[Sguil-cvs] sguil/client/lib qrylib.tcl,1.20,1.21

[Steve H. <sha...@us...>]

Update of /cvsroot/sguil/sguil/client/lib
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3647/lib

Modified Files:
	qrylib.tcl 
Log Message:
Added "RT SRC IP" "RT DST IP" and "RT SRC/DST" to right click ip address menu.  TOoSmOoth...who's your daddy.  -srh


Index: qrylib.tcl
===================================================================
RCS file: /cvsroot/sguil/sguil/client/lib/qrylib.tcl,v
retrieving revision 1.20
retrieving revision 1.21
diff -C2 -d -r1.20 -r1.21
*** qrylib.tcl	12 Oct 2004 20:33:48 -0000	1.20
--- qrylib.tcl	20 Oct 2004 20:45:40 -0000	1.21
***************
*** 7,77 ****
  #
  proc QueryRequest { tableName queryType { incidentCat {NULL} } } {
!   global currentSelectedPane
!   set timestamp [lindex [GetCurrentTimeStamp "1 week ago"] 0]
!   set hourago [GetCurrentTimeStamp "1 hour ago"]
!   if { $tableName == "event" } {
!     set whereTmp "WHERE $tableName.timestamp > '$timestamp' AND "
!   } else {
!       if { ( $queryType == "srcip" || $queryType == "dstip" || $queryType == "src2dst" ) && $incidentCat == 1 } {
! 	  set whereTmp "WHERE $tableName.start_time > '$hourago' AND "
!       } else {
! 	  set whereTmp "WHERE $tableName.start_time > '$timestamp' AND "
!       }  
!   }
!   if { $queryType == "srcip" } {
!     set selectedIndex [$currentSelectedPane.srcIPFrame.list curselection]
!     set srcIP [$currentSelectedPane.srcIPFrame.list get $selectedIndex]
!     set whereTmp "$whereTmp ($tableName.src_ip = INET_ATON('$srcIP') OR $tableName.dst_ip = INET_ATON('$srcIP'))"
!   } elseif { $queryType == "srcport" } {
!     set selectedIndex [$currentSelectedPane.srcPortFrame.list curselection]
!     set srcport [$currentSelectedPane.srcPortFrame.list get $selectedIndex]
!     set whereTmp "$whereTmp ($tableName.src_port = '$srcport' OR $tableName.dst_port = '$srcport')"
!   } elseif { $queryType == "dstport" } {
!     set selectedIndex [$currentSelectedPane.dstPortFrame.list curselection]
!     set dstport [$currentSelectedPane.dstPortFrame.list get $selectedIndex]
!     set whereTmp "$whereTmp ($tableName.src_port = '$dstport' OR $tableName.dst_port = '$dstport')"
!   } elseif { $queryType == "dstip" } {
!     set selectedIndex [$currentSelectedPane.srcIPFrame.list curselection]
!     set dstIP [$currentSelectedPane.dstIPFrame.list get $selectedIndex]
!     set whereTmp "$whereTmp ($tableName.src_ip  = INET_ATON('$dstIP') OR $tableName.dst_ip = INET_ATON('$dstIP'))"
!   } elseif { $queryType == "empty" } {
!     set whereTmp "$whereTmp <Insert Query Here>"
!   } elseif { $queryType == "src2dst" } {
!     set selectedIndex [$currentSelectedPane.srcIPFrame.list curselection]
!     set srcIP [$currentSelectedPane.srcIPFrame.list get $selectedIndex]
!     set dstIP [$currentSelectedPane.dstIPFrame.list get $selectedIndex]
!     set whereTmp "$whereTmp $tableName.src_ip  = INET_ATON('$srcIP') AND $tableName.dst_ip = INET_ATON('$dstIP')"
!   } elseif { $queryType == "category" } {
!     set whereTmp "$whereTmp event.status = $incidentCat"
!   } elseif { $queryType == "signature" } {
!     set selectedIndex [$currentSelectedPane.srcIPFrame.list curselection]
!     set eventMsg [$currentSelectedPane.msgFrame.list get $selectedIndex]
!     set whereTmp "$whereTmp event.signature = '$eventMsg'"
!   }
!   set tmpWhereStatement [QryBuild $tableName $whereTmp]
!   set whereStatement [lindex $tmpWhereStatement 1]
!   set tableName [lindex $tmpWhereStatement 0]
!   if { $whereStatement == "cancel" } { return }
!   if { $tableName == "event" } {
!     if { $queryType == "category" } {
!         switch -exact $incidentCat {
! 	  11 { set winTitle "Cat I" }
! 	  12 { set winTitle "Cat II" }
! 	  13 { set winTitle "Cat III" }
! 	  14 { set winTitle "Cat IV" }
! 	  15 { set winTitle "Cat V" }
! 	  16 { set winTitle "Cat VI" }
! 	  17 { set winTitle "Cat VII" }
! 	  default { set winTitle "none" }
!         }
