<?php
/**********************************************************/
-// This PHP script acquires syslog warning message and sends mail.
+// This PHP script acquires SYSLOG warning message and sends mail to the corresponding user.
+
// Add in syslog.conf as: local1.=warning <TAB> | /path/sendreportmail.php
-// The following warning message is reported when a MAC address registered in
-// watchlist table is detected by opengatemd.
-// "Sep 29 12:34:56 opengate01 opengatemd[1234]: WARN: find mac=11:22:33:44:55:66 ip=192.168.0.10"
+// The warning message is reported by SYSLOG when a MAC address in watchlist table
+// is detected by opengatemd.
+
+// As this script should be used only by the administrators,
+// it should be protected by some access control method.
+
+// Following parameters should be modified properly.
/**********************************************************/
/*** parameters ***/
// open syslog
openlog('sendreportmail', LOG_PID, LOG_LOCAL1);
-// get mac address and others from syslog message
+// get mac address and others from syslog warning message such as
+// "Sep 29 12:34:56 opengate01 opengatemd[1234]: WARN: find mac=11:22:33:44:55:66 ip=192.168.0.10"
list($timestamp, $gatewayName, $macAddress, $ipAddress)=getDataFromSyslog();
if($timestamp=="?") return;
// prepare database
if(!($link=prepareMysql($mysqlServer, $mysqlUser, $mysqlPassword))) return;
-if(!$link)return;
-// get mail address and others from mysql db
+// get mail address and others relating to the mac address from mysql db
if(!(list($device, $mailAddress)=getDataFromMysql($macAddress))){
mysqli_close($link);
return;
}
-// if recent report exists, skip to send report
+// if reported recently, skip reporting
if(skipReporting($link, $macAddress, $gatewayName, $reportInterval)){
mysqli_close($link);
return;
$macAddress="?";
$ipAddress="?";
- // syslog message is acqiured from STDIN
+ // syslog message is acquired from STDIN (piped to syslog output)
if(($message=fgets(STDIN))==FALSE){
syslog(LOG_INFO, 'ERR: Fail to read from stdin');
return FALSE;
}
/***
-to avoid to send too many mails,
-skip if there are recent logs having same macaddress, and same gateway
-PLEASE MODIFY to control the report frequency.
+To avoid to send too many mails,
+ skip if there are recent logs having same macaddress and same gateway.
+If you want to change the report period, $reportPeriod is defined at the top of this file.
***/
function skipReporting($link, $macAddress, $gatewayName, $reportInterval){
}
/***
-send mail to the mail address
+send mail to the user mail address
***/
function sendMailToUser($mailSender, $mailAddress, $device, $gatewayName,
$ipAddress, $timestamp){