Beispiel #1
0
def update_snort_rules():
    if not ServiceLock.is_locked():
        ServiceLock.lock_system("Update System")
        ruleFile = GetRules()
        ruleFile.download_rules()
        ServiceLock.unlock_system()
    else:
        print "System is locked"
Beispiel #2
0
def produce_configuration_files():
    if not ServiceLock.is_locked():
        ServiceLock.lock_system('Update System')
        producer = PolicyChainProducer()
        producer.producePolicyChain()
        ServiceLock.unlock_system()
    else:
        print 'System is locked'
Beispiel #3
0
 def check_status(self):
     """ Check that service is not locked """
     
     if ServiceLock.is_locked():
         raise SystemLockedException('System is locked by background job')
Beispiel #4
0
    def render(self, list):
        """ Global rendrer, check specific items before returning data. """

        if ServiceLock.is_locked():
            list['service_lock'] = True
        return list
Beispiel #5
0
def main():

    parser = ArgumentParser(description='Administration script for the Snortmanager uility')    
    parser.add_argument('-d',action='store_true',dest='daemonize',help='Run server as a daemon')
    parser.add_argument('-u',action='store_true',dest='update',help='Update rules from sources')
    parser.add_argument('-p',action='store_true',dest='policychain',help='Produce and push policy chain')
    parser.add_argument('-s',action='store_true',dest='silent',help='Silent operation, log nothing to screen')
    parser.add_argument('--status',action='store_true',dest='status',help='Check the running status of Snortmanager')
    parser.add_argument('--stop',action='store_true',dest='stop',help='Stop Snortmanager if running as daemon')
    args = parser.parse_args()

    from webapp.config.dbconfig import init_database
    init_database()

    
    if args.update:
        
        print 'Starting download of Rules'
        update_snort_rules()
        exit(0)
    
    if args.policychain:
        if ServiceLock.is_locked():
            print 'This system is locked for changes'

        print 'Producing policychains'
#        produce_configuration_files()
        exit(0)
    
    running_state = snortmanager_status()
        
    if args.status:
        if running_state:
            print 'Snortmanager is running. PID: %i' % running_state
        else:
            print 'Snortmanger is not running'

        exit(0)
    
    if args.stop:
        if running_state: # Potentiel sikkerhetsfeil
            print 'Shutting down snortmanager'
            os.kill(running_state, signal.SIGTERM)
            running_state = 0

            try:
                os.remove(pid_file)
            except OSError as e:
                print 'Error while removing PID file: %s' % e
                
            exit(0)
        else:
            print 'Snortmanager is not running'
            exit(1)

    configuration = os.path.join(rundir, 'webapp.conf')
    configuration = {
        '/': {
            'request.dispatch': Disp(),
            'tools.staticfile.root': rundir,
            'tools.sessions.on':  True,
            'tools.sessions.timeout': 240,
            'tools.gzip.on': True,
            'tools.gzip.mime_types': ['text/html', 'text/plain', 'text/css', 'text/javascript', 'application/javascript'],
            'tools.trailing_slash.on': True,
            'tools.trailing_slash.missing': False,
            'tools.trailing_slash.extra': True
            },
        '/favicon.ico': {
            'tools.staticfile.on': True,
            'tools.staticfile.filename' : 'resources/favicon.ico'
            },
        '/stylesheet.css' : {
            'tools.staticfile.on': True,
            'tools.staticfile.filename': 'resources/stylesheet/stylesheet.css'
        },
        '/resources': {
        	'tools.staticdir.on': True,
        	'tools.staticdir.root': rundir,
        	'tools.staticdir.dir': 'resources'
        	}
    }

    if args.daemonize:
        if running_state:
            print 'Snortmanager is already running as daemon! PID: %i' % running_state
            exit(1)
        print 'Starting Snortmanager as Daemon'
        plugins.Daemonizer(cherrypy.engine).subscribe()
        
        plugins.PIDFile(cherrypy.engine, pid_file).subscribe()

    # Neceassary to create a PID file   
    """
    if args.pid_file:
        plugins.PIDFile(cherrypy.engine, options.pid_file).subscribe()
    """    
    
    if args.silent or args.daemonize:
        cherrypy.config.update({'log.screen': False})
    else:
        cherrypy.config.update({'log.screen': True})
        
    try:
        cherrypy.config.update({
        'global': {
        'basePath': path_base,
        'runPath': rundir,
        'error_page.404':  os.path.join(TEMPLATES, "errors/404.html")
        

        }
    })
    
        initiate_scheduler(cherrypy.engine)
        cherrypy.tree.mount(None, config=configuration)
        cherrypy.engine.start()
        cherrypy.engine.block()
    except Exception as e:
        print e
        sys.exit(1)