gnms 2.1.0.rc1

data/README

@@ -0,0 +1,29 @@
+GNMS - Gnome Network Monitoring System
+
+
+Introduction
+---------------
+
+GNMS tries to bring a tool to monitor network elements.
+This tool is written in Ruby with Gtk bindings, and use
+some command tools for finding, scanning nodes.
+
+
+How to test
+--------------
+
+Run as root the following command in a shell
+from the project dir:
+
+# gem build gnms.gemspec
+# gem install gnms-*.gem
+# gnms
+
+Btw, you will need some development files to compile gtk
+bindings and other libraries. And you should at least
+install nmap package which is used to remotely scan hosts.
+
+This package is provided as is with no warranty.
+See http://gnms.rubyforge.org/ to get some more help.
+
+David Maciejak

data/bin/gnms

@@ -0,0 +1,11 @@
+#!/usr/bin/env ruby
+#
+#	gnms launcher
+#       David Maciejak
+#
+
+file = __FILE__
+file = File.readlink(file) while File.symlink?(file)
+$LOAD_PATH.unshift File.expand_path('../../lib', file)
+
+require 'gnms'

data/gnms.gemspec

@@ -0,0 +1,70 @@
+#gnms gemspec
+
+$:.unshift File.expand_path(File.join(File.dirname(__FILE__), 'lib'))
+require 'version'
+
+class GnmsGemspecHelper
+  def self.remove_gitignored_files(filelist)
+    gitignore_file = File.expand_path("../.gitignore", __FILE__)
+    if File.exist?(gitignore_file)
+      ignores = File.readlines(gitignore_file)
+      ignores = ignores.select {|ignore| ignore.chomp.strip != "" and ignore !~ /^#/}
+      ignores = ignores.map {|ignore| Regexp.new(ignore.chomp.gsub(".", "\\.").gsub("*", ".*"))}
+      r = filelist.select {|fn| not ignores.any? {|ignore| fn =~ ignore }}
+      r.select {|fn| fn !~ /\.git/ }
+    else
+      filelist
+    end
+  end
+  
+  def self.remove_matching_files(list, string)
+    list.reject {|entry| entry.include?(string)}
+  end
+
+  def self.gem_manifest
+    r = %w(LICENSE README gnms.gemspec) +
+                            Dir.glob("bin/gnms") +
+                            Dir.glob("pixmap/**/*") +
+                            Dir.glob("sound/*") +
+                            remove_gitignored_files(Dir.glob("lib/**/*")) +
+                            remove_gitignored_files(Dir.glob("plugins/**/*"))
+  end
+end
+
+Gem::Specification.new do |s|
+  s.name        = "gnms"
+  #s.version     = GNMSVERSION
+  s.version     = "#{GNMSVERSION}.rc1"
+  s.platform    = Gem::Platform::RUBY
+  s.required_ruby_version = '>= 1.8.6'
+  s.authors     = ["David Maciejak"]
+  s.email       = ["david.maciejak@gmail.com"]
+  s.homepage    = "http://gnms.rubyforge.org/"
+  s.rubyforge_project = "gnms"
+  s.summary     = "Gnome Network Management System"
+  s.description = "GNMS is a graphical tool used to monitor state of network elements"
+ 
+  s.files       = GnmsGemspecHelper.gem_manifest
+  s.has_rdoc    = false 
+  s.test_files  = (s.files & Dir['test/*'])
+  s.license     = "GPL-2.1"
+  
