 100644 index 0000000..bb775cb --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/all-wcprops @@ -0,0 +1,119 @@ +K 25 +svn:wc:ra_dav:version-url +V 55 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS +END +administration-report.cpp +K 25 +svn:wc:ra_dav:version-url +V 81 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 66 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/device.cpp +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/device.h +END +banner.cpp +K 25 +svn:wc:ra_dav:version-url +V 66 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/banner.cpp +END +banner.h +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/banner.h +END +general.cpp +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/general.cpp +END +snmp.cpp +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp +END +authentication.cpp +K 25 +svn:wc:ra_dav:version-url +V 74 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp +END +snmp.h +K 25 +svn:wc:ra_dav:version-url +V 62 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/snmp.h +END +general.h +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/general.h +END +interfaces.cpp +K 25 +svn:wc:ra_dav:version-url +V 70 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp +END +dns.cpp +K 25 +svn:wc:ra_dav:version-url +V 63 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/dns.cpp +END +authentication.h +K 25 +svn:wc:ra_dav:version-url +V 72 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/authentication.h +END +filter.cpp +K 25 +svn:wc:ra_dav:version-url +V 66 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/filter.cpp +END +administration.cpp +K 25 +svn:wc:ra_dav:version-url +V 74 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/administration.cpp +END +interfaces.h +K 25 +svn:wc:ra_dav:version-url +V 68 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/interfaces.h +END +dns.h +K 25 +svn:wc:ra_dav:version-url +V 61 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/dns.h +END +filter.h +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/filter.h +END +administration.h +K 25 +svn:wc:ra_dav:version-url +V 72 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Juniper-ScreenOS/administration.h +END diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/entries b/libnipper-0.12.6/Juniper-ScreenOS/.svn/entries new file mode 100644 index 0000000..5138e98 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/entries @@ -0,0 +1,674 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/Juniper-ScreenOS +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device.h +file + + + + +2016-02-13T06:47:11.316157Z +b4b877090160ed9c0a56aa0bc9534cd2 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2543 + +banner.cpp +file + + + + +2016-02-13T06:47:11.316157Z +5f2e3586d077069512b68b1e6defa331 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6448 + +banner.h +file + + + + +2016-02-13T06:47:11.316157Z +baa6073d64dd06bd7de2c76e4286fe53 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2538 + +general.cpp +file + + + + +2016-02-13T06:47:11.316157Z +11559b8f62927a1fb2092cef6589ab84 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7370 + +snmp.cpp +file + + + + +2016-02-13T06:47:11.316157Z +bdf92ae641b034ef5d312c4ddd90d3b2 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +15716 + +authentication.cpp +file + + + + +2016-02-13T06:47:11.316157Z +2c9e4579dee79f1ee4226bc5971a0403 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +23459 + +snmp.h +file + + + + +2016-02-13T06:47:11.316157Z +af91436df9c36a6117f592323ae013b3 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2767 + +general.h +file + + + + +2016-02-13T06:47:11.316157Z +6097d3b49d11b464736792798f5ce65a +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2843 + +interfaces.cpp +file + + + + +2016-02-13T06:47:11.316157Z +172ba4b50239453e8f0fa17c5c6b3c40 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +14417 + +dns.cpp +file + + + + +2016-02-13T06:47:11.316157Z +f0b651115bfe329a19b65e177057a43b +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6565 + +authentication.h +file + + + + +2016-02-13T06:47:11.316157Z +967a1576db24512cc796a122d060a39a +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2926 + +filter.cpp +file + + + + +2016-02-13T06:47:11.316157Z +a33cf819f4151f36d5348ccbf2917e29 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +53302 + +administration.cpp +file + + + + +2016-02-13T06:47:11.316157Z +2add62789d729959f7771b3b5bc64c27 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +24218 + +interfaces.h +file + + + + +2016-02-13T06:47:11.316157Z +38c353936bb55a7712e99e60f27b1072 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2597 + +dns.h +file + + + + +2016-02-13T06:47:11.316157Z +94a947fcd49f75d028bdfd9f2b057c8a +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2564 + +filter.h +file + + + + +2016-02-13T06:47:11.316157Z +b8c4fa0b27d825f78b830fe1aee7fcac +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3228 + +administration.h +file + + + + +2016-02-13T06:47:11.316157Z +b954554130eb35070e5d9cd0aa150077 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3666 + +administration-report.cpp +file + + + + +2016-02-13T06:47:11.316157Z +71371dcabe26e1efd3dbe38d12d8f050 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7468 + +device.cpp +file + + + + +2016-02-13T06:47:11.316157Z +25ac733c58fdc4a9083a6e080c30b72d +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +14054 + diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/administration-report.cpp.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/administration-report.cpp.svn-base new file mode 100644 index 0000000..79054e1 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/administration-report.cpp.svn-base @@ -0,0 +1,168 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "administration.h" + + +int ScreenOSAdministration::generateDeviceTelnetConfig(Device *device) // A device specific config report output +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + interfaceManagementConfig *interfacePointer = 0; + int errorCode = 0; + + if (telnetEnabled == true) + { + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access to the Telnet service can be enabled on individual interfaces on *DEVICETYPE* devices. Table *TABLEREF* lists the interfaces with the Telnet service enabled.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINTELNETINTER-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("Telnet service interfaces"); + + // Headings... + device->addTableHeading(paragraphPointer->table, i18n("Interface"), false); + device->addTableHeading(paragraphPointer->table, i18n("Zone"), false); + + interfacePointer = interfaces; + while (interfacePointer != 0) + { + if ((interfacePointer->enabled == true) && (interfacePointer->telnet == true)) + { + device->addTableData(paragraphPointer->table, interfacePointer->interface.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->zone.c_str()); + } + interfacePointer = interfacePointer->next; + } + } + + return errorCode; +} + + +int ScreenOSAdministration::generateDeviceSSHConfig(Device *device) // A device specific config report output +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + interfaceManagementConfig *interfacePointer = 0; + int errorCode = 0; + + if (sshEnabled == true) + { + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access to the *ABBREV*SSH*-ABBREV* service can be enabled on individual interfaces on *DEVICETYPE* devices. Table *TABLEREF* lists the interfaces with the *ABBREV*SSH*-ABBREV* service enabled.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINSSHINTER-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("*ABBREV*SSH*-ABBREV* service interfaces"); + + // Headings... + device->addTableHeading(paragraphPointer->table, i18n("Interface"), false); + device->addTableHeading(paragraphPointer->table, i18n("Zone"), false); + + interfacePointer = interfaces; + while (interfacePointer != 0) + { + if ((interfacePointer->enabled == true) && (interfacePointer->ssh == true)) + { + device->addTableData(paragraphPointer->table, interfacePointer->interface.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->zone.c_str()); + } + interfacePointer = interfacePointer->next; + } + } + + return errorCode; +} + + +int ScreenOSAdministration::generateDeviceHTTPConfig(Device *device) // A device specific config report output +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + interfaceManagementConfig *interfacePointer = 0; + int errorCode = 0; + + if ((httpEnabled == true) || (httpsEnabled == true)) + { + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access to the *ABBREV*HTTP*-ABBREV* and *ABBREV*HTTPS*-ABBREV* services can be enabled on individual interfaces on *DEVICETYPE* devices. Table *TABLEREF* lists the interfaces with these services enabled.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINHTTPINTER-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("*ABBREV*HTTP*-ABBREV* service interfaces"); + + // Headings... + device->addTableHeading(paragraphPointer->table, i18n("Interface"), false); + device->addTableHeading(paragraphPointer->table, i18n("Zone"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*HTTP*-ABBREV*"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*HTTPS*-ABBREV*"), false); + + interfacePointer = interfaces; + while (interfacePointer != 0) + { + if ((interfacePointer->enabled == true) && ((interfacePointer->web == true) || (interfacePointer->ssl == true))) + { + device->addTableData(paragraphPointer->table, interfacePointer->interface.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->zone.c_str()); + if (interfacePointer->web == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + if (interfacePointer->ssl == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + } + interfacePointer = interfacePointer->next; + } + } + + return errorCode; +} + diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/administration.cpp.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/administration.cpp.svn-base new file mode 100644 index 0000000..6413a83 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/administration.cpp.svn-base @@ -0,0 +1,702 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "administration.h" + + +ScreenOSAdministration::ScreenOSAdministration() +{ + interfaces = 0; + consolePageBreaks = 22; + sshUsed = false; + scsUsed = false; + globalProUsed = false; + nsmgmtUsed = false; + mtraceUsed = false; + + + // ----------------------------------------------------------------------- + // Device Specific Settings... + // ----------------------------------------------------------------------- + + // General... + generalSettings = true; // Show the general settings section? + consoleEnabled = true; // Is the Console port enabled? + consoleSupported = true; // Is a console port supported? + //consoleTimeoutSupported = true; // Is a console timeout supported? + //consoleTimeout = 600; // Console timeout + //configConsoleTimeout = i18n(""); // The text and commands to configure the timeout + auxSupported = true; // Are AUX port(s) supported? + auxEnabled = true; // Is AUX port(s) enabled? + configAuxPort = i18n("The *ABBREV*AUX*-ABBREV* port can be disabled on *DEVICENAME* with the following command:*CODE**COMMAND*set console aux disable*-COMMAND**-CODE*"); + connectionTimeoutSupported = true; // Is a connection timeout supported? + connectionTimeout = 600; // Connection Timeout + configTimeout = i18n("The console timeout setting is used to timeout idle connections to *DEVICETYPE* devices using the console port, Telnet or *ABBREV*SSH*-ABBREV*. The timeout can be configured with the following command:*CODE**COMMAND*set console timeout *CMDUSER*timeout-minutes*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure the timeout + + // Host restrictions... + serviceWideHosts = true; // Do all the admin services share a common host restrictions? + showHostInterface = false; // Show the Interface column in the host table? + showHostAccess = false; // Show the Access column in the host table? + serviceConfigHosts = i18n("Management host restrictions to *DEVICETYPE* devices can be configured with the following command:*CODE**COMMAND*set admin manager-ip *CMDUSER*ip-address*-CMDUSER* *CMDOPTION**CMDUSER*netmask*-CMDUSER**-CMDOPTION**-COMMAND**-CODE*"); // Text, how to configure administrative host restrictions. + + // Telnet options... + telnetSupported = true; // Is telnet supported? + telnetEnabled = true; // Is Telnet enabled? + telnetPort = 23; // The telnet service port + disableTelnet = i18n("The Telnet service can be disabled on individual interfaces using the following command:*CODE**COMMAND*unset interface *CMDUSER*interface*-CMDUSER* manage telnet*-COMMAND**-CODE*"); // How to disable telnet text... + + // SSH options... + sshSupported = false; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = true; // Is the SSH service enabled? + sshVersion = 0; // What is the SSH Protocol version (0 = 1 and 2) + sshPort = 22; // The SSH port number + configSSHSupport = i18n("*ABBREV*SSH*-ABBREV* can be enabled on individual interfaces using the following command:*CODE**COMMAND*set interface *CMDUSER*interface*-CMDUSER* manage ssh*-COMMAND**-CODE*"); // How to configure SSH... + + // SSH Options + scpSupported = false; // Is SCP supported? + scpEnabled = false; // Is SCP enabled? + + // SSH 2 support... + ssh2Supported = false; // Does the device support SSH version 2? + configSSHv2Support = i18n("*ABBREV*SSH*-ABBREV* protocol version 2 can be configured using the following command:*CODE**COMMAND*set ssh version v2*-COMMAND**-CODE*"); // How to configure protocol version 2 support only + + // Config report SSH support text + sshConfigProtocolSupport = i18n("*DEVICETYPE* devices have supported *ABBREV*SSH*-ABBREV* protocol versions 1 and 2 from *DEVICEOS* 5."); // Config report text on protocol support (e.g. supports both version 1 and 2 of the protocol) + + // HTTP(S) options... + httpSupported = true; // Does this device support HTTP + httpsSupported = true; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = true; // Is the HTTP service enabled? + httpPort = 80; // HTTP port + httpsEnabled = true; // Is the HTTPS service enabled? + httpsPort = 443; // HTTPS port + httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? + httpLabel = i18n("*ABBREV*HTTP*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*HTTPS*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + disableHTTP = i18n("*ABBREV*HTTP*-ABBREV* is disabled on individual interfaces, or from *DEVICEOS* 5, *ABBREV*HTTP*-ABBREV* can be redirected to *ABBREV*HTTPS*-ABBREV*. *ABBREV*HTTP*-ABBREV* can be disabled on interfaces with the following command:*CODE**COMMAND*unset interface *CMDUSER*interface*-CMDUSER* manage web*-COMMAND**-CODE*"); // How to disable HTTP text... + configHTTPSSupport = i18n("*ABBREV*HTTPS*-ABBREV* can be enabled with the following commands:*CODE**COMMAND*set ssl enable*-COMMAND**COMMAND*set interface *CMDUSER*interface*-CMDUSER* manage ssl*-COMMAND**-CODE*"); // How to configure HTTPS... + cipherConfigSupported = true; // Can the Ciphers be configured? + configCipherText = i18n("The 168 bit key length *ABBREV*3DES*-ABBREV*-*ABBREV*SHA1*-ABBREV* cipher can be configured with the following command:*CODE**COMMAND*set ssl encrypt 3des sha-1*-COMMAND**-CODE*"); // The text to configure a strong cipher. +} + + +ScreenOSAdministration::~ScreenOSAdministration() +{ + // Variables... + interfaceManagementConfig *interfacePointer = 0; + + // Delete interfaces... + while (interfaces != 0) + { + interfacePointer = interfaces->next; + delete interfaces; + interfaces = interfacePointer; + } +} + + +int ScreenOSAdministration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + interfaceManagementConfig *interfacePointer = 0; + cipherConfig *cipherPointer = 0; + hostFilter *hostPointer = 0; + bool setting = false; + int errorCode = 0; + + // Init + if (strcasecmp(command->part(0), "unset") == 0) + setting = false; + else if (strcasecmp(command->part(0), "set") == 0) + setting = true; + + // Interfaces... + if (strcasecmp(command->part(1), "interface") == 0) + { + + // Zone + if (strcasecmp(command->part(3), "zone") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Zone Line (Admin):%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + addInterfaceZone(command->part(2), command->part(4)); + } + + // disable + else if ((strcasecmp(command->part(3), "disable") == 0) || (strcasecmp(command->part(3), "shutdown") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Disable Line (Admin):%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(command->part(2)); + interfacePointer->enabled = false; + } + + // manage + else if (strcasecmp(command->part(3), "manage") == 0) + { + + // SSH + if (strcasecmp(command->part(4), "ssh") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface SSH Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + sshUsed = true; + interfacePointer = getInterface(command->part(2)); + interfacePointer->ssh = setting; + } + + // SSL + else if (strcasecmp(command->part(4), "ssl") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface SSL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(command->part(2)); + interfacePointer->ssl = setting; + } + + // Telnet + else if (strcasecmp(command->part(4), "telnet") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Telnet Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(command->part(2)); + interfacePointer->telnet = setting; + } + + // Web + else if (strcasecmp(command->part(4), "web") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Web Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(command->part(2)); + interfacePointer->web = setting; + } + + // Ping + else if (strcasecmp(command->part(4), "ping") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Ping Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(command->part(2)); + interfacePointer->ping = setting; + } + + // snmp + else if (strcasecmp(command->part(4), "snmp") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface SNMP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(command->part(2)); + interfacePointer->snmp = setting; + } + + // mtrace + else if (strcasecmp(command->part(4), "mtrace") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface mtrace Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + mtraceUsed = true; + interfacePointer = getInterface(command->part(2)); + interfacePointer->mtrace = setting; + } + + // ident-reset + else if (strcasecmp(command->part(4), "ident-reset") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface ident-reser Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(command->part(2)); + interfacePointer->identReset = setting; + } + + // NSMGMT + else if (strcasecmp(command->part(4), "nsmgmt") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface NSMGMT Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + nsmgmtUsed = true; + interfacePointer = getInterface(command->part(2)); + interfacePointer->nsmgmt = setting; + } + + // SCS + else if (strcasecmp(command->part(4), "scs") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface SCS Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + scsUsed = true; + interfacePointer = getInterface(command->part(2)); + interfacePointer->scs = setting; + } + + // Global Pro + else if (strcasecmp(command->part(4), "global-pro") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Global Pro Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + globalProUsed = true; + interfacePointer = getInterface(command->part(2)); + interfacePointer->globalPro = setting; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + } + + // admin + else if (strcasecmp(command->part(1), "admin") == 0) + { + + // HTTP Redirect... + if ((strcasecmp(command->part(2), "http") == 0) && (strcasecmp(command->part(3), "redirect") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdmin HTTP Redirect Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + httpsRedirect = setting; + } + + // Telnet Port... + else if ((strcasecmp(command->part(2), "telnet") == 0) && (strcasecmp(command->part(3), "port") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdmin Telnet Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + telnetPort = atoi(command->part(4)); + } + + // SSH Port... + else if ((strcasecmp(command->part(2), "ssh") == 0) && (strcasecmp(command->part(3), "password") == 0) && (strcasecmp(command->part(4), "port") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdmin SSH Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + sshUsed = true; + if (setting == true) + sshPort = atoi(command->part(5)); + } + + // Manager IP... + else if (strcasecmp(command->part(2), "manager-ip") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdmin Host IP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + { + hostPointer = addHostFilter(allServices); + hostPointer->host.assign(command->part(3)); + hostPointer->netmask.assign(command->part(4)); + } + } + + // All others... + else + device->lineNotProcessed(line); + } + + // Console + else if (strcasecmp(command->part(1), "console") == 0) + { + + // Timeout... + if (strcasecmp(command->part(2), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + connectionTimeout = atoi(command->part(3)) * 60; + } + + // console disable... + else if (strcasecmp(command->part(2), "disable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole Disable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + consoleEnabled = false; + else + consoleEnabled = true; + } + + // console page... + else if (strcasecmp(command->part(2), "page") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole Page Lines Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + consolePageBreaks = atoi(command->part(3)); + else + consolePageBreaks = 22; + } + + // AUX disable... + else if ((strcasecmp(command->part(2), "aux") == 0) && (strcasecmp(command->part(3), "disable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole AUX Disable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + auxEnabled = false; + else + auxEnabled = true; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // SSL + else if (strcasecmp(command->part(1), "ssl") == 0) + { + + // SSL enable... + if (strcasecmp(command->part(2), "enable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSL Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + httpsEnabled = setting; + } + + // SSL port... + if (strcasecmp(command->part(2), "port") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSL Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + httpsPort = atoi(command->part(3)); + } + + // SSL encrypt... + if (strcasecmp(command->part(2), "encrypt") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSL Encrypt Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + { + cipherPointer = addCipher(); + + if (strcasecmp(command->part(3), "des") == 0) + { + cipherPointer->encryption.assign("*ABBREV*DES*-ABBREV*"); + cipherPointer->bits = 56; + cipherPointer->ssl3 = true; + cipherPointer->tls1 = true; + } + else if (strcasecmp(command->part(3), "3des") == 0) + { + cipherPointer->encryption.assign("*ABBREV*3DES*-ABBREV*"); + cipherPointer->bits = 168; + cipherPointer->ssl3 = true; + cipherPointer->tls1 = true; + } + else if (strcasecmp(command->part(3), "rc4-40") == 0) + { + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*-40"); + cipherPointer->bits = 40; + cipherPointer->ssl2 = true; + cipherPointer->ssl3 = true; + cipherPointer->tls1 = true; + } + else if (strcasecmp(command->part(3), "rc4") == 0) + { + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->bits = 128; + cipherPointer->ssl2 = true; + cipherPointer->ssl3 = true; + cipherPointer->tls1 = true; + } + + if (strcasecmp(command->part(4), "sha-1") == 0) + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + else if (strcasecmp(command->part(4), "md5") == 0) + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + } + } + + // All others... + else + device->lineNotProcessed(line); + } + + // SSH + else if (strcasecmp(command->part(1), "ssh") == 0) + { + sshUsed = true; + + // Enabled... + if (strcasecmp(command->part(2), "enable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Enabled Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + sshEnabled = setting; + } + + // Version... + else if (strcasecmp(command->part(2), "version") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Version Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcasecmp(command->part(3), "v1") == 0) + sshVersion = 1; + else + sshVersion = 2; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // SCP + else if ((strcasecmp(command->part(1), "scp") == 0) && (strcasecmp(command->part(2), "enable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSCP Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + sshUsed = true; + scpEnabled = setting; + } + + // All others... + else + device->lineNotProcessed(line); + + return errorCode; +} + + +int ScreenOSAdministration::processDefaults(Device *device) +{ + // Variables... + interfaceManagementConfig *interfacePointer = 0; + cipherConfig *cipherPointer = 0; + bool ssh = false; + bool telnet = false; + bool https = false; + bool http = false; + + // SSH Used? + if ((sshUsed == true) || (device->general->versionMajor > 4)) + { + sshSupported = true; + ssh2Supported = true; + scpSupported = true; + } + + // Enable/Disable services... + interfacePointer = interfaces; + while (interfacePointer != 0) + { + if (interfacePointer->enabled == true) + { + if (interfacePointer->ssh == true) + ssh = true; + if (interfacePointer->telnet == true) + telnet = true; + if (interfacePointer->ssl == true) + https = true; + if (interfacePointer->web == true) + http = true; + } + interfacePointer = interfacePointer->next; + } + + // Switch off services + if (ssh == false) + sshEnabled = false; + if (http == false) + httpEnabled = false; + if (https == false) + httpsEnabled = false; + if (telnet == false) + telnetEnabled = false; + + // If no ciphers have been configured... + if ((httpsEnabled == true) && (ciphers == 0)) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->bits = 128; + cipherPointer->ssl2 = true; + cipherPointer->ssl3 = true; + cipherPointer->tls1 = true; + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + } + + return 0; +} + + +ScreenOSAdministration::interfaceManagementConfig *ScreenOSAdministration::getInterface(const char *interface) +{ + // Variables... + interfaceManagementConfig *interfacePointer = 0; + + // Create... + if (interfaces == 0) + { + interfaces = new (interfaceManagementConfig); + interfacePointer = interfaces; + } + else + { + interfacePointer = interfaces; + while (interfacePointer->next != 0) + { + if (interfacePointer->interface.compare(interface) == 0) + return interfacePointer; + interfacePointer = interfacePointer->next; + } + interfacePointer->next = new (interfaceManagementConfig); + interfacePointer = interfacePointer->next; + } + + // Init... + interfacePointer->interface.assign(interface); + interfacePointer->enabled = true; + interfacePointer->nsmgmt = false; + interfacePointer->ssh = false; + interfacePointer->ssl = false; + interfacePointer->telnet = false; + interfacePointer->ping = false; + interfacePointer->mtrace = false; + interfacePointer->identReset = false; + interfacePointer->web = false; + interfacePointer->snmp = false; + interfacePointer->next = 0; + + return interfacePointer; +} + + +int ScreenOSAdministration::addInterfaceZone(const char *interface, const char *zone) +{ + // Variables... + interfaceManagementConfig *interfacePointer = 0; + + // Create... + if (interfaces == 0) + { + interfaces = new (interfaceManagementConfig); + interfacePointer = interfaces; + } + else + { + interfacePointer = interfaces; + while (interfacePointer->next != 0) + interfacePointer = interfacePointer->next; + interfacePointer->next = new (interfaceManagementConfig); + interfacePointer = interfacePointer->next; + } + + // Init... + interfacePointer->interface.assign(interface); + interfacePointer->zone.assign(zone); + interfacePointer->enabled = true; + if ((strcasecmp(zone, "Trust") == 0) || (strcasecmp(zone, "vlan1") == 0) || (strcasecmp(zone, "V1-Trust") == 0)) + { + interfacePointer->nsmgmt = true; + interfacePointer->ssh = true; + interfacePointer->ssl = true; + interfacePointer->telnet = true; + interfacePointer->ping = true; + interfacePointer->mtrace = false; + interfacePointer->identReset = false; + interfacePointer->web = true; + interfacePointer->snmp = true; + } + else if ((strcasecmp(zone, "DMZ") == 0) || (strcasecmp(zone, "V1-DMZ") == 0)) + { + interfacePointer->nsmgmt = false; + interfacePointer->ssh = false; + interfacePointer->ssl = false; + interfacePointer->telnet = false; + interfacePointer->ping = true; + interfacePointer->mtrace = false; + interfacePointer->identReset = false; + interfacePointer->web = false; + interfacePointer->snmp = false; + } + else + { + interfacePointer->nsmgmt = false; + interfacePointer->ssh = false; + interfacePointer->ssl = false; + interfacePointer->telnet = false; + interfacePointer->ping = false; + interfacePointer->mtrace = false; + interfacePointer->identReset = false; + interfacePointer->web = false; + interfacePointer->snmp = false; + } + interfacePointer->next = 0; + + return 0; +} diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/administration.h.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/administration.h.svn-base new file mode 100644 index 0000000..c960250 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/administration.h.svn-base @@ -0,0 +1,91 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ScreenOSadministration_H +#define ScreenOSadministration_H + + +#include "../device/administration/administration.h" + + +class ScreenOSAdministration : public Administration +{ + public: + + ScreenOSAdministration(); + virtual ~ScreenOSAdministration(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + + // Methods + //virtual int generateDeviceGeneralConfig(Device *device); // A device specific config report output + int generateDeviceTelnetConfig(Device *device); // A device specific config report output + int generateDeviceSSHConfig(Device *device); // A device specific config report output + int generateDeviceHTTPConfig(Device *device); // A device specific config report output + + struct interfaceManagementConfig + { + string interface; + string zone; + bool enabled; + bool nsmgmt; + bool ssh; + bool ssl; + bool telnet; + bool snmp; + bool ping; + bool mtrace; + bool identReset; + bool web; + bool scs; + bool globalPro; + struct interfaceManagementConfig *next; + }; + interfaceManagementConfig *interfaces; + + + private: + + interfaceManagementConfig *getInterface(const char *interface); + int addInterfaceZone(const char *interface, const char *zone); + + int consolePageBreaks; + + bool sshUsed; + bool scsUsed; + bool globalProUsed; + bool nsmgmtUsed; + bool mtraceUsed; +}; + + +#endif diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/authentication.cpp.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/authentication.cpp.svn-base new file mode 100644 index 0000000..9d4a4db --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/authentication.cpp.svn-base @@ -0,0 +1,626 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "authentication.h" +#include "../device/common/configline.h" + + +ScreenOSAuthentication::ScreenOSAuthentication() +{ + // General... + authenticationConfigIntro = i18n("*DEVICETYPE* devices support local and remote authentication services. This section details the configuration of the authentication settings."); // Introduction text to the whole section + loginAttemptsSupported = true; // Login attempts supported + loginAttempts = 3; // Login attempts allowed (0 = infinite) + configAccessAuthentication = i18n("The following commands can be used on *DEVICETYPE* devices to configure the administrator accounts password and an administrative user accounts password:*CODE**COMMAND*set admin password *CMDUSER*password*-CMDUSER**-COMMAND**COMMAND*set admin user *CMDUSER*username*-CMDUSER* password *CMDUSER*password*-CMDUSER**-COMMAND**-CODE*"); + + // Authentication Methods... + authMethodSupported = true; // Authentication Method Supported + appliesToSupported = true; // Applies To Supported + namedAuthSupport = true; // Are auth servers named? + + // Local User Options... + encryptionSupported = true; // Show encryption + readOnlySupported = false; // Is read only supported? + outboundACLSupported = false; // Are outbound filtering ACL supported? + privilegeLevelSupported = true; // Are privilege levels supported? + privilegeLevelText = i18n("Access"); // The table title privilege level text + configDeviceSpecificLocalUsers = i18n("The administrative users on *DEVICETYPE* devices can be granted read/write (all) or read only access to the device. The primary device administrator has full read write access to the device configuration."); // Text for the config report local user section. + filterText = i18n("Policy"); // The table filter column title text + + // TACACS Options... + showTacacsGroupName = true; // Show the TACACS group + showTacacsRetries = true; // Show the TACACS retries + configTacacsKey = i18n("The *ABBREV*TACACS+*-ABBREV* server shared secret can be configured using the following command:*CODE**COMMAND*set auth-server *CMDUSER*label*-CMDUSER* tacacs secret *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a TACACS+ key + + // RADIUS Options... + showRadiusGroupName = true; // Show the RADIUS group + configRadiusKey = i18n("The *ABBREV*RADIUS*-ABBREV* server shared secret can be configured using the following command:*CODE**COMMAND*set auth-server *CMDUSER*label*-CMDUSER* radius secret *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); + + // LDAP Options... + showLDAPGroupName = true; // Show the LDAP group + + // SecurID Options... + showSecurIDGroupName = true; // Show the SecurID group + showSecurIDDuress = true; // Show the SecurID Duress + showSecurIDEncryption = true; // Show the SecurID Encryption + + + // Internal... + retries = 3; + timeout = 3; + port = 0; +} + + +int ScreenOSAuthentication::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + localUserConfig *localUserPointer = 0; + radiusServerConfig *radiusPointer = 0; + tacacsServerConfig *tacacsPointer = 0; + ldapServerConfig *ldapPointer = 0; + securidServerConfig *securidPointer = 0; + authConfig *authPointer = 0; + string tempString; + bool setting = false; + int errorCode = 0; + + // Init + if (strcasecmp(command->part(0), "unset") == 0) + setting = false; + else + setting = true; + + // Admin name... + if (strcmp(command->part(2), "name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdministrator Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + localUserPointer = getUser(command->part(3)); + localUserPointer->privilegeLevel.assign(i18n("Primary Admin")); + } + + // Admin password... + else if (strcmp(command->part(2), "password") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdministrator Password Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Will be the first user... + if (localUser != 0) + { + localUserPointer = localUser; + localUserPointer->adminAccess = true; + localUserPointer->password.assign(device->isEncryptedDictionaryPassword(command->part(3))); + if (localUserPointer->password.empty()) + { + localUserPointer->encryption = netscreenEncryption; + localUserPointer->password.assign(command->part(3)); + device->addJohnPassword(localUserPointer->username.c_str(), localUserPointer->password.c_str()); + } + else + localUserPointer->encryption = clearText; + } + } + + // Users... + else if ((strcmp(command->part(2), "user") == 0) && (strcmp(command->part(4), "password") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sUser Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + localUserPointer = getUser(command->part(3)); + localUserPointer->password.assign(device->isEncryptedDictionaryPassword(command->part(5))); + if (localUserPointer->password.empty()) + { + localUserPointer->encryption = netscreenEncryption; + localUserPointer->password.assign(command->part(5)); + device->addJohnPassword(localUserPointer->username.c_str(), localUserPointer->password.c_str()); + } + else + localUserPointer->encryption = clearText; + + if (strcmp(command->part(6), "privilege") == 0) + { + localUserPointer->privilegeLevel.assign(command->part(7)); + if (strcasecmp(command->part(7), "all") == 0) + localUserPointer->adminAccess = true; + } + else + localUserPointer->privilegeLevel.assign("read-only"); + } + + // Access Attempts... + else if ((strcmp(command->part(2), "access") == 0) && (strcmp(command->part(3), "attempts") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAccess Attempts Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + loginAttempts = atoi(command->part(4)); + } + + // Auth Server... + else if (strcmp(command->part(1), "auth-server") == 0) + { + + // Server name... + if (strcmp(command->part(3), "server-name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sServer Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + serverName.assign(command->part(2)); + address.assign(command->part(4)); + } + + // Backup 1... + else if (strcmp(command->part(3), "backup1") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sBackup1 Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + serverName.assign(command->part(2)); + backup1.assign(command->part(4)); + } + + // Backup 2... + else if (strcmp(command->part(3), "backup2") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sBackup2 Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + serverName.assign(command->part(2)); + backup2.assign(command->part(4)); + } + + // Port... + else if ((strcmp(command->part(4), "port") == 0) || (strcmp(command->part(4), "auth-port") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPort Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + port = atoi(command->part(5)); + } + + // SecurID Encryption... + else if (strcmp(command->part(4), "encr") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSecurID Encryption Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + serverName.assign(command->part(2)); + if (strcmp(command->part(5), "0") == 0) + cn.assign(i18n("*ABBREV*SDI*-ABBREV*")); + else + cn.assign(i18n("*ABBREV*DES*-ABBREV*")); + } + + // LDAP CN... + else if ((strcmp(command->part(3), "ldap") == 0) && (strcmp(command->part(4), "cn") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLDAP CN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + serverName.assign(command->part(2)); + cn.assign(command->part(5)); + } + + // SecurID Duress... + else if ((strcmp(command->part(3), "securid") == 0) && (strcmp(command->part(4), "duress") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSecurID Duress Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + securidPointer = addSecurIDServer(); + securidPointer->groupName.assign(serverName); // If a name is used to group servers... + securidPointer->description.assign(i18n("Primary")); // Primary / Backup... + securidPointer->address.assign(address); // The address + securidPointer->encryption.assign(cn); + if (strcmp(command->part(5), "0") == 0) + securidPointer->duress.assign(i18n("Off")); + else + securidPointer->duress.assign(i18n("On")); + securidPointer->timeout = timeout; // Timeout + securidPointer->retries = retries; + if (port != 0) + securidPointer->port = port; + else + securidPointer->port = 5500; + + if (!backup1.empty()) + { + securidPointer = addSecurIDServer(); + securidPointer->groupName.assign(serverName); // If a name is used to group servers... + securidPointer->description.assign(i18n("Backup 1")); // Primary / Backup... + securidPointer->address.assign(address); // The address + securidPointer->encryption.assign(cn); + if (strcmp(command->part(5), "0") == 0) + securidPointer->duress.assign(i18n("Off")); + else + securidPointer->duress.assign(i18n("On")); + securidPointer->timeout = timeout; // Timeout + securidPointer->retries = retries; + if (port != 0) + securidPointer->port = port; + else + securidPointer->port = 5500; + } + + if (!backup2.empty()) + { + securidPointer = addSecurIDServer(); + securidPointer->groupName.assign(serverName); // If a name is used to group servers... + securidPointer->description.assign(i18n("Backup 2")); // Primary / Backup... + securidPointer->address.assign(address); // The address + securidPointer->encryption.assign(cn); + if (strcmp(command->part(5), "0") == 0) + securidPointer->duress.assign(i18n("Off")); + else + securidPointer->duress.assign(i18n("On")); + securidPointer->timeout = timeout; // Timeout + securidPointer->retries = retries; + if (port != 0) + securidPointer->port = port; + else + securidPointer->port = 5500; + } + + serverName.assign(""); + address.assign(""); + backup1.assign(""); + backup2.assign(""); + cn.assign(""); + retries = 0; + timeout = 0; + port = 0; + } + + // LDAP... + else if ((strcmp(command->part(3), "ldap") == 0) && (strcmp(command->part(4), "dn") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLDAP DN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ldapPointer = addLDAPServer(); + ldapPointer->groupName.assign(serverName); // If a name is used to group servers... + ldapPointer->description.assign(i18n("Primary")); // Primary / Backup... + ldapPointer->address.assign(address); // The address + ldapPointer->cn.assign(cn); + ldapPointer->dn.assign(command->part(5)); + ldapPointer->timeout = timeout; // Timeout + ldapPointer->retries = retries; + if (port != 0) + ldapPointer->port = port; + else + ldapPointer->port = 389; + + if (!backup1.empty()) + { + ldapPointer = addLDAPServer(); + ldapPointer->groupName.assign(serverName); // If a name is used to group servers... + ldapPointer->description.assign(i18n("Backup 1")); // Primary / Backup... + ldapPointer->address.assign(address); // The address + ldapPointer->cn.assign(cn); + ldapPointer->dn.assign(command->part(5)); + ldapPointer->timeout = timeout; // Timeout + ldapPointer->retries = retries; + if (port != 0) + ldapPointer->port = port; + else + ldapPointer->port = 389; + } + + if (!backup2.empty()) + { + ldapPointer = addLDAPServer(); + ldapPointer->groupName.assign(serverName); // If a name is used to group servers... + ldapPointer->description.assign(i18n("Backup 2")); // Primary / Backup... + ldapPointer->address.assign(address); // The address + ldapPointer->cn.assign(cn); + ldapPointer->dn.assign(command->part(5)); + ldapPointer->timeout = timeout; // Timeout + ldapPointer->retries = retries; + if (port != 0) + ldapPointer->port = port; + else + ldapPointer->port = 389; + } + + serverName.assign(""); + address.assign(""); + backup1.assign(""); + backup2.assign(""); + cn.assign(""); + retries = 0; + timeout = 0; + port = 0; + } + + // TACACS+ Secret... + else if ((strcmp(command->part(3), "tacacs") == 0) && (strcmp(command->part(4), "secret") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Secret Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = addTacacsServer(); + tacacsPointer->encryption = netscreenEncryption; + tacacsPointer->groupName.assign(serverName); // If a name is used to group servers... + tacacsPointer->description.assign(i18n("Primary")); // Primary / Backup... + tacacsPointer->address.assign(address); // The address + tacacsPointer->key.assign(command->part(5)); // Shared secret + tacacsPointer->timeout = timeout; // Timeout + tacacsPointer->retries = retries; + if (port != 0) + tacacsPointer->port = port; + else + tacacsPointer->port = 49; + device->addJohnPassword("tacacs+", tacacsPointer->key.c_str()); + + if (!backup1.empty()) + { + tacacsPointer = addTacacsServer(); + tacacsPointer->encryption = netscreenEncryption; + tacacsPointer->groupName.assign(serverName); // If a name is used to group servers... + tacacsPointer->description.assign(i18n("Backup 1")); // Primary / Backup... + tacacsPointer->address.assign(backup1); // The address + tacacsPointer->key.assign(command->part(5)); // Shared secret + tacacsPointer->timeout = timeout; // Timeout + tacacsPointer->retries = retries; + if (port != 0) + tacacsPointer->port = port; + else + tacacsPointer->port = 49; + } + + if (!backup2.empty()) + { + tacacsPointer = addTacacsServer(); + tacacsPointer->encryption = netscreenEncryption; + tacacsPointer->groupName.assign(serverName); // If a name is used to group servers... + tacacsPointer->description.assign(i18n("Backup 2")); // Primary / Backup... + tacacsPointer->address.assign(backup2); // The address + tacacsPointer->key.assign(command->part(5)); // Shared secret + tacacsPointer->timeout = timeout; // Timeout + tacacsPointer->retries = retries; + if (port != 0) + tacacsPointer->port = port; + else + tacacsPointer->port = 49; + } + + serverName.assign(""); + address.assign(""); + backup1.assign(""); + backup2.assign(""); + retries = 0; + timeout = 0; + port = 0; + } + + // RADIUS Secret... + else if ((strcmp(command->part(3), "radius") == 0) && (strcmp(command->part(4), "secret") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Secret Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = addRadiusServer(); + radiusPointer->encryption = netscreenEncryption; + radiusPointer->groupName.assign(serverName); // If a name is used to group servers... + radiusPointer->description.assign(i18n("Primary")); // Primary / Backup... + radiusPointer->address.assign(address); // The address + radiusPointer->key.assign(command->part(5)); // Shared secret + radiusPointer->timeout = timeout; // Timeout + radiusPointer->retries = retries; + if (port != 0) + radiusPointer->port = port; + else + radiusPointer->port = 1645; + device->addJohnPassword("radius", radiusPointer->key.c_str()); + + if (!backup1.empty()) + { + radiusPointer = addRadiusServer(); + radiusPointer->encryption = netscreenEncryption; + radiusPointer->groupName.assign(serverName); // If a name is used to group servers... + radiusPointer->description.assign(i18n("Backup 1")); // Primary / Backup... + radiusPointer->address.assign(backup1); // The address + radiusPointer->key.assign(command->part(5)); // Shared secret + radiusPointer->timeout = timeout; // Timeout + radiusPointer->retries = retries; + if (port != 0) + radiusPointer->port = port; + else + radiusPointer->port = 1645; + } + + if (!backup2.empty()) + { + radiusPointer = addRadiusServer(); + radiusPointer->encryption = netscreenEncryption; + radiusPointer->groupName.assign(serverName); // If a name is used to group servers... + radiusPointer->description.assign(i18n("Backup 2")); // Primary / Backup... + radiusPointer->address.assign(backup2); // The address + radiusPointer->key.assign(command->part(5)); // Shared secret + radiusPointer->timeout = timeout; // Timeout + radiusPointer->retries = retries; + if (port != 0) + radiusPointer->port = port; + else + radiusPointer->port = 1645; + } + + serverName.assign(""); + address.assign(""); + backup1.assign(""); + backup2.assign(""); + retries = 0; + timeout = 0; + port = 0; + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + // Auth Default Server... + else if ((strcmp(command->part(1), "auth") == 0) && (strcmp(command->part(2), "default") == 0) && (strcmp(command->part(3), "auth") == 0) && (strcmp(command->part(4), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDefault Auth Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + authPointer = addMethod(); + authPointer->name.assign(command->part(5)); + authPointer->appliesTo.assign(i18n("Default")); + + if (strcasecmp(command->part(5), "Local") == 0) + authPointer->method = localAuth; + radiusPointer = radiusServer; + while (radiusPointer != 0) + { + if (strcmp(command->part(5), radiusPointer->groupName.c_str()) == 0) + authPointer->method = radiusAuth; + radiusPointer = radiusPointer->next; + } + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + if (strcmp(command->part(5), tacacsPointer->groupName.c_str()) == 0) + authPointer->method = tacacsAuth; + tacacsPointer = tacacsPointer->next; + } + securidPointer = securidServer; + while (securidPointer != 0) + { + if (strcmp(command->part(5), securidPointer->groupName.c_str()) == 0) + authPointer->method = securidAuth; + securidPointer = securidPointer->next; + } + ldapPointer = ldapServer; + while (ldapPointer != 0) + { + if (strcmp(command->part(5), ldapPointer->groupName.c_str()) == 0) + authPointer->method = ldapAuth; + ldapPointer = ldapPointer->next; + } + } + + // Auth Admin Server... + else if ((strcmp(command->part(1), "admin") == 0) && (strcmp(command->part(2), "auth") == 0) && (strcmp(command->part(3), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdmin Auth Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + authPointer = addMethod(); + authPointer->name.assign(command->part(4)); + authPointer->appliesTo.assign(i18n("Administration")); + + if (strcasecmp(command->part(4), "Local") == 0) + authPointer->method = localAuth; + radiusPointer = radiusServer; + while (radiusPointer != 0) + { + if (strcmp(command->part(4), radiusPointer->groupName.c_str()) == 0) + authPointer->method = radiusAuth; + radiusPointer = radiusPointer->next; + } + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + if (strcmp(command->part(4), tacacsPointer->groupName.c_str()) == 0) + authPointer->method = tacacsAuth; + tacacsPointer = tacacsPointer->next; + } + ldapPointer = ldapServer; + while (ldapPointer != 0) + { + if (strcmp(command->part(4), ldapPointer->groupName.c_str()) == 0) + authPointer->method = ldapAuth; + ldapPointer = ldapPointer->next; + } + securidPointer = securidServer; + while (securidPointer != 0) + { + if (strcmp(command->part(4), securidPointer->groupName.c_str()) == 0) + authPointer->method = securidAuth; + securidPointer = securidPointer->next; + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return errorCode; +} + + +int ScreenOSAuthentication::processDefaults(Device *device) +{ + // Variables... + authConfig *authPointer = 0; + + // Create... + if (authMethods == 0) + { + authMethods = new (authConfig); + authPointer = authMethods; + } + else + { + authPointer = authMethods; + while ((authPointer->next != 0) && (authPointer->method != localAuth)) + authPointer = authPointer->next; + if (authPointer->method != localAuth) + { + authPointer->next = new (authConfig); + authPointer = authPointer->next; + } + else + authPointer = 0; + } + + if (authPointer != 0) + { + authPointer->name.assign(i18n("Local")); + authPointer->method = localAuth; // Authentication method (local, tacacs+...) + authPointer->appliesTo.assign(i18n("Default")); + authPointer->next = 0; + } + + return 0; +} diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/authentication.h.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/authentication.h.svn-base new file mode 100644 index 0000000..bf4bb8a --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/authentication.h.svn-base @@ -0,0 +1,65 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ScreenOSauthentication_H +#define ScreenOSauthentication_H + + +#include "../device/authentication/authentication.h" + + +class ScreenOSAuthentication : public Authentication +{ + public: + + ScreenOSAuthentication(); + + + // ----------------------------------------------------------------------- + // Standard Device Class Methods... + // ----------------------------------------------------------------------- + + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + + + private: + string serverName; + string address; + string backup1; + string backup2; + int retries; + int timeout; + int port; + string cn; +}; + + +#endif diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/banner.cpp.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/banner.cpp.svn-base new file mode 100644 index 0000000..4d98793 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/banner.cpp.svn-base @@ -0,0 +1,121 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "banner.h" + + +ScreenOSBanner::ScreenOSBanner() +{ + // Banner settings... + preLogonBanner = true; // Support Banner(s) Before Logon? + postLogonBanner = true; // Support Banner(s) After Logon? + configPreLogonBanner = i18n("A pre-logon banner message for remote connections to *DEVICETYPE* devices can be configured with the following command:*CODE**COMMAND*set admin auth banner telnet login \"*CMDUSER*banner-message*-CMDUSER*\"*-COMMAND**-CODE*"); // The text that explains how to config a prelogon banner, with commands... + configPostLogonBanner = i18n("A post logon message for administrative connections to *DEVICETYPE* devices can be configured with the following command:*CODE**COMMAND*set admin auth banner secondary \"*CMDUSER*banner-message*-CMDUSER*\"*-COMMAND**-CODE*"); // The text that explains how to config a post logon banner, with commands... +} + + +int ScreenOSBanner::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + bannerStruct *bannerPointer = 0; + string tempBanner; + string tempString; + + if (strcmp(command->part(0), "unset") != 0) + { + + // Telnet... + if ((strcmp(command->part(1), "admin") == 0) && (strcmp(command->part(2), "auth") == 0) && (strcmp(command->part(3), "banner") == 0) && (strcmp(command->part(4), "telnet") == 0) && (strcmp(command->part(5), "login") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTelnet Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign(i18n("Telnet")); + bannerPointer->description.assign(i18n("The Telnet banner message is presented to Telnet users before they logon and *ABBREV*SSH*-ABBREV* users after logon. The Telnet banner message configured on *DEVICENAME* is:")); + bannerPointer->connectionType = (telnetConnection & sshConnection); + addBannerLine(bannerPointer, command->part(6)); + } + + // Console... + else if ((strcmp(command->part(1), "admin") == 0) && (strcmp(command->part(2), "auth") == 0) && (strcmp(command->part(3), "banner") == 0) && (strcmp(command->part(4), "console") == 0) && (strcmp(command->part(5), "login") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign(i18n("Console")); + bannerPointer->description.assign(i18n("The Console banner message is presented to users before they logon. The message configured on *DEVICENAME* is:")); + bannerPointer->connectionType = (consoleConnection); + addBannerLine(bannerPointer, command->part(6)); + } + + // Secondary... + else if ((strcmp(command->part(1), "admin") == 0) && (strcmp(command->part(2), "auth") == 0) && (strcmp(command->part(3), "banner") == 0) && (strcmp(command->part(4), "secondary") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSecondary Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + bannerPointer = addBanner(); + bannerPointer->banner = postLogon; + bannerPointer->name.assign(i18n("Secondary")); + bannerPointer->description.assign(i18n("The secondary banner message is presented to users after they logon for Telnet *ABBREV*SSH*-ABBREV* and Console connections. The message configured on *DEVICENAME* is:")); + bannerPointer->connectionType = (telnetConnection & sshConnection & consoleConnection); + + tempBanner.assign(command->part(5)); + while (tempBanner.find("\\n") != tempBanner.npos) + { + tempString.assign(tempBanner.substr(0, tempBanner.find_first_of("\\n"))); + tempBanner.erase(0, tempBanner.find_first_of("\\n") + 2); + addBannerLine(bannerPointer, tempString.c_str()); + } + addBannerLine(bannerPointer, tempBanner.c_str()); + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/banner.h.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/banner.h.svn-base new file mode 100644 index 0000000..4d7b830 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/banner.h.svn-base @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ScreenOSbanner_H +#define ScreenOSbanner_H + + +#include "../device/banner/banner.h" + + +class ScreenOSBanner : public Banner +{ + public: + + ScreenOSBanner(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..b089107 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,398 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" +#include "administration.h" +#include "banner.h" +#include "snmp.h" +#include "filter.h" +#include "dns.h" +#include "authentication.h" +#include "interfaces.h" + + +ScreenOSDevice::ScreenOSDevice() +{ + deviceMake = "Juniper"; + deviceType = "NetScreen"; + deviceOS = "ScreenOS"; + + general = new (ScreenOSGeneral); + administration = new (ScreenOSAdministration); + banner = new (ScreenOSBanner); + snmp = new (ScreenOSSNMP); + filter = new (ScreenOSFilter); + dns = new (ScreenOSDNS); + authentication = new (ScreenOSAuthentication); + interfaces = new (ScreenOSInterfaces); + + isFirewall = true; // Set to true if it is a firewall +} + + +ScreenOSDevice::~ScreenOSDevice() +{ + delete general; + delete administration; + delete banner; + delete snmp; + delete filter; + delete dns; + delete authentication; + delete interfaces; +} + +Device::encryptDictionaryStruct builtinencdict13 = {"nBh1JgrWI8BMcxVE1sfD3ZHtPvNqOn", "administrator", 0}; +Device::encryptDictionaryStruct builtinencdict12 = {"nIEXLGrQKPGFclpK2srC+GItLBIaYn", "administrator", &builtinencdict13}; +Device::encryptDictionaryStruct builtinencdict11 = {"nEgTC0rULyNDcfOHZsFDJSAtfiPqWn", "password", &builtinencdict12}; +Device::encryptDictionaryStruct builtinencdict10 = {"nJBnMRrmG7cFc3ALdsWMLIKtWHC4ln", "administrator", &builtinencdict11}; +Device::encryptDictionaryStruct builtinencdict9 = {"nL1kB1ryFpdIcuHBksgKNQLttDFjCn", "supervisor", &builtinencdict10}; +Device::encryptDictionaryStruct builtinencdict8 = {"nA0XKervNIgBctzLBsjNKyEtOcM5an", "admin", &builtinencdict9}; +Device::encryptDictionaryStruct builtinencdict7 = {"nFR1M7r3PBEHcA0FWs1JJ8LtBTOHIn", "netscreen", &builtinencdict8}; +Device::encryptDictionaryStruct builtinencdict6 = {"nDQFBzrfECTDcLFD7sRA2kMtP4FNwn", "password", &builtinencdict7}; +Device::encryptDictionaryStruct builtinencdict5 = {"nH/vDirbE5GBcjdGoslAEBBtHFA6En", "admin", &builtinencdict6}; +Device::encryptDictionaryStruct builtinencdict4 = {"nMjFM0rdC9iOc+xIFsGEm3LtAeGZhn", "password", &builtinencdict5}; +Device::encryptDictionaryStruct builtinencdict3 = {"nO8gOKrtJ/YMclhNlsoJCrCtllAL7n", "admin", &builtinencdict4}; +Device::encryptDictionaryStruct builtinencdict2 = {"nDC0GjreNnlGcIPHTsGOUAFt6BJZdn", "password", &builtinencdict3}; +Device::encryptDictionaryStruct builtinencdict1 = {"nKv3LvrdAVtOcE5EcsGIpYBtniNbUn", "netscreen", &builtinencdict2}; +Device::encryptDictionaryStruct builtinencdict = {"nKVUM2rwMUzPcrkG5sWIHdCtqkAibn", "netscreen", &builtinencdict1}; + + +int ScreenOSDevice::processDevice() +{ + // Variables... + char line[1024]; + ConfigLine command; + unsigned int tempInt = 0; + int tempVersion = 0; + + // Set encrypted dictionary... + encryptedDictionary = &builtinencdict; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Hostname (in general)... + if (strcasecmp(command.part(1), "hostname") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Admin... + else if (strcasecmp(command.part(1), "admin") == 0) + { + + // Auth... + if (strcasecmp(command.part(2), "auth") == 0) + { + + // Banners... + if (strcasecmp(command.part(3), "banner") == 0) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Server... + if (strcasecmp(command.part(3), "server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + // HTTP Redirect... + else if ((strcasecmp(command.part(2), "http") == 0) && (strcasecmp(command.part(3), "redirect") == 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Manager IP... + else if (strcasecmp(command.part(2), "manager-ip") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Access Attempts... + else if (strcasecmp(command.part(2), "access") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Admin logon... + else if (strcasecmp(command.part(2), "name") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Password logon... + else if (strcasecmp(command.part(2), "password") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Users... + else if (strcasecmp(command.part(2), "user") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SSH... + else if ((strcasecmp(command.part(2), "ssh") == 0) && (strcasecmp(command.part(3), "password") == 0)) + { + + // SSH server port... + if (strcasecmp(command.part(4), "port") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + // Telnet Port... + else if ((strcasecmp(command.part(2), "telnet") == 0) && (strcasecmp(command.part(3), "port") == 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + // Address... + else if (strcasecmp(command.part(1), "address") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Service... + else if (strcasecmp(command.part(1), "service") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Group... + else if (strcasecmp(command.part(1), "group") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Policy... + else if (strcasecmp(command.part(1), "policy") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Auth Server... + else if (strcasecmp(command.part(1), "auth-server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Auth Default... + else if ((strcasecmp(command.part(1), "auth") == 0) && (strcasecmp(command.part(2), "default") == 0)) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SNMP (in SNMP)... + else if (strcasecmp(command.part(1), "snmp") == 0) + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Interfaces... + else if (strcasecmp(command.part(1), "interface") == 0) + { + + // zone... + if (strcasecmp(command.part(3), "zone") == 0) + { + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + } + + // disable... + else if ((strcasecmp(command.part(3), "disable") == 0) || (strcasecmp(command.part(3), "shutdown") == 0)) + { + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + } + + // ip... + else if (strcasecmp(command.part(3), "ip") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // description... + else if (strcasecmp(command.part(3), "description") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // manage... + else if (strcasecmp(command.part(3), "manage") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + // SSH... + else if (strcasecmp(command.part(1), "ssh") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SSL... + else if (strcasecmp(command.part(1), "ssl") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Console... + else if (strcasecmp(command.part(1), "console") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SCP... + else if (strcasecmp(command.part(1), "scp") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // NetScreen Security Manager... + else if (strcasecmp(command.part(1), "nsmgmt") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Domain... + else if (strcasecmp(command.part(1), "domain") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // DNS... + else if (strcasecmp(command.part(1), "dns") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Possible hostname... + else if ((command.part(0)[strlen(command.part(0)) -2] == '-') && (command.part(0)[strlen(command.part(0)) - 1] == '>')) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + if ((authentication->localUser == 0) && (config->deviceTypeChecks == true)) + return libnipper_error_wrongdevice; + + // Sort out any specified version... + if (config->osVersion != 0) + { + if (strlen(config->osVersion) > 0) + { + general->version.assign(config->osVersion); + + // Version Major... + tempVersion = atoi(config->osVersion); + if ((tempVersion != 0) || (config->osVersion[0] == '0')) + { + general->versionMajor = tempVersion; + tempInt = 0; + while ((tempInt < strlen(config->osVersion)) && (config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Minor... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionMinor = tempVersion; + general->noMinor = false; + + while ((tempInt < strlen(config->osVersion)) && (config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Revision... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionRevision = tempVersion; + general->noRevision = false; + + while ((tempInt < strlen(config->osVersion)) &&(config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Tweak... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionTweak = tempVersion; + general->noTweak = false; + } + } + } + } + } + } + } + } + } + + return 0; +} + + +bool ScreenOSDevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + int count = 0; + int returnCode = 0; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (count < 2)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (strcmp(command.part(0), "set") == 0) + { + if (strcmp(command.part(1), "admin") == 0) + { + if (strcmp(command.part(2), "name") == 0) + count++; + + else if (strcmp(command.part(2), "password") == 0) + count++; + } + } + } + fclose(inputFile); + + if (count == 2) + return true; + else + return false; +} + diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..e7d3b8d --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/device.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_ScreenOS_H +#define device_ScreenOS_H + + +#include "../device/device.h" + + +class ScreenOSDevice : public Device +{ + public: + ScreenOSDevice(); + ~ScreenOSDevice(); + + int processDevice(); + bool isDeviceType(); +}; + + +#endif diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/dns.cpp.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/dns.cpp.svn-base new file mode 100644 index 0000000..924f29c --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/dns.cpp.svn-base @@ -0,0 +1,172 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "dns.h" + + +ScreenOSDNS::ScreenOSDNS() +{ + nameMappingConfig = i18n("*DEVICETYPE* devices can be configured to resolve name to address mappings. This section details those settings."); // The text paragraph in the config section + + // Host configuration + showInterface = true; // Are interfaces supported? + + // DNS Client Settings + dnsClientSupported = true; // DNS Client Supported? + dnsLookupEnabled = false; // DNS lookups enabled? + disableLookup = ""; // The text and commands to disable DNS lookup + dnsRetries = 0; // DNS lookup retries + dnsRetriesSupported = false; // DNS lookup retries Supported? + dnsTimeout = 0; // DNS timeout + dnsTimeoutSupported = false; // DNS timeout Supported? + + // DNS Server Options... + dnsRecordKeepAliveSupported = false; // Is the DNS keep Alive message type supported? + returnRecordsSupported = false; // Is the single/multiple record field supported? + dynamicDNSSupported = true; // Is Dynamic DNS Supported? + dnsServerSupported = true; // Is DNS Server Supported? + dnsServiceEnabled = false; // Is the DNS service enabled? + dynamicDNSEnabled = false; // Is dynamic DNS enabled? + dnsProxySupported = true; // Is DNS Proxy Server Supported? + dnsProxyEnabled = false; // Is the DNS Proxy service enabled? + dnsPort = 53; // DNS Server Port +} + + +int ScreenOSDNS::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + dnsRecordConfig *recordPointer = 0; + dnsConfig *dnsPointer = 0; + bool setting = false; + int tempInt = 0; + + // Init + tempInt = 2; + if (strcasecmp(command->part(0), "unset") == 0) + setting = false; + else + setting = true; + + // Domain... + if (strcasecmp(command->part(1), "domain") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDomain Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + dnsDomain.assign(command->part(2)); + } + + // DNS Host Record... + else if ((strcasecmp(command->part(tempInt), "host") == 0) && (strcasecmp(command->part(tempInt + 1), "name") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Record Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + + if (setting == true) + { + recordPointer = addDNSRecord(); + recordPointer->recordType.assign("A"); + recordPointer->address.assign(command->part(5)); + recordPointer->name.assign(command->part(4)); + } + } + + // DNS server... + else if ((strcasecmp(command->part(2), "host") == 0) && (strncasecmp(command->part(3), "dns", 3) == 0) && (strcasecmp(command->part(4), "0.0.0.0") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + { + dnsPointer = addDNSServer(command->part(4)); + switch (command->part(3)[3]) + { + case '1': + dnsPointer->description.assign(i18n("Primary")); + break; + case '2': + dnsPointer->description.assign(i18n("Secondary")); + break; + default: + dnsPointer->description.assign(i18n("Tertiary")); + break; + } + if (strcasecmp(command->part(5), "src-interface") == 0) + dnsPointer->interface.assign(command->part(6)); + } + } + + // Proxy... + else if ((strcasecmp(command->part(2), "proxy") == 0) && (strcasecmp(command->part(3), "enable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Proxy Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + dnsProxyEnabled = true; + } + + // Dynamic DNS... + else if ((strcasecmp(command->part(2), "ddns") == 0) && (strcasecmp(command->part(3), "enable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDynamic DNS Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + dynamicDNSEnabled = true; + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int ScreenOSDNS::processDefaults(Device *device) +{ + if ((dnsProxyEnabled == true) || (dnsRecord != 0)) + dnsServiceEnabled = true; + + return 0; +} + diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/dns.h.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/dns.h.svn-base new file mode 100644 index 0000000..c88a4b4 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/dns.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ScreenOSDNS_H +#define ScreenOSDNS_H + + +#include "../device/dns/dns.h" + + +class ScreenOSDNS : public DNS +{ + public: + + ScreenOSDNS(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/filter.cpp.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/filter.cpp.svn-base new file mode 100644 index 0000000..157982c --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/filter.cpp.svn-base @@ -0,0 +1,916 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../device/common/configline.h" +#include "../globaldefs.h" +#include "device.h" +#include "filter.h" + + +ScreenOSFilter::ScreenOSFilter() +{ + // Policy list type descriptions... + intrazoneTitle = i18n("Intrazone Policy"); + intrazoneDescription = i18n("An intrazone policy defines the network traffic that is permitted between two seperate interfaces bound to the same zone."); + interzoneTitle = i18n("Interzone Policy"); + interzoneDescription = i18n("An interzone policy defines the network traffic that is permitted between different zones."); + globalzoneTitle = i18n("Global Policy"); + globalzoneDescription = i18n("The global policy defines the network traffic that is permitted between addresses in the global zone."); + serviceObjectTitle = i18n("Service Objects"); + serviceObjectDescription = i18n("Service objects are used to defined specific protocols, source and destination ports for a named service. The service objects can then be used in a policy rule, either directly or through a service group definition. *DEVICETYPE* devices have a number of predefined service objects, or custom service objects can be created. This section details the custom service objects and any predefined objects that are used in the firewall policy rules."); + serviceGroupObjectTitle = i18n("Service Object Group"); + serviceGroupObjectDescription = i18n("Service object groups are used to group service objects. Once service objects have been grouped they can be used within policy rules using the service group name."); + addressGroupObjectTitle = i18n("Address Object Group"); + addressGroupObjectDescription = i18n("Address object groups are used to group a zones address book entries. When policy rules are defined, to ease administration, multiple addresses can be referenced using the address group name rather than individually."); + addressObjectListTitle = i18n("Security Zone Address Book"); + addressObjectListDescription = i18n("The security zone address books define hosts and networks for a security zone. These addresses can then be used within the policy rule configuration."); + + // Filter device options... + logLevelsSupported = false; // Are log Levels supported + logOnlyDenySupported = false; // Is only Deny rule logging supported + noAccessWithoutFilters = true; // Is access not granted if no filters are configured + filterSupportsInstalled = false; // If filtering supports installed (i.e. CheckPoint) + filterSupportsThrough = false; // If a filtering supports through (i.e. CheckPoint) + rejectRulesSupported = true; // If reject rules are supported + bypassRulesSupported = false; // If bypass rules are supported + defaultRulesSupported = false; // If default rules are supported + ruleListsAreAssigned = false; // Rule lists are assigned to specific elements + allowName = i18n("Permit"); // The name given to an allowed filter + denyName = i18n("Deny"); // The name given to a denied filter + rejectName = i18n("Reject"); // The name given to a rejected filter + filterConfigTitle = i18n("Security Zone Policy Configuration"); // The Title for the configuration report section + filterConfigText = i18n("A policy is a set of rules that will determine whether traffic between security zones (interzone), between interfaces in the same zone (intrazone) or between addresses in the global zone are permitted or denied. Each interface can be assigned to a different security zone, and multiple interfaces can be assigned to a single security zone."); // The device specific configuration report section text + filterConfigText2 = i18n("The policy is processed by *DEVICETYPE* devices from the top to the bottom with the first policy rule that applies taking effect. If no rule matches, the default policy will take effect, which is set to deny by default on *DEVICETYPE*. Policies are applied in the following order:"); // The device specific configuration report section text2 + useFilterID = true; // Use the filter ID to identify a filter (otherwise a line no. is used) + filterIDTitle = i18n("Rule"); // The title for the filter ID/line no. table column + filterListName = i18n("policy list"); // The name of the filter list, for use in text paragraphs + filterListNameTitle = i18n("Policy list"); // The name of the filter list, for use in titles + filterListNamePlaural = i18n("policy lists"); // The name of the filter list, for use in text paragraphs + filterTitle = i18n("Rule"); // The name of a filter, for use in titles + filterTitlePlaural = i18n("Rules"); // The name of a filter, for use in titles + filterName = i18n("rule"); // The name of a filter, for use use in text paragraph + filterNamePlaural = i18n("rules"); // The name of a filter, for use use in text paragraph + + // Issue titles... + allowAndNotLogIssue = i18n("All Permit Rules Do Not Log"); // The title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogTable = i18n("Permit rules that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogConcl = i18n("all permit rules do not log"); // The conclusions text for the "All Allow Rules Do Not Log" issue + allowAndNotLogReco = i18n("Configure logging for all rules"); // The recommendations text for the "All Allow Rules Do Not Log" issue + denyAndNotLogIssue = i18n("All Deny Rules Do Not Log"); // The title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogTable = i18n("Deny rules that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogConcl = i18n("all deny rules do not log"); // The conclusions text for the "All Allow Rules Do Not Log" issue + configRuleLogging = i18n(""); // The text describing how to configure logging for filter rules + noFilteringIssue = i18n("No Filtering Rules Were Configured"); // The title text for the "No filtering" issue + noFilteringRec = i18n("Configure network filtering"); // The title text for the "No filtering" recommendation + noFilteringCon = i18n("no network filtering was configured"); // The title text for the "No filtering" conclusion + legacyIssueFinding = i18n(""); // The finding for the legacy issue + legacyIssueImpact = i18n(""); // The impact for the legacy issue + legacyIssueEase = i18n(""); // The ease for the legacy issue + legacyIssueRec = i18n(""); // The recommendation for the legacy issue + allowAnythingTable = i18n("rules allow any access"); // The allow anything table title text + allowWeakTable = i18n("rules provide weak filtering"); // Weak source/service/destination/service table title text + allowAnyAnyAnyTable = i18n("rules allow any host to any destination and service"); // The allow any source, destination and service table title text + allowWeakWeakWeakTable = i18n("rules provide weak filtering of source, destination and service"); // The allow weak source, destination and service table title text + allowAnyServiceAnyTable = i18n("rules allow any source port to any destination and service"); // The allow any source port, destination and service table title text + allowWeakServiceAnyTable = i18n("rules provide weak filtering of source port to destination and service"); // The allow weak source, destination and service table title text + allowAnyAnyTable = i18n("rules allow any source to any destination"); // The allow any source, destination table title text + allowAnyAnyServiceTable = i18n("rules allow any source to any destination service"); // The allow any source, destination service table title text + allowAnyDestServiceTable = i18n("rules allow any destination and service"); // The allow any destination and service table title text + allowAnyPortDestTable = i18n("rules allow any source port to any destination address"); // The allow any source port to any destination table title text + allowAnyPortServiceTable = i18n("rules allow any source port to any destination service"); // The allow any source port to any dest service table title text + allowWeakWeakTable = i18n("rules permit weak filtering of source and destination addresses"); // The allow weak source, destination addresses + allowWeakWeakServiceTable = i18n("rules permit weak source addresses and destination services"); // The allow weak source, destination service table title text + allowDestAndServiceTable = i18n("rules permit weak destination addresses and services");// The allow weak destination and service table title text + allowWeakPortDestTable = i18n("rules permit weak source ports and destination"); // The allow weak source port to Destination table title text + allowWeakPortServiceTable = i18n("rules permit weak source ports and destination services"); // The allow weak source port to service table title text + allowAnySourceTable = i18n("rules permit from any source address"); // The allow any source address table title text + allowNetSourceTable = i18n("rules permit from a network source address"); // The allow a network source address table title text + allowAnyPortTable = i18n("rules permit from any source port"); // The allow any source port table title text + allowRangePortTable = i18n("rules permit from a source port range"); // The allow range source port table title text + allowAnyDestTable = i18n("rules permit to any destination"); // The allow any destination table title text + allowNetDestTable = i18n("rules permit to a network destination"); // The allow a network destination table title text + allowToAnyDestServiceTable = i18n("rules permit to any destination service"); // The allow any destination service table title text + allowToNetDestServiceTable = i18n("rules permit to a destination service range"); // The allow a destination service range table title text + bypassContentFilterCon = i18n("rules are configured that bypass the content filtering"); // Bypass filter conclusion text + bypassContentFilterRec = i18n("Connfigure rules not to bypass the content filtering"); // Bypass filter recommendation text + defaultFilterCon = i18n("rules are configured to default to the ports filtering action"); // Default filter conclusion text + defaultFilterRec = i18n("Configure rules not to default to the ports filtering action");// Default filter recommendation text + rejectSecurityIssueTitle = i18n("Reject rules Are Configured"); // Reject filter title text + securityRejectTextCon = i18n("rules are configured that reject network traffic"); // Reject filter conclusion text + securityRejectTextRec = i18n("Configure rules to deny rather than reject network traffic"); // Reject filter recommendation text + clearTextServiceCon = i18n("rules were configured that permit access to clear text protocol services"); // Clear Text Service conclusions text + clearTextServiceRec = i18n("Configure rules to deny access to any clear text protocol services"); // Clear Text Service recommendations text2 + configureFilterListRecIssueText = i18n(""); // The text and commands to configure a filter list + configureFilterRecIssueText = i18n("A *DEVICETYPE* device policy rule can be configured with the following command:*CODE**COMMAND*set policy from *CMDUSER*src-zone*-CMDUSER* to *CMDUSER*dst-zone*-CMDUSER* *CMDUSER*source*-CMDUSER* *CMDUSER*dest*-CMDUSER* *CMDUSER*service*-CMDUSER* *CMDOPTION*permit *CMDOR* deny*-CMDOPTION**-COMMAND**-CODE*"); // The text and commands to configure a filter + unnecessaryServiceCon = i18n("rules were configured that permit access to potentially unnecessary services"); // Unnecessary Service conclusions text + unnecessaryServiceRec = i18n("Configure rules to deny access to any unnecessary services"); // Unnecessary Service recommendations text2 + filtersWithNoCommentsTitle = i18n("Not All Rules Include Comments"); // Filters with no comments title text + noFilterCommentsCon = i18n("not all rules include comment text indicating their purpose"); // The no comments conclusion text + noFilterCommentsRec = i18n("Configure comment text for all rules"); // The no comments recommendation text + configureFilterCommentText = i18n(""); // The text and commands to configure a filters comment text + disabledFiltersTitle = i18n("Disabled Rules Were Configured"); // The disabled filter issues title text + removeFilterText = i18n(""); // The commands and text to delete a filter + disabledFilterCon = i18n("disabled rules were configured"); // The disabled filter conclusion text + disabledFilterRec = i18n("Remove all disabled rules"); // The disabled filter recommendation text + defaultActionIssueTitle = i18n("The Default Network Filtering Action Permits Access"); // The default filter action issue title + defaultActionIssueCon = i18n("the default policy list action was configured to permit access when a rule does not match"); // The default filter action conclusion text + defaultActionIssueRec = i18n("Set the default policy list action to deny network traffic"); // The default filter action recommendation text + configureDefaultActionText = i18n(""); // The text and commands to configure the default action + unusedFiltersIssueTitle = i18n("Unused Rules Were Configured At The Policy Lists End"); // Unused filters at the end of the filter list title + unusedFiltersIssueCon = i18n("unused Rules were configured at the end of the policy lists"); // Unused filters issue conclusions text + unusedFiltersIssueRec = i18n("Remove all unused rules"); // Unused filters issue recommendation text + denyAllLogIssueTitle = i18n("Policy List Does Not End with Deny All And Log"); // Deny All And Log Issue title + denyAllLogConfigure = i18n(""); // The text and commands to add a deny all and log line + denyAllLogIssueCon = i18n("not all Policy Lists end with a deny all and log "); // The deny all and log conclusions text + denyAllLogIssueRec = i18n("Configure a deny all and log rule as the last rule in each policy list"); // The deny all and log recommendations text + contradictIssueTitle = i18n("Contradicting Rules Were Configured"); // The contradict issue title + contradictIssueTable = i18n("contradictions of rule"); // The contradict table issue title + contradictIssueCon = i18n("rules were configured that contradict other rules"); // The contradict issue conclusion + contradictIssueRec = i18n("Reconfigure the rules so they do not contradict other rule"); // The contradict issue recommendation + duplicateIssueTitle = i18n("Duplicate Rules Were Configured"); // The duplicate/overlapping issue title + duplicateIssueTable = i18n("duplicates of rule"); // The duplicate/overlapping issue title + duplicateIssueCon = i18n("rules were configured that duplicate the configuration of other rules"); // The duplicate/overlapping issue title + duplicateIssueRec = i18n("Reconfigure the Rules so that the rules do not duplicate other Rules"); // The duplicate/overlapping issue title + +} + + +ScreenOSFilter::~ScreenOSFilter() +{ +} + + +int ScreenOSFilter::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + filterListConfig *filterListPointer = 0; + filterConfig *filterPointer = 0; + filterObjectConfig *objectPointer = 0; + filterObjectConfig *objectSubPointer = 0; + netObjectListConfig *objectListPointer = 0; + int tempInt = 0; + int policyId = 0; + bool globalzone = false; + string policyName; + string tempString; + + // Policy... + if (strcasecmp(command->part(1), "policy") == 0) + { + tempInt = 2; + + // Global + if (strcasecmp(command->part(tempInt), "global") == 0) + { + globalzone = true; + tempInt++; + } + + // Policy id + if (strcasecmp(command->part(tempInt), "id") == 0) + { + tempInt++; + policyId = atoi(command->part(tempInt)); + tempInt++; + } + + // Policy name + if (strcasecmp(command->part(tempInt), "name") == 0) + { + tempInt++; + policyName.assign(command->part(tempInt)); + tempInt++; + } + + // From / To... + if ((strcasecmp(command->part(tempInt), "from") == 0) && (strcasecmp(command->part(tempInt + 2), "to") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy From/To Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + // Create list and filter... + filterListPointer = getFilterList(command->part(tempInt), command->part(tempInt + 2)); + filterListPointer->name.assign(command->part(tempInt)); + tempInt += 2; + filterListPointer->to.assign(command->part(tempInt)); + if (globalzone == true) + { + filterListPointer->globalFilter = true; + filterListPointer->type = globalzoneTitle; + filterListPointer->typeDescription = globalzoneDescription; + } + else if (strcasecmp(command->part(tempInt), command->part(tempInt + 2)) == 0) + { + filterListPointer->type = intrazoneTitle; + filterListPointer->typeDescription = intrazoneDescription; + } + else + { + filterListPointer->type = interzoneTitle; + filterListPointer->typeDescription = interzoneDescription; + } + filterListPointer->loggingSupport = true; + filterListPointer->supportsTime = true; + filterListPointer->sourceServiceSupported = false; + filterListPointer->disabledFilterSupport = true; + filterListPointer->showProtocol = false; + tempInt++; + filterPointer = getFilter(policyId, filterListPointer); + + // Source... + objectPointer = addFilterObject(filterPointer, source); + if (strcasecmp(command->part(tempInt), "Any") == 0) + { + objectPointer->name.assign(i18n("Any")); + objectPointer->type = anyObject; + } + else + { + objectPointer->name.assign(command->part(tempInt)); + objectPointer->type = groupObject; + objectPointer->serviceOper = Filter::serviceOperEqual; + } + tempInt++; + + // Destination... + objectPointer = addFilterObject(filterPointer, destination); + if (strcasecmp(command->part(tempInt), "Any") == 0) + { + objectPointer->name.assign(i18n("Any")); + objectPointer->type = anyObject; + } + else + { + objectPointer->name.assign(command->part(tempInt)); + objectPointer->type = groupObject; + objectPointer->serviceOper = Filter::serviceOperEqual; + } + tempInt++; + + // Destination Service... + objectPointer = addFilterObject(filterPointer, destinationService); + if (strcasecmp(command->part(tempInt), "ANY") == 0) + { + objectPointer->name.assign(i18n("Any")); + objectPointer->type = anyObject; + } + else + { + objectPointer->name.assign(command->part(tempInt)); + objectPointer->serviceOper = Filter::serviceOperEqual; + objectPointer->type = groupObject; + } + tempInt++; + + // Action... + if (strcasecmp(command->part(tempInt), "permit") == 0) + filterPointer->action = allowAction; + else if (strcasecmp(command->part(tempInt), "deny") == 0) + filterPointer->action = denyAction; + else if (strcasecmp(command->part(tempInt), "reject") == 0) + filterPointer->action = rejectAction; + else if (strcasecmp(command->part(tempInt), "nat") == 0) + { + filterPointer->action = natAction; + return 0; + } + else if (strcasecmp(command->part(tempInt), "tunnel") == 0) + { + filterPointer->action = tunnelAction; + return 0; + } + tempInt++; + + while (tempInt < command->parts) + { + + // Log + if (strcasecmp(command->part(tempInt), "log") == 0) + filterPointer->log = true; + + tempInt++; + } + } + + // Disable + else if (strcasecmp(command->part(tempInt), "disable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Disable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer = getFilter(policyId); + if (filterPointer != 0) + filterPointer->enabled = false; + } + + // Policy Context + else if (tempInt == command->parts) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Context Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer = getFilter(policyId); + if (filterPointer != 0) + { + while ((strcasecmp(command->part(0), "exit") != 0) && (feof(device->inputFile) == 0)) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Name + if (strcasecmp(command->part(1), "name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->name.assign(command->part(2)); + } + + // Log + else if (strcasecmp(command->part(1), "log") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Log Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->log = true; + } + + // Destination + else if (strcasecmp(command->part(1), "dst-address") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Destination Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, destination); + objectPointer->name.assign(command->part(2)); + objectPointer->type = groupObject; + objectPointer->serviceOper = Filter::serviceOperEqual; + } + + // Source + else if (strcasecmp(command->part(1), "src-address") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Source Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, source); + objectPointer->name.assign(command->part(2)); + objectPointer->type = groupObject; + objectPointer->serviceOper = Filter::serviceOperEqual; + } + + // Service + else if (strcasecmp(command->part(1), "service") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Service Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, destinationService); + objectPointer->name.assign(command->part(2)); + objectPointer->type = groupObject; + objectPointer->serviceOper = Filter::serviceOperEqual; + } + + else if (strcasecmp(command->part(0), "exit") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Context End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + } + } + + // All others... + else + device->lineNotProcessed(line); + } + + // Service... + else if ((strcasecmp(command->part(1), "service") == 0) && (strcasecmp(command->part(3), "timeout") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer = getObjectList("Custom service objects"); + objectListPointer->type = enhancedServiceObject; + objectListPointer->title = serviceObjectTitle; + objectListPointer->description = serviceObjectDescription; + if (strcasecmp(command->part(3), "protocol") == 0) + tempInt = 4; + else + tempInt = 3; + + // Add service object + objectPointer = addObject(objectListPointer); + objectPointer->name.assign(command->part(2)); + objectPointer->type = enhancedServiceObject; + + // Add protocol + objectSubPointer = addObject(objectPointer, protocol); + if (strcasecmp(command->part(tempInt), "icmp") == 0) + { + objectSubPointer->type = icmpObject; + tempInt += 2; + objectSubPointer->name.assign(command->part(tempInt)); + tempInt += 2; + objectSubPointer->netmask.assign(command->part(tempInt)); + } + else if (strcasecmp(command->part(tempInt), "ms-rpc") == 0) + { + objectSubPointer->type = rpcObject; + tempInt += 2; + objectSubPointer->name.assign(i18n("*ABBREV*MS*-ABBREV*-*ABBREV*RPC*-ABBREV*")); + objectSubPointer->netmask.assign(command->part(tempInt)); + } + else if (strcasecmp(command->part(tempInt), "sun-rpc") == 0) + { + objectSubPointer->type = rpcObject; + tempInt += 2; + objectSubPointer->name.assign(i18n("*ABBREV*RPC*-ABBREV*")); + objectSubPointer->netmask.assign(command->part(tempInt)); + } + else + { + objectSubPointer->type = protocolObject; + if (strcasecmp(command->part(tempInt), "tcp") == 0) + objectSubPointer->name.assign(i18n("*ABBREV*TCP*-ABBREV*")); + else if (strcasecmp(command->part(tempInt), "udp") == 0) + objectSubPointer->name.assign(i18n("*ABBREV*UDP*-ABBREV*")); + else + { + objectSubPointer->name.assign(device->getProtocol(atoi(command->part(tempInt)))); + if (objectSubPointer->name.empty()) + objectSubPointer->name.assign(command->part(tempInt)); + } + tempInt++; + + while (tempInt < command->parts) + { + if (strcasecmp(command->part(tempInt), "src-port") == 0) + { + objectSubPointer = addObject(objectPointer, sourceService); + objectSubPointer->type = portObject; + tempInt++; + tempString.assign(command->part(tempInt)); + if (tempString.compare("0-65535") == 0) + { + objectSubPointer->name.assign("0"); + objectSubPointer->netmask.assign("65535"); + objectSubPointer->serviceOper = serviceOperAny; + } + else + { + objectSubPointer->name.assign(tempString.substr(0, tempString.find("-"))); + objectSubPointer->netmask.assign(tempString.substr(tempString.find("-") + 1)); + if (objectSubPointer->name.compare(objectSubPointer->netmask) != 0) + objectSubPointer->serviceOper = serviceOperRange; + else + { + objectSubPointer->serviceOper = Filter::serviceOperEqual; + objectSubPointer->netmask.assign(""); + } + } + } + + else if (strcasecmp(command->part(tempInt), "dst-port") == 0) + { + objectSubPointer = addObject(objectPointer, destinationService); + objectSubPointer->type = portObject; + tempInt++; + tempString.assign(command->part(tempInt)); + if (tempString.compare("0-65535") == 0) + { + objectSubPointer->name.assign("0"); + objectSubPointer->netmask.assign("65535"); + objectSubPointer->serviceOper = serviceOperAny; + } + else + { + objectSubPointer->name.assign(tempString.substr(0, tempString.find("-"))); + objectSubPointer->netmask.assign(tempString.substr(tempString.find("-") + 1)); + if (objectSubPointer->name.compare(objectSubPointer->netmask) != 0) + objectSubPointer->serviceOper = serviceOperRange; + else + { + objectSubPointer->serviceOper = Filter::serviceOperEqual; + objectSubPointer->netmask.assign(""); + } + } + } + + tempInt++; + } + } + } + + // Address... + else if ((strcasecmp(command->part(1), "group") == 0) && (strcasecmp(command->part(2), "address") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sGroup Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer = getObjectList(command->part(4), command->part(3)); + objectListPointer->type = groupObject; + objectListPointer->title = addressGroupObjectTitle; + objectListPointer->description = addressGroupObjectDescription; + + tempInt = 5; + while (tempInt < command->parts) + { + if (strcasecmp(command->part(tempInt), "add") == 0) + { + tempInt++; + objectPointer = addObject(objectListPointer); + objectPointer->type = addressObject; + objectPointer->serviceOper = Filter::serviceOperEqual; + objectPointer->name.assign(command->part(tempInt)); + } + + else if (strcasecmp(command->part(tempInt), "comment") == 0) + { + tempInt++; + if (objectPointer != 0) + { + objectPointer->comment.assign(command->part(tempInt)); + objectListPointer->objectCommentSupported = true; + } + else + objectListPointer->comment.assign(command->part(tempInt)); + } + + tempInt++; + } + } + + // Service... + else if ((strcasecmp(command->part(1), "group") == 0) && (strcasecmp(command->part(2), "service") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sGroup Service Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer = getObjectList(command->part(3)); + objectListPointer->type = serviceObject; + objectListPointer->title = serviceGroupObjectTitle; + objectListPointer->description = serviceGroupObjectDescription; + + tempInt = 4; + while (tempInt < command->parts) + { + if (strcasecmp(command->part(tempInt), "add") == 0) + { + tempInt++; + objectPointer = addObject(objectListPointer); + objectPointer->type = enhancedServiceObject; + objectPointer->name.assign(command->part(tempInt)); + objectPointer->serviceOper = Filter::serviceOperEqual; + } + + else if (strcasecmp(command->part(tempInt), "comment") == 0) + { + tempInt++; + if (objectPointer != 0) + { + objectPointer->comment.assign(command->part(tempInt)); + objectListPointer->objectCommentSupported = true; + } + else + objectListPointer->comment.assign(command->part(tempInt)); + } + + tempInt++; + } + } + + // Address... + else if (strcasecmp(command->part(1), "address") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAddress Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Get Object List + objectListPointer = getObjectList(command->part(2)); + objectListPointer->type = addressBookObject; + objectListPointer->title = addressObjectListTitle; + objectListPointer->description = addressObjectListDescription; + + // Set list entry + objectPointer = addObject(objectListPointer); + objectPointer->type = hostObject; + objectPointer->label.assign(command->part(3)); + tempString.assign(command->part(4)); + if (tempString.find("/") == string::npos) + { + tempInt = 6; + objectPointer->name.assign(command->part(4)); + objectPointer->netmask.assign(command->part(5)); + if (objectPointer->netmask.compare("255.255.255.255") != 0) + objectPointer->type = networkObject; + } + else + { + tempInt = 5; + objectPointer->name.assign(tempString.substr(0, tempString.find("/") - 1)); + objectPointer->netmask.assign(device->cidrToNetmask(tempString.substr(tempString.find("/") + 1).c_str())); + if (objectPointer->netmask.compare("255.255.255.255") != 0) + objectPointer->type = networkObject; + } + + if (tempInt < command->parts) + { + objectListPointer->objectCommentSupported = true; + objectPointer->comment.assign(command->part(tempInt)); + } + objectPointer->serviceOper = Filter::serviceOperEqual; + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +struct Builtin +{ + bool added; + const char *name; + const char *protocol; + const char *source; + Filter::serviceOperType sourceType; + const char *dest; + const char *destEnd; + Filter::serviceOperType destType; + struct Builtin *next; +}; + +// last 123 +struct Builtin builtin122 = {false, "LPR", "TCP", "Any", Filter::serviceOperAny, "515", "", Filter::serviceOperEqual, 0}; +struct Builtin builtin121 = {false, "LDAP", "TCP", "Any", Filter::serviceOperAny, "389", "", Filter::serviceOperEqual, &builtin122}; +struct Builtin builtin120 = {false, "L2TP", "UDP", "Any", Filter::serviceOperAny, "1701", "", Filter::serviceOperEqual, &builtin121}; +struct Builtin builtin119 = {false, "IRC", "TCP", "Any", Filter::serviceOperAny, "6660", "6669", Filter::serviceOperRange, &builtin120}; +struct Builtin builtin118 = {false, "IKE-NAT", "UDP", "500", Filter::serviceOperEqual, "500", "", Filter::serviceOperEqual, &builtin119}; +struct Builtin builtin117 = {false, "Internet Locator Service", "", "", Filter::serviceOperNotEqual, "636", "", Filter::serviceOperEqual, &builtin118}; +struct Builtin builtin116 = {false, "Internet Locator Service", "", "", Filter::serviceOperNotEqual, "522", "", Filter::serviceOperEqual, &builtin117}; +struct Builtin builtin115 = {false, "Internet Locator Service", "TCP", "Any", Filter::serviceOperAny, "389", "", Filter::serviceOperEqual, &builtin116}; +struct Builtin builtin114 = {false, "IMAP", "TCP", "Any", Filter::serviceOperAny, "143", "", Filter::serviceOperEqual, &builtin115}; +struct Builtin builtin113 = {false, "IKE", "UDP", "Any", Filter::serviceOperAny, "500", "", Filter::serviceOperEqual, &builtin114}; +struct Builtin builtin112 = {false, "IDENT", "TCP", "Any", Filter::serviceOperAny, "113", "", Filter::serviceOperEqual, &builtin113}; +struct Builtin builtin111 = {false, "HTTPS", "TCP", "Any", Filter::serviceOperAny, "443", "", Filter::serviceOperEqual, &builtin112}; +struct Builtin builtin110 = {false, "HTTP-EXT", "", "", Filter::serviceOperNotEqual, "9080", "", Filter::serviceOperEqual, &builtin111}; +struct Builtin builtin109 = {false, "HTTP-EXT", "", "", Filter::serviceOperNotEqual, "8888", "", Filter::serviceOperEqual, &builtin110}; +struct Builtin builtin108 = {false, "HTTP-EXT", "", "", Filter::serviceOperNotEqual, "8200", "", Filter::serviceOperEqual, &builtin109}; +struct Builtin builtin107 = {false, "HTTP-EXT", "", "", Filter::serviceOperNotEqual, "8100", "", Filter::serviceOperEqual, &builtin108}; +struct Builtin builtin106 = {false, "HTTP-EXT", "", "", Filter::serviceOperNotEqual, "8081", "", Filter::serviceOperEqual, &builtin107}; +struct Builtin builtin105 = {false, "HTTP-EXT", "", "", Filter::serviceOperNotEqual, "8001", "", Filter::serviceOperEqual, &builtin106}; +struct Builtin builtin104 = {false, "HTTP-EXT", "TCP", "Any", Filter::serviceOperAny, "7001", "", Filter::serviceOperEqual, &builtin105}; +struct Builtin builtin103 = {false, "HTTP", "TCP", "Any", Filter::serviceOperAny, "80", "", Filter::serviceOperEqual, &builtin104}; +struct Builtin builtin102 = {false, "H.323", "", "", Filter::serviceOperNotEqual, "1719", "", Filter::serviceOperEqual, &builtin103}; +struct Builtin builtin101 = {false, "H.323", "", "", Filter::serviceOperNotEqual, "1731", "", Filter::serviceOperEqual, &builtin102}; +struct Builtin builtin100 = {false, "H.323", "", "", Filter::serviceOperNotEqual, "522", "", Filter::serviceOperEqual, &builtin101}; +struct Builtin builtin99 = {false, "H.323", "", "", Filter::serviceOperNotEqual, "389", "", Filter::serviceOperEqual, &builtin100}; +struct Builtin builtin98 = {false, "H.323", "UDP", "", Filter::serviceOperNotEqual, "1503", "", Filter::serviceOperEqual, &builtin99}; +struct Builtin builtin97 = {false, "H.323", "TCP", "Any", Filter::serviceOperAny, "1720", "", Filter::serviceOperEqual, &builtin98}; +struct Builtin builtin96 = {false, "GOPHER", "TCP", "Any", Filter::serviceOperAny, "70", "", Filter::serviceOperEqual, &builtin97}; +struct Builtin builtin95 = {false, "GNUTELLA", "TCP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin96}; +struct Builtin builtin94 = {false, "GNUTELLA", "UDP", "Any", Filter::serviceOperAny, "6346", "6347", Filter::serviceOperRange, &builtin95}; +struct Builtin builtin93 = {false, "FTP-PUT", "TCP", "Any", Filter::serviceOperAny, "21", "", Filter::serviceOperEqual, &builtin94}; +struct Builtin builtin92 = {false, "FTP-GET", "TCP", "Any", Filter::serviceOperAny, "21", "", Filter::serviceOperEqual, &builtin93}; +struct Builtin builtin91 = {false, "FTP", "TCP", "Any", Filter::serviceOperAny, "21", "", Filter::serviceOperEqual, &builtin92}; +struct Builtin builtin90 = {false, "FINGER", "TCP", "Any", Filter::serviceOperAny, "79", "", Filter::serviceOperEqual, &builtin91}; +struct Builtin builtin89 = {false, "ECHO", "TCP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin90}; +struct Builtin builtin88 = {false, "ECHO", "UDP", "Any", Filter::serviceOperAny, "7", "", Filter::serviceOperEqual, &builtin89}; +struct Builtin builtin87 = {false, "DNS", "TCP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin88}; +struct Builtin builtin86 = {false, "DNS", "UDP", "Any", Filter::serviceOperAny, "53", "", Filter::serviceOperEqual, &builtin87}; +struct Builtin builtin85 = {false, "DISCARD", "TCP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin86}; +struct Builtin builtin84 = {false, "DISCARD", "UDP", "Any", Filter::serviceOperAny, "9", "", Filter::serviceOperEqual, &builtin85}; +struct Builtin builtin83 = {false, "DHCP-RELAY", "", "", Filter::serviceOperNotEqual, "68", "", Filter::serviceOperEqual, &builtin84}; +struct Builtin builtin82 = {false, "DHCP-RELAY", "UDP", "Any", Filter::serviceOperAny, "67", "", Filter::serviceOperEqual, &builtin83}; +struct Builtin builtin81 = {false, "CHARGEN", "UDP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin82}; +struct Builtin builtin80 = {false, "CHARGEN", "TCP", "Any", Filter::serviceOperAny, "19", "", Filter::serviceOperEqual, &builtin81}; +struct Builtin builtin79 = {false, "BGP", "TCP", "Any", Filter::serviceOperAny, "179", "", Filter::serviceOperEqual, &builtin80}; +struct Builtin builtin78 = {false, "AOL", "TCP", "Any", Filter::serviceOperAny, "5190", "5194", Filter::serviceOperRange, &builtin79}; +struct Builtin builtin77 = {false, "GTP", "", "", Filter::serviceOperNotEqual, "2152", "", Filter::serviceOperEqual, &builtin78}; +struct Builtin builtin76 = {false, "GTP", "TCP", "", Filter::serviceOperNotEqual, "3386", "", Filter::serviceOperEqual, &builtin77}; +struct Builtin builtin75 = {false, "GTP", "UDP", "Any", Filter::serviceOperAny, "2123", "", Filter::serviceOperEqual, &builtin76}; +struct Builtin builtin74 = {false, "MGCP-CA", "UDP", "Any", Filter::serviceOperAny, "2727", "", Filter::serviceOperEqual, &builtin75}; +struct Builtin builtin123 = {false, "MGCP", "UDP", "Any", Filter::serviceOperAny, "2427", "", Filter::serviceOperEqual, &builtin74}; +struct Builtin builtin73 = {false, "MGCP-UA", "UDP", "Any", Filter::serviceOperAny, "2427", "", Filter::serviceOperEqual, &builtin123}; +struct Builtin builtin72 = {false, "SCCP", "TCP", "Any", Filter::serviceOperAny, "2000", "", Filter::serviceOperEqual, &builtin73}; +struct Builtin builtin71 = {false, "INCOMING-DIP", "TCP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin72}; +struct Builtin builtin70 = {false, "INCOMING-DIP", "UDP", "0", Filter::serviceOperEqual, "0", "", Filter::serviceOperEqual, &builtin71}; +struct Builtin builtin69 = {false, "YMSG", "TCP", "Any", Filter::serviceOperAny, "5050", "", Filter::serviceOperEqual, &builtin70}; +struct Builtin builtin68 = {false, "X-WINDOWS", "TCP", "Any", Filter::serviceOperAny, "6000", "6063", Filter::serviceOperRange, &builtin69}; +struct Builtin builtin67 = {false, "WINFRAME", "TCP", "Any", Filter::serviceOperAny, "1494", "", Filter::serviceOperEqual, &builtin68}; +struct Builtin builtin66 = {false, "WHOIS", "TCP", "Any", Filter::serviceOperAny, "43", "", Filter::serviceOperEqual, &builtin67}; +struct Builtin builtin65 = {false, "WAIS", "TCP", "Any", Filter::serviceOperAny, "210", "", Filter::serviceOperEqual, &builtin66}; +struct Builtin builtin64 = {false, "VNC", "", "", Filter::serviceOperNotEqual, "5900", "", Filter::serviceOperEqual, &builtin65}; +struct Builtin builtin63 = {false, "VNC", "TCP", "Any", Filter::serviceOperAny, "5800", "", Filter::serviceOperEqual, &builtin64}; +struct Builtin builtin62 = {false, "VDO Live", "TCP", "Any", Filter::serviceOperAny, "7000", "7010", Filter::serviceOperRange, &builtin63}; +struct Builtin builtin61 = {false, "UUCP", "UDP", "Any", Filter::serviceOperAny, "540", "", Filter::serviceOperEqual, &builtin62}; +struct Builtin builtin60 = {false, "UDP-ANY", "UDP", "Any", Filter::serviceOperAny, "Any", "", Filter::serviceOperNotEqual, &builtin61}; +struct Builtin builtin59 = {false, "TRACEROUTE", "UDP", "Any", Filter::serviceOperAny, "33400", "34000", Filter::serviceOperRange, &builtin60}; +struct Builtin builtin58 = {false, "TFTP", "UDP", "Any", Filter::serviceOperAny, "69", "", Filter::serviceOperEqual, &builtin59}; +struct Builtin builtin57 = {false, "Telnet", "TCP", "Any", Filter::serviceOperAny, "23", "", Filter::serviceOperEqual, &builtin58}; +struct Builtin builtin56 = {false, "TCP-ANY", "TCP", "Any", Filter::serviceOperAny, "Any", "", Filter::serviceOperNotEqual, &builtin57}; +struct Builtin builtin55 = {false, "TALK", "", "", Filter::serviceOperNotEqual, "518", "", Filter::serviceOperEqual, &builtin56}; +struct Builtin builtin54 = {false, "TALK", "UDP", "Any", Filter::serviceOperAny, "517", "", Filter::serviceOperEqual, &builtin55}; +struct Builtin builtin53 = {false, "SYSLOG", "UDP", "Any", Filter::serviceOperAny, "514", "", Filter::serviceOperEqual, &builtin54}; +struct Builtin builtin52 = {false, "SUN-RPC-PORTMAPPER", "UDP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin53}; +struct Builtin builtin51 = {false, "SUN-RPC-PORTMAPPER", "TCP", "Any", Filter::serviceOperAny, "111", "", Filter::serviceOperEqual, &builtin52}; +struct Builtin builtin50 = {false, "SSH", "TCP", "Any", Filter::serviceOperAny, "22", "", Filter::serviceOperEqual, &builtin51}; +struct Builtin builtin49 = {false, "SQL*NetV2", "TCP", "Any", Filter::serviceOperAny, "1521", "", Filter::serviceOperEqual, &builtin50}; +struct Builtin builtin48 = {false, "SQL*NetV1", "TCP", "Any", Filter::serviceOperAny, "1525", "", Filter::serviceOperEqual, &builtin49}; +struct Builtin builtin47 = {false, "SQL Monitor", "UDP", "Any", Filter::serviceOperAny, "1434", "", Filter::serviceOperEqual, &builtin48}; +struct Builtin builtin46 = {false, "SMTP", "TCP", "Any", Filter::serviceOperAny, "25", "", Filter::serviceOperEqual, &builtin47}; +struct Builtin builtin45 = {false, "SMB", "", "", Filter::serviceOperNotEqual, "445", "", Filter::serviceOperEqual, &builtin46}; +struct Builtin builtin44 = {false, "SMB", "TCP", "Any", Filter::serviceOperAny, "139", "", Filter::serviceOperEqual, &builtin45}; +struct Builtin builtin43 = {false, "SNMP", "UDP", "Any", Filter::serviceOperAny, "162", "", Filter::serviceOperEqual, &builtin44}; +struct Builtin builtin42 = {false, "SNMP", "TCP", "Any", Filter::serviceOperAny, "161", "", Filter::serviceOperEqual, &builtin43}; +struct Builtin builtin41 = {false, "SIP", "TCP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin42}; +struct Builtin builtin40 = {false, "SIP", "UDP", "", Filter::serviceOperNotEqual, "5060", "", Filter::serviceOperEqual, &builtin41}; +struct Builtin builtin39 = {false, "RTSP", "TCP", "Any", Filter::serviceOperAny, "554", "", Filter::serviceOperEqual, &builtin40}; +struct Builtin builtin38 = {false, "RSH", "TCP", "Any", Filter::serviceOperAny, "514", "", Filter::serviceOperEqual, &builtin39}; +struct Builtin builtin37 = {false, "RLOGIN", "TCP", "Any", Filter::serviceOperAny, "513", "", Filter::serviceOperEqual, &builtin38}; +struct Builtin builtin36 = {false, "RIP", "UDP", "Any", Filter::serviceOperAny, "520", "", Filter::serviceOperEqual, &builtin37}; +struct Builtin builtin35 = {false, "REXEC", "TCP", "Any", Filter::serviceOperAny, "512", "", Filter::serviceOperEqual, &builtin36}; +struct Builtin builtin34 = {false, "Real Media", "", "", Filter::serviceOperNotEqual, "554", "", Filter::serviceOperEqual, &builtin35}; +struct Builtin builtin33 = {false, "Real Media", "TCP", "Any", Filter::serviceOperAny, "7070", "", Filter::serviceOperEqual, &builtin34}; +struct Builtin builtin32 = {false, "Radius", "", "", Filter::serviceOperNotEqual, "1813", "", Filter::serviceOperEqual, &builtin33}; +struct Builtin builtin31 = {false, "Radius", "UDP", "Any", Filter::serviceOperAny, "1812", "", Filter::serviceOperEqual, &builtin32}; +struct Builtin builtin30 = {false, "PPTP", "TCP", "Any", Filter::serviceOperAny, "1723", "", Filter::serviceOperEqual, &builtin31}; +struct Builtin builtin29 = {false, "POP3", "TCP", "Any", Filter::serviceOperAny, "110", "", Filter::serviceOperEqual, &builtin30}; +struct Builtin builtin28 = {false, "PC Anywhere", "", "", Filter::serviceOperNotEqual, "5631", "", Filter::serviceOperEqual, &builtin29}; +struct Builtin builtin27 = {false, "PC Anywhere", "UDP", "", Filter::serviceOperNotEqual, "22", "", Filter::serviceOperEqual, &builtin28}; +struct Builtin builtin26 = {false, "PC Anywhere", "TCP", "Any", Filter::serviceOperAny, "5632", "", Filter::serviceOperEqual, &builtin27}; +struct Builtin builtin25 = {false, "NTP", "UDP", "Any", Filter::serviceOperAny, "123", "", Filter::serviceOperEqual, &builtin26}; +struct Builtin builtin24 = {false, "NSM", "", "", Filter::serviceOperNotEqual, "15400", "", Filter::serviceOperEqual, &builtin25}; +struct Builtin builtin23 = {false, "NSM", "", "", Filter::serviceOperNotEqual, "11122", "", Filter::serviceOperEqual, &builtin24}; +struct Builtin builtin22 = {false, "NSM", "", "", Filter::serviceOperNotEqual, "7800", "", Filter::serviceOperEqual, &builtin23}; +struct Builtin builtin21 = {false, "NSM", "UDP", "", Filter::serviceOperNotEqual, "7204", "", Filter::serviceOperEqual, &builtin22}; +struct Builtin builtin20 = {false, "NSM", "TCP", "Any", Filter::serviceOperAny, "69", "", Filter::serviceOperEqual, &builtin21}; +struct Builtin builtin19 = {false, "NS Global Pro", "TCP", "", Filter::serviceOperNotEqual, "15400", "15403", Filter::serviceOperRange, &builtin20}; +struct Builtin builtin18 = {false, "NS Global Pro", "UDP", "Any", Filter::serviceOperAny, "15397", "", Filter::serviceOperEqual, &builtin19}; +struct Builtin builtin17 = {false, "NS Global", "UDP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin18}; +struct Builtin builtin16 = {false, "NS Global", "TCP", "Any", Filter::serviceOperAny, "15397", "", Filter::serviceOperEqual, &builtin17}; +struct Builtin builtin15 = {false, "NNTP", "TCP", "Any", Filter::serviceOperAny, "119", "", Filter::serviceOperEqual, &builtin16}; +struct Builtin builtin14 = {false, "NFS", "UDP", "", Filter::serviceOperNotEqual, "2049", "", Filter::serviceOperEqual, &builtin15}; +struct Builtin builtin13 = {false, "NFS", "TCP", "Any", Filter::serviceOperAny, "111", "", Filter::serviceOperEqual, &builtin14}; +struct Builtin builtin12 = {false, "NetMeeting", "", "", Filter::serviceOperNotEqual, "1719", "", Filter::serviceOperEqual, &builtin13}; +struct Builtin builtin11 = {false, "NetMeeting", "", "", Filter::serviceOperNotEqual, "1731", "", Filter::serviceOperEqual, &builtin12}; +struct Builtin builtin10 = {false, "NetMeeting", "", "", Filter::serviceOperNotEqual, "522", "", Filter::serviceOperEqual, &builtin11}; +struct Builtin builtin9 = {false, "NetMeeting", "", "", Filter::serviceOperNotEqual, "389", "", Filter::serviceOperEqual, &builtin10}; +struct Builtin builtin8 = {false, "NetMeeting", "TCP", "", Filter::serviceOperNotEqual, "1503", "", Filter::serviceOperEqual, &builtin9}; +struct Builtin builtin7 = {false, "NetMeeting", "UDP", "Any", Filter::serviceOperAny, "1720", "", Filter::serviceOperEqual, &builtin8}; +struct Builtin builtin6 = {false, "NBDB", "UDP", "Any", Filter::serviceOperAny, "138", "", Filter::serviceOperEqual, &builtin7}; +struct Builtin builtin5 = {false, "NBNAME", "UDP", "Any", Filter::serviceOperAny, "137", "", Filter::serviceOperEqual, &builtin6}; +struct Builtin builtin4 = {false, "MS-SQL", "TCP", "Any", Filter::serviceOperAny, "1433", "", Filter::serviceOperEqual, &builtin5}; +struct Builtin builtin3 = {false, "MS-RPC-EPM", "UDP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin4}; +struct Builtin builtin2 = {false, "MS-RPC-EPM", "TCP", "Any", Filter::serviceOperAny, "135", "", Filter::serviceOperEqual, &builtin3}; +struct Builtin builtin1 = {false, "MSN", "TCP", "Any", Filter::serviceOperAny, "1863", "", Filter::serviceOperEqual, &builtin2}; +struct Builtin builtin = {false, "MAIL", "TCP", "Any", Filter::serviceOperAny, "25", "", Filter::serviceOperEqual, &builtin1}; + + +int ScreenOSFilter::processDeviceSpecificDefaults(Device *device) +{ + // Variables... + filterListConfig *filterListPointer = 0; + filterConfig *filterPointer = 0; + filterObjectConfig *objectPointer = 0; + filterObjectConfig *objectSubPointer = 0; + netObjectListConfig *serviceListPointer = 0; + netObjectListConfig *builtinListPointer = 0; + Builtin *builtinPointer = 0; + + // Init service list... + serviceListPointer = getOnlyObjectList("Service Objects"); + + // Add any builtin predefined objects that are used... + filterListPointer = filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + objectPointer = 0; + if (filterPointer->destinationService != 0) + { + if (filterPointer->destinationService->type != anyObject) + { + if (serviceListPointer != 0) + objectPointer = getObject(filterPointer->destinationService->name.c_str(), serviceListPointer); + + // If this object has not been found, check the builtin service list... + if (objectPointer == 0) + { + builtinPointer = &builtin; + while (builtinPointer != 0) + { + if (strcasecmp(builtinPointer->name, filterPointer->destinationService->name.c_str()) == 0) + { + if (builtinPointer->added == true) + builtinPointer = 0; + else + { + if (builtinListPointer == 0) + { + builtinListPointer = getObjectList(i18n("Predefined service objects")); + builtinListPointer->title = serviceObjectTitle; + builtinListPointer->description = serviceObjectDescription; + builtinListPointer->type = enhancedServiceObject; + } + builtinPointer->added = true; + + // Create object... + objectPointer = getObject(filterPointer->destinationService->name.c_str(), builtinListPointer); + if (objectPointer == 0) + { + objectPointer = addObject(builtinListPointer); + objectPointer->name.assign(filterPointer->destinationService->name.c_str()); + objectPointer->type = enhancedServiceObject; + objectPointer->serviceOper= serviceOperEqual; + } + + // Add protocol... + if (strcmp(builtinPointer->protocol, "") != 0) + { + objectSubPointer = addObject(objectPointer, protocol); + objectSubPointer->type = protocolObject; + objectSubPointer->name.assign(builtinPointer->protocol); + } + + // Add source port... + if (strcmp(builtinPointer->source, "") != 0) + { + objectSubPointer = addObject(objectPointer, sourceService); + objectSubPointer->type = portObject; + objectSubPointer->name.assign(builtinPointer->source); + objectSubPointer->serviceOper = builtinPointer->sourceType; + } + + // Add destination port... + if (strcmp(builtinPointer->dest, "") != 0) + { + objectSubPointer = addObject(objectPointer, destinationService); + objectSubPointer->type = portObject; + objectSubPointer->name.assign(builtinPointer->dest); + objectSubPointer->netmask.assign(builtinPointer->destEnd); + objectSubPointer->serviceOper = builtinPointer->destType; + } + } + } + if (builtinPointer != 0) + builtinPointer = builtinPointer->next; + } + } + } + } + + filterPointer = filterPointer->next; + } + + filterListPointer = filterListPointer->next; + } + + return 0; +} diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/filter.h.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/filter.h.svn-base new file mode 100644 index 0000000..815502c --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/filter.h.svn-base @@ -0,0 +1,70 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ScreenOSFilter_H +#define ScreenOSFilter_H + + +#include "../device/filter/filter.h" + + +class ScreenOSFilter : public Filter +{ + public: + ScreenOSFilter(); + ~ScreenOSFilter(); + + + private: + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDeviceSpecificDefaults(Device *device); + + const char *intrazoneTitle; + const char *intrazoneDescription; + const char *interzoneTitle; + const char *interzoneDescription; + const char *globalzoneTitle; + const char *globalzoneDescription; + const char *addressObjectListTitle; + const char *addressObjectListDescription; + const char *serviceObjectTitle; + const char *serviceObjectDescription; + const char *serviceGroupObjectTitle; + const char *serviceGroupObjectDescription; + const char *addressGroupObjectTitle; + const char *addressGroupObjectDescription; + const char *predefinedObjectListTitle; + const char *predefinedObjectListDescription; +}; + + +#endif + diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/general.cpp.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/general.cpp.svn-base new file mode 100644 index 0000000..2948645 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/general.cpp.svn-base @@ -0,0 +1,157 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +ScreenOSGeneral::ScreenOSGeneral() +{ +} + + +int ScreenOSGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "unset") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 1; + setting = true; + } + + // Hostname + if (strcasecmp(command->part(tempInt), "hostname") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHostname Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostname = command->part(tempInt + 1); + } + + // Temp Hostname + else if ((command->part(0)[strlen(command->part(0)) -2] == '-') && (command->part(0)[strlen(command->part(0)) - 1] == '>')) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHostname Prompt Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempHostname.assign(command->part(0)); + tempHostname.resize(tempHostname.length() - 2); + } + + return 0; +} + + +int ScreenOSGeneral::processDefaults(Device *device) +{ + if (hostname.empty()) + hostname.assign(tempHostname); + + // Split Version Numbers... +/* if (!version.empty()) + { + versionMajor = atoi(version.c_str()); + if ((version.find_first_of('.') != string::npos) && (version.length() > version.find_first_of('.') + 1)) + versionMinor = atoi(version.c_str() + version.find_first_of('.') + 1); + }*/ + + return 0; +} + + +int ScreenOSGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; +/* + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-GENERAL"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-GENERAL-TABLE"); + + // Password Encryption... + if (servicePasswordEncryption != unconfigured) + { + device->addTableData(paragraphPointer->table, i18n("Service Password Encryption")); + if (servicePasswordEncryption == on) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + }*/ + + return errorCode; +} + + +int ScreenOSGeneral::generateSecuritySpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; +/* + // Service Password Encryption... + if (servicePasswordEncryption == off) + { + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Service Password Encryption Disabled")); + securityIssuePointer->reference.assign("IOS.PASSENCR.1"); + securityIssuePointer->overallRating = 8; + securityIssuePointer->impactRating = 9; + securityIssuePointer->easeRating = 2; + securityIssuePointer->fixRating = 1; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("Cisco service passwords by default are stored in their clear text form rather than being encrypted. However, it is possible to have these passwords stored using the reversible Cisco type-7 encryption. *COMPANY* determined that the service password encryption that helps to provide a basic level of encryption for passwords that otherwise would be stored in clear text was disabled on the Cisco device *DEVICENAME*.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("The Cisco type-7 password encryption provides little in the way of protection against an attacker who has access to the configuration file. However, the Cisco type-7 password encryption would provide a level of protect against a malicious user who had managed to briefly view a devices configuration.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("If a malicious user were able to glance a password from a devices configuration they could use it to gain a level of access to *DEVICENAME*. If the passwords were encrypted using the Cisco type-7 routine, a malicious user that had access to the devices configuration would have to decode the password first. Tools are widely available on the Internet that can reverse Cisco type-7 passwords.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that the Cisco password encryption service be enabled. The Cisco password encryption service can be started with the following Cisco *ABBREV*IOS*-ABBREV* command:")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*CODE**COMMAND*service password-encryption*-COMMAND**-CODE*")); + securityIssuePointer->conLine.assign(i18n("service password encryption was disabled")); + securityIssuePointer->recLine.assign(i18n("enable the service password encryption")); + }*/ + return errorCode; +} diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/general.h.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/general.h.svn-base new file mode 100644 index 0000000..0aec627 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/general.h.svn-base @@ -0,0 +1,58 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ScreenOSdevicegeneral_H +#define ScreenOSdevicegeneral_H + +#include "../device/general/general.h" + + +class ScreenOSGeneral : public General +{ + public: + ScreenOSGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Reporting... + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + + private: + + string tempHostname; +}; + + +#endif diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/interfaces.cpp.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/interfaces.cpp.svn-base new file mode 100644 index 0000000..97af8ec --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/interfaces.cpp.svn-base @@ -0,0 +1,293 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "interfaces.h" + + +ScreenOSInterfaces::ScreenOSInterfaces() +{ + // Interface Options... + useModuleAndPort = false; // Use the module / port instead of the name + useInterfaceZone = true; // Use the interface zone + zoneName = i18n("Zone"); // The name for zone field + filterIn = i18n("Filter In"); // The filter in table title text + filterOut = i18n("Filter Out"); // The filter out table title text + showDescription = true; // Show the interface description + cdpGlobalRequired = false; // If CDP needs to be enabled globally as well + disableCDPText = i18n(""); // The text and commands to disable CDP + cdpSupported = false; // Is CDP supported on interfaces + disableProxyARPText = i18n(""); // The text and commands to disable Proxy ARP + disableUnreachablesText = i18n(""); // The text and commands to disable ICMP unreachable messages + disableInformationText = i18n(""); // The text and commands to disable ICMP information messages + disableMaskText = i18n(""); // The text and commands to disable ICMP mask messages + disableRedirectText = i18n(""); // The text and commands to disable ICMP redirect messages + disableDirectedText = i18n(""); // The text and commands to disable directed broadcasts + disableMOPText = i18n(""); // The text and commands to disable MOP + disableActiveText = i18n("Interfaces can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*set interface *CMDUSER*interface*-CMDUSER* disable*-COMMAND**-CODE*"); // The text and commands to disable potentially unused interfaces + filterName = i18n("filter lists"); // The filter list name for use in the filter issue text + configFilterText = i18n(""); // The text and commands to configure network filtering + defaultAutoTrunk = false; // Default to automatically trunk + disableTrunkText = i18n(""); // The text and commands to disable trunking on a port + enablePortSecurityText = i18n(""); // The text and commands to enable port security +} + + +int ScreenOSInterfaces::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + interfaceListConfig *interfaceListPointer = 0; + interfaceConfig *interfacePointer = 0; + string tempString; + int tempInt = 0; + + // Init + tempInt = 2; + if (strcasecmp(command->part(0), "set") == 0) + { + // Get the correct list for the type of interface... + if (strncasecmp(command->part(tempInt), "ethernet", 8) == 0) + { + interfaceListPointer = getInterfaceList("ETHERINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Ethernet Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices ethernet interfaces."); + interfaceListPointer->tableTitle = i18n("Ethernet interfaces"); + interfaceListPointer->label = "ETHERINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt) + 8); + } + else if (strncasecmp(command->part(tempInt), "wireless", 8) == 0) + { + interfaceListPointer = getInterfaceList("WIREINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Wireless Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices wireless interfaces."); + interfaceListPointer->tableTitle = i18n("Wireless interfaces"); + interfaceListPointer->label = "WIREINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt) + 8); + } + else if (strncasecmp(command->part(tempInt), "serial", 6) == 0) + { + interfaceListPointer = getInterfaceList("SERIALINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Serial Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices serial interfaces."); + interfaceListPointer->tableTitle = i18n("Serial interfaces"); + interfaceListPointer->label = "SERIALINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt) + 6); + } + else if (strncasecmp(command->part(tempInt), "vlan", 4) == 0) + { + interfaceListPointer = getInterfaceList("VLANINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*VLAN*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*VLAN*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*VLAN*-ABBREV* interfaces"); + interfaceListPointer->label = "VLANINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt) + 4); + } + else if (strncasecmp(command->part(tempInt), "bri", 3) == 0) + { + interfaceListPointer = getInterfaceList("BRIINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*ISDN*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*ISDN*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*ISDN*-ABBREV* interfaces"); + interfaceListPointer->label = "BRIINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt) + 3); + } + else if (strncasecmp(command->part(tempInt), "tunnel", 6) == 0) + { + interfaceListPointer = getInterfaceList("TUNINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Tunnel Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices tunnel interfaces."); + interfaceListPointer->tableTitle = i18n("Tunnel interfaces"); + interfaceListPointer->label = "TUNINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt) + 6); + } + else if ((strncasecmp(command->part(tempInt), "shdsl", 5) == 0) || (strncasecmp(command->part(tempInt), "adsl", 4) == 0)) + { + interfaceListPointer = getInterfaceList("DSLINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*DSL*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*DSL*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*DSL*-ABBREV* interfaces"); + interfaceListPointer->label = "DSLINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt)); + } + else if (strncasecmp(command->part(tempInt), "bgroup", 6) == 0) + { + interfaceListPointer = getInterfaceList("BGROUPINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Bridge group Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices bridge group interfaces."); + interfaceListPointer->tableTitle = i18n("Bridge group interfaces"); + interfaceListPointer->label = "BGROUPINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt) + 6); + } + else + { + interfaceListPointer = getInterfaceList("INTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices interfaces."); + interfaceListPointer->tableTitle = i18n("Interfaces"); + interfaceListPointer->label = "INTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt)); + } + tempInt++; + + if ((strcasecmp(command->part(tempInt), "ip") == 0) && (strcasecmp(command->part(tempInt + 1), "manageable") != 0) && (strcasecmp(command->part(tempInt + 1), "unnumbered") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface IP Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempInt++; + if (command->parts > 4) + { + tempString.assign(command->part(tempInt)); + if (tempString.find("/") == string::npos) + { + interfacePointer->address.assign(command->part(tempInt)); + interfacePointer->netmask.assign(command->part(tempInt + 1)); + } + else + { + interfacePointer->address.assign(tempString.substr(0, tempString.find("/") - 1)); + interfacePointer->netmask.assign(device->cidrToNetmask(tempString.substr(tempString.find("/") + 1).c_str())); + } + } + } + + else if (strcasecmp(command->part(tempInt), "zone") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Zone Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempInt++; + if (command->parts > 4) + { + interfacePointer->zone.assign(command->part(tempInt)); + } + } + + else if (strcasecmp(command->part(tempInt), "description") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Description Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempInt++; + if (command->parts > 4) + { + interfacePointer->description.assign(command->part(tempInt)); + } + } + + else if ((strcasecmp(command->part(tempInt), "disable") == 0) || (strcasecmp(command->part(tempInt), "shutdown") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Disable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempInt++; + if (command->parts > 4) + { + interfacePointer->enabled = false; + } + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int ScreenOSInterfaces::processDefaults(Device *device) +{ + return 0; +} + diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/interfaces.h.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/interfaces.h.svn-base new file mode 100644 index 0000000..283ab50 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/interfaces.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ScreenOSInterfaces_H +#define ScreenOSInterfaces_H + + +#include "../device/interfaces/interfaces.h" + + +class ScreenOSInterfaces : public Interfaces +{ + public: + + ScreenOSInterfaces(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + +}; + +#endif diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/snmp.cpp.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/snmp.cpp.svn-base new file mode 100644 index 0000000..37d0057 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/snmp.cpp.svn-base @@ -0,0 +1,400 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include +#include +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "administration.h" +#include "snmp.h" + +using namespace std; + + +ScreenOSSNMP::ScreenOSSNMP() +{ + // Init SNMP support options... + deviceSNMPSupportText = i18n("*DEVICETYPE* devices do not support *ABBREV*SNMP*-ABBREV* version 3. "); // Intro Config section device specific text. + supportSNMP3 = false; // Does this device support SNMPv3? + // N/A - supportSNMP3Upgrade = false; // Do you have to upgrade to get support for SNMPv3 + // N/A - supportSNMP3UpgText = i18n(""); // SNMP 3 is supported from OS version ... + disableSNMPCmdText = i18n("*ABBREV*SNMP*-ABBREV* access to *DEVICENAME* can be disabled by removing the community string configuration. This can be done with the following command:*CODE**COMMAND*unset snmp community *CMDUSER*community-string*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to disable SNMP support + configSNMPCommunityText = i18n("*ABBREV*SNMP*-ABBREV* community string access can be configured using the following commands:*CODE**COMMAND*set snmp community *CMDUSER*community-string*-CMDUSER* *CMDREQUIRE*read-only *CMDOR* read-write*-CMDREQUIRE**-COMMAND**COMMAND*set snmp host *CMDUSER*community-string*-CMDUSER* *CMDUSER*ip-address/cidr*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure a community string + // N/A - configSNMP3Text = i18n(""); // The text and command(s) to configure SNMP version 3 + // N/A - configSNMPViewText = i18n(""); // The text and command(s) to configure SNMP views + configSNMPTrapsText = i18n("*ABBREV*SNMP*-ABBREV* traps can be configured using the following commands:*CODE**COMMAND*set snmp community *CMDUSER*community-string*-CMDUSER* *CMDREQUIRE*read-only *CMDOR* read-write*-CMDREQUIRE* trap-on*-COMMAND**COMMAND*set snmp host *CMDUSER*community-string*-CMDUSER* *CMDUSER*ip-address/cidr*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP traps + // N/A - configSNMPInformsText = i18n(""); // The text and command(s) to configure SNMP informs + configSNMPReadOnlyText = i18n("*ABBREV*SNMP*-ABBREV* read only community string access can be configured using the following commands:*CODE**COMMAND*set snmp community *CMDUSER*community-string*-CMDUSER* read-only*-COMMAND**COMMAND*set snmp host *CMDUSER*community-string*-CMDUSER* *CMDUSER*ip-address/cidr*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP read only access + // N/A - configSNMPFilterText = i18n(""); // The text and command(s) to configure SNMP filtering + + // Community Options... + communityView = false; // SNMP view for the community + communityFilter = false; // SNMP Network Filtering + communityIPv6Filter = false; // SNMP IPv6 Network Filtering + communitySpecificFilters = true; // If the device uses an SNMP specific list. If false, it is std device filters + communityRequiresHosts = true; // If the SNMP community will not work without a list of those who can access it + + // Default communities... + defaultReadOnly = ""; // Default read only community + defaultReadWrite = ""; // Default read/write community + defaultReadWriteAll = ""; // Default read/write all community + + // SNMP Trap/Inform Host Options... + trapsOnly = true; // Only Traps are supported + trapsSNMPv3 = false; // SNMP v3 support for traps + trapsShowPort = false; // Show Trap Host Port in Table + trapsInterface = true; // Show Interface in Table + trapsInterfaceText = i18n("Interface"); // The Traps/Informs Host Table Interface Column Title + trapsShowNotifications = false; // Show Notifications in the Table + trapsShowEventLevel = false; // Show Notification Event Level in the Table + + // Traps/Informs Options... + trapsShowExcluded = false; // Show excluded traps + trapsShowOptions = false; // Show trap options + + // Host Options... + hostShowInterface = true; // Show the Interface in the Table + hostShowCommunity = true; // Show the Community in the Table + hostShowFilterID = false; // Show a filter ID if used + hostFilterText = i18n("Filter"); // The Table column title for the filter text + + // Device specific settings... + trapPort = 162; +} + + +int ScreenOSSNMP::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + snmpCommunity *communityPointer = 0; + snmpHostStruct *snmpHostPointer = 0; + snmpTrapHost *snmpTrapHostPointer = 0; + snmpTrap *snmpTrapPointer = 0; + int tempInt = 0; + int tempVersion = 1; + string tempString; + string tempHost; + string tempNetwork; + string tempCommunity; + string tempInterface; + bool trapsOn = false; + bool setting = false; + + // Init + tempInt = 2; + if (strcasecmp(command->part(0), "unset") == 0) + setting = false; + else + setting = true; + + // Contact... + if (strcasecmp(command->part(tempInt), "contact") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Contact Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + contact.assign(command->part(tempInt)); + } + + // Location... + else if (strcasecmp(command->part(tempInt), "location") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Location Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + location.assign(command->part(tempInt)); + } + + // Trap port... + else if ((strcasecmp(command->part(tempInt), "port") == 0) && (strcasecmp(command->part(tempInt + 1), "trap") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Port Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + if (setting == true) + trapPort = atoi(command->part(tempInt)); + } + + // Listen port... + else if ((strcasecmp(command->part(tempInt), "port") == 0) && (strcasecmp(command->part(tempInt + 1), "listen") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Listen Port Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + if (setting == true) + listenPort = atoi(command->part(tempInt)); + } + + // Name... + else if (strcasecmp(command->part(tempInt), "name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP System Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + { + name.assign(command->part(tempInt)); + if (device->general != 0) + { + if (device->general->hostname.empty()) + device->general->hostname.assign(command->part(tempInt)); + } + } + } + + // Authentication Traps... + else if (strcasecmp(command->part(tempInt), "auth-trap") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Authentication Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign("Authentication"); + } + + // Community... + else if (strcasecmp(command->part(tempInt), "community") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + communityPointer = addSNMPCommunity(); + communityPointer->community.assign(command->part(tempInt)); + tempInt++; + + // Read-only / read/write + if (strcasecmp(command->part(tempInt), "read-only") == 0) + communityPointer->type = communityReadOnly; + else + communityPointer->type = communityReadWrite; + tempInt++; + + while (tempInt < command->parts) + { + + // Traps On / Off... + if (strcasecmp(command->part(tempInt), "trap-off") == 0) + communityPointer->trapsOn = false; + else if (strcasecmp(command->part(tempInt), "trap-on") == 0) + communityPointer->trapsOn = true; + else if (strcasecmp(command->part(tempInt), "traffic") == 0) + { + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign("Traffic"); + } + + // Version... + else if (strcasecmp(command->part(tempInt), "version") == 0) + { + tempInt++; + if (strcasecmp(command->part(tempInt), "any") == 0) + communityPointer->version = 0; + else if (strcasecmp(command->part(tempInt), "v1") == 0) + communityPointer->version = 1; + else if ((strcasecmp(command->part(tempInt), "v2") == 0) || (strcasecmp(command->part(tempInt), "v2c") == 0)) + communityPointer->version = 2; + } + + tempInt++; + } + } + + // SNMP Host... + else if (strcmp(command->part(tempInt), "host") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + tempCommunity.assign(command->part(tempInt)); + tempInt++; + tempHost.assign(command->part(tempInt)); + if (tempHost.find("/") != string::npos) + { + tempString.assign(tempHost.substr(tempHost.find("/") + 1)); + tempNetwork.assign(device->cidrToNetmask(tempString.c_str())); + tempHost.erase(tempHost.find("/")); + } + else + { + tempInt++; + tempNetwork.assign(command->part(tempInt)); + } + tempInt++; + while (tempInt < command->parts) + { + if (strcasecmp(command->part(tempInt), "src-interface") == 0) + { + tempInt++; + tempInterface.assign(command->part(tempInt)); + } + else if (strcasecmp(command->part(tempInt), "trap") == 0) + { + trapsOn = true; + tempInt++; + if ((strcasecmp(command->part(tempInt), "v2") == 0) || (strcasecmp(command->part(tempInt), "v2c") == 0)) + tempVersion = 2; + else + tempVersion = 1; + } + tempInt++; + } + + // Add to NMS hosts... + snmpHostPointer = addHost(); + snmpHostPointer->host.assign(tempHost); + snmpHostPointer->networkMask.assign(tempNetwork); + snmpHostPointer->interface.assign(tempInterface); + snmpHostPointer->community.assign(tempCommunity); + + // Add to Trap Hosts... + communityPointer = getSNMPCommunity(tempCommunity.c_str()); + if (communityPointer != 0) + { + if (communityPointer->trapsOn == true) + trapsOn = true; + } + if (tempNetwork.compare("255.255.255.255") != 0) + trapsOn = false; + if (trapsOn == true) + { + snmpTrapHostPointer = addSNMPTrapHost(); + snmpTrapHostPointer->host.assign(tempHost); + snmpTrapHostPointer->trap = true; + snmpTrapHostPointer->version = tempVersion; + snmpTrapHostPointer->community.assign(tempCommunity); + snmpTrapHostPointer->interface.assign(tempInterface); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int ScreenOSSNMP::generateConfigSpecificReport(Device *device) +{ + // Variables... + ScreenOSAdministration::interfaceManagementConfig *interfacePointer = 0; + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + stringstream tempStream; + string tempString; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-SNMP"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-SNMP-TABLE"); + + // Trap Port... + device->addTableData(paragraphPointer->table, i18n("*ABBREV*SNMP*-ABBREV* Trap Port")); + tempStream.str(""); + tempStream << trapPort; + device->addTableData(paragraphPointer->table, tempStream.str().c_str()); + + if (enabled == true) + { + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access to the *ABBREV*SNMP*-ABBREV* service can be enabled on individual interfaces on *DEVICETYPE* devices. Table *TABLEREF* lists the interfaces with the *ABBREV*SNMP*-ABBREV* service enabled.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINSNMPINTER-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("*ABBREV*SNMP*-ABBREV* service interfaces"); + + // Headings... + device->addTableHeading(paragraphPointer->table, i18n("Interface"), false); + device->addTableHeading(paragraphPointer->table, i18n("Zone"), false); + + interfacePointer = dynamic_cast(device->administration)->interfaces; + while (interfacePointer != 0) + { + if ((interfacePointer->enabled == true) && (interfacePointer->snmp == true)) + { + device->addTableData(paragraphPointer->table, interfacePointer->interface.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->zone.c_str()); + } + interfacePointer = interfacePointer->next; + } + } + + return errorCode; +} + + +int ScreenOSSNMP::processDefaults(Device *device) +{ + // Variables... + ScreenOSAdministration::interfaceManagementConfig *interfacePointer = 0; + snmpCommunity *communityPointer = 0; + bool enableSNMP = false; + + // Enable SNMP? + communityPointer = community; + while ((communityPointer != 0) && (enabled == false)) + { + if ((communityPointer->enabled == true) && (hostCommunityExists(communityPointer->community.c_str()) == true)) + { + enabled = true; + snmp12Enabled = true; + } + communityPointer = communityPointer->next; + } + + if (enabled == true) + { + interfacePointer = dynamic_cast(device->administration)->interfaces; + while (interfacePointer != 0) + { + if (interfacePointer->snmp == true) + enableSNMP = true; + interfacePointer = interfacePointer->next; + } + enabled = enableSNMP; + } + + return 0; +} + diff --git a/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/snmp.h.svn-base b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/snmp.h.svn-base new file mode 100644 index 0000000..3385ae1 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/.svn/text-base/snmp.h.svn-base @@ -0,0 +1,56 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ScreenOSdevicesnmp_H +#define ScreenOSdevicesnmp_H + +#include "../device/snmp/snmp.h" + + +class ScreenOSSNMP : public SNMP +{ + public: + ScreenOSSNMP(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + int generateConfigSpecificReport(Device *device); + + + private: + + // Device specific properties... + unsigned int trapPort; +}; + + +#endif diff --git a/libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp b/libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp new file mode 100644 index 0000000..79054e1 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/administration-report.cpp @@ -0,0 +1,168 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "administration.h" + + +int ScreenOSAdministration::generateDeviceTelnetConfig(Device *device) // A device specific config report output +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + interfaceManagementConfig *interfacePointer = 0; + int errorCode = 0; + + if (telnetEnabled == true) + { + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access to the Telnet service can be enabled on individual interfaces on *DEVICETYPE* devices. Table *TABLEREF* lists the interfaces with the Telnet service enabled.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINTELNETINTER-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("Telnet service interfaces"); + + // Headings... + device->addTableHeading(paragraphPointer->table, i18n("Interface"), false); + device->addTableHeading(paragraphPointer->table, i18n("Zone"), false); + + interfacePointer = interfaces; + while (interfacePointer != 0) + { + if ((interfacePointer->enabled == true) && (interfacePointer->telnet == true)) + { + device->addTableData(paragraphPointer->table, interfacePointer->interface.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->zone.c_str()); + } + interfacePointer = interfacePointer->next; + } + } + + return errorCode; +} + + +int ScreenOSAdministration::generateDeviceSSHConfig(Device *device) // A device specific config report output +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + interfaceManagementConfig *interfacePointer = 0; + int errorCode = 0; + + if (sshEnabled == true) + { + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access to the *ABBREV*SSH*-ABBREV* service can be enabled on individual interfaces on *DEVICETYPE* devices. Table *TABLEREF* lists the interfaces with the *ABBREV*SSH*-ABBREV* service enabled.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINSSHINTER-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("*ABBREV*SSH*-ABBREV* service interfaces"); + + // Headings... + device->addTableHeading(paragraphPointer->table, i18n("Interface"), false); + device->addTableHeading(paragraphPointer->table, i18n("Zone"), false); + + interfacePointer = interfaces; + while (interfacePointer != 0) + { + if ((interfacePointer->enabled == true) && (interfacePointer->ssh == true)) + { + device->addTableData(paragraphPointer->table, interfacePointer->interface.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->zone.c_str()); + } + interfacePointer = interfacePointer->next; + } + } + + return errorCode; +} + + +int ScreenOSAdministration::generateDeviceHTTPConfig(Device *device) // A device specific config report output +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + interfaceManagementConfig *interfacePointer = 0; + int errorCode = 0; + + if ((httpEnabled == true) || (httpsEnabled == true)) + { + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access to the *ABBREV*HTTP*-ABBREV* and *ABBREV*HTTPS*-ABBREV* services can be enabled on individual interfaces on *DEVICETYPE* devices. Table *TABLEREF* lists the interfaces with these services enabled.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINHTTPINTER-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("*ABBREV*HTTP*-ABBREV* service interfaces"); + + // Headings... + device->addTableHeading(paragraphPointer->table, i18n("Interface"), false); + device->addTableHeading(paragraphPointer->table, i18n("Zone"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*HTTP*-ABBREV*"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*HTTPS*-ABBREV*"), false); + + interfacePointer = interfaces; + while (interfacePointer != 0) + { + if ((interfacePointer->enabled == true) && ((interfacePointer->web == true) || (interfacePointer->ssl == true))) + { + device->addTableData(paragraphPointer->table, interfacePointer->interface.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->zone.c_str()); + if (interfacePointer->web == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + if (interfacePointer->ssl == true) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + } + interfacePointer = interfacePointer->next; + } + } + + return errorCode; +} + diff --git a/libnipper-0.12.6/Juniper-ScreenOS/administration.cpp b/libnipper-0.12.6/Juniper-ScreenOS/administration.cpp new file mode 100644 index 0000000..6413a83 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/administration.cpp @@ -0,0 +1,702 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "administration.h" + + +ScreenOSAdministration::ScreenOSAdministration() +{ + interfaces = 0; + consolePageBreaks = 22; + sshUsed = false; + scsUsed = false; + globalProUsed = false; + nsmgmtUsed = false; + mtraceUsed = false; + + + // ----------------------------------------------------------------------- + // Device Specific Settings... + // ----------------------------------------------------------------------- + + // General... + generalSettings = true; // Show the general settings section? + consoleEnabled = true; // Is the Console port enabled? + consoleSupported = true; // Is a console port supported? + //consoleTimeoutSupported = true; // Is a console timeout supported? + //consoleTimeout = 600; // Console timeout + //configConsoleTimeout = i18n(""); // The text and commands to configure the timeout + auxSupported = true; // Are AUX port(s) supported? + auxEnabled = true; // Is AUX port(s) enabled? + configAuxPort = i18n("The *ABBREV*AUX*-ABBREV* port can be disabled on *DEVICENAME* with the following command:*CODE**COMMAND*set console aux disable*-COMMAND**-CODE*"); + connectionTimeoutSupported = true; // Is a connection timeout supported? + connectionTimeout = 600; // Connection Timeout + configTimeout = i18n("The console timeout setting is used to timeout idle connections to *DEVICETYPE* devices using the console port, Telnet or *ABBREV*SSH*-ABBREV*. The timeout can be configured with the following command:*CODE**COMMAND*set console timeout *CMDUSER*timeout-minutes*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure the timeout + + // Host restrictions... + serviceWideHosts = true; // Do all the admin services share a common host restrictions? + showHostInterface = false; // Show the Interface column in the host table? + showHostAccess = false; // Show the Access column in the host table? + serviceConfigHosts = i18n("Management host restrictions to *DEVICETYPE* devices can be configured with the following command:*CODE**COMMAND*set admin manager-ip *CMDUSER*ip-address*-CMDUSER* *CMDOPTION**CMDUSER*netmask*-CMDUSER**-CMDOPTION**-COMMAND**-CODE*"); // Text, how to configure administrative host restrictions. + + // Telnet options... + telnetSupported = true; // Is telnet supported? + telnetEnabled = true; // Is Telnet enabled? + telnetPort = 23; // The telnet service port + disableTelnet = i18n("The Telnet service can be disabled on individual interfaces using the following command:*CODE**COMMAND*unset interface *CMDUSER*interface*-CMDUSER* manage telnet*-COMMAND**-CODE*"); // How to disable telnet text... + + // SSH options... + sshSupported = false; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = true; // Is the SSH service enabled? + sshVersion = 0; // What is the SSH Protocol version (0 = 1 and 2) + sshPort = 22; // The SSH port number + configSSHSupport = i18n("*ABBREV*SSH*-ABBREV* can be enabled on individual interfaces using the following command:*CODE**COMMAND*set interface *CMDUSER*interface*-CMDUSER* manage ssh*-COMMAND**-CODE*"); // How to configure SSH... + + // SSH Options + scpSupported = false; // Is SCP supported? + scpEnabled = false; // Is SCP enabled? + + // SSH 2 support... + ssh2Supported = false; // Does the device support SSH version 2? + configSSHv2Support = i18n("*ABBREV*SSH*-ABBREV* protocol version 2 can be configured using the following command:*CODE**COMMAND*set ssh version v2*-COMMAND**-CODE*"); // How to configure protocol version 2 support only + + // Config report SSH support text + sshConfigProtocolSupport = i18n("*DEVICETYPE* devices have supported *ABBREV*SSH*-ABBREV* protocol versions 1 and 2 from *DEVICEOS* 5."); // Config report text on protocol support (e.g. supports both version 1 and 2 of the protocol) + + // HTTP(S) options... + httpSupported = true; // Does this device support HTTP + httpsSupported = true; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = true; // Is the HTTP service enabled? + httpPort = 80; // HTTP port + httpsEnabled = true; // Is the HTTPS service enabled? + httpsPort = 443; // HTTPS port + httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? + httpLabel = i18n("*ABBREV*HTTP*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*HTTPS*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + disableHTTP = i18n("*ABBREV*HTTP*-ABBREV* is disabled on individual interfaces, or from *DEVICEOS* 5, *ABBREV*HTTP*-ABBREV* can be redirected to *ABBREV*HTTPS*-ABBREV*. *ABBREV*HTTP*-ABBREV* can be disabled on interfaces with the following command:*CODE**COMMAND*unset interface *CMDUSER*interface*-CMDUSER* manage web*-COMMAND**-CODE*"); // How to disable HTTP text... + configHTTPSSupport = i18n("*ABBREV*HTTPS*-ABBREV* can be enabled with the following commands:*CODE**COMMAND*set ssl enable*-COMMAND**COMMAND*set interface *CMDUSER*interface*-CMDUSER* manage ssl*-COMMAND**-CODE*"); // How to configure HTTPS... + cipherConfigSupported = true; // Can the Ciphers be configured? + configCipherText = i18n("The 168 bit key length *ABBREV*3DES*-ABBREV*-*ABBREV*SHA1*-ABBREV* cipher can be configured with the following command:*CODE**COMMAND*set ssl encrypt 3des sha-1*-COMMAND**-CODE*"); // The text to configure a strong cipher. +} + + +ScreenOSAdministration::~ScreenOSAdministration() +{ + // Variables... + interfaceManagementConfig *interfacePointer = 0; + + // Delete interfaces... + while (interfaces != 0) + { + interfacePointer = interfaces->next; + delete interfaces; + interfaces = interfacePointer; + } +} + + +int ScreenOSAdministration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + interfaceManagementConfig *interfacePointer = 0; + cipherConfig *cipherPointer = 0; + hostFilter *hostPointer = 0; + bool setting = false; + int errorCode = 0; + + // Init + if (strcasecmp(command->part(0), "unset") == 0) + setting = false; + else if (strcasecmp(command->part(0), "set") == 0) + setting = true; + + // Interfaces... + if (strcasecmp(command->part(1), "interface") == 0) + { + + // Zone + if (strcasecmp(command->part(3), "zone") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Zone Line (Admin):%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + addInterfaceZone(command->part(2), command->part(4)); + } + + // disable + else if ((strcasecmp(command->part(3), "disable") == 0) || (strcasecmp(command->part(3), "shutdown") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Disable Line (Admin):%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(command->part(2)); + interfacePointer->enabled = false; + } + + // manage + else if (strcasecmp(command->part(3), "manage") == 0) + { + + // SSH + if (strcasecmp(command->part(4), "ssh") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface SSH Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + sshUsed = true; + interfacePointer = getInterface(command->part(2)); + interfacePointer->ssh = setting; + } + + // SSL + else if (strcasecmp(command->part(4), "ssl") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface SSL Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(command->part(2)); + interfacePointer->ssl = setting; + } + + // Telnet + else if (strcasecmp(command->part(4), "telnet") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Telnet Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(command->part(2)); + interfacePointer->telnet = setting; + } + + // Web + else if (strcasecmp(command->part(4), "web") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Web Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(command->part(2)); + interfacePointer->web = setting; + } + + // Ping + else if (strcasecmp(command->part(4), "ping") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Ping Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(command->part(2)); + interfacePointer->ping = setting; + } + + // snmp + else if (strcasecmp(command->part(4), "snmp") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface SNMP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(command->part(2)); + interfacePointer->snmp = setting; + } + + // mtrace + else if (strcasecmp(command->part(4), "mtrace") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface mtrace Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + mtraceUsed = true; + interfacePointer = getInterface(command->part(2)); + interfacePointer->mtrace = setting; + } + + // ident-reset + else if (strcasecmp(command->part(4), "ident-reset") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface ident-reser Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(command->part(2)); + interfacePointer->identReset = setting; + } + + // NSMGMT + else if (strcasecmp(command->part(4), "nsmgmt") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface NSMGMT Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + nsmgmtUsed = true; + interfacePointer = getInterface(command->part(2)); + interfacePointer->nsmgmt = setting; + } + + // SCS + else if (strcasecmp(command->part(4), "scs") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface SCS Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + scsUsed = true; + interfacePointer = getInterface(command->part(2)); + interfacePointer->scs = setting; + } + + // Global Pro + else if (strcasecmp(command->part(4), "global-pro") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Global Pro Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + globalProUsed = true; + interfacePointer = getInterface(command->part(2)); + interfacePointer->globalPro = setting; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + } + + // admin + else if (strcasecmp(command->part(1), "admin") == 0) + { + + // HTTP Redirect... + if ((strcasecmp(command->part(2), "http") == 0) && (strcasecmp(command->part(3), "redirect") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdmin HTTP Redirect Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + httpsRedirect = setting; + } + + // Telnet Port... + else if ((strcasecmp(command->part(2), "telnet") == 0) && (strcasecmp(command->part(3), "port") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdmin Telnet Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + telnetPort = atoi(command->part(4)); + } + + // SSH Port... + else if ((strcasecmp(command->part(2), "ssh") == 0) && (strcasecmp(command->part(3), "password") == 0) && (strcasecmp(command->part(4), "port") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdmin SSH Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + sshUsed = true; + if (setting == true) + sshPort = atoi(command->part(5)); + } + + // Manager IP... + else if (strcasecmp(command->part(2), "manager-ip") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdmin Host IP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + { + hostPointer = addHostFilter(allServices); + hostPointer->host.assign(command->part(3)); + hostPointer->netmask.assign(command->part(4)); + } + } + + // All others... + else + device->lineNotProcessed(line); + } + + // Console + else if (strcasecmp(command->part(1), "console") == 0) + { + + // Timeout... + if (strcasecmp(command->part(2), "timeout") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole Timeout Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + connectionTimeout = atoi(command->part(3)) * 60; + } + + // console disable... + else if (strcasecmp(command->part(2), "disable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole Disable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + consoleEnabled = false; + else + consoleEnabled = true; + } + + // console page... + else if (strcasecmp(command->part(2), "page") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole Page Lines Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + consolePageBreaks = atoi(command->part(3)); + else + consolePageBreaks = 22; + } + + // AUX disable... + else if ((strcasecmp(command->part(2), "aux") == 0) && (strcasecmp(command->part(3), "disable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole AUX Disable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + auxEnabled = false; + else + auxEnabled = true; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // SSL + else if (strcasecmp(command->part(1), "ssl") == 0) + { + + // SSL enable... + if (strcasecmp(command->part(2), "enable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSL Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + httpsEnabled = setting; + } + + // SSL port... + if (strcasecmp(command->part(2), "port") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSL Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + httpsPort = atoi(command->part(3)); + } + + // SSL encrypt... + if (strcasecmp(command->part(2), "encrypt") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSL Encrypt Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + { + cipherPointer = addCipher(); + + if (strcasecmp(command->part(3), "des") == 0) + { + cipherPointer->encryption.assign("*ABBREV*DES*-ABBREV*"); + cipherPointer->bits = 56; + cipherPointer->ssl3 = true; + cipherPointer->tls1 = true; + } + else if (strcasecmp(command->part(3), "3des") == 0) + { + cipherPointer->encryption.assign("*ABBREV*3DES*-ABBREV*"); + cipherPointer->bits = 168; + cipherPointer->ssl3 = true; + cipherPointer->tls1 = true; + } + else if (strcasecmp(command->part(3), "rc4-40") == 0) + { + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*-40"); + cipherPointer->bits = 40; + cipherPointer->ssl2 = true; + cipherPointer->ssl3 = true; + cipherPointer->tls1 = true; + } + else if (strcasecmp(command->part(3), "rc4") == 0) + { + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->bits = 128; + cipherPointer->ssl2 = true; + cipherPointer->ssl3 = true; + cipherPointer->tls1 = true; + } + + if (strcasecmp(command->part(4), "sha-1") == 0) + cipherPointer->authenticaton.assign("*ABBREV*SHA1*-ABBREV*"); + else if (strcasecmp(command->part(4), "md5") == 0) + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + } + } + + // All others... + else + device->lineNotProcessed(line); + } + + // SSH + else if (strcasecmp(command->part(1), "ssh") == 0) + { + sshUsed = true; + + // Enabled... + if (strcasecmp(command->part(2), "enable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Enabled Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + sshEnabled = setting; + } + + // Version... + else if (strcasecmp(command->part(2), "version") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSSH Version Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcasecmp(command->part(3), "v1") == 0) + sshVersion = 1; + else + sshVersion = 2; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // SCP + else if ((strcasecmp(command->part(1), "scp") == 0) && (strcasecmp(command->part(2), "enable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSCP Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + sshUsed = true; + scpEnabled = setting; + } + + // All others... + else + device->lineNotProcessed(line); + + return errorCode; +} + + +int ScreenOSAdministration::processDefaults(Device *device) +{ + // Variables... + interfaceManagementConfig *interfacePointer = 0; + cipherConfig *cipherPointer = 0; + bool ssh = false; + bool telnet = false; + bool https = false; + bool http = false; + + // SSH Used? + if ((sshUsed == true) || (device->general->versionMajor > 4)) + { + sshSupported = true; + ssh2Supported = true; + scpSupported = true; + } + + // Enable/Disable services... + interfacePointer = interfaces; + while (interfacePointer != 0) + { + if (interfacePointer->enabled == true) + { + if (interfacePointer->ssh == true) + ssh = true; + if (interfacePointer->telnet == true) + telnet = true; + if (interfacePointer->ssl == true) + https = true; + if (interfacePointer->web == true) + http = true; + } + interfacePointer = interfacePointer->next; + } + + // Switch off services + if (ssh == false) + sshEnabled = false; + if (http == false) + httpEnabled = false; + if (https == false) + httpsEnabled = false; + if (telnet == false) + telnetEnabled = false; + + // If no ciphers have been configured... + if ((httpsEnabled == true) && (ciphers == 0)) + { + cipherPointer = addCipher(); + cipherPointer->encryption.assign("*ABBREV*RC4*-ABBREV*"); + cipherPointer->bits = 128; + cipherPointer->ssl2 = true; + cipherPointer->ssl3 = true; + cipherPointer->tls1 = true; + cipherPointer->authenticaton.assign("*ABBREV*MD5*-ABBREV*"); + } + + return 0; +} + + +ScreenOSAdministration::interfaceManagementConfig *ScreenOSAdministration::getInterface(const char *interface) +{ + // Variables... + interfaceManagementConfig *interfacePointer = 0; + + // Create... + if (interfaces == 0) + { + interfaces = new (interfaceManagementConfig); + interfacePointer = interfaces; + } + else + { + interfacePointer = interfaces; + while (interfacePointer->next != 0) + { + if (interfacePointer->interface.compare(interface) == 0) + return interfacePointer; + interfacePointer = interfacePointer->next; + } + interfacePointer->next = new (interfaceManagementConfig); + interfacePointer = interfacePointer->next; + } + + // Init... + interfacePointer->interface.assign(interface); + interfacePointer->enabled = true; + interfacePointer->nsmgmt = false; + interfacePointer->ssh = false; + interfacePointer->ssl = false; + interfacePointer->telnet = false; + interfacePointer->ping = false; + interfacePointer->mtrace = false; + interfacePointer->identReset = false; + interfacePointer->web = false; + interfacePointer->snmp = false; + interfacePointer->next = 0; + + return interfacePointer; +} + + +int ScreenOSAdministration::addInterfaceZone(const char *interface, const char *zone) +{ + // Variables... + interfaceManagementConfig *interfacePointer = 0; + + // Create... + if (interfaces == 0) + { + interfaces = new (interfaceManagementConfig); + interfacePointer = interfaces; + } + else + { + interfacePointer = interfaces; + while (interfacePointer->next != 0) + interfacePointer = interfacePointer->next; + interfacePointer->next = new (interfaceManagementConfig); + interfacePointer = interfacePointer->next; + } + + // Init... + interfacePointer->interface.assign(interface); + interfacePointer->zone.assign(zone); + interfacePointer->enabled = true; + if ((strcasecmp(zone, "Trust") == 0) || (strcasecmp(zone, "vlan1") == 0) || (strcasecmp(zone, "V1-Trust") == 0)) + { + interfacePointer->nsmgmt = true; + interfacePointer->ssh = true; + interfacePointer->ssl = true; + interfacePointer->telnet = true; + interfacePointer->ping = true; + interfacePointer->mtrace = false; + interfacePointer->identReset = false; + interfacePointer->web = true; + interfacePointer->snmp = true; + } + else if ((strcasecmp(zone, "DMZ") == 0) || (strcasecmp(zone, "V1-DMZ") == 0)) + { + interfacePointer->nsmgmt = false; + interfacePointer->ssh = false; + interfacePointer->ssl = false; + interfacePointer->telnet = false; + interfacePointer->ping = true; + interfacePointer->mtrace = false; + interfacePointer->identReset = false; + interfacePointer->web = false; + interfacePointer->snmp = false; + } + else + { + interfacePointer->nsmgmt = false; + interfacePointer->ssh = false; + interfacePointer->ssl = false; + interfacePointer->telnet = false; + interfacePointer->ping = false; + interfacePointer->mtrace = false; + interfacePointer->identReset = false; + interfacePointer->web = false; + interfacePointer->snmp = false; + } + interfacePointer->next = 0; + + return 0; +} diff --git a/libnipper-0.12.6/Juniper-ScreenOS/administration.h b/libnipper-0.12.6/Juniper-ScreenOS/administration.h new file mode 100644 index 0000000..c960250 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/administration.h @@ -0,0 +1,91 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ScreenOSadministration_H +#define ScreenOSadministration_H + + +#include "../device/administration/administration.h" + + +class ScreenOSAdministration : public Administration +{ + public: + + ScreenOSAdministration(); + virtual ~ScreenOSAdministration(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + + // Methods + //virtual int generateDeviceGeneralConfig(Device *device); // A device specific config report output + int generateDeviceTelnetConfig(Device *device); // A device specific config report output + int generateDeviceSSHConfig(Device *device); // A device specific config report output + int generateDeviceHTTPConfig(Device *device); // A device specific config report output + + struct interfaceManagementConfig + { + string interface; + string zone; + bool enabled; + bool nsmgmt; + bool ssh; + bool ssl; + bool telnet; + bool snmp; + bool ping; + bool mtrace; + bool identReset; + bool web; + bool scs; + bool globalPro; + struct interfaceManagementConfig *next; + }; + interfaceManagementConfig *interfaces; + + + private: + + interfaceManagementConfig *getInterface(const char *interface); + int addInterfaceZone(const char *interface, const char *zone); + + int consolePageBreaks; + + bool sshUsed; + bool scsUsed; + bool globalProUsed; + bool nsmgmtUsed; + bool mtraceUsed; +}; + + +#endif diff --git a/libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp b/libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp new file mode 100644 index 0000000..9d4a4db --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/authentication.cpp @@ -0,0 +1,626 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "authentication.h" +#include "../device/common/configline.h" + + +ScreenOSAuthentication::ScreenOSAuthentication() +{ + // General... + authenticationConfigIntro = i18n("*DEVICETYPE* devices support local and remote authentication services. This section details the configuration of the authentication settings."); // Introduction text to the whole section + loginAttemptsSupported = true; // Login attempts supported + loginAttempts = 3; // Login attempts allowed (0 = infinite) + configAccessAuthentication = i18n("The following commands can be used on *DEVICETYPE* devices to configure the administrator accounts password and an administrative user accounts password:*CODE**COMMAND*set admin password *CMDUSER*password*-CMDUSER**-COMMAND**COMMAND*set admin user *CMDUSER*username*-CMDUSER* password *CMDUSER*password*-CMDUSER**-COMMAND**-CODE*"); + + // Authentication Methods... + authMethodSupported = true; // Authentication Method Supported + appliesToSupported = true; // Applies To Supported + namedAuthSupport = true; // Are auth servers named? + + // Local User Options... + encryptionSupported = true; // Show encryption + readOnlySupported = false; // Is read only supported? + outboundACLSupported = false; // Are outbound filtering ACL supported? + privilegeLevelSupported = true; // Are privilege levels supported? + privilegeLevelText = i18n("Access"); // The table title privilege level text + configDeviceSpecificLocalUsers = i18n("The administrative users on *DEVICETYPE* devices can be granted read/write (all) or read only access to the device. The primary device administrator has full read write access to the device configuration."); // Text for the config report local user section. + filterText = i18n("Policy"); // The table filter column title text + + // TACACS Options... + showTacacsGroupName = true; // Show the TACACS group + showTacacsRetries = true; // Show the TACACS retries + configTacacsKey = i18n("The *ABBREV*TACACS+*-ABBREV* server shared secret can be configured using the following command:*CODE**COMMAND*set auth-server *CMDUSER*label*-CMDUSER* tacacs secret *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a TACACS+ key + + // RADIUS Options... + showRadiusGroupName = true; // Show the RADIUS group + configRadiusKey = i18n("The *ABBREV*RADIUS*-ABBREV* server shared secret can be configured using the following command:*CODE**COMMAND*set auth-server *CMDUSER*label*-CMDUSER* radius secret *CMDUSER*key*-CMDUSER**-COMMAND**-CODE*"); + + // LDAP Options... + showLDAPGroupName = true; // Show the LDAP group + + // SecurID Options... + showSecurIDGroupName = true; // Show the SecurID group + showSecurIDDuress = true; // Show the SecurID Duress + showSecurIDEncryption = true; // Show the SecurID Encryption + + + // Internal... + retries = 3; + timeout = 3; + port = 0; +} + + +int ScreenOSAuthentication::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + localUserConfig *localUserPointer = 0; + radiusServerConfig *radiusPointer = 0; + tacacsServerConfig *tacacsPointer = 0; + ldapServerConfig *ldapPointer = 0; + securidServerConfig *securidPointer = 0; + authConfig *authPointer = 0; + string tempString; + bool setting = false; + int errorCode = 0; + + // Init + if (strcasecmp(command->part(0), "unset") == 0) + setting = false; + else + setting = true; + + // Admin name... + if (strcmp(command->part(2), "name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdministrator Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + localUserPointer = getUser(command->part(3)); + localUserPointer->privilegeLevel.assign(i18n("Primary Admin")); + } + + // Admin password... + else if (strcmp(command->part(2), "password") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdministrator Password Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Will be the first user... + if (localUser != 0) + { + localUserPointer = localUser; + localUserPointer->adminAccess = true; + localUserPointer->password.assign(device->isEncryptedDictionaryPassword(command->part(3))); + if (localUserPointer->password.empty()) + { + localUserPointer->encryption = netscreenEncryption; + localUserPointer->password.assign(command->part(3)); + device->addJohnPassword(localUserPointer->username.c_str(), localUserPointer->password.c_str()); + } + else + localUserPointer->encryption = clearText; + } + } + + // Users... + else if ((strcmp(command->part(2), "user") == 0) && (strcmp(command->part(4), "password") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sUser Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + localUserPointer = getUser(command->part(3)); + localUserPointer->password.assign(device->isEncryptedDictionaryPassword(command->part(5))); + if (localUserPointer->password.empty()) + { + localUserPointer->encryption = netscreenEncryption; + localUserPointer->password.assign(command->part(5)); + device->addJohnPassword(localUserPointer->username.c_str(), localUserPointer->password.c_str()); + } + else + localUserPointer->encryption = clearText; + + if (strcmp(command->part(6), "privilege") == 0) + { + localUserPointer->privilegeLevel.assign(command->part(7)); + if (strcasecmp(command->part(7), "all") == 0) + localUserPointer->adminAccess = true; + } + else + localUserPointer->privilegeLevel.assign("read-only"); + } + + // Access Attempts... + else if ((strcmp(command->part(2), "access") == 0) && (strcmp(command->part(3), "attempts") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAccess Attempts Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + loginAttempts = atoi(command->part(4)); + } + + // Auth Server... + else if (strcmp(command->part(1), "auth-server") == 0) + { + + // Server name... + if (strcmp(command->part(3), "server-name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sServer Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + serverName.assign(command->part(2)); + address.assign(command->part(4)); + } + + // Backup 1... + else if (strcmp(command->part(3), "backup1") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sBackup1 Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + serverName.assign(command->part(2)); + backup1.assign(command->part(4)); + } + + // Backup 2... + else if (strcmp(command->part(3), "backup2") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sBackup2 Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + serverName.assign(command->part(2)); + backup2.assign(command->part(4)); + } + + // Port... + else if ((strcmp(command->part(4), "port") == 0) || (strcmp(command->part(4), "auth-port") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPort Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + port = atoi(command->part(5)); + } + + // SecurID Encryption... + else if (strcmp(command->part(4), "encr") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSecurID Encryption Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + serverName.assign(command->part(2)); + if (strcmp(command->part(5), "0") == 0) + cn.assign(i18n("*ABBREV*SDI*-ABBREV*")); + else + cn.assign(i18n("*ABBREV*DES*-ABBREV*")); + } + + // LDAP CN... + else if ((strcmp(command->part(3), "ldap") == 0) && (strcmp(command->part(4), "cn") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLDAP CN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + serverName.assign(command->part(2)); + cn.assign(command->part(5)); + } + + // SecurID Duress... + else if ((strcmp(command->part(3), "securid") == 0) && (strcmp(command->part(4), "duress") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSecurID Duress Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + securidPointer = addSecurIDServer(); + securidPointer->groupName.assign(serverName); // If a name is used to group servers... + securidPointer->description.assign(i18n("Primary")); // Primary / Backup... + securidPointer->address.assign(address); // The address + securidPointer->encryption.assign(cn); + if (strcmp(command->part(5), "0") == 0) + securidPointer->duress.assign(i18n("Off")); + else + securidPointer->duress.assign(i18n("On")); + securidPointer->timeout = timeout; // Timeout + securidPointer->retries = retries; + if (port != 0) + securidPointer->port = port; + else + securidPointer->port = 5500; + + if (!backup1.empty()) + { + securidPointer = addSecurIDServer(); + securidPointer->groupName.assign(serverName); // If a name is used to group servers... + securidPointer->description.assign(i18n("Backup 1")); // Primary / Backup... + securidPointer->address.assign(address); // The address + securidPointer->encryption.assign(cn); + if (strcmp(command->part(5), "0") == 0) + securidPointer->duress.assign(i18n("Off")); + else + securidPointer->duress.assign(i18n("On")); + securidPointer->timeout = timeout; // Timeout + securidPointer->retries = retries; + if (port != 0) + securidPointer->port = port; + else + securidPointer->port = 5500; + } + + if (!backup2.empty()) + { + securidPointer = addSecurIDServer(); + securidPointer->groupName.assign(serverName); // If a name is used to group servers... + securidPointer->description.assign(i18n("Backup 2")); // Primary / Backup... + securidPointer->address.assign(address); // The address + securidPointer->encryption.assign(cn); + if (strcmp(command->part(5), "0") == 0) + securidPointer->duress.assign(i18n("Off")); + else + securidPointer->duress.assign(i18n("On")); + securidPointer->timeout = timeout; // Timeout + securidPointer->retries = retries; + if (port != 0) + securidPointer->port = port; + else + securidPointer->port = 5500; + } + + serverName.assign(""); + address.assign(""); + backup1.assign(""); + backup2.assign(""); + cn.assign(""); + retries = 0; + timeout = 0; + port = 0; + } + + // LDAP... + else if ((strcmp(command->part(3), "ldap") == 0) && (strcmp(command->part(4), "dn") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLDAP DN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + ldapPointer = addLDAPServer(); + ldapPointer->groupName.assign(serverName); // If a name is used to group servers... + ldapPointer->description.assign(i18n("Primary")); // Primary / Backup... + ldapPointer->address.assign(address); // The address + ldapPointer->cn.assign(cn); + ldapPointer->dn.assign(command->part(5)); + ldapPointer->timeout = timeout; // Timeout + ldapPointer->retries = retries; + if (port != 0) + ldapPointer->port = port; + else + ldapPointer->port = 389; + + if (!backup1.empty()) + { + ldapPointer = addLDAPServer(); + ldapPointer->groupName.assign(serverName); // If a name is used to group servers... + ldapPointer->description.assign(i18n("Backup 1")); // Primary / Backup... + ldapPointer->address.assign(address); // The address + ldapPointer->cn.assign(cn); + ldapPointer->dn.assign(command->part(5)); + ldapPointer->timeout = timeout; // Timeout + ldapPointer->retries = retries; + if (port != 0) + ldapPointer->port = port; + else + ldapPointer->port = 389; + } + + if (!backup2.empty()) + { + ldapPointer = addLDAPServer(); + ldapPointer->groupName.assign(serverName); // If a name is used to group servers... + ldapPointer->description.assign(i18n("Backup 2")); // Primary / Backup... + ldapPointer->address.assign(address); // The address + ldapPointer->cn.assign(cn); + ldapPointer->dn.assign(command->part(5)); + ldapPointer->timeout = timeout; // Timeout + ldapPointer->retries = retries; + if (port != 0) + ldapPointer->port = port; + else + ldapPointer->port = 389; + } + + serverName.assign(""); + address.assign(""); + backup1.assign(""); + backup2.assign(""); + cn.assign(""); + retries = 0; + timeout = 0; + port = 0; + } + + // TACACS+ Secret... + else if ((strcmp(command->part(3), "tacacs") == 0) && (strcmp(command->part(4), "secret") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTACACS+ Secret Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tacacsPointer = addTacacsServer(); + tacacsPointer->encryption = netscreenEncryption; + tacacsPointer->groupName.assign(serverName); // If a name is used to group servers... + tacacsPointer->description.assign(i18n("Primary")); // Primary / Backup... + tacacsPointer->address.assign(address); // The address + tacacsPointer->key.assign(command->part(5)); // Shared secret + tacacsPointer->timeout = timeout; // Timeout + tacacsPointer->retries = retries; + if (port != 0) + tacacsPointer->port = port; + else + tacacsPointer->port = 49; + device->addJohnPassword("tacacs+", tacacsPointer->key.c_str()); + + if (!backup1.empty()) + { + tacacsPointer = addTacacsServer(); + tacacsPointer->encryption = netscreenEncryption; + tacacsPointer->groupName.assign(serverName); // If a name is used to group servers... + tacacsPointer->description.assign(i18n("Backup 1")); // Primary / Backup... + tacacsPointer->address.assign(backup1); // The address + tacacsPointer->key.assign(command->part(5)); // Shared secret + tacacsPointer->timeout = timeout; // Timeout + tacacsPointer->retries = retries; + if (port != 0) + tacacsPointer->port = port; + else + tacacsPointer->port = 49; + } + + if (!backup2.empty()) + { + tacacsPointer = addTacacsServer(); + tacacsPointer->encryption = netscreenEncryption; + tacacsPointer->groupName.assign(serverName); // If a name is used to group servers... + tacacsPointer->description.assign(i18n("Backup 2")); // Primary / Backup... + tacacsPointer->address.assign(backup2); // The address + tacacsPointer->key.assign(command->part(5)); // Shared secret + tacacsPointer->timeout = timeout; // Timeout + tacacsPointer->retries = retries; + if (port != 0) + tacacsPointer->port = port; + else + tacacsPointer->port = 49; + } + + serverName.assign(""); + address.assign(""); + backup1.assign(""); + backup2.assign(""); + retries = 0; + timeout = 0; + port = 0; + } + + // RADIUS Secret... + else if ((strcmp(command->part(3), "radius") == 0) && (strcmp(command->part(4), "secret") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRADIUS Secret Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + radiusPointer = addRadiusServer(); + radiusPointer->encryption = netscreenEncryption; + radiusPointer->groupName.assign(serverName); // If a name is used to group servers... + radiusPointer->description.assign(i18n("Primary")); // Primary / Backup... + radiusPointer->address.assign(address); // The address + radiusPointer->key.assign(command->part(5)); // Shared secret + radiusPointer->timeout = timeout; // Timeout + radiusPointer->retries = retries; + if (port != 0) + radiusPointer->port = port; + else + radiusPointer->port = 1645; + device->addJohnPassword("radius", radiusPointer->key.c_str()); + + if (!backup1.empty()) + { + radiusPointer = addRadiusServer(); + radiusPointer->encryption = netscreenEncryption; + radiusPointer->groupName.assign(serverName); // If a name is used to group servers... + radiusPointer->description.assign(i18n("Backup 1")); // Primary / Backup... + radiusPointer->address.assign(backup1); // The address + radiusPointer->key.assign(command->part(5)); // Shared secret + radiusPointer->timeout = timeout; // Timeout + radiusPointer->retries = retries; + if (port != 0) + radiusPointer->port = port; + else + radiusPointer->port = 1645; + } + + if (!backup2.empty()) + { + radiusPointer = addRadiusServer(); + radiusPointer->encryption = netscreenEncryption; + radiusPointer->groupName.assign(serverName); // If a name is used to group servers... + radiusPointer->description.assign(i18n("Backup 2")); // Primary / Backup... + radiusPointer->address.assign(backup2); // The address + radiusPointer->key.assign(command->part(5)); // Shared secret + radiusPointer->timeout = timeout; // Timeout + radiusPointer->retries = retries; + if (port != 0) + radiusPointer->port = port; + else + radiusPointer->port = 1645; + } + + serverName.assign(""); + address.assign(""); + backup1.assign(""); + backup2.assign(""); + retries = 0; + timeout = 0; + port = 0; + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + + // Auth Default Server... + else if ((strcmp(command->part(1), "auth") == 0) && (strcmp(command->part(2), "default") == 0) && (strcmp(command->part(3), "auth") == 0) && (strcmp(command->part(4), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDefault Auth Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + authPointer = addMethod(); + authPointer->name.assign(command->part(5)); + authPointer->appliesTo.assign(i18n("Default")); + + if (strcasecmp(command->part(5), "Local") == 0) + authPointer->method = localAuth; + radiusPointer = radiusServer; + while (radiusPointer != 0) + { + if (strcmp(command->part(5), radiusPointer->groupName.c_str()) == 0) + authPointer->method = radiusAuth; + radiusPointer = radiusPointer->next; + } + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + if (strcmp(command->part(5), tacacsPointer->groupName.c_str()) == 0) + authPointer->method = tacacsAuth; + tacacsPointer = tacacsPointer->next; + } + securidPointer = securidServer; + while (securidPointer != 0) + { + if (strcmp(command->part(5), securidPointer->groupName.c_str()) == 0) + authPointer->method = securidAuth; + securidPointer = securidPointer->next; + } + ldapPointer = ldapServer; + while (ldapPointer != 0) + { + if (strcmp(command->part(5), ldapPointer->groupName.c_str()) == 0) + authPointer->method = ldapAuth; + ldapPointer = ldapPointer->next; + } + } + + // Auth Admin Server... + else if ((strcmp(command->part(1), "admin") == 0) && (strcmp(command->part(2), "auth") == 0) && (strcmp(command->part(3), "server") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAdmin Auth Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + authPointer = addMethod(); + authPointer->name.assign(command->part(4)); + authPointer->appliesTo.assign(i18n("Administration")); + + if (strcasecmp(command->part(4), "Local") == 0) + authPointer->method = localAuth; + radiusPointer = radiusServer; + while (radiusPointer != 0) + { + if (strcmp(command->part(4), radiusPointer->groupName.c_str()) == 0) + authPointer->method = radiusAuth; + radiusPointer = radiusPointer->next; + } + tacacsPointer = tacacsServer; + while (tacacsPointer != 0) + { + if (strcmp(command->part(4), tacacsPointer->groupName.c_str()) == 0) + authPointer->method = tacacsAuth; + tacacsPointer = tacacsPointer->next; + } + ldapPointer = ldapServer; + while (ldapPointer != 0) + { + if (strcmp(command->part(4), ldapPointer->groupName.c_str()) == 0) + authPointer->method = ldapAuth; + ldapPointer = ldapPointer->next; + } + securidPointer = securidServer; + while (securidPointer != 0) + { + if (strcmp(command->part(4), securidPointer->groupName.c_str()) == 0) + authPointer->method = securidAuth; + securidPointer = securidPointer->next; + } + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return errorCode; +} + + +int ScreenOSAuthentication::processDefaults(Device *device) +{ + // Variables... + authConfig *authPointer = 0; + + // Create... + if (authMethods == 0) + { + authMethods = new (authConfig); + authPointer = authMethods; + } + else + { + authPointer = authMethods; + while ((authPointer->next != 0) && (authPointer->method != localAuth)) + authPointer = authPointer->next; + if (authPointer->method != localAuth) + { + authPointer->next = new (authConfig); + authPointer = authPointer->next; + } + else + authPointer = 0; + } + + if (authPointer != 0) + { + authPointer->name.assign(i18n("Local")); + authPointer->method = localAuth; // Authentication method (local, tacacs+...) + authPointer->appliesTo.assign(i18n("Default")); + authPointer->next = 0; + } + + return 0; +} diff --git a/libnipper-0.12.6/Juniper-ScreenOS/authentication.h b/libnipper-0.12.6/Juniper-ScreenOS/authentication.h new file mode 100644 index 0000000..bf4bb8a --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/authentication.h @@ -0,0 +1,65 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ScreenOSauthentication_H +#define ScreenOSauthentication_H + + +#include "../device/authentication/authentication.h" + + +class ScreenOSAuthentication : public Authentication +{ + public: + + ScreenOSAuthentication(); + + + // ----------------------------------------------------------------------- + // Standard Device Class Methods... + // ----------------------------------------------------------------------- + + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + + + private: + string serverName; + string address; + string backup1; + string backup2; + int retries; + int timeout; + int port; + string cn; +}; + + +#endif diff --git a/libnipper-0.12.6/Juniper-ScreenOS/banner.cpp b/libnipper-0.12.6/Juniper-ScreenOS/banner.cpp new file mode 100644 index 0000000..4d98793 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/banner.cpp @@ -0,0 +1,121 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "banner.h" + + +ScreenOSBanner::ScreenOSBanner() +{ + // Banner settings... + preLogonBanner = true; // Support Banner(s) Before Logon? + postLogonBanner = true; // Support Banner(s) After Logon? + configPreLogonBanner = i18n("A pre-logon banner message for remote connections to *DEVICETYPE* devices can be configured with the following command:*CODE**COMMAND*set admin auth banner telnet login \"*CMDUSER*banner-message*-CMDUSER*\"*-COMMAND**-CODE*"); // The text that explains how to config a prelogon banner, with commands... + configPostLogonBanner = i18n("A post logon message for administrative connections to *DEVICETYPE* devices can be configured with the following command:*CODE**COMMAND*set admin auth banner secondary \"*CMDUSER*banner-message*-CMDUSER*\"*-COMMAND**-CODE*"); // The text that explains how to config a post logon banner, with commands... +} + + +int ScreenOSBanner::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + bannerStruct *bannerPointer = 0; + string tempBanner; + string tempString; + + if (strcmp(command->part(0), "unset") != 0) + { + + // Telnet... + if ((strcmp(command->part(1), "admin") == 0) && (strcmp(command->part(2), "auth") == 0) && (strcmp(command->part(3), "banner") == 0) && (strcmp(command->part(4), "telnet") == 0) && (strcmp(command->part(5), "login") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sTelnet Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign(i18n("Telnet")); + bannerPointer->description.assign(i18n("The Telnet banner message is presented to Telnet users before they logon and *ABBREV*SSH*-ABBREV* users after logon. The Telnet banner message configured on *DEVICENAME* is:")); + bannerPointer->connectionType = (telnetConnection & sshConnection); + addBannerLine(bannerPointer, command->part(6)); + } + + // Console... + else if ((strcmp(command->part(1), "admin") == 0) && (strcmp(command->part(2), "auth") == 0) && (strcmp(command->part(3), "banner") == 0) && (strcmp(command->part(4), "console") == 0) && (strcmp(command->part(5), "login") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sConsole Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->name.assign(i18n("Console")); + bannerPointer->description.assign(i18n("The Console banner message is presented to users before they logon. The message configured on *DEVICENAME* is:")); + bannerPointer->connectionType = (consoleConnection); + addBannerLine(bannerPointer, command->part(6)); + } + + // Secondary... + else if ((strcmp(command->part(1), "admin") == 0) && (strcmp(command->part(2), "auth") == 0) && (strcmp(command->part(3), "banner") == 0) && (strcmp(command->part(4), "secondary") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSecondary Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + bannerPointer = addBanner(); + bannerPointer->banner = postLogon; + bannerPointer->name.assign(i18n("Secondary")); + bannerPointer->description.assign(i18n("The secondary banner message is presented to users after they logon for Telnet *ABBREV*SSH*-ABBREV* and Console connections. The message configured on *DEVICENAME* is:")); + bannerPointer->connectionType = (telnetConnection & sshConnection & consoleConnection); + + tempBanner.assign(command->part(5)); + while (tempBanner.find("\\n") != tempBanner.npos) + { + tempString.assign(tempBanner.substr(0, tempBanner.find_first_of("\\n"))); + tempBanner.erase(0, tempBanner.find_first_of("\\n") + 2); + addBannerLine(bannerPointer, tempString.c_str()); + } + addBannerLine(bannerPointer, tempBanner.c_str()); + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + diff --git a/libnipper-0.12.6/Juniper-ScreenOS/banner.h b/libnipper-0.12.6/Juniper-ScreenOS/banner.h new file mode 100644 index 0000000..4d7b830 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/banner.h @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ScreenOSbanner_H +#define ScreenOSbanner_H + + +#include "../device/banner/banner.h" + + +class ScreenOSBanner : public Banner +{ + public: + + ScreenOSBanner(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Juniper-ScreenOS/device.cpp b/libnipper-0.12.6/Juniper-ScreenOS/device.cpp new file mode 100644 index 0000000..b089107 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/device.cpp @@ -0,0 +1,398 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" +#include "administration.h" +#include "banner.h" +#include "snmp.h" +#include "filter.h" +#include "dns.h" +#include "authentication.h" +#include "interfaces.h" + + +ScreenOSDevice::ScreenOSDevice() +{ + deviceMake = "Juniper"; + deviceType = "NetScreen"; + deviceOS = "ScreenOS"; + + general = new (ScreenOSGeneral); + administration = new (ScreenOSAdministration); + banner = new (ScreenOSBanner); + snmp = new (ScreenOSSNMP); + filter = new (ScreenOSFilter); + dns = new (ScreenOSDNS); + authentication = new (ScreenOSAuthentication); + interfaces = new (ScreenOSInterfaces); + + isFirewall = true; // Set to true if it is a firewall +} + + +ScreenOSDevice::~ScreenOSDevice() +{ + delete general; + delete administration; + delete banner; + delete snmp; + delete filter; + delete dns; + delete authentication; + delete interfaces; +} + +Device::encryptDictionaryStruct builtinencdict13 = {"nBh1JgrWI8BMcxVE1sfD3ZHtPvNqOn", "administrator", 0}; +Device::encryptDictionaryStruct builtinencdict12 = {"nIEXLGrQKPGFclpK2srC+GItLBIaYn", "administrator", &builtinencdict13}; +Device::encryptDictionaryStruct builtinencdict11 = {"nEgTC0rULyNDcfOHZsFDJSAtfiPqWn", "password", &builtinencdict12}; +Device::encryptDictionaryStruct builtinencdict10 = {"nJBnMRrmG7cFc3ALdsWMLIKtWHC4ln", "administrator", &builtinencdict11}; +Device::encryptDictionaryStruct builtinencdict9 = {"nL1kB1ryFpdIcuHBksgKNQLttDFjCn", "supervisor", &builtinencdict10}; +Device::encryptDictionaryStruct builtinencdict8 = {"nA0XKervNIgBctzLBsjNKyEtOcM5an", "admin", &builtinencdict9}; +Device::encryptDictionaryStruct builtinencdict7 = {"nFR1M7r3PBEHcA0FWs1JJ8LtBTOHIn", "netscreen", &builtinencdict8}; +Device::encryptDictionaryStruct builtinencdict6 = {"nDQFBzrfECTDcLFD7sRA2kMtP4FNwn", "password", &builtinencdict7}; +Device::encryptDictionaryStruct builtinencdict5 = {"nH/vDirbE5GBcjdGoslAEBBtHFA6En", "admin", &builtinencdict6}; +Device::encryptDictionaryStruct builtinencdict4 = {"nMjFM0rdC9iOc+xIFsGEm3LtAeGZhn", "password", &builtinencdict5}; +Device::encryptDictionaryStruct builtinencdict3 = {"nO8gOKrtJ/YMclhNlsoJCrCtllAL7n", "admin", &builtinencdict4}; +Device::encryptDictionaryStruct builtinencdict2 = {"nDC0GjreNnlGcIPHTsGOUAFt6BJZdn", "password", &builtinencdict3}; +Device::encryptDictionaryStruct builtinencdict1 = {"nKv3LvrdAVtOcE5EcsGIpYBtniNbUn", "netscreen", &builtinencdict2}; +Device::encryptDictionaryStruct builtinencdict = {"nKVUM2rwMUzPcrkG5sWIHdCtqkAibn", "netscreen", &builtinencdict1}; + + +int ScreenOSDevice::processDevice() +{ + // Variables... + char line[1024]; + ConfigLine command; + unsigned int tempInt = 0; + int tempVersion = 0; + + // Set encrypted dictionary... + encryptedDictionary = &builtinencdict; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Hostname (in general)... + if (strcasecmp(command.part(1), "hostname") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Admin... + else if (strcasecmp(command.part(1), "admin") == 0) + { + + // Auth... + if (strcasecmp(command.part(2), "auth") == 0) + { + + // Banners... + if (strcasecmp(command.part(3), "banner") == 0) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Server... + if (strcasecmp(command.part(3), "server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + // HTTP Redirect... + else if ((strcasecmp(command.part(2), "http") == 0) && (strcasecmp(command.part(3), "redirect") == 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Manager IP... + else if (strcasecmp(command.part(2), "manager-ip") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Access Attempts... + else if (strcasecmp(command.part(2), "access") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Admin logon... + else if (strcasecmp(command.part(2), "name") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Password logon... + else if (strcasecmp(command.part(2), "password") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Users... + else if (strcasecmp(command.part(2), "user") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SSH... + else if ((strcasecmp(command.part(2), "ssh") == 0) && (strcasecmp(command.part(3), "password") == 0)) + { + + // SSH server port... + if (strcasecmp(command.part(4), "port") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + // Telnet Port... + else if ((strcasecmp(command.part(2), "telnet") == 0) && (strcasecmp(command.part(3), "port") == 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + // Address... + else if (strcasecmp(command.part(1), "address") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Service... + else if (strcasecmp(command.part(1), "service") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Group... + else if (strcasecmp(command.part(1), "group") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Policy... + else if (strcasecmp(command.part(1), "policy") == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Auth Server... + else if (strcasecmp(command.part(1), "auth-server") == 0) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Auth Default... + else if ((strcasecmp(command.part(1), "auth") == 0) && (strcasecmp(command.part(2), "default") == 0)) + authentication->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SNMP (in SNMP)... + else if (strcasecmp(command.part(1), "snmp") == 0) + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Interfaces... + else if (strcasecmp(command.part(1), "interface") == 0) + { + + // zone... + if (strcasecmp(command.part(3), "zone") == 0) + { + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + } + + // disable... + else if ((strcasecmp(command.part(3), "disable") == 0) || (strcasecmp(command.part(3), "shutdown") == 0)) + { + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + } + + // ip... + else if (strcasecmp(command.part(3), "ip") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // description... + else if (strcasecmp(command.part(3), "description") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // manage... + else if (strcasecmp(command.part(3), "manage") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + // SSH... + else if (strcasecmp(command.part(1), "ssh") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SSL... + else if (strcasecmp(command.part(1), "ssl") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Console... + else if (strcasecmp(command.part(1), "console") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SCP... + else if (strcasecmp(command.part(1), "scp") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // NetScreen Security Manager... + else if (strcasecmp(command.part(1), "nsmgmt") == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Domain... + else if (strcasecmp(command.part(1), "domain") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // DNS... + else if (strcasecmp(command.part(1), "dns") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Possible hostname... + else if ((command.part(0)[strlen(command.part(0)) -2] == '-') && (command.part(0)[strlen(command.part(0)) - 1] == '>')) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + if ((authentication->localUser == 0) && (config->deviceTypeChecks == true)) + return libnipper_error_wrongdevice; + + // Sort out any specified version... + if (config->osVersion != 0) + { + if (strlen(config->osVersion) > 0) + { + general->version.assign(config->osVersion); + + // Version Major... + tempVersion = atoi(config->osVersion); + if ((tempVersion != 0) || (config->osVersion[0] == '0')) + { + general->versionMajor = tempVersion; + tempInt = 0; + while ((tempInt < strlen(config->osVersion)) && (config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Minor... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionMinor = tempVersion; + general->noMinor = false; + + while ((tempInt < strlen(config->osVersion)) && (config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Revision... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionRevision = tempVersion; + general->noRevision = false; + + while ((tempInt < strlen(config->osVersion)) &&(config->osVersion[tempInt] > '/') && (config->osVersion[tempInt] < ':')) + tempInt++; + + // Version Tweak... + if (tempInt < strlen(config->osVersion)) + { + tempInt++; + tempVersion = atoi(config->osVersion + tempInt); + if ((tempVersion != 0) || (config->osVersion[tempInt] == '0')) + { + general->versionTweak = tempVersion; + general->noTweak = false; + } + } + } + } + } + } + } + } + } + + return 0; +} + + +bool ScreenOSDevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + int count = 0; + int returnCode = 0; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (count < 2)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if (strcmp(command.part(0), "set") == 0) + { + if (strcmp(command.part(1), "admin") == 0) + { + if (strcmp(command.part(2), "name") == 0) + count++; + + else if (strcmp(command.part(2), "password") == 0) + count++; + } + } + } + fclose(inputFile); + + if (count == 2) + return true; + else + return false; +} + diff --git a/libnipper-0.12.6/Juniper-ScreenOS/device.h b/libnipper-0.12.6/Juniper-ScreenOS/device.h new file mode 100644 index 0000000..e7d3b8d --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/device.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_ScreenOS_H +#define device_ScreenOS_H + + +#include "../device/device.h" + + +class ScreenOSDevice : public Device +{ + public: + ScreenOSDevice(); + ~ScreenOSDevice(); + + int processDevice(); + bool isDeviceType(); +}; + + +#endif diff --git a/libnipper-0.12.6/Juniper-ScreenOS/dns.cpp b/libnipper-0.12.6/Juniper-ScreenOS/dns.cpp new file mode 100644 index 0000000..924f29c --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/dns.cpp @@ -0,0 +1,172 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "dns.h" + + +ScreenOSDNS::ScreenOSDNS() +{ + nameMappingConfig = i18n("*DEVICETYPE* devices can be configured to resolve name to address mappings. This section details those settings."); // The text paragraph in the config section + + // Host configuration + showInterface = true; // Are interfaces supported? + + // DNS Client Settings + dnsClientSupported = true; // DNS Client Supported? + dnsLookupEnabled = false; // DNS lookups enabled? + disableLookup = ""; // The text and commands to disable DNS lookup + dnsRetries = 0; // DNS lookup retries + dnsRetriesSupported = false; // DNS lookup retries Supported? + dnsTimeout = 0; // DNS timeout + dnsTimeoutSupported = false; // DNS timeout Supported? + + // DNS Server Options... + dnsRecordKeepAliveSupported = false; // Is the DNS keep Alive message type supported? + returnRecordsSupported = false; // Is the single/multiple record field supported? + dynamicDNSSupported = true; // Is Dynamic DNS Supported? + dnsServerSupported = true; // Is DNS Server Supported? + dnsServiceEnabled = false; // Is the DNS service enabled? + dynamicDNSEnabled = false; // Is dynamic DNS enabled? + dnsProxySupported = true; // Is DNS Proxy Server Supported? + dnsProxyEnabled = false; // Is the DNS Proxy service enabled? + dnsPort = 53; // DNS Server Port +} + + +int ScreenOSDNS::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + dnsRecordConfig *recordPointer = 0; + dnsConfig *dnsPointer = 0; + bool setting = false; + int tempInt = 0; + + // Init + tempInt = 2; + if (strcasecmp(command->part(0), "unset") == 0) + setting = false; + else + setting = true; + + // Domain... + if (strcasecmp(command->part(1), "domain") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDomain Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + dnsDomain.assign(command->part(2)); + } + + // DNS Host Record... + else if ((strcasecmp(command->part(tempInt), "host") == 0) && (strcasecmp(command->part(tempInt + 1), "name") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Record Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + + if (setting == true) + { + recordPointer = addDNSRecord(); + recordPointer->recordType.assign("A"); + recordPointer->address.assign(command->part(5)); + recordPointer->name.assign(command->part(4)); + } + } + + // DNS server... + else if ((strcasecmp(command->part(2), "host") == 0) && (strncasecmp(command->part(3), "dns", 3) == 0) && (strcasecmp(command->part(4), "0.0.0.0") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + { + dnsPointer = addDNSServer(command->part(4)); + switch (command->part(3)[3]) + { + case '1': + dnsPointer->description.assign(i18n("Primary")); + break; + case '2': + dnsPointer->description.assign(i18n("Secondary")); + break; + default: + dnsPointer->description.assign(i18n("Tertiary")); + break; + } + if (strcasecmp(command->part(5), "src-interface") == 0) + dnsPointer->interface.assign(command->part(6)); + } + } + + // Proxy... + else if ((strcasecmp(command->part(2), "proxy") == 0) && (strcasecmp(command->part(3), "enable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Proxy Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + dnsProxyEnabled = true; + } + + // Dynamic DNS... + else if ((strcasecmp(command->part(2), "ddns") == 0) && (strcasecmp(command->part(3), "enable") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDynamic DNS Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (setting == true) + dynamicDNSEnabled = true; + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int ScreenOSDNS::processDefaults(Device *device) +{ + if ((dnsProxyEnabled == true) || (dnsRecord != 0)) + dnsServiceEnabled = true; + + return 0; +} + diff --git a/libnipper-0.12.6/Juniper-ScreenOS/dns.h b/libnipper-0.12.6/Juniper-ScreenOS/dns.h new file mode 100644 index 0000000..c88a4b4 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/dns.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ScreenOSDNS_H +#define ScreenOSDNS_H + + +#include "../device/dns/dns.h" + + +class ScreenOSDNS : public DNS +{ + public: + + ScreenOSDNS(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Juniper-ScreenOS/filter.cpp b/libnipper-0.12.6/Juniper-ScreenOS/filter.cpp new file mode 100644 index 0000000..157982c --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/filter.cpp @@ -0,0 +1,916 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../device/common/configline.h" +#include "../globaldefs.h" +#include "device.h" +#include "filter.h" + + +ScreenOSFilter::ScreenOSFilter() +{ + // Policy list type descriptions... + intrazoneTitle = i18n("Intrazone Policy"); + intrazoneDescription = i18n("An intrazone policy defines the network traffic that is permitted between two seperate interfaces bound to the same zone."); + interzoneTitle = i18n("Interzone Policy"); + interzoneDescription = i18n("An interzone policy defines the network traffic that is permitted between different zones."); + globalzoneTitle = i18n("Global Policy"); + globalzoneDescription = i18n("The global policy defines the network traffic that is permitted between addresses in the global zone."); + serviceObjectTitle = i18n("Service Objects"); + serviceObjectDescription = i18n("Service objects are used to defined specific protocols, source and destination ports for a named service. The service objects can then be used in a policy rule, either directly or through a service group definition. *DEVICETYPE* devices have a number of predefined service objects, or custom service objects can be created. This section details the custom service objects and any predefined objects that are used in the firewall policy rules."); + serviceGroupObjectTitle = i18n("Service Object Group"); + serviceGroupObjectDescription = i18n("Service object groups are used to group service objects. Once service objects have been grouped they can be used within policy rules using the service group name."); + addressGroupObjectTitle = i18n("Address Object Group"); + addressGroupObjectDescription = i18n("Address object groups are used to group a zones address book entries. When policy rules are defined, to ease administration, multiple addresses can be referenced using the address group name rather than individually."); + addressObjectListTitle = i18n("Security Zone Address Book"); + addressObjectListDescription = i18n("The security zone address books define hosts and networks for a security zone. These addresses can then be used within the policy rule configuration."); + + // Filter device options... + logLevelsSupported = false; // Are log Levels supported + logOnlyDenySupported = false; // Is only Deny rule logging supported + noAccessWithoutFilters = true; // Is access not granted if no filters are configured + filterSupportsInstalled = false; // If filtering supports installed (i.e. CheckPoint) + filterSupportsThrough = false; // If a filtering supports through (i.e. CheckPoint) + rejectRulesSupported = true; // If reject rules are supported + bypassRulesSupported = false; // If bypass rules are supported + defaultRulesSupported = false; // If default rules are supported + ruleListsAreAssigned = false; // Rule lists are assigned to specific elements + allowName = i18n("Permit"); // The name given to an allowed filter + denyName = i18n("Deny"); // The name given to a denied filter + rejectName = i18n("Reject"); // The name given to a rejected filter + filterConfigTitle = i18n("Security Zone Policy Configuration"); // The Title for the configuration report section + filterConfigText = i18n("A policy is a set of rules that will determine whether traffic between security zones (interzone), between interfaces in the same zone (intrazone) or between addresses in the global zone are permitted or denied. Each interface can be assigned to a different security zone, and multiple interfaces can be assigned to a single security zone."); // The device specific configuration report section text + filterConfigText2 = i18n("The policy is processed by *DEVICETYPE* devices from the top to the bottom with the first policy rule that applies taking effect. If no rule matches, the default policy will take effect, which is set to deny by default on *DEVICETYPE*. Policies are applied in the following order:"); // The device specific configuration report section text2 + useFilterID = true; // Use the filter ID to identify a filter (otherwise a line no. is used) + filterIDTitle = i18n("Rule"); // The title for the filter ID/line no. table column + filterListName = i18n("policy list"); // The name of the filter list, for use in text paragraphs + filterListNameTitle = i18n("Policy list"); // The name of the filter list, for use in titles + filterListNamePlaural = i18n("policy lists"); // The name of the filter list, for use in text paragraphs + filterTitle = i18n("Rule"); // The name of a filter, for use in titles + filterTitlePlaural = i18n("Rules"); // The name of a filter, for use in titles + filterName = i18n("rule"); // The name of a filter, for use use in text paragraph + filterNamePlaural = i18n("rules"); // The name of a filter, for use use in text paragraph + + // Issue titles... + allowAndNotLogIssue = i18n("All Permit Rules Do Not Log"); // The title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogTable = i18n("Permit rules that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogConcl = i18n("all permit rules do not log"); // The conclusions text for the "All Allow Rules Do Not Log" issue + allowAndNotLogReco = i18n("Configure logging for all rules"); // The recommendations text for the "All Allow Rules Do Not Log" issue + denyAndNotLogIssue = i18n("All Deny Rules Do Not Log"); // The title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogTable = i18n("Deny rules that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogConcl = i18n("all deny rules do not log"); // The conclusions text for the "All Allow Rules Do Not Log" issue + configRuleLogging = i18n(""); // The text describing how to configure logging for filter rules + noFilteringIssue = i18n("No Filtering Rules Were Configured"); // The title text for the "No filtering" issue + noFilteringRec = i18n("Configure network filtering"); // The title text for the "No filtering" recommendation + noFilteringCon = i18n("no network filtering was configured"); // The title text for the "No filtering" conclusion + legacyIssueFinding = i18n(""); // The finding for the legacy issue + legacyIssueImpact = i18n(""); // The impact for the legacy issue + legacyIssueEase = i18n(""); // The ease for the legacy issue + legacyIssueRec = i18n(""); // The recommendation for the legacy issue + allowAnythingTable = i18n("rules allow any access"); // The allow anything table title text + allowWeakTable = i18n("rules provide weak filtering"); // Weak source/service/destination/service table title text + allowAnyAnyAnyTable = i18n("rules allow any host to any destination and service"); // The allow any source, destination and service table title text + allowWeakWeakWeakTable = i18n("rules provide weak filtering of source, destination and service"); // The allow weak source, destination and service table title text + allowAnyServiceAnyTable = i18n("rules allow any source port to any destination and service"); // The allow any source port, destination and service table title text + allowWeakServiceAnyTable = i18n("rules provide weak filtering of source port to destination and service"); // The allow weak source, destination and service table title text + allowAnyAnyTable = i18n("rules allow any source to any destination"); // The allow any source, destination table title text + allowAnyAnyServiceTable = i18n("rules allow any source to any destination service"); // The allow any source, destination service table title text + allowAnyDestServiceTable = i18n("rules allow any destination and service"); // The allow any destination and service table title text + allowAnyPortDestTable = i18n("rules allow any source port to any destination address"); // The allow any source port to any destination table title text + allowAnyPortServiceTable = i18n("rules allow any source port to any destination service"); // The allow any source port to any dest service table title text + allowWeakWeakTable = i18n("rules permit weak filtering of source and destination addresses"); // The allow weak source, destination addresses + allowWeakWeakServiceTable = i18n("rules permit weak source addresses and destination services"); // The allow weak source, destination service table title text + allowDestAndServiceTable = i18n("rules permit weak destination addresses and services");// The allow weak destination and service table title text + allowWeakPortDestTable = i18n("rules permit weak source ports and destination"); // The allow weak source port to Destination table title text + allowWeakPortServiceTable = i18n("rules permit weak source ports and destination services"); // The allow weak source port to service table title text + allowAnySourceTable = i18n("rules permit from any source address"); // The allow any source address table title text + allowNetSourceTable = i18n("rules permit from a network source address"); // The allow a network source address table title text + allowAnyPortTable = i18n("rules permit from any source port"); // The allow any source port table title text + allowRangePortTable = i18n("rules permit from a source port range"); // The allow range source port table title text + allowAnyDestTable = i18n("rules permit to any destination"); // The allow any destination table title text + allowNetDestTable = i18n("rules permit to a network destination"); // The allow a network destination table title text + allowToAnyDestServiceTable = i18n("rules permit to any destination service"); // The allow any destination service table title text + allowToNetDestServiceTable = i18n("rules permit to a destination service range"); // The allow a destination service range table title text + bypassContentFilterCon = i18n("rules are configured that bypass the content filtering"); // Bypass filter conclusion text + bypassContentFilterRec = i18n("Connfigure rules not to bypass the content filtering"); // Bypass filter recommendation text + defaultFilterCon = i18n("rules are configured to default to the ports filtering action"); // Default filter conclusion text + defaultFilterRec = i18n("Configure rules not to default to the ports filtering action");// Default filter recommendation text + rejectSecurityIssueTitle = i18n("Reject rules Are Configured"); // Reject filter title text + securityRejectTextCon = i18n("rules are configured that reject network traffic"); // Reject filter conclusion text + securityRejectTextRec = i18n("Configure rules to deny rather than reject network traffic"); // Reject filter recommendation text + clearTextServiceCon = i18n("rules were configured that permit access to clear text protocol services"); // Clear Text Service conclusions text + clearTextServiceRec = i18n("Configure rules to deny access to any clear text protocol services"); // Clear Text Service recommendations text2 + configureFilterListRecIssueText = i18n(""); // The text and commands to configure a filter list + configureFilterRecIssueText = i18n("A *DEVICETYPE* device policy rule can be configured with the following command:*CODE**COMMAND*set policy from *CMDUSER*src-zone*-CMDUSER* to *CMDUSER*dst-zone*-CMDUSER* *CMDUSER*source*-CMDUSER* *CMDUSER*dest*-CMDUSER* *CMDUSER*service*-CMDUSER* *CMDOPTION*permit *CMDOR* deny*-CMDOPTION**-COMMAND**-CODE*"); // The text and commands to configure a filter + unnecessaryServiceCon = i18n("rules were configured that permit access to potentially unnecessary services"); // Unnecessary Service conclusions text + unnecessaryServiceRec = i18n("Configure rules to deny access to any unnecessary services"); // Unnecessary Service recommendations text2 + filtersWithNoCommentsTitle = i18n("Not All Rules Include Comments"); // Filters with no comments title text + noFilterCommentsCon = i18n("not all rules include comment text indicating their purpose"); // The no comments conclusion text + noFilterCommentsRec = i18n("Configure comment text for all rules"); // The no comments recommendation text + configureFilterCommentText = i18n(""); // The text and commands to configure a filters comment text + disabledFiltersTitle = i18n("Disabled Rules Were Configured"); // The disabled filter issues title text + removeFilterText = i18n(""); // The commands and text to delete a filter + disabledFilterCon = i18n("disabled rules were configured"); // The disabled filter conclusion text + disabledFilterRec = i18n("Remove all disabled rules"); // The disabled filter recommendation text + defaultActionIssueTitle = i18n("The Default Network Filtering Action Permits Access"); // The default filter action issue title + defaultActionIssueCon = i18n("the default policy list action was configured to permit access when a rule does not match"); // The default filter action conclusion text + defaultActionIssueRec = i18n("Set the default policy list action to deny network traffic"); // The default filter action recommendation text + configureDefaultActionText = i18n(""); // The text and commands to configure the default action + unusedFiltersIssueTitle = i18n("Unused Rules Were Configured At The Policy Lists End"); // Unused filters at the end of the filter list title + unusedFiltersIssueCon = i18n("unused Rules were configured at the end of the policy lists"); // Unused filters issue conclusions text + unusedFiltersIssueRec = i18n("Remove all unused rules"); // Unused filters issue recommendation text + denyAllLogIssueTitle = i18n("Policy List Does Not End with Deny All And Log"); // Deny All And Log Issue title + denyAllLogConfigure = i18n(""); // The text and commands to add a deny all and log line + denyAllLogIssueCon = i18n("not all Policy Lists end with a deny all and log "); // The deny all and log conclusions text + denyAllLogIssueRec = i18n("Configure a deny all and log rule as the last rule in each policy list"); // The deny all and log recommendations text + contradictIssueTitle = i18n("Contradicting Rules Were Configured"); // The contradict issue title + contradictIssueTable = i18n("contradictions of rule"); // The contradict table issue title + contradictIssueCon = i18n("rules were configured that contradict other rules"); // The contradict issue conclusion + contradictIssueRec = i18n("Reconfigure the rules so they do not contradict other rule"); // The contradict issue recommendation + duplicateIssueTitle = i18n("Duplicate Rules Were Configured"); // The duplicate/overlapping issue title + duplicateIssueTable = i18n("duplicates of rule"); // The duplicate/overlapping issue title + duplicateIssueCon = i18n("rules were configured that duplicate the configuration of other rules"); // The duplicate/overlapping issue title + duplicateIssueRec = i18n("Reconfigure the Rules so that the rules do not duplicate other Rules"); // The duplicate/overlapping issue title + +} + + +ScreenOSFilter::~ScreenOSFilter() +{ +} + + +int ScreenOSFilter::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + filterListConfig *filterListPointer = 0; + filterConfig *filterPointer = 0; + filterObjectConfig *objectPointer = 0; + filterObjectConfig *objectSubPointer = 0; + netObjectListConfig *objectListPointer = 0; + int tempInt = 0; + int policyId = 0; + bool globalzone = false; + string policyName; + string tempString; + + // Policy... + if (strcasecmp(command->part(1), "policy") == 0) + { + tempInt = 2; + + // Global + if (strcasecmp(command->part(tempInt), "global") == 0) + { + globalzone = true; + tempInt++; + } + + // Policy id + if (strcasecmp(command->part(tempInt), "id") == 0) + { + tempInt++; + policyId = atoi(command->part(tempInt)); + tempInt++; + } + + // Policy name + if (strcasecmp(command->part(tempInt), "name") == 0) + { + tempInt++; + policyName.assign(command->part(tempInt)); + tempInt++; + } + + // From / To... + if ((strcasecmp(command->part(tempInt), "from") == 0) && (strcasecmp(command->part(tempInt + 2), "to") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy From/To Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + + // Create list and filter... + filterListPointer = getFilterList(command->part(tempInt), command->part(tempInt + 2)); + filterListPointer->name.assign(command->part(tempInt)); + tempInt += 2; + filterListPointer->to.assign(command->part(tempInt)); + if (globalzone == true) + { + filterListPointer->globalFilter = true; + filterListPointer->type = globalzoneTitle; + filterListPointer->typeDescription = globalzoneDescription; + } + else if (strcasecmp(command->part(tempInt), command->part(tempInt + 2)) == 0) + { + filterListPointer->type = intrazoneTitle; + filterListPointer->typeDescription = intrazoneDescription; + } + else + { + filterListPointer->type = interzoneTitle; + filterListPointer->typeDescription = interzoneDescription; + } + filterListPointer->loggingSupport = true; + filterListPointer->supportsTime = true; + filterListPointer->sourceServiceSupported = false; + filterListPointer->disabledFilterSupport = true; + filterListPointer->showProtocol = false; + tempInt++; + filterPointer = getFilter(policyId, filterListPointer); + + // Source... + objectPointer = addFilterObject(filterPointer, source); + if (strcasecmp(command->part(tempInt), "Any") == 0) + { + objectPointer->name.assign(i18n("Any")); + objectPointer->type = anyObject; + } + else + { + objectPointer->name.assign(command->part(tempInt)); + objectPointer->type = groupObject; + objectPointer->serviceOper = Filter::serviceOperEqual; + } + tempInt++; + + // Destination... + objectPointer = addFilterObject(filterPointer, destination); + if (strcasecmp(command->part(tempInt), "Any") == 0) + { + objectPointer->name.assign(i18n("Any")); + objectPointer->type = anyObject; + } + else + { + objectPointer->name.assign(command->part(tempInt)); + objectPointer->type = groupObject; + objectPointer->serviceOper = Filter::serviceOperEqual; + } + tempInt++; + + // Destination Service... + objectPointer = addFilterObject(filterPointer, destinationService); + if (strcasecmp(command->part(tempInt), "ANY") == 0) + { + objectPointer->name.assign(i18n("Any")); + objectPointer->type = anyObject; + } + else + { + objectPointer->name.assign(command->part(tempInt)); + objectPointer->serviceOper = Filter::serviceOperEqual; + objectPointer->type = groupObject; + } + tempInt++; + + // Action... + if (strcasecmp(command->part(tempInt), "permit") == 0) + filterPointer->action = allowAction; + else if (strcasecmp(command->part(tempInt), "deny") == 0) + filterPointer->action = denyAction; + else if (strcasecmp(command->part(tempInt), "reject") == 0) + filterPointer->action = rejectAction; + else if (strcasecmp(command->part(tempInt), "nat") == 0) + { + filterPointer->action = natAction; + return 0; + } + else if (strcasecmp(command->part(tempInt), "tunnel") == 0) + { + filterPointer->action = tunnelAction; + return 0; + } + tempInt++; + + while (tempInt < command->parts) + { + + // Log + if (strcasecmp(command->part(tempInt), "log") == 0) + filterPointer->log = true; + + tempInt++; + } + } + + // Disable + else if (strcasecmp(command->part(tempInt), "disable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Disable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer = getFilter(policyId); + if (filterPointer != 0) + filterPointer->enabled = false; + } + + // Policy Context + else if (tempInt == command->parts) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Context Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer = getFilter(policyId); + if (filterPointer != 0) + { + while ((strcasecmp(command->part(0), "exit") != 0) && (feof(device->inputFile) == 0)) + { + + // Read a line from the config... + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + + // Name + if (strcasecmp(command->part(1), "name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->name.assign(command->part(2)); + } + + // Log + else if (strcasecmp(command->part(1), "log") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Log Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer->log = true; + } + + // Destination + else if (strcasecmp(command->part(1), "dst-address") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Destination Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, destination); + objectPointer->name.assign(command->part(2)); + objectPointer->type = groupObject; + objectPointer->serviceOper = Filter::serviceOperEqual; + } + + // Source + else if (strcasecmp(command->part(1), "src-address") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Source Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, source); + objectPointer->name.assign(command->part(2)); + objectPointer->type = groupObject; + objectPointer->serviceOper = Filter::serviceOperEqual; + } + + // Service + else if (strcasecmp(command->part(1), "service") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Service Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectPointer = addFilterObject(filterPointer, destinationService); + objectPointer->name.assign(command->part(2)); + objectPointer->type = groupObject; + objectPointer->serviceOper = Filter::serviceOperEqual; + } + + else if (strcasecmp(command->part(0), "exit") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Context End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + } + + // NOT PROCESSED... + else + device->lineNotProcessed(line); + } + } + } + + // All others... + else + device->lineNotProcessed(line); + } + + // Service... + else if ((strcasecmp(command->part(1), "service") == 0) && (strcasecmp(command->part(3), "timeout") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer = getObjectList("Custom service objects"); + objectListPointer->type = enhancedServiceObject; + objectListPointer->title = serviceObjectTitle; + objectListPointer->description = serviceObjectDescription; + if (strcasecmp(command->part(3), "protocol") == 0) + tempInt = 4; + else + tempInt = 3; + + // Add service object + objectPointer = addObject(objectListPointer); + objectPointer->name.assign(command->part(2)); + objectPointer->type = enhancedServiceObject; + + // Add protocol + objectSubPointer = addObject(objectPointer, protocol); + if (strcasecmp(command->part(tempInt), "icmp") == 0) + { + objectSubPointer->type = icmpObject; + tempInt += 2; + objectSubPointer->name.assign(command->part(tempInt)); + tempInt += 2; + objectSubPointer->netmask.assign(command->part(tempInt)); + } + else if (strcasecmp(command->part(tempInt), "ms-rpc") == 0) + { + objectSubPointer->type = rpcObject; + tempInt += 2; + objectSubPointer->name.assign(i18n("*ABBREV*MS*-ABBREV*-*ABBREV*RPC*-ABBREV*")); + objectSubPointer->netmask.assign(command->part(tempInt)); + } + else if (strcasecmp(command->part(tempInt), "sun-rpc") == 0) + { + objectSubPointer->type = rpcObject; + tempInt += 2; + objectSubPointer->name.assign(i18n("*ABBREV*RPC*-ABBREV*")); + objectSubPointer->netmask.assign(command->part(tempInt)); + } + else + { + objectSubPointer->type = protocolObject; + if (strcasecmp(command->part(tempInt), "tcp") == 0) + objectSubPointer->name.assign(i18n("*ABBREV*TCP*-ABBREV*")); + else if (strcasecmp(command->part(tempInt), "udp") == 0) + objectSubPointer->name.assign(i18n("*ABBREV*UDP*-ABBREV*")); + else + { + objectSubPointer->name.assign(device->getProtocol(atoi(command->part(tempInt)))); + if (objectSubPointer->name.empty()) + objectSubPointer->name.assign(command->part(tempInt)); + } + tempInt++; + + while (tempInt < command->parts) + { + if (strcasecmp(command->part(tempInt), "src-port") == 0) + { + objectSubPointer = addObject(objectPointer, sourceService); + objectSubPointer->type = portObject; + tempInt++; + tempString.assign(command->part(tempInt)); + if (tempString.compare("0-65535") == 0) + { + objectSubPointer->name.assign("0"); + objectSubPointer->netmask.assign("65535"); + objectSubPointer->serviceOper = serviceOperAny; + } + else + { + objectSubPointer->name.assign(tempString.substr(0, tempString.find("-"))); + objectSubPointer->netmask.assign(tempString.substr(tempString.find("-") + 1)); + if (objectSubPointer->name.compare(objectSubPointer->netmask) != 0) + objectSubPointer->serviceOper = serviceOperRange; + else + { + objectSubPointer->serviceOper = Filter::serviceOperEqual; + objectSubPointer->netmask.assign(""); + } + } + } + + else if (strcasecmp(command->part(tempInt), "dst-port") == 0) + { + objectSubPointer = addObject(objectPointer, destinationService); + objectSubPointer->type = portObject; + tempInt++; + tempString.assign(command->part(tempInt)); + if (tempString.compare("0-65535") == 0) + { + objectSubPointer->name.assign("0"); + objectSubPointer->netmask.assign("65535"); + objectSubPointer->serviceOper = serviceOperAny; + } + else + { + objectSubPointer->name.assign(tempString.substr(0, tempString.find("-"))); + objectSubPointer->netmask.assign(tempString.substr(tempString.find("-") + 1)); + if (objectSubPointer->name.compare(objectSubPointer->netmask) != 0) + objectSubPointer->serviceOper = serviceOperRange; + else + { + objectSubPointer->serviceOper = Filter::serviceOperEqual; + objectSubPointer->netmask.assign(""); + } + } + } + + tempInt++; + } + } + } + + // Address... + else if ((strcasecmp(command->part(1), "group") == 0) && (strcasecmp(command->part(2), "address") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sGroup Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer = getObjectList(command->part(4), command->part(3)); + objectListPointer->type = groupObject; + objectListPointer->title = addressGroupObjectTitle; + objectListPointer->description = addressGroupObjectDescription; + + tempInt = 5; + while (tempInt < command->parts) + { + if (strcasecmp(command->part(tempInt), "add") == 0) + { + tempInt++; + objectPointer = addObject(objectListPointer); + objectPointer->type = addressObject; + objectPointer->serviceOper = Filter::serviceOperEqual; + objectPointer->name.assign(command->part(tempInt)); + } + + else if (strcasecmp(command->part(tempInt), "comment") == 0) + { + tempInt++; + if (objectPointer != 0) + { + objectPointer->comment.assign(command->part(tempInt)); + objectListPointer->objectCommentSupported = true; + } + else + objectListPointer->comment.assign(command->part(tempInt)); + } + + tempInt++; + } + } + + // Service... + else if ((strcasecmp(command->part(1), "group") == 0) && (strcasecmp(command->part(2), "service") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sGroup Service Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer = getObjectList(command->part(3)); + objectListPointer->type = serviceObject; + objectListPointer->title = serviceGroupObjectTitle; + objectListPointer->description = serviceGroupObjectDescription; + + tempInt = 4; + while (tempInt < command->parts) + { + if (strcasecmp(command->part(tempInt), "add") == 0) + { + tempInt++; + objectPointer = addObject(objectListPointer); + objectPointer->type = enhancedServiceObject; + objectPointer->name.assign(command->part(tempInt)); + objectPointer->serviceOper = Filter::serviceOperEqual; + } + + else if (strcasecmp(command->part(tempInt), "comment") == 0) + { + tempInt++; + if (objectPointer != 0) + { + objectPointer->comment.assign(command->part(tempInt)); + objectListPointer->objectCommentSupported = true; + } + else + objectListPointer->comment.assign(command->part(tempInt)); + } + + tempInt++; + } + } + + // Address... + else if (strcasecmp(command->part(1), "address") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAddress Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Get Object List + objectListPointer = getObjectList(command->part(2)); + objectListPointer->type = addressBookObject; + objectListPointer->title = addressObjectListTitle; + objectListPointer->description = addressObjectListDescription; + + // Set list entry + objectPointer = addObject(objectListPointer); + objectPointer->type = hostObject; + objectPointer->label.assign(command->part(3)); + tempString.assign(command->part(4)); + if (tempString.find("/") == string::npos) + { + tempInt = 6; + objectPointer->name.assign(command->part(4)); + objectPointer->netmask.assign(command->part(5)); + if (objectPointer->netmask.compare("255.255.255.255") != 0) + objectPointer->type = networkObject; + } + else + { + tempInt = 5; + objectPointer->name.assign(tempString.substr(0, tempString.find("/") - 1)); + objectPointer->netmask.assign(device->cidrToNetmask(tempString.substr(tempString.find("/") + 1).c_str())); + if (objectPointer->netmask.compare("255.255.255.255") != 0) + objectPointer->type = networkObject; + } + + if (tempInt < command->parts) + { + objectListPointer->objectCommentSupported = true; + objectPointer->comment.assign(command->part(tempInt)); + } + objectPointer->serviceOper = Filter::serviceOperEqual; + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +struct Builtin +{ + bool added; + const char *name; + const char *protocol; + const char *source; + Filter::serviceOperType sourceType; + const char *dest; + const char *destEnd; + Filter::serviceOperType destType; + struct Builtin *next; +}; + +// last 123 +struct Builtin builtin122 = {false, "LPR", "TCP", "Any", Filter::serviceOperAny, "515", "", Filter::serviceOperEqual, 0}; +struct Builtin builtin121 = {false, "LDAP", "TCP", "Any", Filter::serviceOperAny, "389", "", Filter::serviceOperEqual, &builtin122}; +struct Builtin builtin120 = {false, "L2TP", "UDP", "Any", Filter::serviceOperAny, "1701", "", Filter::serviceOperEqual, &builtin121}; +struct Builtin builtin119 = {false, "IRC", "TCP", "Any", Filter::serviceOperAny, "6660", "6669", Filter::serviceOperRange, &builtin120}; +struct Builtin builtin118 = {false, "IKE-NAT", "UDP", "500", Filter::serviceOperEqual, "500", "", Filter::serviceOperEqual, &builtin119}; +struct Builtin builtin117 = {false, "Internet Locator Service", "", "", Filter::serviceOperNotEqual, "636", "", Filter::serviceOperEqual, &builtin118}; +struct Builtin builtin116 = {false, "Internet Locator Service", "", "", Filter::serviceOperNotEqual, "522", "", Filter::serviceOperEqual, &builtin117}; +struct Builtin builtin115 = {false, "Internet Locator Service", "TCP", "Any", Filter::serviceOperAny, "389", "", Filter::serviceOperEqual, &builtin116}; +struct Builtin builtin114 = {false, "IMAP", "TCP", "Any", Filter::serviceOperAny, "143", "", Filter::serviceOperEqual, &builtin115}; +struct Builtin builtin113 = {false, "IKE", "UDP", "Any", Filter::serviceOperAny, "500", "", Filter::serviceOperEqual, &builtin114}; +struct Builtin builtin112 = {false, "IDENT", "TCP", "Any", Filter::serviceOperAny, "113", "", Filter::serviceOperEqual, &builtin113}; +struct Builtin builtin111 = {false, "HTTPS", "TCP", "Any", Filter::serviceOperAny, "443", "", Filter::serviceOperEqual, &builtin112}; +struct Builtin builtin110 = {false, "HTTP-EXT", "", "", Filter::serviceOperNotEqual, "9080", "", Filter::serviceOperEqual, &builtin111}; +struct Builtin builtin109 = {false, "HTTP-EXT", "", "", Filter::serviceOperNotEqual, "8888", "", Filter::serviceOperEqual, &builtin110}; +struct Builtin builtin108 = {false, "HTTP-EXT", "", "", Filter::serviceOperNotEqual, "8200", "", Filter::serviceOperEqual, &builtin109}; +struct Builtin builtin107 = {false, "HTTP-EXT", "", "", Filter::serviceOperNotEqual, "8100", "", Filter::serviceOperEqual, &builtin108}; +struct Builtin builtin106 = {false, "HTTP-EXT", "", "", Filter::serviceOperNotEqual, "8081", "", Filter::serviceOperEqual, &builtin107}; +struct Builtin builtin105 = {false, "HTTP-EXT", "", "", Filter::serviceOperNotEqual, "8001", "", Filter::serviceOperEqual, &builtin106}; +struct Builtin builtin104 = {false, "HTTP-EXT", "TCP", "Any", Filter::serviceOperAny, "7001", "", Filter::serviceOperEqual, &builtin105}; +struct Builtin builtin103 = {false, "HTTP", "TCP", "Any", Filter::serviceOperAny, "80", "", Filter::serviceOperEqual, &builtin104}; +struct Builtin builtin102 = {false, "H.323", "", "", Filter::serviceOperNotEqual, "1719", "", Filter::serviceOperEqual, &builtin103}; +struct Builtin builtin101 = {false, "H.323", "", "", Filter::serviceOperNotEqual, "1731", "", Filter::serviceOperEqual, &builtin102}; +struct Builtin builtin100 = {false, "H.323", "", "", Filter::serviceOperNotEqual, "522", "", Filter::serviceOperEqual, &builtin101}; +struct Builtin builtin99 = {false, "H.323", "", "", Filter::serviceOperNotEqual, "389", "", Filter::serviceOperEqual, &builtin100}; +struct Builtin builtin98 = {false, "H.323", "UDP", "", Filter::serviceOperNotEqual, "1503", "", Filter::serviceOperEqual, &builtin99}; +struct Builtin builtin97 = {false, "H.323", "TCP", "Any", Filter::serviceOperAny, "1720", "", Filter::serviceOperEqual, &builtin98}; +struct Builtin builtin96 = {false, "GOPHER", "TCP", "Any", Filter::serviceOperAny, "70", "", Filter::serviceOperEqual, &builtin97}; +struct Builtin builtin95 = {false, "GNUTELLA", "TCP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin96}; +struct Builtin builtin94 = {false, "GNUTELLA", "UDP", "Any", Filter::serviceOperAny, "6346", "6347", Filter::serviceOperRange, &builtin95}; +struct Builtin builtin93 = {false, "FTP-PUT", "TCP", "Any", Filter::serviceOperAny, "21", "", Filter::serviceOperEqual, &builtin94}; +struct Builtin builtin92 = {false, "FTP-GET", "TCP", "Any", Filter::serviceOperAny, "21", "", Filter::serviceOperEqual, &builtin93}; +struct Builtin builtin91 = {false, "FTP", "TCP", "Any", Filter::serviceOperAny, "21", "", Filter::serviceOperEqual, &builtin92}; +struct Builtin builtin90 = {false, "FINGER", "TCP", "Any", Filter::serviceOperAny, "79", "", Filter::serviceOperEqual, &builtin91}; +struct Builtin builtin89 = {false, "ECHO", "TCP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin90}; +struct Builtin builtin88 = {false, "ECHO", "UDP", "Any", Filter::serviceOperAny, "7", "", Filter::serviceOperEqual, &builtin89}; +struct Builtin builtin87 = {false, "DNS", "TCP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin88}; +struct Builtin builtin86 = {false, "DNS", "UDP", "Any", Filter::serviceOperAny, "53", "", Filter::serviceOperEqual, &builtin87}; +struct Builtin builtin85 = {false, "DISCARD", "TCP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin86}; +struct Builtin builtin84 = {false, "DISCARD", "UDP", "Any", Filter::serviceOperAny, "9", "", Filter::serviceOperEqual, &builtin85}; +struct Builtin builtin83 = {false, "DHCP-RELAY", "", "", Filter::serviceOperNotEqual, "68", "", Filter::serviceOperEqual, &builtin84}; +struct Builtin builtin82 = {false, "DHCP-RELAY", "UDP", "Any", Filter::serviceOperAny, "67", "", Filter::serviceOperEqual, &builtin83}; +struct Builtin builtin81 = {false, "CHARGEN", "UDP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin82}; +struct Builtin builtin80 = {false, "CHARGEN", "TCP", "Any", Filter::serviceOperAny, "19", "", Filter::serviceOperEqual, &builtin81}; +struct Builtin builtin79 = {false, "BGP", "TCP", "Any", Filter::serviceOperAny, "179", "", Filter::serviceOperEqual, &builtin80}; +struct Builtin builtin78 = {false, "AOL", "TCP", "Any", Filter::serviceOperAny, "5190", "5194", Filter::serviceOperRange, &builtin79}; +struct Builtin builtin77 = {false, "GTP", "", "", Filter::serviceOperNotEqual, "2152", "", Filter::serviceOperEqual, &builtin78}; +struct Builtin builtin76 = {false, "GTP", "TCP", "", Filter::serviceOperNotEqual, "3386", "", Filter::serviceOperEqual, &builtin77}; +struct Builtin builtin75 = {false, "GTP", "UDP", "Any", Filter::serviceOperAny, "2123", "", Filter::serviceOperEqual, &builtin76}; +struct Builtin builtin74 = {false, "MGCP-CA", "UDP", "Any", Filter::serviceOperAny, "2727", "", Filter::serviceOperEqual, &builtin75}; +struct Builtin builtin123 = {false, "MGCP", "UDP", "Any", Filter::serviceOperAny, "2427", "", Filter::serviceOperEqual, &builtin74}; +struct Builtin builtin73 = {false, "MGCP-UA", "UDP", "Any", Filter::serviceOperAny, "2427", "", Filter::serviceOperEqual, &builtin123}; +struct Builtin builtin72 = {false, "SCCP", "TCP", "Any", Filter::serviceOperAny, "2000", "", Filter::serviceOperEqual, &builtin73}; +struct Builtin builtin71 = {false, "INCOMING-DIP", "TCP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin72}; +struct Builtin builtin70 = {false, "INCOMING-DIP", "UDP", "0", Filter::serviceOperEqual, "0", "", Filter::serviceOperEqual, &builtin71}; +struct Builtin builtin69 = {false, "YMSG", "TCP", "Any", Filter::serviceOperAny, "5050", "", Filter::serviceOperEqual, &builtin70}; +struct Builtin builtin68 = {false, "X-WINDOWS", "TCP", "Any", Filter::serviceOperAny, "6000", "6063", Filter::serviceOperRange, &builtin69}; +struct Builtin builtin67 = {false, "WINFRAME", "TCP", "Any", Filter::serviceOperAny, "1494", "", Filter::serviceOperEqual, &builtin68}; +struct Builtin builtin66 = {false, "WHOIS", "TCP", "Any", Filter::serviceOperAny, "43", "", Filter::serviceOperEqual, &builtin67}; +struct Builtin builtin65 = {false, "WAIS", "TCP", "Any", Filter::serviceOperAny, "210", "", Filter::serviceOperEqual, &builtin66}; +struct Builtin builtin64 = {false, "VNC", "", "", Filter::serviceOperNotEqual, "5900", "", Filter::serviceOperEqual, &builtin65}; +struct Builtin builtin63 = {false, "VNC", "TCP", "Any", Filter::serviceOperAny, "5800", "", Filter::serviceOperEqual, &builtin64}; +struct Builtin builtin62 = {false, "VDO Live", "TCP", "Any", Filter::serviceOperAny, "7000", "7010", Filter::serviceOperRange, &builtin63}; +struct Builtin builtin61 = {false, "UUCP", "UDP", "Any", Filter::serviceOperAny, "540", "", Filter::serviceOperEqual, &builtin62}; +struct Builtin builtin60 = {false, "UDP-ANY", "UDP", "Any", Filter::serviceOperAny, "Any", "", Filter::serviceOperNotEqual, &builtin61}; +struct Builtin builtin59 = {false, "TRACEROUTE", "UDP", "Any", Filter::serviceOperAny, "33400", "34000", Filter::serviceOperRange, &builtin60}; +struct Builtin builtin58 = {false, "TFTP", "UDP", "Any", Filter::serviceOperAny, "69", "", Filter::serviceOperEqual, &builtin59}; +struct Builtin builtin57 = {false, "Telnet", "TCP", "Any", Filter::serviceOperAny, "23", "", Filter::serviceOperEqual, &builtin58}; +struct Builtin builtin56 = {false, "TCP-ANY", "TCP", "Any", Filter::serviceOperAny, "Any", "", Filter::serviceOperNotEqual, &builtin57}; +struct Builtin builtin55 = {false, "TALK", "", "", Filter::serviceOperNotEqual, "518", "", Filter::serviceOperEqual, &builtin56}; +struct Builtin builtin54 = {false, "TALK", "UDP", "Any", Filter::serviceOperAny, "517", "", Filter::serviceOperEqual, &builtin55}; +struct Builtin builtin53 = {false, "SYSLOG", "UDP", "Any", Filter::serviceOperAny, "514", "", Filter::serviceOperEqual, &builtin54}; +struct Builtin builtin52 = {false, "SUN-RPC-PORTMAPPER", "UDP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin53}; +struct Builtin builtin51 = {false, "SUN-RPC-PORTMAPPER", "TCP", "Any", Filter::serviceOperAny, "111", "", Filter::serviceOperEqual, &builtin52}; +struct Builtin builtin50 = {false, "SSH", "TCP", "Any", Filter::serviceOperAny, "22", "", Filter::serviceOperEqual, &builtin51}; +struct Builtin builtin49 = {false, "SQL*NetV2", "TCP", "Any", Filter::serviceOperAny, "1521", "", Filter::serviceOperEqual, &builtin50}; +struct Builtin builtin48 = {false, "SQL*NetV1", "TCP", "Any", Filter::serviceOperAny, "1525", "", Filter::serviceOperEqual, &builtin49}; +struct Builtin builtin47 = {false, "SQL Monitor", "UDP", "Any", Filter::serviceOperAny, "1434", "", Filter::serviceOperEqual, &builtin48}; +struct Builtin builtin46 = {false, "SMTP", "TCP", "Any", Filter::serviceOperAny, "25", "", Filter::serviceOperEqual, &builtin47}; +struct Builtin builtin45 = {false, "SMB", "", "", Filter::serviceOperNotEqual, "445", "", Filter::serviceOperEqual, &builtin46}; +struct Builtin builtin44 = {false, "SMB", "TCP", "Any", Filter::serviceOperAny, "139", "", Filter::serviceOperEqual, &builtin45}; +struct Builtin builtin43 = {false, "SNMP", "UDP", "Any", Filter::serviceOperAny, "162", "", Filter::serviceOperEqual, &builtin44}; +struct Builtin builtin42 = {false, "SNMP", "TCP", "Any", Filter::serviceOperAny, "161", "", Filter::serviceOperEqual, &builtin43}; +struct Builtin builtin41 = {false, "SIP", "TCP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin42}; +struct Builtin builtin40 = {false, "SIP", "UDP", "", Filter::serviceOperNotEqual, "5060", "", Filter::serviceOperEqual, &builtin41}; +struct Builtin builtin39 = {false, "RTSP", "TCP", "Any", Filter::serviceOperAny, "554", "", Filter::serviceOperEqual, &builtin40}; +struct Builtin builtin38 = {false, "RSH", "TCP", "Any", Filter::serviceOperAny, "514", "", Filter::serviceOperEqual, &builtin39}; +struct Builtin builtin37 = {false, "RLOGIN", "TCP", "Any", Filter::serviceOperAny, "513", "", Filter::serviceOperEqual, &builtin38}; +struct Builtin builtin36 = {false, "RIP", "UDP", "Any", Filter::serviceOperAny, "520", "", Filter::serviceOperEqual, &builtin37}; +struct Builtin builtin35 = {false, "REXEC", "TCP", "Any", Filter::serviceOperAny, "512", "", Filter::serviceOperEqual, &builtin36}; +struct Builtin builtin34 = {false, "Real Media", "", "", Filter::serviceOperNotEqual, "554", "", Filter::serviceOperEqual, &builtin35}; +struct Builtin builtin33 = {false, "Real Media", "TCP", "Any", Filter::serviceOperAny, "7070", "", Filter::serviceOperEqual, &builtin34}; +struct Builtin builtin32 = {false, "Radius", "", "", Filter::serviceOperNotEqual, "1813", "", Filter::serviceOperEqual, &builtin33}; +struct Builtin builtin31 = {false, "Radius", "UDP", "Any", Filter::serviceOperAny, "1812", "", Filter::serviceOperEqual, &builtin32}; +struct Builtin builtin30 = {false, "PPTP", "TCP", "Any", Filter::serviceOperAny, "1723", "", Filter::serviceOperEqual, &builtin31}; +struct Builtin builtin29 = {false, "POP3", "TCP", "Any", Filter::serviceOperAny, "110", "", Filter::serviceOperEqual, &builtin30}; +struct Builtin builtin28 = {false, "PC Anywhere", "", "", Filter::serviceOperNotEqual, "5631", "", Filter::serviceOperEqual, &builtin29}; +struct Builtin builtin27 = {false, "PC Anywhere", "UDP", "", Filter::serviceOperNotEqual, "22", "", Filter::serviceOperEqual, &builtin28}; +struct Builtin builtin26 = {false, "PC Anywhere", "TCP", "Any", Filter::serviceOperAny, "5632", "", Filter::serviceOperEqual, &builtin27}; +struct Builtin builtin25 = {false, "NTP", "UDP", "Any", Filter::serviceOperAny, "123", "", Filter::serviceOperEqual, &builtin26}; +struct Builtin builtin24 = {false, "NSM", "", "", Filter::serviceOperNotEqual, "15400", "", Filter::serviceOperEqual, &builtin25}; +struct Builtin builtin23 = {false, "NSM", "", "", Filter::serviceOperNotEqual, "11122", "", Filter::serviceOperEqual, &builtin24}; +struct Builtin builtin22 = {false, "NSM", "", "", Filter::serviceOperNotEqual, "7800", "", Filter::serviceOperEqual, &builtin23}; +struct Builtin builtin21 = {false, "NSM", "UDP", "", Filter::serviceOperNotEqual, "7204", "", Filter::serviceOperEqual, &builtin22}; +struct Builtin builtin20 = {false, "NSM", "TCP", "Any", Filter::serviceOperAny, "69", "", Filter::serviceOperEqual, &builtin21}; +struct Builtin builtin19 = {false, "NS Global Pro", "TCP", "", Filter::serviceOperNotEqual, "15400", "15403", Filter::serviceOperRange, &builtin20}; +struct Builtin builtin18 = {false, "NS Global Pro", "UDP", "Any", Filter::serviceOperAny, "15397", "", Filter::serviceOperEqual, &builtin19}; +struct Builtin builtin17 = {false, "NS Global", "UDP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin18}; +struct Builtin builtin16 = {false, "NS Global", "TCP", "Any", Filter::serviceOperAny, "15397", "", Filter::serviceOperEqual, &builtin17}; +struct Builtin builtin15 = {false, "NNTP", "TCP", "Any", Filter::serviceOperAny, "119", "", Filter::serviceOperEqual, &builtin16}; +struct Builtin builtin14 = {false, "NFS", "UDP", "", Filter::serviceOperNotEqual, "2049", "", Filter::serviceOperEqual, &builtin15}; +struct Builtin builtin13 = {false, "NFS", "TCP", "Any", Filter::serviceOperAny, "111", "", Filter::serviceOperEqual, &builtin14}; +struct Builtin builtin12 = {false, "NetMeeting", "", "", Filter::serviceOperNotEqual, "1719", "", Filter::serviceOperEqual, &builtin13}; +struct Builtin builtin11 = {false, "NetMeeting", "", "", Filter::serviceOperNotEqual, "1731", "", Filter::serviceOperEqual, &builtin12}; +struct Builtin builtin10 = {false, "NetMeeting", "", "", Filter::serviceOperNotEqual, "522", "", Filter::serviceOperEqual, &builtin11}; +struct Builtin builtin9 = {false, "NetMeeting", "", "", Filter::serviceOperNotEqual, "389", "", Filter::serviceOperEqual, &builtin10}; +struct Builtin builtin8 = {false, "NetMeeting", "TCP", "", Filter::serviceOperNotEqual, "1503", "", Filter::serviceOperEqual, &builtin9}; +struct Builtin builtin7 = {false, "NetMeeting", "UDP", "Any", Filter::serviceOperAny, "1720", "", Filter::serviceOperEqual, &builtin8}; +struct Builtin builtin6 = {false, "NBDB", "UDP", "Any", Filter::serviceOperAny, "138", "", Filter::serviceOperEqual, &builtin7}; +struct Builtin builtin5 = {false, "NBNAME", "UDP", "Any", Filter::serviceOperAny, "137", "", Filter::serviceOperEqual, &builtin6}; +struct Builtin builtin4 = {false, "MS-SQL", "TCP", "Any", Filter::serviceOperAny, "1433", "", Filter::serviceOperEqual, &builtin5}; +struct Builtin builtin3 = {false, "MS-RPC-EPM", "UDP", "", Filter::serviceOperNotEqual, "", "", Filter::serviceOperEqual, &builtin4}; +struct Builtin builtin2 = {false, "MS-RPC-EPM", "TCP", "Any", Filter::serviceOperAny, "135", "", Filter::serviceOperEqual, &builtin3}; +struct Builtin builtin1 = {false, "MSN", "TCP", "Any", Filter::serviceOperAny, "1863", "", Filter::serviceOperEqual, &builtin2}; +struct Builtin builtin = {false, "MAIL", "TCP", "Any", Filter::serviceOperAny, "25", "", Filter::serviceOperEqual, &builtin1}; + + +int ScreenOSFilter::processDeviceSpecificDefaults(Device *device) +{ + // Variables... + filterListConfig *filterListPointer = 0; + filterConfig *filterPointer = 0; + filterObjectConfig *objectPointer = 0; + filterObjectConfig *objectSubPointer = 0; + netObjectListConfig *serviceListPointer = 0; + netObjectListConfig *builtinListPointer = 0; + Builtin *builtinPointer = 0; + + // Init service list... + serviceListPointer = getOnlyObjectList("Service Objects"); + + // Add any builtin predefined objects that are used... + filterListPointer = filterList; + while (filterListPointer != 0) + { + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + objectPointer = 0; + if (filterPointer->destinationService != 0) + { + if (filterPointer->destinationService->type != anyObject) + { + if (serviceListPointer != 0) + objectPointer = getObject(filterPointer->destinationService->name.c_str(), serviceListPointer); + + // If this object has not been found, check the builtin service list... + if (objectPointer == 0) + { + builtinPointer = &builtin; + while (builtinPointer != 0) + { + if (strcasecmp(builtinPointer->name, filterPointer->destinationService->name.c_str()) == 0) + { + if (builtinPointer->added == true) + builtinPointer = 0; + else + { + if (builtinListPointer == 0) + { + builtinListPointer = getObjectList(i18n("Predefined service objects")); + builtinListPointer->title = serviceObjectTitle; + builtinListPointer->description = serviceObjectDescription; + builtinListPointer->type = enhancedServiceObject; + } + builtinPointer->added = true; + + // Create object... + objectPointer = getObject(filterPointer->destinationService->name.c_str(), builtinListPointer); + if (objectPointer == 0) + { + objectPointer = addObject(builtinListPointer); + objectPointer->name.assign(filterPointer->destinationService->name.c_str()); + objectPointer->type = enhancedServiceObject; + objectPointer->serviceOper= serviceOperEqual; + } + + // Add protocol... + if (strcmp(builtinPointer->protocol, "") != 0) + { + objectSubPointer = addObject(objectPointer, protocol); + objectSubPointer->type = protocolObject; + objectSubPointer->name.assign(builtinPointer->protocol); + } + + // Add source port... + if (strcmp(builtinPointer->source, "") != 0) + { + objectSubPointer = addObject(objectPointer, sourceService); + objectSubPointer->type = portObject; + objectSubPointer->name.assign(builtinPointer->source); + objectSubPointer->serviceOper = builtinPointer->sourceType; + } + + // Add destination port... + if (strcmp(builtinPointer->dest, "") != 0) + { + objectSubPointer = addObject(objectPointer, destinationService); + objectSubPointer->type = portObject; + objectSubPointer->name.assign(builtinPointer->dest); + objectSubPointer->netmask.assign(builtinPointer->destEnd); + objectSubPointer->serviceOper = builtinPointer->destType; + } + } + } + if (builtinPointer != 0) + builtinPointer = builtinPointer->next; + } + } + } + } + + filterPointer = filterPointer->next; + } + + filterListPointer = filterListPointer->next; + } + + return 0; +} diff --git a/libnipper-0.12.6/Juniper-ScreenOS/filter.h b/libnipper-0.12.6/Juniper-ScreenOS/filter.h new file mode 100644 index 0000000..815502c --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/filter.h @@ -0,0 +1,70 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ScreenOSFilter_H +#define ScreenOSFilter_H + + +#include "../device/filter/filter.h" + + +class ScreenOSFilter : public Filter +{ + public: + ScreenOSFilter(); + ~ScreenOSFilter(); + + + private: + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDeviceSpecificDefaults(Device *device); + + const char *intrazoneTitle; + const char *intrazoneDescription; + const char *interzoneTitle; + const char *interzoneDescription; + const char *globalzoneTitle; + const char *globalzoneDescription; + const char *addressObjectListTitle; + const char *addressObjectListDescription; + const char *serviceObjectTitle; + const char *serviceObjectDescription; + const char *serviceGroupObjectTitle; + const char *serviceGroupObjectDescription; + const char *addressGroupObjectTitle; + const char *addressGroupObjectDescription; + const char *predefinedObjectListTitle; + const char *predefinedObjectListDescription; +}; + + +#endif + diff --git a/libnipper-0.12.6/Juniper-ScreenOS/general.cpp b/libnipper-0.12.6/Juniper-ScreenOS/general.cpp new file mode 100644 index 0000000..2948645 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/general.cpp @@ -0,0 +1,157 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +ScreenOSGeneral::ScreenOSGeneral() +{ +} + + +int ScreenOSGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int tempInt = 0; + bool setting = false; + + // Init + if (strcmp(command->part(0), "unset") == 0) + { + tempInt = 1; + setting = false; + } + else + { + tempInt = 1; + setting = true; + } + + // Hostname + if (strcasecmp(command->part(tempInt), "hostname") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHostname Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostname = command->part(tempInt + 1); + } + + // Temp Hostname + else if ((command->part(0)[strlen(command->part(0)) -2] == '-') && (command->part(0)[strlen(command->part(0)) - 1] == '>')) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHostname Prompt Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempHostname.assign(command->part(0)); + tempHostname.resize(tempHostname.length() - 2); + } + + return 0; +} + + +int ScreenOSGeneral::processDefaults(Device *device) +{ + if (hostname.empty()) + hostname.assign(tempHostname); + + // Split Version Numbers... +/* if (!version.empty()) + { + versionMajor = atoi(version.c_str()); + if ((version.find_first_of('.') != string::npos) && (version.length() > version.find_first_of('.') + 1)) + versionMinor = atoi(version.c_str() + version.find_first_of('.') + 1); + }*/ + + return 0; +} + + +int ScreenOSGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; +/* + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-GENERAL"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-GENERAL-TABLE"); + + // Password Encryption... + if (servicePasswordEncryption != unconfigured) + { + device->addTableData(paragraphPointer->table, i18n("Service Password Encryption")); + if (servicePasswordEncryption == on) + device->addTableData(paragraphPointer->table, i18n("Enabled")); + else + device->addTableData(paragraphPointer->table, i18n("Disabled")); + }*/ + + return errorCode; +} + + +int ScreenOSGeneral::generateSecuritySpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; +/* + // Service Password Encryption... + if (servicePasswordEncryption == off) + { + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Service Password Encryption Disabled")); + securityIssuePointer->reference.assign("IOS.PASSENCR.1"); + securityIssuePointer->overallRating = 8; + securityIssuePointer->impactRating = 9; + securityIssuePointer->easeRating = 2; + securityIssuePointer->fixRating = 1; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("Cisco service passwords by default are stored in their clear text form rather than being encrypted. However, it is possible to have these passwords stored using the reversible Cisco type-7 encryption. *COMPANY* determined that the service password encryption that helps to provide a basic level of encryption for passwords that otherwise would be stored in clear text was disabled on the Cisco device *DEVICENAME*.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("The Cisco type-7 password encryption provides little in the way of protection against an attacker who has access to the configuration file. However, the Cisco type-7 password encryption would provide a level of protect against a malicious user who had managed to briefly view a devices configuration.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("If a malicious user were able to glance a password from a devices configuration they could use it to gain a level of access to *DEVICENAME*. If the passwords were encrypted using the Cisco type-7 routine, a malicious user that had access to the devices configuration would have to decode the password first. Tools are widely available on the Internet that can reverse Cisco type-7 passwords.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that the Cisco password encryption service be enabled. The Cisco password encryption service can be started with the following Cisco *ABBREV*IOS*-ABBREV* command:")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*CODE**COMMAND*service password-encryption*-COMMAND**-CODE*")); + securityIssuePointer->conLine.assign(i18n("service password encryption was disabled")); + securityIssuePointer->recLine.assign(i18n("enable the service password encryption")); + }*/ + return errorCode; +} diff --git a/libnipper-0.12.6/Juniper-ScreenOS/general.h b/libnipper-0.12.6/Juniper-ScreenOS/general.h new file mode 100644 index 0000000..0aec627 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/general.h @@ -0,0 +1,58 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ScreenOSdevicegeneral_H +#define ScreenOSdevicegeneral_H + +#include "../device/general/general.h" + + +class ScreenOSGeneral : public General +{ + public: + ScreenOSGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Reporting... + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + + private: + + string tempHostname; +}; + + +#endif diff --git a/libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp b/libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp new file mode 100644 index 0000000..97af8ec --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/interfaces.cpp @@ -0,0 +1,293 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "interfaces.h" + + +ScreenOSInterfaces::ScreenOSInterfaces() +{ + // Interface Options... + useModuleAndPort = false; // Use the module / port instead of the name + useInterfaceZone = true; // Use the interface zone + zoneName = i18n("Zone"); // The name for zone field + filterIn = i18n("Filter In"); // The filter in table title text + filterOut = i18n("Filter Out"); // The filter out table title text + showDescription = true; // Show the interface description + cdpGlobalRequired = false; // If CDP needs to be enabled globally as well + disableCDPText = i18n(""); // The text and commands to disable CDP + cdpSupported = false; // Is CDP supported on interfaces + disableProxyARPText = i18n(""); // The text and commands to disable Proxy ARP + disableUnreachablesText = i18n(""); // The text and commands to disable ICMP unreachable messages + disableInformationText = i18n(""); // The text and commands to disable ICMP information messages + disableMaskText = i18n(""); // The text and commands to disable ICMP mask messages + disableRedirectText = i18n(""); // The text and commands to disable ICMP redirect messages + disableDirectedText = i18n(""); // The text and commands to disable directed broadcasts + disableMOPText = i18n(""); // The text and commands to disable MOP + disableActiveText = i18n("Interfaces can be disabled on *DEVICETYPE* devices with the following command:*CODE**COMMAND*set interface *CMDUSER*interface*-CMDUSER* disable*-COMMAND**-CODE*"); // The text and commands to disable potentially unused interfaces + filterName = i18n("filter lists"); // The filter list name for use in the filter issue text + configFilterText = i18n(""); // The text and commands to configure network filtering + defaultAutoTrunk = false; // Default to automatically trunk + disableTrunkText = i18n(""); // The text and commands to disable trunking on a port + enablePortSecurityText = i18n(""); // The text and commands to enable port security +} + + +int ScreenOSInterfaces::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + interfaceListConfig *interfaceListPointer = 0; + interfaceConfig *interfacePointer = 0; + string tempString; + int tempInt = 0; + + // Init + tempInt = 2; + if (strcasecmp(command->part(0), "set") == 0) + { + // Get the correct list for the type of interface... + if (strncasecmp(command->part(tempInt), "ethernet", 8) == 0) + { + interfaceListPointer = getInterfaceList("ETHERINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Ethernet Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices ethernet interfaces."); + interfaceListPointer->tableTitle = i18n("Ethernet interfaces"); + interfaceListPointer->label = "ETHERINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt) + 8); + } + else if (strncasecmp(command->part(tempInt), "wireless", 8) == 0) + { + interfaceListPointer = getInterfaceList("WIREINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Wireless Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices wireless interfaces."); + interfaceListPointer->tableTitle = i18n("Wireless interfaces"); + interfaceListPointer->label = "WIREINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt) + 8); + } + else if (strncasecmp(command->part(tempInt), "serial", 6) == 0) + { + interfaceListPointer = getInterfaceList("SERIALINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Serial Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices serial interfaces."); + interfaceListPointer->tableTitle = i18n("Serial interfaces"); + interfaceListPointer->label = "SERIALINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt) + 6); + } + else if (strncasecmp(command->part(tempInt), "vlan", 4) == 0) + { + interfaceListPointer = getInterfaceList("VLANINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*VLAN*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*VLAN*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*VLAN*-ABBREV* interfaces"); + interfaceListPointer->label = "VLANINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt) + 4); + } + else if (strncasecmp(command->part(tempInt), "bri", 3) == 0) + { + interfaceListPointer = getInterfaceList("BRIINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*ISDN*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*ISDN*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*ISDN*-ABBREV* interfaces"); + interfaceListPointer->label = "BRIINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt) + 3); + } + else if (strncasecmp(command->part(tempInt), "tunnel", 6) == 0) + { + interfaceListPointer = getInterfaceList("TUNINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Tunnel Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices tunnel interfaces."); + interfaceListPointer->tableTitle = i18n("Tunnel interfaces"); + interfaceListPointer->label = "TUNINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt) + 6); + } + else if ((strncasecmp(command->part(tempInt), "shdsl", 5) == 0) || (strncasecmp(command->part(tempInt), "adsl", 4) == 0)) + { + interfaceListPointer = getInterfaceList("DSLINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*DSL*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*DSL*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*DSL*-ABBREV* interfaces"); + interfaceListPointer->label = "DSLINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt)); + } + else if (strncasecmp(command->part(tempInt), "bgroup", 6) == 0) + { + interfaceListPointer = getInterfaceList("BGROUPINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Bridge group Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices bridge group interfaces."); + interfaceListPointer->tableTitle = i18n("Bridge group interfaces"); + interfaceListPointer->label = "BGROUPINTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt) + 6); + } + else + { + interfaceListPointer = getInterfaceList("INTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices interfaces."); + interfaceListPointer->tableTitle = i18n("Interfaces"); + interfaceListPointer->label = "INTERFACES"; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(tempInt)); + } + tempInt++; + + if ((strcasecmp(command->part(tempInt), "ip") == 0) && (strcasecmp(command->part(tempInt + 1), "manageable") != 0) && (strcasecmp(command->part(tempInt + 1), "unnumbered") != 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface IP Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempInt++; + if (command->parts > 4) + { + tempString.assign(command->part(tempInt)); + if (tempString.find("/") == string::npos) + { + interfacePointer->address.assign(command->part(tempInt)); + interfacePointer->netmask.assign(command->part(tempInt + 1)); + } + else + { + interfacePointer->address.assign(tempString.substr(0, tempString.find("/") - 1)); + interfacePointer->netmask.assign(device->cidrToNetmask(tempString.substr(tempString.find("/") + 1).c_str())); + } + } + } + + else if (strcasecmp(command->part(tempInt), "zone") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Zone Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempInt++; + if (command->parts > 4) + { + interfacePointer->zone.assign(command->part(tempInt)); + } + } + + else if (strcasecmp(command->part(tempInt), "description") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Description Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempInt++; + if (command->parts > 4) + { + interfacePointer->description.assign(command->part(tempInt)); + } + } + + else if ((strcasecmp(command->part(tempInt), "disable") == 0) || (strcasecmp(command->part(tempInt), "shutdown") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Disable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempInt++; + if (command->parts > 4) + { + interfacePointer->enabled = false; + } + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int ScreenOSInterfaces::processDefaults(Device *device) +{ + return 0; +} + diff --git a/libnipper-0.12.6/Juniper-ScreenOS/interfaces.h b/libnipper-0.12.6/Juniper-ScreenOS/interfaces.h new file mode 100644 index 0000000..283ab50 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/interfaces.