NetWork
网络管理工具
PacketFence
QSFP
如何登录 华为 DeviceManager?
服务器 / 存储设备管理
ZeroTier
获取网卡UUID
net-tools 和 iproute2
H3C交换机的基本配置
Netbox --- IPAM 管理工具
Zabbix
phpIPAM
port mode
Link Aggregation
Cisco HSRP
Huawei VRRP
H3C IRF
EVE-NG
eNSP
本文档使用 MrDoc 发布
-
+
home page
phpIPAM
# phpIPAM 通常,网络或系统管理员会使用一个电子表格来记录IP地址的分配信息。此方法对于只有一个管理员,并且网络很小的情况下比较奏效。然而,对于多个大型网络而言,依赖于电子表格并不方便,十分容易出错,引起严重的网络安全问题。更糟糕的是,如果有多个管理员参与管理,更新电子表格就十分麻烦了,因为每个管理员可能生成各种不同版本的文档记录。 一种系统地管理IP地址分配的方式是使用网络化的IP地址管理工具。不仅仅是因为网络化管理工具能在任何地方访问并管理,而且其后端数据库也能保证所有更新能正确同步并实时生效。在试用了一堆IP地址管理应用后,发现了phpIPAM(IP Address Manager IP地址管理工具)喜极。 phpIPAM是一个开源的Web IP地址管理应用程序(IPAM)。其目标是提供轻松,现代和有用的IP地址管理。它是基于php的应用程序,带有MySQL数据库后端,使用jQuery库,ajax和HTML5 / CSS3功能。  phpIPAM中控台  phpIPAM定位界面  phpIPAM子网编辑  phpIPAM子网信息 # phpIPAM功能 - IPv4 / IPv6 IP地址管理(和其它工具不同,它对IPv6支持得很好) - 内建的IPv4和IPv6计算器 - 支持无类域间路由(CIDR)标记 - 支持MySQL数据库 - 部分/子网管理 - 子网的自动可用空间显示 - 可视子网显示 - 可视化报表工具 - 自动子网扫描/ IP状态检查 - PowerDNS集成 - NAT支持 - 强大的搜索引擎 - RACK管理 - 域身份验证(AD,LDAP,Radius) - 基于用户/组权限 - 设备/设备类型管理 - RIPE子网导入 - XLS / CVS子网导入 - IP请求模块 - REST API - 地点模块 - 支持设备、VRF和VLAN管理 - IPv4 / IPv6计算器 - IP数据库搜索 - 邮件通知 - 自定义字段支持 - 电子邮件标记 - 翻译 - 更新日志 可访问http://demo.phpipam.net查看phpIPAM演示网站。 # phpipam安装指南 要求 在开始安装phpipam之前,请确保满足以下要求: - 支持php的Apache2 webserver或带php-fpm的Nginx - Mysql server (5.1+) - PHP: + version 5.3 支持 phpipam version 1.3.1 + version 5.4 + version 7.2 或更高版本支持 phpipam release 1.3.2 - modules: - pdo, pdo_mysql : 添加对mysql连接的支持 - session : 添加持久会话支持 - sockets : 添加sockets支持 - openssl : 添加openSSL支持 - gmp : 添加对dev-libs/gmp(GNU MP库)的支持 - >以计算IPv6网络 - ldap : 添加LDAP支持(轻量级目录访问协议 - 也适用于AD) - crypt : 添加密码加密的支持 - SimpleXML: 添加支持SimpleXML(可选,用于RIPE查询,如果API需要) - json: 启用JSON支持 - gettext: 启用翻译 - filter : 添加过滤支持 - pcntl : 添加对流程创建功能的支持(可选,扫描所需) - cli : 启用CLI(可选,扫描和状态检查所需) - mbstring : 启用mbstring支持 - php PEAR 支持 通常大多数php模块都内置到默认的php安装中。如果缺少某些必需的模块,phpipam将失败并发出警告并通知您。 您可以通过在命令行中发出 php -m 来检查启用了哪些php模块。 phpipam下载 ``` [root@ipam /]# GIT clone --recursive https://github.com/phpipam/phpipam.git /var/www/phpipam [root@ipam /]# cd /var/www/phpipam [root@ipam /var/www/phpipam]# git checkout -b 1.3 origin/1.3 ``` phpipam初始配置 在开始安装数据库文件之前,需要输入数据库详细信息,用于连接数据库的phpipam。首先将config.dist.php复制到config.php并输入所需的详细信息。 ``` $db['host'] = "localhost"; $db['user'] = "phpipam"; $db['pass'] = "phpipamadmin"; $db['name'] = "phpipam"; ``` 另外,如果你在web服务器根文件夹之外的任何其他目录中提取phpipam目录,你需要在config.php中设置它(BASE指令): ``` define('BASE', "/"); ``` phpipam数据库安装 你可以用工具导入已创建的好数据库,或用命令 ``` mysql -u root -p phpipam < db/SCHEMA.sql ``` 完成以上,你的就完成完成了,更多细节请看官网文档,写的还是比较全面,再次向开源精神致敬。 # 官方文档: Here is a full guide on how to install phpIPAM on CentOS 7. This should work on all RHEL based distributuons. For this guide I used competely fresh install of CentOS 7, we will do step by step guide for all applications neede for phpIPAM to run. I used the following assumptions: No software is installed on server (Apache, MySQL, php) Database and apache server will run on same machine phpipam will run in server root directory (will be accessible via http://ip_address/), no vhosts Prettified links will be used Only bare minimum configuration will be done For phpIPAM to work we need to install and configure following applications: Apache webserver php with support for required modules for phpipam MySQL database 1.) Preparing environment and installing required apps 1.1) Setting locale To start let's set correct locales to be