#!/usr/bin/ruby
#
# NAME
# ----
# - xymon_m0n0CFG.rb
#
# DESCRIPTION
# -----------
# - A Xymon external client script to poll the index.php page
#   of m0n0wall firewalls and report back the m0n0wall's Version,
#   Platform, Uptime, Last Config Change, and Notes fields to a
#   Xymon Monitoring Server
#
# FEATURES
# --------
# - In addition to simply reporting back some basic information from 
#   a m0n0wall's index.php page, this script also has the following 
#   features:
#
#	 1. Signal a yellow alert for a m0n0wall that has been UP for less
#	    than 24 hours
#	 2. Signal a yellow alert for a m0n0wall that has its configuration
#	    changed.
#
# - The most current version of this script may be
#   found at http://www.revpol.com/xymon_m0n0CFG_script
#
# - Instructions to integrate the output of this script to be monitored
#   by a Xymon server may also be found at the above URL
#
# ADDITIONAL FILES
# ----------------
# - Along with xymon_m0n0CFG.rb there are three other files:
#
#   1. m0n0walls.cfg - This is the config file that lists each of the m0n0walls
#                      by their FQDN as listed in bb-hosts, along with their
#                      last known config change.
#
#   The next two files are required if you plan on using the "Click to Remedy"
#   link on the m0n0CFG status page when a change in a m0n0wall's configuration
#   is detected.
#
#   2. ext_xymon_m0n0CFG.sh - This file goes into the ~xymon/cgi-secure 
#                             directory. It is what the "Click to Remedy" link
#                             points to, and it just sources the
#                             ~xymon/server/etc/hobbitserver.cfg file and then
#                             calls the ~xymon/server/bin/ext_xymon_m0n0CFG.rb
#                             script
#   3. ext_xymon_m0n0CFG.rb - This file goes into the ~xymon/server/bin directory
#                             It is the script that updates the m0n0walls.cfg file
#                             by replacing the last_cfg timestamp for the m0n0wall
#                             in question
#
# - If you find this script useful, we'd love to know. Send us an email!
#
# Authors
# -------
# William A. Arlofski, Darrik Mazey
# Reverse Polarity, LLC
# 860-824-2433 Office
# http://www.revpol.com/
#
# HISTORY
# -------
# - 20090619 - Initial limited version using bash
# - 20100614 - Major overhauls, including complete re-write in ruby
# - 20100720 - More major changes including the addition of m0n0CFGlogin 
#              option with the user:pass:proto:port variables added to the
#              bb-hosts file, and removed from the m0n0walls.cfg file
#
###############################################################################
#
# Copyright (C) 2010 - William A. Arlofski - waa-at-revpol-dot-com
#                    - Darrik Mazey        - darrik-at-darmasoft-dot-com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License, version 2, as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
# or visit http://www.gnu.org/licenses/gpl.txt
#
###############################################################################

# Ruby Modules Required
# ---------------------
# For parsing the yaml config file
# and For URL escaping
# --------------------------------
require "yaml"
require "cgi"

# Set up some local binaries
# --------------------------
date = ENV['DATE']
wget = "/usr/bin/wget"

# Set up some Xymon variables
# ---------------------------
bb         = ENV['BB']
bbdisp     = ENV['BBDISP']
bbhome     = ENV['BBHOME']
column     = "m0n0CFG"
bbhosts    = "#{bbhome}/etc/bb-hosts"
bbhostgrep = "#{bbhome}/bin/bbhostgrep"
cfg_file   = "#{bbhome}/etc/m0n0walls.cfg"

# Print the "Click to Remedy" link that calls the 
# CGI scripts to automatically update the "last_cfg"
# variable in the m0n0wall.cfg file with the Last Config
# Change date/time reported by the m0n0wall
# ------------------------------------------------------
allow_cgi_fix = "1"

# Enable debugging output to log file?
# This will generate a LOT of information
# So you may wish to use it sparingly
# ---------------------------------------
debug = "1"

# End config variables
# --------------------

# Get the list of hosts that have 
# the "m0n0CFG" test set in bb-hosts
# The "*" gets us both the m0n0CFG and
# the m0n0CFGlogin:user:pass:proto:port
# information
# -------------------------------------
host_lines = %x{#{bbhostgrep} #{column}"*"}
hosts = host_lines.split(/\n/)

# Loop through list of m0n0walls
# ------------------------------
hosts.each do |thishost|

  # Get the current time
  # --------------------
  date_cmd = %Q{#{date}}
  rightnow = %x{#{date_cmd}}
  rightnow.chomp!

  # Set default color and msg
  # -------------------------
  msg    = ""
  color  = "green"

  # Get the host and its IP
  # from the bb-hosts file
  # -----------------------
  host_line_parts = thishost.split(' ')
  hostip = host_line_parts[0]
  hostkey = host_line_parts[1]

  # Read bb-hosts file and get the m0n0CFGlogin
  # settings for this host. The settings are in
  # the following format:
  # m0n0CFGlogin=user:pass:proto:port
  # -------------------------------------------
  loginkey = host_line_parts[4]
  login_key_parts = loginkey.split(':')
  user  = login_key_parts[1]
  pass  = login_key_parts[2]
  proto = login_key_parts[3]
  port  = login_key_parts[4]