+  s.executables  = ["gnms"]
+  s.require_path = 'lib'
+
+  s.add_dependency("facter")
+  s.add_dependency("goocanvas")
+  s.add_dependency("gdk_pixbuf2", "~> 1.1.7")
+  s.add_dependency("glib2", "~> 1.1.7")
+  s.add_dependency("gtk2", "~> 1.1.7")
+  s.add_dependency("net-ssh")
+  s.add_dependency("snmp")
+  s.add_dependency("xmpp4r")
+  s.add_dependency("sqlite3")
+  s.add_dependency("pcaprub", "~>0.11.3")
+  s.add_dependency("packetfu")
+  s.add_dependency("gruff")
+#  s.add_dependency("ruby-ldap")  
+#  s.add_dependency("gstreamer")
+end
+

data/lib/cmd_parse.rb

@@ -0,0 +1,747 @@
+require "#{GNMSLIB}"+'/ipcalc'
+require 'net/http'
+
+#
+#get system information
+#
+def get_system_infor()
+    sysinfor = Hash.new()
+    sysinfor["cpu" => "","Memory" =>"","hostname" => "","OS" => ""]
+    value=`cat /proc/cpuinfo | grep 'model name'`
+    value=value.match(/\:\s+(\w+.*)/)
+    if value != nil
+       sysinfor["cpu"]=value[1]
+    end
+    value=`cat /proc/meminfo | grep 'MemTotal'`
+    value=value.match(/\:\s+(\d+)\s+(\w+)/)
+    if value !=nil
+       if (value[2] == "kB") and isInteger(value[1])
+         if value[1].to_f >= 1024
+           val = value[1].to_f / 1024 / 1024
+	   sysinfor["Memory"]="#{sprintf "%.1f",val} G"
+	 else
+           val = value[1].to_f / 1024
+	   sysinfor["Memory"]="#{sprintf "%.1f",val} M"
+	 end
+       else
+         sysinfor["Memory"]=sprintf "%.1f",value[1]
+       end
+    end   
+    value=`hostname`
+    sysinfor["hostname"]=value.chomp
+
+    value=`cat /proc/version`    
+    sysinfor["OS"]=value.chomp
+
+    value=`df -h`
+    disk_size=0
+    flag=false
+    #parsing the output of command "df -h"
+    value.each_line{|s|
+          temp=s.match(/\/dev\//)
+          if temp !=nil
+          flag=true
+          end
+          temp=s.match(/\s+(\d+[\w])\s+\w+\.?\w*\s+\w+\.?\w*\s+\d+\.?\d*\%/)
+          if temp !=nil && flag
+             if temp[1].gsub!(/M/){|s|}!=nil
+                 temp1=temp[1].gsub("M","")
+                 temp2=temp1.to_f
+                 temp2=temp2/1024
+             else
+                 temp1=temp[1].gsub("M","")
+                 temp2=temp1.to_f
+             end
+             disk_size=disk_size+temp2
+             flag=false
+          end
+    } 
+    sysinfor["Disk Size"]="#{sprintf "%.1f",disk_size} G"
+    return sysinfor
+end
+
+#
+#	download mac manufacturer list
+#
+def get_mac_manufacturer_list()
+  puts "in get_mac_manufacturer_list"
+  if ! mac_manufacturer_list_exist?()
+    ieee_addr="standards.ieee.org"
+    ieee_url="/develop/regauth/oui/oui.txt"
+    local_file_path="#{CONF_DIR}"
+    local_file_name="oui.txt"
+    Net::HTTP.version_1_1
+    tf=Tempfile.new(local_file_name)
+    begin
+      Net::HTTP.start(ieee_addr, 80) do |http|
+        response,=http.get(ieee_url)
+        response.body.each do |str|
+          str.chomp
+          if str.match('base\s16')
