corona 0.0.1

data/.rspec

@@ -0,0 +1 @@
+--colour

data/Gemfile

@@ -0,0 +1,14 @@
+source 'https://rubygems.org'
+ruby '2.0.0'
+
+gem 'sequel'
+gem 'sqlite3'
+gem 'snmp'
+
+group :development do
+  gem 'pry'
+end
+
+group :test do
+  gem 'rspec'
+end

data/Gemfile.lock

@@ -0,0 +1,32 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    coderay (1.0.9)
+    diff-lcs (1.2.3)
+    method_source (0.8.1)
+    pry (0.9.12)
+      coderay (~> 1.0.5)
+      method_source (~> 0.8)
+      slop (~> 3.4)
+    rspec (2.13.0)
+      rspec-core (~> 2.13.0)
+      rspec-expectations (~> 2.13.0)
+      rspec-mocks (~> 2.13.0)
+    rspec-core (2.13.1)
+    rspec-expectations (2.13.0)
+      diff-lcs (>= 1.1.3, < 2.0)
+    rspec-mocks (2.13.1)
+    sequel (3.46.0)
+    slop (3.4.4)
+    snmp (1.1.1)
+    sqlite3 (1.3.7)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  pry
+  rspec
+  sequel
+  snmp
+  sqlite3

data/README.md

@@ -0,0 +1,17 @@
+# About
+  Corona sends SNMP queries to defined CIDR ranges and populates SQL database based on nodes found. Some particular problems it tries to deal with:
+  * Only discover one node once
+  * To that effect it has priority list of idDescr lo0.0, loopback0, vlan2 etc. Higher priority will always replace lower priority interface (say you have MGMT in loop0 but giga0/2.42 has valid MGMT address towards L2 metro)
+  * Tries to handle gracefully renumbering, renaming, etc
+
+# Install
+  1. gem install corona
+  2. corona
+  3. ^C (break it)
+  4. edit ~/.config/corona/config 
+  5. put corona in crontab as _corona|mail -E -s 'new nodes found' foo@example.com_
+
+# Config
+  * You need to configure SNMP community
+  * You need to define CIDR to poll and CIDRs to ignore (subset of those you poll)
+  * CIDR in example config is list, but can be replaced with 'string' which points to file, where CIDRs are listed

data/Rakefile

@@ -0,0 +1,34 @@
+begin
+  require 'bundler'
+  require 'rspec/core/rake_task'
+  Bundler.setup
+rescue LoadError
+  warn 'missing dependencies'
+  exit 42
+end
+
+gemspec = eval(File.read(Dir['*.gemspec'].first))
+
+desc 'Validate the gemspec'
+task :gemspec do
+  gemspec.validate
+end
+
+RSpec::Core::RakeTask.new(:spec)
+
+desc "Build gem locally"
+task :build => [:spec, :gemspec] do
+  system "gem build #{gemspec.name}.gemspec"
+  FileUtils.mkdir_p "gems"
+  FileUtils.mv "#{gemspec.name}-#{gemspec.version}.gem", "gems"
+end
+
+desc "Install gem locally"
+task :install => :build do
+  system "sudo sh -c \'umask 022; gem install gems/#{gemspec.name}-#{gemspec.version}\'"
+end
+
+desc "Clean automatically generated files"
+task :clean do
+  FileUtils.rm_rf "gems"
+end

data/TODO.md

@@ -0,0 +1,6 @@
+# CLI options
+  * option to purge old device
+    * instead of _sqlite corona.db "delete from device where last_seen < datetime('now', '-7days')"
+
+# Core#process
+  * maybe it can be made cleaner/smarter

data/bin/corona

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby
+
+require 'corona'
+
+Corona.new

data/corona.gemspec

@@ -0,0 +1,18 @@
+Gem::Specification.new do |s|
+  s.name              = 'corona'
+  s.version           = '0.0.1'
+  s.platform          = Gem::Platform::RUBY
+  s.authors           = [ 'Saku Ytti' ]
+  s.email             = %w( saku@ytti.fi )
+  s.homepage          = 'http://github.com/ytti/corona'
+  s.summary           = 'device discovery via snmp polls'
+  s.description       = 'Threaded SNMP poll based network discovery. Devices are stored in SQL'
+  s.rubyforge_project = s.name
+  s.files             = `git ls-files`.split("\n")
+  s.executables       = %w( corona )
+  s.require_path      = 'lib'
+
+  s.add_dependency 'sequel'
+  s.add_dependency 'sqlite3'
+  s.add_dependency 'snmp'
+end

