Correct 1.1 release with missing new files.

Author: mjschultz

.gitmodules

@@ -0,0 +1,4 @@
+[submodule "src/uPNA"]
+	path = src/uPNA
+    url = https://github.com/pcrowley/PNA.git
+    branch = uPNA

images/docker/Dockerfile

@@ -10,7 +10,7 @@ RUN dpkg -i ona-service_UbuntuPrecise_amd64.deb
 
 # Switch to the unprivileged user, set some local configuration, and start.
 
-COPY images/docker/run.sh /opt/obsrvbl-ona/run.sh
+COPY run.sh /opt/obsrvbl-ona/run.sh
 RUN chmod +x /opt/obsrvbl-ona/run.sh
 
 USER obsrvbl_ona

images/docker/run.sh

@@ -0,0 +1,32 @@
+#!/bin/bash
+# This file will provide default values for the environment, unless explicitly
+# overrode by the runtime environment. It also copies in all OBSRVBL_*
+# environment variables.
+local_config=/opt/obsrvbl-ona/config.local
+
+if [ -z $OBSRVBL_SERVICE_KEY ] ; then
+    echo "Missing required OBSRVBL_SERVICE_KEY in environment"
+    exit 1
+fi
+
+echo "" > $local_config
+echo "OBSRVBL_MANAGE_MODE='${OBSRVBL_MANAGE_MODE:-manual}'" >> $local_config
+echo "OBSRVBL_NETWORKS='${OBSRVBL_NETWORKS:-10.0.0.0/8 172.16.0.0/12 192.168.0.0/16}'" >> $local_config
+echo "OBSRVBL_LOG_WATCHER='${OBSRVBL_LOG_WATCHER:-false}'" >> $local_config
+echo "OBSRVBL_SYSLOG_ENABLED='${OBSRVBL_SYSLOG_ENABLED:-true}'" >> $local_config
+echo "OBSRVBL_SYSLOG_FACILITY='${OBSRVBL_SYSLOG_FACILITY:-user}'" >> $local_config
+echo "OBSRVBL_SYSLOG_SERVER='${OBSRVBL_SYSLOG_SERVER:-127.0.0.1}'" >> $local_config
+echo "OBSRVBL_SYSLOG_SERVER_PORT='${OBSRVBL_SYSLOG_SERVER_PORT:-514}'" >> $local_config
+
+for var in ${!OBSRVBL_*} ; do
+    # Check if we've already written var to the config
+    ret=$(grep $var $local_config)
+    if [ ! -z $ret ] ; then
+        continue
+    fi
+
+    # write the var to the config
+    echo "$var='${!var}'" >> $local_config
+done
+
+exec /opt/obsrvbl-ona/system/supervisord/ona-supervisord.sh

packaging/root/opt/obsrvbl-ona/system/bsd-init/obsrvbl-ona

@@ -0,0 +1,16 @@
+#!/bin/sh
+
+. /etc/rc.subr
+
+name=obsrvbl-ona
+rcvar=obsrvbl_ona_enable
+command="/opt/obsrvbl-ona/system/supervisord/ona-supervisord.sh"
+daemon_pid="/tmp/obsrvbl-ona.pid"
+start_cmd="/usr/sbin/daemon -f -P ${daemon_pid} -u obsrvbl_ona -r ${command}"
+stop_cmd="kill `cat ${daemon_pid}` || true"
+status_cmd="test -e ${daemon_pid} && echo '${name} is running' || echo '${name} is not running'"
+
+load_rc_config $name
+: ${obsrvbl_ona_enable="YES"}
+
+run_rc_command "$1"

