dinfo=['msg','sid','gid','rev','reference'] for line in inrule: line=line.strip() if line: if line.find('noalert')>0: printerror("noalert: %s" %line) continue prule=lib_rule.parserule(line,i) vinfo=['msg','sid','gid','rev','','',''] for info in prule['body']: try: index=dinfo.index(info[0].strip()) if index<4: vinfo[index]=lib_rule.mystrip(info[1]) else: key,value=info[1].split(',') try: index=['cve','bugtraq','cnvd'].index(key) vinfo[index+4]=value except ValueError: pass except ValueError: pass #print "=============%s %d" %(vinfo[1],i) pool.addtask(write2file,(vinfo,)) i+=1 pool.waitPoolComplete() outinfo.write('@==============================')
pp=os.path.split(sys.argv[1]) out=open(pp[0]+'/'+pp[1]+'.56rules','w') err=open(pp[0]+'/err.log','a+') if len(sys.argv)>2 and sys.argv[2]=='-r': r=re.compile('msg:\".*?\";') for line in open(sys.argv[1]): line=line.strip() if line: prule=lib_rule.parserule(line,i) nmsg='' for info in prule['body']: if info[0]=='msg': msg=lib_rule.mystrip(info[1]) index=msg.find('-') if index>0: name=msg[:index].strip() title=msg[index+1:].strip() nmsg="msg:\"%s - %s\";" %(name,title) continue if nmsg and r.search(line): #sid="sid:260804"+tid+'00' new=r.sub(nmsg,line) out.write(new+'\n') nmsg="" else: print "Error in %d" %i,line i+=1