[Netpass-devel] NetPass-Snort/lib/NetPass Snort.pm,1.2,1.3
Brought to you by:
jeffmurphy
Menu
▾
▴
[Netpass-devel] NetPass-Snort/lib/NetPass Snort.pm,1.2,1.3
|
From: rcolantuoni <rco...@us...> - 2006-01-04 16:02:23
|
Update of /cvsroot/netpass/NetPass-Snort/lib/NetPass In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv12386/NetPass-Snort/lib/NetPass Modified Files: Snort.pm Log Message: added a test cmd to check the validity of generated rules. if the test fails, the backup rules file will be restored. Index: Snort.pm =================================================================== RCS file: /cvsroot/netpass/NetPass-Snort/lib/NetPass/Snort.pm,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- Snort.pm 10 Aug 2005 20:25:31 -0000 1.2 +++ Snort.pm 4 Jan 2006 16:02:09 -0000 1.3 @@ -34,6 +34,7 @@ my $DEFAULTSNORTBPF = "/opt/snort/etc/pcaprules.txt"; my $DEFAULTSNORTPID = "/var/run/snort_dag0.pid"; my $DEFAULTSNORTCMD = "/etc/init.d/snortd"; +my $DEFAULTSNORTTESTSCRIPT = "/opt/snort/bin/snort -q -c/opt/snort/etc/snort.conf -T"; # make sure this matches DEFAULTPORT in npsnortd.pl my $DEFAULTPORT = 20008; @@ -68,7 +69,8 @@ my $rulesfile = (exists $opts{'b'}) ? $opts{'b'} : $DEFAULTSNORTBPF; # create a backup copy of the rules file - move($rulesfile, $rulesfile.'.bkp') if (-e $rulesfile); + my $backupfile = $rulesfile.'.bkp'; + move($rulesfile, $backupfile) if (-e $rulesfile); $fh->open("> $rulesfile"); print $fh $pcaprules."\n"; @@ -152,7 +154,8 @@ my $rulesfile = (exists $opts{'r'}) ? $opts{'r'} : $DEFAULTSNORTRULES; # create a backup copy of the rules file - move($rulesfile, $rulesfile.'.bkp') if (-e $rulesfile); + my $backupfile = $rulesfile.'.bkp'; + move($rulesfile, $backupfile) if (-e $rulesfile); $fh->open("> $rulesfile"); foreach my $l (@$aref) { @@ -162,6 +165,16 @@ } $fh->close; + # test the rules file + my $testcmd = (exists $opts{'T'}) ? $opts{'T'} : $DEFAULTSNORTTESTSCRIPT; + my $testoutput = qx($testcmd 2>&1); + if( $testoutput =~ /Fatal Error/gm) { + # we came across a Fatal Error! + # restore the backup copy of the rules file + move($backupfile, $rulesfile) if (-e $backupfile); + return undef; + } + $self->$update_pcap_rules_file($md5, $soap); my $cmd = (exists $opts{'f'}) ? $opts{'f'} : $DEFAULTSNORTCMD; @@ -231,7 +244,8 @@ my $rulesfile = (exists $opts{'r'}) ? $opts{'r'} : $DEFAULTSNORTRULES; # create a backup copy of the rules file - move($rulesfile, $rulesfile.'.bkp') if (-e $rulesfile); + my $backupfile = $rulesfile.'.bkp'; + move($rulesfile, $backupfile) if (-e $rulesfile); $fh->open("> $rulesfile"); foreach my $l (@$aref) { @@ -241,6 +255,16 @@ } $fh->close; + # test the rules file + my $testcmd = (exists $opts{'T'}) ? $opts{'T'} : $DEFAULTSNORTTESTSCRIPT; + my $testoutput = qx($testcmd 2>&1); + if( $testoutput =~ /Fatal Error/gm) { + # we came across a Fatal Error! + # restore the backup copy of the rules file + move($backupfile, $rulesfile) if (-e $backupfile); + return undef; + } + $self->$update_pcap_rules_file($md5, $soap); return 1 if (kill('HUP', $pid) > 0); |
