#!/usr/bin/perl -wT
#--------------------------------------------------------------
# Security Measures
# - httpd being run by user apache
# - use strict; is on to verify variables
# - perl -w is on for warnings
# - perl -T is on for taint control
#--------------------------------------------------------------
#--------------------------------------------------------------
# NIST Net Calibration, santay@nist.gov, March, 2004
#
# Allow user to select calibration parameters and plot results,
# which include first order statistics and links to more info.
#--------------------------------------------------------------
#--------------------------------------------------------------
# Setup Main Variables
#--------------------------------------------------------------
# TAINT needs PATH
BEGIN {
$ENV{'PATH'} = '/NN_Calibration';
}
# CGI Stuff
use strict;
use CGI::Carp qw(fatalsToBrowser);
use CGI;
my $q = new CGI;
# Working Directory
my $home = "/NN_Calibration";
# PopUp Menu Choices
my $Control = ['OFF','Loopback','Disabled'];
my $Delay = ['ALL','OFF','0','10','20','50','100','200','500','1000'];
my $Variance = ['ALL','OFF','0','10','50','100','200','500'];
my $Streams = ['ALL','1','10','50','100'];
my $OfferedLoad = ['ALL','10','30','50','70','90'];
my $PacketSize = ['ALL','128','512','1024','1500'];
#--------------------------------------------------------------
# Start Main WWW Page
#--------------------------------------------------------------
print $q->header;
print $q->start_html('NIST Net Calibration', 'santay@nist.gov');
unless($q->param) {
print $q->start_form('Search');
print "
";
print "
NIST Net Calibration
";
print "
";
print "The NIST Net Network Emulation Tool has been calibrated through ";
print "an extensive testing process. The results of this ";
print "effort can be analyzed with this interactive plotting tool. Select the desired test parameters and the ";
print "latency calibration results will be displayed in Mean and Standard Deviation plots. ";
print "Access to the raw data has also been provided.";
print "
A maximum of Three selections may be set to ALL.";
print "
";
print "Select a Control parameter *OR* a Delay/Variance pairing";
print " (Turn other selection(s) to OFF)
";
print "Contact: nistnet-dev\@antd.nist.gov";
print $q->end_form;
}
#--------------------------------------------------------------
# Check inputs
#--------------------------------------------------------------
else {
# More Variables
my @array; # UnTainted
my @names; # Tainted
my $error = "pass"; # Invalid Entry?
my $ALL_Count = 0; # How Many ALLs
my $OFF_Count = "fail"; # Ensure Something is OFF
$names[0] = $q->param("Control");
$names[1] = $q->param("Delay");
$names[2] = $q->param("Variance");
$names[3] = $q->param("Streams");
$names[4] = $q->param("OfferedLoad");
$names[5] = $q->param("PacketSize");
# UNTAINT - Make sure inputed string is clean from start(^) to end($)
# Verify one or more words with [._0-9a-z-A-Z] and no other characters
for (my $i=0;$i<6;$i++) {
if ($names[$i] =~ /^([\w.]+)$/) {
$array[$i] = $1; # Keep good data
} else {
$array[$i] = $names[$i]; # Keep bad data to show
$error = "fail";
}
# While we're FOR-Looping let's count ALLs
if ($array[$i] eq "ALL") {
$ALL_Count++;
}
}
# How Many ALLs were found?
if ($ALL_Count > 3) {
$ALL_Count = "fail" # Too Many
} else {
$ALL_Count = "pass"
}
# Ensure proper Tests were selected
if (($array[0] eq "OFF") && ($array[1] ne "OFF") && ($array[2] ne "OFF")) {
$OFF_Count = "pass";
} elsif (($array[0] ne "OFF") && ($array[1] eq "OFF") && ($array[2] eq "OFF")) {
$OFF_Count = "pass";
}
#--------------------------------------------------------------
# Fail Screen if Parameters not Correct
#--------------------------------------------------------------
# Unless everything Passed do this...
if (($ALL_Count eq "fail") || ($OFF_Count eq "fail") || ($error eq "fail")) {
print "
";
print "
NIST Net Calibration";
print "
";
print "There was an error processing the selections for the Calibration results...