Python export_iprep_files Exemples

Exemple #1

Fichier : models.py Projet : StamusNetworks/scirius

 def generate(self):
     # FIXME extract archive file for sources
     # generate rule file
     rules = self.ruleset.to_buffer()
     # write to file
     with open(self.output_directory + "/" + "scirius.rules", 'w') as rfile:
         rfile.write(rules.encode('utf-8'))
     # export files at version
     self.ruleset.export_files(self.output_directory)
     # FIXME gruick
     with open(self.output_directory + "/" + "rules.json", 'w') as rfile:
         for rule in Rule.objects.all():
             dic = {'sid': rule.pk, 'created': unicode(rule.created), 'updated': unicode(rule.updated)}
             rfile.write(json.dumps(dic) + '\n')
     # Export IPrep
     export_iprep_files(self.output_directory)

Exemple #2

Fichier : models.py Projet : superpb9/scirius

 def generate(self):
     # FIXME extract archive file for sources
     # generate rule file
     rules = self.ruleset.to_buffer()
     # write to file
     with open(self.output_directory + "/" + "scirius.rules", 'w') as rfile:
         rfile.write(rules.encode('utf-8'))
     # export files at version
     self.ruleset.export_files(self.output_directory)
     # FIXME gruick
     with open(self.output_directory + "/" + "rules.json", 'w') as rfile:
         for rule in Rule.objects.all():
             dic = {
                 'sid': rule.pk,
                 'created': str(rule.created),
                 'updated': str(rule.updated)
             }
             rfile.write(json.dumps(dic) + '\n')
     # Export IPrep
     export_iprep_files(self.output_directory)

Exemple #3

Fichier : tests_rules.py Projet : zhang1224/scirius

    def rule_buffer(self,
                    rule_buffer,
                    config_buffer=None,
                    related_files=None,
                    reference_config=None,
                    classification_config=None,
                    cats_content='',
                    iprep_content=''):
        # create temp directory
        tmpdir = tempfile.mkdtemp()
        # write the rule file in temp dir
        rule_file = os.path.join(tmpdir, "file.rules")
        rf = open(rule_file, 'w')
        rf.write(rule_buffer)
        rf.close()

        if not reference_config:
            refence_config = self.REFERENCE_CONFIG
        reference_file = os.path.join(tmpdir, "reference.config")
        rf = open(reference_file, 'w')
        rf.write(refence_config)
        rf.close()

        if not classification_config:
            classification_config = self.CLASSIFICATION_CONFIG
        classification_file = os.path.join(tmpdir, "classification.config")
        cf = open(classification_file, 'w')
        cf.write(classification_config)
        cf.close()

        if not config_buffer:
            config_buffer = self.CONFIG_FILE
        config_file = os.path.join(tmpdir, "suricata.yaml")
        cf = open(config_file, 'w')
        # write the config file in temp dir
        cf.write(config_buffer)
        cf.write("mpm-algo: ac-bs\n")
        cf.write("default-rule-path: " + tmpdir + "\n")
        cf.write("reference-config-file: " + tmpdir + "/reference.config\n")
        cf.write("classification-file: " + tmpdir + "/classification.config\n")
        cf.write("reputation-categories-file: " + tmpdir +
                 "/scirius-categories.txt\n")
        cf.write("default-reputation-path: " + tmpdir + "\n")
        cf.write("""reputation-files:
  - scirius-iprep.list
""")

        cf.close()
        related_files = related_files or {}
        for rfile in related_files:
            related_file = os.path.join(tmpdir, rfile)
            rf = open(related_file, 'w')
            rf.write(related_files[rfile])
            rf.close()

        from rules.models import export_iprep_files
        export_iprep_files(tmpdir, cats_content, iprep_content)

        suri_cmd = [
            settings.SURICATA_BINARY, '-T', '-l', tmpdir, '-S', rule_file,
            '-c', config_file
        ]
        # start suricata in test mode
        suriprocess = subprocess.Popen(suri_cmd,
                                       stdout=subprocess.PIPE,
                                       stderr=subprocess.PIPE)
        (outdata, errdata) = suriprocess.communicate()
        shutil.rmtree(tmpdir)
        # if success ok
        if suriprocess.returncode == 0:
            return {'status': True, 'errors': ''}
        # if not return error
        return {'status': False, 'errors': errdata.decode('utf-8')}

Exemple #4

Fichier : tests_rules.py Projet : StamusNetworks/scirius

    def rule_buffer(self, rule_buffer, config_buffer = None, related_files = None, reference_config = None, classification_config = None):
        # create temp directory
        tmpdir = tempfile.mkdtemp()
        # write the rule file in temp dir
        rule_file = os.path.join(tmpdir, "file.rules")
        rf = open(rule_file, 'w')
        try:
            rf.write(rule_buffer)
        except UnicodeEncodeError:
            rf.write(rule_buffer.encode('utf-8'))
        rf.close()

        if not reference_config:
            refence_config = self.REFERENCE_CONFIG
        reference_file = os.path.join(tmpdir, "reference.config")
        rf = open(reference_file, 'w')
        rf.write(refence_config)
        rf.close()

        if not classification_config:
            classification_config = self.CLASSIFICATION_CONFIG
        classification_file = os.path.join(tmpdir, "classification.config")
        cf = open(classification_file, 'w')
        cf.write(classification_config)
        cf.close()

        if not config_buffer:
            config_buffer = self.CONFIG_FILE
        config_file = os.path.join(tmpdir, "suricata.yaml")
        cf = open(config_file, 'w')
        # write the config file in temp dir
        cf.write(config_buffer)
        cf.write("mpm-algo: ac-bs\n")
        cf.write("default-rule-path: " + tmpdir + "\n")
        cf.write("reference-config-file: " + tmpdir + "/reference.config\n")
        cf.write("classification-file: " + tmpdir + "/classification.config\n")
        cf.write("reputation-categories-file: " + tmpdir + "/scirius-categories.txt\n")
        cf.write("default-reputation-path: " + tmpdir + "\n")
        cf.write("""reputation-files:
  - scirius-iprep.list
""")

        cf.close()
        related_files = related_files or {}
        for rfile in related_files:
            related_file = os.path.join(tmpdir, rfile)
            rf = open(related_file, 'w')
            rf.write(related_files[rfile])
            rf.close()

        from rules.models import export_iprep_files
        export_iprep_files(tmpdir)
            
        suri_cmd = ['suricata', '-T', '-l', tmpdir, '-S', rule_file, '-c', config_file]
        # start suricata in test mode
        suriprocess = subprocess.Popen(suri_cmd , stdout=subprocess.PIPE, stderr=subprocess.PIPE)
        (outdata, errdata) = suriprocess.communicate()
        shutil.rmtree(tmpdir)
        # if success ok
        if suriprocess.returncode == 0:
            return {'status': True, 'errors': ''}
        # if not return error
        return {'status': False, 'errors': errdata}