+            #line syntax is 'XXXXXX     (base 16)            name'
+            str.scan(/(\w+)\s+\([^)]+\)\s+(.+)/) do |mac,manufacturer|
+              tf.write "#{mac}\t#{manufacturer}\n"
+            end
+          end
+        end
+      end
+    rescue Exception => msg
+      print #{msg.backtrace.join("\n")},"\n"
+      tf.close(true)
+      return -1
+    end
+  end
+  tf.close
+  FileUtils.move(tf.path, "#{local_file_path}/#{local_file_name}")
+  return 0
+end
+
+#
+#	return if mac manufacturer list exist
+#
+def mac_manufacturer_list_exist?()
+	return FileTest.exist?("#{CONF_DIR}/oui.txt")
+end
+
+#
+# Return nic manufacturer based on OUI
+#
+def find_manufacturer (mac)
+	if FileTest.exist?("#{CONF_DIR}/oui.txt")
+
+		if defined?($mac_manufacturer)
+			if $mac_manufacturer[mac] != ""
+				return $mac_manufacturer[mac]
+			end
+		else
+			$mac_manufacturer=Hash.new
+		end
+
+		manufacturer_name="unknown"
+		f=File.open("#{CONF_DIR}/oui.txt","r")
+		begin
+		while (line = f.readline)
+        line.chomp
+        if line.match("^#{mac}")
+			result_t=line.split(/\s+/)
+			manufacturer_name=result_t[1]
+		  end
+    	end
+		rescue EOFError
+    		f.close
+		end
+	   $mac_manufacturer[mac]=manufacturer_name
+      return manufacturer_name
+	else
+		$log.warn("you need to download OUIs list, see pref")
+		return nil
+	end
+end
+
+#
+#list port with nmap
+#
+def listport(ip)
+    lp=""
+    nmap_version = $config.nmap_vers.to_f()
+    if nmap_version >= 6.0 
+      lp=`#{$config.nmap_path} -sU -sT #{ip} --host_timeout 60 2>/dev/null| grep open | grep "^[0-9]"`
+    else
+      lp=`#{$config.nmap_path} -sU -sT #{ip} --host_timeout 60000 2>/dev/null| grep open | grep "^[0-9]"`	
+    end
+    $_=lp
+    gsub("/"," ")
+    gsub("open","")
+    gsub("|filtered","")
+    gsub("\ +"," ")
+    return $_
+end
+
+#
+#get nmap version
+#
+def nmap_version()
+	if $config.nmap_path != ""
+		regx=Regexp.new('Nmap version ([\d.]+) \(')
+		if $config.nmap_path
+			ret=`#{$config.nmap_path} -V|grep Nmap`
+			ret.scan(regx) do |val|
+				return val[0]
+			end
+		end
+		return nil
+	end
+end
+
+#
+# Return mac adress of the ip if in local arp table
+#
+def mac_tablelocal(ip)
+        `ping -c 1 -W 1 #{ip}`
+	lp=`arp -n #{ip} | grep #{ip} | awk '{print $3;}'`
+	#there is no entry
+	if lp.chomp == "--"
+	  lp=""
+	end
+	return lp
+end
+
+#
+#	Return interface info of local machine
+#       format is an array of array of elements
+#       ipv4 mask ipv6 mac_addr interface_name
+def local_interface()	
+   result = Array.new
+   Facter::Util::IP.get_interfaces.each do |interface|
+      tmp= Array.new
+	%w{ipaddress netmask ipaddress6 macaddress}.each do |label|
+              tmp.push Facter::Util::IP.get_interface_value(interface, label)
+	  end
+	  #tmp.push interface
+	  #check if ip is not empty
+      if !tmp[0].nil? and !tmp[0].empty?