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ScreenOSInterfaces_H +#define ScreenOSInterfaces_H + + +#include "../device/interfaces/interfaces.h" + + +class ScreenOSInterfaces : public Interfaces +{ + public: + + ScreenOSInterfaces(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + +}; + +#endif diff --git a/libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp b/libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp new file mode 100644 index 0000000..37d0057 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/snmp.cpp @@ -0,0 +1,400 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include +#include +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "administration.h" +#include "snmp.h" + +using namespace std; + + +ScreenOSSNMP::ScreenOSSNMP() +{ + // Init SNMP support options... + deviceSNMPSupportText = i18n("*DEVICETYPE* devices do not support *ABBREV*SNMP*-ABBREV* version 3. "); // Intro Config section device specific text. + supportSNMP3 = false; // Does this device support SNMPv3? + // N/A - supportSNMP3Upgrade = false; // Do you have to upgrade to get support for SNMPv3 + // N/A - supportSNMP3UpgText = i18n(""); // SNMP 3 is supported from OS version ... + disableSNMPCmdText = i18n("*ABBREV*SNMP*-ABBREV* access to *DEVICENAME* can be disabled by removing the community string configuration. This can be done with the following command:*CODE**COMMAND*unset snmp community *CMDUSER*community-string*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to disable SNMP support + configSNMPCommunityText = i18n("*ABBREV*SNMP*-ABBREV* community string access can be configured using the following commands:*CODE**COMMAND*set snmp community *CMDUSER*community-string*-CMDUSER* *CMDREQUIRE*read-only *CMDOR* read-write*-CMDREQUIRE**-COMMAND**COMMAND*set snmp host *CMDUSER*community-string*-CMDUSER* *CMDUSER*ip-address/cidr*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure a community string + // N/A - configSNMP3Text = i18n(""); // The text and command(s) to configure SNMP version 3 + // N/A - configSNMPViewText = i18n(""); // The text and command(s) to configure SNMP views + configSNMPTrapsText = i18n("*ABBREV*SNMP*-ABBREV* traps can be configured using the following commands:*CODE**COMMAND*set snmp community *CMDUSER*community-string*-CMDUSER* *CMDREQUIRE*read-only *CMDOR* read-write*-CMDREQUIRE* trap-on*-COMMAND**COMMAND*set snmp host *CMDUSER*community-string*-CMDUSER* *CMDUSER*ip-address/cidr*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP traps + // N/A - configSNMPInformsText = i18n(""); // The text and command(s) to configure SNMP informs + configSNMPReadOnlyText = i18n("*ABBREV*SNMP*-ABBREV* read only community string access can be configured using the following commands:*CODE**COMMAND*set snmp community *CMDUSER*community-string*-CMDUSER* read-only*-COMMAND**COMMAND*set snmp host *CMDUSER*community-string*-CMDUSER* *CMDUSER*ip-address/cidr*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP read only access + // N/A - configSNMPFilterText = i18n(""); // The text and command(s) to configure SNMP filtering + + // Community Options... + communityView = false; // SNMP view for the community + communityFilter = false; // SNMP Network Filtering + communityIPv6Filter = false; // SNMP IPv6 Network Filtering + communitySpecificFilters = true; // If the device uses an SNMP specific list. If false, it is std device filters + communityRequiresHosts = true; // If the SNMP community will not work without a list of those who can access it + + // Default communities... + defaultReadOnly = ""; // Default read only community + defaultReadWrite = ""; // Default read/write community + defaultReadWriteAll = ""; // Default read/write all community + + // SNMP Trap/Inform Host Options... + trapsOnly = true; // Only Traps are supported + trapsSNMPv3 = false; // SNMP v3 support for traps + trapsShowPort = false; // Show Trap Host Port in Table + trapsInterface = true; // Show Interface in Table + trapsInterfaceText = i18n("Interface"); // The Traps/Informs Host Table Interface Column Title + trapsShowNotifications = false; // Show Notifications in the Table + trapsShowEventLevel = false; // Show Notification Event Level in the Table + + // Traps/Informs Options... + trapsShowExcluded = false; // Show excluded traps + trapsShowOptions = false; // Show trap options + + // Host Options... + hostShowInterface = true; // Show the Interface in the Table + hostShowCommunity = true; // Show the Community in the Table + hostShowFilterID = false; // Show a filter ID if used + hostFilterText = i18n("Filter"); // The Table column title for the filter text + + // Device specific settings... + trapPort = 162; +} + + +int ScreenOSSNMP::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + snmpCommunity *communityPointer = 0; + snmpHostStruct *snmpHostPointer = 0; + snmpTrapHost *snmpTrapHostPointer = 0; + snmpTrap *snmpTrapPointer = 0; + int tempInt = 0; + int tempVersion = 1; + string tempString; + string tempHost; + string tempNetwork; + string tempCommunity; + string tempInterface; + bool trapsOn = false; + bool setting = false; + + // Init + tempInt = 2; + if (strcasecmp(command->part(0), "unset") == 0) + setting = false; + else + setting = true; + + // Contact... + if (strcasecmp(command->part(tempInt), "contact") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Contact Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + contact.assign(command->part(tempInt)); + } + + // Location... + else if (strcasecmp(command->part(tempInt), "location") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Location Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + location.assign(command->part(tempInt)); + } + + // Trap port... + else if ((strcasecmp(command->part(tempInt), "port") == 0) && (strcasecmp(command->part(tempInt + 1), "trap") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Port Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + if (setting == true) + trapPort = atoi(command->part(tempInt)); + } + + // Listen port... + else if ((strcasecmp(command->part(tempInt), "port") == 0) && (strcasecmp(command->part(tempInt + 1), "listen") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Listen Port Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + if (setting == true) + listenPort = atoi(command->part(tempInt)); + } + + // Name... + else if (strcasecmp(command->part(tempInt), "name") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP System Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + if (setting == true) + { + name.assign(command->part(tempInt)); + if (device->general != 0) + { + if (device->general->hostname.empty()) + device->general->hostname.assign(command->part(tempInt)); + } + } + } + + // Authentication Traps... + else if (strcasecmp(command->part(tempInt), "auth-trap") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Authentication Traps Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign("Authentication"); + } + + // Community... + else if (strcasecmp(command->part(tempInt), "community") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + communityPointer = addSNMPCommunity(); + communityPointer->community.assign(command->part(tempInt)); + tempInt++; + + // Read-only / read/write + if (strcasecmp(command->part(tempInt), "read-only") == 0) + communityPointer->type = communityReadOnly; + else + communityPointer->type = communityReadWrite; + tempInt++; + + while (tempInt < command->parts) + { + + // Traps On / Off... + if (strcasecmp(command->part(tempInt), "trap-off") == 0) + communityPointer->trapsOn = false; + else if (strcasecmp(command->part(tempInt), "trap-on") == 0) + communityPointer->trapsOn = true; + else if (strcasecmp(command->part(tempInt), "traffic") == 0) + { + snmpTrapPointer = addSNMPTrap(); + snmpTrapPointer->trap.assign("Traffic"); + } + + // Version... + else if (strcasecmp(command->part(tempInt), "version") == 0) + { + tempInt++; + if (strcasecmp(command->part(tempInt), "any") == 0) + communityPointer->version = 0; + else if (strcasecmp(command->part(tempInt), "v1") == 0) + communityPointer->version = 1; + else if ((strcasecmp(command->part(tempInt), "v2") == 0) || (strcasecmp(command->part(tempInt), "v2c") == 0)) + communityPointer->version = 2; + } + + tempInt++; + } + } + + // SNMP Host... + else if (strcmp(command->part(tempInt), "host") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt++; + tempCommunity.assign(command->part(tempInt)); + tempInt++; + tempHost.assign(command->part(tempInt)); + if (tempHost.find("/") != string::npos) + { + tempString.assign(tempHost.substr(tempHost.find("/") + 1)); + tempNetwork.assign(device->cidrToNetmask(tempString.c_str())); + tempHost.erase(tempHost.find("/")); + } + else + { + tempInt++; + tempNetwork.assign(command->part(tempInt)); + } + tempInt++; + while (tempInt < command->parts) + { + if (strcasecmp(command->part(tempInt), "src-interface") == 0) + { + tempInt++; + tempInterface.assign(command->part(tempInt)); + } + else if (strcasecmp(command->part(tempInt), "trap") == 0) + { + trapsOn = true; + tempInt++; + if ((strcasecmp(command->part(tempInt), "v2") == 0) || (strcasecmp(command->part(tempInt), "v2c") == 0)) + tempVersion = 2; + else + tempVersion = 1; + } + tempInt++; + } + + // Add to NMS hosts... + snmpHostPointer = addHost(); + snmpHostPointer->host.assign(tempHost); + snmpHostPointer->networkMask.assign(tempNetwork); + snmpHostPointer->interface.assign(tempInterface); + snmpHostPointer->community.assign(tempCommunity); + + // Add to Trap Hosts... + communityPointer = getSNMPCommunity(tempCommunity.c_str()); + if (communityPointer != 0) + { + if (communityPointer->trapsOn == true) + trapsOn = true; + } + if (tempNetwork.compare("255.255.255.255") != 0) + trapsOn = false; + if (trapsOn == true) + { + snmpTrapHostPointer = addSNMPTrapHost(); + snmpTrapHostPointer->host.assign(tempHost); + snmpTrapHostPointer->trap = true; + snmpTrapHostPointer->version = tempVersion; + snmpTrapHostPointer->community.assign(tempCommunity); + snmpTrapHostPointer->interface.assign(tempInterface); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int ScreenOSSNMP::generateConfigSpecificReport(Device *device) +{ + // Variables... + ScreenOSAdministration::interfaceManagementConfig *interfacePointer = 0; + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + stringstream tempStream; + string tempString; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-SNMP"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-SNMP-TABLE"); + + // Trap Port... + device->addTableData(paragraphPointer->table, i18n("*ABBREV*SNMP*-ABBREV* Trap Port")); + tempStream.str(""); + tempStream << trapPort; + device->addTableData(paragraphPointer->table, tempStream.str().c_str()); + + if (enabled == true) + { + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access to the *ABBREV*SNMP*-ABBREV* service can be enabled on individual interfaces on *DEVICETYPE* devices. Table *TABLEREF* lists the interfaces with the *ABBREV*SNMP*-ABBREV* service enabled.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINSNMPINTER-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("*ABBREV*SNMP*-ABBREV* service interfaces"); + + // Headings... + device->addTableHeading(paragraphPointer->table, i18n("Interface"), false); + device->addTableHeading(paragraphPointer->table, i18n("Zone"), false); + + interfacePointer = dynamic_cast(device->administration)->interfaces; + while (interfacePointer != 0) + { + if ((interfacePointer->enabled == true) && (interfacePointer->snmp == true)) + { + device->addTableData(paragraphPointer->table, interfacePointer->interface.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->zone.c_str()); + } + interfacePointer = interfacePointer->next; + } + } + + return errorCode; +} + + +int ScreenOSSNMP::processDefaults(Device *device) +{ + // Variables... + ScreenOSAdministration::interfaceManagementConfig *interfacePointer = 0; + snmpCommunity *communityPointer = 0; + bool enableSNMP = false; + + // Enable SNMP? + communityPointer = community; + while ((communityPointer != 0) && (enabled == false)) + { + if ((communityPointer->enabled == true) && (hostCommunityExists(communityPointer->community.c_str()) == true)) + { + enabled = true; + snmp12Enabled = true; + } + communityPointer = communityPointer->next; + } + + if (enabled == true) + { + interfacePointer = dynamic_cast(device->administration)->interfaces; + while (interfacePointer != 0) + { + if (interfacePointer->snmp == true) + enableSNMP = true; + interfacePointer = interfacePointer->next; + } + enabled = enableSNMP; + } + + return 0; +} + diff --git a/libnipper-0.12.6/Juniper-ScreenOS/snmp.h b/libnipper-0.12.6/Juniper-ScreenOS/snmp.h new file mode 100644 index 0000000..3385ae1 --- /dev/null +++ b/libnipper-0.12.6/Juniper-ScreenOS/snmp.h @@ -0,0 +1,56 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef ScreenOSdevicesnmp_H +#define ScreenOSdevicesnmp_H + +#include "../device/snmp/snmp.h" + + +class ScreenOSSNMP : public SNMP +{ + public: + ScreenOSSNMP(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + int generateConfigSpecificReport(Device *device); + + + private: + + // Device specific properties... + unsigned int trapPort; +}; + + +#endif diff --git a/libnipper-0.12.6/LICENSE b/libnipper-0.12.6/LICENSE new file mode 100644 index 0000000..247a7f6 --- /dev/null +++ b/libnipper-0.12.6/LICENSE @@ -0,0 +1,648 @@ +THIS IS IMPORTANT: + +libNipper and all other Nipper products are licensed under the GPL version 3 +with the following exceptions. + +1. The code cannot be used as part of a commercial product. A commercial + license can be arranged for the integration of Nipper with a commercial + product. Contact fizz@titania.co.uk for commercial licensing information. + +2. Any code that integrates Nipper MUST display the following copyright + information with the programs own copyright information: + + Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting + + In order to maintain the latest copyright information for each libNipper + release, this information can be extracted using the API. + + +Nipper is distributed in the hope that it will be useful, but WITHOUT ANY +WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR +A PARTICULAR PURPOSE. See the GNU General Public License v3 (below) for more +details. + +---------------------------------------------------------------------------- + + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + diff --git a/libnipper-0.12.6/Makefile b/libnipper-0.12.6/Makefile new file mode 100644 index 0000000..475489b --- /dev/null +++ b/libnipper-0.12.6/Makefile @@ -0,0 +1,2773 @@ +# CMAKE generated file: DO NOT EDIT! +# Generated by "Unix Makefiles" Generator, CMake Version 2.4 + +# Default target executed when no arguments are given to make. +default_target: all + +#============================================================================= +# Special targets provided by cmake. + +# Disable implicit rules so canoncical targets will work. +.SUFFIXES: + +.SUFFIXES: .hpux_make_needs_suffix_list + +# Suppress display of executed commands. +$(VERBOSE).SILENT: + +# A target that is always out of date. +cmake_force: + +#============================================================================= +# Set environment variables for the build. + +# The shell in which to execute make rules. +SHELL = /bin/sh + +# The CMake executable. +CMAKE_COMMAND = /usr/bin/cmake + +# The command to remove a file. +RM = /usr/bin/cmake -E remove -f + +# The program to use to edit the cache. +CMAKE_EDIT_COMMAND = /usr/bin/ccmake + +# The top-level source directory on which CMake was run. +CMAKE_SOURCE_DIR = /home/dbryan/libnipper-0.12.6 + +# The top-level build directory on which CMake was run. +CMAKE_BINARY_DIR = /home/dbryan/libnipper-0.12.6 + +# Include the progress variables for this target. +include CMakeFiles/progress.make + +#============================================================================= +# Targets provided globally by CMake. + +# Special rule for the target edit_cache +edit_cache: + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Running CMake cache editor..." + /usr/bin/ccmake -H$(CMAKE_SOURCE_DIR) -B$(CMAKE_BINARY_DIR) + +# Special rule for the target edit_cache +edit_cache/fast: edit_cache + +# Special rule for the target install +install: preinstall + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Install the project..." + /usr/bin/cmake -P cmake_install.cmake + +# Special rule for the target install +install/fast: preinstall/fast + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Install the project..." + /usr/bin/cmake -P cmake_install.cmake + +# Special rule for the target install/local +install/local: preinstall + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Installing only the local directory..." + /usr/bin/cmake -DCMAKE_INSTALL_LOCAL_ONLY=1 -P cmake_install.cmake + +# Special rule for the target install/local +install/local/fast: install/local + +# Special rule for the target list_install_components +list_install_components: + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Available install components are: \"Unspecified\"" + +# Special rule for the target list_install_components +list_install_components/fast: list_install_components + +# Special rule for the target rebuild_cache +rebuild_cache: + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Running CMake to regenerate build system..." + /usr/bin/cmake -H$(CMAKE_SOURCE_DIR) -B$(CMAKE_BINARY_DIR) + +# Special rule for the target rebuild_cache +rebuild_cache/fast: rebuild_cache + +# The main all target +all: cmake_check_build_system + $(CMAKE_COMMAND) -E cmake_progress_start /home/dbryan/libnipper-0.12.6/CMakeFiles $(CMAKE_ALL_PROGRESS) + $(MAKE) -f CMakeFiles/Makefile2 all + $(CMAKE_COMMAND) -E cmake_progress_start /home/dbryan/libnipper-0.12.6/CMakeFiles 0 + +# The main clean target +clean: + $(MAKE) -f CMakeFiles/Makefile2 clean + +# The main clean target +clean/fast: clean + +# Prepare targets for installation. +preinstall: all + $(MAKE) -f CMakeFiles/Makefile2 preinstall + +# Prepare targets for installation. +preinstall/fast: + $(MAKE) -f CMakeFiles/Makefile2 preinstall + +# clear depends +depend: + $(CMAKE_COMMAND) -H$(CMAKE_SOURCE_DIR) -B$(CMAKE_BINARY_DIR) --check-build-system CMakeFiles/Makefile.cmake 1 + +#============================================================================= +# Target rules for targets named nipper + +# Build rule for target. +nipper: cmake_check_build_system + $(MAKE) -f CMakeFiles/Makefile2 nipper + +# fast build rule for target. +nipper/fast: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/build + +# target to build an object file +3Com-SuperStack3-Firewall/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.o + +# target to preprocess a source file +3Com-SuperStack3-Firewall/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.i + +# target to generate assembly for a file +3Com-SuperStack3-Firewall/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/3Com-SuperStack3-Firewall/device.s + +# target to build an object file +BayNetworks-Accelar/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/BayNetworks-Accelar/device.o + +# target to preprocess a source file +BayNetworks-Accelar/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/BayNetworks-Accelar/device.i + +# target to generate assembly for a file +BayNetworks-Accelar/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/BayNetworks-Accelar/device.s + +# target to build an object file +CheckPoint-Firewall/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint-Firewall/device.o + +# target to preprocess a source file +CheckPoint-Firewall/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint-Firewall/device.i + +# target to generate assembly for a file +CheckPoint-Firewall/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint-Firewall/device.s + +# target to build an object file +CheckPoint-Management/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint-Management/device.o + +# target to preprocess a source file +CheckPoint-Management/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint-Management/device.i + +# target to generate assembly for a file +CheckPoint-Management/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint-Management/device.s + +# target to build an object file +CheckPoint/device-policies.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/device-policies.o + +# target to preprocess a source file +CheckPoint/device-policies.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/device-policies.i + +# target to generate assembly for a file +CheckPoint/device-policies.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/device-policies.s + +# target to build an object file +CheckPoint/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/device.o + +# target to preprocess a source file +CheckPoint/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/device.i + +# target to generate assembly for a file +CheckPoint/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/device.s + +# target to build an object file +CheckPoint/filter-objects.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter-objects.o + +# target to preprocess a source file +CheckPoint/filter-objects.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter-objects.i + +# target to generate assembly for a file +CheckPoint/filter-objects.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter-objects.s + +# target to build an object file +CheckPoint/filter-rules.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter-rules.o + +# target to preprocess a source file +CheckPoint/filter-rules.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter-rules.i + +# target to generate assembly for a file +CheckPoint/filter-rules.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter-rules.s + +# target to build an object file +CheckPoint/filter-services.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter-services.o + +# target to preprocess a source file +CheckPoint/filter-services.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter-services.i + +# target to generate assembly for a file +CheckPoint/filter-services.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter-services.s + +# target to build an object file +CheckPoint/filter.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter.o + +# target to preprocess a source file +CheckPoint/filter.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter.i + +# target to generate assembly for a file +CheckPoint/filter.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/filter.s + +# target to build an object file +CheckPoint/general.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/general.o + +# target to preprocess a source file +CheckPoint/general.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/general.i + +# target to generate assembly for a file +CheckPoint/general.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/CheckPoint/general.s + +# target to build an object file +Cisco-CSS/administration.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/administration.o + +# target to preprocess a source file +Cisco-CSS/administration.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/administration.i + +# target to generate assembly for a file +Cisco-CSS/administration.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/administration.s + +# target to build an object file +Cisco-CSS/authentication.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/authentication.o + +# target to preprocess a source file +Cisco-CSS/authentication.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/authentication.i + +# target to generate assembly for a file +Cisco-CSS/authentication.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/authentication.s + +# target to build an object file +Cisco-CSS/banner.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/banner.o + +# target to preprocess a source file +Cisco-CSS/banner.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/banner.i + +# target to generate assembly for a file +Cisco-CSS/banner.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/banner.s + +# target to build an object file +Cisco-CSS/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/device.o + +# target to preprocess a source file +Cisco-CSS/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/device.i + +# target to generate assembly for a file +Cisco-CSS/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/device.s + +# target to build an object file +Cisco-CSS/dns.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/dns.o + +# target to preprocess a source file +Cisco-CSS/dns.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/dns.i + +# target to generate assembly for a file +Cisco-CSS/dns.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/dns.s + +# target to build an object file +Cisco-CSS/filter.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/filter.o + +# target to preprocess a source file +Cisco-CSS/filter.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/filter.i + +# target to generate assembly for a file +Cisco-CSS/filter.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/filter.s + +# target to build an object file +Cisco-CSS/general.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/general.o + +# target to preprocess a source file +Cisco-CSS/general.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/general.i + +# target to generate assembly for a file +Cisco-CSS/general.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/general.s + +# target to build an object file +Cisco-CSS/interfaces.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/interfaces.o + +# target to preprocess a source file +Cisco-CSS/interfaces.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/interfaces.i + +# target to generate assembly for a file +Cisco-CSS/interfaces.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/interfaces.s + +# target to build an object file +Cisco-CSS/snmp-report.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.o + +# target to preprocess a source file +Cisco-CSS/snmp-report.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.i + +# target to generate assembly for a file +Cisco-CSS/snmp-report.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/snmp-report.s + +# target to build an object file +Cisco-CSS/snmp.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/snmp.o + +# target to preprocess a source file +Cisco-CSS/snmp.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/snmp.i + +# target to generate assembly for a file +Cisco-CSS/snmp.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-CSS/snmp.s + +# target to build an object file +Cisco-Catalyst-CatOS/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.o + +# target to preprocess a source file +Cisco-Catalyst-CatOS/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.i + +# target to generate assembly for a file +Cisco-Catalyst-CatOS/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst-CatOS/device.s + +# target to build an object file +Cisco-Catalyst-NMP/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.o + +# target to preprocess a source file +Cisco-Catalyst-NMP/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.i + +# target to generate assembly for a file +Cisco-Catalyst-NMP/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst-NMP/device.s + +# target to build an object file +Cisco-Catalyst/administration.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/administration.o + +# target to preprocess a source file +Cisco-Catalyst/administration.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/administration.i + +# target to generate assembly for a file +Cisco-Catalyst/administration.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/administration.s + +# target to build an object file +Cisco-Catalyst/authentication.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.o + +# target to preprocess a source file +Cisco-Catalyst/authentication.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.i + +# target to generate assembly for a file +Cisco-Catalyst/authentication.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/authentication.s + +# target to build an object file +Cisco-Catalyst/banner.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/banner.o + +# target to preprocess a source file +Cisco-Catalyst/banner.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/banner.i + +# target to generate assembly for a file +Cisco-Catalyst/banner.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/banner.s + +# target to build an object file +Cisco-Catalyst/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/device.o + +# target to preprocess a source file +Cisco-Catalyst/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/device.i + +# target to generate assembly for a file +Cisco-Catalyst/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/device.s + +# target to build an object file +Cisco-Catalyst/dns.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/dns.o + +# target to preprocess a source file +Cisco-Catalyst/dns.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/dns.i + +# target to generate assembly for a file +Cisco-Catalyst/dns.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/dns.s + +# target to build an object file +Cisco-Catalyst/general.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/general.o + +# target to preprocess a source file +Cisco-Catalyst/general.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/general.i + +# target to generate assembly for a file +Cisco-Catalyst/general.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/general.s + +# target to build an object file +Cisco-Catalyst/interfaces.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.o + +# target to preprocess a source file +Cisco-Catalyst/interfaces.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.i + +# target to generate assembly for a file +Cisco-Catalyst/interfaces.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/interfaces.s + +# target to build an object file +Cisco-Catalyst/snmp.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.o + +# target to preprocess a source file +Cisco-Catalyst/snmp.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.i + +# target to generate assembly for a file +Cisco-Catalyst/snmp.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Catalyst/snmp.s + +# target to build an object file +Cisco-IOS-Catalyst/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.o + +# target to preprocess a source file +Cisco-IOS-Catalyst/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.i + +# target to generate assembly for a file +Cisco-IOS-Catalyst/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS-Catalyst/device.s + +# target to build an object file +Cisco-IOS-Router/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS-Router/device.o + +# target to preprocess a source file +Cisco-IOS-Router/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS-Router/device.i + +# target to generate assembly for a file +Cisco-IOS-Router/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS-Router/device.s + +# target to build an object file +Cisco-IOS/administration-line.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration-line.o + +# target to preprocess a source file +Cisco-IOS/administration-line.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration-line.i + +# target to generate assembly for a file +Cisco-IOS/administration-line.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration-line.s + +# target to build an object file +Cisco-IOS/administration-report.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration-report.o + +# target to preprocess a source file +Cisco-IOS/administration-report.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration-report.i + +# target to generate assembly for a file +Cisco-IOS/administration-report.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration-report.s + +# target to build an object file +Cisco-IOS/administration-security.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration-security.o + +# target to preprocess a source file +Cisco-IOS/administration-security.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration-security.i + +# target to generate assembly for a file +Cisco-IOS/administration-security.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration-security.s + +# target to build an object file +Cisco-IOS/administration.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration.o + +# target to preprocess a source file +Cisco-IOS/administration.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration.i + +# target to generate assembly for a file +Cisco-IOS/administration.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/administration.s + +# target to build an object file +Cisco-IOS/authentication.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/authentication.o + +# target to preprocess a source file +Cisco-IOS/authentication.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/authentication.i + +# target to generate assembly for a file +Cisco-IOS/authentication.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/authentication.s + +# target to build an object file +Cisco-IOS/banner.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/banner.o + +# target to preprocess a source file +Cisco-IOS/banner.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/banner.i + +# target to generate assembly for a file +Cisco-IOS/banner.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/banner.s + +# target to build an object file +Cisco-IOS/dns.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/dns.o + +# target to preprocess a source file +Cisco-IOS/dns.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/dns.i + +# target to generate assembly for a file +Cisco-IOS/dns.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/dns.s + +# target to build an object file +Cisco-IOS/filter.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/filter.o + +# target to preprocess a source file +Cisco-IOS/filter.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/filter.i + +# target to generate assembly for a file +Cisco-IOS/filter.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/filter.s + +# target to build an object file +Cisco-IOS/general.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/general.o + +# target to preprocess a source file +Cisco-IOS/general.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/general.i + +# target to generate assembly for a file +Cisco-IOS/general.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/general.s + +# target to build an object file +Cisco-IOS/interfaces.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/interfaces.o + +# target to preprocess a source file +Cisco-IOS/interfaces.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/interfaces.i + +# target to generate assembly for a file +Cisco-IOS/interfaces.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/interfaces.s + +# target to build an object file +Cisco-IOS/iosdevice.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.o + +# target to preprocess a source file +Cisco-IOS/iosdevice.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.i + +# target to generate assembly for a file +Cisco-IOS/iosdevice.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/iosdevice.s + +# target to build an object file +Cisco-IOS/snmp-report.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.o + +# target to preprocess a source file +Cisco-IOS/snmp-report.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.i + +# target to generate assembly for a file +Cisco-IOS/snmp-report.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/snmp-report.s + +# target to build an object file +Cisco-IOS/snmp.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/snmp.o + +# target to preprocess a source file +Cisco-IOS/snmp.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/snmp.i + +# target to generate assembly for a file +Cisco-IOS/snmp.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-IOS/snmp.s + +# target to build an object file +Cisco-Security-ASA/administration.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.o + +# target to preprocess a source file +Cisco-Security-ASA/administration.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.i + +# target to generate assembly for a file +Cisco-Security-ASA/administration.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-ASA/administration.s + +# target to build an object file +Cisco-Security-ASA/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-ASA/device.o + +# target to preprocess a source file +Cisco-Security-ASA/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-ASA/device.i + +# target to generate assembly for a file +Cisco-Security-ASA/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-ASA/device.s + +# target to build an object file +Cisco-Security-FWSM/administration.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.o + +# target to preprocess a source file +Cisco-Security-FWSM/administration.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.i + +# target to generate assembly for a file +Cisco-Security-FWSM/administration.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-FWSM/administration.s + +# target to build an object file +Cisco-Security-FWSM/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.o + +# target to preprocess a source file +Cisco-Security-FWSM/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.i + +# target to generate assembly for a file +Cisco-Security-FWSM/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-FWSM/device.s + +# target to build an object file +Cisco-Security-PIX/administration.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.o + +# target to preprocess a source file +Cisco-Security-PIX/administration.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.i + +# target to generate assembly for a file +Cisco-Security-PIX/administration.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-PIX/administration.s + +# target to build an object file +Cisco-Security-PIX/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-PIX/device.o + +# target to preprocess a source file +Cisco-Security-PIX/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-PIX/device.i + +# target to generate assembly for a file +Cisco-Security-PIX/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security-PIX/device.s + +# target to build an object file +Cisco-Security/administration.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/administration.o + +# target to preprocess a source file +Cisco-Security/administration.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/administration.i + +# target to generate assembly for a file +Cisco-Security/administration.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/administration.s + +# target to build an object file +Cisco-Security/authentication.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/authentication.o + +# target to preprocess a source file +Cisco-Security/authentication.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/authentication.i + +# target to generate assembly for a file +Cisco-Security/authentication.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/authentication.s + +# target to build an object file +Cisco-Security/banner.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/banner.o + +# target to preprocess a source file +Cisco-Security/banner.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/banner.i + +# target to generate assembly for a file +Cisco-Security/banner.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/banner.s + +# target to build an object file +Cisco-Security/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/device.o + +# target to preprocess a source file +Cisco-Security/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/device.i + +# target to generate assembly for a file +Cisco-Security/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/device.s + +# target to build an object file +Cisco-Security/dns.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/dns.o + +# target to preprocess a source file +Cisco-Security/dns.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/dns.i + +# target to generate assembly for a file +Cisco-Security/dns.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/dns.s + +# target to build an object file +Cisco-Security/filter.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/filter.o + +# target to preprocess a source file +Cisco-Security/filter.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/filter.i + +# target to generate assembly for a file +Cisco-Security/filter.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/filter.s + +# target to build an object file +Cisco-Security/general.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/general.o + +# target to preprocess a source file +Cisco-Security/general.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/general.i + +# target to generate assembly for a file +Cisco-Security/general.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/general.s + +# target to build an object file +Cisco-Security/interfaces.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/interfaces.o + +# target to preprocess a source file +Cisco-Security/interfaces.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/interfaces.i + +# target to generate assembly for a file +Cisco-Security/interfaces.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/interfaces.s + +# target to build an object file +Cisco-Security/snmp.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/snmp.o + +# target to preprocess a source file +Cisco-Security/snmp.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/snmp.i + +# target to generate assembly for a file +Cisco-Security/snmp.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Cisco-Security/snmp.s + +# target to build an object file +HP-ProCurve/administration.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/administration.o + +# target to preprocess a source file +HP-ProCurve/administration.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/administration.i + +# target to generate assembly for a file +HP-ProCurve/administration.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/administration.s + +# target to build an object file +HP-ProCurve/authentication.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/authentication.o + +# target to preprocess a source file +HP-ProCurve/authentication.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/authentication.i + +# target to generate assembly for a file +HP-ProCurve/authentication.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/authentication.s + +# target to build an object file +HP-ProCurve/banner.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/banner.o + +# target to preprocess a source file +HP-ProCurve/banner.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/banner.i + +# target to generate assembly for a file +HP-ProCurve/banner.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/banner.s + +# target to build an object file +HP-ProCurve/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/device.o + +# target to preprocess a source file +HP-ProCurve/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/device.i + +# target to generate assembly for a file +HP-ProCurve/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/device.s + +# target to build an object file +HP-ProCurve/dns.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/dns.o + +# target to preprocess a source file +HP-ProCurve/dns.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/dns.i + +# target to generate assembly for a file +HP-ProCurve/dns.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/dns.s + +# target to build an object file +HP-ProCurve/general.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/general.o + +# target to preprocess a source file +HP-ProCurve/general.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/general.i + +# target to generate assembly for a file +HP-ProCurve/general.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/general.s + +# target to build an object file +HP-ProCurve/interfaces.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/interfaces.o + +# target to preprocess a source file +HP-ProCurve/interfaces.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/interfaces.i + +# target to generate assembly for a file +HP-ProCurve/interfaces.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/interfaces.s + +# target to build an object file +HP-ProCurve/snmp-report.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.o + +# target to preprocess a source file +HP-ProCurve/snmp-report.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.i + +# target to generate assembly for a file +HP-ProCurve/snmp-report.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/snmp-report.s + +# target to build an object file +HP-ProCurve/snmp.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/snmp.o + +# target to preprocess a source file +HP-ProCurve/snmp.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/snmp.i + +# target to generate assembly for a file +HP-ProCurve/snmp.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/HP-ProCurve/snmp.s + +# target to build an object file +Juniper-ScreenOS/administration-report.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.o + +# target to preprocess a source file +Juniper-ScreenOS/administration-report.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.i + +# target to generate assembly for a file +Juniper-ScreenOS/administration-report.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/administration-report.s + +# target to build an object file +Juniper-ScreenOS/administration.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.o + +# target to preprocess a source file +Juniper-ScreenOS/administration.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.i + +# target to generate assembly for a file +Juniper-ScreenOS/administration.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/administration.s + +# target to build an object file +Juniper-ScreenOS/authentication.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.o + +# target to preprocess a source file +Juniper-ScreenOS/authentication.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.i + +# target to generate assembly for a file +Juniper-ScreenOS/authentication.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/authentication.s + +# target to build an object file +Juniper-ScreenOS/banner.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.o + +# target to preprocess a source file +Juniper-ScreenOS/banner.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.i + +# target to generate assembly for a file +Juniper-ScreenOS/banner.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/banner.s + +# target to build an object file +Juniper-ScreenOS/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/device.o + +# target to preprocess a source file +Juniper-ScreenOS/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/device.i + +# target to generate assembly for a file +Juniper-ScreenOS/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/device.s + +# target to build an object file +Juniper-ScreenOS/dns.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.o + +# target to preprocess a source file +Juniper-ScreenOS/dns.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.i + +# target to generate assembly for a file +Juniper-ScreenOS/dns.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/dns.s + +# target to build an object file +Juniper-ScreenOS/filter.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.o + +# target to preprocess a source file +Juniper-ScreenOS/filter.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.i + +# target to generate assembly for a file +Juniper-ScreenOS/filter.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/filter.s + +# target to build an object file +Juniper-ScreenOS/general.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/general.o + +# target to preprocess a source file +Juniper-ScreenOS/general.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/general.i + +# target to generate assembly for a file +Juniper-ScreenOS/general.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/general.s + +# target to build an object file +Juniper-ScreenOS/interfaces.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.o + +# target to preprocess a source file +Juniper-ScreenOS/interfaces.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.i + +# target to generate assembly for a file +Juniper-ScreenOS/interfaces.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/interfaces.s + +# target to build an object file +Juniper-ScreenOS/snmp.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.o + +# target to preprocess a source file +Juniper-ScreenOS/snmp.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.i + +# target to generate assembly for a file +Juniper-ScreenOS/snmp.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Juniper-ScreenOS/snmp.s + +# target to build an object file +Nokia-IP/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nokia-IP/device.o + +# target to preprocess a source file +Nokia-IP/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nokia-IP/device.i + +# target to generate assembly for a file +Nokia-IP/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nokia-IP/device.s + +# target to build an object file +Nortel-Passport/administration.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/administration.o + +# target to preprocess a source file +Nortel-Passport/administration.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/administration.i + +# target to generate assembly for a file +Nortel-Passport/administration.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/administration.s + +# target to build an object file +Nortel-Passport/banner.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/banner.o + +# target to preprocess a source file +Nortel-Passport/banner.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/banner.i + +# target to generate assembly for a file +Nortel-Passport/banner.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/banner.s + +# target to build an object file +Nortel-Passport/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/device.o + +# target to preprocess a source file +Nortel-Passport/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/device.i + +# target to generate assembly for a file +Nortel-Passport/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/device.s + +# target to build an object file +Nortel-Passport/filter.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/filter.o + +# target to preprocess a source file +Nortel-Passport/filter.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/filter.i + +# target to generate assembly for a file +Nortel-Passport/filter.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/filter.s + +# target to build an object file +Nortel-Passport/general.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/general.o + +# target to preprocess a source file +Nortel-Passport/general.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/general.i + +# target to generate assembly for a file +Nortel-Passport/general.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/general.s + +# target to build an object file +Nortel-Passport/interfaces.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/interfaces.o + +# target to preprocess a source file +Nortel-Passport/interfaces.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/interfaces.i + +# target to generate assembly for a file +Nortel-Passport/interfaces.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/interfaces.s + +# target to build an object file +Nortel-Passport/snmp.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/snmp.o + +# target to preprocess a source file +Nortel-Passport/snmp.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/snmp.i + +# target to generate assembly for a file +Nortel-Passport/snmp.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-Passport/snmp.s + +# target to build an object file +Nortel-RoutingSwitch/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.o + +# target to preprocess a source file +Nortel-RoutingSwitch/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.i + +# target to generate assembly for a file +Nortel-RoutingSwitch/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/Nortel-RoutingSwitch/device.s + +# target to build an object file +SonicWALL-SonicOS/administration-report.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.o + +# target to preprocess a source file +SonicWALL-SonicOS/administration-report.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.i + +# target to generate assembly for a file +SonicWALL-SonicOS/administration-report.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration-report.s + +# target to build an object file +SonicWALL-SonicOS/administration.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.o + +# target to preprocess a source file +SonicWALL-SonicOS/administration.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.i + +# target to generate assembly for a file +SonicWALL-SonicOS/administration.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/administration.s + +# target to build an object file +SonicWALL-SonicOS/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.o + +# target to preprocess a source file +SonicWALL-SonicOS/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.i + +# target to generate assembly for a file +SonicWALL-SonicOS/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/device.s + +# target to build an object file +SonicWALL-SonicOS/dns.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.o + +# target to preprocess a source file +SonicWALL-SonicOS/dns.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.i + +# target to generate assembly for a file +SonicWALL-SonicOS/dns.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/dns.s + +# target to build an object file +SonicWALL-SonicOS/filter.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.o + +# target to preprocess a source file +SonicWALL-SonicOS/filter.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.i + +# target to generate assembly for a file +SonicWALL-SonicOS/filter.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/filter.s + +# target to build an object file +SonicWALL-SonicOS/general.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.o + +# target to preprocess a source file +SonicWALL-SonicOS/general.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.i + +# target to generate assembly for a file +SonicWALL-SonicOS/general.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/general.s + +# target to build an object file +SonicWALL-SonicOS/snmp.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.o + +# target to preprocess a source file +SonicWALL-SonicOS/snmp.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.i + +# target to generate assembly for a file +SonicWALL-SonicOS/snmp.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/SonicWALL-SonicOS/snmp.s + +# target to build an object file +config.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/config.o + +# target to preprocess a source file +config.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/config.i + +# target to generate assembly for a file +config.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/config.s + +# target to build an object file +device/administration/administration-bootp.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-bootp.o + +# target to preprocess a source file +device/administration/administration-bootp.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-bootp.i + +# target to generate assembly for a file +device/administration/administration-bootp.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-bootp.s + +# target to build an object file +device/administration/administration-finger.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-finger.o + +# target to preprocess a source file +device/administration/administration-finger.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-finger.i + +# target to generate assembly for a file +device/administration/administration-finger.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-finger.s + +# target to build an object file +device/administration/administration-ftp.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-ftp.o + +# target to preprocess a source file +device/administration/administration-ftp.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-ftp.i + +# target to generate assembly for a file +device/administration/administration-ftp.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-ftp.s + +# target to build an object file +device/administration/administration-general.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-general.o + +# target to preprocess a source file +device/administration/administration-general.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-general.i + +# target to generate assembly for a file +device/administration/administration-general.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-general.s + +# target to build an object file +device/administration/administration-hosts.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-hosts.o + +# target to preprocess a source file +device/administration/administration-hosts.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-hosts.i + +# target to generate assembly for a file +device/administration/administration-hosts.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-hosts.s + +# target to build an object file +device/administration/administration-http.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-http.o + +# target to preprocess a source file +device/administration/administration-http.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-http.i + +# target to generate assembly for a file +device/administration/administration-http.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-http.s + +# target to build an object file +device/administration/administration-ssh.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-ssh.o + +# target to preprocess a source file +device/administration/administration-ssh.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-ssh.i + +# target to generate assembly for a file +device/administration/administration-ssh.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-ssh.s + +# target to build an object file +device/administration/administration-telnet.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-telnet.o + +# target to preprocess a source file +device/administration/administration-telnet.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-telnet.i + +# target to generate assembly for a file +device/administration/administration-telnet.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-telnet.s + +# target to build an object file +device/administration/administration-tftp.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-tftp.o + +# target to preprocess a source file +device/administration/administration-tftp.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-tftp.i + +# target to generate assembly for a file +device/administration/administration-tftp.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-tftp.s + +# target to build an object file +device/administration/administration-timeout.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-timeout.o + +# target to preprocess a source file +device/administration/administration-timeout.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-timeout.i + +# target to generate assembly for a file +device/administration/administration-timeout.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration-timeout.s + +# target to build an object file +device/administration/administration.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration.o + +# target to preprocess a source file +device/administration/administration.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration.i + +# target to generate assembly for a file +device/administration/administration.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/administration/administration.s + +# target to build an object file +device/authentication/authentication-general.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-general.o + +# target to preprocess a source file +device/authentication/authentication-general.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-general.i + +# target to generate assembly for a file +device/authentication/authentication-general.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-general.s + +# target to build an object file +device/authentication/authentication-kerberos.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.o + +# target to preprocess a source file +device/authentication/authentication-kerberos.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.i + +# target to generate assembly for a file +device/authentication/authentication-kerberos.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-kerberos.s + +# target to build an object file +device/authentication/authentication-ldap.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-ldap.o + +# target to preprocess a source file +device/authentication/authentication-ldap.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-ldap.i + +# target to generate assembly for a file +device/authentication/authentication-ldap.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-ldap.s + +# target to build an object file +device/authentication/authentication-nt.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-nt.o + +# target to preprocess a source file +device/authentication/authentication-nt.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-nt.i + +# target to generate assembly for a file +device/authentication/authentication-nt.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-nt.s + +# target to build an object file +device/authentication/authentication-radius.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-radius.o + +# target to preprocess a source file +device/authentication/authentication-radius.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-radius.i + +# target to generate assembly for a file +device/authentication/authentication-radius.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-radius.s + +# target to build an object file +device/authentication/authentication-securid.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-securid.o + +# target to preprocess a source file +device/authentication/authentication-securid.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-securid.i + +# target to generate assembly for a file +device/authentication/authentication-securid.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-securid.s + +# target to build an object file +device/authentication/authentication-tacacs.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.o + +# target to preprocess a source file +device/authentication/authentication-tacacs.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.i + +# target to generate assembly for a file +device/authentication/authentication-tacacs.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-tacacs.s + +# target to build an object file +device/authentication/authentication-users.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-users.o + +# target to preprocess a source file +device/authentication/authentication-users.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-users.i + +# target to generate assembly for a file +device/authentication/authentication-users.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication-users.s + +# target to build an object file +device/authentication/authentication.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication.o + +# target to preprocess a source file +device/authentication/authentication.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication.i + +# target to generate assembly for a file +device/authentication/authentication.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/authentication/authentication.s + +# target to build an object file +device/banner/banner-report.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/banner/banner-report.o + +# target to preprocess a source file +device/banner/banner-report.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/banner/banner-report.i + +# target to generate assembly for a file +device/banner/banner-report.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/banner/banner-report.s + +# target to build an object file +device/banner/banner.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/banner/banner.o + +# target to preprocess a source file +device/banner/banner.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/banner/banner.i + +# target to generate assembly for a file +device/banner/banner.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/banner/banner.s + +# target to build an object file +device/common/configline.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/configline.o + +# target to preprocess a source file +device/common/configline.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/configline.i + +# target to generate assembly for a file +device/common/configline.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/configline.s + +# target to build an object file +device/common/deviceconfig.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/deviceconfig.o + +# target to preprocess a source file +device/common/deviceconfig.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/deviceconfig.i + +# target to generate assembly for a file +device/common/deviceconfig.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/deviceconfig.s + +# target to build an object file +device/common/file.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/file.o + +# target to preprocess a source file +device/common/file.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/file.i + +# target to generate assembly for a file +device/common/file.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/file.s + +# target to build an object file +device/common/misc.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/misc.o + +# target to preprocess a source file +device/common/misc.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/misc.i + +# target to generate assembly for a file +device/common/misc.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/misc.s + +# target to build an object file +device/common/paragraph.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/paragraph.o + +# target to preprocess a source file +device/common/paragraph.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/paragraph.i + +# target to generate assembly for a file +device/common/paragraph.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/paragraph.s + +# target to build an object file +device/common/passwords.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/passwords.o + +# target to preprocess a source file +device/common/passwords.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/passwords.i + +# target to generate assembly for a file +device/common/passwords.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/passwords.s + +# target to build an object file +device/common/tables.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/tables.o + +# target to preprocess a source file +device/common/tables.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/tables.i + +# target to generate assembly for a file +device/common/tables.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/common/tables.s + +# target to build an object file +device/crypto/crypto-base64.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/crypto/crypto-base64.o + +# target to preprocess a source file +device/crypto/crypto-base64.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/crypto/crypto-base64.i + +# target to generate assembly for a file +device/crypto/crypto-base64.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/crypto/crypto-base64.s + +# target to build an object file +device/crypto/crypto-ciscotype7.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.o + +# target to preprocess a source file +device/crypto/crypto-ciscotype7.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.i + +# target to generate assembly for a file +device/crypto/crypto-ciscotype7.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/crypto/crypto-ciscotype7.s + +# target to build an object file +device/crypto/crypto-url.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/crypto/crypto-url.o + +# target to preprocess a source file +device/crypto/crypto-url.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/crypto/crypto-url.i + +# target to generate assembly for a file +device/crypto/crypto-url.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/crypto/crypto-url.s + +# target to build an object file +device/device.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/device.o + +# target to preprocess a source file +device/device.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/device.i + +# target to generate assembly for a file +device/device.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/device.s + +# target to build an object file +device/dns/dns-report.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/dns/dns-report.o + +# target to preprocess a source file +device/dns/dns-report.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/dns/dns-report.i + +# target to generate assembly for a file +device/dns/dns-report.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/dns/dns-report.s + +# target to build an object file +device/dns/dns.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/dns/dns.o + +# target to preprocess a source file +device/dns/dns.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/dns/dns.i + +# target to generate assembly for a file +device/dns/dns.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/dns/dns.s + +# target to build an object file +device/filter/filter-filter-report.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-filter-report.o + +# target to preprocess a source file +device/filter/filter-filter-report.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-filter-report.i + +# target to generate assembly for a file +device/filter/filter-filter-report.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-filter-report.s + +# target to build an object file +device/filter/filter-filter.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-filter.o + +# target to preprocess a source file +device/filter/filter-filter.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-filter.i + +# target to generate assembly for a file +device/filter/filter-filter.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-filter.s + +# target to build an object file +device/filter/filter-object-report.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-object-report.o + +# target to preprocess a source file +device/filter/filter-object-report.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-object-report.i + +# target to generate assembly for a file +device/filter/filter-object-report.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-object-report.s + +# target to build an object file +device/filter/filter-object.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-object.o + +# target to preprocess a source file +device/filter/filter-object.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-object.i + +# target to generate assembly for a file +device/filter/filter-object.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-object.s + +# target to build an object file +device/filter/filter-security-report.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-security-report.o + +# target to preprocess a source file +device/filter/filter-security-report.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-security-report.i + +# target to generate assembly for a file +device/filter/filter-security-report.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-security-report.s + +# target to build an object file +device/filter/filter-security.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-security.o + +# target to preprocess a source file +device/filter/filter-security.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-security.i + +# target to generate assembly for a file +device/filter/filter-security.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter-security.s + +# target to build an object file +device/filter/filter.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter.o + +# target to preprocess a source file +device/filter/filter.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter.i + +# target to generate assembly for a file +device/filter/filter.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/filter/filter.s + +# target to build an object file +device/general/general.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/general/general.o + +# target to preprocess a source file +device/general/general.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/general/general.i + +# target to generate assembly for a file +device/general/general.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/general/general.s + +# target to build an object file +device/interfaces/interfaces-interface.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.o + +# target to preprocess a source file +device/interfaces/interfaces-interface.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.i + +# target to generate assembly for a file +device/interfaces/interfaces-interface.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces-interface.s + +# target to build an object file +device/interfaces/interfaces-report.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces-report.o + +# target to preprocess a source file +device/interfaces/interfaces-report.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces-report.i + +# target to generate assembly for a file +device/interfaces/interfaces-report.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces-report.s + +# target to build an object file +device/interfaces/interfaces-security.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces-security.o + +# target to preprocess a source file +device/interfaces/interfaces-security.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces-security.i + +# target to generate assembly for a file +device/interfaces/interfaces-security.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces-security.s + +# target to build an object file +device/interfaces/interfaces.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces.o + +# target to preprocess a source file +device/interfaces/interfaces.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces.i + +# target to generate assembly for a file +device/interfaces/interfaces.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/interfaces/interfaces.s + +# target to build an object file +device/reportgen/report-abbreviations.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.o + +# target to preprocess a source file +device/reportgen/report-abbreviations.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.i + +# target to generate assembly for a file +device/reportgen/report-abbreviations.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-abbreviations.s + +# target to build an object file +device/reportgen/report-commonports.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-commonports.o + +# target to preprocess a source file +device/reportgen/report-commonports.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-commonports.i + +# target to generate assembly for a file +device/reportgen/report-commonports.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-commonports.s + +# target to build an object file +device/reportgen/report-icmp.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-icmp.o + +# target to preprocess a source file +device/reportgen/report-icmp.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-icmp.i + +# target to generate assembly for a file +device/reportgen/report-icmp.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-icmp.s + +# target to build an object file +device/reportgen/report-logginglevels.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.o + +# target to preprocess a source file +device/reportgen/report-logginglevels.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.i + +# target to generate assembly for a file +device/reportgen/report-logginglevels.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-logginglevels.s + +# target to build an object file +device/reportgen/report-misc.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-misc.o + +# target to preprocess a source file +device/reportgen/report-misc.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-misc.i + +# target to generate assembly for a file +device/reportgen/report-misc.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-misc.s + +# target to build an object file +device/reportgen/report-numbering.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-numbering.o + +# target to preprocess a source file +device/reportgen/report-numbering.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-numbering.i + +# target to generate assembly for a file +device/reportgen/report-numbering.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-numbering.s + +# target to build an object file +device/reportgen/report-protocols.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-protocols.o + +# target to preprocess a source file +device/reportgen/report-protocols.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-protocols.i + +# target to generate assembly for a file +device/reportgen/report-protocols.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report-protocols.s + +# target to build an object file +device/reportgen/report.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report.o + +# target to preprocess a source file +device/reportgen/report.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report.i + +# target to generate assembly for a file +device/reportgen/report.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/reportgen/report.s + +# target to build an object file +device/snmp/snmp-community.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-community.o + +# target to preprocess a source file +device/snmp/snmp-community.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-community.i + +# target to generate assembly for a file +device/snmp/snmp-community.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-community.s + +# target to build an object file +device/snmp/snmp-group.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-group.o + +# target to preprocess a source file +device/snmp/snmp-group.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-group.i + +# target to generate assembly for a file +device/snmp/snmp-group.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-group.s + +# target to build an object file +device/snmp/snmp-host.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-host.o + +# target to preprocess a source file +device/snmp/snmp-host.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-host.i + +# target to generate assembly for a file +device/snmp/snmp-host.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-host.s + +# target to build an object file +device/snmp/snmp-misc-issues.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.o + +# target to preprocess a source file +device/snmp/snmp-misc-issues.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.i + +# target to generate assembly for a file +device/snmp/snmp-misc-issues.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-misc-issues.s + +# target to build an object file +device/snmp/snmp-traps.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-traps.o + +# target to preprocess a source file +device/snmp/snmp-traps.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-traps.i + +# target to generate assembly for a file +device/snmp/snmp-traps.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-traps.s + +# target to build an object file +device/snmp/snmp-user.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-user.o + +# target to preprocess a source file +device/snmp/snmp-user.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-user.i + +# target to generate assembly for a file +device/snmp/snmp-user.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-user.s + +# target to build an object file +device/snmp/snmp-view.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-view.o + +# target to preprocess a source file +device/snmp/snmp-view.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-view.i + +# target to generate assembly for a file +device/snmp/snmp-view.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp-view.s + +# target to build an object file +device/snmp/snmp.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp.o + +# target to preprocess a source file +device/snmp/snmp.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp.i + +# target to generate assembly for a file +device/snmp/snmp.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/device/snmp/snmp.s + +# target to build an object file +libnipper.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/libnipper.o + +# target to preprocess a source file +libnipper.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/libnipper.i + +# target to generate assembly for a file +libnipper.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/libnipper.s + +# target to build an object file +report/report-contents.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-contents.o + +# target to preprocess a source file +report/report-contents.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-contents.i + +# target to generate assembly for a file +report/report-contents.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-contents.s + +# target to build an object file +report/report-frontpage.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-frontpage.o + +# target to preprocess a source file +report/report-frontpage.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-frontpage.i + +# target to generate assembly for a file +report/report-frontpage.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-frontpage.s + +# target to build an object file +report/report-functions.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-functions.o + +# target to preprocess a source file +report/report-functions.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-functions.i + +# target to generate assembly for a file +report/report-functions.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-functions.s + +# target to build an object file +report/report-introduction.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-introduction.o + +# target to preprocess a source file +report/report-introduction.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-introduction.i + +# target to generate assembly for a file +report/report-introduction.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-introduction.s + +# target to build an object file +report/report-list.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-list.o + +# target to preprocess a source file +report/report-list.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-list.i + +# target to generate assembly for a file +report/report-list.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-list.s + +# target to build an object file +report/report-section-appendix.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-appendix.o + +# target to preprocess a source file +report/report-section-appendix.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-appendix.i + +# target to generate assembly for a file +report/report-section-appendix.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-appendix.s + +# target to build an object file +report/report-section-compliance.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-compliance.o + +# target to preprocess a source file +report/report-section-compliance.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-compliance.i + +# target to generate assembly for a file +report/report-section-compliance.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-compliance.s + +# target to build an object file +report/report-section-config.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-config.o + +# target to preprocess a source file +report/report-section-config.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-config.i + +# target to generate assembly for a file +report/report-section-config.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-config.s + +# target to build an object file +report/report-section-security.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-security.o + +# target to preprocess a source file +report/report-section-security.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-security.i + +# target to generate assembly for a file +report/report-section-security.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-section-security.s + +# target to build an object file +report/report-start.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-start.o + +# target to preprocess a source file +report/report-start.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-start.i + +# target to generate assembly for a file +report/report-start.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-start.s + +# target to build an object file +report/report-table.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-table.o + +# target to preprocess a source file +report/report-table.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-table.i + +# target to generate assembly for a file +report/report-table.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-table.s + +# target to build an object file +report/report-text.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-text.o + +# target to preprocess a source file +report/report-text.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-text.i + +# target to generate assembly for a file +report/report-text.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-text.s + +# target to build an object file +report/report-titles.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-titles.o + +# target to preprocess a source file +report/report-titles.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-titles.i + +# target to generate assembly for a file +report/report-titles.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report-titles.s + +# target to build an object file +report/report.o: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report.o + +# target to preprocess a source file +report/report.i: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report.i + +# target to generate assembly for a file +report/report.s: + $(MAKE) -f CMakeFiles/nipper.dir/build.make CMakeFiles/nipper.dir/report/report.s + +# Help Target +help:: + @echo "The following are some of the valid targets for this Makefile:" + @echo "... all (the default if no target is provided)" + @echo "... clean" + @echo "... depend" + @echo "... edit_cache" + @echo "... install" + @echo "... install/local" + @echo "... list_install_components" + @echo "... nipper" + @echo "... rebuild_cache" + @echo "... 