summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTed Trask <ttrask01@yahoo.com>2008-09-23 18:56:53 +0000
committerTed Trask <ttrask01@yahoo.com>2008-09-23 18:56:53 +0000
commit57145e7023e2c57c55f8ceb4673e139c891f61fd (patch)
tree2db1319d9d3149d0299c0288a67f212a41d70fdc
parent6c25bf20b9039513aac252010ebeb99a84562d95 (diff)
downloadacf-snort-57145e7023e2c57c55f8ceb4673e139c891f61fd.tar.bz2
acf-snort-57145e7023e2c57c55f8ceb4673e139c891f61fd.tar.xz
Updated snort to use new libraries and lsp files.
git-svn-id: svn://svn.alpinelinux.org/acf/snort/trunk@1484 ab2d0c66-481e-0410-8bed-d214d4d58bed
-rw-r--r--snort-controller.lua110
-rw-r--r--snort-details-html.lsp37
l---------[-rw-r--r--]snort-expert-html.lsp58
-rw-r--r--snort-model.lua188
l---------snort-startstop-html.lsp1
l---------[-rw-r--r--]snort-status-html.lsp51
-rw-r--r--snort.menu2
-rw-r--r--snort.roles4
8 files changed, 88 insertions, 363 deletions
diff --git a/snort-controller.lua b/snort-controller.lua
index 737f97c..513627a 100644
--- a/snort-controller.lua
+++ b/snort-controller.lua
@@ -1,119 +1,29 @@
module (..., package.seeall)
-- Load libraries
-require("posix")
+require("controllerfunctions")
-- ################################################################################
-- LOCAL FUNCTIONS
-local function displaycmdmanagement(pidofstatus)
- -- Add a management buttons
- local management = {}
- management.start = cfe({ name="cmdmanagement",
- label="Program control-panel",
- value="Start",
- type="submit",
- })
- management.stop = cfe({ name="cmdmanagement",
- label="Program control-panel",
- value="Stop",
- type="submit",
- })
- management.restart = cfe({ name="cmdmanagement",
- label="Program control-panel",
- value="Restart",
- type="submit",
- })
- -- next CFE can be used to present the result of the previous action
- management.actionresult = cfe({ name="actionresult",
- label="Previous action result",
- })
-
- -- Disable management buttons based on if the process is running or not
- if (pidofstatus) then
- management.start.disabled = "yes"
- else
- management.stop.disabled = "yes"
- management.restart.disabled = "yes"
- end
-
- return management
-end
-
-- ################################################################################
-- PUBLIC FUNCTIONS
default_action = "status"
function status(self)
- local srvcmdresult = nil
- local srvcmd = self.clientdata.srvcmd
- local status = self.model:getstatus(self)
-
- local alerts,alertresult = self.model:read_alert()
- return ({
- status = status,
- alerts=alerts,
- alertresult=alertresult,
- url = self.conf.script .. self.conf.prefix .. self.conf.controller} )
+ return self.model.getstatus()
end
-function expert(self)
- local cmd = self.clientdata.cmd
- local url = self.conf.script .. self.conf.prefix .. self.conf.controller
-
- local modifications = self.clientdata.filecontent or ""
- if ( self.clientdata.cmdsave ) then
- modifications = self.model:update_filecontent(modifications)
- end
-
- -- Start/Stop/Restart process
- local cmdmanagement, actionresult
- if ( self.clientdata.cmdmanagement) then
- cmdmanagement = cfe({
- name="cmdmanagement",
- label="Previous action result",
- action=cfe({
- name="cmdmanagement",
- value=string.lower(self.clientdata.cmdmanagement), -- This row contains start/stop/restart (one of these commands)
- }),
- })
- actionresult, cmdmanagement = self.model:startstop_service( cmdmanagement.action )
- end
-
- local status = self.model:getstatus(self)
- local file = self.model:get_filedetails()
-
- -- Add buttons
- file.cmdsave = cfe ({
- name="cmdsave",
- label="Apply settings",
- value="Apply",
- type="submit",
- })
- if (self.clientdata.cmdsave) then
- file.cmdsave.descr="* Changes has been saved!"