used on server, they are required also for translations. Add following to file /etc/environment for en_US coding, add your encoding if you will use different: [root@localhost ~]# more /etc/environment LC_ALL=en_US.utf-8 LANG=en_US.utf-8 1.3.1) Installing Apache, MySQL, PHP (LAMP) stack packages Install all required packages for phpipam: sudo yum install httpd mariadb-server php php-cli php-gd php-common php-ldap php-pdo php-pear php-snmp php-xml php-mysql php-mbstring git If you need crypt method for API you need to install also php-mcrypt php extension, which is available on epel-release package: sudo yum install epel-release sudo yum install php-mcrypt 1.3) Configuring and running Apache webserver Main apache configuration is in file /etc/httpd/conf/httpd.conf. Open it and change directory settings for /var/www/html to allow mod_rewrite URL rewrites: <Directory "/var/www/html"> Options FollowSymLinks AllowOverride all Order allow,deny Allow from all </Directory> We also need to set server name, for now we will use localhost, change it to your FQDN: ServerName locahost:80 Save file and exit. Set correct timezone to php.ini to avoid php warnings: [root@localhost html]# grep timezone /etc/php.ini ; Defines the default timezone used by the date functions ; http://php.net/date.timezone date.timezone = Europe/Ljubljana Now start apache webserver, and also make sure it starts at boot: sudo service httpd start sudo chkconfig httpd on If using systemd than run following commands: sudo systemctl start httpd sudo systemctl enable httpd Firewall rule is also needed to pass http/https traffic to webserver from external interfaces if needed with following command: sudo firewall-cmd --permanent --add-port=80/tcp sudo firewall-cmd --permanent --add-port=443/tcp sudo firewall-cmd --reload 1.4) Configuring and running MySQL (MariaDB) database server MariaDB has replaced MySQL server in CentOS 7, so we will use it. First start MariaDB server and make it start at boot time: sudo service mariadb start sudo chkconfig mariadb on If using systemd than run following commands: sudo systemctl start mariadb sudo systemctl enable mariadb Default options are ok, we just need to set root password, so issue folowing command and follow instructions to harden MariaDB server: sudo mysql_secure_installation 2.) Downloading phpipam files and configure phpipam We have configured database and webserver, it is time to install and configure phpipam. 2.1) Downloading phpipam installation files For the purpose of this guide we will use git to fetch files directly from Github repository. This is preferred and easiest way to setup and maintain phpipam. For other options please read Download guide. [root@localhost ~]# cd /var/www/html/ [root@localhost html]# git clone https://github.com/phpipam/phpipam.git . Cloning into '.'... remote: Counting objects: 10513, done. remote: Compressing objects: 100% (2/2), done. remote: Total 10513 (delta 0), reused 0 (delta 0), pack-reused 10511 Receiving objects: 100% (10513/10513), 7.84 MiB | 2.59 MiB/s, done. Resolving deltas: 100% (7310/7310), done. [root@localhost html]# git checkout 1.4 [root@localhost html]# phpipam code is now downloaded in /var/www/html, which is our document root. To use development version leave out the "git checkout 1.4" command, this will use current MASTER version. If you already checked version 1.4 