!         DBQueryRequest $whereStatement $winTitle
      } else {
!        DBQueryRequest $whereStatement
      }
-   } elseif { $tableName == "sessions" } {
-     SsnQueryRequest $whereStatement
-   } elseif { $tableName == "sancp" } {
-     SancpQueryRequest $whereStatement
-   }
  }
  #
--- 7,81 ----
  #
  proc QueryRequest { tableName queryType { incidentCat {NULL} } } {
!     global currentSelectedPane
!     set timestamp [lindex [GetCurrentTimeStamp "1 week ago"] 0]
!     set hourago [GetCurrentTimeStamp "1 hour ago"]
!     if { $tableName == "event" } {
! 	if { $incidentCat == 0 } {
! 	    set whereTmp "WHERE $tableName.timestamp > '$timestamp' AND event.status = 0 AND "
! 	} else {
! 	    set whereTmp "WHERE $tableName.timestamp > '$timestamp' AND "
! 	}   
      } else {
! 	if { ( $queryType == "srcip" || $queryType == "dstip" || $queryType == "src2dst" ) && $incidentCat == 1 } {
! 	    set whereTmp "WHERE $tableName.start_time > '$hourago' AND "
! 	} else {
! 	    set whereTmp "WHERE $tableName.start_time > '$timestamp' AND "
! 	}  
!     }
!     if { $queryType == "srcip" } {
! 	set selectedIndex [$currentSelectedPane.srcIPFrame.list curselection]
! 	set srcIP [$currentSelectedPane.srcIPFrame.list get $selectedIndex]
! 	set whereTmp "$whereTmp ($tableName.src_ip = INET_ATON('$srcIP') OR $tableName.dst_ip = INET_ATON('$srcIP'))"
!     } elseif { $queryType == "srcport" } {
! 	set selectedIndex [$currentSelectedPane.srcPortFrame.list curselection]
! 	set srcport [$currentSelectedPane.srcPortFrame.list get $selectedIndex]
! 	set whereTmp "$whereTmp ($tableName.src_port = '$srcport' OR $tableName.dst_port = '$srcport')"
!     } elseif { $queryType == "dstport" } {
! 	set selectedIndex [$currentSelectedPane.dstPortFrame.list curselection]
! 	set dstport [$currentSelectedPane.dstPortFrame.list get $selectedIndex]
! 	set whereTmp "$whereTmp ($tableName.src_port = '$dstport' OR $tableName.dst_port = '$dstport')"
!     } elseif { $queryType == "dstip" } {
! 	set selectedIndex [$currentSelectedPane.srcIPFrame.list curselection]
! 	set dstIP [$currentSelectedPane.dstIPFrame.list get $selectedIndex]
! 	set whereTmp "$whereTmp ($tableName.src_ip  = INET_ATON('$dstIP') OR $tableName.dst_ip = INET_ATON('$dstIP'))"
!     } elseif { $queryType == "empty" } {
! 	set whereTmp "$whereTmp <Insert Query Here>"
!     } elseif { $queryType == "src2dst" } {
! 	set selectedIndex [$currentSelectedPane.srcIPFrame.list curselection]
! 	set srcIP [$currentSelectedPane.srcIPFrame.list get $selectedIndex]
! 	set dstIP [$currentSelectedPane.dstIPFrame.list get $selectedIndex]
! 	set whereTmp "$whereTmp $tableName.src_ip  = INET_ATON('$srcIP') AND $tableName.dst_ip = INET_ATON('$dstIP')"
!     } elseif { $queryType == "category" } {
! 	set whereTmp "$whereTmp event.status = $incidentCat"
!     } elseif { $queryType == "signature" } {
! 	set selectedIndex [$currentSelectedPane.srcIPFrame.list curselection]
! 	set eventMsg [$currentSelectedPane.msgFrame.list get $selectedIndex]
! 	set whereTmp "$whereTmp event.signature = '$eventMsg'"
!     }
!     set tmpWhereStatement [QryBuild $tableName $whereTmp]
!     set whereStatement [lindex $tmpWhereStatement 1]
!     set tableName [lindex $tmpWhereStatement 0]
!     if { $whereStatement == "cancel" } { return }
!     if { $tableName == "event" } {
! 	if { $queryType == "category" } {
! 	    switch -exact $incidentCat {
! 		11 { set winTitle "Cat I" }
! 		12 { set winTitle "Cat II" }
! 		13 { set winTitle "Cat III" }
! 		14 { set winTitle "Cat IV" }
! 		15 { set winTitle "Cat V" }
! 		16 { set winTitle "Cat VI" }
! 		17 { set winTitle "Cat VII" }
! 		default { set winTitle "none" }
! 	    }
! 	    DBQueryRequest $whereStatement $winTitle
! 	} else {
! 	    DBQueryRequest $whereStatement
! 	}
!     } elseif { $tableName == "sessions" } {
! 	SsnQueryRequest $whereStatement
!     } elseif { $tableName == "sancp" } {
! 	SancpQueryRequest $whereStatement
      }
  }
  #