- end
+function details(self)
+ return self.model.read_alert()
+end
- -- Management buttons (Hide/show buttons
- local pidofstatus
- if (string.lower(status.status.value) == "enabled" ) then pidofstatus = true end
- management = displaycmdmanagement(pidofstatus)
- if (actionresult) then
- management.actionresult.descr=cmdmanagement.descr
- management.actionresult.errtxt=cmdmanagement.errtxt
- end
- if (status) and (status.version) and (#status.version.value == 0) then
- management.start.disabled = "yes"
- management.stop.disabled = "yes"
- management.restart.disabled = "yes"
- end
+function startstop(self)
+ return controllerfunctions.handle_startstop(self, self.model.startstop_service, self.model.getstatus, self.clientdata)
+end
- return ( {
- management = management,
- status = status,
- file = file,
- modifications = modifications,
- url = url, } )
+function expert(self)
+ return controllerfunctions.handle_form(self, self.model.get_filedetails, self.model.update_filedetails, self.clientdata, "Save", "Edit Configuration", "Configuration Set")
end
diff --git a/snort-details-html.lsp b/snort-details-html.lsp
new file mode 100644
index 0000000..b95298d
--- /dev/null
+++ b/snort-details-html.lsp
@@ -0,0 +1,37 @@
+<% local data, viewlibrary = ...
+require("viewfunctions")
+%>
+<%
+--[[ DEBUG INFORMATION
+io.write("<H1>DEBUGGING</H1><span style='color:red'><H2>DEBUG INFO: CFE</H2>")
+io.write(html.cfe_unpack(form))
+io.write("</span>")
+--]]
+%>
+
+<% viewlibrary.dispatch_component("status") %>
+
+<H1><%= data.label %></H1>
+
+<% for i,priority in ipairs(data.value) do %>
+ <h2><%= priority.name %></h2>
+ <% for cls in pairs(priority.value) do %>
+ <h3><%= cls %></h3>
+ <% for id,alert in pairs(priority.value[cls]) do %>
+ <p><B><%= alert.value[1] %></B><BR>
+ <% for j=2, table.maxn(alert.value) do %>
+ <%= alert.value[j] %><BR>
+ <% end %>
+ <I>(This alarm is repeated <B><%= alert.count %></B> times)</I>
+ <% if (table.maxn(alert.url) ~= 0) then %>
+ ( URL's:
+ <% for k,url in ipairs(alert.url) do %>
+ <a href="<%= url %>" target="_new"><img src="/skins/static/tango/16x16/categories/applications-internet.png" alt="<%= url %>"></a>
+ <% end %>
+ )
+ <% end %>
+ </p>
+ <% end %>
+
+ <% end %>
+<% end %>
diff --git a/snort-expert-html.lsp b/snort-expert-html.lsp
index f8bcb87..207f324 100644..120000
--- a/snort-expert-html.lsp
+++ b/snort-expert-html.lsp
@@ -1,57 +1 @@
-<% local form = ...