data/lib/corona/config/bootstrap.rb

@@ -0,0 +1,13 @@
+module Corona
+  require 'fileutils'
+  FileUtils.mkdir_p Config::Root
+  CFG.community = 'public'
+  CFG.db        = File.join Config::Root, 'corona.db'
+  CFG.poll      = %w( 10.10.10.0/24 10.10.20.0/24 )
+  CFG.ignore    = %w( 10.10.10.42/32 10.10.20.42/32 )
+  CFG.mgmt      = %w( lo0.0 loopback0 vlan2 )
+  CFG.threads   = 50
+  CFG.log       = File.join Config::Root, 'log'
+  CFG.debug     = false
+  CFG.save
+end

data/lib/corona/config/core.rb

@@ -0,0 +1,26 @@
+module Corona
+  require 'ostruct'
+  require 'yaml'
+  class Config < OpenStruct
+    Root      = File.join ENV['HOME'], '.config', 'corona'
+    Crash     = File.join Root, 'crash'
+    def initialize file=File.join(Config::Root, 'config')
+      super()
+      @file = file.to_s
+    end
+    def load
+      if File.exists? @file
+        marshal_load YAML.load_file @file 
+      else
+        require 'corona/config/bootstrap'
+      end
+    end
+    def save
+      File.write @file, YAML.dump(marshal_dump)
+    end
+  end
+  CFG = Config.new
+  CFG.load
+  Log.file = CFG.log if CFG.log
+  Log.level = Logger::INFO unless CFG.debug
+end

data/lib/corona/core.rb

@@ -0,0 +1,179 @@
+require 'corona/log'
+require 'corona/config/core'
+require 'corona/snmp'
+require 'corona/db'
+require 'ipaddr'
+require 'resolv'
+
+module Corona
+  class << self
+    def new
+      Core.new
+    end
+  end
+
+  class Core
+
+    private
+
+    def initialize
+      poll, ignore = resolve_networks
+      @mutex       = Mutex.new
+      @db          = DB.new
+      threads      = []
+      Thread.abort_on_exception = true
+      poll.each do |net|
+        net.to_range.each do |ip|
+          next if ignore.any? { |ignore| ignore.include? ip }
+          while threads.size >= CFG.threads
+            threads.delete_if { |thread| not thread.alive? }
+            sleep 0.01
+          end
+          threads << Thread.new { poll ip }
+        end
+      end
+      threads.each { |thread| thread.join }
+    end
+
+    def poll ip
+      snmp = SNMP.new ip.to_s
+      oids = snmp.dbget
+      if oids
+        if index = snmp.ip2index(ip.to_s)
+          if int = snmp.ifdescr(index)
+            @mutex.synchronize { process :oids=>oids, :int=>int.downcase, :ip=>ip }
+          else
+            Log.warn "no ifDescr for #{index} at #{ip}"
+          end
+        else
+          Log.warn "no ifIndex for #{ip}"
+        end
+      end
+    end
+
+    def process opt
+      opt = normalize_opt opt
+      record = mkrecord opt
+      old_by_ip, old_by_sysname = @db.old record[:id], record[:oid_sysName]
+     
+      # unique box having non-unique sysname
+      # old_by_sysname = false if record[:oid_sysDescr].match 'Application Control Engine'
+
+      if not old_by_sysname and not old_by_ip
+        # all new device
+        puts "ptr [%s] sysName [%s] ip [%s]" % [record[:ptr], record[:oid_sysName], record[:ip]]
+        Log.info "#{record[:ip]} added"
+        @db.add record
+
+      elsif not old_by_sysname and old_by_ip
+        # IP seen, name not, device got renamed?
+        Log.info "#{record[:ip]} got renamed"
+        @db.update record, [:ip, old_by_ip[:ip]]
+
+      elsif old_by_sysname and not old_by_ip
+        # name exists, but IP is new, figure out if we wan to use old or new IP
+        decide_old_new record, old_by_sysname
+
+      elsif old_by_sysname and old_by_ip
+        both_seen record, old_by_sysname, old_by_ip
+      end
+    end
+
+    def both_seen record, old_by_sysname, old_by_ip
+      if old_by_sysname == old_by_ip
+        # no changes, updating same record
+        Log.debug "#{record[:ip]} refreshed, no channges"
+        @db.update record, [:oid_sysName, old_by_sysname[:oid_sysName]]
+      else
+        # same name seen and same IP seen, but records were not same (device got renumbered to existing node + existing node got delete?)
+        Log.warn "#{record[:ip]}, unique entries for IP and sysName in DB, updating by IP"
+        @db.update record, [:ip, old_by_ip[:ip]]
+      end
+    end
+
+    def decide_old_new record, old_by_sysname
+      new_int_pref = (CFG.mgmt.index(record[:oid_ifDescr]) or 100)
+      old_int_pref = (CFG.mgmt.index(old_by_sysname[:oid_ifDescr]) or 99)
+
+      if new_int_pref < old_int_pref
+        # new int is more preferable than old
+        Log.info "#{record[:ip]} is replacing inferior #{old_by_sysname[:ip]}"
+        @db.update record, [:oid_sysName, old_by_sysname[:oid_sysName]]
+
+      elsif new_int_pref == 100 and old_int_pref == 99
+        # neither old or new interface is known good MGMT interface
+        if SNMP.new(old_by_sysname[:ip]).sysdescr
+          # if old IP works, don't update 
+          Log.debug "#{record[:ip]} not updating, previously seen as #{old_by_sysname[:ip]}"
+        else
+          Log.info "#{record[:ip]} updating, old #{old_by_sysname[:ip]} is dead"
+          @db.update record, [:oid_sysName, old_by_sysname[:oid_sysName]]
+        end
+
+      elsif new_int_pref >= old_int_pref 
+        # nothing to do, we have better entry
+        Log.debug "#{record[:ip]} already seen as superior via #{old_by_sysname[:ip]}"
+
+      else
+        Log.error "not updating, new: #{record[:ip]}, old: #{old_by_sysname[:ip]}"
+      end
+    end
+
+    def mkrecord opt
+      {
+        :id              => opt[:ip].to_i,
+        :ip              => opt[:ip].to_s,
+        :ptr             => ip2name(opt[:ip].to_s),
+        :model           => model(opt),
+        :oid_ifDescr     => opt[:int],
+        :oid_sysName     => opt[:oids][:sysName],
+        :oid_sysLocation => opt[:oids][:sysLocation],
+        :oid_sysDescr    => opt[:oids][:sysDescr],
+      }
+    end
+
+    def normalize_opt opt
+      opt[:oids][:sysName].sub! /-re[1-9]\./, '-re0.'
+      opt
+    end
+
+    def ip2name ip
+      Resolv.getname ip rescue ip
+    end
+
+    def model opt
+      case opt[:oids][:sysDescr]
+      when /Cisco Catalyst operating System/
+        'catos'
+      when /cisco/i, /Application Control Engine/i
+        'ios'
+      when /JUNOS/
+        'junos'
+      when /^NetScreen/, /^SSG-\d+/
+        'screenos'
+      when /IronWare/
+        'ironware'
+      when /^Summit/
+        'xos'
+      when /^\d+[A-Z]\sEthernet Switch$/
+        'powerconnect'
+      end
+    end
+
+    def resolve_networks
+      [CFG.poll, CFG.ignore].map do |nets|
+        if nets.respond_to? :each
+          nets.map { |net| IPAddr.new net }
+        else
+          out = []
+          File.read(nets).each_line do |net|
+            net = net.match /^([\d.\/]+)/
+            out.push IPAddr.new net[1] if net
+          end
+          out
+        end
+      end
+    end
+
+  end
+end