3Com-SuperStack3-Firewall/device.o" + @echo "... 3Com-SuperStack3-Firewall/device.i" + @echo "... 3Com-SuperStack3-Firewall/device.s" + @echo "... BayNetworks-Accelar/device.o" + @echo "... BayNetworks-Accelar/device.i" + @echo "... BayNetworks-Accelar/device.s" + @echo "... CheckPoint-Firewall/device.o" + @echo "... CheckPoint-Firewall/device.i" + @echo "... CheckPoint-Firewall/device.s" + @echo "... CheckPoint-Management/device.o" + @echo "... CheckPoint-Management/device.i" + @echo "... CheckPoint-Management/device.s" + @echo "... CheckPoint/device-policies.o" + @echo "... CheckPoint/device-policies.i" + @echo "... CheckPoint/device-policies.s" + @echo "... CheckPoint/device.o" + @echo "... CheckPoint/device.i" + @echo "... CheckPoint/device.s" + @echo "... CheckPoint/filter-objects.o" + @echo "... CheckPoint/filter-objects.i" + @echo "... CheckPoint/filter-objects.s" + @echo "... CheckPoint/filter-rules.o" + @echo "... CheckPoint/filter-rules.i" + @echo "... CheckPoint/filter-rules.s" + @echo "... CheckPoint/filter-services.o" + @echo "... CheckPoint/filter-services.i" + @echo "... CheckPoint/filter-services.s" + @echo "... CheckPoint/filter.o" + @echo "... CheckPoint/filter.i" + @echo "... CheckPoint/filter.s" + @echo "... CheckPoint/general.o" + @echo "... CheckPoint/general.i" + @echo "... CheckPoint/general.s" + @echo "... Cisco-CSS/administration.o" + @echo "... Cisco-CSS/administration.i" + @echo "... Cisco-CSS/administration.s" + @echo "... Cisco-CSS/authentication.o" + @echo "... Cisco-CSS/authentication.i" + @echo "... Cisco-CSS/authentication.s" + @echo "... Cisco-CSS/banner.o" + @echo "... Cisco-CSS/banner.i" + @echo "... Cisco-CSS/banner.s" + @echo "... Cisco-CSS/device.o" + @echo "... Cisco-CSS/device.i" + @echo "... Cisco-CSS/device.s" + @echo "... Cisco-CSS/dns.o" + @echo "... Cisco-CSS/dns.i" + @echo "... Cisco-CSS/dns.s" + @echo "... Cisco-CSS/filter.o" + @echo "... Cisco-CSS/filter.i" + @echo "... Cisco-CSS/filter.s" + @echo "... Cisco-CSS/general.o" + @echo "... Cisco-CSS/general.i" + @echo "... Cisco-CSS/general.s" + @echo "... Cisco-CSS/interfaces.o" + @echo "... Cisco-CSS/interfaces.i" + @echo "... Cisco-CSS/interfaces.s" + @echo "... Cisco-CSS/snmp-report.o" + @echo "... Cisco-CSS/snmp-report.i" + @echo "... Cisco-CSS/snmp-report.s" + @echo "... Cisco-CSS/snmp.o" + @echo "... Cisco-CSS/snmp.i" + @echo "... Cisco-CSS/snmp.s" + @echo "... Cisco-Catalyst-CatOS/device.o" + @echo "... Cisco-Catalyst-CatOS/device.i" + @echo "... Cisco-Catalyst-CatOS/device.s" + @echo "... Cisco-Catalyst-NMP/device.o" + @echo "... Cisco-Catalyst-NMP/device.i" + @echo "... Cisco-Catalyst-NMP/device.s" + @echo "... Cisco-Catalyst/administration.o" + @echo "... Cisco-Catalyst/administration.i" + @echo "... Cisco-Catalyst/administration.s" + @echo "... Cisco-Catalyst/authentication.o" + @echo "... Cisco-Catalyst/authentication.i" + @echo "... Cisco-Catalyst/authentication.s" + @echo "... Cisco-Catalyst/banner.o" + @echo "... Cisco-Catalyst/banner.i" + @echo "... Cisco-Catalyst/banner.s" + @echo "... Cisco-Catalyst/device.o" + @echo "... Cisco-Catalyst/device.i" + @echo "... Cisco-Catalyst/device.s" + @echo "... Cisco-Catalyst/dns.o" + @echo "... Cisco-Catalyst/dns.i" + @echo "... Cisco-Catalyst/dns.s" + @echo "... Cisco-Catalyst/general.o" + @echo "... Cisco-Catalyst/general.i" + @echo "... Cisco-Catalyst/general.s" + @echo "... Cisco-Catalyst/interfaces.o" + @echo "... Cisco-Catalyst/interfaces.i" + @echo "... Cisco-Catalyst/interfaces.s" + @echo "... Cisco-Catalyst/snmp.o" + @echo "... Cisco-Catalyst/snmp.i" + @echo "... Cisco-Catalyst/snmp.s" + @echo "... Cisco-IOS-Catalyst/device.o" + @echo "... Cisco-IOS-Catalyst/device.i" + @echo "... Cisco-IOS-Catalyst/device.s" + @echo "... Cisco-IOS-Router/device.o" + @echo "... Cisco-IOS-Router/device.i" + @echo "... Cisco-IOS-Router/device.s" + @echo "... Cisco-IOS/administration-line.o" + @echo "... Cisco-IOS/administration-line.i" + @echo "... Cisco-IOS/administration-line.s" + @echo "... Cisco-IOS/administration-report.o" + @echo "... Cisco-IOS/administration-report.i" + @echo "... Cisco-IOS/administration-report.s" + @echo "... Cisco-IOS/administration-security.o" + @echo "... Cisco-IOS/administration-security.i" + @echo "... Cisco-IOS/administration-security.s" + @echo "... Cisco-IOS/administration.o" + @echo "... Cisco-IOS/administration.i" + @echo "... Cisco-IOS/administration.s" + @echo "... Cisco-IOS/authentication.o" + @echo "... Cisco-IOS/authentication.i" + @echo "... Cisco-IOS/authentication.s" + @echo "... Cisco-IOS/banner.o" + @echo "... Cisco-IOS/banner.i" + @echo "... Cisco-IOS/banner.s" + @echo "... Cisco-IOS/dns.o" + @echo "... Cisco-IOS/dns.i" + @echo "... Cisco-IOS/dns.s" + @echo "... Cisco-IOS/filter.o" + @echo "... Cisco-IOS/filter.i" + @echo "... Cisco-IOS/filter.s" + @echo "... Cisco-IOS/general.o" + @echo "... Cisco-IOS/general.i" + @echo "... Cisco-IOS/general.s" + @echo "... Cisco-IOS/interfaces.o" + @echo "... Cisco-IOS/interfaces.i" + @echo "... Cisco-IOS/interfaces.s" + @echo "... Cisco-IOS/iosdevice.o" + @echo "... Cisco-IOS/iosdevice.i" + @echo "... Cisco-IOS/iosdevice.s" + @echo "... Cisco-IOS/snmp-report.o" + @echo "... Cisco-IOS/snmp-report.i" + @echo "... Cisco-IOS/snmp-report.s" + @echo "... Cisco-IOS/snmp.o" + @echo "... Cisco-IOS/snmp.i" + @echo "... Cisco-IOS/snmp.s" + @echo "... Cisco-Security-ASA/administration.o" + @echo "... Cisco-Security-ASA/administration.i" + @echo "... Cisco-Security-ASA/administration.s" + @echo "... Cisco-Security-ASA/device.o" + @echo "... Cisco-Security-ASA/device.i" + @echo "... Cisco-Security-ASA/device.s" + @echo "... Cisco-Security-FWSM/administration.o" + @echo "... Cisco-Security-FWSM/administration.i" + @echo "... Cisco-Security-FWSM/administration.s" + @echo "... Cisco-Security-FWSM/device.o" + @echo "... Cisco-Security-FWSM/device.i" + @echo "... Cisco-Security-FWSM/device.s" + @echo "... Cisco-Security-PIX/administration.o" + @echo "... Cisco-Security-PIX/administration.i" + @echo "... Cisco-Security-PIX/administration.s" + @echo "... Cisco-Security-PIX/device.o" + @echo "... Cisco-Security-PIX/device.i" + @echo "... Cisco-Security-PIX/device.s" + @echo "... Cisco-Security/administration.o" + @echo "... Cisco-Security/administration.i" + @echo "... Cisco-Security/administration.s" + @echo "... Cisco-Security/authentication.o" + @echo "... Cisco-Security/authentication.i" + @echo "... Cisco-Security/authentication.s" + @echo "... Cisco-Security/banner.o" + @echo "... Cisco-Security/banner.i" + @echo "... Cisco-Security/banner.s" + @echo "... Cisco-Security/device.o" + @echo "... Cisco-Security/device.i" + @echo "... Cisco-Security/device.s" + @echo "... Cisco-Security/dns.o" + @echo "... Cisco-Security/dns.i" + @echo "... Cisco-Security/dns.s" + @echo "... Cisco-Security/filter.o" + @echo "... Cisco-Security/filter.i" + @echo "... Cisco-Security/filter.s" + @echo "... Cisco-Security/general.o" + @echo "... Cisco-Security/general.i" + @echo "... Cisco-Security/general.s" + @echo "... Cisco-Security/interfaces.o" + @echo "... Cisco-Security/interfaces.i" + @echo "... Cisco-Security/interfaces.s" + @echo "... Cisco-Security/snmp.o" + @echo "... Cisco-Security/snmp.i" + @echo "... Cisco-Security/snmp.s" + @echo "... HP-ProCurve/administration.o" + @echo "... HP-ProCurve/administration.i" + @echo "... HP-ProCurve/administration.s" + @echo "... HP-ProCurve/authentication.o" + @echo "... HP-ProCurve/authentication.i" + @echo "... HP-ProCurve/authentication.s" + @echo "... HP-ProCurve/banner.o" + @echo "... HP-ProCurve/banner.i" + @echo "... HP-ProCurve/banner.s" + @echo "... HP-ProCurve/device.o" + @echo "... HP-ProCurve/device.i" + @echo "... HP-ProCurve/device.s" + @echo "... HP-ProCurve/dns.o" + @echo "... HP-ProCurve/dns.i" + @echo "... HP-ProCurve/dns.s" + @echo "... HP-ProCurve/general.o" + @echo "... HP-ProCurve/general.i" + @echo "... HP-ProCurve/general.s" + @echo "... HP-ProCurve/interfaces.o" + @echo "... HP-ProCurve/interfaces.i" + @echo "... HP-ProCurve/interfaces.s" + @echo "... HP-ProCurve/snmp-report.o" + @echo "... HP-ProCurve/snmp-report.i" + @echo "... HP-ProCurve/snmp-report.s" + @echo "... HP-ProCurve/snmp.o" + @echo "... HP-ProCurve/snmp.i" + @echo "... HP-ProCurve/snmp.s" + @echo "... Juniper-ScreenOS/administration-report.o" + @echo "... Juniper-ScreenOS/administration-report.i" + @echo "... Juniper-ScreenOS/administration-report.s" + @echo "... Juniper-ScreenOS/administration.o" + @echo "... Juniper-ScreenOS/administration.i" + @echo "... Juniper-ScreenOS/administration.s" + @echo "... Juniper-ScreenOS/authentication.o" + @echo "... Juniper-ScreenOS/authentication.i" + @echo "... Juniper-ScreenOS/authentication.s" + @echo "... Juniper-ScreenOS/banner.o" + @echo "... Juniper-ScreenOS/banner.i" + @echo "... Juniper-ScreenOS/banner.s" + @echo "... Juniper-ScreenOS/device.o" + @echo "... Juniper-ScreenOS/device.i" + @echo "... Juniper-ScreenOS/device.s" + @echo "... Juniper-ScreenOS/dns.o" + @echo "... Juniper-ScreenOS/dns.i" + @echo "... Juniper-ScreenOS/dns.s" + @echo "... Juniper-ScreenOS/filter.o" + @echo "... Juniper-ScreenOS/filter.i" + @echo "... Juniper-ScreenOS/filter.s" + @echo "... Juniper-ScreenOS/general.o" + @echo "... Juniper-ScreenOS/general.i" + @echo "... Juniper-ScreenOS/general.s" + @echo "... Juniper-ScreenOS/interfaces.o" + @echo "... Juniper-ScreenOS/interfaces.i" + @echo "... Juniper-ScreenOS/interfaces.s" + @echo "... Juniper-ScreenOS/snmp.o" + @echo "... Juniper-ScreenOS/snmp.i" + @echo "... Juniper-ScreenOS/snmp.s" + @echo "... Nokia-IP/device.o" + @echo "... Nokia-IP/device.i" + @echo "... Nokia-IP/device.s" + @echo "... Nortel-Passport/administration.o" + @echo "... Nortel-Passport/administration.i" + @echo "... Nortel-Passport/administration.s" + @echo "... Nortel-Passport/banner.o" + @echo "... Nortel-Passport/banner.i" + @echo "... Nortel-Passport/banner.s" + @echo "... Nortel-Passport/device.o" + @echo "... Nortel-Passport/device.i" + @echo "... Nortel-Passport/device.s" + @echo "... Nortel-Passport/filter.o" + @echo "... Nortel-Passport/filter.i" + @echo "... Nortel-Passport/filter.s" + @echo "... Nortel-Passport/general.o" + @echo "... Nortel-Passport/general.i" + @echo "... Nortel-Passport/general.s" + @echo "... Nortel-Passport/interfaces.o" + @echo "... Nortel-Passport/interfaces.i" + @echo "... Nortel-Passport/interfaces.s" + @echo "... Nortel-Passport/snmp.o" + @echo "... Nortel-Passport/snmp.i" + @echo "... Nortel-Passport/snmp.s" + @echo "... Nortel-RoutingSwitch/device.o" + @echo "... Nortel-RoutingSwitch/device.i" + @echo "... Nortel-RoutingSwitch/device.s" + @echo "... SonicWALL-SonicOS/administration-report.o" + @echo "... SonicWALL-SonicOS/administration-report.i" + @echo "... SonicWALL-SonicOS/administration-report.s" + @echo "... SonicWALL-SonicOS/administration.o" + @echo "... SonicWALL-SonicOS/administration.i" + @echo "... SonicWALL-SonicOS/administration.s" + @echo "... SonicWALL-SonicOS/device.o" + @echo "... SonicWALL-SonicOS/device.i" + @echo "... SonicWALL-SonicOS/device.s" + @echo "... SonicWALL-SonicOS/dns.o" + @echo "... SonicWALL-SonicOS/dns.i" + @echo "... SonicWALL-SonicOS/dns.s" + @echo "... SonicWALL-SonicOS/filter.o" + @echo "... SonicWALL-SonicOS/filter.i" + @echo "... SonicWALL-SonicOS/filter.s" + @echo "... SonicWALL-SonicOS/general.o" + @echo "... SonicWALL-SonicOS/general.i" + @echo "... SonicWALL-SonicOS/general.s" + @echo "... SonicWALL-SonicOS/snmp.o" + @echo "... SonicWALL-SonicOS/snmp.i" + @echo "... SonicWALL-SonicOS/snmp.s" + @echo "... config.o" + @echo "... config.i" + @echo "... config.s" + @echo "... device/administration/administration-bootp.o" + @echo "... device/administration/administration-bootp.i" + @echo "... device/administration/administration-bootp.s" + @echo "... device/administration/administration-finger.o" + @echo "... device/administration/administration-finger.i" + @echo "... device/administration/administration-finger.s" + @echo "... device/administration/administration-ftp.o" + @echo "... device/administration/administration-ftp.i" + @echo "... device/administration/administration-ftp.s" + @echo "... device/administration/administration-general.o" + @echo "... device/administration/administration-general.i" + @echo "... device/administration/administration-general.s" + @echo "... device/administration/administration-hosts.o" + @echo "... device/administration/administration-hosts.i" + @echo "... device/administration/administration-hosts.s" + @echo "... device/administration/administration-http.o" + @echo "... device/administration/administration-http.i" + @echo "... device/administration/administration-http.s" + @echo "... device/administration/administration-ssh.o" + @echo "... device/administration/administration-ssh.i" + @echo "... device/administration/administration-ssh.s" + @echo "... device/administration/administration-telnet.o" + @echo "... device/administration/administration-telnet.i" + @echo "... device/administration/administration-telnet.s" + @echo "... device/administration/administration-tftp.o" + @echo "... device/administration/administration-tftp.i" + @echo "... device/administration/administration-tftp.s" + @echo "... device/administration/administration-timeout.o" + @echo "... device/administration/administration-timeout.i" + @echo "... device/administration/administration-timeout.s" + @echo "... device/administration/administration.o" + @echo "... device/administration/administration.i" + @echo "... device/administration/administration.s" + @echo "... device/authentication/authentication-general.o" + @echo "... device/authentication/authentication-general.i" + @echo "... device/authentication/authentication-general.s" + @echo "... device/authentication/authentication-kerberos.o" + @echo "... device/authentication/authentication-kerberos.i" + @echo "... device/authentication/authentication-kerberos.s" + @echo "... device/authentication/authentication-ldap.o" + @echo "... device/authentication/authentication-ldap.i" + @echo "... device/authentication/authentication-ldap.s" + @echo "... device/authentication/authentication-nt.o" + @echo "... device/authentication/authentication-nt.i" + @echo "... device/authentication/authentication-nt.s" + @echo "... device/authentication/authentication-radius.o" + @echo "... device/authentication/authentication-radius.i" + @echo "... device/authentication/authentication-radius.s" + @echo "... device/authentication/authentication-securid.o" + @echo "... device/authentication/authentication-securid.i" + @echo "... device/authentication/authentication-securid.s" + @echo "... device/authentication/authentication-tacacs.o" + @echo "... device/authentication/authentication-tacacs.i" + @echo "... device/authentication/authentication-tacacs.s" + @echo "... device/authentication/authentication-users.o" + @echo "... device/authentication/authentication-users.i" + @echo "... device/authentication/authentication-users.s" + @echo "... device/authentication/authentication.o" + @echo "... device/authentication/authentication.i" + @echo "... device/authentication/authentication.s" + @echo "... device/banner/banner-report.o" + @echo "... device/banner/banner-report.i" + @echo "... device/banner/banner-report.s" + @echo "... device/banner/banner.o" + @echo "... device/banner/banner.i" + @echo "... device/banner/banner.s" + @echo "... device/common/configline.o" + @echo "... device/common/configline.i" + @echo "... device/common/configline.s" + @echo "... device/common/deviceconfig.o" + @echo "... device/common/deviceconfig.i" + @echo "... device/common/deviceconfig.s" + @echo "... device/common/file.o" + @echo "... device/common/file.i" + @echo "... device/common/file.s" + @echo "... device/common/misc.o" + @echo "... device/common/misc.i" + @echo "... device/common/misc.s" + @echo "... device/common/paragraph.o" + @echo "... device/common/paragraph.i" + @echo "... device/common/paragraph.s" + @echo "... device/common/passwords.o" + @echo "... device/common/passwords.i" + @echo "... device/common/passwords.s" + @echo "... device/common/tables.o" + @echo "... device/common/tables.i" + @echo "... device/common/tables.s" + @echo "... device/crypto/crypto-base64.o" + @echo "... device/crypto/crypto-base64.i" + @echo "... device/crypto/crypto-base64.s" + @echo "... device/crypto/crypto-ciscotype7.o" + @echo "... device/crypto/crypto-ciscotype7.i" + @echo "... device/crypto/crypto-ciscotype7.s" + @echo "... device/crypto/crypto-url.o" + @echo "... device/crypto/crypto-url.i" + @echo "... device/crypto/crypto-url.s" + @echo "... device/device.o" + @echo "... device/device.i" + @echo "... device/device.s" + @echo "... device/dns/dns-report.o" + @echo "... device/dns/dns-report.i" + @echo "... device/dns/dns-report.s" + @echo "... device/dns/dns.o" + @echo "... device/dns/dns.i" + @echo "... device/dns/dns.s" + @echo "... device/filter/filter-filter-report.o" + @echo "... device/filter/filter-filter-report.i" + @echo "... device/filter/filter-filter-report.s" + @echo "... device/filter/filter-filter.o" + @echo "... device/filter/filter-filter.i" + @echo "... device/filter/filter-filter.s" + @echo "... device/filter/filter-object-report.o" + @echo "... device/filter/filter-object-report.i" + @echo "... device/filter/filter-object-report.s" + @echo "... device/filter/filter-object.o" + @echo "... device/filter/filter-object.i" + @echo "... device/filter/filter-object.s" + @echo "... device/filter/filter-security-report.o" + @echo "... device/filter/filter-security-report.i" + @echo "... device/filter/filter-security-report.s" + @echo "... device/filter/filter-security.o" + @echo "... device/filter/filter-security.i" + @echo "... device/filter/filter-security.s" + @echo "... device/filter/filter.o" + @echo "... device/filter/filter.i" + @echo "... device/filter/filter.s" + @echo "... device/general/general.o" + @echo "... device/general/general.i" + @echo "... device/general/general.s" + @echo "... device/interfaces/interfaces-interface.o" + @echo "... device/interfaces/interfaces-interface.i" + @echo "... device/interfaces/interfaces-interface.s" + @echo "... device/interfaces/interfaces-report.o" + @echo "... device/interfaces/interfaces-report.i" + @echo "... device/interfaces/interfaces-report.s" + @echo "... device/interfaces/interfaces-security.o" + @echo "... device/interfaces/interfaces-security.i" + @echo "... device/interfaces/interfaces-security.s" + @echo "... device/interfaces/interfaces.o" + @echo "... device/interfaces/interfaces.i" + @echo "... device/interfaces/interfaces.s" + @echo "... device/reportgen/report-abbreviations.o" + @echo "... device/reportgen/report-abbreviations.i" + @echo "... device/reportgen/report-abbreviations.s" + @echo "... device/reportgen/report-commonports.o" + @echo "... device/reportgen/report-commonports.i" + @echo "... device/reportgen/report-commonports.s" + @echo "... device/reportgen/report-icmp.o" + @echo "... device/reportgen/report-icmp.i" + @echo "... device/reportgen/report-icmp.s" + @echo "... device/reportgen/report-logginglevels.o" + @echo "... device/reportgen/report-logginglevels.i" + @echo "... device/reportgen/report-logginglevels.s" + @echo "... device/reportgen/report-misc.o" + @echo "... device/reportgen/report-misc.i" + @echo "... device/reportgen/report-misc.s" + @echo "... device/reportgen/report-numbering.o" + @echo "... device/reportgen/report-numbering.i" + @echo "... device/reportgen/report-numbering.s" + @echo "... device/reportgen/report-protocols.o" + @echo "... device/reportgen/report-protocols.i" + @echo "... device/reportgen/report-protocols.s" + @echo "... device/reportgen/report.o" + @echo "... device/reportgen/report.i" + @echo "... device/reportgen/report.s" + @echo "... device/snmp/snmp-community.o" + @echo "... device/snmp/snmp-community.i" + @echo "... device/snmp/snmp-community.s" + @echo "... device/snmp/snmp-group.o" + @echo "... device/snmp/snmp-group.i" + @echo "... device/snmp/snmp-group.s" + @echo "... device/snmp/snmp-host.o" + @echo "... device/snmp/snmp-host.i" + @echo "... device/snmp/snmp-host.s" + @echo "... device/snmp/snmp-misc-issues.o" + @echo "... device/snmp/snmp-misc-issues.i" + @echo "... device/snmp/snmp-misc-issues.s" + @echo "... device/snmp/snmp-traps.o" + @echo "... device/snmp/snmp-traps.i" + @echo "... device/snmp/snmp-traps.s" + @echo "... device/snmp/snmp-user.o" + @echo "... device/snmp/snmp-user.i" + @echo "... device/snmp/snmp-user.s" + @echo "... device/snmp/snmp-view.o" + @echo "... device/snmp/snmp-view.i" + @echo "... device/snmp/snmp-view.s" + @echo "... device/snmp/snmp.o" + @echo "... device/snmp/snmp.i" + @echo "... device/snmp/snmp.s" + @echo "... libnipper.o" + @echo "... libnipper.i" + @echo "... libnipper.s" + @echo "... report/report-contents.o" + @echo "... report/report-contents.i" + @echo "... report/report-contents.s" + @echo "... report/report-frontpage.o" + @echo "... report/report-frontpage.i" + @echo "... report/report-frontpage.s" + @echo "... report/report-functions.o" + @echo "... report/report-functions.i" + @echo "... report/report-functions.s" + @echo "... report/report-introduction.o" + @echo "... report/report-introduction.i" + @echo "... report/report-introduction.s" + @echo "... report/report-list.o" + @echo "... report/report-list.i" + @echo "... report/report-list.s" + @echo "... report/report-section-appendix.o" + @echo "... report/report-section-appendix.i" + @echo "... report/report-section-appendix.s" + @echo "... report/report-section-compliance.o" + @echo "... report/report-section-compliance.i" + @echo "... report/report-section-compliance.s" + @echo "... report/report-section-config.o" + @echo "... report/report-section-config.i" + @echo "... report/report-section-config.s" + @echo "... report/report-section-security.o" + @echo "... report/report-section-security.i" + @echo "... report/report-section-security.s" + @echo "... report/report-start.o" + @echo "... report/report-start.i" + @echo "... report/report-start.s" + @echo "... report/report-table.o" + @echo "... report/report-table.i" + @echo "... report/report-table.s" + @echo "... report/report-text.o" + @echo "... report/report-text.i" + @echo "... report/report-text.s" + @echo "... report/report-titles.o" + @echo "... report/report-titles.i" + @echo "... report/report-titles.s" + @echo "... report/report.o" + @echo "... report/report.i" + @echo "... report/report.s" + + + +#============================================================================= +# Special targets to cleanup operation of make. + +# Special rule to run CMake to check the build system integrity. +# No rule that depends on this can have commands that come from listfiles +# because they might be regenerated. +cmake_check_build_system: + $(CMAKE_COMMAND) -H$(CMAKE_SOURCE_DIR) -B$(CMAKE_BINARY_DIR) --check-build-system CMakeFiles/Makefile.cmake 0 + diff --git a/libnipper-0.12.6/Nokia-IP/.svn/all-wcprops b/libnipper-0.12.6/Nokia-IP/.svn/all-wcprops new file mode 100644 index 0000000..3411ee1 --- /dev/null +++ b/libnipper-0.12.6/Nokia-IP/.svn/all-wcprops @@ -0,0 +1,17 @@ +K 25 +svn:wc:ra_dav:version-url +V 47 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nokia-IP +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 58 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nokia-IP/device.cpp +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 56 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nokia-IP/device.h +END diff --git a/libnipper-0.12.6/Nokia-IP/.svn/entries b/libnipper-0.12.6/Nokia-IP/.svn/entries new file mode 100644 index 0000000..4c220ef --- /dev/null +++ b/libnipper-0.12.6/Nokia-IP/.svn/entries @@ -0,0 +1,96 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/Nokia-IP +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device.cpp +file + + + + +2016-02-13T06:47:11.080158Z +b667e831f2b56d054fbce2d4bc2a936e +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2454 + +device.h +file + + + + +2016-02-13T06:47:11.080158Z +fa520f79422b48852769bf0e5d508bad +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2490 + diff --git a/libnipper-0.12.6/Nokia-IP/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/Nokia-IP/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..e60ef7b --- /dev/null +++ b/libnipper-0.12.6/Nokia-IP/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,42 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include "device.h" + + +NokiaIPDevice::NokiaIPDevice() +{ + deviceMake = "Nokia"; + deviceType = "IP Firewall"; + deviceOS = "IPSO"; +} + diff --git a/libnipper-0.12.6/Nokia-IP/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/Nokia-IP/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..3acec2c --- /dev/null +++ b/libnipper-0.12.6/Nokia-IP/.svn/text-base/device.h.svn-base @@ -0,0 +1,47 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_NokiaIP_H +#define device_NokiaIP_H + + +#include "../CheckPoint/device.h" + + +class NokiaIPDevice : public CheckPointDevice +{ + public: + NokiaIPDevice(); + +}; + + +#endif diff --git a/libnipper-0.12.6/Nokia-IP/device.cpp b/libnipper-0.12.6/Nokia-IP/device.cpp new file mode 100644 index 0000000..e60ef7b --- /dev/null +++ b/libnipper-0.12.6/Nokia-IP/device.cpp @@ -0,0 +1,42 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include "device.h" + + +NokiaIPDevice::NokiaIPDevice() +{ + deviceMake = "Nokia"; + deviceType = "IP Firewall"; + deviceOS = "IPSO"; +} + diff --git a/libnipper-0.12.6/Nokia-IP/device.h b/libnipper-0.12.6/Nokia-IP/device.h new file mode 100644 index 0000000..3acec2c --- /dev/null +++ b/libnipper-0.12.6/Nokia-IP/device.h @@ -0,0 +1,47 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_NokiaIP_H +#define device_NokiaIP_H + + +#include "../CheckPoint/device.h" + + +class NokiaIPDevice : public CheckPointDevice +{ + public: + NokiaIPDevice(); + +}; + + +#endif diff --git a/libnipper-0.12.6/Nortel-Passport/.svn/all-wcprops b/libnipper-0.12.6/Nortel-Passport/.svn/all-wcprops new file mode 100644 index 0000000..6ac80f7 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/.svn/all-wcprops @@ -0,0 +1,89 @@ +K 25 +svn:wc:ra_dav:version-url +V 54 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-Passport +END +interfaces.cpp +K 25 +svn:wc:ra_dav:version-url +V 69 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-Passport/interfaces.cpp +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 63 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-Passport/device.h +END +banner.cpp +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-Passport/banner.cpp +END +filter.cpp +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-Passport/filter.cpp +END +administration.cpp +K 25 +svn:wc:ra_dav:version-url +V 73 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-Passport/administration.cpp +END +interfaces.h +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-Passport/interfaces.h +END +banner.h +K 25 +svn:wc:ra_dav:version-url +V 63 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-Passport/banner.h +END +filter.h +K 25 +svn:wc:ra_dav:version-url +V 63 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-Passport/filter.h +END +administration.h +K 25 +svn:wc:ra_dav:version-url +V 71 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-Passport/administration.h +END +general.cpp +K 25 +svn:wc:ra_dav:version-url +V 66 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-Passport/general.cpp +END +snmp.cpp +K 25 +svn:wc:ra_dav:version-url +V 63 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-Passport/snmp.cpp +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-Passport/device.cpp +END +snmp.h +K 25 +svn:wc:ra_dav:version-url +V 61 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-Passport/snmp.h +END +general.h +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-Passport/general.h +END diff --git a/libnipper-0.12.6/Nortel-Passport/.svn/entries b/libnipper-0.12.6/Nortel-Passport/.svn/entries new file mode 100644 index 0000000..a6c47b3 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/.svn/entries @@ -0,0 +1,504 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/Nortel-Passport +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +banner.h +file + + + + +2016-02-13T06:47:11.472156Z +77263ac688d47c53a44b68eea5043536 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2538 + +filter.h +file + + + + +2016-02-13T06:47:11.472156Z +d723a3c416917fb005ab4c8d943bad5a +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2628 + +administration.h +file + + + + +2016-02-13T06:47:11.472156Z +d307654d590d621eb9b730bc77adb535 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3263 + +general.cpp +file + + + + +2016-02-13T06:47:11.472156Z +2814b30c6410d760a9707b3b090eb96e +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +9107 + +snmp.cpp +file + + + + +2016-02-13T06:47:11.472156Z +50156bca2427f87b0ca94faca85aea2e +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +9211 + +device.cpp +file + + + + +2016-02-13T06:47:11.472156Z +0c2a7113524d583c1e1e2d88b323f86e +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7135 + +snmp.h +file + + + + +2016-02-13T06:47:11.472156Z +c54a2cc434933f5a24c9031d4a6df0ca +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2692 + +general.h +file + + + + +2016-02-13T06:47:11.472156Z +589f8a061ddec32a159ef1c746e934f5 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2843 + +interfaces.cpp +file + + + + +2016-02-13T06:47:11.472156Z +b421820e59bf6ce44dcedba7524af207 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +8985 + +device.h +file + + + + +2016-02-13T06:47:11.472156Z +62a6b3fbea318901b936e7bf5526b292 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2543 + +banner.cpp +file + + + + +2016-02-13T06:47:11.472156Z +ce5f1ce28a67f4303865d52533dbf4f5 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6177 + +filter.cpp +file + + + + +2016-02-13T06:47:11.472156Z +5b0697d99e6238613d2ba3161fb49926 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +33262 + +administration.cpp +file + + + + +2016-02-13T06:47:11.472156Z +0befff0330d7366070374c00f047f903 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +8910 + +interfaces.h +file + + + + +2016-02-13T06:47:11.472156Z +066476de0c3f22094ad591dd328b0b0c +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2597 + diff --git a/libnipper-0.12.6/Nortel-Passport/.svn/text-base/administration.cpp.svn-base b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/administration.cpp.svn-base new file mode 100644 index 0000000..29d8948 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/administration.cpp.svn-base @@ -0,0 +1,165 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "administration.h" + + +PassportAdministration::PassportAdministration() +{ + + // ----------------------------------------------------------------------- + // Device Specific Settings... + // ----------------------------------------------------------------------- + + // General... + generalSettings = false; // Show the general settings section? + consoleEnabled = false; // Is the Console port enabled? + consoleSupported = false; // Is a console port supported? + consoleTimeoutSupported = false; // Is a console timeout supported? + consoleTimeout = 0; // Console timeout + configConsoleTimeout = i18n(""); // The text and commands to configure the timeout + connectionTimeoutSupported = false; // Is a connection timeout supported? + connectionTimeout = 0; // Connection Timeout + configTimeout = i18n(""); // The text and commands to configure the timeout + + // Host restrictions... + serviceWideHosts = false; // Do all the admin services share a common host restrictions? + showHostInterface = false; // Show the Interface column in the host table? + showHostAccess = false; // Show the Access column in the host table? + serviceConfigHosts = i18n(""); // Text, how to configure administrative host restrictions. + + // Telnet options... + telnetSupported = false; // Is telnet supported? + telnetEnabled = false; // Is Telnet enabled? + telnetPort = 23; // The telnet service port + telnetSpecificHost = false; // Does Telnet have its own access list? + telnetHostsRequired = false; // Is the host configuration required? + showTelnetHostInterface = false; // Show the Interface column in the host table? + showTelnetHostAccess = false; // Show the Access column in the host table? + configTelnetHostAccess = i18n(""); // How access lists are configured for the telnet service + disableTelnet = i18n(""); // How to disable telnet text... + telnetSpecificTimeout = false; // A Telnet Specific Timeout? + telnetTimeout = 0; // The Telnet Timeout (secs) + configTelnetTimeout = i18n(""); // The text and commands to configure the timeout + + // TFTP options... + tftpSupported = false; // Is TFTP supported? + tftpEnabled = false; // Is TFTP enabled? + tftpPort = 69; // The TFTP service port + tftpSpecificHost = false; // Does TFTP have its own access list? + tftpHostsRequired = false; // Is the host configuration required? + showTFTPHostInterface = false; // Show the Interface column in the host table? + showTFTPHostAccess = false; // Show the Access column in the host table? + configTFTPHostAccess = i18n(""); // How access lists are configured for the TFTP service + disableTFTP = i18n(""); // How to disable TFTP text... + + // FTP options... + ftpSupported = false; // Is FTP supported? + ftpEnabled = false; // Is FTP enabled? + ftpPort = 21; // The FTP service port + ftpSpecificHost = false; // Does FTP have its own access list? + ftpHostsRequired = false; // Is the host configuration required? + showFTPHostInterface = false; // Show the Interface column in the host table? + showFTPHostAccess = false; // Show the Access column in the host table? + configFTPHostAccess = i18n(""); // How access lists are configured for the FTP service + disableFTP = i18n(""); // How to disable FTP text... + ftpSpecificTimeout = false; // A FTP Specific Timeout? + ftpTimeout = 0; // The FTP Timeout (secs) + configFTPTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH options... + sshSupported = false; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = false; // Is the SSH service enabled? + sshVersion = 0; // What is the SSH Protocol version (0 = 1 and 2) + sshPort = 22; // The SSH port number + configSSHSupport = i18n(""); // How to configure SSH... + sshSpecificHost = false; // Does SSH have its own access list? + sshHostsRequired = false; // Is the host configuration required? + showSSHHostInterface = false; // Show the Interface column in the host table? + showSSHHostAccess = false; // Show the Access column in the host table? + configSSHHostAccess = i18n(""); // How to configure SSH... + sshSpecificTimeout = false; // A SSH Specific Timeout? + sshTimeout = 0; // The SSH Timeout (secs) + configSSHTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH Options + sftpEnabled = false; // Is SFTP enabled? + sftpSupported = false; // Is SFTP supported? + scpSupported = false; // Is SCP supported? + scpEnabled = false; // Is SCP enabled? + + // SSH 2 support... + ssh2Supported = false; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + configSSHv2Support = i18n(""); // How to configure protocol version 2 support only + + // Config report SSH support text + sshConfigProtocolSupport = i18n(""); // Config report text on protocol support (e.g. supports both version 1 and 2 of the protocol) + + // HTTP(S) options... + httpSupported = false; // Does this device support HTTP + httpsSupported = false; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpPort = 80; // HTTP port + httpsEnabled = false; // Is the HTTPS service enabled? + httpsPort = 443; // HTTPS port + httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? + httpSpecificTimeout = false; // A HTTP Specific Timeout? + httpTimeout = 0; // The HTTP Timeout (secs) + configHTTPTimeout = i18n(""); // The text and commands to configure the timeout + httpLabel = i18n("*ABBREV*HTTP*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*HTTPS*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + httpSpecificHost = false; // Does HTTP have its own access list? + httpHostsRequired = false; // Is the host configuration required? + showHTTPHostInterface = false; // Show the Interface column in the host table? + showHTTPHostAccess = false; // Show the Access column in the host table? + configHTTPHostAccess = i18n(""); // How to configure HTTP Management hosts... + disableHTTP = i18n(""); // How to disable HTTP text... + configHTTPSSupport = i18n(""); // How to configure HTTPS... +} + + +int PassportAdministration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + return 0; +} + + +int PassportAdministration::processDefaults(Device *device) +{ + return 0; +} + diff --git a/libnipper-0.12.6/Nortel-Passport/.svn/text-base/administration.h.svn-base b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/administration.h.svn-base new file mode 100644 index 0000000..d5ca619 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/administration.h.svn-base @@ -0,0 +1,58 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef Passportadministration_H +#define Passportadministration_H + + +#include "../device/administration/administration.h" + + +class PassportAdministration : public Administration +{ + public: + + PassportAdministration(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Methods + //virtual int generateDeviceGeneralConfig(Device *device); // A device specific config report output + //virtual int generateDeviceTelnetConfig(Device *device); // A device specific config report output + //virtual int generateDeviceTFTPConfig(Device *device); // A device specific config report output + //virtual int generateDeviceFTPConfig(Device *device); // A device specific config report output + //virtual int generateDeviceSSHConfig(Device *device); // A device specific config report output + //virtual int generateDeviceHTTPConfig(Device *device); // A device specific config report output +}; + + +#endif diff --git a/libnipper-0.12.6/Nortel-Passport/.svn/text-base/banner.cpp.svn-base b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/banner.cpp.svn-base new file mode 100644 index 0000000..146abf0 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/banner.cpp.svn-base @@ -0,0 +1,127 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "banner.h" + + +PassportBanner::PassportBanner() +{ + // Banner settings... + preLogonBanner = true; // Support Banner(s) Before Logon? + postLogonBanner = true; // Support Banner(s) After Logon? + configPreLogonBanner = i18n("The pre-logon banner message is configured on *DEVICETYPE* devices by adding banner message lines and then enabling the custom banner message. This can be done with the following commands:*CODE**COMMAND*cli banner add *CMDUSER*banner-message*-CMDUSER**-COMMAND**COMMAND*cli banner defaultbanner false*-COMMAND**-CODE*"); // The text that explains how to config a prelogon banner, with commands... + configPostLogonBanner = i18n("The *ABBREV*MOTD*-ABBREV* banner message is configured on *DEVICETYPE* devices by adding message lines and then enabling the custom message. This can be done with the following command:*CODE**COMMAND*cli motd add *CMDUSER*banner-message*-CMDUSER**-COMMAND**COMMAND*cli motd defaultbanner false*-COMMAND**-CODE*"); // The text that explains how to config a post logon banner, with commands... +} + + +int PassportBanner::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + bannerStruct *bannerPointer = 0; + + // motd banner add... + if ((strcmp(command->part(1), "motd") == 0) && (strcmp(command->part(2), "add") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + bannerPointer = getBanner("*ABBREV*MOTD*-ABBREV*"); + if (bannerPointer == 0) + { + bannerPointer = addBanner(); + bannerPointer->banner = postLogon; + bannerPointer->enabled = false; + bannerPointer->name.assign(i18n("*ABBREV*MOTD*-ABBREV*")); + bannerPointer->description.assign(i18n("The *ABBREV*MOTD*-ABBREV* banner message is presented to users after they logon. The *ABBREV*MOTD*-ABBREV* banner configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = anyConnection; + } + addBannerLine(bannerPointer, command->part(3)); + } + + // motd default... + else if ((strcmp(command->part(1), "motd") == 0) && (strcmp(command->part(2), "defaultbanner") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner On/Off Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + bannerPointer = getBanner("*ABBREV*MOTD*-ABBREV*"); + if (bannerPointer != 0) + { + if (strcmp(command->part(3), "true") == 0) + bannerPointer->enabled = false; + else + bannerPointer->enabled = true; + } + } + + // banner banner add... + else if ((strcmp(command->part(1), "banner") == 0) && (strcmp(command->part(2), "add") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sBanner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + bannerPointer = getBanner("Logon"); + if (bannerPointer == 0) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->enabled = false; + bannerPointer->name.assign(i18n("Logon")); + bannerPointer->description.assign(i18n("The logon banner message is presented to users before they logon. The logon banner configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = anyConnection; + } + addBannerLine(bannerPointer, command->part(3)); + } + + // banner default... + else if ((strcmp(command->part(1), "banner") == 0) && (strcmp(command->part(2), "defaultbanner") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sBanner On/Off Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + bannerPointer = getBanner("Logon"); + if (bannerPointer != 0) + { + if (strcmp(command->part(3), "true") == 0) + bannerPointer->enabled = false; + else + bannerPointer->enabled = true; + } + } + + return 0; +} + diff --git a/libnipper-0.12.6/Nortel-Passport/.svn/text-base/banner.h.svn-base b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/banner.h.svn-base new file mode 100644 index 0000000..98eefef --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/banner.h.svn-base @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef Passportbanner_H +#define Passportbanner_H + + +#include "../device/banner/banner.h" + + +class PassportBanner : public Banner +{ + public: + + PassportBanner(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Nortel-Passport/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..e619a61 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,209 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" +#include "administration.h" +#include "banner.h" +#include "snmp.h" +#include "filter.h" +#include "interfaces.h" + + +PassportDevice::PassportDevice() +{ + deviceMake = "Nortel"; + deviceType = "Passport"; + deviceOS = "Passport OS"; + + general = new (PassportGeneral); + administration = new (PassportAdministration); + banner = new (PassportBanner); + snmp = new (PassportSNMP); + filter = new (PassportFilter); + interfaces = new (PassportInterfaces); +} + + +PassportDevice::~PassportDevice() +{ + delete general; + delete administration; + delete banner; + delete snmp; + delete filter; + delete interfaces; +} + + +int PassportDevice::processDevice() +{ + // Variables... + char line[1024]; + ConfigLine command; + int tempInt = 0; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + tempInt = 0; + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Hostname (in general)... + if (strcmp(command.part(tempInt), "#") == 0) + { + tempInt++; + + // Box type... + if ((strcmp(command.part(tempInt), "box") == 0) && (strcmp(command.part(tempInt + 1), "type") == 0) && (strcmp(command.part(tempInt + 2), ":") == 0)) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Software Version... + else if ((strcmp(command.part(tempInt), "software") == 0) && (strcmp(command.part(tempInt + 1), "version") == 0) && (strcmp(command.part(tempInt + 2), ":") == 0)) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Monitor Version... + else if ((strcmp(command.part(tempInt), "monitor") == 0) && (strcmp(command.part(tempInt + 1), "version") == 0) && (strcmp(command.part(tempInt + 2), ":") == 0)) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Modules + else if (strcmp(command.part(tempInt), "Slot") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + else + lineNotProcessed(line); + } + + // Ethernet + else if (strcmp(command.part(0), "ethernet") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // VLAN + else if (strcmp(command.part(0), "vlan") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Traffic Filtering + else if ((strcmp(command.part(tempInt), "ip") == 0) && (strcmp(command.part(tempInt + 1), "traffic-filter") == 0)) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + else if ((strcmp(command.part(tempInt), "sys") == 0) && (strcmp(command.part(tempInt + 1), "set") == 0)) + { + tempInt += 2; + + // contact... + if (strcmp(command.part(tempInt), "contact") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // location... + if (strcmp(command.part(tempInt), "location") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SNMP... + if (strcmp(command.part(tempInt), "snmp") == 0) + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + else + lineNotProcessed(line); + } + + else if (strcmp(command.part(tempInt), "cli") == 0) + { + tempInt++; + + // banner... + if (strcmp(command.part(tempInt), "banner") == 0) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // motd... + else if (strcmp(command.part(tempInt), "motd") == 0) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + else + lineNotProcessed(line); + } + + // All others... + else + lineNotProcessed(line); + } + + if ((general->version.empty()) && (config->deviceTypeChecks == true)) + return libnipper_error_wrongdevice; + + return 0; +} + + +bool PassportDevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + bool found = false; + int lineCount = 0; + int returnCode = 0; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (found == false) && (lineCount < 15)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if ((strcmp(command.part(0), "#") == 0) && (strcmp(command.part(1), "box") == 0) && (strcmp(command.part(2), "type") == 0) && (strcmp(command.part(3), ":") == 0)) + found = true; + + else if ((strcmp(command.part(0), "#") == 0) && (strcmp(command.part(1), "software") == 0) && (strcmp(command.part(2), "version") == 0) && (strcmp(command.part(3), ":") == 0)) + found = true; + } + fclose(inputFile); + + return found; +} + diff --git a/libnipper-0.12.6/Nortel-Passport/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..f015e06 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/device.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_Passport_H +#define device_Passport_H + + +#include "../device/device.h" + + +class PassportDevice : public Device +{ + public: + PassportDevice(); + ~PassportDevice(); + + int processDevice(); + bool isDeviceType(); +}; + + +#endif diff --git a/libnipper-0.12.6/Nortel-Passport/.svn/text-base/filter.cpp.svn-base b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/filter.cpp.svn-base new file mode 100644 index 0000000..d56d560 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/filter.cpp.svn-base @@ -0,0 +1,541 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../device/common/configline.h" +#include "../globaldefs.h" +#include "device.h" +#include "filter.h" + + +PassportFilter::PassportFilter() +{ + // Filter device options... + denyAllAndLogDefault = false; // Does it deny all and log by default? + defaultFilterActionSupported = true; // Default action supported on the device + allowByDefault = false; // Forward by default? + defaultActionIsAllow = false; // Is the default action to forward + logLevelsSupported = false; // Are log Levels supported + logOnlyDenySupported = false; // Is only Deny rule logging supported + noAccessWithoutFilters = false; // Is access not granted if no filters are configured + filterSupportsInstalled = false; // If filtering supports installed (i.e. CheckPoint) + filterSupportsThrough = false; // If a filtering supports through (i.e. CheckPoint) + rejectRulesSupported = false; // If reject rules are supported + bypassRulesSupported = false; // If bypass rules are supported + defaultRulesSupported = true; // If default rules are supported + ruleListsAreAssigned = true; // Rule lists are assigned to specific elements + allowName = i18n("Forward"); // The name given to an forwarded filter + denyName = i18n("Drop"); // The name given to a denied filter + rejectName = i18n("Reject"); // The name given to a rejected filter + filterConfigTitle = i18n("*ABBREV*IP*-ABBREV* Filter Configuration"); // The Title for the configuration report section + filterConfigText = i18n("*ABBREV*IP*-ABBREV* filters are used to restrict access to specific hosts and services and are grouped into filter lists. Typically, *ABBREV*IP*-ABBREV* filters are processed sequentially with the first matching filter taking effect. However, the filter can be configured to not stop at a particular filter when the filter matches the network traffic."); // The device specific configuration report section text + filterConfigText2 = i18n("*DEVICETYPE* devices support three different types of filters, source, destination and global."); // The device specific configuration report section text2 + useFilterID = true; // Use the filter ID to identify a filter (otherwise a line no. is used) + filterIDTitle = i18n("*ABBREV*ID*-ABBREV*"); // The title for the filter ID/line no. table column + filterListName = i18n("*ABBREV*IP*-ABBREV* filter list"); // The name of the filter list, for use in text paragraphs + filterListNameTitle = i18n("*ABBREV*IP*-ABBREV* Filter List"); // The name of the filter list, for use in titles + filterListNamePlaural = i18n("*ABBREV*IP*-ABBREV* Filter Lists"); // The name of the filter list, for use in text paragraphs + filterTitle = i18n("Filter"); // The name of a filter, for use in titles + filterTitlePlaural = i18n("Filters"); // The name of a filter, for use in titles + filterName = i18n("filter"); // The name of a filter, for use use in text paragraph + filterNamePlaural = i18n("filters"); // The name of a filter, for use use in text paragraph + + // Issue titles... + allowAndNotLogIssue = i18n("Not All Forward Filters Log Access"); // The title text for the "All Forward Rules Do Not Log" issue + allowAndNotLogTable = i18n("Forward filters that do not log"); // The table title text for the "All Forward Rules Do Not Log" issue + allowAndNotLogConcl = i18n("not all forward filters log access"); // The conclusions text for the "All Forward Rules Do Not Log" issue + allowAndNotLogReco = i18n("Configure logging for all forward filters"); // The recommendations text for "All Forward Rules Do Not Log" (and deny) issue + denyAndNotLogIssue = i18n("Not All Drop Filters Log Access"); // The title text for the "All Forward Rules Do Not Log" issue + denyAndNotLogTable = i18n("Drop filters that do not log"); // The table title text for the "All Forward Rules Do Not Log" issue + denyAndNotLogConcl = i18n("not all drop filters log access"); // The conclusions text for the "All Forward Rules Do Not Log" issue + configRuleLogging = i18n(""); // The text describing how to configure logging for filter rules + noFilteringIssue = i18n("No *ABBREV*IP*-ABBREV* Filters Were Configured"); // The title text for the "No filtering" issue + noFilteringRec = i18n("Configure *ABBREV*IP*-ABBREV* Filters to restict access"); // The title text for the "No filtering" recommendation + noFilteringCon = i18n("no *ABBREV*IP*-ABBREV* filters were configured"); // The title text for the "No filtering" conclusion + legacyIssueFinding = i18n(""); // The finding for the legacy issue + legacyIssueImpact = i18n(""); // The impact for the legacy issue + legacyIssueEase = i18n(""); // The ease for the legacy issue + legacyIssueRec = i18n(""); // The recommendation for the legacy issue + allowAnythingTable = i18n("*ABBREV*IP*-ABBREV* filters forward any access"); // The forward anything table title text + allowWeakTable = i18n("*ABBREV*IP*-ABBREV* filters provide weak filtering"); // Weak source/service/destination/service table title text + allowAnyAnyAnyTable = i18n("*ABBREV*IP*-ABBREV* filters forward any host to access any destination and service"); // The forward any source, destination and service table title text + allowWeakWeakWeakTable = i18n("*ABBREV*IP*-ABBREV* filters provide weak filtering of source, destination and service"); // The forward weak source, destination and service table title text + allowAnyServiceAnyTable = i18n("*ABBREV*IP*-ABBREV* filters forward any source port to any destination and service"); // The forward any source port, destination and service table title text + allowWeakServiceAnyTable = i18n("*ABBREV*IP*-ABBREV* filters provide weak filtering of source port to destination and service"); // The forward weak source, destination and service table title text + allowAnyAnyTable = i18n("*ABBREV*IP*-ABBREV* filters forward any source to any destination"); // The forward any source, destination table title text + allowAnyAnyServiceTable = i18n("*ABBREV*IP*-ABBREV* filters forward any source to any destination service"); // The forward any source, destination service table title text + allowAnyDestServiceTable = i18n("*ABBREV*IP*-ABBREV* filters forward any destination and service"); // The forward any destination and service table title text + allowAnyPortDestTable = i18n("*ABBREV*IP*-ABBREV* filters forward any source port to any destination address"); // The forward any source port to any destination table title text + allowAnyPortServiceTable = i18n("*ABBREV*IP*-ABBREV* filters forward any source port to any destination service"); // The forward any source port to any dest service table title text + allowWeakWeakTable = i18n("*ABBREV*IP*-ABBREV* filters forward weak filtering of source and destination addresses"); // The forward weak source, destination addresses + allowWeakWeakServiceTable = i18n("*ABBREV*IP*-ABBREV* filters forward weak source addresses and destination services"); // The forward weak source, destination service table title text + allowDestAndServiceTable = i18n("*ABBREV*IP*-ABBREV* filters forward weak destination addresses and services");// The forward weak destination and service table title text + allowWeakPortDestTable = i18n("*ABBREV*IP*-ABBREV* filters forward weak source ports and destination"); // The forward weak source port to Destination table title text + allowWeakPortServiceTable = i18n("*ABBREV*IP*-ABBREV* filters forward weak source ports and destination services"); // The forward weak source port to service table title text + allowAnySourceTable = i18n("*ABBREV*IP*-ABBREV* filters forward from any source address"); // The forward any source address table title text + allowNetSourceTable = i18n("*ABBREV*IP*-ABBREV* filters forward from a network source address"); // The forward a network source address table title text + allowAnyPortTable = i18n("*ABBREV*IP*-ABBREV* filters forward from any source port"); // The forward any source port table title text + allowRangePortTable = i18n("*ABBREV*IP*-ABBREV* filters forward from a source port range"); // The forward range source port table title text + allowAnyDestTable = i18n("*ABBREV*IP*-ABBREV* filters forward to any destination"); // The forward any destination table title text + allowNetDestTable = i18n("*ABBREV*IP*-ABBREV* filters forward to a network destination"); // The forward a network destination table title text + allowToAnyDestServiceTable = i18n("*ABBREV*IP*-ABBREV* filters forward to any destination service"); // The forward any destination service table title text + allowToNetDestServiceTable = i18n("*ABBREV*IP*-ABBREV* filters forward to a destination service range"); // The forward a destination service range table title text + bypassContentFilterCon = i18n("*ABBREV*IP*-ABBREV* filters were configured that bypass the content filtering"); // Bypass filter conclusion text + bypassContentFilterRec = i18n("Connfigure *ABBREV*IP*-ABBREV* filters that do not bypass the content filtering"); // Bypass filter recommendation text + defaultFilterCon = i18n("*ABBREV*IP*-ABBREV* filters were configured that default to the ports filtering action"); // Default filter conclusion text + defaultFilterRec = i18n("Configure *ABBREV*IP*-ABBREV* filters that do not default to the ports filtering action"); // Default filter recommendation text + rejectSecurityIssueTitle = i18n("Reject *ABBREV*IP*-ABBREV* filters Were Configured"); // Reject filter title text + securityRejectTextCon = i18n("*ABBREV*IP*-ABBREV* filters were configured that reject network traffic"); // Reject filter conclusion text + securityRejectTextRec = i18n("Configure *ABBREV*IP*-ABBREV* filters to deny rather than reject network traffic"); // Reject filter recommendation text + clearTextServiceCon = i18n("*ABBREV*IP*-ABBREV* filters were configured that forward access to clear text protocol services"); // Clear Text Service conclusions text + clearTextServiceRec = i18n("Configure *ABBREV*IP*-ABBREV* filters to deny access to any clear text protocol services"); // Clear Text Service recommendations text2 + configureFilterListRecIssueText = i18n("A *ABBREV*IP*-ABBREV* filter list can be created and a filter assigned to it with the following commands:*CODE**COMMAND*ip traffic-filter set *CMDUSER*filter-list-number*-CMDUSER* create *CMDOPTION*name *CMDUSER*\"comment\"*-CMDUSER**-CMDOPTION**-COMMAND**COMMAND*ip traffic-filter set *CMDUSER*filter-list-number*-CMDUSER* add-filter *CMDUSER*filter-number*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a filter list + configureFilterRecIssueText = i18n("A source *ABBREV*IP*-ABBREV* filter can be created with the following command:*CODE**COMMAND*ip traffic-filter create source src-ip *CMDUSER*source-ip*-CMDUSER* dst-ip *CMDUSER*dest-ip*-CMDUSER* id *CMDUSER*filter-number*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a filter + unnecessaryServiceCon = i18n("*ABBREV*IP*-ABBREV* filters were configured that forward access to potentially unnecessary services"); // Unnecessary Service conclusions text + unnecessaryServiceRec = i18n("Configure *ABBREV*IP*-ABBREV* filters to deny access to any unnecessary services"); // Unnecessary Service recommendations text2 + filtersWithNoCommentsTitle = i18n("Not All *ABBREV*IP*-ABBREV* filters Include Comments"); // Filters with no comments title text + noFilterCommentsCon = i18n("not all *ABBREV*IP*-ABBREV* filters include comment text indicating their purpose"); // The no comments conclusion text + noFilterCommentsRec = i18n("Configure comment text for all *ABBREV*IP*-ABBREV* filters"); // The no comments recommendation text + configureFilterCommentText = i18n("*ABBREV*IP*-ABBREV* filter comments can be configured with the following command:*CODE**COMMAND*ip traffic-filter filter *CMDUSER*filter-number*-CMDUSER* name *CMDUSER*\"comment\"*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a filters comment text + disabledFiltersTitle = i18n("Disabled *ABBREV*IP*-ABBREV* filters Were Configured"); // The disabled filter issues title text + removeFilterText = i18n("An *ABBREV*IP*-ABBREV* filter can be deleted with the following command:*CODE**COMMAND*ip traffic-filter filter *CMDUSER*filter-number*-CMDUSER* delete*-COMMAND**-CODE*"); // The commands and text to delete a filter + disabledFilterCon = i18n("disabled *ABBREV*IP*-ABBREV* filters were configured"); // The disabled filter conclusion text + disabledFilterRec = i18n("Remove all disabled *ABBREV*IP*-ABBREV* filters"); // The disabled filter recommendation text + defaultActionIssueTitle = i18n("The Default Network Filtering Action Permits Access"); // The default filter action issue title + defaultActionIssueCon = i18n("the default *ABBREV*IP*-ABBREV* filter list action was configured to forward access when a filter does not match"); // The default filter action conclusion text + defaultActionIssueRec = i18n("Set the default*ABBREV*IP*-ABBREV* filter list action to drop network traffic"); // The default filter action recommendation text + configureDefaultActionText = i18n(""); // The text and commands to configure the default action + unusedFiltersIssueTitle = i18n("Unused *ABBREV*IP*-ABBREV* filters Were Configured At The *ABBREV*IP*-ABBREV* Filter List End"); // Unused filters at the end of the filter list title + unusedFiltersIssueCon = i18n("unused *ABBREV*IP*-ABBREV* filters were configured at the end of the *ABBREV*IP*-ABBREV* filter list"); // Unused filters issue conclusions text + unusedFiltersIssueRec = i18n("Remove all unused *ABBREV*IP*-ABBREV* filters"); // Unused filters issue recommendation text + denyAllLogIssueTitle = i18n("*ABBREV*IP*-ABBREV* Filter List Does Not End with Drop All And Log"); // Deny All And Log Issue title + denyAllLogConfigure = i18n(""); // The text and commands to add a deny all and log line + denyAllLogIssueCon = i18n("not all *ABBREV*IP*-ABBREV* filter lists end with a drop all and log "); // The deny all and log conclusions text + denyAllLogIssueRec = i18n("Configure a drop all and log *ABBREV*IP*-ABBREV* filter as the last filter in each filter list"); // The deny all and log recommendations text + contradictIssueTitle = i18n("Contradicting *ABBREV*IP*-ABBREV* filters Were Configured"); // The contradict issue title + contradictIssueTable = i18n("contradictions of filter"); // The contradict table issue title + contradictIssueCon = i18n("*ABBREV*IP*-ABBREV* filters were configured that contradict other *ABBREV*IP*-ABBREV* filters"); // The contradict issue conclusion + contradictIssueRec = i18n("Reconfigure the *ABBREV*IP*-ABBREV* filters so they do not contradict other filters"); // The contradict issue recommendation + duplicateIssueTitle = i18n("Duplicate *ABBREV*IP*-ABBREV* filters Were Configured"); // The duplicate/overlapping issue title + duplicateIssueTable = i18n("duplicates of *ABBREV*IP*-ABBREV* filter"); // The duplicate/overlapping issue title + duplicateIssueCon = i18n("*ABBREV*IP*-ABBREV* filters were configured that duplicate the configuration of other *ABBREV*IP*-ABBREV* filters"); // The duplicate/overlapping issue title + duplicateIssueRec = i18n("Reconfigure the *ABBREV*IP*-ABBREV* filters so that the rules do not duplicate other *ABBREV*IP*-ABBREV* filters"); // The duplicate/overlapping issue title + +} + + +PassportFilter::~PassportFilter() +{ +} + + +int PassportFilter::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + filterListConfig *destFilterListPointer = 0; + filterListConfig *filterListPointer = 0; + filterConfig *destFilterPointer = 0; + filterConfig *filterPointer = 0; + filterObjectConfig *objectPointer = 0; + string tempString; + fpos_t filePosition; + int tempInt = 0; + + // IP... + if (strcmp(command->part(0), "ip") == 0) + { + + // Traffic Filters + if (strcmp(command->part(1), "traffic-filter") == 0) + { + + filterListPointer = getFilterList(i18n("Unassigned")); + filterListPointer->type = i18n("*ABBREV*IP*-ABBREV* Filters"); // The filter list type name (used in the config report) + filterListPointer->typeDescription = i18n("*ABBREV*IP*-ABBREV* filters are used on *DEVICETYPE* devices to determine which network traffic should be forwarded and which should be blocked. This section details those filters."); // The filter list type description for the report (used in config report) + filterListPointer->legacyType = false; // Is the filter list a legacy type? + filterListPointer->sourceOnly = false; // The type of filter + filterListPointer->loggingSupport = false; // Does the filter list support logging + filterListPointer->supportsTime = false; // Filter support time (dest only) + filterListPointer->supportsFragments = true; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = false; // Filter support established (dest only) + filterListPointer->sourceServiceSupported = true; // If source services are supported + filterListPointer->disabledFilterSupport = true; // Is it possible to disable filters? + filterListPointer->filterCommentsSupported = true; // Are filter comments supported + filterListPointer->showProtocol = true; // Show the protocol? (some devices use a configured service) + filterListPointer->showFilterZones = false; // Does the filter use filter-based zones (i.e. SonicWALL) + filterListPointer->showStop = true; + filterListPointer->showFilterType = true; // Does the filter have a type (i.e. like on Passport devices) + + while ((feof(device->inputFile) == 0) && (strcmp(command->part(1), "traffic-filter") == 0)) + { + + // Create + if (strcmp(command->part(2), "create") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFilter Create Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer = addFilter(filterListPointer); + filterPointer->stop = true; + filterPointer->inSet = false; + filterPointer->action = deftAction; + + // Filter Type + if (strcmp(command->part(3), "source") == 0) // Source + filterPointer->type = sourceFilter; + else if (strcmp(command->part(3), "destination") == 0) // Destination + filterPointer->type = destinationFilter; + else // Global + filterPointer->type = globalFilter; + tempInt = 4; + + while (tempInt < command->parts) + { + // Source / Destination... + if ((strcmp(command->part(tempInt), "src-ip") == 0) || (strcmp(command->part(tempInt), "dst-ip") == 0)) + { + if (strcmp(command->part(tempInt), "src-ip") == 0) + { + objectPointer = addFilterObject(filterPointer, source); + } + else + { + objectPointer = addFilterObject(filterPointer, destination); + } + tempInt++; + + objectPointer->serviceOper = serviceOperEqual; + if ((strcasecmp(command->part(tempInt), "default") == 0) || (strcmp(command->part(tempInt), "0.0.0.0/0.0.0.0") == 0)) + { + objectPointer->type = anyObject; + objectPointer->name.assign(i18n("Any")); + objectPointer->serviceOper = serviceOperAny; + } + else + { + if (strchr(command->part(tempInt), '/') != 0) + { + objectPointer->netmask.assign(strchr(command->part(tempInt), '/') + 1); + objectPointer->name.assign(command->part(tempInt)); + tempString.assign(command->part(tempInt)); + objectPointer->name.erase(tempString.find("/")); + if (objectPointer->netmask.compare("255.255.255.255") == 0) + objectPointer->type = hostObject; + else + objectPointer->type = networkObject; + } + else + { + objectPointer->type = hostObject; + objectPointer->name.assign(command->part(tempInt)); + } + } + } + + // Filter Id? + else if (strcmp(command->part(tempInt), "id") == 0) + { + tempInt++; + filterPointer->id = atoi(command->part(tempInt)); + } + + tempInt++; + } + } + + // Filter + else if (strcmp(command->part(2), "filter") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFilter Filter Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer = getFilter(atoi(command->part(3)), filterListPointer); + + // Name... + if (strcmp(command->part(4), "name") == 0) + filterPointer->comment.assign(command->part(5)); + + // Action... + else if (strcmp(command->part(4), "action") == 0) + { + + // Mode... + if (strcmp(command->part(5), "mode") == 0) + { + if (strcmp(command->part(6), "forward") == 0) + filterPointer->action = allowAction; + else if (strcmp(command->part(6), "drop") == 0) + filterPointer->action = denyAction; + else if (strcmp(command->part(6), "forward-to-next-hop") == 0) + filterPointer->action = allowAction; + } + + // Stop on match... + else if (strcmp(command->part(5), "stop-on-match") == 0) + { + if (strcmp(command->part(6), "true") == 0) + filterPointer->stop = true; + else + filterPointer->stop = false; + } + } + + // Match... + else if (strcmp(command->part(4), "match") == 0) + { + + // Protocol... + if (strcmp(command->part(5), "protocol") == 0) + { + objectPointer = addFilterObject(filterPointer, protocol); + objectPointer->type = protocolObject; + objectPointer->name.assign(command->part(6)); + objectPointer->serviceOper = serviceOperEqual; + } + + // Source Port / Destination Port... + else if ((strcmp(command->part(5), "src-port") == 0) || (strcmp(command->part(5), "dst-port") == 0)) + { + if (strcmp(command->part(5), "src-port") == 0) + objectPointer = addFilterObject(filterPointer, sourceService); + else + objectPointer = addFilterObject(filterPointer, destinationService); + objectPointer->type = serviceObject; + objectPointer->name.assign(command->part(6)); + + if (command->parts == 9) + { + + // Options... + if ((strcasecmp(command->part(7), "src-option") == 0) || (strcasecmp(command->part(7), "dst-option") == 0)) + { + if (strcasecmp(command->part(8), "ignore") == 0) + objectPointer->serviceOper = serviceOperNotEqual; + else if (strcasecmp(command->part(8), "equal") == 0) + objectPointer->serviceOper = serviceOperEqual; + else if (strcasecmp(command->part(8), "less") == 0) + objectPointer->serviceOper = serviceOperLessThan; + else if (strcasecmp(command->part(8), "greater") == 0) + objectPointer->serviceOper = serviceOperGreaterThan; + else if (strcasecmp(command->part(8), "notequal") == 0) + objectPointer->serviceOper = serviceOperNotEqual; + } + } + } + } + } + + // Set + else if (strcmp(command->part(2), "set") == 0) + { + + // Create + if (strcmp(command->part(4), "create") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFilter Set Create Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + destFilterListPointer = getFilterList(command->part(3)); + destFilterListPointer->type = i18n("*ABBREV*IP*-ABBREV* Filters"); // The filter list type name (used in the config report) + destFilterListPointer->typeDescription = i18n("*ABBREV*IP*-ABBREV* filters are used on *DEVICETYPE* devices to determine which network traffic should be forwarded and which should be blocked. This section details those filters."); + destFilterListPointer->legacyType = false; // Is the filter list a legacy type? + destFilterListPointer->sourceOnly = false; // The type of filter + destFilterListPointer->loggingSupport = false; // Does the filter list support logging + destFilterListPointer->supportsTime = false; // Filter support time (dest only) + destFilterListPointer->supportsFragments = true; // Filter support fragments (dest only) + destFilterListPointer->supportsEstablished = false; // Filter support established (dest only) + destFilterListPointer->sourceServiceSupported = true; // If source services are supported + destFilterListPointer->disabledFilterSupport = true; // Is it possible to disable filters? + destFilterListPointer->filterCommentsSupported = true; // Are filter comments supported + destFilterListPointer->showProtocol = true; // Show the protocol? (some devices use a configured service) + destFilterListPointer->showFilterZones = false; // Does the filter use filter-based zones (i.e. SonicWALL) + destFilterListPointer->showStop = true; + destFilterListPointer->showFilterType = true; // Does the filter have a type (i.e. like on Passport devices) + if (strcmp(command->part(5), "name") == 0) + destFilterListPointer->listName.assign(command->part(6)); + } + + // Add Filter + else if (strcmp(command->part(4), "add-filter") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFilter Set Add Filter Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Source filter... + filterPointer = getOnlyFilter(atoi(command->part(5)), filterListPointer); + if (filterPointer != 0) + { + + destFilterListPointer = getFilterList(command->part(3)); + destFilterPointer = getFilter(atoi(command->part(5)), destFilterListPointer); + + copySourceToDestinationFilters(filterPointer, destFilterPointer); + filterPointer->deleteMe = true; + } + } + + // All others... + else + device->lineNotProcessed(line); + + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int PassportFilter::generateDeviceSpecificFilterSecurityIssues(Device *device) +{ + // Variables... + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + filterListConfig *filterListPointer = 0; + filterConfig *filterPointer = 0; + int filterCount = 0; + bool found = false; + int errorCode = 0; + + filterListPointer = filterList; + while ((filterListPointer != 0) && (found == false)) + { + if (filterListPointer->name.compare(i18n("Unassigned")) == 0) + { + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + filterCount++; + filterPointer = filterPointer->next; + } + found = true; + } + else + filterListPointer = filterListPointer->next; + } + + + if (found == true) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Unassigned IP Filters\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + if (filterCount > 2) + securityIssuePointer->title.assign(i18n("Unassigned *ABBREV*IP*-ABBREV* Filters Were Configured")); + else + securityIssuePointer->title.assign(i18n("An Unassigned *ABBREV*IP*-ABBREV* Filter Was Configured")); + securityIssuePointer->reference.assign("PAS.FILTUNAS.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("The *ABBREV*IP*-ABBREV* filters on *DEVICETYPE* devices are configured prior to the filter lists. The filters can then assigned to the various filter lists and the filter lists assigned to interfaces in order to restrict access.")); + + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addValue(paragraphPointer, filterCount); + if (filterCount > 2) + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* *ABBREV*IP*-ABBREV* filters were not assigned to any filter lists. These filters are listed in Table *TABLEREF*.")); + else + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* *ABBREV*IP*-ABBREV* filter was not assigned to any filter lists. This filter is shown in Table *TABLEREF*.")); + + // Create table... + errorCode = device->addTable(paragraphPointer, "GEN-FILTUNAS-UNASSIGNED-TABLE"); + if (errorCode != 0) + return errorCode; + if (filterCount > 2) + paragraphPointer->table->title.assign(i18n("Unassigned *ABBREV*IP*-ABBREV* filters")); + else + paragraphPointer->table->title.assign(i18n("Unassigned *ABBREV*IP*-ABBREV* filter")); + + // Create table headings... + addFilterTableHeadings(device, paragraphPointer, filterListPointer); + + // Output filter lines... + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + addFilterTableRow(device, paragraphPointer, filterPointer, filterListPointer); + filterPointer = filterPointer->next; + } + + // Issue impact... + securityIssuePointer->impactRating = 3; // Low + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("Although not a direct threat to security, unassigned filters will not be used and could lead to a duplication of the filters and cause confusion when administering a *DEVICETYPE* device. The clarity of the *ABBREV*IP*-ABBREV* filter lists are paramount as it could lead to a configuration where access to services are overally permissive.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + securityIssuePointer->easeRating = 0; // N/A + paragraphPointer->paragraph.assign(i18n("If the filters are not assigned to a filter list, they will not be used to filter any network traffic.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 3; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that all unassigned *ABBREV*IP*-ABBREV* should be deleted. The unassigned filters can be deleted with the following command:*CODE**COMMAND*ip traffic-filter filter *CMDUSER*filter-number*-CMDUSER* delete*-COMMAND**-CODE*")); + + // Conclusions text... + if (filterCount > 2) + securityIssuePointer->conLine.assign(i18n("unassigned *ABBREV*IP*-ABBREV* filters were configured")); + else + securityIssuePointer->conLine.assign(i18n("an unassigned *ABBREV*IP*-ABBREV* filter was configured")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("delete unassigned *ABBREV*IP*-ABBREV* filters"), true); + } + + return 0; +} + diff --git a/libnipper-0.12.6/Nortel-Passport/.svn/text-base/filter.h.svn-base b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/filter.h.svn-base new file mode 100644 index 0000000..f17fe2a --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/filter.h.svn-base @@ -0,0 +1,53 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef PassportFilter_H +#define PassportFilter_H + + +#include "../device/filter/filter.h" + + +class PassportFilter : public Filter +{ + public: + PassportFilter(); + ~PassportFilter(); + + + private: + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int generateDeviceSpecificFilterSecurityIssues(Device *device); +}; + + +#endif + diff --git a/libnipper-0.12.6/Nortel-Passport/.svn/text-base/general.cpp.svn-base b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/general.cpp.svn-base new file mode 100644 index 0000000..25f8047 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/general.cpp.svn-base @@ -0,0 +1,175 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +PassportGeneral::PassportGeneral() +{ +} + + +int PassportGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int tempInt = 0; + + // Box type... + if ((strcmp(command->part(tempInt), "#") == 0) && (strcmp(command->part(tempInt + 1), "box") == 0) && (strcmp(command->part(tempInt + 2), "type") == 0) && (strcmp(command->part(tempInt + 3), ":") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sBox Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + deviceModel.assign(command->part(tempInt + 4)); + } + + // Software Version... + else if ((strcmp(command->part(tempInt), "#") == 0) && (strcmp(command->part(tempInt + 1), "software") == 0) && (strcmp(command->part(tempInt + 2), "version") == 0) && (strcmp(command->part(tempInt + 3), ":") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSoftware Version Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + version.assign(command->part(tempInt + 4)); + } + + // Monitor Version... + else if ((strcmp(command->part(tempInt), "#") == 0) && (strcmp(command->part(tempInt + 1), "monitor") == 0) && (strcmp(command->part(tempInt + 2), "version") == 0) && (strcmp(command->part(tempInt + 3), ":") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sMonitor Version Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + monitorVersion.assign(command->part(tempInt + 4)); + } + + // Modules + else if ((strcmp(command->part(tempInt), "#") == 0) && (strcmp(command->part(tempInt + 1), "Slot") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sModule Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + if (strcmp(command->part(tempInt + 1), "--") != 0) + addDeviceModule(atoi(command->part(tempInt)), command->part(tempInt + 1), strstr(line, command->part(tempInt + 4))); + else + addDeviceModule(atoi(command->part(tempInt)), i18n("Empty")); + } + + else if ((strcmp(command->part(tempInt), "sys") == 0) && (strcmp(command->part(tempInt + 1), "set") == 0) && (strcmp(command->part(tempInt + 2), "location") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLocation Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + location.assign(command->part(tempInt + 3)); + } + + else if ((strcmp(command->part(tempInt), "sys") == 0) && (strcmp(command->part(tempInt + 1), "set") == 0) && (strcmp(command->part(tempInt + 2), "contact") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sContact Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + contact.assign(command->part(tempInt + 3)); + } + + return 0; +} + + +int PassportGeneral::processDefaults(Device *device) +{ + // Split version numbers... + if (!version.empty()) + { + versionMajor = atoi(version.c_str()); + versionMinor = atoi(strchr(version.c_str(), '.') + 1); + versionRevision = atoi(strchr(strchr(version.c_str(), '.') + 1, '.') + 1); + versionTweak = atoi(strchr(strchr(strchr(version.c_str(), '.') + 1, '.') + 1, '.') + 1); + } + + return 0; +} + + +int PassportGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-GENERAL"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-GENERAL-TABLE"); + + // Monitor version... + if (!monitorVersion.empty()) + { + device->addTableData(paragraphPointer->table, i18n("Monitor Version")); + device->addTableData(paragraphPointer->table, monitorVersion.c_str()); + } + + return errorCode; +} + + +int PassportGeneral::generateSecuritySpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; +/* + // Service Password Encryption... + if (servicePasswordEncryption == off) + { + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Service Password Encryption Disabled")); + securityIssuePointer->reference.assign("IOS.PASSENCR.1"); + securityIssuePointer->overallRating = 8; + securityIssuePointer->impactRating = 9; + securityIssuePointer->easeRating = 2; + securityIssuePointer->fixRating = 1; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("Cisco service passwords by default are stored in their clear text form rather than being encrypted. However, it is possible to have these passwords stored using the reversible Cisco type-7 encryption. *COMPANY* determined that the service password encryption that helps to provide a basic level of encryption for passwords that otherwise would be stored in clear text was disabled on the Cisco device *DEVICENAME*.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("The Cisco type-7 password encryption provides little in the way of protection against an attacker who has access to the configuration file. However, the Cisco type-7 password encryption would provide a level of protect against a malicious user who had managed to briefly view a devices configuration.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("If a malicious user were able to glance a password from a devices configuration they could use it to gain a level of access to *DEVICENAME*. If the passwords were encrypted using the Cisco type-7 routine, a malicious user that had access to the devices configuration would have to decode the password first. Tools are widely available on the Internet that can reverse Cisco type-7 passwords.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that the Cisco password encryption service be enabled. The Cisco password encryption service can be started with the following Cisco *ABBREV*IOS*-ABBREV* command:")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*CODE**COMMAND*service password-encryption*-COMMAND**-CODE*")); + securityIssuePointer->conLine.assign(i18n("service password encryption was disabled")); + securityIssuePointer->recLine.assign(i18n("enable the service password encryption")); + }*/ + return errorCode; +} diff --git a/libnipper-0.12.6/Nortel-Passport/.svn/text-base/general.h.svn-base b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/general.h.svn-base new file mode 100644 index 0000000..d5173d8 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/general.h.svn-base @@ -0,0 +1,56 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef Passportdevicegeneral_H +#define Passportdevicegeneral_H + +#include "../device/general/general.h" + + +class PassportGeneral : public General +{ + public: + PassportGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Reporting... + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + private: + string monitorVersion; +}; + + +#endif diff --git a/libnipper-0.12.6/Nortel-Passport/.svn/text-base/interfaces.cpp.svn-base b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/interfaces.cpp.svn-base new file mode 100644 index 0000000..6c3a7f4 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/interfaces.cpp.svn-base @@ -0,0 +1,197 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "interfaces.h" + + +PassportInterfaces::PassportInterfaces() +{ + // Interface Options... + useModuleAndPort = true; // Use the module / port instead of the name + useInterfaceZone = false; // Use the interface zone + zoneName = i18n("Zone"); // The name for zone field + filterIn = i18n("Filter"); // The filter in table title text + filterOut = i18n("Filter Out"); // The filter out table title text + showDescription = false; // Show the interface description + cdpGlobalRequired = false; // If CDP needs to be enabled globally as well + disableCDPText = i18n(""); // The text and commands to disable CDP + cdpSupported = false; // Is CDP supported on interfaces + disableProxyARPText = i18n("Proxy *ABBREV*ARP*-ABBREV* can be disabled on *ABBREV*VLAN*-ABBREV* interfaces with the following command:*CODE**COMMAND*vlan *CMDUSER*vlan-id*-CMDUSER* ip proxy disable*-COMMAND**-CODE*"); // The text and commands to disable Proxy ARP + disableUnreachablesText = i18n(""); // The text and commands to disable ICMP unreachable messages + disableInformationText = i18n(""); // The text and commands to disable ICMP information messages + disableMaskText = i18n(""); // The text and commands to disable ICMP mask messages + disableRedirectText = i18n(""); // The text and commands to disable ICMP redirect messages + disableDirectedText = i18n(""); // The text and commands to disable directed broadcasts + disableMOPText = i18n(""); // The text and commands to disable MOP + disableActiveText = i18n(""); // The text and commands to disable potentially unused interfaces + filterName = i18n("filter lists"); // The filter list name for use in the filter issue text + configFilterText = i18n(""); // The text and commands to configure network filtering + defaultAutoTrunk = false; // Default to automatically trunk + disableTrunkText = i18n(""); // The text and commands to disable trunking on a port + enablePortSecurityText = i18n(""); // The text and commands to enable port security +} + + +int PassportInterfaces::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + interfaceListConfig *interfaceListPointer = 0; + interfaceConfig *interfacePointer = 0; + string tempString; + + // ethernet... + if (strcmp(command->part(0), "ethernet") == 0) + { + + interfaceListPointer = getInterfaceList("ETHERINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Ethernet Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices ethernet interfaces."); + interfaceListPointer->tableTitle = i18n("Ethernet interfaces"); + interfaceListPointer->label = "ETHERINTERFACES"; + interfaceListPointer->vlanSupported = true; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = false; // Is the outbound filtering supported? + } + tempString.assign(command->part(1)); + interfacePointer = getInterface(interfaceListPointer, "", atoi(command->part(1)), atoi(tempString.substr(tempString.find("/") + 1).c_str())); + + // State + if (strcmp(command->part(2), "state") == 0) + { + + if (device->config->reportFormat == Config::Debug) + printf("%sEthernet State Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcasecmp(command->part(3), "disable") == 0) + interfacePointer->enabled = false; + } + + // name + else if (strcmp(command->part(2), "name") == 0) + { + + if (device->config->reportFormat == Config::Debug) + printf("%sEthernet Description Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->description.assign(command->part(3)); + } + + else if ((strcmp(command->part(2), "ip") == 0) && (strcmp(command->part(3), "traffic-filter") == 0) && (strcmp(command->part(4), "add") == 0) && (strcmp(command->part(5), "set") == 0)) + { + + if (device->config->reportFormat == Config::Debug) + printf("%sEthernet Filter Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + addFilterList(interfacePointer, command->part(6), true); + } + + else if (strcmp(command->part(2), "default-vlan-id") == 0) + { + + if (device->config->reportFormat == Config::Debug) + printf("%sEthernet VLAN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + addVLAN(interfacePointer, command->part(3)); + } + + // All others... + else + device->lineNotProcessed(line); + } + + // vlan... + if (strcmp(command->part(0), "vlan") == 0) + { + + interfaceListPointer = getInterfaceList("VLANINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*VLAN*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*VLAN*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*VLAN*-ABBREV* interfaces"); + interfaceListPointer->label = "VLANINTERFACES"; + interfaceListPointer->proxyArpSupported = true; + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1)); + + if ((strcmp(command->part(2), "ip") == 0) && (strcmp(command->part(3), "create") == 0)) + { + + if (device->config->reportFormat == Config::Debug) + printf("%sVLAN IP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempString.assign(command->part(4)); + interfacePointer->address.assign(tempString.substr(0, tempString.find("/") - 1)); + interfacePointer->netmask.assign(tempString.substr(tempString.find("/") + 1).c_str()); + } + + else if ((strcmp(command->part(2), "ip") == 0) && (strcmp(command->part(3), "proxy") == 0)) + { + + if (device->config->reportFormat == Config::Debug) + printf("%sVLAN IP Proxy Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(4), "enable") == 0) + interfacePointer->proxyARP = true; + else + interfacePointer->proxyARP = false; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int PassportInterfaces::processDefaults(Device *device) +{ + return 0; +} + diff --git a/libnipper-0.12.6/Nortel-Passport/.svn/text-base/interfaces.h.svn-base b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/interfaces.h.svn-base new file mode 100644 index 0000000..41804ee --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/interfaces.