From d8955d355fc8c28452f4926862dcf523667def2b Mon Sep 17 00:00:00 2001
From: Luca Ferretti <lucaferretti@tutanota.com>
Date: Fri, 21 Jun 2024 16:22:08 +0200
Subject: [PATCH] initial integration of the netbox api (#8465)

* added feature sorting flows by protocol

* changed protocols comparison order

* initial commit for bitmap of server ports

* bitmap added to redis

* added debug string, bitmap not working

* Update alerts_list_per_license.rst

* Update alerts_list_per_license.rst

* initial mitre att&ck standardization

* Update ServerPortsBitmap.h

* updated mitre standardization

* ICMP ping fixes

* added http post method that use an auth token

* initial integration of the netbox api
---
 include/Mac.h                        |  6 ++++-
 include/ntop_defines.h               |  2 ++
 scripts/callbacks/system/startup.lua |  8 +++++++
 src/Mac.cpp                          | 34 ++++++++++++++++++++++++++++
 4 files changed, 49 insertions(+), 1 deletion(-)

diff --git a/include/Mac.h b/include/Mac.h
index 628c6e10f0bd..61d1c3ccbcf6 100644
--- a/include/Mac.h
+++ b/include/Mac.h
@@ -49,8 +49,12 @@ class Mac : public GenericHashEntry {
 #ifdef NTOPNG_PRO
   time_t captive_portal_notified;
 #endif
+
   /* END Mac data: */
 
+#ifdef NTOPNG_PRO
+  void dumpAssetsInformations();
+#endif
   void checkDeviceTypeFromManufacturer();
   void readDHCPCache();
   void freeMacData();
@@ -58,7 +62,7 @@ class Mac : public GenericHashEntry {
   bool statsResetRequested();
   void checkStatsReset();
   void dumpToRedis();
-  
+
  public:
   Mac(NetworkInterface *_iface, u_int8_t _mac[6]);
   ~Mac();
diff --git a/include/ntop_defines.h b/include/ntop_defines.h
index 1d9977219ff1..d4e38e4be02c 100644
--- a/include/ntop_defines.h
+++ b/include/ntop_defines.h
@@ -227,6 +227,8 @@
 #define DHCP_CACHE "ntopng.dhcp.%d.cache.%s"
 #define DHCP_STORM_QUEUE_NAME "ntopng.dhcp.storm.%d"
 #define ASSET_SERVICE_KEY "ntopng.asset.%d.%s" /* ifId.host */
+#define ASSET_LIST_INSERTION_KEY "ntopng.asset.insertion.%d" /* take in sync with lua code */
+#define ASSET_HASH_CACHE_KEY "ntopng.asset.hash.cache.%d" /* take in sync with lua code */
 #define DHCP_STORM_PPS_THSHOLD 2048
 #define NTOPNG_TRACE "ntopng.trace"
 #define ALERT_TRACE_ERRORS "ntopng.trace_error.alert_queue"
diff --git a/scripts/callbacks/system/startup.lua b/scripts/callbacks/system/startup.lua
index 9a074ebfe577..bad496ba98c9 100644
--- a/scripts/callbacks/system/startup.lua
+++ b/scripts/callbacks/system/startup.lua
@@ -12,6 +12,7 @@ package.path = dirs.installdir .. "/scripts/lua/modules/pools/?.lua;" .. package
 package.path = dirs.installdir .. "/scripts/lua/modules/vulnerability_scan/?.lua;" .. package.path
 
 -- Important: load this before any other alert related module
+require "prefs_utils"
 local checks = require "checks"
 checks.loadChecks()
 
@@ -31,6 +32,9 @@ local blog_utils = require("blog_utils")
 local vs_utils = require "vs_utils"
 local drop_host_pool_utils = require "drop_host_pool_utils"
 
+if ntop.isPro() and isNetBoxEnabled() then 
+   local netbox_api = require("netbox_manager")
+end
 -- ##################################################################
 
 traceError(TRACE_NORMAL, TRACE_CONSOLE, "Processing startup.lua: please hold on...")
@@ -245,4 +249,8 @@ vs_utils.restore_host_to_scan()
 -- Reload Alert Exclusions
 ntop.reloadAlertExclusions()
 
+if ntop.isPro() and isNetBoxEnabled() then
+   netbox_api.initialization_device_roles()
+end
+
 traceError(TRACE_NORMAL, TRACE_CONSOLE, "Completed startup.lua")
diff --git a/src/Mac.cpp b/src/Mac.cpp
index 040050d043eb..ae54d36ac211 100644
--- a/src/Mac.cpp
+++ b/src/Mac.cpp
@@ -68,6 +68,12 @@ Mac::Mac(NetworkInterface *_iface, u_int8_t _mac[6])
                                iface->getNumL2Devices());
 #endif
 
+#ifdef NTOPNG_PRO
+  if (!special_mac && ntop->getPrefs()->is_enterprise_xl_edition() 
+      && ntop->getPrefs()->isNetBoxEnabled())
+    dumpAssetsInformations();
+#endif
+
   updateHostPool(true /* inline with packet processing */,
                  true /* first inc */);
 }
@@ -498,3 +504,31 @@ void Mac::dumpToRedis() {
 
   ndpi_term_serializer(&mac_json);
 }
+
+/* *************************************** */
+
+#ifdef NTOPNG_PRO
+void Mac::dumpAssetsInformations() {
+  char buf[32], *json_str = NULL;
+  ndpi_serializer device_json;
+  u_int32_t json_str_len = 0;
+
+  ndpi_init_serializer(&device_json, ndpi_serialization_format_json);
+
+  ndpi_serialize_string_string(&device_json, "device", Utils::formatMac(get_mac(), buf, sizeof(buf)));
+  ndpi_serialize_string_string(&device_json, "source", "traffic");
+  ndpi_serialize_string_uint32(&device_json, "when", first_seen);
+  ndpi_serialize_string_string(&device_json, "manufacturer", manuf ? manuf : "N/A");
+  ndpi_serialize_string_uint32(&device_json, "devtype", device_type);
+
+  json_str = ndpi_serializer_get_buffer(&device_json, &json_str_len);
+
+  if((json_str != NULL) && (json_str_len > 0)) {
+    char key[64];
+    snprintf(key, sizeof(key), ASSET_LIST_INSERTION_KEY, iface->get_id());
+    ntop->getRedis()->rpush(key, json_str, 1024);
+  }
+
+  ndpi_term_serializer(&device_json);
+}
+#endif
\ No newline at end of file