data/lib/corona/db.rb

@@ -0,0 +1,50 @@
+module Corona
+  class DB
+    require 'sequel'
+    require 'sqlite3'
+    def initialize 
+      @db = Sequel.sqlite(CFG.db, :max_connections => 1, :pool_timeout => 60)
+
+      @db.create_table :device do
+        primary_key :id
+        String      :ip
+        String      :ptr
+        String      :model
+        String      :oid_ifDescr
+        Boolean     :active
+        Time        :first_seen
+        Time        :last_seen
+        String      :oid_sysName
+        String      :oid_sysLocation
+        String      :oid_sysDescr
+      end unless @db.table_exists? :device
+    end
+
+    # http://sequel.rubyforge.org/rdoc/files/doc/cheat_sheet_rdoc.html
+    #
+
+    def add record
+      record[:first_seen] = record[:last_seen] = Time.now.utc
+      record[:active] = true
+      #Log.debug "adding: #{record}"
+      @db[:device].insert record
+    end
+
+    def update record, where
+      record[:last_seen] = Time.now.utc
+      record[:active] = true
+      #Log.debug "updating (where: #{where}): #{record}"
+      @db[:device].where('? == ?', where.first, where.last).update record
+    end
+
+    def [] primary_key
+      @db[:device].where('id == ?', primary_key).first
+    end
+
+    def old primary_key, oid_sysName
+      ip       = self[primary_key]
+      sysName  = @db[:device].where('oid_sysName == ?', oid_sysName).first
+      [ip, sysName]
+    end
+  end
+end

