NOTES: Comprehensive Layer 2 Communication and Network Diagnostics Platform

October 30, 2024 Core Project

1. network_sentry.cpp

  • Purpose: Primary Layer 2 communication program.
  • Functionality:
    • Layer 2 Communication: Sends and receives Ethernet frames to establish direct peer connections at Layer 2.
    • Layer 3 Escalation: Once a Layer 2 connection is confirmed, the program attempts to connect at Layer 3 and exchange a predefined token (CURRENTTOKEN).
    • MAC Address Tracking: Stores each unique MAC address and updates timestamps for repeated detections in a MySQL database.
    • Continuous Listening and Broadcasting: Runs dual threads—one for listening to incoming Ethernet frames and another for periodic broadcasting.
    • Logging: Logs successful and unsuccessful attempts to communicate with each known MAC address.
  • Database: Tracks each MAC address and associated IP list in a MySQL database for persistent records.

2. com_port_scanner.cpp

  • Purpose: Scans and logs connected COM ports for attached devices like embedded controllers, Arduino boards, or Raspberry Pis.
  • Functionality:
    • Periodic COM Port Scanning: Runs every 5 minutes to update the MySQL table with the current state of each detected COM port.
    • Device Discovery: Attempts to identify connected devices by querying endpoint devices.
    • Database Logging: Updates a MySQL table with device information, maintaining a record of all connected endpoints.

3. network_discovery.cpp

  • Purpose: Performs a ping scan on the network, records active hosts, and attempts to query each detected endpoint using various protocols.
  • Functionality:
    • Ping Scanning: Pings each IP in the network range to detect live hosts.
    • Protocol Queries: Attempts to query detected hosts using multiple protocols, including Finger, Gopher, SNMP, SMB, and HTTP, to gather endpoint data.
    • MAC Address Logging: Records the MAC address, open ports, and endpoint details in a client_table within network_discovery_db.
    • Database Management: Creates network_discovery_db if it doesn’t exist and manages client data in client_table.

4. ufw_monitor.cpp

  • Purpose: Monitors firewall (UFW) activity and logs connection requests into a MySQL database.
  • Functionality:
    • Real-Time Monitoring: Tracks all incoming connection requests and records these instead of just violations.
    • Database Logging: Logs all requests, storing connection details for tracking and potential diagnostics.
    • MySQL Root Password Retrieval: Tries to retrieve the MySQL root password first from the database and fails over to credentials.txt if unavailable.

5. PHP and Diagnostic Pages

  • Purpose: Provides browser-based views for monitoring and troubleshooting.
  • Key Files:
    • syslog.php: Displays entries from the syslog.
    • network_sentry.php: Shows logs and connection status from network_sentry.
    • com_port_log.php: Displays COM port activity and device logs.
    • sql_requests.php: Logs all SQL requests made by db_connect.php into gear_sql_requests, including success and error messages.
    • log_display.php: Displays log files (*.log) from /usr/local/bin and /var/www/html, showing the last 10 entries.
  • Include Files: Shared code is stored in include files, making the diagnostic pages easily extendable and maintainable.

6. Shell Scripts

  • setup_gear.sh

    • Purpose: Main setup script to prepare the Ubuntu environment.
    • Functionality:
      • Menu Redesign: Uses a PHP include for the menu, simplifying updates without modifying setup_gear.sh.
      • Diagnostic Page and Log Links: Replaces the default Apache index page with a diagnostic page containing links to key log files and system diagnostics.
      • Package Cleanup: Removes unused services and packages, disables Snap and logging services (except Bluetooth and wireless), and installs required network management and development tools.
      • System Information Logging: Collects and logs system diagnostics (CPU, disk, memory) for troubleshooting.

  • firewall_reset.sh

    • Purpose: Manages UFW rules and logs connection requests.
    • Functionality:
      • Port Management: Configures UFW to allow HTTP (80) and HTTPS (443) ports by default.
      • Connection Tracking: Logs all connection requests, using the MySQL database for tracking rather than relying solely on UFW logs.

  • set_ufw_rules_auto.sh

    • Purpose: Auto-detects the active Ethernet interface and configures firewall rules on boot.
    • Functionality:
      • Dynamic Interface Detection: Detects the current Ethernet interface to ensure rules apply to the correct one.
      • Systemd Integration: Ensures the script runs on every boot via systemd or /etc/rc.local.

  • index.php Template Script

    • Purpose: Creates a templated index.php file with header, body, and footer for web-based diagnostics.
    • Functionality: Uses a bash script to create header.php, index_body.php, and footer.php in /usr/local/bin for consistent web layout.

7. Supporting Scripts and Updates

  • db_connect.php Updates:

    • Updated to use try...catch for better exception handling and logging.
    • All /path/to/ references updated to /usr/local/bin.

  • Logging Function:

    • log() Bash Function: Standardized for timestamped logging across setup scripts.

Tags:

Share