Netbox service templates not populating - Githubissues

idaholab / Malcolm

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

https://idaholab.github.io/Malcolm/

Other

349 stars 59 forks source link

Netbox service templates not populating #522

Closed piercema closed 4 weeks ago

piercema commented 1 month ago

Describe the bug When using the built in service templates to define a service in Netbox, the program does not save the changes to the service. ~Looking at the NetBox logs, it appears that no post request is even submitted for the changes.~

EDIT: this last statement isn't totally correct, as they do come out in the full logs, but not the somewhat-filtered ./scripts/logs logs:

netbox-1       | 172.27.1.1 - - [16/Aug/2024:18:37:57 +0000] "POST /netbox/ipam/services/add/ HTTP/1.0" 200 110222 "https://malcolm.seven.local.lan/netbox/ipam/services/add/" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0"
nginx-proxy-1  | 172.27.1.1 - analyst [16/Aug/2024:18:37:57 +0000] "POST /netbox/ipam/services/add/ HTTP/1.1" 200 110222 "https://malcolm.seven.local.lan/netbox/ipam/services/add/" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0"

Still, it appears nothing is saved.

Expected behavior When using templates for a service in NetBox, the service saves properly when submitted.

mmguero commented 4 weeks ago

Note that when https://github.com/netbox-community/netbox/issues/17196 is released this will change anyway.

mmguero commented 4 weeks ago

Here's the POST:

POST /netbox/ipam/services/add/ HTTP/1.0
Host: netbox.malcolm.local
X-Forwarded-Host: malcolm.seven.local.lan
X-Real-IP: 172.27.1.1
X-Forwarded-Proto: http
X-Remote-Auth: analyst
Connection: close
Content-Length: 1554
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/png,image/svg+xml,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, zstd
Referer: https://malcolm.seven.local.lan/netbox/ipam/services/add/
Content-Type: multipart/form-data; boundary=---------------------------186144115437215360293205157324
Origin: https://malcolm.seven.local.lan
Authorization: Basic [redacted]
Cookie: csrftoken=[redacted]; sessionid=[redacted]
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Priority: u=0, i

-----------------------------186144115437215360293205157324
Content-Disposition: form-data; name="csrfmiddlewaretoken"
[redacted]
-----------------------------186144115437215360293205157324
Content-Disposition: form-data; name="_init_time"
1723833325.1200666
-----------------------------186144115437215360293205157324
Content-Disposition: form-data; name="device"
112
-----------------------------186144115437215360293205157324
Content-Disposition: form-data; name="virtual_machine"
-----------------------------186144115437215360293205157324
Content-Disposition: form-data; name="service_template"
54
-----------------------------186144115437215360293205157324
Content-Disposition: form-data; name="name"
-----------------------------186144115437215360293205157324
Content-Disposition: form-data; name="protocol"
-----------------------------186144115437215360293205157324
Content-Disposition: form-data; name="ports"
-----------------------------186144115437215360293205157324
Content-Disposition: form-data; name="ipaddresses"
71
-----------------------------186144115437215360293205157324
Content-Disposition: form-data; name="description"
hmi bacnet
-----------------------------186144115437215360293205157324
Content-Disposition: form-data; name="comments"
-----------------------------186144115437215360293205157324
Content-Disposition: form-data; name="_create"
-----------------------------186144115437215360293205157324--

and the response is HTTP/1.1 200 OK

hmmm

mmguero commented 4 weeks ago

So when the service template created "from scratch" rather than through the service templates that are preloaded on startup it works fine. For comparison, here's that POST request, with a returned result of HTTP/1.1 302 Found.

POST /netbox/ipam/services/add/ HTTP/1.0
Host: netbox.malcolm.local
X-Forwarded-Host: malcolm.seven.local.lan
X-Real-IP: 172.27.1.1
X-Forwarded-Proto: http
X-Remote-Auth: analyst
Connection: close
Content-Length: 1525
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/png,image/svg+xml,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, zstd
Referer: https://malcolm.seven.local.lan/netbox/ipam/services/add/
Content-Type: multipart/form-data; boundary=---------------------------28125207113193294980461688975
Origin: https://malcolm.seven.local.lan
Authorization: Basic [redacted]
Cookie: csrftoken=[redacted]; sessionid=[redacted]
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Priority: u=0, i

-----------------------------28125207113193294980461688975
Content-Disposition: form-data; name="csrfmiddlewaretoken"
[redacted]
-----------------------------28125207113193294980461688975
Content-Disposition: form-data; name="_init_time"
1723834922.4668
-----------------------------28125207113193294980461688975
Content-Disposition: form-data; name="device"
1
-----------------------------28125207113193294980461688975
Content-Disposition: form-data; name="virtual_machine"
-----------------------------28125207113193294980461688975
Content-Disposition: form-data; name="service_template"
56
-----------------------------28125207113193294980461688975
Content-Disposition: form-data; name="name"
-----------------------------28125207113193294980461688975
Content-Disposition: form-data; name="protocol"
-----------------------------28125207113193294980461688975
Content-Disposition: form-data; name="ports"
-----------------------------28125207113193294980461688975
Content-Disposition: form-data; name="ipaddresses"
1
-----------------------------28125207113193294980461688975
Content-Disposition: form-data; name="description"
-----------------------------28125207113193294980461688975
Content-Disposition: form-data; name="comments"
-----------------------------28125207113193294980461688975
Content-Disposition: form-data; name="_create"
-----------------------------28125207113193294980461688975--

I'm not seeing any difference.

mmguero commented 4 weeks ago

Here's the postgresql database dump for the service template that worked:

--
-- Data for Name: ipam_servicetemplate; Type: TABLE DATA; Schema: public; Owner: netbox
--

COPY public.ipam_servicetemplate (id, created, last_updated, custom_field_data, protocol, ports, description, name, comments) FROM stdin;
56  2024-08-16 19:00:23.360496+00   2024-08-16 19:00:23.36051+00    {}  tcp {80,8000,8080}      http server 
\.

vs. one of the ones that didn't work:

--
-- Data for Name: ipam_servicetemplate; Type: TABLE DATA; Schema: public; Owner: netbox
--

COPY public.ipam_servicetemplate (created, last_updated, custom_field_data, id, protocol, ports, description, name, comments) FROM stdin;
...
2023-11-01 17:23:00.122854+00   2023-11-01 17:23:00.122861+00   {}  53  UDP {47808}     BACnet (UDP)    
...

I wonder if it's the difference in case between tcp/TCP and udp/UDP for the protocol field

mmguero commented 4 weeks ago

The issue was the case of the protocol in the import .yml file. That file has been fixed. Existing backups/databases will have to be fixed manually. This could be done by deleting and reimporting existing service templates.