-require("viewfunctions")
-%>
-<%
---[[ DEBUG INFORMATION
-io.write("<H1>DEBUGGING</H1><span style='color:red'><H2>DEBUG INFO: CFE</H2>")
-io.write(html.cfe_unpack(form))
-io.write("</span>")
---]]
-%>
-
-<H1>SYSTEM INFO</H1>
-<DL>
-<%
-local myform = form.status
-local tags = { "status", "version", "autostart", }
-displayinfo(myform,tags,"viewonly")
-%>
-</DL>
-
-<form name="myform" action="" method="POST">
-<h1>CONFIGURATION</h1>
-<H2>Expert config</H2>
-<h3>File details</h3>
-<DL>
-<%
-local myform = form.file
-local tags = { "filename", "filesize", "mtime", "sumerrors", }
-displayinfo(myform,tags,"viewonly")
-%>
-</DL>
-
-<H3>FILE CONTENT</H3>
-<%
-local myform = form.file
-io.write(html.form[myform.filecontent.type](myform.filecontent))
-%>
-
-<H2>SAVE AND APPLY ABOVE SETTINGS</H2>
-<DL>
-<%
-local tags = { "cmdsave", }
-displayinfo(myform,tags)
-%>
-</DL>
-
-<%
--- Management buttons
-local myform = form.management
-local tags = { "start", "stop", "restart" }
-if (myform) then
- io.write("<H1>MANAGEMENT</H1>\n<DL>")
- displaymanagement(myform,tags)
- io.write("</DL>")
-end
-%>
-</form>
+../expert-html.lsp \ No newline at end of file
diff --git a/snort-model.lua b/snort-model.lua
index 8ae99e5..40cca84 100644
--- a/snort-model.lua
+++ b/snort-model.lua
@@ -2,200 +2,82 @@
module (..., package.seeall)
-- Load libraries
+require("modelfunctions")
require("fs")
-require("posix")
-require("procps")
-require("daemoncontrol")
-require("format")
-require("processinfo")
-- Set variables
local packagename = "snort"
local processname = "snort"
local configfile = "/etc/snort/snort.conf"
+local alertfile = "/var/log/snort/alert"
-- ################################################################################
-- LOCAL FUNCTIONS
-local function process_status_text(procname)
- local t = procps.pidof(procname)
- if (t) and (#t > 0) then
- return "Enabled"
- else
- return "Disabled"
- end
-end
-
-- ################################################################################
-- PUBLIC FUNCTIONS
-function getstatus ()
- local status = {}
-
- local value, errtxt = processinfo.package_version(packagename)
- status.version = cfe({ name = "version",
- label="Program version",
- value=value,
- errtxt=errtxt,
- })
-
- status.status = cfe({ name="status",
- label="Program status",
- value=process_status_text(processname),
- })
-
- local autostart_sequense, autostart_errtxt = processinfo.process_botsequence(processname)
- status.autostart = cfe({ name="autostart",
- label="Autostart sequence",
- value=autostart_sequense,
- errtxt=autostart_errtxt,
- })
-
- return status
-end
-
-function getconfig()
- return {}
-end
-
-function get_filedetails(self,num)
- local path
- if (num == "2") then
- path = configfile2
- else
- path = configfile
- end
- local file = {}
- local filedetails = {}
- local config = {}
- local filenameerrtxt
- if (path) and (fs.is_file(path)) then
- filedetails = fs.stat(path)
- config = getconfig(path)
- else
- config = {}
- config.filename = {}
- config["filename"]["errtxt"]="Config file '".. path .. "' is missing!"
- end
-
- file["filename" .. (num or "")] = cfe({
- name="filename" .. (num or ""),
- label="File name",
- value=path,
- errtxt=filenameerrtxt
- })
- file["filesize" .. (num or "")] = cfe({
- name="filesize" .. (num or ""),
- label="File size",
- value=filedetails.size or 0,
- })
- file["mtime" .. (num or "")] = cfe({
- name="mtime" .. (num or ""),
- label="File date",
- value=filedetails.mtime or "---",
- })
- file["filecontent" .. (num or "")] = cfe({
- type="longtext",
- name="filecontent" .. (num or ""),
- label="File content",
- value=fs.read_file(path),
- })
-
- -- Sum all errors into one cfe