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef PassportInterfaces_H +#define PassportInterfaces_H + + +#include "../device/interfaces/interfaces.h" + + +class PassportInterfaces : public Interfaces +{ + public: + + PassportInterfaces(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + +}; + +#endif diff --git a/libnipper-0.12.6/Nortel-Passport/.svn/text-base/snmp.cpp.svn-base b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/snmp.cpp.svn-base new file mode 100644 index 0000000..a1ddcf4 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/snmp.cpp.svn-base @@ -0,0 +1,195 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "snmp.h" + + +using namespace std; + + +PassportSNMP::PassportSNMP() +{ + // Init SNMP support options... + deviceSNMPSupportText = i18n("*DEVICETYPE* devices support *ABBREV*SNMP*-ABBREV* versions 1 and 2. From *DEVICEOS* version 2 some *DEVICETYPE* devices include support for *ABBREV*SNMP*-ABBREV* version 3."); // Intro Config section device specific text. + supportSNMP3 = false; // Does this device support SNMPv3? + supportSNMP3Upgrade = false; // Do you have to upgrade to get support for SNMPv3 + supportSNMP3UpgText = i18n("*ABBREV*SNMP*-ABBREV* version 3 is supported from *DEVICEOS* 2, depending on the model and options."); // SNMP 3 is supported from OS version ... + disableSNMPCmdText = i18n(""); // The text and command(s) to disable SNMP support + configSNMPCommunityText = i18n(""); // The text and command(s) to configure a community string + configSNMP3Text = i18n(""); // The text and command(s) to configure SNMP version 3 + configSNMPViewText = i18n(""); // The text and command(s) to configure SNMP views + configSNMPTrapsText = i18n("*ABBREV*SNMP*-ABBREV* traps can be configured with the following command:*CODE**COMMAND*sys set snmp trap-recv *CMDUSER*ip-address*-CMDUSER* *CMDREQUIRE*v1 *CMDOR* v2c*-CMDREQUIRE* *CMDUSER*community*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP traps + configSNMPInformsText = i18n(""); // The text and command(s) to configure SNMP informs + configSNMPReadOnlyText = i18n(""); // The text and command(s) to configure SNMP read only access + configSNMPFilterText = i18n(""); // The text and command(s) to configure SNMP filtering + + enabled = false; // Is the SNMP server enabled? + snmp12Enabled = false; // Is SNMP versions 1 or 2 configured? + snmp3Enabled = false; // Is SNMP version 3 configured? + listenPort = 161; // The UDP port SNMP will listen on + + snmpFilterText = i18n("Filter"); // The device specific description of a filter (i.e. Cisco called them ACL) + snmpFilterIPv6Text = i18n("*ABBREV*IPv6*-ABBREV* Filter"); + + // Community Options... + communityView = false; // SNMP view for the community + communityFilter = false; // SNMP Network Filtering + communityIPv6Filter = false; // SNMP IPv6 Network Filtering + communitySpecificFilters = false; // If the device uses an SNMP specific list. If false, it is std device filters + communityRequiresHosts = false; // If the SNMP community will not work without a list of those who can access it + + // Default communities... + defaultReadOnly = "public"; // Default read only community + defaultReadWrite = "private"; // Default read/write community + defaultReadWriteAll = "secret"; // Default read/write all community + + // View support options... + viewSeperated = false; // Separate the views into different tables + viewExcludes = false; // Show the Include/Exclude View Table column + viewMIBText = i18n("*ABBREV*MIB*-ABBREV*"); // What the MIB column title in the table should be called + + // SNMP Trap/Inform Host Options... + trapsOnly = true; // Only Traps are supported + trapsSNMPv3 = false; // SNMP v3 support for traps + trapsShowPort = false; // Show Trap Host Port in Table + trapsShowNotifications = false; // Show Notifications in the Table + trapsShowEventLevel = false; // Show Notification Event Level in the Table + + // Traps/Informs Options... + trapsShowExcluded = false; // Show excluded traps + trapsShowOptions = false; // Show trap options + + // Host Options... + hostShowInterface = false; // Show the Interface in the Table + hostShowCommunity = false; // Show the Community in the Table + hostShowFilterID = false; // Show a filter ID if used + hostFilterText = i18n("Filter"); // The Table column title for the filter text + + // SNMP User Options... + showUserRemote = false; // Show the remote host/port setting + showUserPriv = false; // Show the privacy settings + showUserFilter = false; // Show the Filter column in the table + showUserIPv6Filter = false; // Show the IPv6 Filter column in the table + userFilterText = i18n("Filter"); // The Text for the Filter table column title + userIPv6FilterText = i18n("*ABBREV*IPv6*-ABBREV* Filter"); // The Text for the IPv6 Filter table column title + + // SNMP Group Options... + snmpGroupShowType = false; // Enable/Disable SNMPv3 type in table + snmpGroupReadView = false; // Enable/Disable Read Views + snmpGroupWriteView = false; // Enable/Disable Write Views + snmpGroupNotifyView = false; // Enable/Disable Notify Views + snmpGroupFilter = false; // Enable/Disable Filter support + snmpGroupIPv6Filter = false; // Enable/Disable IPv6 Filter support + groupFilterText = i18n("Filter"); // The Text for the Filter table column title + groupIPv6FilterText = i18n("*ABBREV*IPv6*-ABBREV* Filter"); // The Text for the IPv6 Filter table column title +} + + +int PassportSNMP::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + snmpTrapHost *trapPointer = 0; + snmpCommunity *communityPointer = 0; + + // sys set snmp... + if ((strcmp(command->part(0), "sys") == 0) && (strcmp(command->part(1), "set") == 0) && (strcmp(command->part(2), "snmp") == 0)) + { + + // Trap... + if (strcmp(command->part(3), "trap-recv") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + trapPointer = addSNMPTrapHost(); + trapPointer->host.assign(command->part(4)); + trapPointer->trap = true; + if (strcmp(command->part(5), "v1") == 0) + trapPointer->version = 1; + else + trapPointer->version = 2; + trapPointer->community.assign(command->part(6)); + } + + // Community... + if (strcmp(command->part(3), "community") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + communityPointer = addSNMPCommunity(); + communityPointer->enabled = true; + communityPointer->community.assign(command->part(5)); + if (strcmp(command->part(4), "ro") == 0) + communityPointer->type = communityReadOnly; + else if (strcmp(command->part(4), "rwa") == 0) + communityPointer->type = communityReadWriteAll; + else + communityPointer->type = communityReadWrite; + communityPointer->version = 1; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int PassportSNMP::generateConfigSpecificReport(Device *device) +{ + // Device specific code for the config report goes here + + return 0; +} + + +int PassportSNMP::processDefaults() +{ + // Any default setting post processing code goes here... + + return 0; +} + diff --git a/libnipper-0.12.6/Nortel-Passport/.svn/text-base/snmp.h.svn-base b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/snmp.h.svn-base new file mode 100644 index 0000000..af83807 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/.svn/text-base/snmp.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef Passportsnmp_H +#define Passportsnmp_H + +#include "../device/snmp/snmp.h" + + +class PassportSNMP : public SNMP +{ + public: + PassportSNMP(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(); + virtual int generateConfigSpecificReport(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Nortel-Passport/administration.cpp b/libnipper-0.12.6/Nortel-Passport/administration.cpp new file mode 100644 index 0000000..29d8948 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/administration.cpp @@ -0,0 +1,165 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "administration.h" + + +PassportAdministration::PassportAdministration() +{ + + // ----------------------------------------------------------------------- + // Device Specific Settings... + // ----------------------------------------------------------------------- + + // General... + generalSettings = false; // Show the general settings section? + consoleEnabled = false; // Is the Console port enabled? + consoleSupported = false; // Is a console port supported? + consoleTimeoutSupported = false; // Is a console timeout supported? + consoleTimeout = 0; // Console timeout + configConsoleTimeout = i18n(""); // The text and commands to configure the timeout + connectionTimeoutSupported = false; // Is a connection timeout supported? + connectionTimeout = 0; // Connection Timeout + configTimeout = i18n(""); // The text and commands to configure the timeout + + // Host restrictions... + serviceWideHosts = false; // Do all the admin services share a common host restrictions? + showHostInterface = false; // Show the Interface column in the host table? + showHostAccess = false; // Show the Access column in the host table? + serviceConfigHosts = i18n(""); // Text, how to configure administrative host restrictions. + + // Telnet options... + telnetSupported = false; // Is telnet supported? + telnetEnabled = false; // Is Telnet enabled? + telnetPort = 23; // The telnet service port + telnetSpecificHost = false; // Does Telnet have its own access list? + telnetHostsRequired = false; // Is the host configuration required? + showTelnetHostInterface = false; // Show the Interface column in the host table? + showTelnetHostAccess = false; // Show the Access column in the host table? + configTelnetHostAccess = i18n(""); // How access lists are configured for the telnet service + disableTelnet = i18n(""); // How to disable telnet text... + telnetSpecificTimeout = false; // A Telnet Specific Timeout? + telnetTimeout = 0; // The Telnet Timeout (secs) + configTelnetTimeout = i18n(""); // The text and commands to configure the timeout + + // TFTP options... + tftpSupported = false; // Is TFTP supported? + tftpEnabled = false; // Is TFTP enabled? + tftpPort = 69; // The TFTP service port + tftpSpecificHost = false; // Does TFTP have its own access list? + tftpHostsRequired = false; // Is the host configuration required? + showTFTPHostInterface = false; // Show the Interface column in the host table? + showTFTPHostAccess = false; // Show the Access column in the host table? + configTFTPHostAccess = i18n(""); // How access lists are configured for the TFTP service + disableTFTP = i18n(""); // How to disable TFTP text... + + // FTP options... + ftpSupported = false; // Is FTP supported? + ftpEnabled = false; // Is FTP enabled? + ftpPort = 21; // The FTP service port + ftpSpecificHost = false; // Does FTP have its own access list? + ftpHostsRequired = false; // Is the host configuration required? + showFTPHostInterface = false; // Show the Interface column in the host table? + showFTPHostAccess = false; // Show the Access column in the host table? + configFTPHostAccess = i18n(""); // How access lists are configured for the FTP service + disableFTP = i18n(""); // How to disable FTP text... + ftpSpecificTimeout = false; // A FTP Specific Timeout? + ftpTimeout = 0; // The FTP Timeout (secs) + configFTPTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH options... + sshSupported = false; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = false; // Is the SSH service enabled? + sshVersion = 0; // What is the SSH Protocol version (0 = 1 and 2) + sshPort = 22; // The SSH port number + configSSHSupport = i18n(""); // How to configure SSH... + sshSpecificHost = false; // Does SSH have its own access list? + sshHostsRequired = false; // Is the host configuration required? + showSSHHostInterface = false; // Show the Interface column in the host table? + showSSHHostAccess = false; // Show the Access column in the host table? + configSSHHostAccess = i18n(""); // How to configure SSH... + sshSpecificTimeout = false; // A SSH Specific Timeout? + sshTimeout = 0; // The SSH Timeout (secs) + configSSHTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH Options + sftpEnabled = false; // Is SFTP enabled? + sftpSupported = false; // Is SFTP supported? + scpSupported = false; // Is SCP supported? + scpEnabled = false; // Is SCP enabled? + + // SSH 2 support... + ssh2Supported = false; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + configSSHv2Support = i18n(""); // How to configure protocol version 2 support only + + // Config report SSH support text + sshConfigProtocolSupport = i18n(""); // Config report text on protocol support (e.g. supports both version 1 and 2 of the protocol) + + // HTTP(S) options... + httpSupported = false; // Does this device support HTTP + httpsSupported = false; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpPort = 80; // HTTP port + httpsEnabled = false; // Is the HTTPS service enabled? + httpsPort = 443; // HTTPS port + httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? + httpSpecificTimeout = false; // A HTTP Specific Timeout? + httpTimeout = 0; // The HTTP Timeout (secs) + configHTTPTimeout = i18n(""); // The text and commands to configure the timeout + httpLabel = i18n("*ABBREV*HTTP*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*HTTPS*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + httpSpecificHost = false; // Does HTTP have its own access list? + httpHostsRequired = false; // Is the host configuration required? + showHTTPHostInterface = false; // Show the Interface column in the host table? + showHTTPHostAccess = false; // Show the Access column in the host table? + configHTTPHostAccess = i18n(""); // How to configure HTTP Management hosts... + disableHTTP = i18n(""); // How to disable HTTP text... + configHTTPSSupport = i18n(""); // How to configure HTTPS... +} + + +int PassportAdministration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + return 0; +} + + +int PassportAdministration::processDefaults(Device *device) +{ + return 0; +} + diff --git a/libnipper-0.12.6/Nortel-Passport/administration.h b/libnipper-0.12.6/Nortel-Passport/administration.h new file mode 100644 index 0000000..d5ca619 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/administration.h @@ -0,0 +1,58 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef Passportadministration_H +#define Passportadministration_H + + +#include "../device/administration/administration.h" + + +class PassportAdministration : public Administration +{ + public: + + PassportAdministration(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Methods + //virtual int generateDeviceGeneralConfig(Device *device); // A device specific config report output + //virtual int generateDeviceTelnetConfig(Device *device); // A device specific config report output + //virtual int generateDeviceTFTPConfig(Device *device); // A device specific config report output + //virtual int generateDeviceFTPConfig(Device *device); // A device specific config report output + //virtual int generateDeviceSSHConfig(Device *device); // A device specific config report output + //virtual int generateDeviceHTTPConfig(Device *device); // A device specific config report output +}; + + +#endif diff --git a/libnipper-0.12.6/Nortel-Passport/banner.cpp b/libnipper-0.12.6/Nortel-Passport/banner.cpp new file mode 100644 index 0000000..146abf0 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/banner.cpp @@ -0,0 +1,127 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "banner.h" + + +PassportBanner::PassportBanner() +{ + // Banner settings... + preLogonBanner = true; // Support Banner(s) Before Logon? + postLogonBanner = true; // Support Banner(s) After Logon? + configPreLogonBanner = i18n("The pre-logon banner message is configured on *DEVICETYPE* devices by adding banner message lines and then enabling the custom banner message. This can be done with the following commands:*CODE**COMMAND*cli banner add *CMDUSER*banner-message*-CMDUSER**-COMMAND**COMMAND*cli banner defaultbanner false*-COMMAND**-CODE*"); // The text that explains how to config a prelogon banner, with commands... + configPostLogonBanner = i18n("The *ABBREV*MOTD*-ABBREV* banner message is configured on *DEVICETYPE* devices by adding message lines and then enabling the custom message. This can be done with the following command:*CODE**COMMAND*cli motd add *CMDUSER*banner-message*-CMDUSER**-COMMAND**COMMAND*cli motd defaultbanner false*-COMMAND**-CODE*"); // The text that explains how to config a post logon banner, with commands... +} + + +int PassportBanner::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + bannerStruct *bannerPointer = 0; + + // motd banner add... + if ((strcmp(command->part(1), "motd") == 0) && (strcmp(command->part(2), "add") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + bannerPointer = getBanner("*ABBREV*MOTD*-ABBREV*"); + if (bannerPointer == 0) + { + bannerPointer = addBanner(); + bannerPointer->banner = postLogon; + bannerPointer->enabled = false; + bannerPointer->name.assign(i18n("*ABBREV*MOTD*-ABBREV*")); + bannerPointer->description.assign(i18n("The *ABBREV*MOTD*-ABBREV* banner message is presented to users after they logon. The *ABBREV*MOTD*-ABBREV* banner configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = anyConnection; + } + addBannerLine(bannerPointer, command->part(3)); + } + + // motd default... + else if ((strcmp(command->part(1), "motd") == 0) && (strcmp(command->part(2), "defaultbanner") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sMOTD Banner On/Off Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + bannerPointer = getBanner("*ABBREV*MOTD*-ABBREV*"); + if (bannerPointer != 0) + { + if (strcmp(command->part(3), "true") == 0) + bannerPointer->enabled = false; + else + bannerPointer->enabled = true; + } + } + + // banner banner add... + else if ((strcmp(command->part(1), "banner") == 0) && (strcmp(command->part(2), "add") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sBanner Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + bannerPointer = getBanner("Logon"); + if (bannerPointer == 0) + { + bannerPointer = addBanner(); + bannerPointer->banner = preLogon; + bannerPointer->enabled = false; + bannerPointer->name.assign(i18n("Logon")); + bannerPointer->description.assign(i18n("The logon banner message is presented to users before they logon. The logon banner configured on *DEVICENAME* follows:")); + bannerPointer->connectionType = anyConnection; + } + addBannerLine(bannerPointer, command->part(3)); + } + + // banner default... + else if ((strcmp(command->part(1), "banner") == 0) && (strcmp(command->part(2), "defaultbanner") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sBanner On/Off Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + bannerPointer = getBanner("Logon"); + if (bannerPointer != 0) + { + if (strcmp(command->part(3), "true") == 0) + bannerPointer->enabled = false; + else + bannerPointer->enabled = true; + } + } + + return 0; +} + diff --git a/libnipper-0.12.6/Nortel-Passport/banner.h b/libnipper-0.12.6/Nortel-Passport/banner.h new file mode 100644 index 0000000..98eefef --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/banner.h @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef Passportbanner_H +#define Passportbanner_H + + +#include "../device/banner/banner.h" + + +class PassportBanner : public Banner +{ + public: + + PassportBanner(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Nortel-Passport/device.cpp b/libnipper-0.12.6/Nortel-Passport/device.cpp new file mode 100644 index 0000000..e619a61 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/device.cpp @@ -0,0 +1,209 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" +#include "administration.h" +#include "banner.h" +#include "snmp.h" +#include "filter.h" +#include "interfaces.h" + + +PassportDevice::PassportDevice() +{ + deviceMake = "Nortel"; + deviceType = "Passport"; + deviceOS = "Passport OS"; + + general = new (PassportGeneral); + administration = new (PassportAdministration); + banner = new (PassportBanner); + snmp = new (PassportSNMP); + filter = new (PassportFilter); + interfaces = new (PassportInterfaces); +} + + +PassportDevice::~PassportDevice() +{ + delete general; + delete administration; + delete banner; + delete snmp; + delete filter; + delete interfaces; +} + + +int PassportDevice::processDevice() +{ + // Variables... + char line[1024]; + ConfigLine command; + int tempInt = 0; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + tempInt = 0; + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Hostname (in general)... + if (strcmp(command.part(tempInt), "#") == 0) + { + tempInt++; + + // Box type... + if ((strcmp(command.part(tempInt), "box") == 0) && (strcmp(command.part(tempInt + 1), "type") == 0) && (strcmp(command.part(tempInt + 2), ":") == 0)) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Software Version... + else if ((strcmp(command.part(tempInt), "software") == 0) && (strcmp(command.part(tempInt + 1), "version") == 0) && (strcmp(command.part(tempInt + 2), ":") == 0)) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Monitor Version... + else if ((strcmp(command.part(tempInt), "monitor") == 0) && (strcmp(command.part(tempInt + 1), "version") == 0) && (strcmp(command.part(tempInt + 2), ":") == 0)) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Modules + else if (strcmp(command.part(tempInt), "Slot") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + else + lineNotProcessed(line); + } + + // Ethernet + else if (strcmp(command.part(0), "ethernet") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // VLAN + else if (strcmp(command.part(0), "vlan") == 0) + interfaces->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Traffic Filtering + else if ((strcmp(command.part(tempInt), "ip") == 0) && (strcmp(command.part(tempInt + 1), "traffic-filter") == 0)) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + else if ((strcmp(command.part(tempInt), "sys") == 0) && (strcmp(command.part(tempInt + 1), "set") == 0)) + { + tempInt += 2; + + // contact... + if (strcmp(command.part(tempInt), "contact") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // location... + if (strcmp(command.part(tempInt), "location") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SNMP... + if (strcmp(command.part(tempInt), "snmp") == 0) + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + else + lineNotProcessed(line); + } + + else if (strcmp(command.part(tempInt), "cli") == 0) + { + tempInt++; + + // banner... + if (strcmp(command.part(tempInt), "banner") == 0) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // motd... + else if (strcmp(command.part(tempInt), "motd") == 0) + banner->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + else + lineNotProcessed(line); + } + + // All others... + else + lineNotProcessed(line); + } + + if ((general->version.empty()) && (config->deviceTypeChecks == true)) + return libnipper_error_wrongdevice; + + return 0; +} + + +bool PassportDevice::isDeviceType() +{ + // Variables... + ConfigLine command; + char line[1024]; + bool found = false; + int lineCount = 0; + int returnCode = 0; + + // Open and check the contents of the file... + returnCode = openInput(); + if (returnCode != 0) + return false; + + // The process device configuration file loop... + while ((feof(inputFile) == 0) && (found == false) && (lineCount < 15)) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + if ((strcmp(command.part(0), "#") == 0) && (strcmp(command.part(1), "box") == 0) && (strcmp(command.part(2), "type") == 0) && (strcmp(command.part(3), ":") == 0)) + found = true; + + else if ((strcmp(command.part(0), "#") == 0) && (strcmp(command.part(1), "software") == 0) && (strcmp(command.part(2), "version") == 0) && (strcmp(command.part(3), ":") == 0)) + found = true; + } + fclose(inputFile); + + return found; +} + diff --git a/libnipper-0.12.6/Nortel-Passport/device.h b/libnipper-0.12.6/Nortel-Passport/device.h new file mode 100644 index 0000000..f015e06 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/device.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_Passport_H +#define device_Passport_H + + +#include "../device/device.h" + + +class PassportDevice : public Device +{ + public: + PassportDevice(); + ~PassportDevice(); + + int processDevice(); + bool isDeviceType(); +}; + + +#endif diff --git a/libnipper-0.12.6/Nortel-Passport/filter.cpp b/libnipper-0.12.6/Nortel-Passport/filter.cpp new file mode 100644 index 0000000..d56d560 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/filter.cpp @@ -0,0 +1,541 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../device/common/configline.h" +#include "../globaldefs.h" +#include "device.h" +#include "filter.h" + + +PassportFilter::PassportFilter() +{ + // Filter device options... + denyAllAndLogDefault = false; // Does it deny all and log by default? + defaultFilterActionSupported = true; // Default action supported on the device + allowByDefault = false; // Forward by default? + defaultActionIsAllow = false; // Is the default action to forward + logLevelsSupported = false; // Are log Levels supported + logOnlyDenySupported = false; // Is only Deny rule logging supported + noAccessWithoutFilters = false; // Is access not granted if no filters are configured + filterSupportsInstalled = false; // If filtering supports installed (i.e. CheckPoint) + filterSupportsThrough = false; // If a filtering supports through (i.e. CheckPoint) + rejectRulesSupported = false; // If reject rules are supported + bypassRulesSupported = false; // If bypass rules are supported + defaultRulesSupported = true; // If default rules are supported + ruleListsAreAssigned = true; // Rule lists are assigned to specific elements + allowName = i18n("Forward"); // The name given to an forwarded filter + denyName = i18n("Drop"); // The name given to a denied filter + rejectName = i18n("Reject"); // The name given to a rejected filter + filterConfigTitle = i18n("*ABBREV*IP*-ABBREV* Filter Configuration"); // The Title for the configuration report section + filterConfigText = i18n("*ABBREV*IP*-ABBREV* filters are used to restrict access to specific hosts and services and are grouped into filter lists. Typically, *ABBREV*IP*-ABBREV* filters are processed sequentially with the first matching filter taking effect. However, the filter can be configured to not stop at a particular filter when the filter matches the network traffic."); // The device specific configuration report section text + filterConfigText2 = i18n("*DEVICETYPE* devices support three different types of filters, source, destination and global."); // The device specific configuration report section text2 + useFilterID = true; // Use the filter ID to identify a filter (otherwise a line no. is used) + filterIDTitle = i18n("*ABBREV*ID*-ABBREV*"); // The title for the filter ID/line no. table column + filterListName = i18n("*ABBREV*IP*-ABBREV* filter list"); // The name of the filter list, for use in text paragraphs + filterListNameTitle = i18n("*ABBREV*IP*-ABBREV* Filter List"); // The name of the filter list, for use in titles + filterListNamePlaural = i18n("*ABBREV*IP*-ABBREV* Filter Lists"); // The name of the filter list, for use in text paragraphs + filterTitle = i18n("Filter"); // The name of a filter, for use in titles + filterTitlePlaural = i18n("Filters"); // The name of a filter, for use in titles + filterName = i18n("filter"); // The name of a filter, for use use in text paragraph + filterNamePlaural = i18n("filters"); // The name of a filter, for use use in text paragraph + + // Issue titles... + allowAndNotLogIssue = i18n("Not All Forward Filters Log Access"); // The title text for the "All Forward Rules Do Not Log" issue + allowAndNotLogTable = i18n("Forward filters that do not log"); // The table title text for the "All Forward Rules Do Not Log" issue + allowAndNotLogConcl = i18n("not all forward filters log access"); // The conclusions text for the "All Forward Rules Do Not Log" issue + allowAndNotLogReco = i18n("Configure logging for all forward filters"); // The recommendations text for "All Forward Rules Do Not Log" (and deny) issue + denyAndNotLogIssue = i18n("Not All Drop Filters Log Access"); // The title text for the "All Forward Rules Do Not Log" issue + denyAndNotLogTable = i18n("Drop filters that do not log"); // The table title text for the "All Forward Rules Do Not Log" issue + denyAndNotLogConcl = i18n("not all drop filters log access"); // The conclusions text for the "All Forward Rules Do Not Log" issue + configRuleLogging = i18n(""); // The text describing how to configure logging for filter rules + noFilteringIssue = i18n("No *ABBREV*IP*-ABBREV* Filters Were Configured"); // The title text for the "No filtering" issue + noFilteringRec = i18n("Configure *ABBREV*IP*-ABBREV* Filters to restict access"); // The title text for the "No filtering" recommendation + noFilteringCon = i18n("no *ABBREV*IP*-ABBREV* filters were configured"); // The title text for the "No filtering" conclusion + legacyIssueFinding = i18n(""); // The finding for the legacy issue + legacyIssueImpact = i18n(""); // The impact for the legacy issue + legacyIssueEase = i18n(""); // The ease for the legacy issue + legacyIssueRec = i18n(""); // The recommendation for the legacy issue + allowAnythingTable = i18n("*ABBREV*IP*-ABBREV* filters forward any access"); // The forward anything table title text + allowWeakTable = i18n("*ABBREV*IP*-ABBREV* filters provide weak filtering"); // Weak source/service/destination/service table title text + allowAnyAnyAnyTable = i18n("*ABBREV*IP*-ABBREV* filters forward any host to access any destination and service"); // The forward any source, destination and service table title text + allowWeakWeakWeakTable = i18n("*ABBREV*IP*-ABBREV* filters provide weak filtering of source, destination and service"); // The forward weak source, destination and service table title text + allowAnyServiceAnyTable = i18n("*ABBREV*IP*-ABBREV* filters forward any source port to any destination and service"); // The forward any source port, destination and service table title text + allowWeakServiceAnyTable = i18n("*ABBREV*IP*-ABBREV* filters provide weak filtering of source port to destination and service"); // The forward weak source, destination and service table title text + allowAnyAnyTable = i18n("*ABBREV*IP*-ABBREV* filters forward any source to any destination"); // The forward any source, destination table title text + allowAnyAnyServiceTable = i18n("*ABBREV*IP*-ABBREV* filters forward any source to any destination service"); // The forward any source, destination service table title text + allowAnyDestServiceTable = i18n("*ABBREV*IP*-ABBREV* filters forward any destination and service"); // The forward any destination and service table title text + allowAnyPortDestTable = i18n("*ABBREV*IP*-ABBREV* filters forward any source port to any destination address"); // The forward any source port to any destination table title text + allowAnyPortServiceTable = i18n("*ABBREV*IP*-ABBREV* filters forward any source port to any destination service"); // The forward any source port to any dest service table title text + allowWeakWeakTable = i18n("*ABBREV*IP*-ABBREV* filters forward weak filtering of source and destination addresses"); // The forward weak source, destination addresses + allowWeakWeakServiceTable = i18n("*ABBREV*IP*-ABBREV* filters forward weak source addresses and destination services"); // The forward weak source, destination service table title text + allowDestAndServiceTable = i18n("*ABBREV*IP*-ABBREV* filters forward weak destination addresses and services");// The forward weak destination and service table title text + allowWeakPortDestTable = i18n("*ABBREV*IP*-ABBREV* filters forward weak source ports and destination"); // The forward weak source port to Destination table title text + allowWeakPortServiceTable = i18n("*ABBREV*IP*-ABBREV* filters forward weak source ports and destination services"); // The forward weak source port to service table title text + allowAnySourceTable = i18n("*ABBREV*IP*-ABBREV* filters forward from any source address"); // The forward any source address table title text + allowNetSourceTable = i18n("*ABBREV*IP*-ABBREV* filters forward from a network source address"); // The forward a network source address table title text + allowAnyPortTable = i18n("*ABBREV*IP*-ABBREV* filters forward from any source port"); // The forward any source port table title text + allowRangePortTable = i18n("*ABBREV*IP*-ABBREV* filters forward from a source port range"); // The forward range source port table title text + allowAnyDestTable = i18n("*ABBREV*IP*-ABBREV* filters forward to any destination"); // The forward any destination table title text + allowNetDestTable = i18n("*ABBREV*IP*-ABBREV* filters forward to a network destination"); // The forward a network destination table title text + allowToAnyDestServiceTable = i18n("*ABBREV*IP*-ABBREV* filters forward to any destination service"); // The forward any destination service table title text + allowToNetDestServiceTable = i18n("*ABBREV*IP*-ABBREV* filters forward to a destination service range"); // The forward a destination service range table title text + bypassContentFilterCon = i18n("*ABBREV*IP*-ABBREV* filters were configured that bypass the content filtering"); // Bypass filter conclusion text + bypassContentFilterRec = i18n("Connfigure *ABBREV*IP*-ABBREV* filters that do not bypass the content filtering"); // Bypass filter recommendation text + defaultFilterCon = i18n("*ABBREV*IP*-ABBREV* filters were configured that default to the ports filtering action"); // Default filter conclusion text + defaultFilterRec = i18n("Configure *ABBREV*IP*-ABBREV* filters that do not default to the ports filtering action"); // Default filter recommendation text + rejectSecurityIssueTitle = i18n("Reject *ABBREV*IP*-ABBREV* filters Were Configured"); // Reject filter title text + securityRejectTextCon = i18n("*ABBREV*IP*-ABBREV* filters were configured that reject network traffic"); // Reject filter conclusion text + securityRejectTextRec = i18n("Configure *ABBREV*IP*-ABBREV* filters to deny rather than reject network traffic"); // Reject filter recommendation text + clearTextServiceCon = i18n("*ABBREV*IP*-ABBREV* filters were configured that forward access to clear text protocol services"); // Clear Text Service conclusions text + clearTextServiceRec = i18n("Configure *ABBREV*IP*-ABBREV* filters to deny access to any clear text protocol services"); // Clear Text Service recommendations text2 + configureFilterListRecIssueText = i18n("A *ABBREV*IP*-ABBREV* filter list can be created and a filter assigned to it with the following commands:*CODE**COMMAND*ip traffic-filter set *CMDUSER*filter-list-number*-CMDUSER* create *CMDOPTION*name *CMDUSER*\"comment\"*-CMDUSER**-CMDOPTION**-COMMAND**COMMAND*ip traffic-filter set *CMDUSER*filter-list-number*-CMDUSER* add-filter *CMDUSER*filter-number*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a filter list + configureFilterRecIssueText = i18n("A source *ABBREV*IP*-ABBREV* filter can be created with the following command:*CODE**COMMAND*ip traffic-filter create source src-ip *CMDUSER*source-ip*-CMDUSER* dst-ip *CMDUSER*dest-ip*-CMDUSER* id *CMDUSER*filter-number*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a filter + unnecessaryServiceCon = i18n("*ABBREV*IP*-ABBREV* filters were configured that forward access to potentially unnecessary services"); // Unnecessary Service conclusions text + unnecessaryServiceRec = i18n("Configure *ABBREV*IP*-ABBREV* filters to deny access to any unnecessary services"); // Unnecessary Service recommendations text2 + filtersWithNoCommentsTitle = i18n("Not All *ABBREV*IP*-ABBREV* filters Include Comments"); // Filters with no comments title text + noFilterCommentsCon = i18n("not all *ABBREV*IP*-ABBREV* filters include comment text indicating their purpose"); // The no comments conclusion text + noFilterCommentsRec = i18n("Configure comment text for all *ABBREV*IP*-ABBREV* filters"); // The no comments recommendation text + configureFilterCommentText = i18n("*ABBREV*IP*-ABBREV* filter comments can be configured with the following command:*CODE**COMMAND*ip traffic-filter filter *CMDUSER*filter-number*-CMDUSER* name *CMDUSER*\"comment\"*-CMDUSER**-COMMAND**-CODE*"); // The text and commands to configure a filters comment text + disabledFiltersTitle = i18n("Disabled *ABBREV*IP*-ABBREV* filters Were Configured"); // The disabled filter issues title text + removeFilterText = i18n("An *ABBREV*IP*-ABBREV* filter can be deleted with the following command:*CODE**COMMAND*ip traffic-filter filter *CMDUSER*filter-number*-CMDUSER* delete*-COMMAND**-CODE*"); // The commands and text to delete a filter + disabledFilterCon = i18n("disabled *ABBREV*IP*-ABBREV* filters were configured"); // The disabled filter conclusion text + disabledFilterRec = i18n("Remove all disabled *ABBREV*IP*-ABBREV* filters"); // The disabled filter recommendation text + defaultActionIssueTitle = i18n("The Default Network Filtering Action Permits Access"); // The default filter action issue title + defaultActionIssueCon = i18n("the default *ABBREV*IP*-ABBREV* filter list action was configured to forward access when a filter does not match"); // The default filter action conclusion text + defaultActionIssueRec = i18n("Set the default*ABBREV*IP*-ABBREV* filter list action to drop network traffic"); // The default filter action recommendation text + configureDefaultActionText = i18n(""); // The text and commands to configure the default action + unusedFiltersIssueTitle = i18n("Unused *ABBREV*IP*-ABBREV* filters Were Configured At The *ABBREV*IP*-ABBREV* Filter List End"); // Unused filters at the end of the filter list title + unusedFiltersIssueCon = i18n("unused *ABBREV*IP*-ABBREV* filters were configured at the end of the *ABBREV*IP*-ABBREV* filter list"); // Unused filters issue conclusions text + unusedFiltersIssueRec = i18n("Remove all unused *ABBREV*IP*-ABBREV* filters"); // Unused filters issue recommendation text + denyAllLogIssueTitle = i18n("*ABBREV*IP*-ABBREV* Filter List Does Not End with Drop All And Log"); // Deny All And Log Issue title + denyAllLogConfigure = i18n(""); // The text and commands to add a deny all and log line + denyAllLogIssueCon = i18n("not all *ABBREV*IP*-ABBREV* filter lists end with a drop all and log "); // The deny all and log conclusions text + denyAllLogIssueRec = i18n("Configure a drop all and log *ABBREV*IP*-ABBREV* filter as the last filter in each filter list"); // The deny all and log recommendations text + contradictIssueTitle = i18n("Contradicting *ABBREV*IP*-ABBREV* filters Were Configured"); // The contradict issue title + contradictIssueTable = i18n("contradictions of filter"); // The contradict table issue title + contradictIssueCon = i18n("*ABBREV*IP*-ABBREV* filters were configured that contradict other *ABBREV*IP*-ABBREV* filters"); // The contradict issue conclusion + contradictIssueRec = i18n("Reconfigure the *ABBREV*IP*-ABBREV* filters so they do not contradict other filters"); // The contradict issue recommendation + duplicateIssueTitle = i18n("Duplicate *ABBREV*IP*-ABBREV* filters Were Configured"); // The duplicate/overlapping issue title + duplicateIssueTable = i18n("duplicates of *ABBREV*IP*-ABBREV* filter"); // The duplicate/overlapping issue title + duplicateIssueCon = i18n("*ABBREV*IP*-ABBREV* filters were configured that duplicate the configuration of other *ABBREV*IP*-ABBREV* filters"); // The duplicate/overlapping issue title + duplicateIssueRec = i18n("Reconfigure the *ABBREV*IP*-ABBREV* filters so that the rules do not duplicate other *ABBREV*IP*-ABBREV* filters"); // The duplicate/overlapping issue title + +} + + +PassportFilter::~PassportFilter() +{ +} + + +int PassportFilter::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + filterListConfig *destFilterListPointer = 0; + filterListConfig *filterListPointer = 0; + filterConfig *destFilterPointer = 0; + filterConfig *filterPointer = 0; + filterObjectConfig *objectPointer = 0; + string tempString; + fpos_t filePosition; + int tempInt = 0; + + // IP... + if (strcmp(command->part(0), "ip") == 0) + { + + // Traffic Filters + if (strcmp(command->part(1), "traffic-filter") == 0) + { + + filterListPointer = getFilterList(i18n("Unassigned")); + filterListPointer->type = i18n("*ABBREV*IP*-ABBREV* Filters"); // The filter list type name (used in the config report) + filterListPointer->typeDescription = i18n("*ABBREV*IP*-ABBREV* filters are used on *DEVICETYPE* devices to determine which network traffic should be forwarded and which should be blocked. This section details those filters."); // The filter list type description for the report (used in config report) + filterListPointer->legacyType = false; // Is the filter list a legacy type? + filterListPointer->sourceOnly = false; // The type of filter + filterListPointer->loggingSupport = false; // Does the filter list support logging + filterListPointer->supportsTime = false; // Filter support time (dest only) + filterListPointer->supportsFragments = true; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = false; // Filter support established (dest only) + filterListPointer->sourceServiceSupported = true; // If source services are supported + filterListPointer->disabledFilterSupport = true; // Is it possible to disable filters? + filterListPointer->filterCommentsSupported = true; // Are filter comments supported + filterListPointer->showProtocol = true; // Show the protocol? (some devices use a configured service) + filterListPointer->showFilterZones = false; // Does the filter use filter-based zones (i.e. SonicWALL) + filterListPointer->showStop = true; + filterListPointer->showFilterType = true; // Does the filter have a type (i.e. like on Passport devices) + + while ((feof(device->inputFile) == 0) && (strcmp(command->part(1), "traffic-filter") == 0)) + { + + // Create + if (strcmp(command->part(2), "create") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFilter Create Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer = addFilter(filterListPointer); + filterPointer->stop = true; + filterPointer->inSet = false; + filterPointer->action = deftAction; + + // Filter Type + if (strcmp(command->part(3), "source") == 0) // Source + filterPointer->type = sourceFilter; + else if (strcmp(command->part(3), "destination") == 0) // Destination + filterPointer->type = destinationFilter; + else // Global + filterPointer->type = globalFilter; + tempInt = 4; + + while (tempInt < command->parts) + { + // Source / Destination... + if ((strcmp(command->part(tempInt), "src-ip") == 0) || (strcmp(command->part(tempInt), "dst-ip") == 0)) + { + if (strcmp(command->part(tempInt), "src-ip") == 0) + { + objectPointer = addFilterObject(filterPointer, source); + } + else + { + objectPointer = addFilterObject(filterPointer, destination); + } + tempInt++; + + objectPointer->serviceOper = serviceOperEqual; + if ((strcasecmp(command->part(tempInt), "default") == 0) || (strcmp(command->part(tempInt), "0.0.0.0/0.0.0.0") == 0)) + { + objectPointer->type = anyObject; + objectPointer->name.assign(i18n("Any")); + objectPointer->serviceOper = serviceOperAny; + } + else + { + if (strchr(command->part(tempInt), '/') != 0) + { + objectPointer->netmask.assign(strchr(command->part(tempInt), '/') + 1); + objectPointer->name.assign(command->part(tempInt)); + tempString.assign(command->part(tempInt)); + objectPointer->name.erase(tempString.find("/")); + if (objectPointer->netmask.compare("255.255.255.255") == 0) + objectPointer->type = hostObject; + else + objectPointer->type = networkObject; + } + else + { + objectPointer->type = hostObject; + objectPointer->name.assign(command->part(tempInt)); + } + } + } + + // Filter Id? + else if (strcmp(command->part(tempInt), "id") == 0) + { + tempInt++; + filterPointer->id = atoi(command->part(tempInt)); + } + + tempInt++; + } + } + + // Filter + else if (strcmp(command->part(2), "filter") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFilter Filter Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + filterPointer = getFilter(atoi(command->part(3)), filterListPointer); + + // Name... + if (strcmp(command->part(4), "name") == 0) + filterPointer->comment.assign(command->part(5)); + + // Action... + else if (strcmp(command->part(4), "action") == 0) + { + + // Mode... + if (strcmp(command->part(5), "mode") == 0) + { + if (strcmp(command->part(6), "forward") == 0) + filterPointer->action = allowAction; + else if (strcmp(command->part(6), "drop") == 0) + filterPointer->action = denyAction; + else if (strcmp(command->part(6), "forward-to-next-hop") == 0) + filterPointer->action = allowAction; + } + + // Stop on match... + else if (strcmp(command->part(5), "stop-on-match") == 0) + { + if (strcmp(command->part(6), "true") == 0) + filterPointer->stop = true; + else + filterPointer->stop = false; + } + } + + // Match... + else if (strcmp(command->part(4), "match") == 0) + { + + // Protocol... + if (strcmp(command->part(5), "protocol") == 0) + { + objectPointer = addFilterObject(filterPointer, protocol); + objectPointer->type = protocolObject; + objectPointer->name.assign(command->part(6)); + objectPointer->serviceOper = serviceOperEqual; + } + + // Source Port / Destination Port... + else if ((strcmp(command->part(5), "src-port") == 0) || (strcmp(command->part(5), "dst-port") == 0)) + { + if (strcmp(command->part(5), "src-port") == 0) + objectPointer = addFilterObject(filterPointer, sourceService); + else + objectPointer = addFilterObject(filterPointer, destinationService); + objectPointer->type = serviceObject; + objectPointer->name.assign(command->part(6)); + + if (command->parts == 9) + { + + // Options... + if ((strcasecmp(command->part(7), "src-option") == 0) || (strcasecmp(command->part(7), "dst-option") == 0)) + { + if (strcasecmp(command->part(8), "ignore") == 0) + objectPointer->serviceOper = serviceOperNotEqual; + else if (strcasecmp(command->part(8), "equal") == 0) + objectPointer->serviceOper = serviceOperEqual; + else if (strcasecmp(command->part(8), "less") == 0) + objectPointer->serviceOper = serviceOperLessThan; + else if (strcasecmp(command->part(8), "greater") == 0) + objectPointer->serviceOper = serviceOperGreaterThan; + else if (strcasecmp(command->part(8), "notequal") == 0) + objectPointer->serviceOper = serviceOperNotEqual; + } + } + } + } + } + + // Set + else if (strcmp(command->part(2), "set") == 0) + { + + // Create + if (strcmp(command->part(4), "create") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFilter Set Create Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + destFilterListPointer = getFilterList(command->part(3)); + destFilterListPointer->type = i18n("*ABBREV*IP*-ABBREV* Filters"); // The filter list type name (used in the config report) + destFilterListPointer->typeDescription = i18n("*ABBREV*IP*-ABBREV* filters are used on *DEVICETYPE* devices to determine which network traffic should be forwarded and which should be blocked. This section details those filters."); + destFilterListPointer->legacyType = false; // Is the filter list a legacy type? + destFilterListPointer->sourceOnly = false; // The type of filter + destFilterListPointer->loggingSupport = false; // Does the filter list support logging + destFilterListPointer->supportsTime = false; // Filter support time (dest only) + destFilterListPointer->supportsFragments = true; // Filter support fragments (dest only) + destFilterListPointer->supportsEstablished = false; // Filter support established (dest only) + destFilterListPointer->sourceServiceSupported = true; // If source services are supported + destFilterListPointer->disabledFilterSupport = true; // Is it possible to disable filters? + destFilterListPointer->filterCommentsSupported = true; // Are filter comments supported + destFilterListPointer->showProtocol = true; // Show the protocol? (some devices use a configured service) + destFilterListPointer->showFilterZones = false; // Does the filter use filter-based zones (i.e. SonicWALL) + destFilterListPointer->showStop = true; + destFilterListPointer->showFilterType = true; // Does the filter have a type (i.e. like on Passport devices) + if (strcmp(command->part(5), "name") == 0) + destFilterListPointer->listName.assign(command->part(6)); + } + + // Add Filter + else if (strcmp(command->part(4), "add-filter") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sFilter Set Add Filter Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + // Source filter... + filterPointer = getOnlyFilter(atoi(command->part(5)), filterListPointer); + if (filterPointer != 0) + { + + destFilterListPointer = getFilterList(command->part(3)); + destFilterPointer = getFilter(atoi(command->part(5)), destFilterListPointer); + + copySourceToDestinationFilters(filterPointer, destFilterPointer); + filterPointer->deleteMe = true; + } + } + + // All others... + else + device->lineNotProcessed(line); + + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int PassportFilter::generateDeviceSpecificFilterSecurityIssues(Device *device) +{ + // Variables... + Device::securityIssueStruct *securityIssuePointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + filterListConfig *filterListPointer = 0; + filterConfig *filterPointer = 0; + int filterCount = 0; + bool found = false; + int errorCode = 0; + + filterListPointer = filterList; + while ((filterListPointer != 0) && (found == false)) + { + if (filterListPointer->name.compare(i18n("Unassigned")) == 0) + { + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + filterCount++; + filterPointer = filterPointer->next; + } + found = true; + } + else + filterListPointer = filterListPointer->next; + } + + + if (found == true) + { + if (device->config->reportFormat == Config::Debug) + printf(" %s*%s [ISSUE] Unassigned IP Filters\n", device->config->COL_BLUE, device->config->COL_RESET); + + securityIssuePointer = device->addSecurityIssue(); + if (filterCount > 2) + securityIssuePointer->title.assign(i18n("Unassigned *ABBREV*IP*-ABBREV* Filters Were Configured")); + else + securityIssuePointer->title.assign(i18n("An Unassigned *ABBREV*IP*-ABBREV* Filter Was Configured")); + securityIssuePointer->reference.assign("PAS.FILTUNAS.1"); + + // Issue finding... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("The *ABBREV*IP*-ABBREV* filters on *DEVICETYPE* devices are configured prior to the filter lists. The filters can then assigned to the various filter lists and the filter lists assigned to interfaces in order to restrict access.")); + + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + device->addValue(paragraphPointer, filterCount); + if (filterCount > 2) + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* *ABBREV*IP*-ABBREV* filters were not assigned to any filter lists. These filters are listed in Table *TABLEREF*.")); + else + paragraphPointer->paragraph.assign(i18n("*COMPANY* determined that *NUMBER* *ABBREV*IP*-ABBREV* filter was not assigned to any filter lists. This filter is shown in Table *TABLEREF*.")); + + // Create table... + errorCode = device->addTable(paragraphPointer, "GEN-FILTUNAS-UNASSIGNED-TABLE"); + if (errorCode != 0) + return errorCode; + if (filterCount > 2) + paragraphPointer->table->title.assign(i18n("Unassigned *ABBREV*IP*-ABBREV* filters")); + else + paragraphPointer->table->title.assign(i18n("Unassigned *ABBREV*IP*-ABBREV* filter")); + + // Create table headings... + addFilterTableHeadings(device, paragraphPointer, filterListPointer); + + // Output filter lines... + filterPointer = filterListPointer->filter; + while (filterPointer != 0) + { + addFilterTableRow(device, paragraphPointer, filterPointer, filterListPointer); + filterPointer = filterPointer->next; + } + + // Issue impact... + securityIssuePointer->impactRating = 3; // Low + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("Although not a direct threat to security, unassigned filters will not be used and could lead to a duplication of the filters and cause confusion when administering a *DEVICETYPE* device. The clarity of the *ABBREV*IP*-ABBREV* filter lists are paramount as it could lead to a configuration where access to services are overally permissive.")); + + // Issue ease... + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + securityIssuePointer->easeRating = 0; // N/A + paragraphPointer->paragraph.assign(i18n("If the filters are not assigned to a filter list, they will not be used to filter any network traffic.")); + + // Issue recommendation... + securityIssuePointer->fixRating = 3; // Trivial + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that all unassigned *ABBREV*IP*-ABBREV* should be deleted. The unassigned filters can be deleted with the following command:*CODE**COMMAND*ip traffic-filter filter *CMDUSER*filter-number*-CMDUSER* delete*-COMMAND**-CODE*")); + + // Conclusions text... + if (filterCount > 2) + securityIssuePointer->conLine.assign(i18n("unassigned *ABBREV*IP*-ABBREV* filters were configured")); + else + securityIssuePointer->conLine.assign(i18n("an unassigned *ABBREV*IP*-ABBREV* filter was configured")); + + // Recommendation list text... + device->addRecommendation(securityIssuePointer, i18n("delete unassigned *ABBREV*IP*-ABBREV* filters"), true); + } + + return 0; +} + diff --git a/libnipper-0.12.6/Nortel-Passport/filter.h b/libnipper-0.12.6/Nortel-Passport/filter.h new file mode 100644 index 0000000..f17fe2a --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/filter.h @@ -0,0 +1,53 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef PassportFilter_H +#define PassportFilter_H + + +#include "../device/filter/filter.h" + + +class PassportFilter : public Filter +{ + public: + PassportFilter(); + ~PassportFilter(); + + + private: + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int generateDeviceSpecificFilterSecurityIssues(Device *device); +}; + + +#endif + diff --git a/libnipper-0.12.6/Nortel-Passport/general.cpp b/libnipper-0.12.6/Nortel-Passport/general.cpp new file mode 100644 index 0000000..25f8047 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/general.cpp @@ -0,0 +1,175 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +PassportGeneral::PassportGeneral() +{ +} + + +int PassportGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + int tempInt = 0; + + // Box type... + if ((strcmp(command->part(tempInt), "#") == 0) && (strcmp(command->part(tempInt + 1), "box") == 0) && (strcmp(command->part(tempInt + 2), "type") == 0) && (strcmp(command->part(tempInt + 3), ":") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sBox Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + deviceModel.assign(command->part(tempInt + 4)); + } + + // Software Version... + else if ((strcmp(command->part(tempInt), "#") == 0) && (strcmp(command->part(tempInt + 1), "software") == 0) && (strcmp(command->part(tempInt + 2), "version") == 0) && (strcmp(command->part(tempInt + 3), ":") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSoftware Version Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + version.assign(command->part(tempInt + 4)); + } + + // Monitor Version... + else if ((strcmp(command->part(tempInt), "#") == 0) && (strcmp(command->part(tempInt + 1), "monitor") == 0) && (strcmp(command->part(tempInt + 2), "version") == 0) && (strcmp(command->part(tempInt + 3), ":") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sMonitor Version Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + monitorVersion.assign(command->part(tempInt + 4)); + } + + // Modules + else if ((strcmp(command->part(tempInt), "#") == 0) && (strcmp(command->part(tempInt + 1), "Slot") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sModule Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + tempInt += 2; + if (strcmp(command->part(tempInt + 1), "--") != 0) + addDeviceModule(atoi(command->part(tempInt)), command->part(tempInt + 1), strstr(line, command->part(tempInt + 4))); + else + addDeviceModule(atoi(command->part(tempInt)), i18n("Empty")); + } + + else if ((strcmp(command->part(tempInt), "sys") == 0) && (strcmp(command->part(tempInt + 1), "set") == 0) && (strcmp(command->part(tempInt + 2), "location") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sLocation Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + location.assign(command->part(tempInt + 3)); + } + + else if ((strcmp(command->part(tempInt), "sys") == 0) && (strcmp(command->part(tempInt + 1), "set") == 0) && (strcmp(command->part(tempInt + 2), "contact") == 0)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sContact Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + contact.assign(command->part(tempInt + 3)); + } + + return 0; +} + + +int PassportGeneral::processDefaults(Device *device) +{ + // Split version numbers... + if (!version.empty()) + { + versionMajor = atoi(version.c_str()); + versionMinor = atoi(strchr(version.c_str(), '.') + 1); + versionRevision = atoi(strchr(strchr(version.c_str(), '.') + 1, '.') + 1); + versionTweak = atoi(strchr(strchr(strchr(version.c_str(), '.') + 1, '.') + 1, '.') + 1); + } + + return 0; +} + + +int PassportGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-GENERAL"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-GENERAL-TABLE"); + + // Monitor version... + if (!monitorVersion.empty()) + { + device->addTableData(paragraphPointer->table, i18n("Monitor Version")); + device->addTableData(paragraphPointer->table, monitorVersion.c_str()); + } + + return errorCode; +} + + +int PassportGeneral::generateSecuritySpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; +/* + // Service Password Encryption... + if (servicePasswordEncryption == off) + { + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Service Password Encryption Disabled")); + securityIssuePointer->reference.assign("IOS.PASSENCR.1"); + securityIssuePointer->overallRating = 8; + securityIssuePointer->impactRating = 9; + securityIssuePointer->easeRating = 2; + securityIssuePointer->fixRating = 1; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("Cisco service passwords by default are stored in their clear text form rather than being encrypted. However, it is possible to have these passwords stored using the reversible Cisco type-7 encryption. *COMPANY* determined that the service password encryption that helps to provide a basic level of encryption for passwords that otherwise would be stored in clear text was disabled on the Cisco device *DEVICENAME*.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("The Cisco type-7 password encryption provides little in the way of protection against an attacker who has access to the configuration file. However, the Cisco type-7 password encryption would provide a level of protect against a malicious user who had managed to briefly view a devices configuration.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("If a malicious user were able to glance a password from a devices configuration they could use it to gain a level of access to *DEVICENAME*. If the passwords were encrypted using the Cisco type-7 routine, a malicious user that had access to the devices configuration would have to decode the password first. Tools are widely available on the Internet that can reverse Cisco type-7 passwords.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that the Cisco password encryption service be enabled. The Cisco password encryption service can be started with the following Cisco *ABBREV*IOS*-ABBREV* command:")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*CODE**COMMAND*service password-encryption*-COMMAND**-CODE*")); + securityIssuePointer->conLine.assign(i18n("service password encryption was disabled")); + securityIssuePointer->recLine.assign(i18n("enable the service password encryption")); + }*/ + return errorCode; +} diff --git a/libnipper-0.12.6/Nortel-Passport/general.h b/libnipper-0.12.6/Nortel-Passport/general.h new file mode 100644 index 0000000..d5173d8 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/general.h @@ -0,0 +1,56 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef Passportdevicegeneral_H +#define Passportdevicegeneral_H + +#include "../device/general/general.h" + + +class PassportGeneral : public General +{ + public: + PassportGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Reporting... + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + private: + string monitorVersion; +}; + + +#endif diff --git a/libnipper-0.12.6/Nortel-Passport/interfaces.cpp b/libnipper-0.12.6/Nortel-Passport/interfaces.cpp new file mode 100644 index 0000000..6c3a7f4 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/interfaces.cpp @@ -0,0 +1,197 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "interfaces.h" + + +PassportInterfaces::PassportInterfaces() +{ + // Interface Options... + useModuleAndPort = true; // Use the module / port instead of the name + useInterfaceZone = false; // Use the interface zone + zoneName = i18n("Zone"); // The name for zone field + filterIn = i18n("Filter"); // The filter in table title text + filterOut = i18n("Filter Out"); // The filter out table title text + showDescription = false; // Show the interface description + cdpGlobalRequired = false; // If CDP needs to be enabled globally as well + disableCDPText = i18n(""); // The text and commands to disable CDP + cdpSupported = false; // Is CDP supported on interfaces + disableProxyARPText = i18n("Proxy *ABBREV*ARP*-ABBREV* can be disabled on *ABBREV*VLAN*-ABBREV* interfaces with the following command:*CODE**COMMAND*vlan *CMDUSER*vlan-id*-CMDUSER* ip proxy disable*-COMMAND**-CODE*"); // The text and commands to disable Proxy ARP + disableUnreachablesText = i18n(""); // The text and commands to disable ICMP unreachable messages + disableInformationText = i18n(""); // The text and commands to disable ICMP information messages + disableMaskText = i18n(""); // The text and commands to disable ICMP mask messages + disableRedirectText = i18n(""); // The text and commands to disable ICMP redirect messages + disableDirectedText = i18n(""); // The text and commands to disable directed broadcasts + disableMOPText = i18n(""); // The text and commands to disable MOP + disableActiveText = i18n(""); // The text and commands to disable potentially unused interfaces + filterName = i18n("filter lists"); // The filter list name for use in the filter issue text + configFilterText = i18n(""); // The text and commands to configure network filtering + defaultAutoTrunk = false; // Default to automatically trunk + disableTrunkText = i18n(""); // The text and commands to disable trunking on a port + enablePortSecurityText = i18n(""); // The text and commands to enable port security +} + + +int PassportInterfaces::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + interfaceListConfig *interfaceListPointer = 0; + interfaceConfig *interfacePointer = 0; + string tempString; + + // ethernet... + if (strcmp(command->part(0), "ethernet") == 0) + { + + interfaceListPointer = getInterfaceList("ETHERINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("Ethernet Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices ethernet interfaces."); + interfaceListPointer->tableTitle = i18n("Ethernet interfaces"); + interfaceListPointer->label = "ETHERINTERFACES"; + interfaceListPointer->vlanSupported = true; + interfaceListPointer->interfaceDisableSupport = true; // Is it possible to disable interfaces? + interfaceListPointer->inboundFilterSupported = true; // Is the inbound filtering supported? + interfaceListPointer->outboudFilterSupported = false; // Is the outbound filtering supported? + } + tempString.assign(command->part(1)); + interfacePointer = getInterface(interfaceListPointer, "", atoi(command->part(1)), atoi(tempString.substr(tempString.find("/") + 1).c_str())); + + // State + if (strcmp(command->part(2), "state") == 0) + { + + if (device->config->reportFormat == Config::Debug) + printf("%sEthernet State Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcasecmp(command->part(3), "disable") == 0) + interfacePointer->enabled = false; + } + + // name + else if (strcmp(command->part(2), "name") == 0) + { + + if (device->config->reportFormat == Config::Debug) + printf("%sEthernet Description Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer->description.assign(command->part(3)); + } + + else if ((strcmp(command->part(2), "ip") == 0) && (strcmp(command->part(3), "traffic-filter") == 0) && (strcmp(command->part(4), "add") == 0) && (strcmp(command->part(5), "set") == 0)) + { + + if (device->config->reportFormat == Config::Debug) + printf("%sEthernet Filter Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + addFilterList(interfacePointer, command->part(6), true); + } + + else if (strcmp(command->part(2), "default-vlan-id") == 0) + { + + if (device->config->reportFormat == Config::Debug) + printf("%sEthernet VLAN Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + addVLAN(interfacePointer, command->part(3)); + } + + // All others... + else + device->lineNotProcessed(line); + } + + // vlan... + if (strcmp(command->part(0), "vlan") == 0) + { + + interfaceListPointer = getInterfaceList("VLANINTERFACES"); + if (interfaceListPointer == 0) + { + interfaceListPointer = addInterfaceList(); + interfaceListPointer->title = i18n("*ABBREV*VLAN*-ABBREV* Interfaces"); + interfaceListPointer->description = i18n("This section describes the configuration of the *DEVICETYPE* devices *ABBREV*VLAN*-ABBREV* interfaces."); + interfaceListPointer->tableTitle = i18n("*ABBREV*VLAN*-ABBREV* interfaces"); + interfaceListPointer->label = "VLANINTERFACES"; + interfaceListPointer->proxyArpSupported = true; + interfaceListPointer->ipAddressSupported = true; // Are addresses supported? + } + interfacePointer = getInterface(interfaceListPointer, command->part(1)); + + if ((strcmp(command->part(2), "ip") == 0) && (strcmp(command->part(3), "create") == 0)) + { + + if (device->config->reportFormat == Config::Debug) + printf("%sVLAN IP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempString.assign(command->part(4)); + interfacePointer->address.assign(tempString.substr(0, tempString.find("/") - 1)); + interfacePointer->netmask.assign(tempString.substr(tempString.find("/") + 1).c_str()); + } + + else if ((strcmp(command->part(2), "ip") == 0) && (strcmp(command->part(3), "proxy") == 0)) + { + + if (device->config->reportFormat == Config::Debug) + printf("%sVLAN IP Proxy Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(4), "enable") == 0) + interfacePointer->proxyARP = true; + else + interfacePointer->proxyARP = false; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int PassportInterfaces::processDefaults(Device *device) +{ + return 0; +} + diff --git a/libnipper-0.12.6/Nortel-Passport/interfaces.h b/libnipper-0.12.6/Nortel-Passport/interfaces.h new file mode 100644 index 0000000..41804ee --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/interfaces.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef PassportInterfaces_H +#define PassportInterfaces_H + + +#include "../device/interfaces/interfaces.h" + + +class PassportInterfaces : public Interfaces +{ + public: + + PassportInterfaces(); + + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); + +}; + +#endif diff --git a/libnipper-0.12.6/Nortel-Passport/snmp.cpp b/libnipper-0.12.6/Nortel-Passport/snmp.cpp new file mode 100644 index 0000000..a1ddcf4 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/snmp.cpp @@ -0,0 +1,195 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "snmp.h" + + +using namespace std; + + +PassportSNMP::PassportSNMP() +{ + // Init SNMP support options... + deviceSNMPSupportText = i18n("*DEVICETYPE* devices support *ABBREV*SNMP*-ABBREV* versions 1 and 2. From *DEVICEOS* version 2 some *DEVICETYPE* devices include support for *ABBREV*SNMP*-ABBREV* version 3."); // Intro Config section device specific text. + supportSNMP3 = false; // Does this device support SNMPv3? + supportSNMP3Upgrade = false; // Do you have to upgrade to get support for SNMPv3 + supportSNMP3UpgText = i18n("*ABBREV*SNMP*-ABBREV* version 3 is supported from *DEVICEOS* 2, depending on the model and options."); // SNMP 3 is supported from OS version ... + disableSNMPCmdText = i18n(""); // The text and command(s) to disable SNMP support + configSNMPCommunityText = i18n(""); // The text and command(s) to configure a community string + configSNMP3Text = i18n(""); // The text and command(s) to configure SNMP version 3 + configSNMPViewText = i18n(""); // The text and command(s) to configure SNMP views + configSNMPTrapsText = i18n("*ABBREV*SNMP*-ABBREV* traps can be configured with the following command:*CODE**COMMAND*sys set snmp trap-recv *CMDUSER*ip-address*-CMDUSER* *CMDREQUIRE*v1 *CMDOR* v2c*-CMDREQUIRE* *CMDUSER*community*-CMDUSER**-COMMAND**-CODE*"); // The text and command(s) to configure SNMP traps + configSNMPInformsText = i18n(""); // The text and command(s) to configure SNMP informs + configSNMPReadOnlyText = i18n(""); // The text and command(s) to configure SNMP read only access + configSNMPFilterText = i18n(""); // The text and command(s) to configure SNMP filtering + + enabled = false; // Is the SNMP server enabled? + snmp12Enabled = false; // Is SNMP versions 1 or 2 configured? + snmp3Enabled = false; // Is SNMP version 3 configured? + listenPort = 161; // The UDP port SNMP will listen on + + snmpFilterText = i18n("Filter"); // The device specific description of a filter (i.e. Cisco called them ACL) + snmpFilterIPv6Text = i18n("*ABBREV*IPv6*-ABBREV* Filter"); + + // Community Options... + communityView = false; // SNMP view for the community + communityFilter = false; // SNMP Network Filtering + communityIPv6Filter = false; // SNMP IPv6 Network Filtering + communitySpecificFilters = false; // If the device uses an SNMP specific list. If false, it is std device filters + communityRequiresHosts = false; // If the SNMP community will not work without a list of those who can access it + + // Default communities... + defaultReadOnly = "public"; // Default read only community + defaultReadWrite = "private"; // Default read/write community + defaultReadWriteAll = "secret"; // Default read/write all community + + // View support options... + viewSeperated = false; // Separate the views into different tables + viewExcludes = false; // Show the Include/Exclude View Table column + viewMIBText = i18n("*ABBREV*MIB*-ABBREV*"); // What the MIB column title in the table should be called + + // SNMP Trap/Inform Host Options... + trapsOnly = true; // Only Traps are supported + trapsSNMPv3 = false; // SNMP v3 support for traps + trapsShowPort = false; // Show Trap Host Port in Table + trapsShowNotifications = false; // Show Notifications in the Table + trapsShowEventLevel = false; // Show Notification Event Level in the Table + + // Traps/Informs Options... + trapsShowExcluded = false; // Show excluded traps + trapsShowOptions = false; // Show trap options + + // Host Options... + hostShowInterface = false; // Show the Interface in the Table + hostShowCommunity = false; // Show the Community in the Table + hostShowFilterID = false; // Show a filter ID if used + hostFilterText = i18n("Filter"); // The Table column title for the filter text + + // SNMP User Options... + showUserRemote = false; // Show the remote host/port setting + showUserPriv = false; // Show the privacy settings + showUserFilter = false; // Show the Filter column in the table + showUserIPv6Filter = false; // Show the IPv6 Filter column in the table + userFilterText = i18n("Filter"); // The Text for the Filter table column title + userIPv6FilterText = i18n("*ABBREV*IPv6*-ABBREV* Filter"); // The Text for the IPv6 Filter table column title + + // SNMP Group Options... + snmpGroupShowType = false; // Enable/Disable SNMPv3 type in table + snmpGroupReadView = false; // Enable/Disable Read Views + snmpGroupWriteView = false; // Enable/Disable Write Views + snmpGroupNotifyView = false; // Enable/Disable Notify Views + snmpGroupFilter = false; // Enable/Disable Filter support + snmpGroupIPv6Filter = false; // Enable/Disable IPv6 Filter support + groupFilterText = i18n("Filter"); // The Text for the Filter table column title + groupIPv6FilterText = i18n("*ABBREV*IPv6*-ABBREV* Filter"); // The Text for the IPv6 Filter table column title +} + + +int PassportSNMP::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + snmpTrapHost *trapPointer = 0; + snmpCommunity *communityPointer = 0; + + // sys set snmp... + if ((strcmp(command->part(0), "sys") == 0) && (strcmp(command->part(1), "set") == 0) && (strcmp(command->part(2), "snmp") == 0)) + { + + // Trap... + if (strcmp(command->part(3), "trap-recv") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + trapPointer = addSNMPTrapHost(); + trapPointer->host.assign(command->part(4)); + trapPointer->trap = true; + if (strcmp(command->part(5), "v1") == 0) + trapPointer->version = 1; + else + trapPointer->version = 2; + trapPointer->community.assign(command->part(6)); + } + + // Community... + if (strcmp(command->part(3), "community") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + communityPointer = addSNMPCommunity(); + communityPointer->enabled = true; + communityPointer->community.assign(command->part(5)); + if (strcmp(command->part(4), "ro") == 0) + communityPointer->type = communityReadOnly; + else if (strcmp(command->part(4), "rwa") == 0) + communityPointer->type = communityReadWriteAll; + else + communityPointer->type = communityReadWrite; + communityPointer->version = 1; + } + + // All others... + else + device->lineNotProcessed(line); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int PassportSNMP::generateConfigSpecificReport(Device *device) +{ + // Device specific code for the config report goes here + + return 0; +} + + +int PassportSNMP::processDefaults() +{ + // Any default setting post processing code goes here... + + return 0; +} + diff --git a/libnipper-0.12.6/Nortel-Passport/snmp.h b/libnipper-0.12.6/Nortel-Passport/snmp.h new file mode 100644 index 0000000..af83807 --- /dev/null +++ b/libnipper-0.12.6/Nortel-Passport/snmp.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef Passportsnmp_H +#define Passportsnmp_H + +#include "../device/snmp/snmp.h" + + +class PassportSNMP : public SNMP +{ + public: + PassportSNMP(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(); + virtual int generateConfigSpecificReport(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Nortel-RoutingSwitch/.svn/all-wcprops b/libnipper-0.12.6/Nortel-RoutingSwitch/.svn/all-wcprops new file mode 100644 index 0000000..7047bca --- /dev/null +++ b/libnipper-0.12.6/Nortel-RoutingSwitch/.svn/all-wcprops @@ -0,0 +1,17 @@ +K 25 +svn:wc:ra_dav:version-url +V 59 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-RoutingSwitch +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 70 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 68 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Nortel-RoutingSwitch/device.h +END diff --git a/libnipper-0.12.6/Nortel-RoutingSwitch/.svn/entries b/libnipper-0.12.6/Nortel-RoutingSwitch/.svn/entries new file mode 100644 index 0000000..9dfeef8 --- /dev/null +++ b/libnipper-0.12.6/Nortel-RoutingSwitch/.svn/entries @@ -0,0 +1,96 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/Nortel-RoutingSwitch +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +device.cpp +file + + + + +2016-02-13T06:47:11.372157Z +0271f9e798e89d50ad9dbaf97f33dec9 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2495 + +device.h +file + + + + +2016-02-13T06:47:11.372157Z +9c2237f8d83c5375e876ecb039fb64ad +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2540 + diff --git a/libnipper-0.12.6/Nortel-RoutingSwitch/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/Nortel-RoutingSwitch/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..62c55a1 --- /dev/null +++ b/libnipper-0.12.6/Nortel-RoutingSwitch/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,41 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include "device.h" + + +NortelRoutingSwitchDevice::NortelRoutingSwitchDevice() +{ + deviceMake = "Nortel"; + deviceType = "Ethernet Routing Switch"; + deviceOS = "Switch OS"; +} diff --git a/libnipper-0.12.6/Nortel-RoutingSwitch/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/Nortel-RoutingSwitch/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..4e16b5f --- /dev/null +++ b/libnipper-0.12.6/Nortel-RoutingSwitch/.svn/text-base/device.h.svn-base @@ -0,0 +1,46 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_NortelRoutingSwitch_H +#define device_NortelRoutingSwitch_H + + +#include "../Nortel-Passport/device.h" + + +class NortelRoutingSwitchDevice : public PassportDevice +{ + public: + NortelRoutingSwitchDevice(); +}; + + +#endif diff --git a/libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp b/libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp new file mode 100644 index 0000000..62c55a1 --- /dev/null +++ b/libnipper-0.12.6/Nortel-RoutingSwitch/device.cpp @@ -0,0 +1,41 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include "device.h" + + +NortelRoutingSwitchDevice::NortelRoutingSwitchDevice() +{ + deviceMake = "Nortel"; + deviceType = "Ethernet Routing Switch"; + deviceOS = "Switch OS"; +} diff --git a/libnipper-0.12.6/Nortel-RoutingSwitch/device.h b/libnipper-0.12.6/Nortel-RoutingSwitch/device.h new file mode 100644 index 0000000..4e16b5f --- /dev/null +++ b/libnipper-0.12.6/Nortel-RoutingSwitch/device.h @@ -0,0 +1,46 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_NortelRoutingSwitch_H +#define device_NortelRoutingSwitch_H + + +#include "../Nortel-Passport/device.h" + + +class NortelRoutingSwitchDevice : public PassportDevice +{ + public: + NortelRoutingSwitchDevice(); +}; + + +#endif diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/.svn/all-wcprops b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/all-wcprops new file mode 100644 index 0000000..b4221a3 --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/all-wcprops @@ -0,0 +1,83 @@ +K 25 +svn:wc:ra_dav:version-url +V 56 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/SonicWALL-SonicOS +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/SonicWALL-SonicOS/device.cpp +END +snmp.h +K 25 +svn:wc:ra_dav:version-url +V 63 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h +END +general.h +K 25 +svn:wc:ra_dav:version-url +V 66 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/SonicWALL-SonicOS/general.h +END +dns.cpp +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/SonicWALL-SonicOS/device.h +END +filter.cpp +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp +END +administration.cpp +K 25 +svn:wc:ra_dav:version-url +V 75 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp +END +dns.h +K 25 +svn:wc:ra_dav:version-url +V 62 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/SonicWALL-SonicOS/dns.h +END +filter.h +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/SonicWALL-SonicOS/filter.h +END +administration.h +K 25 +svn:wc:ra_dav:version-url +V 73 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/SonicWALL-SonicOS/administration.h +END +general.cpp +K 25 +svn:wc:ra_dav:version-url +V 68 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/SonicWALL-SonicOS/general.cpp +END +snmp.cpp +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp +END +administration-report.cpp +K 25 +svn:wc:ra_dav:version-url +V 82 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp +END diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/.svn/entries b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/entries new file mode 100644 index 0000000..15eeb80 --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/entries @@ -0,0 +1,470 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/SonicWALL-SonicOS +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +filter.h +file + + + + +2016-02-13T06:47:11.060158Z +169e1e775bd8d79770bf1d67a068afd3 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2557 + +administration.h +file + + + + +2016-02-13T06:47:11.060158Z +fe5718b69cf45cc3ac95341566ec8a2b +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3231 + +general.cpp +file + + + + +2016-02-13T06:47:11.060158Z +dee5bb23802e35b279e2543fac4915a0 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6923 + +snmp.cpp +file + + + + +2016-02-13T06:47:11.060158Z +0f60e66ee22fdf8d235198ad6aae2719 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +9066 + +administration-report.cpp +file + + + + +2016-02-13T06:47:11.056158Z +c58272aa0c134c7aabed3b0b497d575e +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7041 + +device.cpp +file + + + + +2016-02-13T06:47:11.056158Z +f5aecfd2f887a2360d9fa5350d73ff37 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +8116 + +snmp.h +file + + + + +2016-02-13T06:47:11.056158Z +2f5730a1a394dbb3a8463ba757c5a5b8 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2735 + +general.h +file + + + + +2016-02-13T06:47:11.060158Z +bbb8e2770dc9175e6bddd4959ae9d37f +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2837 + +dns.cpp +file + + + + +2016-02-13T06:47:11.060158Z +1104dee66f6da6d7e612bd9326a7e838 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4501 + +device.h +file + + + + +2016-02-13T06:47:11.060158Z +527dbf6a86fb33d9744243bf95e5c706 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2588 + +filter.cpp +file + + + + +2016-02-13T06:47:11.060158Z +6c6db584f022531fce98fdb95d650ee4 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +54295 + +administration.cpp +file + + + + +2016-02-13T06:47:11.060158Z +896fabf5bd0438382749e760141b4bfb +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +18035 + +dns.h +file + + + + +2016-02-13T06:47:11.060158Z +4dc121ca01c7a1b7b051023c0984d0a2 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2546 + diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/administration-report.cpp.svn-base b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/administration-report.cpp.svn-base new file mode 100644 index 0000000..5b27647 --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/administration-report.cpp.svn-base @@ -0,0 +1,144 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "administration.h" +#include "device.h" + + +int SonicOSAdministration::generateDeviceSSHConfig(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + managementInterface *interfacePointer = 0; + string tempString; + int errorCode = 0; + + if ((sonicosInterfaces != 0) && (sshEnabled == true)) + { + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access to the *ABBREV*SSH*-ABBREV* service on *DEVICETYPE* devices is configured on individual interfaces. Table *TABLEREF* details the *ABBREV*SSH*-ABBREV* interface configuration.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINSSHINTER-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("*ABBREV*SSH*-ABBREV* service interfaces"); + + // Headings... + device->addTableHeading(paragraphPointer->table, i18n("Interface"), false); + device->addTableHeading(paragraphPointer->table, i18n("Name"), false); + device->addTableHeading(paragraphPointer->table, i18n("Zone"), false); + device->addTableHeading(paragraphPointer->table, i18n("Comment"), false); + + interfacePointer = sonicosInterfaces; + while (interfacePointer != 0) + { + if (interfacePointer->ssh == true) + { + tempString.assign(device->intToString(interfacePointer->interface)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->name.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->zone.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->comment.c_str()); + } + interfacePointer = interfacePointer->next; + } + } + + return errorCode; +} + + +int SonicOSAdministration::generateDeviceHTTPConfig(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + managementInterface *interfacePointer = 0; + string tempString; + int errorCode = 0; + + if ((sonicosInterfaces != 0) && ((httpEnabled == true) || (httpsEnabled == true))) + { + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access to the *ABBREV*HTTP*-ABBREV* service on *DEVICETYPE* devices is configured on individual interfaces. Table *TABLEREF* details the *ABBREV*HTTP*-ABBREV* interface configuration.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINHTTPINTER-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("*ABBREV*HTTP*-ABBREV* service interfaces"); + + // Headings... + device->addTableHeading(paragraphPointer->table, i18n("Interface"), false); + device->addTableHeading(paragraphPointer->table, i18n("Name"), false); + device->addTableHeading(paragraphPointer->table, i18n("Zone"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*HTTP*-ABBREV*"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*HTTP*-ABBREV* Redirect"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*HTTPS*-ABBREV*"), false); + device->addTableHeading(paragraphPointer->table, i18n("Comment"), false); + + interfacePointer = sonicosInterfaces; + while (interfacePointer != 0) + { + if ((interfacePointer->http == true) || (interfacePointer->https == true) || (interfacePointer->httpRedirect == true)) + { + tempString.assign(device->intToString(interfacePointer->interface)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->name.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->zone.c_str()); + if (interfacePointer->http == true) + device->addTableData(paragraphPointer->table, i18n("On")); + else + device->addTableData(paragraphPointer->table, i18n("Off")); + if (interfacePointer->httpRedirect == true) + device->addTableData(paragraphPointer->table, i18n("On")); + else + device->addTableData(paragraphPointer->table, i18n("Off")); + if (interfacePointer->https == true) + device->addTableData(paragraphPointer->table, i18n("On")); + else + device->addTableData(paragraphPointer->table, i18n("Off")); + device->addTableData(paragraphPointer->table, interfacePointer->comment.c_str()); + } + interfacePointer = interfacePointer->next; + } + } + + return errorCode; +} + diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/administration.cpp.svn-base b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/administration.cpp.svn-base new file mode 100644 index 0000000..a261004 --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/administration.cpp.svn-base @@ -0,0 +1,475 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "administration.h" +#include "snmp.h" + + +SonicOSAdministration::SonicOSAdministration() +{ + sonicosInterfaces = 0; + + + // ----------------------------------------------------------------------- + // Device Specific Settings... + // ----------------------------------------------------------------------- + + // General... + generalSettings = false; // Show the general settings section? + consoleEnabled = false; // Is the Console port enabled? + consoleSupported = false; // Is a console port supported? + consoleTimeoutSupported = false; // Is a console timeout supported? + consoleTimeout = 0; // Console timeout + configConsoleTimeout = i18n(""); // The text and commands to configure the timeout + auxSupported = false; // Are AUX port(s) supported? + auxEnabled = false; // Is AUX port(s) enabled? + configAuxPort = i18n(""); // The text and commands to disable the AUX port + connectionTimeoutSupported = false; // Is a connection timeout supported? + connectionTimeout = 0; // Connection Timeout + configTimeout = i18n(""); // The text and commands to configure the timeout + + // Host restrictions... + serviceWideHosts = false; // Do all the admin services share a common host restrictions? + showHostInterface = false; // Show the Interface column in the host table? + showHostAccess = false; // Show the Access column in the host table? + serviceConfigHosts = i18n(""); // Text, how to configure administrative host restrictions. + + // Telnet options... + telnetSupported = false; // Is telnet supported? + telnetEnabled = false; // Is Telnet enabled? + telnetPort = 23; // The telnet service port + telnetSpecificHost = false; // Does Telnet have its own access list? + telnetHostsRequired = false; // Is the host configuration required? + showTelnetHostInterface = false; // Show the Interface column in the host table? + showTelnetHostAccess = false; // Show the Access column in the host table? + configTelnetHostAccess = i18n(""); // How access lists are configured for the telnet service + disableTelnet = i18n(""); // How to disable telnet text... + telnetSpecificTimeout = false; // A Telnet Specific Timeout? + telnetTimeout = 0; // The Telnet Timeout (secs) + configTelnetTimeout = i18n(""); // The text and commands to configure the timeout + + // TFTP options... + tftpSupported = false; // Is TFTP supported? + tftpEnabled = false; // Is TFTP enabled? + tftpPort = 69; // The TFTP service port + tftpSpecificHost = false; // Does TFTP have its own access list? + tftpHostsRequired = false; // Is the host configuration required? + showTFTPHostInterface = false; // Show the Interface column in the host table? + showTFTPHostAccess = false; // Show the Access column in the host table? + configTFTPHostAccess = i18n(""); // How access lists are configured for the TFTP service + disableTFTP = i18n(""); // How to disable TFTP text... + + // FTP options... + ftpSupported = false; // Is FTP supported? + ftpEnabled = false; // Is FTP enabled? + ftpPort = 21; // The FTP service port + ftpSpecificHost = false; // Does FTP have its own access list? + ftpHostsRequired = false; // Is the host configuration required? + showFTPHostInterface = false; // Show the Interface column in the host table? + showFTPHostAccess = false; // Show the Access column in the host table? + configFTPHostAccess = i18n(""); // How access lists are configured for the FTP service + disableFTP = i18n(""); // How to disable FTP text... + ftpSpecificTimeout = false; // A FTP Specific Timeout? + ftpTimeout = 0; // The FTP Timeout (secs) + configFTPTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH options... + sshSupported = false; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = false; // Is the SSH service enabled? + sshVersion = 1; // What is the SSH Protocol version (0 = 1 and 2) + sshPort = 22; // The SSH port number + configSSHSupport = i18n(""); // How to configure SSH... + sshSpecificHost = false; // Does SSH have its own access list? + sshHostsRequired = false; // Is the host configuration required? + showSSHHostInterface = false; // Show the Interface column in the host table? + showSSHHostAccess = false; // Show the Access column in the host table? + configSSHHostAccess = i18n(""); // How to configure SSH... + sshSpecificTimeout = false; // A SSH Specific Timeout? + sshTimeout = 0; // The SSH Timeout (secs) + configSSHTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH Options + sftpEnabled = false; // Is SFTP enabled? + sftpSupported = false; // Is SFTP supported? + scpSupported = false; // Is SCP supported? + scpEnabled = false; // Is SCP enabled? + + // SSH 2 support... + ssh2Supported = false; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + configSSHv2Support = i18n(""); // How to configure protocol version 2 support only + + // Config report SSH support text + sshConfigProtocolSupport = i18n(""); // Config report text on protocol support (e.g. supports both version 1 and 2 of the protocol) + + // HTTP(S) options... + httpSupported = true; // Does this device support HTTP + httpsSupported = true; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpPort = 80; // HTTP port + httpsEnabled = false; // Is the HTTPS service enabled? + httpsPort = 443; // HTTPS port + httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? + httpSpecificTimeout = false; // A HTTP Specific Timeout? + httpTimeout = 0; // The HTTP Timeout (secs) + configHTTPTimeout = i18n(""); // The text and commands to configure the timeout + httpLabel = i18n("*ABBREV*HTTP*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*HTTPS*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + httpSpecificHost = false; // Does HTTP have its own access list? + httpHostsRequired = false; // Is the host configuration required? + showHTTPHostInterface = false; // Show the Interface column in the host table? + showHTTPHostAccess = false; // Show the Access column in the host table? + configHTTPHostAccess = i18n(""); // How to configure HTTP Management hosts... + disableHTTP = i18n(""); // How to disable HTTP text... + configHTTPSSupport = i18n(""); // How to configure HTTPS... +} + + +SonicOSAdministration::~SonicOSAdministration() +{ + // Variables... + managementInterface *interfacePointer = 0; + + while (sonicosInterfaces != 0) + { + interfacePointer = sonicosInterfaces->next; + delete sonicosInterfaces; + sonicosInterfaces = interfacePointer; + } +} + + +int SonicOSAdministration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + managementInterface *interfacePointer = 0; + + // HTTP Enabled... + if (strcmp(command->part(0), "httpEnable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(1), "on") == 0) + httpEnabled = true; + else + httpEnabled = false; + } + + // HTTP Port... + else if (strcmp(command->part(0), "httpMgmtPort") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + httpPort = atoi(command->part(1)); + else + httpPort = 80; + } + + // HTTPS Enabled... + else if (strcmp(command->part(0), "httpsEnable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTPS Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(1), "on") == 0) + httpsEnabled = true; + else + httpsEnabled = false; + } + + // HTTPS Port... + else if (strcmp(command->part(0), "httpsMgmtPort") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTPS Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + httpsPort = atoi(command->part(1)); + else + httpsPort = 443; + } + + // HTTP Enabled... + else if (strncmp(command->part(0), "iface_http_mgmt_", 16) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface HTTP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(atoi(command->part(0) + 16)); + if (strcmp(command->part(1), "1") == 0) + { + interfacePointer->http = true; + httpEnabled = true; + } + else + interfacePointer->http = false; + } + + // HTTP USer Login Enabled... + else if (strncmp(command->part(0), "iface_http_usrLogin_", 20) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface HTTP Login Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(atoi(command->part(0) + 20)); + if (strcmp(command->part(1), "1") == 0) + interfacePointer->httpLogin = true; + else + { + interfacePointer->httpLogin = false; + httpEnabled = false; + } + } + + // HTTPS Enabled... + else if (strncmp(command->part(0), "iface_https_mgmt_", 17) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface HTTPS Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(atoi(command->part(0) + 17)); + if (strcmp(command->part(1), "1") == 0) + { + interfacePointer->https = true; + httpsEnabled = true; + } + else + interfacePointer->https = false; + } + + // HTTPS USer Login Enabled... + else if (strncmp(command->part(0), "iface_https_usrLogin_", 21) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface HTTPS Login Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(atoi(command->part(0) + 21)); + if (strcmp(command->part(1), "1") == 0) + interfacePointer->httpsLogin = true; + else + { + interfacePointer->httpsLogin = false; + httpsEnabled = false; + } + } + + // HTTP Redirect Enabled... + else if (strncmp(command->part(0), "iface_http_redirect_rule_", 25) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface HTTP Redirect Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(atoi(command->part(0) + 25)); + if (strcmp(command->part(1), "1") == 0) + interfacePointer->httpRedirect = true; + else + interfacePointer->httpRedirect = false; + } + + // SSH Enabled... + else if (strncmp(command->part(0), "iface_ssh_mgmt_", 15) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface SSH Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(atoi(command->part(0) + 15)); + if (strcmp(command->part(1), "1") == 0) + interfacePointer->ssh = true; + else + interfacePointer->ssh = false; + } + + // SNMP Enabled... + else if (strncmp(command->part(0), "iface_snmp_mgmt_", 16) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface SNMP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(atoi(command->part(0) + 16)); + if (strcmp(command->part(1), "1") == 0) + interfacePointer->snmp = true; + else + interfacePointer->snmp = false; + } + + // Interface no... + else if (strncmp(command->part(0), "iface_ifnum_", 12) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface No. Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(atoi(command->part(0) + 12)); + interfacePointer->interface = atoi(command->part(1)); + } + + // Interface Name... + else if (strncmp(command->part(0), "iface_name_", 11) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + { + interfacePointer = getInterface(atoi(command->part(0) + 11)); + interfacePointer->name.assign(command->part(1)); + } + } + + // Interface Comments... + else if (strncmp(command->part(0), "iface_comment_", 14) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Comment Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + { + interfacePointer = getInterface(atoi(command->part(0) + 14)); + interfacePointer->comment.assign(strstr(line, command->part(1))); + } + } + + // Interface Zone... + else if (strncmp(command->part(0), "interface_Zone_", 15) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Zone Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + { + interfacePointer = getInterface(atoi(command->part(0) + 15)); + interfacePointer->zone.assign(strstr(line, command->part(1))); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int SonicOSAdministration::processDefaults(Device *device) +{ + // Variables... + managementInterface *interfacePointer = sonicosInterfaces; + + if (strcmp(device->deviceMake, "3Com") == 0) + { + httpSupported = true; // Does this device support HTTP + httpsSupported = true; // Does this device support HTTPS + httpEnabled = true; // Is the HTTP service enabled? + httpsEnabled = true; // Is the HTTPS service enabled? + disableHTTP = i18n("Unfortunately it is not possible to disable *ABBREV*HTTP*-ABBREV* access to *DEVICETYPE* devices. Therefore *COMPANY* recommends that the firewall is replaced, or if that is not possible, only the *ABBREV*HTTPS*-ABBREV* service should be used for remote administration."); // How to disable HTTP text... + } + + else + { + if (sonicosInterfaces != 0) + { + sshSupported = true; + if (device->snmp != 0) + device->snmp->enabled = true; + } + + while (interfacePointer != 0) + { + if ((interfacePointer->http == true) && (interfacePointer->httpRedirect == false)) + httpEnabled = true; + if (interfacePointer->https == true) + httpsEnabled = true; + if (interfacePointer->ssh == true) + sshEnabled = true; + interfacePointer = interfacePointer->next; + } + } + + return 0; +} + + +SonicOSAdministration::managementInterface *SonicOSAdministration::getInterface(int number) +{ + // Variables... + managementInterface *interfacePointer = sonicosInterfaces; + bool init = false; + + if (sonicosInterfaces == 0) + { + sonicosInterfaces = new (managementInterface); + interfacePointer = sonicosInterfaces; + init = true; + } + else + { + interfacePointer = sonicosInterfaces; + while (interfacePointer->next != 0) + { + if (interfacePointer->interface == number) + return interfacePointer; + interfacePointer = interfacePointer->next; + } + if (interfacePointer->interface != number) + { + interfacePointer->next = new (managementInterface); + interfacePointer = interfacePointer->next; + init = true; + } + } + + if (init == true) + { + // Init... + interfacePointer->interface = 0; + interfacePointer->http = false; + interfacePointer->httpLogin = false; + interfacePointer->httpRedirect = false; + interfacePointer->https = false; + interfacePointer->httpsLogin = false; + interfacePointer->ssh = false; + interfacePointer->snmp = false; + interfacePointer->next = 0; + } + + return interfacePointer; +} + diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/administration.h.svn-base b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/administration.h.svn-base new file mode 100644 index 0000000..f6970da --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/administration.h.svn-base @@ -0,0 +1,77 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef SonicOSadministration_H +#define SonicOSadministration_H + + +// Includes... +#include "../device/administration/administration.h" + + +class SonicOSAdministration : public Administration +{ + public: + + SonicOSAdministration(); + ~SonicOSAdministration(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + + struct managementInterface + { + int interface; + string name; + string zone; + string comment; + bool http; + bool httpLogin; + bool httpRedirect; + bool https; + bool httpsLogin; + bool ssh; + bool snmp; + struct managementInterface *next; + }; + + managementInterface *sonicosInterfaces; + + + // Methods + int generateDeviceSSHConfig(Device *device); // A device specific config report output + int generateDeviceHTTPConfig(Device *device); // A device specific config report output + managementInterface *getInterface(int number); +}; + + +#endif diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..05b5a4e --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,262 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include +#include +#include +#include + +#include "../globaldefs.h" +#include "../device/errortext.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" +#include "filter.h" +#include "snmp.h" +#include "administration.h" +#include "dns.h" + + +SonicOSDevice::SonicOSDevice() +{ + deviceMake = "SonicWALL"; + deviceType = "Internet Security Applicance"; + deviceOS = "SonicOS"; + + isFirewall = true; + + general = new (SonicOSGeneral); + administration = new (SonicOSAdministration); + filter = new (SonicOSFilter); + snmp = new (SonicOSSNMP); + dns = new (SonicOSDNS); +} + + +SonicOSDevice::~SonicOSDevice() +{ + delete general; + delete filter; + delete snmp; + delete administration; + delete dns; +} + + +int SonicOSDevice::process() +{ + // Variables... + string tempString; + string unencodedFile; + struct stat *fileStats = 0; + char *buffer = 0; + int returnCode = 0; + + // Open Input... + returnCode = openInput(); + if (returnCode == 0) + { + + // Get file size... + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(config->inputSource, fileStats); + + // Reserve Base64 decode buffer... + buffer = new (nothrow) char [fileStats->st_size + 1]; + memset (buffer, 0, fileStats->st_size + 1); + + // Read in the whole configuration... + fread(buffer, 1, fileStats->st_size, inputFile); + + // Close Input... + fclose(inputFile); + + // Base64/URL decode... + tempString.assign(urlDecode(base64Decode(buffer), true)); + + // Free Buffer... + delete[] buffer; + + // Open New Temporary File and save decoded config to it + unencodedFile.assign(TEMP_DIR); + unencodedFile.append("delete-me"); + unencodedFile.append(intToString(rand())); + inputFile = fopen(unencodedFile.c_str(), "w"); + if (inputFile == NULL) + return deviceerror_openingfile; + fwrite(tempString.c_str(), 1, tempString.length(), inputFile); + fclose(inputFile); + + // Open Input... + config->inputSource = unencodedFile.c_str(); + returnCode = openInput(); + if (returnCode == 0) + { + + returnCode = processDevice(); + + // Close Input... + fclose(inputFile); + + // Post processing defaults... + setPostCommonDefaults(); + + // Post device specific processing defaults... + setPostDefaults(); + } + } + + return returnCode; +} + + +int SonicOSDevice::processDevice() +{ + // Variables... + char line[1024]; + ConfigLine command; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Hostname (in general)... + if (strcmp(command.part(0), "firewallName") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Serial Number + else if (strcmp(command.part(0), "serialNumber") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Firewall Policies... + else if (strncmp(command.part(0), "policy", 6) == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Firewall Rules... + else if (strncmp(command.part(0), "prefs_rule", 10) == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Addresses... + else if (strncmp(command.part(0), "addrObj", 7) == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Address Groups... + else if ((strncmp(command.part(0), "addro_grpToGrp_", 15) == 0) || (strncmp(command.part(0), "addro_atomToGrp_", 16) == 0)) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Services... + else if ((strncmp(command.part(0), "svcObj", 6) == 0) || (strncmp(command.part(0), "prefs_svc", 9) == 0)) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Service Groups... + else if ((strncmp(command.part(0), "so_atomToGrp_", 13) == 0) || (strncmp(command.part(0), "so_grpToGrp_", 12) == 0)) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SNMP... + else if (strncmp(command.part(0), "snmp_", 5) == 0) + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Administration HTTP... + else if (strncmp(command.part(0), "http", 4) == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // DNS... + else if (strcmp(command.part(0), "dnsSrvAddr") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // DNS... + else if (strncmp(command.part(0), "dnsServer", 9) == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Administration Interfaces... + else if ((strncmp(command.part(0), "iface_", 6) == 0) || (strncmp(command.part(0), "interface_Zone_", 15) == 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + return 0; +} + + +bool SonicOSDevice::isDeviceType() +{ + // Variables... + string tempString; + string unencodedFile; + struct stat *fileStats = 0; + char *buffer = 0; + int returnCode = 0; + + // Open Input... + returnCode = openInput(); + if (returnCode == 0) + { + + // Get file size... + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(config->inputSource, fileStats); + + // Reserve Base64 decode buffer... + buffer = new (nothrow) char [fileStats->st_size + 1]; + memset (buffer, 0, fileStats->st_size + 1); + + // Read in the whole configuration... + fread(buffer, 1, fileStats->st_size, inputFile); + + // Close Input... + fclose(inputFile); + + // Base64/URL decode... + tempString.assign(urlDecode(base64Decode(buffer), true)); + + // Free Buffer... + delete[] buffer; + + if (tempString.find("firewallName") != string::npos) + return true; + } + + return false; +} + + diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..e5e20b7 --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/device.h.svn-base @@ -0,0 +1,54 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_SonicOS_H +#define device_SonicOS_H + + +#include "../device/device.h" + +class SonicOSGeneral; + +class SonicOSDevice : public Device +{ + public: + SonicOSDevice(); + ~SonicOSDevice(); + + bool isDeviceType(); + + private: + int processDevice(); + int process(); +}; + + +#endif diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/dns.cpp.svn-base b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/dns.cpp.svn-base new file mode 100644 index 0000000..56323bd --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/dns.cpp.svn-base @@ -0,0 +1,102 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "dns.h" + + +SonicOSDNS::SonicOSDNS() +{ + nameMappingConfig = i18n("*DEVICETYPE* devices can be configured with a list of *ABBREV*DNS*-ABBREV* servers. This section details those settings."); // The text paragraph in the config section + + // Host configuration + showInterface = false; // Are interfaces supported? + + // DNS Client Settings + dnsClientSupported = true; // DNS Client Supported? + dnsLookupEnabled = false; // DNS lookups enabled? + dnsRetries = 0; // DNS lookup retries + dnsRetriesSupported = false; // DNS lookup retries Supported? + dnsTimeout = 0; // DNS timeout + dnsTimeoutSupported = false; // DNS timeout Supported? + + // DNS Server Options... + dnsRecordKeepAliveSupported = false; // Is the DNS keep Alive message type supported? + returnRecordsSupported = false; // Is the single/multiple record field supported? + dynamicDNSSupported = false; // Is Dynamic DNS Supported? + dnsServerSupported = false; // Is DNS Server Supported? + dnsServiceEnabled = false; // Is the DNS service enabled? + dynamicDNSEnabled = false; // Is dynamic DNS enabled? + dnsPort = 53; // DNS Server Port +} + + +int SonicOSDNS::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + dnsConfig *dnsPointer = 0; + + // DNS Server Address... + if ((strcmp(command->part(0), "dnsSrvAddr") == 0) && (command->parts > 1)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + dnsPointer = addDNSServer(command->part(1)); + dnsPointer->description.assign(i18n("Primary")); + } + else if ((strncmp(command->part(0), "dnsServer", 9) == 0) && (command->parts > 1)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + dnsPointer = addDNSServer(command->part(1)); + dnsPointer->description.assign(i18n("Secondary")); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int SonicOSDNS::processDefaults() +{ + return 0; +} + diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/dns.h.svn-base b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/dns.h.svn-base new file mode 100644 index 0000000..fcd6c16 --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/dns.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef SonicOSDNS_H +#define SonicOSDNS_H + + +#include "../device/dns/dns.h" + + +class SonicOSDNS : public DNS +{ + public: + + SonicOSDNS(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(); +}; + + +#endif diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/filter.cpp.svn-base b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/filter.cpp.svn-base new file mode 100644 index 0000000..676a2cd --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/filter.cpp.svn-base @@ -0,0 +1,1294 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../device/common/configline.h" +#include "../globaldefs.h" +#include "device.h" +#include "filter.h" + + +SonicOSFilter::SonicOSFilter() +{ + // Filter device options... + denyAllAndLogDefault = false; // Does it deny all and log by default? + defaultFilterActionSupported = false; // Default action supported on the device + allowByDefault = false; // Allow by default? + defaultActionIsAllow = false; // Is the default action to allow + logLevelsSupported = false; // Are log Levels supported + logOnlyDenySupported = false; // Is only Deny rule logging supported + noAccessWithoutFilters = false; // Is access not granted if no filters are configured + filterSupportsInstalled = false; // If filtering supports installed (i.e. CheckPoint) + filterSupportsThrough = false; // If a filtering supports through (i.e. CheckPoint) + rejectRulesSupported = true; // If reject rules are supported + bypassRulesSupported = false; // If bypass rules are supported + defaultRulesSupported = false; // If default rules are supported + ruleListsAreAssigned = false; // Rule lists are assigned to specific elements + allowName = i18n("Allow"); // The name given to an allowed filter + denyName = i18n("Deny"); // The name given to a denied filter + rejectName = i18n("Reject"); // The name given to a rejected filter + filterConfigTitle = i18n("Access Rules Configuration"); // The Title for the configuration report section + filterConfigText = i18n(""); // The device specific configuration report section text + filterConfigText2 = i18n(""); // The device specific configuration report section text2 + useFilterID = false; // Use the filter ID to identify a filter (otherwise a line no. is used) + filterIDTitle = i18n("Line"); // The title for the filter ID/line no. table column + filterListName = i18n("access rule list"); // The name of the filter list, for use in text paragraphs + filterListNameTitle = i18n("Access Rule List"); // The name of the filter list, for use in titles + filterListNamePlaural = i18n("Access Rule List"); // The name of the filter list, for use in text paragraphs + filterTitle = i18n("Access Rule"); // The name of a filter, for use in titles + filterTitlePlaural = i18n("Access Rules"); // The name of a filter, for use in titles + filterName = i18n("access rule"); // The name of a filter, for use use in text paragraph + filterNamePlaural = i18n("access rules"); // The name of a filter, for use use in text paragraph + + // Issue titles... + allowAndNotLogIssue = i18n("Not All Allow Access Rules Log Access"); // The title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogTable = i18n("Allow Access Rules that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogConcl = i18n("not all allow access rules log access"); // The conclusions text for the "All Allow Rules Do Not Log" issue + allowAndNotLogReco = i18n("Configure logging for all allow access rules"); // The recommendations text for "All Allow Rules Do Not Log" (and deny) issue + denyAndNotLogIssue = i18n("Not All Deny Access Rules Log Access"); // The title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogTable = i18n("Deny access rules that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogConcl = i18n("not all deny access rules log access"); // The conclusions text for the "All Allow Rules Do Not Log" issue + configRuleLogging = i18n("Access rule logging can be configured using the SonicWALL web management interface."); // The text describing how to configure logging for filter rules + noFilteringIssue = i18n("No Access Rule Lists Were Configured"); // The title text for the "No filtering" issue + noFilteringRec = i18n("Configure access rule lists to restict access"); // The title text for the "No filtering" recommendation + noFilteringCon = i18n("no access rule lists were configured"); // The title text for the "No filtering" conclusion + legacyIssueFinding = i18n(""); // The finding for the legacy issue + legacyIssueImpact = i18n(""); // The impact for the legacy issue + legacyIssueEase = i18n(""); // The ease for the legacy issue + legacyIssueRec = i18n(""); // The recommendation for the legacy issue + allowAnythingTable = i18n("Access rules allow any access"); // The allow anything table title text + allowWeakTable = i18n("Access rules provide weak filtering"); // Weak source/service/destination/service table title text + allowAnyAnyAnyTable = i18n("Access rules allow any host to access any destination and service"); // The allow any source, destination and service table title text + allowWeakWeakWeakTable = i18n("Access rules provide weak filtering of source, destination and service"); // The allow weak source, destination and service table title text + allowAnyServiceAnyTable = i18n("Access rules allow any source port to any destination and service"); // The allow any source port, destination and service table title text + allowWeakServiceAnyTable = i18n("Access rules provide weak filtering of source port to destination and service"); // The allow weak source, destination and service table title text + allowAnyAnyTable = i18n("Access rules allow any source to any destination"); // The allow any source, destination table title text + allowAnyAnyServiceTable = i18n("Access rules allow any source to any destination service"); // The allow any source, destination service table title text + allowAnyDestServiceTable = i18n("Access rules allow any destination and service"); // The allow any destination and service table title text + allowAnyPortDestTable = i18n("Access rules allow any source port to any destination address"); // The allow any source port to any destination table title text + allowAnyPortServiceTable = i18n("Access rules allow any source port to any destination service"); // The allow any source port to any dest service table title text + allowWeakWeakTable = i18n("Access rules allow weak filtering of source and destination addresses"); // The allow weak source, destination addresses + allowWeakWeakServiceTable = i18n("Access rules allow weak source addresses and destination services"); // The allow weak source, destination service table title text + allowDestAndServiceTable = i18n("Access rules allow weak destination addresses and services");// The allow weak destination and service table title text + allowWeakPortDestTable = i18n("Access rules allow weak source ports and destination"); // The allow weak source port to Destination table title text + allowWeakPortServiceTable = i18n("Access rules allow weak source ports and destination services"); // The allow weak source port to service table title text + allowAnySourceTable = i18n("Access rules allow from any source address"); // The allow any source address table title text + allowNetSourceTable = i18n("Access rules allow from a network source address"); // The allow a network source address table title text + allowAnyPortTable = i18n("Access rules allow from any source port"); // The allow any source port table title text + allowRangePortTable = i18n("Access rules allow from a source port range"); // The allow range source port table title text + allowAnyDestTable = i18n("Access rules allow to any destination"); // The allow any destination table title text + allowNetDestTable = i18n("Access rules allow to a network destination"); // The allow a network destination table title text + allowToAnyDestServiceTable = i18n("Access rules allow to any destination service"); // The allow any destination service table title text + allowToNetDestServiceTable = i18n("Access rules allow to a destination service range"); // The allow a destination service range table title text + bypassContentFilterCon = i18n("Access rules were configured that bypass the content filtering"); // Bypass filter conclusion text + bypassContentFilterRec = i18n("Connfigure access rules that do not bypass the content filtering"); // Bypass filter recommendation text + defaultFilterCon = i18n("Access rules were configured that default to the ports filtering action"); // Default filter conclusion text + defaultFilterRec = i18n("Configure access rules that do not default to the ports filtering action"); // Default filter recommendation text + rejectSecurityIssueTitle = i18n("Reject Access Rules Were Configured"); // Reject filter title text + securityRejectTextCon = i18n("Access Rules were configured that reject network traffic"); // Reject filter conclusion text + securityRejectTextRec = i18n("Configure access rules to deny rather than reject network traffic"); // Reject filter recommendation text + clearTextServiceCon = i18n("Access rules were configured that allow access to clear text protocol services"); // Clear Text Service conclusions text + clearTextServiceRec = i18n("Configure access rules to deny access to any clear text protocol services"); // Clear Text Service recommendations text2 + configureFilterListRecIssueText = i18n(""); // The text and commands to configure a filter list + configureFilterRecIssueText = i18n(""); // The text and commands to configure a filter + unnecessaryServiceCon = i18n("Access rules were configured that allow access to potentially unnecessary services"); // Unnecessary Service conclusions text + unnecessaryServiceRec = i18n("Configure access rules to deny access to any unnecessary services"); // Unnecessary Service recommendations text2 + filtersWithNoCommentsTitle = i18n("Not All Access Rules Include Comments"); // Filters with no comments title text + noFilterCommentsCon = i18n("not all access rules include comment text indicating their purpose"); // The no comments conclusion text + noFilterCommentsRec = i18n("Configure comment text for all access rules"); // The no comments recommendation text + configureFilterCommentText = i18n(""); // The text and commands to configure a filters comment text + disabledFiltersTitle = i18n("Disabled Access Rules Were Configured"); // The disabled filter issues title text + removeFilterText = i18n(""); // The commands and text to delete a filter + disabledFilterCon = i18n("disabled access rules were configured"); // The disabled filter conclusion text + disabledFilterRec = i18n("Remove all disabled access rules"); // The disabled filter recommendation text + defaultActionIssueTitle = i18n("The Default Network Filtering Action Permits Access"); // The default filter action issue title + defaultActionIssueCon = i18n("the default filtering action was configured to allow access when a access rule does not match"); // The default filter action conclusion text + defaultActionIssueRec = i18n("Set the default filtering action to deny network traffic"); // The default filter action recommendation text + configureDefaultActionText = i18n(""); // The text and commands to configure the default action + unusedFiltersIssueTitle = i18n("Unused Access Rules Were Configured At The Access Rule List End"); // Unused filters at the end of the filter list title + unusedFiltersIssueCon = i18n("unused access rules were configured at the end of the access rule list"); // Unused filters issue conclusions text + unusedFiltersIssueRec = i18n("Remove all unused access rules"); // Unused filters issue recommendation text + denyAllLogIssueTitle = i18n("Access Rule List Does Not End with Deny All And Log"); // Deny All And Log Issue title + denyAllLogConfigure = i18n(""); // The text and commands to add a deny all and log line + denyAllLogIssueCon = i18n("not all access rule lists end with a deny all and log "); // The deny all and log conclusions text + denyAllLogIssueRec = i18n("Configure a deny all and log access rule as the last access rule in the access rule list"); // The deny all and log recommendations text + contradictIssueTitle = i18n("Contradicting Access Rules Were Configured"); // The contradict issue title + contradictIssueTable = i18n("contradictions of access rules"); // The contradict table issue title + contradictIssueCon = i18n("Access rules were configured that contradict other access rules"); // The contradict issue conclusion + contradictIssueRec = i18n("Reconfigure the access rules so they do not contradict other access rules"); // The contradict issue recommendation + duplicateIssueTitle = i18n("Duplicate Access Rules Were Configured"); // The duplicate/overlapping issue title + duplicateIssueTable = i18n("duplicates of access rules"); // The duplicate/overlapping issue title + duplicateIssueCon = i18n("Access rules were configured that duplicate the configuration of other access rules"); // The duplicate/overlapping issue title + duplicateIssueRec = i18n("Reconfigure the access rules so that the rules do not duplicate other access rules"); // The duplicate/overlapping issue title +} + + +SonicOSFilter::~SonicOSFilter() +{ +} + + +int SonicOSFilter::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + netObjectListConfig *objectListPointer = 0; + netObjectListConfig *tempListPointer = 0; + filterObjectConfig *objectPointer = 0; + filterObjectConfig *subObjectPointer = 0; + filterConfig *filterPointer = 0; + filterListConfig *filterListPointer = 0; + fpos_t filePosition; + string tempString; + int tempInt = 0; + int tempCounter = 0; + int errorCode = 0; + int currentObject = 9999; + + // Firewall Policy + if (strncmp(command->part(0), "policy", 6) == 0) + { + + filterListPointer = getFilterList("Access Rules"); + filterListPointer->type = i18n("Access Rules"); // The filter list type name (used in the config report) + filterListPointer->typeDescription = i18n("Access rules are used to filter the network traffic passing through *DEVICETYPE* devices. This section details those rules."); // The filter list type description for the report (used in config report) + filterListPointer->legacyType = false; // Is the filter list a legacy type? + filterListPointer->sourceOnly = false; // The type of filter + filterListPointer->loggingSupport = true; // Does the filter list support logging + filterListPointer->supportsTime = false; // Filter support time (dest only) + filterListPointer->supportsFragments = true; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = false; // Filter support established (dest only) + filterListPointer->sourceServiceSupported = false; // If source services are supported + filterListPointer->disabledFilterSupport = true; // Is it possible to disable filters? + filterListPointer->filterCommentsSupported = true; // Are filter comments supported + filterListPointer->showProtocol = false; // Show the protocol? (some devices use a configured service) + filterListPointer->showFilterZones = true; // Does the filter use filter-based zones (i.e. SonicWALL) + filterPointer = addFilter(filterListPointer); + + while ((feof(device->inputFile) == 0) && (strncmp(command->part(0), "policy", 6) == 0)) + { + + // Action... + if (strncmp(command->part(0), "policyAction_", 13) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Action Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 13); + } + else if (filterPointer->id != atoi(command->part(0) + 13)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 13); + } + + if (strcasecmp(command->part(1), "2") == 0) + filterPointer->action = allowAction; + else if (strcasecmp(command->part(1), "1") == 0) + filterPointer->action = rejectAction; + else + filterPointer->action = denyAction; + } + + // Service + else if ((strncmp(command->part(0), "policyDstSvc_", 13) == 0) && (command->parts > 1)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Destination Service Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 13); + } + else if (filterPointer->id != atoi(command->part(0) + 13)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 13); + } + + objectPointer = addFilterObject(filterPointer, destinationService); + if (command->parts > 1) + { + objectPointer->name.assign(strstr(line, command->part(1))); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + } + else + { + objectPointer->name.assign(i18n("Any")); + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + } + + // Source Zone + else if (strncmp(command->part(0), "policySrcZone_", 14) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Source Zone Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 14); + } + else if (filterPointer->id != atoi(command->part(0) + 14)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 14); + } + + if (command->parts == 1) + filterPointer->sourceZone.assign(i18n("Any")); + else + filterPointer->sourceZone.assign(command->part(1)); + } + + // Destination Zone + else if (strncmp(command->part(0), "policyDstZone_", 14) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Destination Zone Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 14); + } + else if (filterPointer->id != atoi(command->part(0) + 14)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 14); + } + + if (command->parts == 1) + filterPointer->destZone.assign(i18n("Any")); + else + filterPointer->destZone.assign(command->part(1)); + } + + // Source + else if (strncmp(command->part(0), "policySrcNet_", 13) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Source Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 13); + } + else if (filterPointer->id != atoi(command->part(0) + 13)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 13); + } + + objectPointer = addFilterObject(filterPointer, source); + if (command->parts > 1) + { + objectPointer->name.assign(strstr(line, command->part(1))); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + } + else + { + objectPointer->name.assign(i18n("Any")); + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + } + + // Destination + else if (strncmp(command->part(0), "policyDstNet_", 13) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Destination Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 13); + } + else if (filterPointer->id != atoi(command->part(0) + 13)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 13); + } + + objectPointer = addFilterObject(filterPointer, destination); + if (command->parts > 1) + { + objectPointer->name.assign(strstr(line, command->part(1))); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + } + else + { + objectPointer->name.assign(i18n("Any")); + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + } + + // Policy Enabled + else if (strncmp(command->part(0), "policyEnabled_", 14) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Enabled Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 14); + } + else if (filterPointer->id != atoi(command->part(0) + 14)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 14); + } + + if (strcmp(command->part(1), "1") == 0) + filterPointer->enabled = true; + else + filterPointer->enabled = false; + } + + // Logging Enabled + else if (strncmp(command->part(0), "policyLog_", 10) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Logging Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 10); + } + else if (filterPointer->id != atoi(command->part(0) + 10)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 10); + } + + if (strcmp(command->part(1), "1") == 0) + filterPointer->log = true; + else + filterPointer->log = false; + } + + // Fragmentation + else if (strncmp(command->part(0), "policyFrag_", 11) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Fragments Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 11); + } + else if (filterPointer->id != atoi(command->part(0) + 11)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 11); + } + + if (strcmp(command->part(1), "0") == 0) + filterPointer->fragments = false; + else + filterPointer->fragments = true; + } + + // Comments + else if (strncmp(command->part(0), "policyComment_", 14) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Comment Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 14); + } + else if (filterPointer->id != atoi(command->part(0) + 14)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 14); + } + + filterPointer->comment.assign(strstr(line, command->part(1))); + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + + // Firewall Rules + else if ((strncmp(command->part(0), "prefs_rule", 10) == 0) || (strncmp(command->part(0), "serviceNameInRule_", 18) == 0)) + { + + filterListPointer = getFilterList("Access Rules"); + filterListPointer->type = i18n("Access Rules"); // The filter list type name (used in the config report) + filterListPointer->typeDescription = i18n("Access rules are used to filter the network traffic passing through *DEVICETYPE* devices. This section details those rules."); // The filter list type description for the report (used in config report) + filterListPointer->legacyType = false; // Is the filter list a legacy type? + filterListPointer->sourceOnly = false; // The type of filter + filterListPointer->loggingSupport = false; // Does the filter list support logging + filterListPointer->supportsTime = false; // Filter support time (dest only) + filterListPointer->supportsFragments = true; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = false; // Filter support established (dest only) + filterListPointer->sourceServiceSupported = false; // If source services are supported + filterListPointer->disabledFilterSupport = true; // Is it possible to disable filters? + filterListPointer->filterCommentsSupported = true; // Are filter comments supported + filterListPointer->showProtocol = false; // Show the protocol? (some devices use a configured service) + filterListPointer->showFilterZones = true; // Does the filter use filter-based zones (i.e. SonicWALL) + filterPointer = addFilter(filterListPointer); + + objectListPointer = getOnlyObjectList(i18n("Service definition list")); + + while ((feof(device->inputFile) == 0) && ((strncmp(command->part(0), "prefs_rule", 10) == 0) || (strncmp(command->part(0), "ruleComment_", 12) == 0) || (strncmp(command->part(0), "serviceNameInRule_", 18) == 0))) + { + + // Rule Action... + if (strncmp(command->part(0), "prefs_ruleAction_", 17) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Action Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 17); + } + else if (filterPointer->id != atoi(command->part(0) + 17)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 17); + } + + if (strcasecmp(command->part(1), "allow") == 0) + filterPointer->action = allowAction; + else if (strcasecmp(command->part(1), "deny") == 0) + filterPointer->action = denyAction; + else + filterPointer->action = rejectAction; + } + + // Service ID + else if (strncmp(command->part(0), "prefs_ruleSvcID_", 16) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Service Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 16); + } + else if (filterPointer->id != atoi(command->part(0) + 16)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 16); + } + + if ((objectListPointer != 0) && (command->parts > 1)) + { + subObjectPointer = objectListPointer->object; + tempCounter = 0; + tempInt = atoi(command->part(1)); + while (subObjectPointer !=0) + { + if (tempCounter == tempInt) + { + objectPointer = addFilterObject(filterPointer, destinationService); + objectPointer->name.assign(subObjectPointer->label); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + subObjectPointer = 0; + } + else + subObjectPointer = subObjectPointer->next; + tempCounter++; + } + } + else + { + objectPointer = addFilterObject(filterPointer, destinationService); + objectPointer->name.assign(i18n("any")); + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + } + + // Source Ethernet + else if (strncmp(command->part(0), "prefs_ruleSrcEnet_", 18) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Source Ethernet Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 18); + } + else if (filterPointer->id != atoi(command->part(0) + 18)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 18); + } + + if (command->parts == 1) + filterPointer->sourceZone.assign(i18n("Any")); + else + { + tempInt = atoi(command->part(1)); + switch (tempInt) + { + case 0: + filterPointer->sourceZone.assign(i18n("*ABBREV*LAN*-ABBREV*")); + break; + default: + filterPointer->sourceZone.assign(command->part(1)); + break; + } + + } + } + + // Destination Ethernet + else if (strncmp(command->part(0), "prefs_ruleDstEnet_", 18) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Destination Ethernet Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 18); + } + else if (filterPointer->id != atoi(command->part(0) + 18)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 18); + } + + if (command->parts == 1) + filterPointer->destZone.assign(i18n("Any")); + else + { + tempInt = atoi(command->part(1)); + switch (tempInt) + { + case 0: + filterPointer->destZone.assign(i18n("*ABBREV*LAN*-ABBREV*")); + break; + default: + filterPointer->destZone.assign(command->part(1)); + break; + } + } + } + + // Source Begin + else if (strncmp(command->part(0), "prefs_ruleSrcBegin_", 19) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Source Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 19); + } + else if (filterPointer->id != atoi(command->part(0) + 19)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 19); + } + + objectPointer = addFilterObject(filterPointer, source); + if (command->parts > 1) + { + objectPointer->name.assign(strstr(line, command->part(1))); + objectPointer->type = hostObject; + objectPointer->serviceOper = serviceOperEqual; + } + else + { + objectPointer->name.assign(i18n("Any")); + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + } + + // Source End + else if (strncmp(command->part(0), "prefs_ruleSrcEnd_", 17) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Source End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 17); + } + else if (filterPointer->id != atoi(command->part(0) + 17)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 17); + } + + if (objectPointer != 0) + { + objectPointer->netmask.assign(strstr(line, command->part(1))); + if ((objectPointer->name.compare("0.0.0.0") == 0) && (objectPointer->netmask.compare("255.255.255.255") == 0)) + { + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + else if (objectPointer->name.compare(objectPointer->netmask) != 0) + { + objectPointer->type = networkObject; + objectPointer->serviceOper = serviceOperEqual; + } + else + { + objectPointer->type = hostObject; + objectPointer->netmask.assign("255.255.255.255"); + } + } + } + + // Destination Begin + else if (strncmp(command->part(0), "prefs_ruleDstBegin_", 19) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Destination Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 19); + } + else if (filterPointer->id != atoi(command->part(0) + 19)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 19); + } + + objectPointer = addFilterObject(filterPointer, destination); + if (command->parts > 1) + { + objectPointer->name.assign(strstr(line, command->part(1))); + objectPointer->type = hostObject; + objectPointer->serviceOper = serviceOperEqual; + } + else + { + objectPointer->name.assign(i18n("Any")); + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + } + + // Destination End + else if (strncmp(command->part(0), "prefs_ruleDstEnd_", 17) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Destination End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 17); + } + else if (filterPointer->id != atoi(command->part(0) + 17)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 17); + } + + if (objectPointer != 0) + { + objectPointer->netmask.assign(strstr(line, command->part(1))); + if ((objectPointer->name.compare("0.0.0.0") == 0) && (objectPointer->netmask.compare("255.255.255.255") == 0)) + { + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + else if (objectPointer->name.compare(objectPointer->netmask) != 0) + { + objectPointer->type = networkObject; + objectPointer->serviceOper = serviceOperEqual; + } + else + { + objectPointer->type = hostObject; + objectPointer->netmask.assign("255.255.255.255"); + } + } + } + + // Rule Enabled + else if (strncmp(command->part(0), "prefs_ruleEnabled_", 18) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Enabled Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 18); + } + else if (filterPointer->id != atoi(command->part(0) + 18)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 18); + } + + if (strcmp(command->part(1), "1") == 0) + filterPointer->enabled = true; + else + filterPointer->enabled = false; + } + + // Fragmentation + else if (strncmp(command->part(0), "prefs_ruleAllowFrags_", 21) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Fragmentation Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 21); + } + else if (filterPointer->id != atoi(command->part(0) + 21)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 21); + } + + if (strcmp(command->part(1), "off") == 0) + filterPointer->fragments = false; + else + filterPointer->fragments = true; + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + + // Addresses + else if (strncmp(command->part(0), "addrObj", 7) == 0) + { + + objectListPointer = getObjectList(i18n("Global Address List")); + objectListPointer->type = addressBookObject; + objectListPointer->protocolSupported = false; + objectListPointer->title = i18n("Address List"); // Pointer to the object name text + objectListPointer->description = i18n("This section details the host and network definitions configured on *DEVICENAME*."); // Pointer to the description text + currentObject = 1000; + + while ((feof(device->inputFile) == 0) && (strncmp(command->part(0), "addrObj", 7) == 0)) + { + + // Name... + if (strncmp(command->part(0), "addrObjIdDisp_", 14) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAddress Object Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 14)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = hostObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 14); + } + + objectPointer->label.assign(strstr(line, command->part(1))); + } + + // IP1... + else if (strncmp(command->part(0), "addrObjIp1_", 11) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 11)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = hostObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 11); + } + + objectPointer->name.assign(command->part(1)); + } + + // IP2... + else if (strncmp(command->part(0), "addrObjIp2_", 11) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Netmask Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 11)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = hostObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 11); + } + + objectPointer->netmask.assign(command->part(1)); + if (objectPointer->name.compare("0.0.0.0") == 0) + { + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + else if (objectPointer->netmask.compare("0.0.0.0") == 0) + { + objectPointer->type = hostObject; + objectPointer->netmask.compare("255.255.255.255"); + } + else if (objectPointer->netmask.compare("255.255.255.255") != 0) + objectPointer->type = networkObject; + } + + // Zone... + else if (strncmp(command->part(0), "addrObjZone_", 12) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Netmask Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 12)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = hostObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 12); + } + + if (strlen(command->part(1)) > 0) + { + tempListPointer = getObjectList(command->part(1)); + tempListPointer->type = addressBookObject; + tempListPointer->protocolSupported = false; + tempListPointer->title = i18n("Address List"); // Pointer to the object name text + tempListPointer->description = i18n("This section details the host and network definitions configured on *DEVICENAME*."); + + subObjectPointer = addObject(tempListPointer); + copySourceToDestinationObjects(objectPointer, subObjectPointer); + objectPointer->deleteMe = true; + objectPointer = subObjectPointer; + } + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + + // Services + else if ((strncmp(command->part(0), "svcObj", 6) == 0) || (strncmp(command->part(0), "prefs_svc", 9) == 0) || (strncmp(command->part(0), "serviceInternalName", 19) == 0)) + { + + objectListPointer = getObjectList(i18n("Service definition list")); + objectListPointer->type = serviceListObject; + objectListPointer->protocolSupported = true; + objectListPointer->title = i18n("Service Definition List"); // Pointer to the object name text + objectListPointer->description = i18n("This section details the services definitions configured on *DEVICENAME*."); // Pointer to the description text + currentObject = 1000; + + while ((feof(device->inputFile) == 0) && ((strncmp(command->part(0), "svcObj", 6) == 0) || (strncmp(command->part(0), "prefs_svc", 9) == 0) || (strncmp(command->part(0), "serviceInternalName", 19) == 0))) + { + + // Service Port (start)... + if (strncmp(command->part(0), "svcObjPort1_", 12) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Start Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 12)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 12); + } + + objectPointer->name.assign(command->part(1)); + } + else if (strncmp(command->part(0), "prefs_svcPortNum_", 17) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Start Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 17)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 17); + } + + objectPointer->name.assign(command->part(1)); + } + + // Service Port (end)... + else if (strncmp(command->part(0), "svcObjPort2_", 12) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService End Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 12)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 12); + } + + objectPointer->netmask.assign(command->part(1)); + if (atoi(objectPointer->netmask.c_str()) < atoi(objectPointer->name.c_str())) + { + objectPointer->netmask.assign(objectPointer->name); + } + else if (objectPointer->netmask.compare(objectPointer->name) != 0) + objectPointer->serviceOper = serviceOperRange; + else if ((strcmp(objectPointer->netmask.c_str(), "65535") == 0) && (strcmp(objectPointer->name.c_str(), "65535") == 0)) + objectPointer->serviceOper = serviceOperAny; + } + else if (strncmp(command->part(0), "prefs_svcPortEnd_", 17) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Start End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 17)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 17); + } + + objectPointer->netmask.assign(command->part(1)); + if (atoi(objectPointer->netmask.c_str()) < atoi(objectPointer->name.c_str())) + { + objectPointer->netmask.assign(objectPointer->name); + } + else if (objectPointer->netmask.compare(objectPointer->name) != 0) + objectPointer->serviceOper = serviceOperRange; + else if ((strcmp(objectPointer->netmask.c_str(), "65535") == 0) && (strcmp(objectPointer->name.c_str(), "65535") == 0)) + objectPointer->serviceOper = serviceOperAny; + } + + // Service Object Type... + else if (strncmp(command->part(0), "svcObjType_", 11) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Object Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 11)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 11); + } + + if (strcmp(command->part(1), "2") == 0) + objectPointer->deleteMe = true; + } + + + // Service IP Type... + else if (strncmp(command->part(0), "svcObjIpType_", 13) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService IP Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 13)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 13); + } + + subObjectPointer = addObject(objectPointer, protocol); + if (strcmp(command->part(1), "0") == 0) + { + subObjectPointer->name.assign(i18n("Any")); + subObjectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + else + { + tempString.assign(device->getProtocol(atoi(command->part(1)))); + if (tempString.empty()) + subObjectPointer->name.assign(command->part(1)); + else + subObjectPointer->name.assign(tempString); + } + } + else if (strncmp(command->part(0), "prefs_svcIPType_", 16) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService IP Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 16)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 16); + } + + subObjectPointer = addObject(objectPointer, protocol); + if (strcmp(command->part(1), "255") == 0) + { + subObjectPointer->name.assign(i18n("Any")); + subObjectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + else + { + tempString.assign(device->getProtocol(atoi(command->part(1)))); + if (tempString.empty()) + subObjectPointer->name.assign(command->part(1)); + else + subObjectPointer->name.assign(tempString); + } + } + + // Service Name... + else if (strncmp(command->part(0), "svcObjId_", 9) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 9)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 9); + } + + objectPointer->label.assign(strstr(line, command->part(1))); + } + else if (strncmp(command->part(0), "prefs_svcName_", 14) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 14)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 14); + } + + objectPointer->label.assign(strstr(line, command->part(1))); + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + + // Service Groups... + else if ((strncmp(command->part(0), "so_atomToGrp_", 13) == 0) || (strncmp(command->part(0), "so_grpToGrp_", 12) == 0)) + { + + while ((strncmp(command->part(0), "so_atomToGrp_", 13) == 0) || (strncmp(command->part(0), "so_grpToGrp_", 12) == 0)) + { + + // Service to add to a group... + if (strncmp(command->part(0), "so_atomToGrp_", 13) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sGroup Item Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempString.assign(strstr(line, command->part(1))); + } + + // Service to add to a group... + else if (strncmp(command->part(0), "so_grpToGrp_", 12) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sGroup Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer = getObjectList(strstr(line, command->part(1))); + objectListPointer->type = serviceObject; + objectListPointer->title = i18n("Service Group Definitions"); // Pointer to the object name text + objectListPointer->description = i18n("It is possible on *DEVICETYPE* devices to group service definitions in order to ease administration. This section details those service groups."); // Pointer to the description text + + objectPointer = addObject(objectListPointer); + objectPointer->name.assign(tempString); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + } + + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + + // address Groups... + else if ((strncmp(command->part(0), "addro_grpToGrp_", 15) == 0) || (strncmp(command->part(0), "addro_atomToGrp_", 16) == 0)) + { + + while ((strncmp(command->part(0), "addro_grpToGrp_", 15) == 0) || (strncmp(command->part(0), "addro_atomToGrp_", 16) == 0)) + { + + // Service to add to a group... + if (strncmp(command->part(0), "addro_atomToGrp_", 16) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAddress Group Item Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempString.assign(strstr(line, command->part(1))); + } + + // Service to add to a group... + else if (strncmp(command->part(0), "addro_grpToGrp_", 15) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAddress Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer = getObjectList(strstr(line, command->part(1))); + objectListPointer->type = hostObject; + objectListPointer->title = i18n("Address Groups"); // Pointer to the object name text + objectListPointer->description = i18n("It is possible on *DEVICETYPE* devices to group host and network definitions in order to ease administration. This section details those groups."); // Pointer to the description text + + objectPointer = addObject(objectListPointer); + objectPointer->name.assign(tempString); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + } + + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + + // All others... + else + device->lineNotProcessed(line); + + return errorCode; +} + diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/filter.h.svn-base b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/filter.h.svn-base new file mode 100644 index 0000000..6ec82cc --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/filter.h.svn-base @@ -0,0 +1,52 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef SonicOSFilter_H +#define SonicOSFilter_H + + +#include "../device/filter/filter.h" + + +class SonicOSFilter : public Filter +{ + public: + SonicOSFilter(); + ~SonicOSFilter(); + + + private: + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); +}; + + +#endif + diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/general.cpp.svn-base b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/general.cpp.svn-base new file mode 100644 index 0000000..6549396 --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/general.cpp.svn-base @@ -0,0 +1,134 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +SonicOSGeneral::SonicOSGeneral() +{ +} + + +int SonicOSGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Hostname + if (strcmp(command->part(0), "firewallName") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHostname Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostname.assign(strstr(line, command->part(1))); + } + + // Serial Number + else if (strcmp(command->part(0), "serialNumber") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSerial Number Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + serialNumber.assign(command->part(1)); + } + + return 0; +} + + +int SonicOSGeneral::processDefaults(Device *device) +{ + // Split Version Numbers... +/* if (!version.empty()) + { + versionMajor = atoi(version.c_str()); + if ((version.find_first_of('.') != string::npos) && (version.length() > version.find_first_of('.') + 1)) + versionMinor = atoi(version.c_str() + version.find_first_of('.') + 1); + }*/ + + return 0; +} + + +int SonicOSGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-GENERAL"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-GENERAL-TABLE"); + + // Serial Number... + device->addTableData(paragraphPointer->table, i18n("Serial Number")); + device->addTableData(paragraphPointer->table, serialNumber.c_str()); + + return errorCode; +} + + +int SonicOSGeneral::generateSecuritySpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; +/* + // Service Password Encryption... + if (servicePasswordEncryption == off) + { + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Service Password Encryption Disabled")); + securityIssuePointer->reference.assign("IOS.PASSENCR.1"); + securityIssuePointer->overallRating = 8; + securityIssuePointer->impactRating = 9; + securityIssuePointer->easeRating = 2; + securityIssuePointer->fixRating = 1; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("Cisco service passwords by default are stored in their clear text form rather than being encrypted. However, it is possible to have these passwords stored using the reversible Cisco type-7 encryption. *COMPANY* determined that the service password encryption that helps to provide a basic level of encryption for passwords that otherwise would be stored in clear text was disabled on the Cisco device *DEVICENAME*.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("The Cisco type-7 password encryption provides little in the way of protection against an attacker who has access to the configuration file. However, the Cisco type-7 password encryption would provide a level of protect against a malicious user who had managed to briefly view a devices configuration.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("If a malicious user were able to glance a password from a devices configuration they could use it to gain a level of access to *DEVICENAME*. If the passwords were encrypted using the Cisco type-7 routine, a malicious user that had access to the devices configuration would have to decode the password first. Tools are widely available on the Internet that can reverse Cisco type-7 passwords.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that the Cisco password encryption service be enabled. The Cisco password encryption service can be started with the following Cisco *ABBREV*IOS*-ABBREV* command:")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*CODE**COMMAND*service password-encryption*-COMMAND**-CODE*")); + securityIssuePointer->conLine.assign(i18n("service password encryption was disabled")); + securityIssuePointer->recLine.assign(i18n("enable the service password encryption")); + }*/ + return errorCode; +} diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/general.h.svn-base b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/general.h.svn-base new file mode 100644 index 0000000..3e9f6ac --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/general.h.svn-base @@ -0,0 +1,56 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef SonicOSdevicegeneral_H +#define SonicOSdevicegeneral_H + +#include "../device/general/general.h" + + +class SonicOSGeneral : public General +{ + public: + SonicOSGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Reporting... + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + private: + string serialNumber; +}; + + +#endif diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/snmp.cpp.svn-base b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/snmp.cpp.svn-base new file mode 100644 index 0000000..8b98630 --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/snmp.cpp.svn-base @@ -0,0 +1,214 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "snmp.h" + + +using namespace std; + + +SonicOSSNMP::SonicOSSNMP() +{ + // Init SNMP support options... + deviceSNMPSupportText = i18n("*ABBREV*SNMP*-ABBREV* version 1 can be configured on *DEVICETYPE* devices to provide remote management capabilities. Furthermore, *ABBREV*SNMP*-ABBREV* traps can be sent to a *ABBREV*NMS*-ABBREV*."); // Intro Config section device specific text. + supportSNMP3 = false; // Does this device support SNMPv3? + supportSNMP3Upgrade = false; // Do you have to upgrade to get support for SNMPv3 + supportSNMP3UpgText = i18n(""); // SNMP 3 is supported from OS version ... + disableSNMPCmdText = i18n("*ABBREV*SNMP*-ABBREV* can be disabled using the *DEVICETYPE* device web management interface."); // The text and command(s) to disable SNMP support + configSNMPCommunityText = i18n("The *ABBREV*SNMP*-ABBREV* community string can be configured using the *DEVICETYPE* device web management interface."); // The text and command(s) to configure a community string + configSNMP3Text = i18n(""); // The text and command(s) to configure SNMP version 3 + configSNMPViewText = i18n(""); // The text and command(s) to configure SNMP views + configSNMPTrapsText = i18n(""); // The text and command(s) to configure SNMP traps + configSNMPInformsText = i18n(""); // The text and command(s) to configure SNMP informs + configSNMPReadOnlyText = i18n(""); // The text and command(s) to configure SNMP read only access + configSNMPFilterText = i18n(""); // The text and command(s) to configure SNMP filtering + + enabled = false; // Is the SNMP server enabled? + snmp12Enabled = false; // Is SNMP versions 1 or 2 configured? + snmp3Enabled = false; // Is SNMP version 3 configured? + listenPort = 161; // The UDP port SNMP will listen on + + snmpFilterText = i18n("Access Rule List"); // The device specific description of a filter (i.e. Cisco called them ACL) + snmpFilterIPv6Text = i18n("*ABBREV*IPv6*-ABBREV* Filter"); + + // Community Options... + communityView = false; // SNMP view for the community + communityFilter = false; // SNMP Network Filtering + communityIPv6Filter = false; // SNMP IPv6 Network Filtering + communitySpecificFilters = false; // If the device uses an SNMP specific list. If false, it is std device filters + communityRequiresHosts = false; // If the SNMP community will not work without a list of those who can access it + + // Default communities... + defaultReadOnly = "public"; // Default read only community + defaultReadWrite = ""; // Default read/write community + defaultReadWriteAll = ""; // Default read/write all community + + // SNMP Trap/Inform Host Options... + trapsOnly = true; // Only Traps are supported + trapsSNMPv3 = false; // SNMP v3 support for traps + trapsShowPort = false; // Show Trap Host Port in Table + trapsInterface = false; // Show Interface in Table + trapsInterfaceText = i18n("Interface"); // The Traps/Informs Host Table Interface Column Title + trapsShowNotifications = false; // Show Notifications in the Table + trapsShowEventLevel = false; // Show Notification Event Level in the Table + + // Traps/Informs Options... + trapsShowExcluded = false; // Show excluded traps + trapsShowOptions = false; // Show trap options + + // Host Options... + hostShowInterface = false; // Show the Interface in the Table + hostShowCommunity = true; // Show the Community in the Table + hostShowFilterID = false; // Show a filter ID if used + hostFilterText = i18n("Filter"); // The Table column title for the filter text +} + + +int SonicOSSNMP::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + snmpCommunity *communityPointer = 0; + snmpHostStruct *trapHostPointer = 0; + + // Enabled... + if (strcmp(command->part(0), "snmp_Enable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(1), "on") == 0) + { + enabled = true; + snmp12Enabled = true; + } + } + + // Name... + else if (strcmp(command->part(0), "snmp_Mib2SysName") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + name.assign(strstr(line, command->part(1))); + } + + // Location... + else if (strcmp(command->part(0), "snmp_Mib2SysLocation") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Location Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + location.assign(strstr(line, command->part(1))); + } + + // Contact... + else if (strcmp(command->part(0), "snmp_Mib2SysContact") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Contact Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + contact.assign(strstr(line, command->part(1))); + } + + // Community... + else if (strcmp(command->part(0), "snmp_GetCommunity") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + { + communityPointer = addSNMPCommunity(); + communityPointer->enabled = true; + communityPointer->community.assign(strstr(line, command->part(1))); + communityPointer->type = communityReadOnly; + communityPointer->version = 1; + } + } + + // Trap Community... + else if (strcmp(command->part(0), "snmp_TrapCommunity") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + trapCommunity.assign(strstr(line, command->part(1))); + } + + // Trap Hosts... + else if (strncmp(command->part(0), "snmp_HostIP", 11) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + { + trapHostPointer = addHost(); + trapHostPointer->community.assign(trapCommunity); + trapHostPointer->host.assign(strstr(line, command->part(1))); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int SonicOSSNMP::generateConfigSpecificReport(Device *device) +{ + // Device specific code for the config report goes here + + return 0; +} + + +int SonicOSSNMP::processDefaults() +{ + // Any default setting post processing code goes here... + + return 0; +} + diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/snmp.h.svn-base b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/snmp.h.svn-base new file mode 100644 index 0000000..2198855 --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/.svn/text-base/snmp.h.svn-base @@ -0,0 +1,53 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef SonicOSdevicesnmp_H +#define SonicOSdevicesnmp_H + +#include "../device/snmp/snmp.h" + + +class SonicOSSNMP : public SNMP +{ + public: + SonicOSSNMP(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(); + virtual int generateConfigSpecificReport(Device *device); + + private: + string trapCommunity; +}; + + +#endif diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp b/libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp new file mode 100644 index 0000000..5b27647 --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/administration-report.cpp @@ -0,0 +1,144 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "administration.h" +#include "device.h" + + +int SonicOSAdministration::generateDeviceSSHConfig(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + managementInterface *interfacePointer = 0; + string tempString; + int errorCode = 0; + + if ((sonicosInterfaces != 0) && (sshEnabled == true)) + { + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access to the *ABBREV*SSH*-ABBREV* service on *DEVICETYPE* devices is configured on individual interfaces. Table *TABLEREF* details the *ABBREV*SSH*-ABBREV* interface configuration.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINSSHINTER-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("*ABBREV*SSH*-ABBREV* service interfaces"); + + // Headings... + device->addTableHeading(paragraphPointer->table, i18n("Interface"), false); + device->addTableHeading(paragraphPointer->table, i18n("Name"), false); + device->addTableHeading(paragraphPointer->table, i18n("Zone"), false); + device->addTableHeading(paragraphPointer->table, i18n("Comment"), false); + + interfacePointer = sonicosInterfaces; + while (interfacePointer != 0) + { + if (interfacePointer->ssh == true) + { + tempString.assign(device->intToString(interfacePointer->interface)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->name.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->zone.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->comment.c_str()); + } + interfacePointer = interfacePointer->next; + } + } + + return errorCode; +} + + +int SonicOSAdministration::generateDeviceHTTPConfig(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + managementInterface *interfacePointer = 0; + string tempString; + int errorCode = 0; + + if ((sonicosInterfaces != 0) && ((httpEnabled == true) || (httpsEnabled == true))) + { + configReportPointer = device->getConfigSection("CONFIG-ADMIN"); + paragraphPointer = device->addParagraph(configReportPointer); + paragraphPointer->paragraph.assign(i18n("Access to the *ABBREV*HTTP*-ABBREV* service on *DEVICETYPE* devices is configured on individual interfaces. Table *TABLEREF* details the *ABBREV*HTTP*-ABBREV* interface configuration.")); + + // Table... + errorCode = device->addTable(paragraphPointer, "CONFIG-ADMINHTTPINTER-TABLE"); + if (errorCode != 0) + return errorCode; + paragraphPointer->table->title = i18n("*ABBREV*HTTP*-ABBREV* service interfaces"); + + // Headings... + device->addTableHeading(paragraphPointer->table, i18n("Interface"), false); + device->addTableHeading(paragraphPointer->table, i18n("Name"), false); + device->addTableHeading(paragraphPointer->table, i18n("Zone"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*HTTP*-ABBREV*"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*HTTP*-ABBREV* Redirect"), false); + device->addTableHeading(paragraphPointer->table, i18n("*ABBREV*HTTPS*-ABBREV*"), false); + device->addTableHeading(paragraphPointer->table, i18n("Comment"), false); + + interfacePointer = sonicosInterfaces; + while (interfacePointer != 0) + { + if ((interfacePointer->http == true) || (interfacePointer->https == true) || (interfacePointer->httpRedirect == true)) + { + tempString.assign(device->intToString(interfacePointer->interface)); + device->addTableData(paragraphPointer->table, tempString.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->name.c_str()); + device->addTableData(paragraphPointer->table, interfacePointer->zone.c_str()); + if (interfacePointer->http == true) + device->addTableData(paragraphPointer->table, i18n("On")); + else + device->addTableData(paragraphPointer->table, i18n("Off")); + if (interfacePointer->httpRedirect == true) + device->addTableData(paragraphPointer->table, i18n("On")); + else + device->addTableData(paragraphPointer->table, i18n("Off")); + if (interfacePointer->https == true) + device->addTableData(paragraphPointer->table, i18n("On")); + else + device->addTableData(paragraphPointer->table, i18n("Off")); + device->addTableData(paragraphPointer->table, interfacePointer->comment.c_str()); + } + interfacePointer = interfacePointer->next; + } + } + + return errorCode; +} + diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp b/libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp new file mode 100644 index 0000000..a261004 --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/administration.cpp @@ -0,0 +1,475 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "administration.h" +#include "snmp.h" + + +SonicOSAdministration::SonicOSAdministration() +{ + sonicosInterfaces = 0; + + + // ----------------------------------------------------------------------- + // Device Specific Settings... + // ----------------------------------------------------------------------- + + // General... + generalSettings = false; // Show the general settings section? + consoleEnabled = false; // Is the Console port enabled? + consoleSupported = false; // Is a console port supported? + consoleTimeoutSupported = false; // Is a console timeout supported? + consoleTimeout = 0; // Console timeout + configConsoleTimeout = i18n(""); // The text and commands to configure the timeout + auxSupported = false; // Are AUX port(s) supported? + auxEnabled = false; // Is AUX port(s) enabled? + configAuxPort = i18n(""); // The text and commands to disable the AUX port + connectionTimeoutSupported = false; // Is a connection timeout supported? + connectionTimeout = 0; // Connection Timeout + configTimeout = i18n(""); // The text and commands to configure the timeout + + // Host restrictions... + serviceWideHosts = false; // Do all the admin services share a common host restrictions? + showHostInterface = false; // Show the Interface column in the host table? + showHostAccess = false; // Show the Access column in the host table? + serviceConfigHosts = i18n(""); // Text, how to configure administrative host restrictions. + + // Telnet options... + telnetSupported = false; // Is telnet supported? + telnetEnabled = false; // Is Telnet enabled? + telnetPort = 23; // The telnet service port + telnetSpecificHost = false; // Does Telnet have its own access list? + telnetHostsRequired = false; // Is the host configuration required? + showTelnetHostInterface = false; // Show the Interface column in the host table? + showTelnetHostAccess = false; // Show the Access column in the host table? + configTelnetHostAccess = i18n(""); // How access lists are configured for the telnet service + disableTelnet = i18n(""); // How to disable telnet text... + telnetSpecificTimeout = false; // A Telnet Specific Timeout? + telnetTimeout = 0; // The Telnet Timeout (secs) + configTelnetTimeout = i18n(""); // The text and commands to configure the timeout + + // TFTP options... + tftpSupported = false; // Is TFTP supported? + tftpEnabled = false; // Is TFTP enabled? + tftpPort = 69; // The TFTP service port + tftpSpecificHost = false; // Does TFTP have its own access list? + tftpHostsRequired = false; // Is the host configuration required? + showTFTPHostInterface = false; // Show the Interface column in the host table? + showTFTPHostAccess = false; // Show the Access column in the host table? + configTFTPHostAccess = i18n(""); // How access lists are configured for the TFTP service + disableTFTP = i18n(""); // How to disable TFTP text... + + // FTP options... + ftpSupported = false; // Is FTP supported? + ftpEnabled = false; // Is FTP enabled? + ftpPort = 21; // The FTP service port + ftpSpecificHost = false; // Does FTP have its own access list? + ftpHostsRequired = false; // Is the host configuration required? + showFTPHostInterface = false; // Show the Interface column in the host table? + showFTPHostAccess = false; // Show the Access column in the host table? + configFTPHostAccess = i18n(""); // How access lists are configured for the FTP service + disableFTP = i18n(""); // How to disable FTP text... + ftpSpecificTimeout = false; // A FTP Specific Timeout? + ftpTimeout = 0; // The FTP Timeout (secs) + configFTPTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH options... + sshSupported = false; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = false; // Is the SSH service enabled? + sshVersion = 1; // What is the SSH Protocol version (0 = 1 and 2) + sshPort = 22; // The SSH port number + configSSHSupport = i18n(""); // How to configure SSH... + sshSpecificHost = false; // Does SSH have its own access list? + sshHostsRequired = false; // Is the host configuration required? + showSSHHostInterface = false; // Show the Interface column in the host table? + showSSHHostAccess = false; // Show the Access column in the host table? + configSSHHostAccess = i18n(""); // How to configure SSH... + sshSpecificTimeout = false; // A SSH Specific Timeout? + sshTimeout = 0; // The SSH Timeout (secs) + configSSHTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH Options + sftpEnabled = false; // Is SFTP enabled? + sftpSupported = false; // Is SFTP supported? + scpSupported = false; // Is SCP supported? + scpEnabled = false; // Is SCP enabled? + + // SSH 2 support... + ssh2Supported = false; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + configSSHv2Support = i18n(""); // How to configure protocol version 2 support only + + // Config report SSH support text + sshConfigProtocolSupport = i18n(""); // Config report text on protocol support (e.g. supports both version 1 and 2 of the protocol) + + // HTTP(S) options... + httpSupported = true; // Does this device support HTTP + httpsSupported = true; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpPort = 80; // HTTP port + httpsEnabled = false; // Is the HTTPS service enabled? + httpsPort = 443; // HTTPS port + httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? + httpSpecificTimeout = false; // A HTTP Specific Timeout? + httpTimeout = 0; // The HTTP Timeout (secs) + configHTTPTimeout = i18n(""); // The text and commands to configure the timeout + httpLabel = i18n("*ABBREV*HTTP*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*HTTPS*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + httpSpecificHost = false; // Does HTTP have its own access list? + httpHostsRequired = false; // Is the host configuration required? + showHTTPHostInterface = false; // Show the Interface column in the host table? + showHTTPHostAccess = false; // Show the Access column in the host table? + configHTTPHostAccess = i18n(""); // How to configure HTTP Management hosts... + disableHTTP = i18n(""); // How to disable HTTP text... + configHTTPSSupport = i18n(""); // How to configure HTTPS... +} + + +SonicOSAdministration::~SonicOSAdministration() +{ + // Variables... + managementInterface *interfacePointer = 0; + + while (sonicosInterfaces != 0) + { + interfacePointer = sonicosInterfaces->next; + delete sonicosInterfaces; + sonicosInterfaces = interfacePointer; + } +} + + +int SonicOSAdministration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + managementInterface *interfacePointer = 0; + + // HTTP Enabled... + if (strcmp(command->part(0), "httpEnable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(1), "on") == 0) + httpEnabled = true; + else + httpEnabled = false; + } + + // HTTP Port... + else if (strcmp(command->part(0), "httpMgmtPort") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTP Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + httpPort = atoi(command->part(1)); + else + httpPort = 80; + } + + // HTTPS Enabled... + else if (strcmp(command->part(0), "httpsEnable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTPS Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(1), "on") == 0) + httpsEnabled = true; + else + httpsEnabled = false; + } + + // HTTPS Port... + else if (strcmp(command->part(0), "httpsMgmtPort") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHTTPS Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + httpsPort = atoi(command->part(1)); + else + httpsPort = 443; + } + + // HTTP Enabled... + else if (strncmp(command->part(0), "iface_http_mgmt_", 16) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface HTTP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(atoi(command->part(0) + 16)); + if (strcmp(command->part(1), "1") == 0) + { + interfacePointer->http = true; + httpEnabled = true; + } + else + interfacePointer->http = false; + } + + // HTTP USer Login Enabled... + else if (strncmp(command->part(0), "iface_http_usrLogin_", 20) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface HTTP Login Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(atoi(command->part(0) + 20)); + if (strcmp(command->part(1), "1") == 0) + interfacePointer->httpLogin = true; + else + { + interfacePointer->httpLogin = false; + httpEnabled = false; + } + } + + // HTTPS Enabled... + else if (strncmp(command->part(0), "iface_https_mgmt_", 17) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface HTTPS Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(atoi(command->part(0) + 17)); + if (strcmp(command->part(1), "1") == 0) + { + interfacePointer->https = true; + httpsEnabled = true; + } + else + interfacePointer->https = false; + } + + // HTTPS USer Login Enabled... + else if (strncmp(command->part(0), "iface_https_usrLogin_", 21) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface HTTPS Login Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(atoi(command->part(0) + 21)); + if (strcmp(command->part(1), "1") == 0) + interfacePointer->httpsLogin = true; + else + { + interfacePointer->httpsLogin = false; + httpsEnabled = false; + } + } + + // HTTP Redirect Enabled... + else if (strncmp(command->part(0), "iface_http_redirect_rule_", 25) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface HTTP Redirect Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(atoi(command->part(0) + 25)); + if (strcmp(command->part(1), "1") == 0) + interfacePointer->httpRedirect = true; + else + interfacePointer->httpRedirect = false; + } + + // SSH Enabled... + else if (strncmp(command->part(0), "iface_ssh_mgmt_", 15) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface SSH Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(atoi(command->part(0) + 15)); + if (strcmp(command->part(1), "1") == 0) + interfacePointer->ssh = true; + else + interfacePointer->ssh = false; + } + + // SNMP Enabled... + else if (strncmp(command->part(0), "iface_snmp_mgmt_", 16) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface SNMP Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(atoi(command->part(0) + 16)); + if (strcmp(command->part(1), "1") == 0) + interfacePointer->snmp = true; + else + interfacePointer->snmp = false; + } + + // Interface no... + else if (strncmp(command->part(0), "iface_ifnum_", 12) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface No. Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + interfacePointer = getInterface(atoi(command->part(0) + 12)); + interfacePointer->interface = atoi(command->part(1)); + } + + // Interface Name... + else if (strncmp(command->part(0), "iface_name_", 11) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + { + interfacePointer = getInterface(atoi(command->part(0) + 11)); + interfacePointer->name.assign(command->part(1)); + } + } + + // Interface Comments... + else if (strncmp(command->part(0), "iface_comment_", 14) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Comment Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + { + interfacePointer = getInterface(atoi(command->part(0) + 14)); + interfacePointer->comment.assign(strstr(line, command->part(1))); + } + } + + // Interface Zone... + else if (strncmp(command->part(0), "interface_Zone_", 15) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sInterface Zone Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + { + interfacePointer = getInterface(atoi(command->part(0) + 15)); + interfacePointer->zone.assign(strstr(line, command->part(1))); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int SonicOSAdministration::processDefaults(Device *device) +{ + // Variables... + managementInterface *interfacePointer = sonicosInterfaces; + + if (strcmp(device->deviceMake, "3Com") == 0) + { + httpSupported = true; // Does this device support HTTP + httpsSupported = true; // Does this device support HTTPS + httpEnabled = true; // Is the HTTP service enabled? + httpsEnabled = true; // Is the HTTPS service enabled? + disableHTTP = i18n("Unfortunately it is not possible to disable *ABBREV*HTTP*-ABBREV* access to *DEVICETYPE* devices. Therefore *COMPANY* recommends that the firewall is replaced, or if that is not possible, only the *ABBREV*HTTPS*-ABBREV* service should be used for remote administration."); // How to disable HTTP text... + } + + else + { + if (sonicosInterfaces != 0) + { + sshSupported = true; + if (device->snmp != 0) + device->snmp->enabled = true; + } + + while (interfacePointer != 0) + { + if ((interfacePointer->http == true) && (interfacePointer->httpRedirect == false)) + httpEnabled = true; + if (interfacePointer->https == true) + httpsEnabled = true; + if (interfacePointer->ssh == true) + sshEnabled = true; + interfacePointer = interfacePointer->next; + } + } + + return 0; +} + + +SonicOSAdministration::managementInterface *SonicOSAdministration::getInterface(int number) +{ + // Variables... + managementInterface *interfacePointer = sonicosInterfaces; + bool init = false; + + if (sonicosInterfaces == 0) + { + sonicosInterfaces = new (managementInterface); + interfacePointer = sonicosInterfaces; + init = true; + } + else + { + interfacePointer = sonicosInterfaces; + while (interfacePointer->next != 0) + { + if (interfacePointer->interface == number) + return interfacePointer; + interfacePointer = interfacePointer->next; + } + if (interfacePointer->interface != number) + { + interfacePointer->next = new (managementInterface); + interfacePointer = interfacePointer->next; + init = true; + } + } + + if (init == true) + { + // Init... + interfacePointer->interface = 0; + interfacePointer->http = false; + interfacePointer->httpLogin = false; + interfacePointer->httpRedirect = false; + interfacePointer->https = false; + interfacePointer->httpsLogin = false; + interfacePointer->ssh = false; + interfacePointer->snmp = false; + interfacePointer->next = 0; + } + + return interfacePointer; +} + diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/administration.h b/libnipper-0.12.6/SonicWALL-SonicOS/administration.h new file mode 100644 index 0000000..f6970da --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/administration.h @@ -0,0 +1,77 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef SonicOSadministration_H +#define SonicOSadministration_H + + +// Includes... +#include "../device/administration/administration.h" + + +class SonicOSAdministration : public Administration +{ + public: + + SonicOSAdministration(); + ~SonicOSAdministration(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + + struct managementInterface + { + int interface; + string name; + string zone; + string comment; + bool http; + bool httpLogin; + bool httpRedirect; + bool https; + bool httpsLogin; + bool ssh; + bool snmp; + struct managementInterface *next; + }; + + managementInterface *sonicosInterfaces; + + + // Methods + int generateDeviceSSHConfig(Device *device); // A device specific config report output + int generateDeviceHTTPConfig(Device *device); // A device specific config report output + managementInterface *getInterface(int number); +}; + + +#endif diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/device.cpp b/libnipper-0.12.6/SonicWALL-SonicOS/device.cpp new file mode 100644 index 0000000..05b5a4e --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/device.cpp @@ -0,0 +1,262 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes +#include +#include +#include +#include + +#include "../globaldefs.h" +#include "../device/errortext.