# to the reject message actually sent
def _portscan_reject(self, pre_detection_logging, packet, initial_block):
if (not initial_block):
self._IPSResponse.prepare_and_send(packet)
else:
IPSResponse = self._IPSResponse
if (packet.protocol is PROTO.TCP):
for port, seq_num in pre_detection_logging.items():
IPSResponse.prepare_and_send(
copy(packet).tcp_override(port, seq_num))
elif (packet.protocol is PROTO.UDP):
for port, icmp_payload in pre_detection_logging.items():
IPSResponse.prepare_and_send(
copy(packet).udp_override(icmp_payload))
def _get_block_status(self, pre_detection_logging, protocol):
open_ports = self._IPS.open_ports
for port in pre_detection_logging:
if port in open_ports[protocol]:
return IPS.MISSED
return IPS.BLOCKED
if __name__ == '__main__':
Log.run(name=LOG_NAME)
IPS_IDS.run(Log, q_num=2)
# to the reject message actually sent
def _portscan_reject(self, pre_detection_logging, packet, initial_block):
if (not initial_block):
self._IPSResponse.prepare_and_send(packet)
else:
IPSResponse = self._IPSResponse
if (packet.protocol is PROTO.TCP):
for port, seq_num in pre_detection_logging.items():
IPSResponse.prepare_and_send(
copy(packet).tcp_override(port, seq_num))
elif (packet.protocol is PROTO.UDP):
for port, icmp_payload in pre_detection_logging.items():
IPSResponse.prepare_and_send(
copy(packet).udp_override(icmp_payload))
def _get_block_status(self, pre_detection_logging, protocol):
open_ports = self._IPS.open_ports
for port in pre_detection_logging:
if port in open_ports[protocol]:
return IPS.MISSED
return IPS.BLOCKED
if __name__ == '__main__':
Log.run(name=LOG_NAME, verbose=VERBOSE, root=ROOT)
IPS_IDS.run(Log, q_num=2)
