Ejemplo n.º 1
0
	def test_runUpdate(self):
		UpdateTasks.runUpdate("update/test.rules")
		Rule.objects.get(SID=2000000, active=True, priority=10)
		
# 	def test_weirdRule(self):
# 		rule = self.update.updateRule('alert udp any 53 -> ![$DNS_SERVERS,$SMTP_SERVERS] any (msg:"ET POLICY Unusual number of DNS No Such Name Responses"; content:"|83|"; offset:3; depth:1; threshold: type both , track by_dst, count 50, seconds 300; reference:url,doc.emergingthreats.net/2003195; classtype:bad-unknown; sid:2003195; rev:5;)', "example2.rules")
# 		rule.revisions.get(rev=5)
# 		
# 	def test_deleteRevisions(self):
# 		self.update.updateRule('alert udp any 53 -> ![$DNS_SERVERS,$SMTP_SERVERS] any (msg:"ET POLICY Unusual number of DNS No Such Name Responses"; content:"|83|"; offset:3; depth:1; threshold: type both , track by_dst, count 50, seconds 300; reference:url,doc.emergingthreats.net/2003195; classtype:bad-unknown; sid:2003195; rev:1;)', "example.rules")
# 		self.update.updateRule('alert udp any 53 -> ![$DNS_SERVERS,$SMTP_SERVERS] any (msg:"ET POLICY Unusual number of DNS No Such Name Responses"; content:"|83|"; offset:3; depth:1; threshold: type both , track by_dst, count 50, seconds 300; reference:url,doc.emergingthreats.net/2003195; classtype:bad-unknown; sid:2003195; rev:2;)', "example.rules")
# 		self.update.updateRule('alert udp any 53 -> ![$DNS_SERVERS,$SMTP_SERVERS] any (msg:"ET POLICY Unusual number of DNS No Such Name Responses"; content:"|83|"; offset:3; depth:1; threshold: type both , track by_dst, count 50, seconds 300; reference:url,doc.emergingthreats.net/2003195; classtype:bad-unknown; sid:2003195; rev:3;)', "example.rules")
# 		self.update.updateRule('alert udp any 53 -> ![$DNS_SERVERS,$SMTP_SERVERS] any (msg:"ET POLICY Unusual number of DNS No Such Name Responses"; content:"|83|"; offset:3; depth:1; threshold: type both , track by_dst, count 50, seconds 300; reference:url,doc.emergingthreats.net/2003195; classtype:bad-unknown; sid:2003195; rev:4;)', "example.rules")
# 		self.update.updateRule('alert udp any 53 -> ![$DNS_SERVERS,$SMTP_SERVERS] any (msg:"ET POLICY Unusual number of DNS No Such Name Responses"; content:"|83|"; offset:3; depth:1; threshold: type both , track by_dst, count 50, seconds 300; reference:url,doc.emergingthreats.net/2003195; classtype:bad-unknown; sid:2003195; rev:5;)', "example.rules")
# 			
# 		rule = Rule.objects.get(SID=2003195)
# 		
# 		self.assertTrue(rule.revisions.count() == 2)
Ejemplo n.º 2
0
    def test_runUpdate(self):
        UpdateTasks.runUpdate("update/test.rules")
        Rule.objects.get(SID=2000000, active=True, priority=10)


# 	def test_weirdRule(self):
# 		rule = self.update.updateRule('alert udp any 53 -> ![$DNS_SERVERS,$SMTP_SERVERS] any (msg:"ET POLICY Unusual number of DNS No Such Name Responses"; content:"|83|"; offset:3; depth:1; threshold: type both , track by_dst, count 50, seconds 300; reference:url,doc.emergingthreats.net/2003195; classtype:bad-unknown; sid:2003195; rev:5;)', "example2.rules")
# 		rule.revisions.get(rev=5)
#
# 	def test_deleteRevisions(self):
# 		self.update.updateRule('alert udp any 53 -> ![$DNS_SERVERS,$SMTP_SERVERS] any (msg:"ET POLICY Unusual number of DNS No Such Name Responses"; content:"|83|"; offset:3; depth:1; threshold: type both , track by_dst, count 50, seconds 300; reference:url,doc.emergingthreats.net/2003195; classtype:bad-unknown; sid:2003195; rev:1;)', "example.rules")
# 		self.update.updateRule('alert udp any 53 -> ![$DNS_SERVERS,$SMTP_SERVERS] any (msg:"ET POLICY Unusual number of DNS No Such Name Responses"; content:"|83|"; offset:3; depth:1; threshold: type both , track by_dst, count 50, seconds 300; reference:url,doc.emergingthreats.net/2003195; classtype:bad-unknown; sid:2003195; rev:2;)', "example.rules")
# 		self.update.updateRule('alert udp any 53 -> ![$DNS_SERVERS,$SMTP_SERVERS] any (msg:"ET POLICY Unusual number of DNS No Such Name Responses"; content:"|83|"; offset:3; depth:1; threshold: type both , track by_dst, count 50, seconds 300; reference:url,doc.emergingthreats.net/2003195; classtype:bad-unknown; sid:2003195; rev:3;)', "example.rules")
# 		self.update.updateRule('alert udp any 53 -> ![$DNS_SERVERS,$SMTP_SERVERS] any (msg:"ET POLICY Unusual number of DNS No Such Name Responses"; content:"|83|"; offset:3; depth:1; threshold: type both , track by_dst, count 50, seconds 300; reference:url,doc.emergingthreats.net/2003195; classtype:bad-unknown; sid:2003195; rev:4;)', "example.rules")
# 		self.update.updateRule('alert udp any 53 -> ![$DNS_SERVERS,$SMTP_SERVERS] any (msg:"ET POLICY Unusual number of DNS No Such Name Responses"; content:"|83|"; offset:3; depth:1; threshold: type both , track by_dst, count 50, seconds 300; reference:url,doc.emergingthreats.net/2003195; classtype:bad-unknown; sid:2003195; rev:5;)', "example.rules")
#
# 		rule = Rule.objects.get(SID=2003195)
#
# 		self.assertTrue(rule.revisions.count() == 2)
Ejemplo n.º 3
0
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "srm.settings")