src/scripts/ona_service/iec61850_capturer.py

@@ -0,0 +1,52 @@
+#  Copyright 2015 Observable Networks
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from __future__ import division, print_function, unicode_literals
+
+# python builtins
+from os import getenv
+from os.path import join
+from tempfile import gettempdir
+
+# local
+from tcpdump_capturer import TcpdumpCapturer
+
+
+DATA_TYPE = 'iec61850'
+PROTO = ['0x88b8', '0x88b9', '0x88ba']
+BPF_FILTER = " or ".join(["ether proto {}".format(p) for p in PROTO])
+
+
+class Iec61850Capturer(TcpdumpCapturer):
+    def __init__(self, *args, **kwargs):
+        init_kwargs = {
+            'bpf_filter': BPF_FILTER,
+            'data_type': DATA_TYPE,
+            'capture_iface': getenv('OBSRVBL_IEC61850_CAPTURE_IFACE', 'any'),
+            'capture_seconds': int(
+                getenv('OBSRVBL_IEC61850_CAPTURE_SECONDS', '600')
+            ),
+            'pcap_dir': join(
+                gettempdir(), getenv('OBSRVBL_IEC61850_PCAP_DIR',
+                                     'obsrvbl_iec61850')
+            ),
+            'poll_seconds': 600,
+            'pps_limit': int(getenv('OBSRVBL_IEC61850_PPS_LIMIT', '100')),
+        }
+        kwargs.update(init_kwargs)
+        super(Iec61850Capturer, self).__init__(*args, **kwargs)
+
+
+if __name__ == '__main__':
+    capturer = Iec61850Capturer()
+    capturer.run()

src/scripts/ona_service/nmapper.py

@@ -0,0 +1,113 @@
+#  Copyright 2015 Observable Networks
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# python builtins
+import json
+import logging
+from tempfile import NamedTemporaryFile
+from vendor.libnmap.process import NmapProcess
+from vendor.libnmap.parser import NmapParser, NmapParserException
+
+# local
+from service import Service
+from utils import utc
+
+OBSERVATION_TYPE = 'scan_observation_v1'
+SCAN_TARGETS = 'scan-config'
+SCAN_INTERVAL_SECONDS = 60 * 60  # Hourly.
+DEFAULT_NMAP_ARGS = ['nmap', '-oG', '-']
+MAX_SIMULTANEOUS_TARGETS = 10
+
+
+def _run_scan(ips, now):
+    nmap = NmapProcess(ips)
+    rc = nmap.run()
+    if rc != 0:
+        logging.error("nmap failed with error {}".format(rc))
+        return
+
+    try:
+        report = NmapParser.parse(nmap.stdout)
+    except NmapParserException as e:
+        logging.error("nmap parsing error? " + str(e))
+        return
+
+    for host in report.hosts:
+        ports = ['{}/{}'.format(s.port, s.state)
+                 for s in host.services]
+        yield {
+            'observation_type': OBSERVATION_TYPE,
+            'time': now.isoformat(),
+            'source': host.address,
+            'ports': ', '.join(ports),
+            'info_type': 'services',
+            'result': '',
+        }
+
+
+class NmapperService(Service):
+    def __init__(self, *args, **kwargs):
+        kwargs.update({
+            'poll_seconds': SCAN_INTERVAL_SECONDS,
+        })
+        super(NmapperService, self).__init__(*args, **kwargs)
+
+    def _get_target_ips(self):
+        json_resp = self.api.get_data(SCAN_TARGETS).json()
+        objects = json_resp.get('objects', [])
+        if not objects:
+            return []
+
+        is_enabled = objects[0].get('is_enabled', True)
+        if not is_enabled:
+            return []
+
+        target_ips = objects[0].get('scan_targets', [])
+        return target_ips
+
+    def _upload_results(self, filename, now):
+        path = self.api.send_file('logs', filename, now, suffix='nmap')
+        data = {
+            'path': path,
+            'log_type': 'observations',
+        }
+        self.api.send_signal('logs', data)
+
+    def execute(self, now=None):
+        logging.info('getting target ips')
+        target_ips = self._get_target_ips()
+        logging.info('got {} target ips'.format(len(target_ips)))
+
+        # timezoneify now
+        if now:
+            now = now.replace(tzinfo=utc)
+
+        while target_ips:
+            ips = target_ips[0:MAX_SIMULTANEOUS_TARGETS]
+            target_ips = target_ips[MAX_SIMULTANEOUS_TARGETS:]
+
+            results = _run_scan(ips, now)
+            with NamedTemporaryFile() as f:
+                if not results:
+                    continue
+                for r in results:
+                    f.write(json.dumps(r) + '\n')
+
+                f.seek(0)
+                self._upload_results(f.name, now)
+
+
+if __name__ == '__main__':
+    scanner = NmapperService()
+    scanner.run()