+        result.push tmp
+      end      
+   end
+   return result
+end
+
+#
+#	Return netmask adress of local machine
+#
+def local_mask()
+   Facter::Util::IP.get_interfaces.each do |interface|     
+              return Facter::Util::IP.get_interface_value(interface, "netmask") if interface != "lo"
+   end
+   return nil
+end
+
+#
+#ping broadcast
+#
+def broadcast_ping
+	ipbroadcast=`#{$config.ping_path} 255.255.255.255 -b -c 2 -n 2>&1 | grep ^64 | awk '{ print $4 }'`
+	ipbroadcast.gsub!(":","")
+	iptab=ipbroadcast.split(/\n/)
+	return iptab
+end
+
+#
+# To know if an host is up, we use here ping perhaps in a near future nmap
+#
+def ping (ip)
+	pip=`#{$config.ping_path} #{ip} -c 1 -n -W 4 2>/dev/null | grep ^64`
+	return pip!=""
+end
+
+
+#
+#	verify by custom monitoring
+#
+def test_monitored_custom(ip)
+  $log.debug "cmd_parse test_monitored_custom #{ip}"
+  if $host[ip].custom_monitoring.size() > 0
+    max_severity=UNKNOWN
+    max_severity_description=nil
+    $host[ip].custom_monitoring.each_value {|custom_mon|
+      if custom_mon.active?()
+        $log.debug("running custom #{custom_mon.name}")
+        begin
+          result_tmp=(eval custom_mon.name).new($host[ip])
+          while (result_tmp.get_event_state_raw()==nil) do
+            sleep(5)
+          end
+
+          if $status_value[result_tmp.get_event_state_raw()] > max_severity
+            max_severity=$status_value[result_tmp.get_event_state_raw()]
+            max_severity_description=result_tmp.get_event_description()
+          end
+          if result_tmp.get_event_description() != nil
+            #if severity is unknown and we have a description; this should be an error report
+            if result_tmp.get_event_state_raw() == $status.size()-1
+              $event_win.add_event(EventWindow::CUSTOM_EVENT_TYPE, "ERR", $host[ip], "#{result_tmp.get_event_description()}")
+            else
+              $event_win.add_event(EventWindow::CUSTOM_EVENT_TYPE, get_level_from_status($status[result_tmp.get_event_state_raw()]), $host[ip], "#{result_tmp.get_event_description()}")
+            end
+          end
+        rescue
+          raise
+        end
+      end
+    }
+    #at this point max_severity contains the severity max found for all custom monitor enabled for this host
+    $host[ip].set_custom_severity(max_severity)
+  elsif $host[ip].custom_sev > UNMANAGED
+    #no custom monitoring for this host
+    $host[ip].set_custom_severity(UNMANAGED)
+  end
+end
+
+#
+#	verify if oid ref threshold value is ok
+#
+def test_monitored_snmp(ip)
+	$log.info "cmd_parse test_monitored_snmp #{ip}"
+	if $host[ip] && ($host[ip].snmp_monitoring.size() > 0)
+		max_severity=UNKNOWN
+
+	  if $host[ip].get_account_id("snmp")
+  	  community_pub, community_priv = $host[ip].get_account_id("snmp")
+		begin
+
+		SNMP::Manager.open(:Host => ip, :Community => community_pub, :Version => get_snmp_version($host[ip].get_default_inherit_snmp_version()), :Port => $host[ip].get_default_inherit_snmp_port().to_i, :Timeout => $host[ip].get_default_inherit_snmp_timeout().to_i, :Retries => $host[ip].get_default_inherit_snmp_retry().to_i) do |manager|
+		  $host[ip].snmp_monitoring.each_value {|snmp_mon|
+			  if snmp_mon.active?()
+				 snmp_oper="#{snmp_mon.oper()}"
+				 if "#{snmp_mon.oper()}" == "="
+					 snmp_oper="=="
+				 end
+				 begin
+
+				 snmp_direct_value="#{snmp_mon.value(manager,$host[ip])}"
