#!/usr/bin/perl
# 
# This periodically runs a basic ping sweep using nmap to find devices on the given network. As devices are 
# found, they may be further processed (ie: to see if a MAC address matches a server to find the IP address
# of a hosted server). 
#
# Exit codes;
# 0 = Normal exit
# 1 = No databases available.
# 2 = The '--network X' value is not valid.
# 3 = Not yet time to rescan.
# 
# TODO: * Support '--dhcp' where, if set, we look up the DHCP range offered by the Striker dashboard(s) and
#         scan just the lease range. This should speed up discovery of new/replacement foundation pack 
#         equipment.

use strict;
use warnings;
use Anvil::Tools;
use Data::Dumper;

# Turn off buffering so that the pinwheel will display while waiting for the SSH call(s) to complete.
$| = 1;

my $THIS_FILE           =  ($0 =~ /^.*\/(.*)$/)[0];
my $running_directory   =  ($0 =~ /^(.*?)\/$THIS_FILE$/)[0];
if (($running_directory =~ /^\./) && ($ENV{PWD}))
{
	$running_directory =~ s/^\./$ENV{PWD}/;
}

my $anvil = Anvil::Tools->new();

# Make sure we're running as 'root'
# $< == real UID, $> == effective UID
if (($< != 0) && ($> != 0))
{
	# Not root
	$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, 'print' => 1, level => 0, key => "error_0005"});
	$anvil->nice_exit({exit_code => 5});
}

$anvil->Database->connect();
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 2, secure => 0, key => "log_0132"});
if (not $anvil->data->{sys}{database}{connections})
{
	# No databases, exit.
	$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "error_0003"});
	$anvil->nice_exit({exit_code => 1});
}

# Do we have a specified network to scan?
$anvil->Get->switches({list => [
	"network", 
	"job-uuid", 
	"force", 
], man => $THIS_FILE});
$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => $anvil->data->{switches}});
$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 2, key => "log_0115", variables => { program => $THIS_FILE }});

update_progress($anvil, 0, "clear");
update_progress($anvil, 1, "log_0239,!!job-uuid!".$anvil->data->{switches}{'job-uuid'}."!!");
$anvil->data->{progress} = 1;

check_if_time($anvil);
scan($anvil);

# We're done
print $anvil->Words->string({key => "message_0025"})."\n";
update_progress($anvil, 100, "message_0025");
$anvil->nice_exit({exit_code => 0});


#############################################################################################################
# Functions                                                                                                 #
#############################################################################################################

# If this is being called as a job, this will allow the progress to be updated.
sub update_progress
{
	my ($anvil, $progress, $message) = @_;
	$progress = 95 if $progress > 100;

	if (not $anvil->data->{switches}{'job-uuid'})
	{
		return(0);
	}
	
	$anvil->Job->update_progress({
		progress => $progress, 
		message  => $message,
		job_uuid => $anvil->data->{switches}{'job-uuid'},
	});
	
	return(0);
}

# This checks to see if it's time to run the scan yet or not. If not, it will exit the program. If so, it 
# returns with '0'.
sub check_if_time
{
	my ($anvil) = @_;
	
	# NOTE: We only scan once a day, unless 'force' is used.
	if ($anvil->data->{switches}{force})
	{
		return(0);
	}
	elsif ($anvil->data->{switches}{network})
	{
		# We're being asked to scan a specific network.
		return(0);
	}
	elsif (not $anvil->data->{switches}{'job-uuid'})
	{
		# No job_uuid, so a manual call.
		return(0);
	}
	else
	{
		my ($unixtime, $variable_uuid, $modified_date) = $anvil->Database->read_variable({variable_name => "network-scan::scanned"});
		$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { 
			unixtime      => $unixtime, 
			variable_uuid => $variable_uuid, 
			modified_date => $modified_date, 
		}});
		if (($unixtime eq "") or ($unixtime =~ /\D/))
		{
			$unixtime = 0;
			$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { unixtime => $unixtime }});
		}
		
		### TODO: Allow the user to set a "scan time" that will wait until the local time is after a
		###       certain time before scaning. Also, allow the user to disable auto-scan entirely.
		# If the database variable 'network-scan::scanned' is not set, or is more than 24 hours old, 
		# scan.
		$anvil->data->{'network-scan'}{'scan-period'} =  86400 if not defined $anvil->data->{'network-scan'}{'scan-period'};
		$anvil->data->{'network-scan'}{'scan-period'} =~ s/,//g;
		$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { 
			'network-scan::scan-period' => $anvil->data->{'network-scan'}{'scan-period'}, 
		}});
		if ($anvil->data->{'network-scan'}{'scan-period'} =~ /\D/)
		{
			$anvil->data->{'network-scan'}{'scan-period'} = 86400;
			$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { 
				'network-scan::scan-period' => $anvil->data->{'network-scan'}{'scan-period'}, 
			}});
		}
		my $time_now   = time;
		my $next_scan  = $unixtime + $anvil->data->{'network-scan'}{'scan-period'};
		my $difference = ($next_scan - $time_now);
		$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { 
			's1:time_now'   => $time_now, 
			's2:next_scan'  => $next_scan, 
			's3:difference' => $difference, 
		}});
		if ((not $variable_uuid) or ($unixtime !~ /^\d+/) or ($difference < 0))
		{
			# It's been long enough (or it's the first time), scan.
			return(0);
		}
		elsif ($difference > 0)
		{
			# Log when the next scan will happen and then exit.
			my $say_when = $anvil->Convert->time({'time' => $difference, long => 1});
			$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 2, 'print' => 1, key => "log_0450", variables => { next_scan => $anvil->Convert->add_commas({number => $say_when}) }});
			update_progress($anvil, 100, "log_0450,!!next_scan!".$anvil->Convert->add_commas({number => $say_when})."!!");
			$anvil->nice_exit({exit_code => 3});
		}
	}
	