src/scripts/ona_service/vendor/LICENSE.libnmap

@@ -0,0 +1,19 @@
+This code is licensed under Creative Common "Attribution" license (CC-BY: http://creativecommons.org/licenses/by/3.0/).
+
+You are free to:
+    - Share: to copy, distribute and transmit the work
+    - Remix: to adapt the work
+    - and make commercial use of the work
+
+Under the following conditions:
+    - Attribution: You must attribute the work in the manner specified by the author or licensor (but not in any way that suggests that they endorse you or your use of the work).
+
+With the understanding that:
+    Waiver: Any of the above conditions can be waived if you get permission from the copyright holder.
+    Public Domain: Where the work or any of its elements is in the public domain under applicable law, that status is in no way affected by the license.
+    Other Rights: In no way are any of the following rights affected by the license:
+        Your fair dealing or fair use rights, or other applicable copyright exceptions and limitations;
+        The author's moral rights;
+        Rights other persons may have either in the work itself or in how the work is used, such as publicity or privacy rights.
+
+The full text is available here: http://creativecommons.org/licenses/by/3.0/legalcode

src/scripts/ona_service/vendor/libnmap/__init__.py

@@ -0,0 +1,8 @@
+# -*- coding: utf-8 -*-
+
+__author__ = 'Ronald Bister, Mike Boutillier'
+__credits__ = ['Ronald Bister', 'Mike Boutillier']
+__maintainer__ = 'Ronald Bister'
+__email__ = '[email protected]'
+__license__ = 'CC-BY'
+__version__ = '0.6.1'

src/scripts/ona_service/vendor/libnmap/diff.py

@@ -0,0 +1,84 @@
+# -*- coding: utf-8 -*-
+
+
+class DictDiffer(object):
+    """
+        Calculate the difference between two dictionaries as:
+        (1) items added
+        (2) items removed
+        (3) keys same in both but changed values
+        (4) keys same in both and unchanged values
+    """
+    def __init__(self, current_dict, past_dict):
+        self.current_dict = current_dict
+        self.past_dict = past_dict
+        self.set_current = set(current_dict.keys())
+        self.set_past = set(past_dict.keys())
+        self.intersect = self.set_current.intersection(self.set_past)
+
+    def added(self):
+        return self.set_current - self.intersect
+
+    def removed(self):
+        return self.set_past - self.intersect
+
+    def changed(self):
+        return (set(o for o in self.intersect
+                if self.past_dict[o] != self.current_dict[o]))
+
+    def unchanged(self):
+        return (set(o for o in self.intersect
+                if self.past_dict[o] == self.current_dict[o]))
+
+
+class NmapDiff(DictDiffer):
+    """
+        NmapDiff compares two objects of same type to enable the user to check:
+
+        - what has changed
+        - what has been added
+        - what has been removed
+        - what was kept unchanged
+
+        NmapDiff inherit from DictDiffer which makes the actual comparaison.
+        The different methods from DictDiffer used by NmapDiff are the
+        following:
+
+        - NmapDiff.changed()
+        - NmapDiff.added()
+        - NmapDiff.removed()
+        - NmapDiff.unchanged()
+
+        Each of the returns a python set() of key which have changed in the
+        compared objects. To check the different keys that could be returned,
+        refer to the get_dict() method of the objects you which to
+        compare (i.e: libnmap.objects.NmapHost, NmapService,...).
+    """
+    def __init__(self, nmap_obj1, nmap_obj2):
+        """
+            Constructor of NmapDiff:
+
+            - Checks if the two objects are of the same class
+            - Checks if the objects are "comparable" via a call to id() (dirty)
+            - Inherits from DictDiffer and
+        """
+        if(nmap_obj1.__class__ != nmap_obj2.__class__ or
+           nmap_obj1.id != nmap_obj2.id):
+            raise NmapDiffException("Comparing objects with non-matching id")
+
+        self.object1 = nmap_obj1.get_dict()
+        self.object2 = nmap_obj2.get_dict()
+
+        DictDiffer.__init__(self, self.object1, self.object2)
+
+    def __repr__(self):
+        return ("added: [{0}] -- changed: [{1}] -- "
+                "unchanged: [{2}] -- removed [{3}]".format(self.added(),
+                                                           self.changed(),
+                                                           self.unchanged(),
+                                                           self.removed()))
+
+
+class NmapDiffException(Exception):
+    def __init__(self, msg):
+        self.msg = msg

src/scripts/ona_service/vendor/libnmap/objects/__init__.py

@@ -0,0 +1,7 @@
+# -*- coding: utf-8 -*-
+
+from .report import NmapReport
+from .host import NmapHost
+from .service import NmapService
+
+__all__ = ['NmapReport', 'NmapHost', 'NmapService']