def update_snort_rules():
if not ServiceLock.is_locked():
ServiceLock.lock_system("Update System")
ruleFile = GetRules()
ruleFile.download_rules()
ServiceLock.unlock_system()
else:
print "System is locked"
def produce_configuration_files():
if not ServiceLock.is_locked():
ServiceLock.lock_system('Update System')
producer = PolicyChainProducer()
producer.producePolicyChain()
ServiceLock.unlock_system()
else:
print 'System is locked'
def check_status(self):
""" Check that service is not locked """
if ServiceLock.is_locked():
raise SystemLockedException('System is locked by background job')
def render(self, list):
""" Global rendrer, check specific items before returning data. """
if ServiceLock.is_locked():
list['service_lock'] = True
return list
def main():
parser = ArgumentParser(description='Administration script for the Snortmanager uility')
parser.add_argument('-d',action='store_true',dest='daemonize',help='Run server as a daemon')
parser.add_argument('-u',action='store_true',dest='update',help='Update rules from sources')
parser.add_argument('-p',action='store_true',dest='policychain',help='Produce and push policy chain')
parser.add_argument('-s',action='store_true',dest='silent',help='Silent operation, log nothing to screen')
parser.add_argument('--status',action='store_true',dest='status',help='Check the running status of Snortmanager')
parser.add_argument('--stop',action='store_true',dest='stop',help='Stop Snortmanager if running as daemon')
args = parser.parse_args()
from webapp.config.dbconfig import init_database
init_database()
if args.update:
print 'Starting download of Rules'
update_snort_rules()
exit(0)
if args.policychain:
if ServiceLock.is_locked():
print 'This system is locked for changes'
print 'Producing policychains'
# produce_configuration_files()
exit(0)
running_state = snortmanager_status()
if args.status:
if running_state:
print 'Snortmanager is running. PID: %i' % running_state
else:
print 'Snortmanger is not running'
exit(0)
if args.stop:
if running_state: # Potentiel sikkerhetsfeil
print 'Shutting down snortmanager'
os.kill(running_state, signal.SIGTERM)
running_state = 0
try:
os.remove(pid_file)
except OSError as e:
print 'Error while removing PID file: %s' % e
exit(0)
else:
print 'Snortmanager is not running'
exit(1)
configuration = os.path.join(rundir, 'webapp.conf')
configuration = {
'/': {
'request.dispatch': Disp(),
'tools.staticfile.root': rundir,
'tools.sessions.on': True,
'tools.sessions.timeout': 240,
'tools.gzip.on': True,
'tools.gzip.mime_types': ['text/html', 'text/plain', 'text/css', 'text/javascript', 'application/javascript'],
'tools.trailing_slash.on': True,
'tools.trailing_slash.missing': False,
'tools.trailing_slash.extra': True
},
'/favicon.ico': {
'tools.staticfile.on': True,
'tools.staticfile.filename' : 'resources/favicon.ico'
},
'/stylesheet.css' : {
'tools.staticfile.on': True,
'tools.staticfile.filename': 'resources/stylesheet/stylesheet.css'
},
'/resources': {
'tools.staticdir.on': True,
'tools.staticdir.root': rundir,
'tools.staticdir.dir': 'resources'
}
}
if args.daemonize:
if running_state:
print 'Snortmanager is already running as daemon! PID: %i' % running_state
exit(1)
print 'Starting Snortmanager as Daemon'
plugins.Daemonizer(cherrypy.engine).subscribe()
plugins.PIDFile(cherrypy.engine, pid_file).subscribe()
# Neceassary to create a PID file
"""
if args.pid_file:
plugins.PIDFile(cherrypy.engine, options.pid_file).subscribe()
"""
if args.silent or args.daemonize:
cherrypy.config.update({'log.screen': False})
else:
cherrypy.config.update({'log.screen': True})
try:
cherrypy.config.update({
'global': {
'basePath': path_base,
'runPath': rundir,
'error_page.404': os.path.join(TEMPLATES, "errors/404.html")
}
})
initiate_scheduler(cherrypy.engine)
cherrypy.tree.mount(None, config=configuration)
cherrypy.engine.start()
cherrypy.engine.block()
except Exception as e:
print e
sys.exit(1)
