Beispiel #1
0
def _extract_to_temp(filename):
    """ Extract an archive to a temporary directory returning the name
    of that directory. """
    temp_rule_dir = util.get_tmpdir()
    status = subprocess.call("tar zxf %s -C %s" % (
            filename, temp_rule_dir), shell=True)
    return temp_rule_dir
Beispiel #2
0
def dump_stubs(ruleset, snort_path, snort_dynamicengine, os_type, 
                dest_dir=None, verbose=False):

    if os.path.isdir(ruleset):
        rule_dir = ruleset
    else:
        rule_dir = _extract_to_temp(ruleset)

    dynamic_rules_dir = _find_dynamic_rules(rule_dir, os_type)
    if not dynamic_rules_dir:
        # No dynamic rules found. Don't log anything here. Let the
        # caller do that if wanted.
        return None
    if not dest_dir:
        dest_dir = util.get_tmpdir()
    args = (snort_path,
            "--dump-dynamic-rules=%s" % (dest_dir),
            "--dynamic-detection-lib-dir=%s" % (dynamic_rules_dir),
            "--dynamic-engine-lib=%s" % (snort_dynamicengine))
    logger.info("Running %s" % (" ".join(args)))

    child = subprocess.Popen(
        " ".join(args), stdout=subprocess.PIPE, stderr=subprocess.STDOUT, 
        shell=True)
    output = io.StringIO()
    while True:
        line = child.stdout.readline()
        if not line:
            break
        output.write(unicode(line))
        if verbose:
            logger.info(line.strip())
        else:
            logger.debug(line.strip())
    if child.wait() != 0:
        # An error occurred.  We need to trim the output displayed...
        error_lines = output.getvalue().split("\n")
        if len(error_lines) > 12:
            error_lines = error_lines[0:12]
            error_lines.append("<remainder of output trimmed>")
        logger.error("\nFailed to dump dynamic rule stubs:")
        logger.error("\n".join(error_lines))
        return False

    return dest_dir