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" +#include "filter.h" +#include "snmp.h" +#include "administration.h" +#include "dns.h" + + +SonicOSDevice::SonicOSDevice() +{ + deviceMake = "SonicWALL"; + deviceType = "Internet Security Applicance"; + deviceOS = "SonicOS"; + + isFirewall = true; + + general = new (SonicOSGeneral); + administration = new (SonicOSAdministration); + filter = new (SonicOSFilter); + snmp = new (SonicOSSNMP); + dns = new (SonicOSDNS); +} + + +SonicOSDevice::~SonicOSDevice() +{ + delete general; + delete filter; + delete snmp; + delete administration; + delete dns; +} + + +int SonicOSDevice::process() +{ + // Variables... + string tempString; + string unencodedFile; + struct stat *fileStats = 0; + char *buffer = 0; + int returnCode = 0; + + // Open Input... + returnCode = openInput(); + if (returnCode == 0) + { + + // Get file size... + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(config->inputSource, fileStats); + + // Reserve Base64 decode buffer... + buffer = new (nothrow) char [fileStats->st_size + 1]; + memset (buffer, 0, fileStats->st_size + 1); + + // Read in the whole configuration... + fread(buffer, 1, fileStats->st_size, inputFile); + + // Close Input... + fclose(inputFile); + + // Base64/URL decode... + tempString.assign(urlDecode(base64Decode(buffer), true)); + + // Free Buffer... + delete[] buffer; + + // Open New Temporary File and save decoded config to it + unencodedFile.assign(TEMP_DIR); + unencodedFile.append("delete-me"); + unencodedFile.append(intToString(rand())); + inputFile = fopen(unencodedFile.c_str(), "w"); + if (inputFile == NULL) + return deviceerror_openingfile; + fwrite(tempString.c_str(), 1, tempString.length(), inputFile); + fclose(inputFile); + + // Open Input... + config->inputSource = unencodedFile.c_str(); + returnCode = openInput(); + if (returnCode == 0) + { + + returnCode = processDevice(); + + // Close Input... + fclose(inputFile); + + // Post processing defaults... + setPostCommonDefaults(); + + // Post device specific processing defaults... + setPostDefaults(); + } + } + + return returnCode; +} + + +int SonicOSDevice::processDevice() +{ + // Variables... + char line[1024]; + ConfigLine command; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Hostname (in general)... + if (strcmp(command.part(0), "firewallName") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Serial Number + else if (strcmp(command.part(0), "serialNumber") == 0) + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Firewall Policies... + else if (strncmp(command.part(0), "policy", 6) == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Firewall Rules... + else if (strncmp(command.part(0), "prefs_rule", 10) == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Addresses... + else if (strncmp(command.part(0), "addrObj", 7) == 0) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Address Groups... + else if ((strncmp(command.part(0), "addro_grpToGrp_", 15) == 0) || (strncmp(command.part(0), "addro_atomToGrp_", 16) == 0)) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Services... + else if ((strncmp(command.part(0), "svcObj", 6) == 0) || (strncmp(command.part(0), "prefs_svc", 9) == 0)) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Service Groups... + else if ((strncmp(command.part(0), "so_atomToGrp_", 13) == 0) || (strncmp(command.part(0), "so_grpToGrp_", 12) == 0)) + filter->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // SNMP... + else if (strncmp(command.part(0), "snmp_", 5) == 0) + snmp->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Administration HTTP... + else if (strncmp(command.part(0), "http", 4) == 0) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // DNS... + else if (strcmp(command.part(0), "dnsSrvAddr") == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // DNS... + else if (strncmp(command.part(0), "dnsServer", 9) == 0) + dns->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // Administration Interfaces... + else if ((strncmp(command.part(0), "iface_", 6) == 0) || (strncmp(command.part(0), "interface_Zone_", 15) == 0)) + administration->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + + // All others... + else + lineNotProcessed(line); + } + + return 0; +} + + +bool SonicOSDevice::isDeviceType() +{ + // Variables... + string tempString; + string unencodedFile; + struct stat *fileStats = 0; + char *buffer = 0; + int returnCode = 0; + + // Open Input... + returnCode = openInput(); + if (returnCode == 0) + { + + // Get file size... + fileStats = new (struct stat); + memset(fileStats, 0, sizeof(struct stat)); + stat(config->inputSource, fileStats); + + // Reserve Base64 decode buffer... + buffer = new (nothrow) char [fileStats->st_size + 1]; + memset (buffer, 0, fileStats->st_size + 1); + + // Read in the whole configuration... + fread(buffer, 1, fileStats->st_size, inputFile); + + // Close Input... + fclose(inputFile); + + // Base64/URL decode... + tempString.assign(urlDecode(base64Decode(buffer), true)); + + // Free Buffer... + delete[] buffer; + + if (tempString.find("firewallName") != string::npos) + return true; + } + + return false; +} + + diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/device.h b/libnipper-0.12.6/SonicWALL-SonicOS/device.h new file mode 100644 index 0000000..e5e20b7 --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/device.h @@ -0,0 +1,54 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_SonicOS_H +#define device_SonicOS_H + + +#include "../device/device.h" + +class SonicOSGeneral; + +class SonicOSDevice : public Device +{ + public: + SonicOSDevice(); + ~SonicOSDevice(); + + bool isDeviceType(); + + private: + int processDevice(); + int process(); +}; + + +#endif diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp b/libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp new file mode 100644 index 0000000..56323bd --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/dns.cpp @@ -0,0 +1,102 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "dns.h" + + +SonicOSDNS::SonicOSDNS() +{ + nameMappingConfig = i18n("*DEVICETYPE* devices can be configured with a list of *ABBREV*DNS*-ABBREV* servers. This section details those settings."); // The text paragraph in the config section + + // Host configuration + showInterface = false; // Are interfaces supported? + + // DNS Client Settings + dnsClientSupported = true; // DNS Client Supported? + dnsLookupEnabled = false; // DNS lookups enabled? + dnsRetries = 0; // DNS lookup retries + dnsRetriesSupported = false; // DNS lookup retries Supported? + dnsTimeout = 0; // DNS timeout + dnsTimeoutSupported = false; // DNS timeout Supported? + + // DNS Server Options... + dnsRecordKeepAliveSupported = false; // Is the DNS keep Alive message type supported? + returnRecordsSupported = false; // Is the single/multiple record field supported? + dynamicDNSSupported = false; // Is Dynamic DNS Supported? + dnsServerSupported = false; // Is DNS Server Supported? + dnsServiceEnabled = false; // Is the DNS service enabled? + dynamicDNSEnabled = false; // Is dynamic DNS enabled? + dnsPort = 53; // DNS Server Port +} + + +int SonicOSDNS::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + dnsConfig *dnsPointer = 0; + + // DNS Server Address... + if ((strcmp(command->part(0), "dnsSrvAddr") == 0) && (command->parts > 1)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + dnsPointer = addDNSServer(command->part(1)); + dnsPointer->description.assign(i18n("Primary")); + } + else if ((strncmp(command->part(0), "dnsServer", 9) == 0) && (command->parts > 1)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sDNS Server Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + dnsPointer = addDNSServer(command->part(1)); + dnsPointer->description.assign(i18n("Secondary")); + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int SonicOSDNS::processDefaults() +{ + return 0; +} + diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/dns.h b/libnipper-0.12.6/SonicWALL-SonicOS/dns.h new file mode 100644 index 0000000..fcd6c16 --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/dns.h @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef SonicOSDNS_H +#define SonicOSDNS_H + + +#include "../device/dns/dns.h" + + +class SonicOSDNS : public DNS +{ + public: + + SonicOSDNS(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(); +}; + + +#endif diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp b/libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp new file mode 100644 index 0000000..676a2cd --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/filter.cpp @@ -0,0 +1,1294 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../device/common/configline.h" +#include "../globaldefs.h" +#include "device.h" +#include "filter.h" + + +SonicOSFilter::SonicOSFilter() +{ + // Filter device options... + denyAllAndLogDefault = false; // Does it deny all and log by default? + defaultFilterActionSupported = false; // Default action supported on the device + allowByDefault = false; // Allow by default? + defaultActionIsAllow = false; // Is the default action to allow + logLevelsSupported = false; // Are log Levels supported + logOnlyDenySupported = false; // Is only Deny rule logging supported + noAccessWithoutFilters = false; // Is access not granted if no filters are configured + filterSupportsInstalled = false; // If filtering supports installed (i.e. CheckPoint) + filterSupportsThrough = false; // If a filtering supports through (i.e. CheckPoint) + rejectRulesSupported = true; // If reject rules are supported + bypassRulesSupported = false; // If bypass rules are supported + defaultRulesSupported = false; // If default rules are supported + ruleListsAreAssigned = false; // Rule lists are assigned to specific elements + allowName = i18n("Allow"); // The name given to an allowed filter + denyName = i18n("Deny"); // The name given to a denied filter + rejectName = i18n("Reject"); // The name given to a rejected filter + filterConfigTitle = i18n("Access Rules Configuration"); // The Title for the configuration report section + filterConfigText = i18n(""); // The device specific configuration report section text + filterConfigText2 = i18n(""); // The device specific configuration report section text2 + useFilterID = false; // Use the filter ID to identify a filter (otherwise a line no. is used) + filterIDTitle = i18n("Line"); // The title for the filter ID/line no. table column + filterListName = i18n("access rule list"); // The name of the filter list, for use in text paragraphs + filterListNameTitle = i18n("Access Rule List"); // The name of the filter list, for use in titles + filterListNamePlaural = i18n("Access Rule List"); // The name of the filter list, for use in text paragraphs + filterTitle = i18n("Access Rule"); // The name of a filter, for use in titles + filterTitlePlaural = i18n("Access Rules"); // The name of a filter, for use in titles + filterName = i18n("access rule"); // The name of a filter, for use use in text paragraph + filterNamePlaural = i18n("access rules"); // The name of a filter, for use use in text paragraph + + // Issue titles... + allowAndNotLogIssue = i18n("Not All Allow Access Rules Log Access"); // The title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogTable = i18n("Allow Access Rules that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + allowAndNotLogConcl = i18n("not all allow access rules log access"); // The conclusions text for the "All Allow Rules Do Not Log" issue + allowAndNotLogReco = i18n("Configure logging for all allow access rules"); // The recommendations text for "All Allow Rules Do Not Log" (and deny) issue + denyAndNotLogIssue = i18n("Not All Deny Access Rules Log Access"); // The title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogTable = i18n("Deny access rules that do not log"); // The table title text for the "All Allow Rules Do Not Log" issue + denyAndNotLogConcl = i18n("not all deny access rules log access"); // The conclusions text for the "All Allow Rules Do Not Log" issue + configRuleLogging = i18n("Access rule logging can be configured using the SonicWALL web management interface."); // The text describing how to configure logging for filter rules + noFilteringIssue = i18n("No Access Rule Lists Were Configured"); // The title text for the "No filtering" issue + noFilteringRec = i18n("Configure access rule lists to restict access"); // The title text for the "No filtering" recommendation + noFilteringCon = i18n("no access rule lists were configured"); // The title text for the "No filtering" conclusion + legacyIssueFinding = i18n(""); // The finding for the legacy issue + legacyIssueImpact = i18n(""); // The impact for the legacy issue + legacyIssueEase = i18n(""); // The ease for the legacy issue + legacyIssueRec = i18n(""); // The recommendation for the legacy issue + allowAnythingTable = i18n("Access rules allow any access"); // The allow anything table title text + allowWeakTable = i18n("Access rules provide weak filtering"); // Weak source/service/destination/service table title text + allowAnyAnyAnyTable = i18n("Access rules allow any host to access any destination and service"); // The allow any source, destination and service table title text + allowWeakWeakWeakTable = i18n("Access rules provide weak filtering of source, destination and service"); // The allow weak source, destination and service table title text + allowAnyServiceAnyTable = i18n("Access rules allow any source port to any destination and service"); // The allow any source port, destination and service table title text + allowWeakServiceAnyTable = i18n("Access rules provide weak filtering of source port to destination and service"); // The allow weak source, destination and service table title text + allowAnyAnyTable = i18n("Access rules allow any source to any destination"); // The allow any source, destination table title text + allowAnyAnyServiceTable = i18n("Access rules allow any source to any destination service"); // The allow any source, destination service table title text + allowAnyDestServiceTable = i18n("Access rules allow any destination and service"); // The allow any destination and service table title text + allowAnyPortDestTable = i18n("Access rules allow any source port to any destination address"); // The allow any source port to any destination table title text + allowAnyPortServiceTable = i18n("Access rules allow any source port to any destination service"); // The allow any source port to any dest service table title text + allowWeakWeakTable = i18n("Access rules allow weak filtering of source and destination addresses"); // The allow weak source, destination addresses + allowWeakWeakServiceTable = i18n("Access rules allow weak source addresses and destination services"); // The allow weak source, destination service table title text + allowDestAndServiceTable = i18n("Access rules allow weak destination addresses and services");// The allow weak destination and service table title text + allowWeakPortDestTable = i18n("Access rules allow weak source ports and destination"); // The allow weak source port to Destination table title text + allowWeakPortServiceTable = i18n("Access rules allow weak source ports and destination services"); // The allow weak source port to service table title text + allowAnySourceTable = i18n("Access rules allow from any source address"); // The allow any source address table title text + allowNetSourceTable = i18n("Access rules allow from a network source address"); // The allow a network source address table title text + allowAnyPortTable = i18n("Access rules allow from any source port"); // The allow any source port table title text + allowRangePortTable = i18n("Access rules allow from a source port range"); // The allow range source port table title text + allowAnyDestTable = i18n("Access rules allow to any destination"); // The allow any destination table title text + allowNetDestTable = i18n("Access rules allow to a network destination"); // The allow a network destination table title text + allowToAnyDestServiceTable = i18n("Access rules allow to any destination service"); // The allow any destination service table title text + allowToNetDestServiceTable = i18n("Access rules allow to a destination service range"); // The allow a destination service range table title text + bypassContentFilterCon = i18n("Access rules were configured that bypass the content filtering"); // Bypass filter conclusion text + bypassContentFilterRec = i18n("Connfigure access rules that do not bypass the content filtering"); // Bypass filter recommendation text + defaultFilterCon = i18n("Access rules were configured that default to the ports filtering action"); // Default filter conclusion text + defaultFilterRec = i18n("Configure access rules that do not default to the ports filtering action"); // Default filter recommendation text + rejectSecurityIssueTitle = i18n("Reject Access Rules Were Configured"); // Reject filter title text + securityRejectTextCon = i18n("Access Rules were configured that reject network traffic"); // Reject filter conclusion text + securityRejectTextRec = i18n("Configure access rules to deny rather than reject network traffic"); // Reject filter recommendation text + clearTextServiceCon = i18n("Access rules were configured that allow access to clear text protocol services"); // Clear Text Service conclusions text + clearTextServiceRec = i18n("Configure access rules to deny access to any clear text protocol services"); // Clear Text Service recommendations text2 + configureFilterListRecIssueText = i18n(""); // The text and commands to configure a filter list + configureFilterRecIssueText = i18n(""); // The text and commands to configure a filter + unnecessaryServiceCon = i18n("Access rules were configured that allow access to potentially unnecessary services"); // Unnecessary Service conclusions text + unnecessaryServiceRec = i18n("Configure access rules to deny access to any unnecessary services"); // Unnecessary Service recommendations text2 + filtersWithNoCommentsTitle = i18n("Not All Access Rules Include Comments"); // Filters with no comments title text + noFilterCommentsCon = i18n("not all access rules include comment text indicating their purpose"); // The no comments conclusion text + noFilterCommentsRec = i18n("Configure comment text for all access rules"); // The no comments recommendation text + configureFilterCommentText = i18n(""); // The text and commands to configure a filters comment text + disabledFiltersTitle = i18n("Disabled Access Rules Were Configured"); // The disabled filter issues title text + removeFilterText = i18n(""); // The commands and text to delete a filter + disabledFilterCon = i18n("disabled access rules were configured"); // The disabled filter conclusion text + disabledFilterRec = i18n("Remove all disabled access rules"); // The disabled filter recommendation text + defaultActionIssueTitle = i18n("The Default Network Filtering Action Permits Access"); // The default filter action issue title + defaultActionIssueCon = i18n("the default filtering action was configured to allow access when a access rule does not match"); // The default filter action conclusion text + defaultActionIssueRec = i18n("Set the default filtering action to deny network traffic"); // The default filter action recommendation text + configureDefaultActionText = i18n(""); // The text and commands to configure the default action + unusedFiltersIssueTitle = i18n("Unused Access Rules Were Configured At The Access Rule List End"); // Unused filters at the end of the filter list title + unusedFiltersIssueCon = i18n("unused access rules were configured at the end of the access rule list"); // Unused filters issue conclusions text + unusedFiltersIssueRec = i18n("Remove all unused access rules"); // Unused filters issue recommendation text + denyAllLogIssueTitle = i18n("Access Rule List Does Not End with Deny All And Log"); // Deny All And Log Issue title + denyAllLogConfigure = i18n(""); // The text and commands to add a deny all and log line + denyAllLogIssueCon = i18n("not all access rule lists end with a deny all and log "); // The deny all and log conclusions text + denyAllLogIssueRec = i18n("Configure a deny all and log access rule as the last access rule in the access rule list"); // The deny all and log recommendations text + contradictIssueTitle = i18n("Contradicting Access Rules Were Configured"); // The contradict issue title + contradictIssueTable = i18n("contradictions of access rules"); // The contradict table issue title + contradictIssueCon = i18n("Access rules were configured that contradict other access rules"); // The contradict issue conclusion + contradictIssueRec = i18n("Reconfigure the access rules so they do not contradict other access rules"); // The contradict issue recommendation + duplicateIssueTitle = i18n("Duplicate Access Rules Were Configured"); // The duplicate/overlapping issue title + duplicateIssueTable = i18n("duplicates of access rules"); // The duplicate/overlapping issue title + duplicateIssueCon = i18n("Access rules were configured that duplicate the configuration of other access rules"); // The duplicate/overlapping issue title + duplicateIssueRec = i18n("Reconfigure the access rules so that the rules do not duplicate other access rules"); // The duplicate/overlapping issue title +} + + +SonicOSFilter::~SonicOSFilter() +{ +} + + +int SonicOSFilter::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + netObjectListConfig *objectListPointer = 0; + netObjectListConfig *tempListPointer = 0; + filterObjectConfig *objectPointer = 0; + filterObjectConfig *subObjectPointer = 0; + filterConfig *filterPointer = 0; + filterListConfig *filterListPointer = 0; + fpos_t filePosition; + string tempString; + int tempInt = 0; + int tempCounter = 0; + int errorCode = 0; + int currentObject = 9999; + + // Firewall Policy + if (strncmp(command->part(0), "policy", 6) == 0) + { + + filterListPointer = getFilterList("Access Rules"); + filterListPointer->type = i18n("Access Rules"); // The filter list type name (used in the config report) + filterListPointer->typeDescription = i18n("Access rules are used to filter the network traffic passing through *DEVICETYPE* devices. This section details those rules."); // The filter list type description for the report (used in config report) + filterListPointer->legacyType = false; // Is the filter list a legacy type? + filterListPointer->sourceOnly = false; // The type of filter + filterListPointer->loggingSupport = true; // Does the filter list support logging + filterListPointer->supportsTime = false; // Filter support time (dest only) + filterListPointer->supportsFragments = true; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = false; // Filter support established (dest only) + filterListPointer->sourceServiceSupported = false; // If source services are supported + filterListPointer->disabledFilterSupport = true; // Is it possible to disable filters? + filterListPointer->filterCommentsSupported = true; // Are filter comments supported + filterListPointer->showProtocol = false; // Show the protocol? (some devices use a configured service) + filterListPointer->showFilterZones = true; // Does the filter use filter-based zones (i.e. SonicWALL) + filterPointer = addFilter(filterListPointer); + + while ((feof(device->inputFile) == 0) && (strncmp(command->part(0), "policy", 6) == 0)) + { + + // Action... + if (strncmp(command->part(0), "policyAction_", 13) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Action Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 13); + } + else if (filterPointer->id != atoi(command->part(0) + 13)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 13); + } + + if (strcasecmp(command->part(1), "2") == 0) + filterPointer->action = allowAction; + else if (strcasecmp(command->part(1), "1") == 0) + filterPointer->action = rejectAction; + else + filterPointer->action = denyAction; + } + + // Service + else if ((strncmp(command->part(0), "policyDstSvc_", 13) == 0) && (command->parts > 1)) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Destination Service Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 13); + } + else if (filterPointer->id != atoi(command->part(0) + 13)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 13); + } + + objectPointer = addFilterObject(filterPointer, destinationService); + if (command->parts > 1) + { + objectPointer->name.assign(strstr(line, command->part(1))); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + } + else + { + objectPointer->name.assign(i18n("Any")); + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + } + + // Source Zone + else if (strncmp(command->part(0), "policySrcZone_", 14) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Source Zone Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 14); + } + else if (filterPointer->id != atoi(command->part(0) + 14)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 14); + } + + if (command->parts == 1) + filterPointer->sourceZone.assign(i18n("Any")); + else + filterPointer->sourceZone.assign(command->part(1)); + } + + // Destination Zone + else if (strncmp(command->part(0), "policyDstZone_", 14) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Destination Zone Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 14); + } + else if (filterPointer->id != atoi(command->part(0) + 14)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 14); + } + + if (command->parts == 1) + filterPointer->destZone.assign(i18n("Any")); + else + filterPointer->destZone.assign(command->part(1)); + } + + // Source + else if (strncmp(command->part(0), "policySrcNet_", 13) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Source Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 13); + } + else if (filterPointer->id != atoi(command->part(0) + 13)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 13); + } + + objectPointer = addFilterObject(filterPointer, source); + if (command->parts > 1) + { + objectPointer->name.assign(strstr(line, command->part(1))); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + } + else + { + objectPointer->name.assign(i18n("Any")); + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + } + + // Destination + else if (strncmp(command->part(0), "policyDstNet_", 13) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Destination Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 13); + } + else if (filterPointer->id != atoi(command->part(0) + 13)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 13); + } + + objectPointer = addFilterObject(filterPointer, destination); + if (command->parts > 1) + { + objectPointer->name.assign(strstr(line, command->part(1))); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + } + else + { + objectPointer->name.assign(i18n("Any")); + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + } + + // Policy Enabled + else if (strncmp(command->part(0), "policyEnabled_", 14) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Enabled Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 14); + } + else if (filterPointer->id != atoi(command->part(0) + 14)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 14); + } + + if (strcmp(command->part(1), "1") == 0) + filterPointer->enabled = true; + else + filterPointer->enabled = false; + } + + // Logging Enabled + else if (strncmp(command->part(0), "policyLog_", 10) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Logging Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 10); + } + else if (filterPointer->id != atoi(command->part(0) + 10)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 10); + } + + if (strcmp(command->part(1), "1") == 0) + filterPointer->log = true; + else + filterPointer->log = false; + } + + // Fragmentation + else if (strncmp(command->part(0), "policyFrag_", 11) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Fragments Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 11); + } + else if (filterPointer->id != atoi(command->part(0) + 11)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 11); + } + + if (strcmp(command->part(1), "0") == 0) + filterPointer->fragments = false; + else + filterPointer->fragments = true; + } + + // Comments + else if (strncmp(command->part(0), "policyComment_", 14) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sPolicy Comment Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 14); + } + else if (filterPointer->id != atoi(command->part(0) + 14)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 14); + } + + filterPointer->comment.assign(strstr(line, command->part(1))); + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + + // Firewall Rules + else if ((strncmp(command->part(0), "prefs_rule", 10) == 0) || (strncmp(command->part(0), "serviceNameInRule_", 18) == 0)) + { + + filterListPointer = getFilterList("Access Rules"); + filterListPointer->type = i18n("Access Rules"); // The filter list type name (used in the config report) + filterListPointer->typeDescription = i18n("Access rules are used to filter the network traffic passing through *DEVICETYPE* devices. This section details those rules."); // The filter list type description for the report (used in config report) + filterListPointer->legacyType = false; // Is the filter list a legacy type? + filterListPointer->sourceOnly = false; // The type of filter + filterListPointer->loggingSupport = false; // Does the filter list support logging + filterListPointer->supportsTime = false; // Filter support time (dest only) + filterListPointer->supportsFragments = true; // Filter support fragments (dest only) + filterListPointer->supportsEstablished = false; // Filter support established (dest only) + filterListPointer->sourceServiceSupported = false; // If source services are supported + filterListPointer->disabledFilterSupport = true; // Is it possible to disable filters? + filterListPointer->filterCommentsSupported = true; // Are filter comments supported + filterListPointer->showProtocol = false; // Show the protocol? (some devices use a configured service) + filterListPointer->showFilterZones = true; // Does the filter use filter-based zones (i.e. SonicWALL) + filterPointer = addFilter(filterListPointer); + + objectListPointer = getOnlyObjectList(i18n("Service definition list")); + + while ((feof(device->inputFile) == 0) && ((strncmp(command->part(0), "prefs_rule", 10) == 0) || (strncmp(command->part(0), "ruleComment_", 12) == 0) || (strncmp(command->part(0), "serviceNameInRule_", 18) == 0))) + { + + // Rule Action... + if (strncmp(command->part(0), "prefs_ruleAction_", 17) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Action Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 17); + } + else if (filterPointer->id != atoi(command->part(0) + 17)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 17); + } + + if (strcasecmp(command->part(1), "allow") == 0) + filterPointer->action = allowAction; + else if (strcasecmp(command->part(1), "deny") == 0) + filterPointer->action = denyAction; + else + filterPointer->action = rejectAction; + } + + // Service ID + else if (strncmp(command->part(0), "prefs_ruleSvcID_", 16) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Service Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 16); + } + else if (filterPointer->id != atoi(command->part(0) + 16)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 16); + } + + if ((objectListPointer != 0) && (command->parts > 1)) + { + subObjectPointer = objectListPointer->object; + tempCounter = 0; + tempInt = atoi(command->part(1)); + while (subObjectPointer !=0) + { + if (tempCounter == tempInt) + { + objectPointer = addFilterObject(filterPointer, destinationService); + objectPointer->name.assign(subObjectPointer->label); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + subObjectPointer = 0; + } + else + subObjectPointer = subObjectPointer->next; + tempCounter++; + } + } + else + { + objectPointer = addFilterObject(filterPointer, destinationService); + objectPointer->name.assign(i18n("any")); + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + } + + // Source Ethernet + else if (strncmp(command->part(0), "prefs_ruleSrcEnet_", 18) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Source Ethernet Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 18); + } + else if (filterPointer->id != atoi(command->part(0) + 18)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 18); + } + + if (command->parts == 1) + filterPointer->sourceZone.assign(i18n("Any")); + else + { + tempInt = atoi(command->part(1)); + switch (tempInt) + { + case 0: + filterPointer->sourceZone.assign(i18n("*ABBREV*LAN*-ABBREV*")); + break; + default: + filterPointer->sourceZone.assign(command->part(1)); + break; + } + + } + } + + // Destination Ethernet + else if (strncmp(command->part(0), "prefs_ruleDstEnet_", 18) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Destination Ethernet Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 18); + } + else if (filterPointer->id != atoi(command->part(0) + 18)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 18); + } + + if (command->parts == 1) + filterPointer->destZone.assign(i18n("Any")); + else + { + tempInt = atoi(command->part(1)); + switch (tempInt) + { + case 0: + filterPointer->destZone.assign(i18n("*ABBREV*LAN*-ABBREV*")); + break; + default: + filterPointer->destZone.assign(command->part(1)); + break; + } + } + } + + // Source Begin + else if (strncmp(command->part(0), "prefs_ruleSrcBegin_", 19) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Source Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 19); + } + else if (filterPointer->id != atoi(command->part(0) + 19)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 19); + } + + objectPointer = addFilterObject(filterPointer, source); + if (command->parts > 1) + { + objectPointer->name.assign(strstr(line, command->part(1))); + objectPointer->type = hostObject; + objectPointer->serviceOper = serviceOperEqual; + } + else + { + objectPointer->name.assign(i18n("Any")); + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + } + + // Source End + else if (strncmp(command->part(0), "prefs_ruleSrcEnd_", 17) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Source End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 17); + } + else if (filterPointer->id != atoi(command->part(0) + 17)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 17); + } + + if (objectPointer != 0) + { + objectPointer->netmask.assign(strstr(line, command->part(1))); + if ((objectPointer->name.compare("0.0.0.0") == 0) && (objectPointer->netmask.compare("255.255.255.255") == 0)) + { + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + else if (objectPointer->name.compare(objectPointer->netmask) != 0) + { + objectPointer->type = networkObject; + objectPointer->serviceOper = serviceOperEqual; + } + else + { + objectPointer->type = hostObject; + objectPointer->netmask.assign("255.255.255.255"); + } + } + } + + // Destination Begin + else if (strncmp(command->part(0), "prefs_ruleDstBegin_", 19) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Destination Start Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 19); + } + else if (filterPointer->id != atoi(command->part(0) + 19)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 19); + } + + objectPointer = addFilterObject(filterPointer, destination); + if (command->parts > 1) + { + objectPointer->name.assign(strstr(line, command->part(1))); + objectPointer->type = hostObject; + objectPointer->serviceOper = serviceOperEqual; + } + else + { + objectPointer->name.assign(i18n("Any")); + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + } + + // Destination End + else if (strncmp(command->part(0), "prefs_ruleDstEnd_", 17) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Destination End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 17); + } + else if (filterPointer->id != atoi(command->part(0) + 17)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 17); + } + + if (objectPointer != 0) + { + objectPointer->netmask.assign(strstr(line, command->part(1))); + if ((objectPointer->name.compare("0.0.0.0") == 0) && (objectPointer->netmask.compare("255.255.255.255") == 0)) + { + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + else if (objectPointer->name.compare(objectPointer->netmask) != 0) + { + objectPointer->type = networkObject; + objectPointer->serviceOper = serviceOperEqual; + } + else + { + objectPointer->type = hostObject; + objectPointer->netmask.assign("255.255.255.255"); + } + } + } + + // Rule Enabled + else if (strncmp(command->part(0), "prefs_ruleEnabled_", 18) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Enabled Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 18); + } + else if (filterPointer->id != atoi(command->part(0) + 18)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 18); + } + + if (strcmp(command->part(1), "1") == 0) + filterPointer->enabled = true; + else + filterPointer->enabled = false; + } + + // Fragmentation + else if (strncmp(command->part(0), "prefs_ruleAllowFrags_", 21) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sRule Fragmentation Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (filterPointer == 0) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 21); + } + else if (filterPointer->id != atoi(command->part(0) + 21)) + { + filterPointer = addFilter(filterListPointer); + filterPointer->id = atoi(command->part(0) + 21); + } + + if (strcmp(command->part(1), "off") == 0) + filterPointer->fragments = false; + else + filterPointer->fragments = true; + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + + // Addresses + else if (strncmp(command->part(0), "addrObj", 7) == 0) + { + + objectListPointer = getObjectList(i18n("Global Address List")); + objectListPointer->type = addressBookObject; + objectListPointer->protocolSupported = false; + objectListPointer->title = i18n("Address List"); // Pointer to the object name text + objectListPointer->description = i18n("This section details the host and network definitions configured on *DEVICENAME*."); // Pointer to the description text + currentObject = 1000; + + while ((feof(device->inputFile) == 0) && (strncmp(command->part(0), "addrObj", 7) == 0)) + { + + // Name... + if (strncmp(command->part(0), "addrObjIdDisp_", 14) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAddress Object Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 14)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = hostObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 14); + } + + objectPointer->label.assign(strstr(line, command->part(1))); + } + + // IP1... + else if (strncmp(command->part(0), "addrObjIp1_", 11) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Address Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 11)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = hostObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 11); + } + + objectPointer->name.assign(command->part(1)); + } + + // IP2... + else if (strncmp(command->part(0), "addrObjIp2_", 11) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Netmask Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 11)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = hostObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 11); + } + + objectPointer->netmask.assign(command->part(1)); + if (objectPointer->name.compare("0.0.0.0") == 0) + { + objectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + else if (objectPointer->netmask.compare("0.0.0.0") == 0) + { + objectPointer->type = hostObject; + objectPointer->netmask.compare("255.255.255.255"); + } + else if (objectPointer->netmask.compare("255.255.255.255") != 0) + objectPointer->type = networkObject; + } + + // Zone... + else if (strncmp(command->part(0), "addrObjZone_", 12) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sObject Netmask Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 12)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = hostObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 12); + } + + if (strlen(command->part(1)) > 0) + { + tempListPointer = getObjectList(command->part(1)); + tempListPointer->type = addressBookObject; + tempListPointer->protocolSupported = false; + tempListPointer->title = i18n("Address List"); // Pointer to the object name text + tempListPointer->description = i18n("This section details the host and network definitions configured on *DEVICENAME*."); + + subObjectPointer = addObject(tempListPointer); + copySourceToDestinationObjects(objectPointer, subObjectPointer); + objectPointer->deleteMe = true; + objectPointer = subObjectPointer; + } + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + + // Services + else if ((strncmp(command->part(0), "svcObj", 6) == 0) || (strncmp(command->part(0), "prefs_svc", 9) == 0) || (strncmp(command->part(0), "serviceInternalName", 19) == 0)) + { + + objectListPointer = getObjectList(i18n("Service definition list")); + objectListPointer->type = serviceListObject; + objectListPointer->protocolSupported = true; + objectListPointer->title = i18n("Service Definition List"); // Pointer to the object name text + objectListPointer->description = i18n("This section details the services definitions configured on *DEVICENAME*."); // Pointer to the description text + currentObject = 1000; + + while ((feof(device->inputFile) == 0) && ((strncmp(command->part(0), "svcObj", 6) == 0) || (strncmp(command->part(0), "prefs_svc", 9) == 0) || (strncmp(command->part(0), "serviceInternalName", 19) == 0))) + { + + // Service Port (start)... + if (strncmp(command->part(0), "svcObjPort1_", 12) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Start Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 12)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 12); + } + + objectPointer->name.assign(command->part(1)); + } + else if (strncmp(command->part(0), "prefs_svcPortNum_", 17) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Start Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 17)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 17); + } + + objectPointer->name.assign(command->part(1)); + } + + // Service Port (end)... + else if (strncmp(command->part(0), "svcObjPort2_", 12) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService End Port Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 12)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 12); + } + + objectPointer->netmask.assign(command->part(1)); + if (atoi(objectPointer->netmask.c_str()) < atoi(objectPointer->name.c_str())) + { + objectPointer->netmask.assign(objectPointer->name); + } + else if (objectPointer->netmask.compare(objectPointer->name) != 0) + objectPointer->serviceOper = serviceOperRange; + else if ((strcmp(objectPointer->netmask.c_str(), "65535") == 0) && (strcmp(objectPointer->name.c_str(), "65535") == 0)) + objectPointer->serviceOper = serviceOperAny; + } + else if (strncmp(command->part(0), "prefs_svcPortEnd_", 17) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Start End Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 17)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 17); + } + + objectPointer->netmask.assign(command->part(1)); + if (atoi(objectPointer->netmask.c_str()) < atoi(objectPointer->name.c_str())) + { + objectPointer->netmask.assign(objectPointer->name); + } + else if (objectPointer->netmask.compare(objectPointer->name) != 0) + objectPointer->serviceOper = serviceOperRange; + else if ((strcmp(objectPointer->netmask.c_str(), "65535") == 0) && (strcmp(objectPointer->name.c_str(), "65535") == 0)) + objectPointer->serviceOper = serviceOperAny; + } + + // Service Object Type... + else if (strncmp(command->part(0), "svcObjType_", 11) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Object Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 11)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 11); + } + + if (strcmp(command->part(1), "2") == 0) + objectPointer->deleteMe = true; + } + + + // Service IP Type... + else if (strncmp(command->part(0), "svcObjIpType_", 13) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService IP Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 13)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 13); + } + + subObjectPointer = addObject(objectPointer, protocol); + if (strcmp(command->part(1), "0") == 0) + { + subObjectPointer->name.assign(i18n("Any")); + subObjectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + else + { + tempString.assign(device->getProtocol(atoi(command->part(1)))); + if (tempString.empty()) + subObjectPointer->name.assign(command->part(1)); + else + subObjectPointer->name.assign(tempString); + } + } + else if (strncmp(command->part(0), "prefs_svcIPType_", 16) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService IP Type Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 16)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 16); + } + + subObjectPointer = addObject(objectPointer, protocol); + if (strcmp(command->part(1), "255") == 0) + { + subObjectPointer->name.assign(i18n("Any")); + subObjectPointer->type = anyObject; + objectPointer->serviceOper = serviceOperAny; + } + else + { + tempString.assign(device->getProtocol(atoi(command->part(1)))); + if (tempString.empty()) + subObjectPointer->name.assign(command->part(1)); + else + subObjectPointer->name.assign(tempString); + } + } + + // Service Name... + else if (strncmp(command->part(0), "svcObjId_", 9) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 9)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 9); + } + + objectPointer->label.assign(strstr(line, command->part(1))); + } + else if (strncmp(command->part(0), "prefs_svcName_", 14) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sService Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (currentObject != atoi(command->part(0) + 14)) + { + objectPointer = addObject(objectListPointer); + objectPointer->type = serviceObject; + objectPointer->serviceOper = serviceOperEqual; + currentObject = atoi(command->part(0) + 14); + } + + objectPointer->label.assign(strstr(line, command->part(1))); + } + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + + // Service Groups... + else if ((strncmp(command->part(0), "so_atomToGrp_", 13) == 0) || (strncmp(command->part(0), "so_grpToGrp_", 12) == 0)) + { + + while ((strncmp(command->part(0), "so_atomToGrp_", 13) == 0) || (strncmp(command->part(0), "so_grpToGrp_", 12) == 0)) + { + + // Service to add to a group... + if (strncmp(command->part(0), "so_atomToGrp_", 13) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sGroup Item Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempString.assign(strstr(line, command->part(1))); + } + + // Service to add to a group... + else if (strncmp(command->part(0), "so_grpToGrp_", 12) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sGroup Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer = getObjectList(strstr(line, command->part(1))); + objectListPointer->type = serviceObject; + objectListPointer->title = i18n("Service Group Definitions"); // Pointer to the object name text + objectListPointer->description = i18n("It is possible on *DEVICETYPE* devices to group service definitions in order to ease administration. This section details those service groups."); // Pointer to the description text + + objectPointer = addObject(objectListPointer); + objectPointer->name.assign(tempString); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + } + + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + + // address Groups... + else if ((strncmp(command->part(0), "addro_grpToGrp_", 15) == 0) || (strncmp(command->part(0), "addro_atomToGrp_", 16) == 0)) + { + + while ((strncmp(command->part(0), "addro_grpToGrp_", 15) == 0) || (strncmp(command->part(0), "addro_atomToGrp_", 16) == 0)) + { + + // Service to add to a group... + if (strncmp(command->part(0), "addro_atomToGrp_", 16) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAddress Group Item Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + tempString.assign(strstr(line, command->part(1))); + } + + // Service to add to a group... + else if (strncmp(command->part(0), "addro_grpToGrp_", 15) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sAddress Group Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + objectListPointer = getObjectList(strstr(line, command->part(1))); + objectListPointer->type = hostObject; + objectListPointer->title = i18n("Address Groups"); // Pointer to the object name text + objectListPointer->description = i18n("It is possible on *DEVICETYPE* devices to group host and network definitions in order to ease administration. This section details those groups."); // Pointer to the description text + + objectPointer = addObject(objectListPointer); + objectPointer->name.assign(tempString); + objectPointer->type = groupObject; + objectPointer->serviceOper = serviceOperEqual; + } + + + // All others... + else + device->lineNotProcessed(line); + + // Read a line from the config... + fgetpos(device->inputFile, &filePosition); + device->readLine(line, lineSize); + + // Split it up into parts... + command->setConfigLine(line); + } + + // Set file position back + fsetpos(device->inputFile, &filePosition); + } + + + // All others... + else + device->lineNotProcessed(line); + + return errorCode; +} + diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/filter.h b/libnipper-0.12.6/SonicWALL-SonicOS/filter.h new file mode 100644 index 0000000..6ec82cc --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/filter.h @@ -0,0 +1,52 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef SonicOSFilter_H +#define SonicOSFilter_H + + +#include "../device/filter/filter.h" + + +class SonicOSFilter : public Filter +{ + public: + SonicOSFilter(); + ~SonicOSFilter(); + + + private: + // Device specific methods... + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); +}; + + +#endif + diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/general.cpp b/libnipper-0.12.6/SonicWALL-SonicOS/general.cpp new file mode 100644 index 0000000..6549396 --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/general.cpp @@ -0,0 +1,134 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" + + +// Initialisation... +SonicOSGeneral::SonicOSGeneral() +{ +} + + +int SonicOSGeneral::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Hostname + if (strcmp(command->part(0), "firewallName") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sHostname Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + hostname.assign(strstr(line, command->part(1))); + } + + // Serial Number + else if (strcmp(command->part(0), "serialNumber") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSerial Number Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + serialNumber.assign(command->part(1)); + } + + return 0; +} + + +int SonicOSGeneral::processDefaults(Device *device) +{ + // Split Version Numbers... +/* if (!version.empty()) + { + versionMajor = atoi(version.c_str()); + if ((version.find_first_of('.') != string::npos) && (version.length() > version.find_first_of('.') + 1)) + versionMinor = atoi(version.c_str() + version.find_first_of('.') + 1); + }*/ + + return 0; +} + + +int SonicOSGeneral::generateConfigSpecificReport(Device *device) +{ + // Variables... + Device::configReportStruct *configReportPointer = 0; + Device::paragraphStruct *paragraphPointer = 0; + int errorCode = 0; + + // Get Config Report Section... + configReportPointer = device->getConfigSection("CONFIG-GENERAL"); + + // Get Paragraph Pointer... + paragraphPointer = device->getTableParagraphPointer("CONFIG-GENERAL-TABLE"); + + // Serial Number... + device->addTableData(paragraphPointer->table, i18n("Serial Number")); + device->addTableData(paragraphPointer->table, serialNumber.c_str()); + + return errorCode; +} + + +int SonicOSGeneral::generateSecuritySpecificReport(Device *device) +{ + // Variables... + int errorCode = 0; +/* + // Service Password Encryption... + if (servicePasswordEncryption == off) + { + securityIssuePointer = device->addSecurityIssue(); + securityIssuePointer->title.assign(i18n("Service Password Encryption Disabled")); + securityIssuePointer->reference.assign("IOS.PASSENCR.1"); + securityIssuePointer->overallRating = 8; + securityIssuePointer->impactRating = 9; + securityIssuePointer->easeRating = 2; + securityIssuePointer->fixRating = 1; + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Finding); + paragraphPointer->paragraph.assign(i18n("Cisco service passwords by default are stored in their clear text form rather than being encrypted. However, it is possible to have these passwords stored using the reversible Cisco type-7 encryption. *COMPANY* determined that the service password encryption that helps to provide a basic level of encryption for passwords that otherwise would be stored in clear text was disabled on the Cisco device *DEVICENAME*.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Impact); + paragraphPointer->paragraph.assign(i18n("The Cisco type-7 password encryption provides little in the way of protection against an attacker who has access to the configuration file. However, the Cisco type-7 password encryption would provide a level of protect against a malicious user who had managed to briefly view a devices configuration.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Ease); + paragraphPointer->paragraph.assign(i18n("If a malicious user were able to glance a password from a devices configuration they could use it to gain a level of access to *DEVICENAME*. If the passwords were encrypted using the Cisco type-7 routine, a malicious user that had access to the devices configuration would have to decode the password first. Tools are widely available on the Internet that can reverse Cisco type-7 passwords.")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*COMPANY* recommends that the Cisco password encryption service be enabled. The Cisco password encryption service can be started with the following Cisco *ABBREV*IOS*-ABBREV* command:")); + paragraphPointer = device->addParagraph(securityIssuePointer, Device::Recommendation); + paragraphPointer->paragraph.assign(i18n("*CODE**COMMAND*service password-encryption*-COMMAND**-CODE*")); + securityIssuePointer->conLine.assign(i18n("service password encryption was disabled")); + securityIssuePointer->recLine.assign(i18n("enable the service password encryption")); + }*/ + return errorCode; +} diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/general.h b/libnipper-0.12.6/SonicWALL-SonicOS/general.h new file mode 100644 index 0000000..3e9f6ac --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/general.h @@ -0,0 +1,56 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef SonicOSdevicegeneral_H +#define SonicOSdevicegeneral_H + +#include "../device/general/general.h" + + +class SonicOSGeneral : public General +{ + public: + SonicOSGeneral(); + + // Processing... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Reporting... + virtual int generateConfigSpecificReport(Device *device); + virtual int generateSecuritySpecificReport(Device *device); + + private: + string serialNumber; +}; + + +#endif diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp b/libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp new file mode 100644 index 0000000..8b98630 --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/snmp.cpp @@ -0,0 +1,214 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +// Include... +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "general.h" +#include "snmp.h" + + +using namespace std; + + +SonicOSSNMP::SonicOSSNMP() +{ + // Init SNMP support options... + deviceSNMPSupportText = i18n("*ABBREV*SNMP*-ABBREV* version 1 can be configured on *DEVICETYPE* devices to provide remote management capabilities. Furthermore, *ABBREV*SNMP*-ABBREV* traps can be sent to a *ABBREV*NMS*-ABBREV*."); // Intro Config section device specific text. + supportSNMP3 = false; // Does this device support SNMPv3? + supportSNMP3Upgrade = false; // Do you have to upgrade to get support for SNMPv3 + supportSNMP3UpgText = i18n(""); // SNMP 3 is supported from OS version ... + disableSNMPCmdText = i18n("*ABBREV*SNMP*-ABBREV* can be disabled using the *DEVICETYPE* device web management interface."); // The text and command(s) to disable SNMP support + configSNMPCommunityText = i18n("The *ABBREV*SNMP*-ABBREV* community string can be configured using the *DEVICETYPE* device web management interface."); // The text and command(s) to configure a community string + configSNMP3Text = i18n(""); // The text and command(s) to configure SNMP version 3 + configSNMPViewText = i18n(""); // The text and command(s) to configure SNMP views + configSNMPTrapsText = i18n(""); // The text and command(s) to configure SNMP traps + configSNMPInformsText = i18n(""); // The text and command(s) to configure SNMP informs + configSNMPReadOnlyText = i18n(""); // The text and command(s) to configure SNMP read only access + configSNMPFilterText = i18n(""); // The text and command(s) to configure SNMP filtering + + enabled = false; // Is the SNMP server enabled? + snmp12Enabled = false; // Is SNMP versions 1 or 2 configured? + snmp3Enabled = false; // Is SNMP version 3 configured? + listenPort = 161; // The UDP port SNMP will listen on + + snmpFilterText = i18n("Access Rule List"); // The device specific description of a filter (i.e. Cisco called them ACL) + snmpFilterIPv6Text = i18n("*ABBREV*IPv6*-ABBREV* Filter"); + + // Community Options... + communityView = false; // SNMP view for the community + communityFilter = false; // SNMP Network Filtering + communityIPv6Filter = false; // SNMP IPv6 Network Filtering + communitySpecificFilters = false; // If the device uses an SNMP specific list. If false, it is std device filters + communityRequiresHosts = false; // If the SNMP community will not work without a list of those who can access it + + // Default communities... + defaultReadOnly = "public"; // Default read only community + defaultReadWrite = ""; // Default read/write community + defaultReadWriteAll = ""; // Default read/write all community + + // SNMP Trap/Inform Host Options... + trapsOnly = true; // Only Traps are supported + trapsSNMPv3 = false; // SNMP v3 support for traps + trapsShowPort = false; // Show Trap Host Port in Table + trapsInterface = false; // Show Interface in Table + trapsInterfaceText = i18n("Interface"); // The Traps/Informs Host Table Interface Column Title + trapsShowNotifications = false; // Show Notifications in the Table + trapsShowEventLevel = false; // Show Notification Event Level in the Table + + // Traps/Informs Options... + trapsShowExcluded = false; // Show excluded traps + trapsShowOptions = false; // Show trap options + + // Host Options... + hostShowInterface = false; // Show the Interface in the Table + hostShowCommunity = true; // Show the Community in the Table + hostShowFilterID = false; // Show a filter ID if used + hostFilterText = i18n("Filter"); // The Table column title for the filter text +} + + +int SonicOSSNMP::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + // Variables... + snmpCommunity *communityPointer = 0; + snmpHostStruct *trapHostPointer = 0; + + // Enabled... + if (strcmp(command->part(0), "snmp_Enable") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Enable Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (strcmp(command->part(1), "on") == 0) + { + enabled = true; + snmp12Enabled = true; + } + } + + // Name... + else if (strcmp(command->part(0), "snmp_Mib2SysName") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Name Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + name.assign(strstr(line, command->part(1))); + } + + // Location... + else if (strcmp(command->part(0), "snmp_Mib2SysLocation") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Location Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + location.assign(strstr(line, command->part(1))); + } + + // Contact... + else if (strcmp(command->part(0), "snmp_Mib2SysContact") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Contact Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + contact.assign(strstr(line, command->part(1))); + } + + // Community... + else if (strcmp(command->part(0), "snmp_GetCommunity") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + { + communityPointer = addSNMPCommunity(); + communityPointer->enabled = true; + communityPointer->community.assign(strstr(line, command->part(1))); + communityPointer->type = communityReadOnly; + communityPointer->version = 1; + } + } + + // Trap Community... + else if (strcmp(command->part(0), "snmp_TrapCommunity") == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Community Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + trapCommunity.assign(strstr(line, command->part(1))); + } + + // Trap Hosts... + else if (strncmp(command->part(0), "snmp_HostIP", 11) == 0) + { + if (device->config->reportFormat == Config::Debug) + printf("%sSNMP Trap Host Line:%s %s\n", device->config->COL_GREEN, device->config->COL_RESET, line); + + if (command->parts > 1) + { + trapHostPointer = addHost(); + trapHostPointer->community.assign(trapCommunity); + trapHostPointer->host.assign(strstr(line, command->part(1))); + } + } + + // All others... + else + device->lineNotProcessed(line); + + return 0; +} + + +int SonicOSSNMP::generateConfigSpecificReport(Device *device) +{ + // Device specific code for the config report goes here + + return 0; +} + + +int SonicOSSNMP::processDefaults() +{ + // Any default setting post processing code goes here... + + return 0; +} + diff --git a/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h b/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h new file mode 100644 index 0000000..2198855 --- /dev/null +++ b/libnipper-0.12.6/SonicWALL-SonicOS/snmp.h @@ -0,0 +1,53 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef SonicOSdevicesnmp_H +#define SonicOSdevicesnmp_H + +#include "../device/snmp/snmp.h" + + +class SonicOSSNMP : public SNMP +{ + public: + SonicOSSNMP(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(); + virtual int generateConfigSpecificReport(Device *device); + + private: + string trapCommunity; +}; + + +#endif diff --git a/libnipper-0.12.6/TODO b/libnipper-0.12.6/TODO new file mode 100644 index 0000000..d45156d --- /dev/null +++ b/libnipper-0.12.6/TODO @@ -0,0 +1,67 @@ +TODO List +========= + +For 0.14 +-------- + ! References... + + ! Executive summary at the start of the report? + ! Export the recommendation table to a CSV (code this at the same time as the ACL CSV) + + ! CheckPoint device name detection (use Installed column/then policy name/then noname) + + ! Seperate issues for ICMP and other protocols. + + ! Add RFC references to the common network ports appendix section + + ! Update the banner code after console, http, telnet, ssh and so on have been added + ! Update ProCurve IPv6 Telnet code after interfaces have been collected + ! Add ProCurve model detection, based on the version/model no. + ! IOS Administration + > Line Passwords (add to authentication section) + > TACACS (add to authentication section) + > TFTP + ! Passport SNMP + ! Passport Administration + ! Check cipher support for IOS, CSS, CatOS and HP devices + + ! Method to display available compliance checks + ! XML compliance check input file + ! Compliance issues should report what they check, the input and output. + ! Compliance issues should also list whether the issue is compliant if it matches or if it doesn't + + * GUI Interface program (nipperGUI) + * Config (load config file to memory, process then free memory) + * SNMP code to get Cisco configs remotely. + * Absolute ACL for each interface/VLAN + * Internationalisation + * Obfuscation of IP addresses (e.g. a.b.x.x) + * Configuration / Security Issues (improvements) + > Protocol/traffic analysis + > VPN configuration + > Appendix section includes a copy of the original config + > Compare passwords for different levels (i.e. Login and Enable passwords should not match) + > Wireless configuration + > Report section on the ports/protocols allowed. + > Protocols analysis, depending on network filtering + > Security issue - shared passwords + * Report writing code + > Latex Improvements + > ODF Support + > PDF Support + > SQL Support + * Compliancy Checking + * Difference configuration files + * Auditor configuration (output config settings to appendix) + * Support for new devices + > 3Com SuperStack + > Watchguard Firebox + > Fortinet FortiGate + > Nortel Alteon + > Nortel Baystack + > Foundry Switches + > Entrasys Matrix + > Entrasys SecureStack + > Cyberguard + > IPTables + > Quagga (.net) / Zebra diff --git a/libnipper-0.12.6/Template-Device/.svn/all-wcprops b/libnipper-0.12.6/Template-Device/.svn/all-wcprops new file mode 100644 index 0000000..43993c3 --- /dev/null +++ b/libnipper-0.12.6/Template-Device/.svn/all-wcprops @@ -0,0 +1,113 @@ +K 25 +svn:wc:ra_dav:version-url +V 54 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device +END +device.h +K 25 +svn:wc:ra_dav:version-url +V 63 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/device.h +END +banner.cpp +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/banner.cpp +END +banner.h +K 25 +svn:wc:ra_dav:version-url +V 63 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/banner.h +END +general.cpp +K 25 +svn:wc:ra_dav:version-url +V 66 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/general.cpp +END +snmp.cpp +K 25 +svn:wc:ra_dav:version-url +V 63 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/snmp.cpp +END +authentication.cpp +K 25 +svn:wc:ra_dav:version-url +V 73 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/authentication.cpp +END +snmp.h +K 25 +svn:wc:ra_dav:version-url +V 61 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/snmp.h +END +general.h +K 25 +svn:wc:ra_dav:version-url +V 64 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/general.h +END +interfaces.cpp +K 25 +svn:wc:ra_dav:version-url +V 69 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/interfaces.cpp +END +dns.cpp +K 25 +svn:wc:ra_dav:version-url +V 62 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/dns.cpp +END +authentication.h +K 25 +svn:wc:ra_dav:version-url +V 71 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/authentication.h +END +filter.cpp +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/filter.cpp +END +administration.cpp +K 25 +svn:wc:ra_dav:version-url +V 73 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/administration.cpp +END +interfaces.h +K 25 +svn:wc:ra_dav:version-url +V 67 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/interfaces.h +END +dns.h +K 25 +svn:wc:ra_dav:version-url +V 60 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/dns.h +END +administration.h +K 25 +svn:wc:ra_dav:version-url +V 71 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/administration.h +END +filter.h +K 25 +svn:wc:ra_dav:version-url +V 63 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/filter.h +END +device.cpp +K 25 +svn:wc:ra_dav:version-url +V 65 +/svn/!svn/ver/3/trunk/libnipper-0.12.6/Template-Device/device.cpp +END diff --git a/libnipper-0.12.6/Template-Device/.svn/entries b/libnipper-0.12.6/Template-Device/.svn/entries new file mode 100644 index 0000000..bcb23db --- /dev/null +++ b/libnipper-0.12.6/Template-Device/.svn/entries @@ -0,0 +1,640 @@ +10 + +dir +3 +http://nipper-ng.googlecode.com/svn/trunk/libnipper-0.12.6/Template-Device +http://nipper-ng.googlecode.com/svn + + + +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + +2c5bb9bc-dde4-11de-95c9-073ad895b44c + +banner.h +file + + + + +2016-02-13T06:47:11.364157Z +e8045a14184e89a54ea176c0a9a28d5c +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2538 + +general.cpp +file + + + + +2016-02-13T06:47:11.364157Z +419492bac293978887eb4a411fa46804 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +6838 + +snmp.cpp +file + + + + +2016-02-13T06:47:11.364157Z +2e4d9a1c932a1c59aee4e5b5cdce138b +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +7718 + +authentication.cpp +file + + + + +2016-02-13T06:47:11.364157Z +46dce696de22a2f2c7008dafe73c9576 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +5220 + +snmp.h +file + + + + +2016-02-13T06:47:11.364157Z +5e697cdf8cd845fe25535b7468de04a7 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2704 + +general.h +file + + + + +2016-02-13T06:47:11.364157Z +e21efb14f07a8e7805768bf2715d3e7a +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2807 + +interfaces.cpp +file + + + + +2016-02-13T06:47:11.364157Z +27c8621d5db1387c5c554e54e2dd875c +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4918 + +dns.cpp +file + + + + +2016-02-13T06:47:11.364157Z +9b1986e78ada18cb1b82ba352772e4ad +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +4018 + +authentication.h +file + + + + +2016-02-13T06:47:11.364157Z +18b31c806462481ee80a1798ecae5599 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2784 + +filter.cpp +file + + + + +2016-02-13T06:47:11.364157Z +998940e959e436fc3dff193c2bc06240 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +16925 + +administration.cpp +file + + + + +2016-02-13T06:47:11.364157Z +3029e7f7907bc9db983f5ddca597649e +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +9415 + +interfaces.h +file + + + + +2016-02-13T06:47:11.364157Z +2457757660a7ac55f1b28dbf54fe9323 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2605 + +dns.h +file + + + + +2016-02-13T06:47:11.364157Z +9753dc6b3d62f39ed2f93ae39925d925 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2576 + +administration.h +file + + + + +2016-02-13T06:47:11.364157Z +a674d35c3e85e1e092a9eb826920d1c3 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3263 + +filter.h +file + + + + +2016-02-13T06:47:11.364157Z +55de79521a7c83e61421d3afe17c4105 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2572 + +device.cpp +file + + + + +2016-02-13T06:47:11.364157Z +2249fb116ff6001e8f3093b53389ac4a +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +3373 + +device.h +file + + + + +2016-02-13T06:47:11.364157Z +ee05bd731604d983d626c5258acd2d48 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2509 + +banner.cpp +file + + + + +2016-02-13T06:47:11.364157Z +65117c13065675b20205d5365b08e933 +2009-11-30T19:58:34.980527Z +3 +dave@drstrangelove.net + + + + + + + + + + + + + + + + + + + + + +2896 + diff --git a/libnipper-0.12.6/Template-Device/.svn/text-base/administration.cpp.svn-base b/libnipper-0.12.6/Template-Device/.svn/text-base/administration.cpp.svn-base new file mode 100644 index 0000000..0d11415 --- /dev/null +++ b/libnipper-0.12.6/Template-Device/.svn/text-base/administration.cpp.svn-base @@ -0,0 +1,173 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "administration.h" + + +Administration::Administration() +{ + + // ----------------------------------------------------------------------- + // Device Specific Settings... + // ----------------------------------------------------------------------- + + // General... + generalSettings = false; // Show the general settings section? + consoleEnabled = false; // Is the Console port enabled? + consoleSupported = false; // Is a console port supported? + consoleTimeoutSupported = false; // Is a console timeout supported? + consoleTimeout = 0; // Console timeout + configConsoleTimeout = i18n(""); // The text and commands to configure the timeout + auxSupported = false; // Are AUX port(s) supported? + auxEnabled = false; // Is AUX port(s) enabled? + configAuxPort = i18n(""); // The text and commands to disable the AUX port + connectionTimeoutSupported = false; // Is a connection timeout supported? + connectionTimeout = 0; // Connection Timeout + configTimeout = i18n(""); // The text and commands to configure the timeout + cdpSupported = false; // Is CDP supported (globally, see interfaces for per interface activation) + cdpEnabled = false; // Is CDP enabled + cdpVersionSupported = false; // Is CDP version supported + cdpVersion = 0; // CDP version + disableCDPText = i18n(""); // The text and commands to disable CDP + + // Host restrictions... + serviceWideHosts = false; // Do all the admin services share a common host restrictions? + showHostInterface = false; // Show the Interface column in the host table? + showHostAccess = false; // Show the Access column in the host table? + serviceConfigHosts = i18n(""); // Text, how to configure administrative host restrictions. + + // Telnet options... + telnetSupported = false; // Is telnet supported? + telnetEnabled = false; // Is Telnet enabled? + telnetPort = 23; // The telnet service port + telnetSpecificHost = false; // Does Telnet have its own access list? + telnetHostsRequired = false; // Is the host configuration required? + showTelnetHostInterface = false; // Show the Interface column in the host table? + showTelnetHostAccess = false; // Show the Access column in the host table? + configTelnetHostAccess = i18n(""); // How access lists are configured for the telnet service + disableTelnet = i18n(""); // How to disable telnet text... + telnetSpecificTimeout = false; // A Telnet Specific Timeout? + telnetTimeout = 0; // The Telnet Timeout (secs) + configTelnetTimeout = i18n(""); // The text and commands to configure the timeout + + // TFTP options... + tftpSupported = false; // Is TFTP supported? + tftpEnabled = false; // Is TFTP enabled? + tftpPort = 69; // The TFTP service port + tftpSpecificHost = false; // Does TFTP have its own access list? + tftpHostsRequired = false; // Is the host configuration required? + showTFTPHostInterface = false; // Show the Interface column in the host table? + showTFTPHostAccess = false; // Show the Access column in the host table? + configTFTPHostAccess = i18n(""); // How access lists are configured for the TFTP service + disableTFTP = i18n(""); // How to disable TFTP text... + + // FTP options... + ftpSupported = false; // Is FTP supported? + ftpEnabled = false; // Is FTP enabled? + ftpPort = 21; // The FTP service port + ftpSpecificHost = false; // Does FTP have its own access list? + ftpHostsRequired = false; // Is the host configuration required? + showFTPHostInterface = false; // Show the Interface column in the host table? + showFTPHostAccess = false; // Show the Access column in the host table? + configFTPHostAccess = i18n(""); // How access lists are configured for the FTP service + disableFTP = i18n(""); // How to disable FTP text... + ftpSpecificTimeout = false; // A FTP Specific Timeout? + ftpTimeout = 0; // The FTP Timeout (secs) + configFTPTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH options... + sshSupported = false; // Does this device support SSH? + sshUpgrade = false; // Do you have to upgrade? + sshEnabled = false; // Is the SSH service enabled? + sshVersion = 0; // What is the SSH Protocol version (0 = 1 and 2) + sshPort = 22; // The SSH port number + configSSHSupport = i18n(""); // How to configure SSH... + sshSpecificHost = false; // Does SSH have its own access list? + sshHostsRequired = false; // Is the host configuration required? + showSSHHostInterface = false; // Show the Interface column in the host table? + showSSHHostAccess = false; // Show the Access column in the host table? + configSSHHostAccess = i18n(""); // How to configure SSH... + sshSpecificTimeout = false; // A SSH Specific Timeout? + sshTimeout = 0; // The SSH Timeout (secs) + configSSHTimeout = i18n(""); // The text and commands to configure the timeout + + // SSH Options + sftpEnabled = false; // Is SFTP enabled? + sftpSupported = false; // Is SFTP supported? + scpSupported = false; // Is SCP supported? + scpEnabled = false; // Is SCP enabled? + + // SSH 2 support... + ssh2Supported = false; // Does the device support SSH version 2? + ssh2upgrade = false; // Do you have to upgrade... + configSSHv2Support = i18n(""); // How to configure protocol version 2 support only + + // Config report SSH support text + sshConfigProtocolSupport = i18n(""); // Config report text on protocol support (e.g. supports both version 1 and 2 of the protocol) + + // HTTP(S) options... + httpSupported = false; // Does this device support HTTP + httpsSupported = false; // Does this device support HTTPS + httpsUpgrade = false; // Do you have to upgrade for HTTPS? + httpEnabled = false; // Is the HTTP service enabled? + httpPort = 80; // HTTP port + httpsEnabled = false; // Is the HTTPS service enabled? + httpsPort = 443; // HTTPS port + httpsRedirect = false; // Is HTTP to HTTPS redirect enabled? + httpSpecificTimeout = false; // A HTTP Specific Timeout? + httpTimeout = 0; // The HTTP Timeout (secs) + configHTTPTimeout = i18n(""); // The text and commands to configure the timeout + httpLabel = i18n("*ABBREV*HTTP*-ABBREV*"); // The label given to the HTTP service (e.g. HTTP) + httpsLabel = i18n("*ABBREV*HTTPS*-ABBREV*"); // The label given to the HTTPS service (e.g. HTTPS) + httpSpecificHost = false; // Does HTTP have its own access list? + httpHostsRequired = false; // Is the host configuration required? + showHTTPHostInterface = false; // Show the Interface column in the host table? + showHTTPHostAccess = false; // Show the Access column in the host table? + configHTTPHostAccess = i18n(""); // How to configure HTTP Management hosts... + disableHTTP = i18n(""); // How to disable HTTP text... + configHTTPSSupport = i18n(""); // How to configure HTTPS... +} + + +int Administration::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + return 0; +} + + +int Administration::processDefaults(Device *device) +{ + return 0; +} + diff --git a/libnipper-0.12.6/Template-Device/.svn/text-base/administration.h.svn-base b/libnipper-0.12.6/Template-Device/.svn/text-base/administration.h.svn-base new file mode 100644 index 0000000..9ae71e4 --- /dev/null +++ b/libnipper-0.12.6/Template-Device/.svn/text-base/administration.h.svn-base @@ -0,0 +1,58 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef administration_H +#define administration_H + + +#include "../device/administration/administration.h" + + +class Administration : public Administration +{ + public: + + Administration(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); + + // Methods + //virtual int generateDeviceGeneralConfig(Device *device); // A device specific config report output + //virtual int generateDeviceTelnetConfig(Device *device); // A device specific config report output + //virtual int generateDeviceTFTPConfig(Device *device); // A device specific config report output + //virtual int generateDeviceFTPConfig(Device *device); // A device specific config report output + //virtual int generateDeviceSSHConfig(Device *device); // A device specific config report output + //virtual int generateDeviceHTTPConfig(Device *device); // A device specific config report output +}; + + +#endif diff --git a/libnipper-0.12.6/Template-Device/.svn/text-base/authentication.cpp.svn-base b/libnipper-0.12.6/Template-Device/.svn/text-base/authentication.cpp.svn-base new file mode 100644 index 0000000..2d170a2 --- /dev/null +++ b/libnipper-0.12.6/Template-Device/.svn/text-base/authentication.cpp.svn-base @@ -0,0 +1,108 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include +#include + +#include "../globaldefs.h" +#include "device.h" +#include "authentication.h" +#include "../device/common/configline.h" + + +Authentication::Authentication() +{ + // General... + authenticationConfigIntro = i18n("This section describes the various *DEVICETYPE* device authentication settings."); // Introduction text to the whole section + loginAttemptsSupported = false; // Login attempts supported + loginAttempts = 0; // Login attempts allowed (0 = infinite) + accessWithoutAuthentication = false; // Set to true if access is allowed without authentication + configAccessAuthentication = ""; // The text and commands to configure access authentication with a password + + // Authentication Methods... + authMethodSupported = false; // Authentication Method Supported + appliesToSupported = false; // Applies To Supported + namedAuthSupport = false; // Are auth servers named? + showAuthLevel = false; // Show auth level + + // Local User Options... + encryptionSupported = false; // Show encryption + readOnlySupported = false; // Is read only supported? + outboundACLSupported = false; // Are outbound filtering ACL supported? + privilegeLevelSupported = false; // Are privilege levels supported? + privilegeLevelText = i18n("Privilege Level"); // The table title privilege level text + configDeviceSpecificLocalUsers = ""; // Text for the config report local user section. + filterText = i18n("*ABBREV*ACL*-ABBREV*"); // The table filter column title text + + // TACACS Options... + showTacacsGroupName = false; // Show the TACACS group + showTacacsRetries = false; // Show the TACACS retries + configTacacsKey = i18n(""); // The text and commands to configure a TACACS+ key + + // RADIUS Options... + showRadiusGroupName = false; // Show the RADIUS group + configRadiusKey = i18n(""); // The text and commands to configure a RADIUS key + + // KERBEROS Options... + showKerberosGroupName = false; // Show the KERBEROS group + showKerberosTimeout = false; // Show Kerberos timeout + showKerberosRetries = false; // Show Kerberos retries + + // LDAP Options... + showLDAPGroupName = false; // Show the LDAP group + showLDAPPassword = false; // Show LDAP password + configLDAPPassword = i18n(""); // The text and commands to configure an LDAP server password + + // SecurID Options... + showSecurIDGroupName = false; // Show the SecurID group + showSecurIDDuress = false; // Show the SecurID Duress + showSecurIDEncryption = false; // Show the SecurID Encryption + + // NT Options... + showNTGroupName = false; // Show the NT group +} + + +int Authentication::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ +/* + // NOT PROCESSED... + else + device->lineNotProcessed(line); + + return errorCode;*/ +} + + +int Authentication::processDefaults(Device *device) +{ + return 0; +} diff --git a/libnipper-0.12.6/Template-Device/.svn/text-base/authentication.h.svn-base b/libnipper-0.12.6/Template-Device/.svn/text-base/authentication.h.svn-base new file mode 100644 index 0000000..bc5daed --- /dev/null +++ b/libnipper-0.12.6/Template-Device/.svn/text-base/authentication.h.svn-base @@ -0,0 +1,54 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef authentication_H +#define authentication_H + + +#include "../device/authentication/authentication.h" + + +class Authentication : public Authentication +{ + public: + + Authentication(); + + + // ----------------------------------------------------------------------- + // Standard Device Class Methods... + // ----------------------------------------------------------------------- + + int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + int processDefaults(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Template-Device/.svn/text-base/banner.cpp.svn-base b/libnipper-0.12.6/Template-Device/.svn/text-base/banner.cpp.svn-base new file mode 100644 index 0000000..ffdbae3 --- /dev/null +++ b/libnipper-0.12.6/Template-Device/.svn/text-base/banner.cpp.svn-base @@ -0,0 +1,52 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "banner.h" + + +Banner::Banner() +{ + // Banner settings... + preLogonBanner = false; // Support Banner(s) Before Logon? + postLogonBanner = false; // Support Banner(s) After Logon? + configPreLogonBanner = i18n(""); // The text that explains how to config a prelogon banner, with commands... + configPostLogonBanner = i18n(""); // The text that explains how to config a post logon banner, with commands... +} + + +int Banner::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + return 0; +} + diff --git a/libnipper-0.12.6/Template-Device/.svn/text-base/banner.h.svn-base b/libnipper-0.12.6/Template-Device/.svn/text-base/banner.h.svn-base new file mode 100644 index 0000000..b946df5 --- /dev/null +++ b/libnipper-0.12.6/Template-Device/.svn/text-base/banner.h.svn-base @@ -0,0 +1,49 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef banner_H +#define banner_H + + +#include "../device/banner/banner.h" + + +class Banner : public Banner +{ + public: + + Banner(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); +}; + + +#endif diff --git a/libnipper-0.12.6/Template-Device/.svn/text-base/device.cpp.svn-base b/libnipper-0.12.6/Template-Device/.svn/text-base/device.cpp.svn-base new file mode 100644 index 0000000..54f7aac --- /dev/null +++ b/libnipper-0.12.6/Template-Device/.svn/text-base/device.cpp.svn-base @@ -0,0 +1,86 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + + +#include "../globaldefs.h" +#include "device.h" +#include "../device/common/configline.h" +#include "general.h" + + +TemplateDevice::TemplateDevice() +{ + deviceMake = "Template Manufacturer"; + deviceType = "Template Device"; + deviceOS = "Template OS"; +} + + +int TemplateDevice::processDevice() +{ + // Variables... + char line[1024]; + ConfigLine command; + int tempInt = 0; + bool setting = false; + + // The process device configuration file loop... + while (feof(inputFile) == 0) + { + + // Read a line from the config... + readLine(line, sizeof(line)); + + // Split it up into parts... + command.setConfigLine(line); + + // Init +/* tempInt = 1; + if (strcmp(command.part(0), "unset") == 0) + setting = false; + else if (strcmp(command.part(0), "set") == 0) + setting = true; + + // Hostname (in general)... + if (strcmp(command.part(tempInt), "hostname") == 0) + { + if (general == 0) + general = new ScreenOSGeneral; + general->processDeviceConfig(this, &command, (char *)&line, sizeof(line)); + }*/ + + // All others... + else + lineNotProcessed(line); + } + + return 0; +} diff --git a/libnipper-0.12.6/Template-Device/.svn/text-base/device.h.svn-base b/libnipper-0.12.6/Template-Device/.svn/text-base/device.h.svn-base new file mode 100644 index 0000000..57c3a46 --- /dev/null +++ b/libnipper-0.12.6/Template-Device/.svn/text-base/device.h.svn-base @@ -0,0 +1,48 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that makes use of this library MUST display the * + * returned text of the Nipper::getVersion() method. Since the * + * text returned includes the version details and copyright of * + * the library, the sugested place to show it would be with the * + * callers "about program" information. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef device_Template_H +#define device_Template_H + + +#include "../device/device.h" + + +class TemplateDevice : public Device +{ + public: + TemplateDevice(); + + virtual int processDevice(); +}; + + +#endif diff --git a/libnipper-0.12.6/Template-Device/.svn/text-base/dns.cpp.svn-base b/libnipper-0.12.6/Template-Device/.svn/text-base/dns.cpp.svn-base new file mode 100644 index 0000000..26c47ab --- /dev/null +++ b/libnipper-0.12.6/Template-Device/.svn/text-base/dns.cpp.svn-base @@ -0,0 +1,82 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Include... +#include +#include + +#include "../globaldefs.h" +#include "../device/common/configline.h" +#include "device.h" +#include "dns.h" + + +TemplateDNS::TemplateDNS() +{ + nameMappingConfig = i18n("*DEVICETYPE* devices can be configured to resolve name to address mappings. This section details those settings."); // The text paragraph in the config section + + // Host configuration + showInterface = false; // Are interfaces supported? + + // DNS Client Settings + dnsClientSupported = false; // DNS Client Supported? + dnsLookupEnabled = false; // DNS lookups enabled? + disableLookup = ""; // The text and commands to disable DNS lookup + dnsRetries = 0; // DNS lookup retries + dnsRetriesSupported = false; // DNS lookup retries Supported? + dnsTimeout = 0; // DNS timeout + dnsTimeoutSupported = false; // DNS timeout Supported? + dnsRoundRobin = false; // DNS Round Robin + dnsRoundRobinSupported = false; // DNS Round Robin Supported? + + // DNS Server Options... + dnsRecordKeepAliveSupported = false; // Is the DNS keep Alive message type supported? + returnRecordsSupported = false; // Is the single/multiple record field supported? + dynamicDNSSupported = false; // Is Dynamic DNS Supported? + dnsServerSupported = false; // Is DNS Server Supported? + dnsServiceEnabled = false; // Is the DNS service enabled? + dynamicDNSEnabled = false; // Is dynamic DNS enabled? + dnsProxySupported = false; // Is DNS Proxy Server Supported? + dnsProxyEnabled = false; // Is the DNS Proxy service enabled? + dnsPort = 53; // DNS Server Port +} + + +int TemplateDNS::processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize) +{ + return 0; +} + + +int TemplateDNS::processDefaults(Device *device) +{ + return 0; +} + diff --git a/libnipper-0.12.6/Template-Device/.svn/text-base/dns.h.svn-base b/libnipper-0.12.6/Template-Device/.svn/text-base/dns.h.svn-base new file mode 100644 index 0000000..26bac2d --- /dev/null +++ b/libnipper-0.12.6/Template-Device/.svn/text-base/dns.h.svn-base @@ -0,0 +1,50 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +#ifndef TemplatedeviceDNS_H +#define TemplatedeviceDNS_H + + +#include "../device/dns/dns.h" + + +class TemplateDNS : public DNS +{ + public: + + TemplateDNS(); + + // Device specific methods... + virtual int processDeviceConfig(Device *device, ConfigLine *command, char *line, int lineSize); + virtual int processDefaults(Device *device); +}; + + +#endif diff --git a/libnipper-0.12.6/Template-Device/.svn/text-base/filter.cpp.svn-base b/libnipper-0.12.6/Template-Device/.svn/text-base/filter.cpp.svn-base new file mode 100644 index 0000000..b818e2a --- /dev/null +++ b/libnipper-0.12.6/Template-Device/.svn/text-base/filter.cpp.svn-base @@ -0,0 +1,174 @@ +/*************************************************************************** + * Nipper - The network infrastructure parser * + * Copyright (C) 2006 - 2008 by Ian Ventura-Whiting * + * fizz@titania.co.uk * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 3 of the License, or * + * (at your option) any later version. However, there are a number of * + * exceptions listed below. * + * * + * EXCEPTIONS TO THE GPL License: * + * 1. This code cannot be used as part of a commercial product. If a * + * commercial license is required, contact fizz@titania.co.uk for * + * licensing information. * + * 2. Any code that integrates Nipper MUST display the copyright * + * information below with the programs own copyright information. * + * * + * "Nipper Copyright (C) 2006 - 2008 by Ian Ventura-Whiting" * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see . * + * * + ***************************************************************************/ + +// Includes... +#include + +#include "../device/common/configline.h" +#include "../globaldefs.h" +#include "device.h" +#include "filter.h" + + +