you can switch to development with "git checkout master". Also make sure upload folders are accessible for xls/csv imports: sudo chown apache:apache -R /var/www/html/ sudo chcon -t httpd_sys_content_t /var/www/html/ –R cd /var/www/html/ find . -type f -exec chmod 0644 {} \; find . -type d -exec chmod 0755 {} \; sudo chcon -t httpd_sys_rw_content_t app/admin/import-export/upload/ -R sudo chcon -t httpd_sys_rw_content_t app/subnets/import-subnet/upload/ -R sudo chcon -t httpd_sys_rw_content_t css/1.4.0/images/logo/ -R * If you wish to make separate subfolder for phpipam, e.g. to access phpipam on http://ip_address/phpipam/, than install files to /phpipam/ subfolder: [root@localhost ~]# cd /var/www/html/ [root@localhost html]# git clone https://github.com/phpipam/phpipam.git phpipam [root@localhost html]# cd phpipam [root@localhost html]# git checkout 1.4 2.2) Configuring database connection Next we need to configure connection to database. To do it we first need to copy over sample config file to config.php that phpipam uses: [root@localhost html]# cp config.dist.php config.php Now open config.php file and set settings for database connection. Do not use root user/pass, whatever you put here will be used for further connections to database and users from config.php will be automatically created. BASE directive should be left at / because we will serve phpipam from default directory http://ip_address/. If you changed this adjust BASE directive accordingly. 3.) phpipam installation We are now ready to install phpipam. Open browser and go to http://ip_address/ to start with automatic database installation. For MySQL connection enter root username and password you created in point 1.4, this will only be used to create required databases, tables and grants. After installation is completed phpipam will used username/password entered in config.php file to access database, root password is not stored anywhere. Here are screenshots of install process:     4.) phpipam upgrade Upgrade process is simple if you are using git, please read this guide for full upgrade guide. In our case all we need to do is pull code updates from github and open browser to start upgrade: [root@localhost ~]# cd /var/www/html [root@localhost html]# git pull 5.) Enabling network scanning To enable network scanning we have two options: disable SELinux or create policy for it. Creating SELinux policy is recommended, please read this topic. For now we will disable SELinux by entering setenforce 0 command: [root@localhost html]# getenforce Enforcing [root@localhost html]# setenforce 0 [root@localhost html]# getenforce Permissive [root@localhost html]# This will enable icmp check from web, discovery etc. To scan networks simultaneously and periodically check address statuses please read this guide. 6.) Backup database via cron It is recommended that you make daily backups of your database files via cron. For daily backups use following cronjob: ``` Backup IP address table, remove backups older than 10 days @daily /usr/bin/mysqldump -u ipv6 -pipv6admin phpipam > /var/www/html/db/bkp/phpipam_bkp_$(date +"\%y\%m\%d").db @daily /usr/bin/find /var/www/html/db/bkp/ -ctime +10 -exec rm {} \; ``` This should be it.
Seven
Sept. 29, 2020, 4:38 p.m.
转发文档
Collection documents
Last
Next
手机扫码
Copy link
手机扫一扫转发分享
Copy link
Markdown文件
share
link
type
password
Update password