from update.models import Source
from update.tasks import UpdateTasks

if __name__ == "__main__":
	logger = logging.getLogger(__name__)
	
	# Grab the parameters.
	try:
		filename = sys.argv[1]
	except IndexError:
		print "Usage: %s <update directory> [<source>] [create]"
		sys.exit(1)
		
	try:
		sourcename = sys.argv[2]
	except IndexError:
		sourcename = "Manual"

	logger.info("Starting the update, with PID:%d, from: %s" % (os.getpid(), filename))
	# Creating the source if desired and needed.
	if("create" in sys.argv):
		s, c = Source.objects.get_or_create(name=sourcename)
		if(c):
			logger.info("Created a new source during updates: %s", s)

	# Start doing the update.
	UpdateTasks.runUpdate(filename, sourcename)
	logger.info("Finished the update, with PID:%d, from: %s" % (os.getpid(), filename))
Ejemplo n.º 4
0
            logger.info("Created a new source during updates: %s", s)
    else:
        try:
            s = Source.objects.get(name=sourcename)
        except:
            logger.warning("Could not find a source for the manual update.")
            sys.exit(1)

    if (s.locked):
        logger.info(
            "Could not update '%s', as there seems to already be an update going for this source."
            % s.name)
        sys.exit(1)
    else:
        s.locked = True
        s.save()
        logger.info("Starting the update from %s, with PID:%d." %
                    (s.name, os.getpid()))

    # Start doing the update.
    try:
        UpdateTasks.runUpdate(filename, sourcename)
        logger.info("Finished the update, with PID:%d, from: %s" %
                    (os.getpid(), filename))
    except:
        logger.warning("Something happened while doing a manual update of %s",
                       s.name)
    finally:
        s.locked = False
        s.save()
Ejemplo n.º 5
0
            source.locked = False
            source.save()
            sys.exit(1)

        logger.debug("Downloaded-MD5:'%s'" % str(_hash.hexdigest()))
        logger.debug("LastUpdate-MD5:'%s'" % str(source.lastMd5))

        if (str(_hash.hexdigest()) != str(source.lastMd5)):
            UpdateLog.objects.create(
                update=update,
                time=datetime.datetime.now(),
                logType=UpdateLog.PROGRESS,
                text="7 Starting to process the download.")
            logger.info("Processing the download")
            try:
                UpdateTasks.runUpdate(filename, source.name, update=update)
            except Exception as e:
                logger.critical("Hit exception while running update: %s" %
                                str(e))
                UpdateLog.objects.create(
                    update=update,
                    time=datetime.datetime.now(),
                    logType=UpdateLog.PROGRESS,
                    text=
                    "100 ERROR: Hit an exception while processing the update.")
                logger.debug("%s" % (traceback.format_exc()))
                source.locked = False
                source.save()
                sys.exit(1)

            logger.info("Storing md5 of this update: %s" % (_hash.hexdigest()))
Ejemplo n.º 6
0
		except urllib2.HTTPError as e:
			UpdateLog.objects.create(update=update, time=datetime.datetime.now(), logType=UpdateLog.PROGRESS, text="100 Error during downloading. Check log for details..")
			logger.error("Error during download: %s" % str(e))
			source.locked = False
			source.save()
			sys.exit(1)

		logger.debug("Downloaded-MD5:'%s'" % str(_hash.hexdigest()))
		logger.debug("LastUpdate-MD5:'%s'" % str(source.lastMd5))
	
		if(str(_hash.hexdigest()) != str(source.lastMd5)):
			UpdateLog.objects.create(update=update, time=datetime.datetime.now(), logType=UpdateLog.PROGRESS, text="7 Starting to process the download.")
			logger.info("Processing the download" )
			try:
				UpdateTasks.runUpdate(filename, source.name, update=update)
			except Exception as e:
				logger.critical("Hit exception while running update: %s" % str(e))
				UpdateLog.objects.create(update=update, time=datetime.datetime.now(), logType=UpdateLog.PROGRESS, text="100 ERROR: Hit an exception while processing the update.")
				logger.debug("%s" % (traceback.format_exc()))
				source.locked = False
				source.save()
				sys.exit(1)
		
			logger.info("Storing md5 of this update: %s" % (_hash.hexdigest()))
			source.lastMd5 = _hash.hexdigest()
			source.save()
		else:
			logger.info("The downloaded file has the same md5sum as the last file we updated from. Skipping update.")
			UpdateLog.objects.create(update=update, time=datetime.datetime.now(), logType=UpdateLog.PROGRESS, text="100 Downloaded file is processed earlier. Finishing.")
	else: