add intf uuid to sensor message

Author: wzjjack

extension/dhcpdump/dhcpdump.js

@@ -164,7 +164,8 @@ module.exports = class {
 
         this.parseEvents(message).map(e => {
           if (e) {
-            e.intf_mac = intf.mac_address
+            e.intf_mac = intf.mac_address;
+            e.intf_uuid = intf.uuid;
           }
           callback(e)
         })

sensor/DHCPSensor.js

@@ -51,6 +51,7 @@ class DHCPSensor extends Sensor {
             type: "NewDeviceWithMacOnly",
             mac: obj.mac,
             intf_mac: obj.intf_mac,
+            intf_uuid: obj.intf_uuid,
             name: obj.name,
             mtype: obj.mtype,
             from: 'dhcp',
@@ -67,7 +68,7 @@ class DHCPSensor extends Sensor {
     this.dhcpDump.install((obj) => {
       log.info("DHCPDUMP is installed");
       this.scheduleReload();
-      
+
       sclient.on("message", (channel, message) => {
         if (channel === Message.MSG_SYS_NETWORK_INFO_RELOADED) {
           log.info("Schedule reload DHCPSensor since network info is reloaded");

sensor/ICMP6Sensor.js

@@ -41,7 +41,7 @@ class ICMP6Sensor extends Sensor {
       const pid = this.intfPidMap[intf];
       const childPid = await execAsync(`ps -ef| awk '$3 == '${pid}' { print $2 }'`).then(result => result.stdout.trim()).catch(() => null);
       if (childPid)
-        await execAsync(`sudo kill -9 ${childPid}`).catch((err) => {});
+        await execAsync(`sudo kill -9 ${childPid}`).catch((err) => { });
     }
     this.intfPidMap = {};
     const interfaces = sysManager.getMonitoringInterfaces();
@@ -59,7 +59,7 @@ class ICMP6Sensor extends Sensor {
         input: tcpdumpSpawn.stdout
       });
       reader.on('line', (line) => {
-        this.processNeighborAdvertisement(line, intf.mac_address);
+        this.processNeighborAdvertisement(line, intf);
       });
       tcpdumpSpawn.on('close', (code) => {
         log.info("TCPDump icmp6 exited with code: ", code);
@@ -88,7 +88,7 @@ class ICMP6Sensor extends Sensor {
     sclient.subscribe(Message.MSG_SYS_NETWORK_INFO_RELOADED);
   }
 
-  processNeighborAdvertisement(line, intf_mac) {
+  processNeighborAdvertisement(line, intf) {
     // Each line of neighbor advertisement is like:
     // 03:06:30.894621 00:0c:29:96:3c:30 > 02:01:f4:16:26:dc, ethertype IPv6 (0x86dd), length 78: 2601:646:8800:eb7:dc04:b1fa:d0c2:6cbb > fe80::1:f4ff:fe16:26dc: ICMP6, neighbor advertisement, tgt is 2601:646:8800:eb7:dc04:b1fa:d0c2:6cbb, length 24
     try {
@@ -109,7 +109,8 @@ class ICMP6Sensor extends Sensor {
           host: {
             ipv6Addr: [tgtIp],
             mac: dstMac.toUpperCase(),
-            intf_mac: intf_mac
+            intf_mac: intf.mac_address,
+            intf_uuid: intf.uuid
           }
         });
       }

sensor/IPv6DiscoverySensor.js

@@ -50,15 +50,9 @@ class IPv6DiscoverySensor extends Sensor {
   }
 
   async checkAndRunOnce() {
-    log.info("Starting IPv6DiscoverySensor Scanning", new Date() / 1000);
     if (this.isSensorEnabled()) {
-      const results = sysManager.getMonitoringInterfaces();
-      if (results) {
-        for (let i in results) {
-          let intf = results[i];
-          await this.neighborDiscoveryV6(intf.name, intf);
-        }
-      }
+      log.info("Starting IPv6DiscoverySensor Scanning", new Date() / 1000);
+      await this.neighborDiscoveryV6();
     }
   }
 
@@ -76,59 +70,64 @@ class IPv6DiscoverySensor extends Sensor {
   }
 
 
-  addV6Host(v6addrs, mac, intf_mac) {
+  addV6Host(v6addrs, mac, intf) {
     sem.emitEvent({
       type: "DeviceUpdate",
       message: `A new ipv6 is found @ IPv6DisocverySensor ${v6addrs} ${mac}`,
       suppressAlarm: true,
       host: {
         ipv6Addr: v6addrs,
         mac: mac.toUpperCase(),
-        intf_mac: intf_mac,
+        intf_mac: intf.mac_address,
+        intf_uuid: intf.uuid,
         from: "ip6neighbor"
       }
     });
   }
 
-  async neighborDiscoveryV6(intf, obj) {
-    if (obj.ip6_addresses == null || obj.ip6_addresses.length <= 1) {
-      log.info("Discovery:v6Neighbor:NoV6", intf, JSON.stringify(obj));
-      return;
+  async neighborDiscoveryV6() {
+    const interfaces = sysManager.getMonitoringInterfaces();
+    for (const intf of interfaces) {
+      if (intf.ip6_addresses == null || intf.ip6_addresses.length <= 1) {
+        log.info("Discovery:v6Neighbor:NoV6", intf.name, JSON.stringify(intf));
+        continue;
+      }
+      await this.ping6ForDiscovery(intf.name, intf);
     }
-    await this.ping6ForDiscovery(intf, obj)
     let cmdline = 'ip -6 neighbor show';
     log.info("Running commandline: ", cmdline);
-
     const { stdout } = await execAsync(cmdline)
     let lines = stdout.split("\n");
-    let macHostMap = {};
-    for (const o of lines) {
-      log.debug("Discover:v6Neighbor:Scan:Line", o, "of interface", intf);
-      let parts = o.split(" ");
-      if (parts[2] == intf) {
-        let v6addr = parts[0];
-        let mac = parts[4].toUpperCase();
-        if (mac == "FAILED" || mac.length < 16) {
-          continue
-        } else {
-          /*
-            hostTool.linkMacWithIPv6(v6addr, mac,(err)=>{
-            cb();
-            });
-          */
-          let _host = macHostMap[mac];
-          if (_host) {
-            _host.push(v6addr);
+    for (const intf of interfaces) {
+      let macHostMap = {};
+      for (const o of lines) {
+        log.debug("Discover:v6Neighbor:Scan:Line", o, "of interface", intf.name);
+        let parts = o.split(" ");
+        if (parts[2] == intf.name) {
+          let v6addr = parts[0];
+          let mac = parts[4].toUpperCase();
+          if (mac == "FAILED" || mac.length < 16) {
+            continue
           } else {
-            _host = [v6addr];
-            macHostMap[mac] = _host;
+            /*
+              hostTool.linkMacWithIPv6(v6addr, mac,(err)=>{
+              cb();
+              });
+            */
+            let _host = macHostMap[mac];
+            if (_host) {
+              _host.push(v6addr);
+            } else {
+              _host = [v6addr];
+              macHostMap[mac] = _host;
+            }
+            continue
           }
-          continue
         }
       }
-    }
-    for (let mac in macHostMap) {
-      this.addV6Host(macHostMap[mac], mac, obj.mac_address)
+      for (let mac in macHostMap) {
+        this.addV6Host(macHostMap[mac], mac, intf);
+      }
     }
 
     // FIXME

sensor/NmapSensor.js

@@ -169,7 +169,7 @@ class NmapSensor extends Sensor {
 
   getNetworkRanges() {
     return this.interfaces && this.interfaces.filter(i => i.name && !i.name.includes("vpn")).map((x) => { // do not scan vpn interface
-      return { range: networkTool.capSubnet(x.subnet), intf_mac: x.mac_address }
+      return { range: networkTool.capSubnet(x.subnet), intf_mac: x.mac_address, intf_uuid: x.uuid }
     })
   }
 
@@ -211,7 +211,7 @@ class NmapSensor extends Sensor {
     if (!networkRanges)
       return Promise.reject(new Error("network range is required"));
 
-    return Promise.all(networkRanges.map(({ range, intf_mac }) => {
+    return Promise.all(networkRanges.map(({ range, intf_mac, intf_uuid }) => {
 
       log.info("Scanning network", range, "to detect new devices...");
 
@@ -236,7 +236,7 @@ class NmapSensor extends Sensor {
           }
           hosts.forEach((h) => {
             log.debug("Found device:", h.ipv4Addr);
-            this._processHost(h, intf_mac);
+            this._processHost(h, intf_mac, intf_uuid);
           })
 
         }).catch((err) => {
@@ -260,7 +260,7 @@ class NmapSensor extends Sensor {
     });
   }
 
-  _processHost(host, intf_mac) {
+  _processHost(host, intf_mac, intf_uuid) {
     if (!host.mac) {
       for (const intf of this.interfaces) {
         const intfName = intf.name;
@@ -287,6 +287,7 @@ class NmapSensor extends Sensor {
         mac: host.mac,
         macVendor: host.macVendor,
         intf_mac: intf_mac,
+        intf_uuid: intf_uuid,
         from: "nmap"
       };