	return(0);
}

# This scans any networks passed in.
sub scan
{
	my ($anvil) = @_;
	
	$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { "switches::network" => $anvil->data->{switches}{network} }});
	if ($anvil->data->{switches}{network})
	{
		# If this network is a specific subnet, scan it. If the network is 'bcn', 'sn', 'ifn' or 
		# 'bcnX', 'snX', 'snX', find the network on the appropriate interfaces and use it's network.
		if ($anvil->data->{switches}{network} =~ /^(\d+.*?)\/(\d+.*)$/)
		{
			my $ip          = $1;
			my $subnet_mask = $2;
			$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { "switches::network" => $anvil->data->{switches}{network} }});
			
			my $ip_valid          = $anvil->Validate->ipv4({ip => $ip});
			my $subnet_mask_valid = $anvil->Validate->ipv4({ip => $subnet_mask});
			$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { 
				ip_valid          => $ip_valid,
				subnet_mask_valid => $subnet_mask_valid, 
			}});
			if (not $subnet_mask_valid)
			{
				# Migt be cidr
				if (($subnet_mask =~ /^\d+$/) && ($subnet_mask >= 0) && ($subnet_mask <= 32))
				{
					# Valid CIDR address
					$subnet_mask_valid = 1;
					$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { subnet_mask_valid => $subnet_mask_valid }});
				}
			}
			
			if ((not $ip_valid) or (not $subnet_mask_valid))
			{
				# Bail out.
				update_progress($anvil, 100, "error_0097,!!range!".$anvil->data->{switches}{network}."!!");
				$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "error_0097", variables => { range => $anvil->data->{switches}{network} }});
				$anvil->nice_exit({exit_code => 2});
			}
			else
			{
				# Scan it!
				call_nmap($anvil, $anvil->data->{switches}{network});
			}
		}
		else
		{
			# If the address is [bc|s|if]n[X], scan it.
			$anvil->Network->get_ips();
			my $target  = "local";
			my $to_scan = [];
			foreach my $interface (sort {$a cmp $b} keys %{$anvil->data->{network}{$target}{interface}})
			{
				my $ip          = $anvil->data->{network}{$target}{interface}{$interface}{ip};
				my $subnet_mask = $anvil->data->{network}{$target}{interface}{$interface}{subnet_mask};
				$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { 
					ip          => $ip,
					subnet_mask => $subnet_mask,
				}});
				if (($ip) && ($subnet_mask))
				{
					# Is this one we're interested in?
					my $network_name = $anvil->data->{switches}{network};
					if ($interface =~ /^$network_name/)
					{
						# Yup!
						my $network = $anvil->Network->get_network({ip => $ip, subnet_mask => $subnet_mask});
						$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { network => $network }});
						
						if ($network)
						{
							# Scan it.
							my $address = $network."/".$subnet_mask;
							$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { address => $address }});
							push @{$to_scan}, $address;
						}
					}
				}
			}
			
			# Scan what we found
			foreach my $address (sort {$a cmp $b} @{$to_scan})
			{
				call_nmap($anvil, $address);
			}
		}
	}
	else
	{
		# Scan all the networks we have. 
		$anvil->Network->get_ips({debug => 2});
		my $target  = "local";
		my $to_scan = [];
		foreach my $target (sort {$a cmp $b} keys %{$anvil->data->{network}})
		{
			my $is_local = $anvil->Network->is_local({host => $target});
			$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { 
				target   => $target,
				is_local => $is_local, 
			}});
			next if not $is_local;
			foreach my $interface (sort {$a cmp $b} keys %{$anvil->data->{network}{$target}{interface}})
			{
				my $ip          = $anvil->data->{network}{$target}{interface}{$interface}{ip};
				my $subnet_mask = $anvil->data->{network}{$target}{interface}{$interface}{subnet_mask};
				$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { 
					ip          => $ip,
					subnet_mask => $subnet_mask,
				}});
				if (($ip) && ($subnet_mask))
				{
					my $network = $anvil->Network->get_network({ip => $ip, subnet_mask => $subnet_mask});
					$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { network => $network }});
					
					if ($network)
					{
						# Scan it.
						my $address = $network."/".$subnet_mask;
						$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { address => $address }});
						push @{$to_scan}, $address;
					}
				}
			}
			