+				 #here snmp_direct_value can be a string and not an operation
+				 #check if a OID value in not known by the agent
+				 if !snmp_direct_value.include?("Null")
+					 expr_test=""
+					 if snmp_direct_value.match('^[\d.+*/ -]+$')
+						 expr_test="#{snmp_direct_value} #{snmp_oper} #{snmp_mon.threshold}"
+					 else
+						 expr_test="'#{snmp_direct_value}' #{snmp_oper} '#{snmp_mon.threshold}'"
+					 end
+					 if eval(expr_test)
+						 if $status_value[snmp_mon.raw_severity] > max_severity
+							 max_severity=$status_value[snmp_mon.raw_severity]
+						 end
+				      	 	$event_win.add_event(EventWindow::SNMP_EVENT_TYPE, get_level_from_status($status[$status_value.index(max_severity)]), $host[ip], "Monitoring #{snmp_mon.oidref} matched")
+					 end
+				 else
+					$log.error("Problem in SNMP request on #{ip}, seems OID used is unknown on remote agent")
+					$event_win.add_event(EventWindow::SNMP_EVENT_TYPE, "ERR", $host[ip], "OID #{snmp_mon.oidref} used is unknown on remote agent")
+				 end
+				 rescue
+					$log.error("Problem in SNMP request on #{ip}, validate #{snmp_mon.oidref} OID Reference")
+					$event_win.add_event(EventWindow::SNMP_EVENT_TYPE, "ERR", $host[ip], "Problem validate #{snmp_mon.oidref} OID Reference")
+					return
+				 end
+			  end
+		  }
+		  #set the snmp severity to max find for this host
+		  if max_severity > $host[ip].snmp_sev
+			  $host[ip].set_snmp_severity(max_severity)
+		  end
+
+		end #manager
+		rescue Exception => msg
+			$log.error("Exception in test_monitored_snmp for #{ip}: #{msg}")
+		end
+	else
+		$log.error("snmp account not set for host #{ip}")
+		$event_win.add_event(EventWindow::SNMP_EVENT_TYPE, "ERR", $host[ip], "snmp account not set")
+	end
+	else
+		if $host[ip]
+				$host[ip].set_snmp_severity(UNMANAGED)
+		end
+	end
+end
+
+#
+#	verify if wmi ref threshold value is ok
+#
+def test_monitored_wmi(ip)
+	$log.debug "cmd_parse test_monitored_wmi #{ip}"
+	if $host[ip] && ($host[ip].wmi_monitoring.size() > 0)
+		max_severity=UNKNOWN
+		begin
+		  $host[ip].wmi_monitoring.each_value {|wmi_mon|
+			  if wmi_mon.active?()
+				 wmi_oper="#{wmi_mon.oper()}"
+				 if "#{wmi_mon.oper()}" == "="
+					 wmi_oper="=="
+				 end
+				 begin
+					#wml request can return multiple entries
+					wmi_direct_table=wmi_mon.request($host[ip])
+					if wmi_direct_table
+							max_severity_set=0
+							if wmi_oper == "Contain"
+								if wmi_direct_table.include?(wmi_mon.value)
+						 			if $status_value[wmi_mon.raw_severity] > max_severity
+							 			max_severity=$status_value[wmi_mon.raw_severity]
+										max_severity_set=1
+								 	end
+								end
+							elsif wmi_oper == "Not contain"
+								if !wmi_direct_table.include?(wmi_mon.value)
+						 			if $status_value[wmi_mon.raw_severity] > max_severity
+							 			max_severity=$status_value[wmi_mon.raw_severity]
+										max_severity_set=1
+								 	end
+								end
+							end
+						if max_severity_set == 1
+					   	   $event_win.add_event(EventWindow::WMI_EVENT_TYPE, get_level_from_status($status[$status_value.index(max_severity)]), $host[ip], "Monitoring '#{wmi_mon.wmiref}' matched for #{wmi_mon.value}")
+						end
+				 	else
+						$log.error("Problem in WMI request on #{ip}, seems WML used is unknown on remote agent")
+						$event_win.add_event(EventWindow::WMI_EVENT_TYPE, "ERR", $host[ip], "WML used is unknown on remote agent")						