data/lib/corona/log.rb

@@ -0,0 +1,13 @@
+module Corona
+  require 'logger'
+  class Logger < Logger
+    def initialize target=STDOUT
+      super target
+      self.level = Logger::DEBUG
+    end
+    def file= target
+      @logdev = LogDevice.new target
+    end
+  end
+  Log = Logger.new
+end

data/lib/corona/snmp.rb

@@ -0,0 +1,82 @@
+module Corona
+  class SNMP
+    DB_OID = {
+      :sysDescr     => '1.3.6.1.2.1.1.1.0',
+      :sysLocation  => '1.3.6.1.2.1.1.6.0',
+      :sysName      => '1.3.6.1.2.1.1.5.0',
+    }
+    OID = {
+       :ipCidrRouteIfIndex => '1.3.6.1.2.1.4.24.4.1.5',  # addr.255.255.255.255.0.0.0.0.0
+       :ipAdEntIfIndex     => '1.3.6.1.2.1.4.20.1.2',    # addr
+       :ipAddressIfIndex   => '1.3.6.1.2.1.4.34.1.3',    # 1,2 (uni,any) . 4,16 (size) . addr
+       :ifDescr            => '1.3.6.1.2.1.2.2.1.2',
+    }
+    UNICAST = 1
+    IPV4    = 4
+
+    BULK_MAX = 30
+    require 'snmp'
+    def initialize host, community=CFG.community
+      @snmp = ::SNMP::Manager.new :Host => host, :Community => community,
+                                  :Timeout => 1, :Retries => 3, :MibModules => false
+    end
+    def get *oid
+      oid = [oid].flatten.join('.')
+      begin
+        @snmp.get(oid).each_varbind { |vb| return vb }
+      rescue ::SNMP::RequestTimeout
+        return false
+      end
+    end
+    def mget oids=DB_OID
+      result = {}
+      begin
+        @snmp.get(oids.map{|_,oid|oid}).each_varbind do |vb|
+          oids.each do |name,oid|
+            if vb.name.to_str == oid
+              result[name] = vb.value
+              next
+            end
+          end
+        end
+      rescue ::SNMP::RequestTimeout
+        return false
+      end
+      result
+    end
+    alias dbget mget
+    def bulkwalk root
+      last, oid, vbs = false, root, []
+      while not last
+        r = @snmp.get_bulk 0, BULK_MAX, oid
+        r.varbind_list.each do |vb|
+          oid = vb.name.to_str
+          (last = true; break) if not oid.match /^#{Regexp.quote root}/
+          vbs.push vb
+        end
+      end
+      vbs
+    end
+
+    def sysdescr
+      get DB_OID[:sysDescr]
+    end
+
+    def ip2index ip
+      oids = mget :route => [OID[:ipCidrRouteIfIndex], ip, '255.255.255.255.0.0.0.0.0'].join('.'),
+                  :new   => [OID[:ipAddressIfIndex], UNICAST, IPV4, ip].join('.'),
+                  :old   => [OID[:ipAdEntIfIndex], ip].join('.')
+      return false unless oids
+      index = oids[:route]
+      index = oids[:new] if not index.class == ::SNMP::Integer or index.to_s == '0'
+      index = oids[:old] if not index.class == ::SNMP::Integer or index.to_s == '0'
+      return false unless index.class == ::SNMP::Integer
+      index.to_s
+    end
+    def ifdescr index
+      descr = get OID[:ifDescr], index
+      return false unless descr and descr.value.class == ::SNMP::OctetString
+      descr.value.to_s
+    end
+  end
+end

data/lib/corona.rb

@@ -0,0 +1,3 @@
+module Corona
+  require 'corona/core'
+end

metadata

@@ -0,0 +1,112 @@
+--- !ruby/object:Gem::Specification
+name: corona
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Saku Ytti
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-05-01 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: sequel
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: snmp
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Threaded SNMP poll based network discovery. Devices are stored in SQL
+email:
+- saku@ytti.fi
+executables:
+- corona
+extensions: []
+extra_rdoc_files: []
+files:
+- .rspec
+- Gemfile
+- Gemfile.lock
+- README.md
+- Rakefile
+- TODO.md
+- bin/corona
+- corona.gemspec
+- lib/corona.rb
+- lib/corona/config/bootstrap.rb
+- lib/corona/config/core.rb
+- lib/corona/core.rb
+- lib/corona/db.rb
+- lib/corona/log.rb
+- lib/corona/snmp.rb
+homepage: http://github.com/ytti/corona
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: 1454207244225852473
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: corona
+rubygems_version: 1.8.25
+signing_key: 
+specification_version: 3
+summary: device discovery via snmp polls
+test_files: []