			# Scan what we found
			foreach my $address (sort {$a cmp $b} @{$to_scan})
			{
				call_nmap($anvil, $address);
			}
		}
	}
	
	# Update the rescan time to now, if no specific network was given.
	if (not $anvil->data->{switches}{network})
	{
		$anvil->Database->insert_or_update_variables({
			debug                 => 3,
			variable_name         => "network-scan::scanned", 
			variable_value        => time, 
			variable_default      => "", 
			variable_description  => "striker_0140", 
			variable_section      => "system", 
			variable_source_uuid  => $anvil->Get->host_uuid, 
			variable_source_table => "hosts", 
		});
	}
	
	return(0);
}

# This calls nmap and parses
sub call_nmap
{
	my ($anvil, $address) = @_;
	
	# The subnet can't be dotted decimal, so convert it to CIDR notation, if needed.
	my ($ip, $subnet_mask) = ($address =~ /^(\d+.*?)\/(\d.*)$/);
	$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { 
		ip          => $ip, 
		subnet_mask => $subnet_mask,
	}});
	if ($anvil->Validate->ipv4({ip => $subnet_mask}))
	{
		# Convert to CIDR
		my $cidr = $anvil->Convert->cidr({subnet_mask => $subnet_mask});
		$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { cidr => $cidr }});
		
		if (($cidr >= 0) && ($cidr <= 32))
		{
			$address = $ip."/".$cidr;
			$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { address => $address }});
		}
	}
	
	$anvil->data->{progress} += 10;
	update_progress($anvil, $anvil->data->{progress}, "log_0445,!!range!".$address."!!");
	$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "log_0445", variables  => { range => $address }});
	
	# Make the call directly, instead of using 'System->call', so that we can show output as it's found.
	my $this_ip    = "";
	my $this_mac   = "";
	my $section    = "";
	my $shell_call = $anvil->data->{path}{exe}{nmap}." -sP -T4 -n --min-parallelism 100 --max-parallelism 256 ".$address;
	$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { shell_call => $shell_call }});
	open (my $file_handle, $shell_call." 2>&1  |") or $anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, secure => 0, priority => "err", key => "log_0014", variables => { shell_call => $shell_call, error => $! }});
	while(<$file_handle>)
	{
		chomp;
		my $line =  $_;
		   $line =~ s/\n$//;
		   $line =~ s/\r$//;
		$line = $anvil->Words->clean_spaces({'string' => $line});
		$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { line => $line }});
		
		$section .= $line."\n";
		
		if ($line =~ /^Nmap scan report for (\d+\.\d+\.\d+\.\d+)$/i)
		{
			$this_ip  = $1;
			$this_mac = "";
			$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { 
				's1:this_mac' => $this_mac, 
				's2:this_ip'  => $this_ip,
			}});
		}
		if ($line =~ /MAC Address: (.*?) \(/)
		{
			$this_mac = $1;
			$this_mac = lc($this_mac);
			$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { 
				's1:this_mac' => $this_mac, 
				's2:this_ip'  => $this_ip,
			}});
			
			# Sane?
			my $mac_valid = $anvil->Validate->hex({string => $this_mac, sloppy => 1});
			my $ip_valid  = $anvil->Validate->ipv4({ip => $this_ip});
			$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { 
				mac_valid => $mac_valid, 
				ip_valid  => $ip_valid,
			}});
			
			# Store
			if (($mac_valid) && ($ip_valid))
			{
				$anvil->data->{progress} += 1;
				$anvil->data->{progress} = 95 if $anvil->data->{progress} > 95;
				my $company = $anvil->Network->get_company_from_mac({debug => 2, mac => $this_mac });
				$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 2, list => { company => $company }});
				
				update_progress($anvil, $anvil->data->{progress}, "log_0446,!!ip!".$this_ip."!!,!!mac!".$this_mac."!!,!!company!".$company."!!");
				$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, 'print' => 1, priority => "err", key => "log_0446", variables => { 
					ip      => $this_ip,
					mac     => $this_mac,
					company => $company,
				}});
				my ($mac_to_ip_uuid) = $anvil->Database->insert_or_update_mac_to_ip({
					debug                 => 3,
					file                  => $THIS_FILE, 
					line                  => __LINE__, 
					mac_to_ip_mac_address => $this_mac, 
					mac_to_ip_ip_address  => $this_ip,
					update_note           => 0, 
				});
				$anvil->Log->variables({source => $THIS_FILE, line => __LINE__, level => 3, list => { mac_to_ip_uuid => $mac_to_ip_uuid }});
			}
			else
			{
				# Parse error
				$anvil->data->{progress} += 2;
				$section                 =~ s/\n//g;
				update_progress($anvil, $anvil->data->{progress}, "log_0444,!!ip!".$this_ip."!!,!!mac!".$this_mac."!!,!!section!".$section."!!");
				$anvil->Log->entry({source => $THIS_FILE, line => __LINE__, level => 0, priority => "alert", key => "log_0444", variables => { 
					ip      => $this_ip,
					mac     => $this_mac,
					section => $section,
				}});
			}
			
			$section = "";
		}
	}
	close $file_handle;
	
	return(0);
}