  # Read the m0n0walls.cfg file and 
  # get the last_cfg for this host
  # -------------------------------
  config    = YAML.load_file cfg_file
  host_config = config[hostkey]
  host      = hostkey
  last_cfg  = host_config['last_config']

  # Get index.php page from m0n0wall host
  # --------------------------------------
  m0n0wall_system_cmd = %Q{#{wget} -q --no-check-certificate --timeout=5 --tries=2 --user=#{user} --password=#{pass} -O - #{proto}://#{hostip}:#{port}/}
  m0n0wall_system = %x{#{m0n0wall_system_cmd}}

  # And strip out the DOS carriage returns
  # *NOTE*
  # That is a CTRL-M, not a carat and Capital M
  # -------------------------------------------
  m0n0wall_system.gsub!(/
/, '')

  # Did the wget command timeout or fail to return any data?
  # --------------------------------------------------------
  if m0n0wall_system.nil? || m0n0wall_system == ""
    color      = "yellow"
    version    = "*unknown*"
    platform   = "*unknown*"
    cur_uptime = "*unknown*"
    cur_cfg    = "*unknown*"
    notes      = "*unknown*"
    msg        = "&#{color} Timeout or no data returned from #{host} \(#{hostip}\)"
  else

  # -------------------------------------
  # We seem to have gotten good data from
  # the m0n0wall so assign the variables
  # -------------------------------------

  # Get Notes from <textarea> field
  # before stripping the linefeeds
  # -------------------------------
  m0n0wall_system_new_lines = m0n0wall_system.gsub(/\n/, '{NEWLINE}')
  if m0n0wall_system_new_lines =~ /<textarea.*>(.*)<\/textarea/
    notes = $1.gsub(/\{NEWLINE\}/, "\n")
  end

  # Now strip out the linefeeds to allow
  # for easy regexing of other values
  # ------------------------------------
  m0n0wall_system.gsub!(/\n/, '')

  # Get Version
  # -----------
  if m0n0wall_system =~ /Version<\/td>.*?(\d\.\d+).*?built/
    version = $1
  end

  # Get Platform
  # ------------
  if m0n0wall_system =~ /Platform<\/td>(.*?)<\/td>/
    platform = $1
    platform.gsub!(/<.*?>/, '')
    platform.squeeze!
    platform.strip!
  end

  # Get Uptime
  # ----------
  if m0n0wall_system =~ /Uptime<\/td>.*?((\d+ days?, )?\d+:\d+).*?<\/td>/
    cur_uptime = $1
  end

  # Get Last Config Change
  # ----------------------
  if m0n0wall_system =~ /Last config change<\/td>.*?([A-Za-z]{3} [A-Za-z]{3} \d+ \d+:\d+:\d+ [A-Z]{3} \d+).*?<\/td>/
    cur_cfg = $1
  end

  # Has it been up for more than 24 hours?
  # --------------------------------------
  if  ! cur_uptime.match("day")
    color = "yellow"
    cur_uptime = "&#{color} #{cur_uptime}"
    msg   = "<br />&#{color} This m0n0wall has recently been rebooted!"
  end

  # Has its configuration been changed since the
  # last modification time in our config file?
  # NOTE: this "if" test is improperly formatted so
  # the output on the web page looks correct, and so
  # there is no HTML or superfluous spaces in the web
  # page, notification emails, or SMS text messages
  #
  # Also, append a URL link to remedy the situation
  # by replacing the last_cfg in teh config file with
  # the cur_cfg value reported by the m0n0wall
  # -------------------------------------------------
  if cur_cfg != last_cfg
    color = "yellow"
    msg   = "#{msg}
Last configuration change reported by #{host} was on: #{cur_cfg}
Last configuration change listed in m0n0walls.cfg is: #{last_cfg}"

    if allow_cgi_fix == "1"
      msg = "#{msg}
<a href=\"/xymon-seccgi/ext-m0n0CFG.sh?host=#{hostkey}\\&t=#{CGI::escape(cur_cfg)}\">Click to Remedy</a>"
    end
  end

end

# If debug enabled, print output to stdout. stdout is redirected
# to the LOGFILE as defined in $BBHOME/server/etc/hobbitlaunch.cfg)
# -----------------------------------------------------------------
if debug == "1"
  puts "----"
  print "date:     #{rightnow}\n"
  puts "host:     #{host}"
  puts "hostip:   #{hostip}"
  puts "Version:  #{version}"
  puts "Platform: #{platform}"
  puts "Uptime:   #{cur_uptime}"
  puts "cur_cfg:  #{cur_cfg}"
  puts "last_cfg: #{last_cfg}"
  puts "color:    #{color}"
  puts "notes:"
  puts "#{notes}"
end

# Assign the final msg variable before reporting to Xymon
# This is also improperly formatted so the HTML and alerts
# are not cluttered
# --------------------------------------------------------
msg = "m0n0wall host: #{host}
IP Address: #{hostip}
Version: #{version}
Platform: #{platform}
UP Time: #{cur_uptime}
Last Modified: #{cur_cfg}

Notes:
------
#{notes}

#{msg}"

  # Send the status and the message to Xymon
  # ----------------------------------------
  %x{#{bb} #{bbdisp} "status+360 #{hostkey}.#{column} #{color} #{rightnow}
#{msg}"}
end

exit 0