- local sumerrors = ""
- for k,v in pairs(config) do
- if (config[k]) and (config[k]["errtxt"]) and (config[k]["errtxt"] ~= "") then
- sumerrors = sumerrors .. config[k]["errtxt"] .. "\n"
- end
- end
- if (sumerrors ~= "") then
- file["sumerrors" .. (num or "")] = cfe ({
- name="sumerrors" .. (num or ""),
- label = "Configuration errors",
- errtxt = string.match(sumerrors, "(.-)\n$"),
- })
- end
-
- return file
+function getstatus()
+ return modelfunctions.getstatus(processname, packagename, "Snort Status")
end
--- action should be a CFE
-function startstop_service ( self, action )
- local cmd = action.value
- local cmdresult,cmdmessage,cmderror,cmdaction = daemoncontrol.daemoncontrol(processname, cmd)
- action.descr=cmdmessage
- action.errtxt=cmderror
- return cmdresult,action
+function startstop_service(action)
+ return modelfunctions.startstop_service(processname, action)
end
function read_alert()
- local alertfile = "/var/log/snort/alert"
- local alertcount = 0
local alertpriority = {}
- local alertprioritytmp = ""
- local priority = ""
- local classification = ""
- local currid = ""
- local prevrid = ""
- local count = {}
local liboutput = fs.read_file_as_array(alertfile)
if (liboutput) then
- for k,v in ipairs(liboutput) do
+ for i,line in ipairs(liboutput) do
--DEBUG
- --if (k == 1) then break end
- currid = string.match(v, "^.*%[%*%*%]%s*%[(%d+:%d+:%d+)%].*")
+ --if (i == 1) then break end
+ local currid = string.match(line, "^.*%[%*%*%]%s*%[(%d+:%d+:%d+)%]")
if (currid) then
- local priority = string.match(liboutput[k+1],"^.*%[.*lassification:%s*.*%]%s*%[(.*)%]") or "Priority: Unknown"
- local classification = string.match(liboutput[k+1],"^.*%[.*lassification:%s*(.*)%]%s*%[") or "Classification: Unknown"
+ local priority = string.match(liboutput[i+1],"^.*%[.*lassification:%s*.*%]%s*%[(.*)%]") or "Priority: Unknown"
+ local classification = string.match(liboutput[i+1],"^.*%[.*lassification:%s*(.*)%]%s*%[") or "Classification: Unknown"
if (alertpriority[priority] == nil) then
alertpriority[priority] = {}
end
if (alertpriority[priority][classification] == nil) then
alertpriority[priority][classification] = {}
end
- alertpriority[priority][classification][currid] = {}
- if (alertpriority[priority][classification][currid]["value"] == nil) then
- alertpriority[priority][classification][currid]["value"] = {}
- end
- if (alertpriority[priority][classification][currid]["url"] == nil) then
- alertpriority[priority][classification][currid]["url"] = {}
- end
- -- COUNTER
- if not (count[priority..classification..currid]) then
- count[priority..classification..currid] = 0
- end
- count[priority..classification..currid] = count[priority..classification..currid] + 1
- alertpriority[priority][classification][currid]["count"] = count[priority..classification..currid]
- for i=0, 10 do
- local rowvalue = liboutput[k+i]
- if (rowvalue == "") then
- break
- end
- if (rowvalue) and (string.match(rowvalue, "%[Xref.*") == nil) and (string.match(rowvalue, "%[Classification.*") == nil)then
- table.insert(alertpriority[priority][classification][currid]["value"],rowvalue)
- elseif (rowvalue) and (string.match(rowvalue, "%[Xref.*") ~= nil) then
- for v in string.gmatch(rowvalue, "%[Xref%s+%=%>%s+(.-)%]") do
- table.insert(alertpriority[priority][classification][currid]["url"],v)
+ if (alertpriority[priority][classification][currid] == nil) then
+ alertpriority[priority][classification][currid] = { value={}, url={}, count=0 }
+
+ local rowvalue = line
+ local j = 0
+ while rowvalue and rowvalue ~= "" do
+ if string.match(rowvalue, "%[Xref.*") ~= nil then
+ for v in string.gmatch(rowvalue, "%[Xref%s+%=%>%s+(.-)%]") do
