[Sguil-cvs] sguil/server/lib SguildSensorAgentComms.tcl, 1.25, 1.26 SguildSensorCmdRcvd.tcl, 1.24,
Status: Beta
Brought to you by:
bamm
Menu
▾
▴
[Sguil-cvs] sguil/server/lib SguildSensorAgentComms.tcl, 1.25, 1.26 SguildSensorCmdRcvd.tcl, 1.24, 1.25 SguildUtils.tcl, 1.11, 1.12
|
From: Bamm V. <ba...@us...> - 2007-04-28 23:13:55
|
Update of /cvsroot/sguil/sguil/server/lib In directory sc8-pr-cvs8.sourceforge.net:/tmp/cvs-serv15701/server/lib Modified Files: SguildSensorAgentComms.tcl SguildSensorCmdRcvd.tcl SguildUtils.tcl Log Message: Support for a Generic Event Agents. Index: SguildUtils.tcl =================================================================== RCS file: /cvsroot/sguil/sguil/server/lib/SguildUtils.tcl,v retrieving revision 1.11 retrieving revision 1.12 diff -C2 -d -r1.11 -r1.12 *** SguildUtils.tcl 26 Oct 2005 21:44:44 -0000 1.11 --- SguildUtils.tcl 28 Apr 2007 23:13:45 -0000 1.12 *************** *** 152,155 **** --- 152,157 ---- # proc InetAtoN { ipaddress } { + + if { $ipaddress == "" } { return "" } set octetlist [split $ipaddress "."] set oct1 [lindex $octetlist 0] *************** *** 302,303 **** --- 304,346 ---- catch { exec logger -t "SGUILD" -p "$SYSLOGFACILITY.$level" $newMsg } logError } + + # + # Converts strings to hex + # + proc string2hex { s } { + + set i 0 + set r {} + while { $i < [string length $s] } { + + scan [string index $s $i] "%c" tmp + append r [format "%02X" $tmp] + incr i + + } + + return $r + + } + + # + # Convert hex to string. Non-printables print a dot. + # + proc hex2string { h } { + + set dataLength [string length $h] + set asciiStr {} + + for { set i 1 } { $i < $dataLength } { incr i 2 } { + + set currentByte [string range $h [expr $i - 1] $i] + lappend hexStr $currentByte + set intValue [format "%i" 0x$currentByte] + set currentChar [format "%c" $intValue] + append asciiStr "$currentChar" + + } + + return $asciiStr + + } Index: SguildSensorCmdRcvd.tcl =================================================================== RCS file: /cvsroot/sguil/sguil/server/lib/SguildSensorCmdRcvd.tcl,v retrieving revision 1.24 retrieving revision 1.25 diff -C2 -d -r1.24 -r1.25 *** SguildSensorCmdRcvd.tcl 25 Mar 2007 14:31:46 -0000 1.24 --- SguildSensorCmdRcvd.tcl 28 Apr 2007 23:13:45 -0000 1.25 *************** *** 32,35 **** --- 32,36 ---- LastPcapTime { UpdateLastPcapTime $socketID [lindex $data 1] } RegisterAgent { RegisterAgent $socketID [lindex $data 1] [lindex $data 2] [lindex $data 3] } + GenericEvent { GenericEvent $socketID [lrange $data 1 end] } PadsAsset { ProcessPadsAsset [lindex $data 1] } SsnFile { RcvSsnFile $socketID [lindex $data 1] [lindex $data 2] [lindex $data 3] [lindex $data 4] } Index: SguildSensorAgentComms.tcl =================================================================== RCS file: /cvsroot/sguil/sguil/server/lib/SguildSensorAgentComms.tcl,v retrieving revision 1.25 retrieving revision 1.26 diff -C2 -d -r1.25 -r1.26 *** SguildSensorAgentComms.tcl 8 Apr 2007 04:53:47 -0000 1.25 --- SguildSensorAgentComms.tcl 28 Apr 2007 23:13:45 -0000 1.26 *************** *** 29,33 **** sancp { set sancpSocket($netName) $socketID } snort { set snortSocket($netName) $socketID } ! default { LogMessage "Unknown agent type connected on socket ${socketID}: $type" } } --- 29,33 ---- sancp { set sancpSocket($netName) $socketID } snort { set snortSocket($netName) $socketID } ! default { set foo bar } } |