+				 	end
+				 rescue Exception => msg
+					 $log.error("Problem in WMI request on #{ip}, validate '#{wmi_mon.wmiref}' WMI Reference")
+					 return
+				 end
+			  end
+		  }
+		  #set the wmi severity to max find for this host
+		  if max_severity > $host[ip].wmi_sev
+			  $host[ip].set_wmi_severity(max_severity)
+		  end
+		rescue Exception => msg
+			$log.error("Exception in test_monitored_wmi for #{ip}: #{msg}")
+		end
+	else
+		if $host[ip]
+				$host[ip].set_wmi_severity(UNMANAGED)
+		end
+	end
+end
+
+#
+# wmi request using external wmic command
+#
+def wmi_request(login, password, host, wml)
+	if ($config.wmic_path != nil) && ($config.wmic_path != "")
+		rs=`#{$config.wmic_path} -U #{login}%#{password} //#{host} "#{wml}" 2>/dev/null`
+		return rs.split(/\n/)
+	end
+	return Array.new	
+end
+
+#
+#	verify if jmx ref threshold value is ok
+#
+def test_monitored_jmx(ip)
+	$log.error "cmd_parse test_monitored_jmx #{ip}"
+	if $host[ip] && ($host[ip].jmx_monitoring.size() > 0)
+		max_severity=UNKNOWN
+		begin
+		  $host[ip].jmx_monitoring.each_value {|jmx_mon|
+			  if jmx_mon.active?()
+				 begin
+					#jmx can return multiple entries
+					jmx_direct_table=""
+					if jmx_mon.get_auth() == "None"
+						jmx_direct_table=jmx_request($host[ip], jmx_mon.get_port(), "", "", jmx_mon.get_ref(), jmx_mon.get_attributes().keys.join(" "))
+					else
+						username, password = $host[ip].get_account_id(jmx_mon.get_auth())
+						jmx_direct_table=jmx_request($host[ip], jmx_mon.get_port(), username, password, jmx_mon.get_ref(), jmx_mon.get_attributes().keys.join(" "))
+					end
+					if jmx_direct_table[0] && !jmx_direct_table[0].match("^error|such file")
+						max_severity_set=0
+						jmx_mon.get_attributes().each_pair { |attr, attrmon|
+						ind=-1
+						fnd=false
+						jmx_direct_table.each {|entr|
+							ind+=1
+							if entr.match("^#{attr}")
+								fnd=true
+								break
+							end
+						}
+
+						if fnd
+							if ind
+								val=jmx_direct_table[ind].gsub(attr+": ","")
+								jmx_oper="#{JmxAttributeMonitoring::TESTOP[attrmon.operator]}"
+				 				if "#{jmx_oper}" == "="
+					 				jmx_oper="=="
+				 				end
+								expr_test="#{val} #{jmx_oper} #{attrmon.value}"
+								if eval(expr_test)
+									print $status_value[attrmon.raw_severity()]," ", max_severity, "\n"
+					 				if $status_value[attrmon.raw_severity()] > max_severity
+						 				max_severity=$status_value[attrmon.raw_severity()]
+										max_severity_set=1
+							 		end
+								end
+							end
+						end
+						}
+						if max_severity_set == 1
+						   	$event_win.add_event(EventWindow::JMX_EVENT_TYPE, get_level_from_status($status[$status_value.index(max_severity)]), $host[ip], "Monitoring '#{jmx_mon.get_ref()}' matched")
+						end
+				 	else
+						$log.error("Problem in JMX request on #{ip}, #{jmx_direct_table[0]}")
+						$event_win.add_event(EventWindow::JMX_EVENT_TYPE, "ERR", $host[ip], "#{jmx_direct_table}")						
+				 	end
+				 rescue Exception => msg
+					 $log.error("Problem in JMX request on #{ip}, validate '#{jmx_mon.get_ref()}' JMX Reference #{msg}")
+					 return
+				 end
+			  end
+		  }
+		  #set the jmx severity to max find for this host
+		  if max_severity > $host[ip].jmx_sev
+			  $host[ip].set_jmx_severity(max_severity)
+		  end
+		rescue Exception => msg
