From 5faade874bcdfc8da39d8899ecfbf54552b8ca1e Mon Sep 17 00:00:00 2001 From: TheWitness Date: Wed, 7 Aug 2024 08:14:43 -0400 Subject: [PATCH] Fixing #5796 - New Ping Method Due to Conflicting Interpretations of TCP Ping, Introduce new Ping Method --- CHANGELOG | 1 + include/global_arrays.php | 7 ++++--- include/global_constants.php | 1 + lib/ping.php | 22 +++++++++++++++++----- 4 files changed, 23 insertions(+), 8 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 9cc0bf84aa..8eabf68698 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -120,6 +120,7 @@ Cacti CHANGELOG -issue#5790: Cactid - Cron out of sync with poller Message -issue#5791: Unable to filter users by user group, or the last time they logged into Cacti -feature#5784: Provide a means by which a user can track Cacti connections and disconnects from the php error_log +-feature#5796: Due to Conflicting Interpretations of TCP Ping, Introduce new Ping Method 1.2.27 -security#GHSA-37x7-mfjv-mm7m: Authentication Bypass when using using older password hashes diff --git a/include/global_arrays.php b/include/global_arrays.php index 218ae47f2c..488d9c1b6f 100644 --- a/include/global_arrays.php +++ b/include/global_arrays.php @@ -687,9 +687,10 @@ ); $ping_methods = array( - PING_ICMP => __('ICMP Ping'), - PING_TCP => __('TCP Ping'), - PING_UDP => __('UDP Ping') + PING_ICMP => __('ICMP Ping'), + PING_TCP => __('TCP Ping'), + PING_TCP_CLOSED => __('TCP Ping Closed'), + PING_UDP => __('UDP Ping') ); $logfile_verbosity = array( diff --git a/include/global_constants.php b/include/global_constants.php index 10fd24d68a..39669bb4c1 100644 --- a/include/global_constants.php +++ b/include/global_constants.php @@ -156,6 +156,7 @@ define('PING_ICMP', 1); define('PING_UDP', 2); define('PING_TCP', 3); +define('PING_TCP_CLOSED', 5); define('PING_SNMP', 4); define('HOST_UNKNOWN', 0); diff --git a/lib/ping.php b/lib/ping.php index 5227d556a4..dbbf0f237d 100644 --- a/lib/ping.php +++ b/lib/ping.php @@ -549,15 +549,26 @@ function ping_tcp() { $errno = socket_last_error($this->socket); if ($errno > 0) { - $this->ping_response = __('TCP ping: socket_connect(), reason: %s', socket_strerror($errno)); - $this->ping_status = 'down'; + if ($errno == 111 && $this->ping_type == PING_TCP_CLOSED) { + $this->time = $this->get_time($this->precision); + $this->ping_status = 'up'; + $this->ping_response = __('TCP Ping Success Connection Refused (%s ms)', $this->time*1000); + $this->ping_status = $this->time*1000; + } else { + $this->ping_response = __('TCP Ping Failed: socket_connect(), reason: %s', socket_strerror($errno)); + $this->ping_status = 'down'; + } socket_clear_error($this->socket); $this->close_socket(); $this->restore_cacti_error_handler(); - return false; + if ($this->ping_status == 'down') { + return false; + } else { + return true; + } } $r = array($this->socket); @@ -567,7 +578,7 @@ function ping_tcp() { $num_changed_sockets = socket_select($r, $w, $f, $to_sec, $to_usec); if ($num_changed_sockets === false) { - $this->ping_response = __('TCP ping: socket_select() failed, reason: %s', socket_strerror(socket_last_error())); + $this->ping_response = __('TCP Ping Failed: socket_select() failed, reason: %s', socket_strerror(socket_last_error())); $this->ping_status = 'down'; $this->close_socket(); @@ -620,6 +631,7 @@ function ping($avail_method = AVAIL_SNMP_AND_PING, $ping_type = PING_ICMP, $time $this->ping_status = 'down'; $this->ping_response = __('Ping not performed due to setting.'); + $this->ping_type = $ping_type; $this->snmp_status = 'down'; $this->snmp_response = 'SNMP not performed due to setting or ping result.'; $this->avail_method = $avail_method; @@ -664,7 +676,7 @@ function ping($avail_method = AVAIL_SNMP_AND_PING, $ping_type = PING_ICMP, $time $ping_result = $this->ping_icmp(); } elseif ($ping_type == PING_UDP) { $ping_result = $this->ping_udp(); - } elseif ($ping_type == PING_TCP) { + } elseif ($ping_type == PING_TCP || $ping_type == PING_TCP_CLOSED) { $ping_result = $this->ping_tcp(); } }