diff options
| author | Mika Havela <mika.havela@gmail.com> | 2007-12-29 17:02:42 +0000 |
|---|---|---|
| committer | Mika Havela <mika.havela@gmail.com> | 2007-12-29 17:02:42 +0000 |
| commit | 14bea207755931df0155fa9a577782aa167695be (patch) | |
| tree | b6a7843f65537187cd5ab4f42e81c9d225fe5bbe /snort-model.lua | |
| parent | 3cf15148d5f3b9883ef729f275e9b245cd16321f (diff) | |
| download | acf-snort-14bea207755931df0155fa9a577782aa167695be.tar.bz2 acf-snort-14bea207755931df0155fa9a577782aa167695be.tar.xz | |
Cleaning up code
git-svn-id: svn://svn.alpinelinux.org/acf/snort/trunk@476 ab2d0c66-481e-0410-8bed-d214d4d58bed
Diffstat (limited to 'snort-model.lua')
| -rw-r--r-- | snort-model.lua | 109 |
1 files changed, 1 insertions, 108 deletions
diff --git a/snort-model.lua b/snort-model.lua index 1746b1c..da6d803 100644 --- a/snort-model.lua +++ b/snort-model.lua @@ -6,55 +6,6 @@ module (..., package.seeall) require("posix") require("fs") --- START SORT ################################################################################ ---[[ -function __genOrderedIndex( t ) - local orderedIndex = {} - for key in pairs(t) do - table.insert( orderedIndex, key ) - end - table.sort( orderedIndex ) - return orderedIndex -end - -function orderedNext(t, state) - -- Equivalent of the next function, but returns the keys in the alphabetic - -- order. We use a temporary ordered key table that is stored in the - -- table being iterated. - - --print("orderedNext: state = "..tostring(state) ) - if state == nil then - -- the first time, generate the index - t.__orderedIndex = __genOrderedIndex( t ) - key = t.__orderedIndex[1] - return key, t[key] - end - -- fetch the next value - key = nil - for i = 1,table.getn(t.__orderedIndex) do - if t.__orderedIndex[i] == state then - key = t.__orderedIndex[i+1] - end - end - - if key then - return key, t[key] - end - - -- no more value to return, cleanup - t.__orderedIndex = nil - return -end - -function orderedPairs(t) - -- Equivalent of the pairs() function on tables. Allows to iterate - -- in order - return orderedNext, t, nil -end ---]] --- END SORT ################################################################################ - - local function get_version() local cmd = "snort -V 2>&1 | grep Version | sed 's/.*ersion\ /snort-/'" local cmd_output = io.popen( cmd ) @@ -109,51 +60,6 @@ service_control = function ( self, srvcmd ) return retval end -xxxread_alert = function () - local alertfile = "/var/log/snort/alert" - local alerts = "" - local fileresult = {} - local fileresultcnt = "" - local presentation = {} - local presentationtable = {} - local liboutput = fs.read_file_as_array(alertfile) - if (liboutput) then - for k,v in ipairs(liboutput) do - local generator,signature,revision = string.match(v, "^.*%[%*%*%]%s*%[(%d*):(%d*):(%d*).*") - if (generator) and (signature) and (revision) then - if not (fileresult[generator..":"..signature..":"..revision]) then - fileresult[generator..":"..signature..":"..revision]={} - end - table.insert (fileresult[generator..":"..signature..":"..revision], v) - local tablemax = table.maxn(fileresult[generator..":"..signature..":"..revision]) - fileresult[generator..":"..signature..":"..revision][tablemax]={} - fileresult[generator..":"..signature..":"..revision][tablemax]["classification"]=string.match(liboutput[k+1],"^.*%[.*lassification:%s*(.*)%]%s*%[") or "Classification: unknown" - fileresult[generator..":"..signature..":"..revision][tablemax]["priority"]=string.match(liboutput[k+1],"^.*%[.*lassification:%s*.*%]%s*%[(.*)%]") or "Priority: unknown" - fileresult[generator..":"..signature..":"..revision][tablemax]["count"]=tablemax - for i=0, 6 do - if liboutput[k+i] == "" then break end - if (liboutput[k+i-1]) then - if not (string.match(liboutput[k+i],"^%[Classification.*")) then - table.insert(fileresult[generator..":"..signature..":"..revision][tablemax],liboutput[k+i]) - end - end - end - end - end - for k,v in pairs(fileresult) do - table.insert(presentation,v) - end - for i = 1, table.maxn(presentation) do - local maxn = table.maxn(presentation[i]) - presentationtable[i] = presentation[i][maxn] - end - alerts = table.maxn(presentationtable) - else - alerts = "0" - end - return alerts,presentationtable -end - read_alert = function () local alertfile = "/var/log/snort/alert" local alertcount = 0 @@ -168,7 +74,7 @@ read_alert = function () if (liboutput) then for k,v in ipairs(liboutput) do --DEBUG --- if (k == 1) then break end + --if (k == 1) then break end currid = string.match(v, "^.*%[%*%*%]%s*%[(%d+:%d+:%d+)%].*") if (currid) then local priority = string.match(liboutput[k+1],"^.*%[.*lassification:%s*.*%]%s*%[(.*)%]") or "Priority: Unknown" @@ -202,19 +108,6 @@ read_alert = function () end end end ---[[ -t = { - ['a'] = 'xxx', - ['b'] = 'xxx', - ['c'] = 'xxx', - ['d'] = 'xxx', - ['e'] = 'xxx', -} - - for key, val in orderedNext(t) do - t=key - end ---]] return alertcount,alertpriority end |