+			$log.error("Exception in test_monitored_jmx for #{ip}: #{msg}")
+		end
+	else
+		if $host[ip]
+				$host[ip].set_jmx_severity(UNMANAGED)
+		end
+	end
+end
+
+def jmx_request(host, port, user, pass, object_name, attr_names)
+	rs=`#{GNMSLIB}/external/jjmx.rb #{host.ip} #{port} "#{user}" "#{pass}" #{$jmx_refs[object_name].mbean} "#{attr_names}" 2>&1`
+	return rs.split(/\n/)
+end
+
+#
+# verify if monitored ports are always open
+# return -1 if ok
+# or return the severity as constant
+def test_monitored_ports(ip)
+  $log.debug "cmd_parse test_monitored_ports #{ip}"
+  #we assume here $host[ip].port is not nil
+  if $host[ip].service.size() == 0
+    return -1
+  end
+
+  #puts "monitored ports for #{ip}"
+  ip_port=""
+  $host[ip].service.each_value{|serv|
+    if serv.monitor.to_i() == 1
+      proto="U"
+      if serv.protocol == "tcp"
+        proto="T"
+      end
+      ip_port+="#{proto}:#{serv.port},"
+    end
+  }
+  ip_port.chop!()
+  if ip_port == ""
+    #we dont monitor ports for this node
+    return -1
+  end
+  ports = ip_port.split(/,/).dup
+  lp=""
+  nmap_version = $config.nmap_vers.to_f()
+   
+  if nmap_version >= 6.0
+    lp=`#{$config.nmap_path} -sT -sU #{ip} --host_timeout 60 -p #{ip_port} 2>/dev/null | grep "^[0-9]"`
+  else
+    lp=`#{$config.nmap_path} -sT -sU #{ip} --host_timeout 60000 -p #{ip_port} 2>/dev/null | grep "^[0-9]"`
+  end
+  
+  $log.error("Issue running scan command: #{$config.nmap_path} -sT -sU #{ip} -p #{ip_port}") if lp == ""
+  llp=lp.split(/\n/)
+  for pt in llp
+    ptlign=pt.split(/\s+/)
+    portprotocol=ptlign[0]
+    portstate=ptlign[1]
+    if portstate.match("^open")
+      ptt = portprotocol.split(/\//)
+      if ptt[1] == "tcp"
+        pt="T:#{ptt[0]}"
+      else
+        pt="U:#{ptt[0]}"
+      end
+      i=0
+      for ptlo in ports
+        if ptlo == pt
+          ports.delete ptlo
+          break
+        end
+        i+=1
+      end
+    end
+  end
+
+  if ports.size != 0 #we have port which dont respond
+
+    #identify worst sev from down port(s)
+    bad_sev = $status.size
+    str_port = ports.join(" ")
+    ports.each {|str|
+      sev_spe = $status.size
+      if str.gsub!(/T:/,"")
+        sev_spe = $host[ip].get_service_sev("tcp", str)
+      else
+        sev_spe = $host[ip].get_service_sev("udp", str)
+      end
+      bad_sev = sev_spe if sev_spe < bad_sev
+    }
+    if bad_sev == $status.size
+      $log.error("Service monitoring severity can't be found, setting critical")
+      bad_sev = 0
+    end
+
+    #nmap protocol/port syntax to human easy readable!
+    str_port.gsub!(/T:/,"tcp/")
+    str_port.gsub!(/U:/,"udp/")
+    $event_win.add_event(EventWindow::PORT_EVENT_TYPE, get_level_from_status($status[bad_sev]), $host[ip], "#{str_port} not responding")
+
+    return $status_value[bad_sev]
+  end
+
+  return -1
+end
+
+#
+# Return all host seems to be up (responding to icmp) from a given network (class c)
+# netmork submitted as 0.0.0.0/24
+def broadcast_remote_ping(network, mask)
+  $log.debug "cmd_parse broadcast_remote_ping #{network} #{mask}"
+  puts "cmd_parse broadcast_remote_ping #{network} #{mask}"
+  result=[]
+  if $config.nmap_path == ""
+    return result
+  end
+  res=nil
+  nmap_version = $config.nmap_vers.to_f()
+  case 
+  when nmap_version >= 6.0 then 
+     res=`#{$config.nmap_path} --send-ip -PE -sP -n "#{network}/#{mask}"  2>/dev/null| grep "^Nmap scan report.*$" | awk '{print $5}'`