+ table.insert(alertpriority[priority][classification][currid]["url"],v)
+ end
+ elseif string.match(rowvalue, "%[Classification.*") == nil then
+ table.insert(alertpriority[priority][classification][currid].value,rowvalue)
end
+ j=j+1
+ rowvalue = liboutput[i+j]
end
end
- alertcount = alertcount + 1
+ alertpriority[priority][classification][currid].count = alertpriority[priority][classification][currid].count + 1
end
end
end
--Start sorting priority-table
local sorted_table = {}
- for n in pairs(alertpriority) do
- table.insert(sorted_table, {name=n, value=alertpriority[n]})
+ for name,value in pairs(alertpriority) do
+ table.insert(sorted_table, {name=name, value=value})
end
table.sort(sorted_table, function(a,b) return (a.name < b.name) end)
- return alertcount,sorted_table
+ return cfe({ type="structure", value=sorted_table, label="Snort Alerts" })
end
-function update_filecontent (self, modifications)
- local path = configfile
- local file_result,err = fs.write_file(path, format.dostounix(modifications))
- return file_result
+function get_filedetails()
+ return modelfunctions.getfiledetails(configfile)
end
+function update_filedetails(filedetails)
+ filedetails.value.filename.value = configfile
+ return modelfunctions.setfiledetails(filedetails)
+end
diff --git a/snort-startstop-html.lsp b/snort-startstop-html.lsp
new file mode 120000
index 0000000..0ea2627
--- /dev/null
+++ b/snort-startstop-html.lsp
@@ -0,0 +1 @@
+../startstop-html.lsp \ No newline at end of file
diff --git a/snort-status-html.lsp b/snort-status-html.lsp
index 5dafd62..b2f8480 100644..120000
--- a/snort-status-html.lsp
+++ b/snort-status-html.lsp
@@ -1,50 +1 @@
-<% local form = ...
-require("viewfunctions")
-%>
-<%
---[[ DEBUG INFORMATION
-io.write("<H1>DEBUGGING</H1><span style='color:red'><H2>DEBUG INFO: CFE</H2>")
-io.write(html.cfe_unpack(form))
-io.write("</span>")
---]]
-%>
-
-<H1>SYSTEM INFO</H1>
-<DL>
-<%
-local myform = form.status
-local tags = { "status", "version", "autostart", }
-displayinfo(myform,tags,"viewonly")
-%>
-</DL>
-
-<H2>PROGRAM SPECIFIC OPTIONS/INFORMATION</H2>
-<DL>
-<dt>Counted alerts</dt>
-<dd><%= form.alerts %> alert(s)</dd>
-</DL>
-
-<h1>ALERT LIST</h1>
-
-<% for i=1, table.maxn(form.alertresult) do %>
- <h2><%= form.alertresult[i]["name"] %></h2>
- <% for j in pairs(form.alertresult[i]["value"]) do %>
- <h3><%= j %></h3>
- <% for k in pairs(form.alertresult[i]["value"][j]) do %>
- <p><B><%= form.alertresult[i]["value"][j][k]["value"][1] %></B><BR>
- <% for l=2, table.maxn(form.alertresult[i]["value"][j][k]["value"]) do %>
- <%= form.alertresult[i]["value"][j][k]["value"][l] %><BR>
- <% end %>
- <I>(This alarm is repeated <B><%= form.alertresult[i]["value"][j][k]["count"] %></B> times)</I>
- <% if (table.maxn(form.alertresult[i]["value"][j][k]["url"]) ~= 0) then %>
- ( URL's:
- <% for q=1, table.maxn(form.alertresult[i]["value"][j][k]["url"]) do %>
- <a href="<%= form.alertresult[i]["value"][j][k]["url"][q] %>" target="_new"><img src="/static/tango/16x16/categories/applications-internet.png" alt="<%= form.alertresult[i]["value"][j][k]["url"][q] %>"></a>
- <% end %>
- )
- <% end %>
- </p>
- <% end %>
-
- <% end %>
-<% end %>
+../status-html.lsp \ No newline at end of file
diff --git a/snort.menu b/snort.menu
index 7b5c9f2..faacfc9 100644
--- a/snort.menu
+++ b/snort.menu
@@ -1,3 +1,3 @@
#CAT GROUP/DESC TAB ACTION
-Applications 80Snort Status status
+Applications 80Snort Status details
Applications 80Snort Expert expert
diff --git a/snort.roles b/snort.roles
index d489da5..ef54e55 100644
--- a/snort.roles
+++ b/snort.roles
@@ -1,2 +1,2 @@
-READ=snort:status
-UPDATE=snort:expert
+READ=snort:status,snort:details
+UPDATE=snort:expert,snort:startstop