+  when nmap_version >= 4.0 then
+	 res=`#{$config.nmap_path} --send-ip -PE -sP -n "#{network}/#{mask}"  2>/dev/null| grep "^H.*appears.*$" | awk '{print $2}'`
+  else
+	 res=`#{$config.nmap_path} -PE -sP -n "#{network}/#{mask}"  2>/dev/null| grep "^H.*$" | awk '{print $2}'`
+  end
+  if res
+	  lres=res.split(/\n/)
+	  for ip in lres
+	    result.push ip unless ip == network    
+	  end
+  end
+  return result
+end
+
+#
+# Return all host seems to be up (responding to icmp) from a given range IP addr
+def range_remote_ping(ip_begin, ip_end)
+  puts "in range_remote_ping"
+  result=[]
+  if $config.nmap_path == ""
+    return result
+  end
+  res=nil
+  if $config.nmap_vers.to_f() >= 4
+	  res=`#{$config.nmap_path} --send-ip -sP -n "#{ip_begin}-#{ip_end}" 2>/dev/null| grep "^H.*$" | awk '{print $2}'`
+  else
+	  res=`#{$config.nmap_path} -sP -n "#{ip_begin}-#{ip_end}" 2>/dev/null| grep "^H.*$" | awk '{print $2}'`	
+  end
+
+  lres=res.split(/\n/)
+  for ip in lres
+    result.push ip
+  end
+  return result
+end
+
+#
+# OS Fingerprint
+#
+def osfingerprint(ip)
+
+  $log.debug "cmd_parse osfingerprint #{ip}"
+
+  if $config.xprobe_path != ""
+    #with xprobe version 1
+    #res=`#{$config.xprobe_path} #{ip} 2>&1 | grep "FINAL"`
+    #with xprobe version 2
+    res=`#{$config.xprobe_path} -c /etc/xprobe2/xprobe2.conf -m 1 #{ip} 2>&1 | grep "Running OS"`
+	# seems xprobe2 get a segfault when he can't find the interface to contact the ip
+
+	if (res == "")
+            nmap_version = $config.nmap_vers.to_f()
+            if nmap_version >= 6.0 
+	       res=`#{$config.nmap_path} -O #{ip} --host_timeout 10 2>&1 | grep "Running: "`
+	    else
+	       res=`#{$config.nmap_path} -O #{ip} --host_timeout 10000 2>&1 | grep "Running: "`		
+	    end
+	end
+
+    if (res!="")
+    if (res.index("Linux")!=nil)
+  	  res="linux"
+      return res
+    end
+  	if (res.index("Win")!=nil)
+  	  res="windows"
+      return res
+	end
+    if (res.index("HPUX")!=nil)
+  	  res="hp"
+      return res
+    end
+    if (res.index("3Com")!=nil)
+      res="3com"
+      $host[ip].type="switch"
+      return res
+    end
+    if (res.index("Cisco")!=nil)
+      res="cisco"
+      $host[ip].type="router"
+      return res
+    end
+    if (res.index("BSD")!=nil)
+      res="freebsd"
+      return res
+    end    
+    end
+  end
+  return ""
+end
+
+#
+# Return the service name associate to the port give in argument
+# first is protocol, second is port
+def service_name(protocol,port)
+  sn = `cat /etc/services | awk '{print $2, $1;}' | grep "^#{port}/#{protocol}" | awk '{print $2;}'`
+  return sn.chomp
+end
+
+#
+# find netbios name
+#
+def ip2netbiosname(ip)
+  if $config.nmblookup_path == ""
+    return nil
+  end
+  res=`#{$config.nmblookup_path} -A "#{ip}" | grep ACTIVE | awk '{print $1;}'`
+  rest=res.split(/\n/)
+  return rest[0] 
+end
+
+#
+# convert bitmask address to netmask address
+#
+def bit2netmask(int)
+  if int==0
+    return "0.0.0.0"
+  end
+  return IPCalc.bits_to_netmask(int)
+end
+
+#
+# convert netmask address to bitmask address
+#
+def net2bitmask(netmask)
+  if netmask =="0.0.0.0"
+    return 0
+  end
+  return IPCalc.netmask_to_bits(netmask)
+end
+
+#
+#  return network address and compress mask class
+#
+def getnetwork_and_mask(ip)
+  if ip == "" || ip == nil
+    return nil
+  end
+  return IPCalc.get_network_and_mask(ip)
+end