def test_istypeof(self): a = "*****@*****.**" addr1 = EmailAddress(a) self.assertTrue(Address.istypeof(addr1)) self.assertTrue(EmailAddress.istypeof(addr1)) # Address with no category set addr2 = Address(a) self.assertTrue(Address.istypeof(addr2)) self.assertFalse(EmailAddress.istypeof(addr2)) # Even though the isinstance check fails, the istypeof check should # succeed addr2.category = Address.CAT_EMAIL self.assertTrue(Address.istypeof(addr2)) self.assertTrue(EmailAddress.istypeof(addr2)) self.assertFalse(isinstance(addr2, EmailAddress)) # Address with category set to something other than CAT_EMAIL addr2.category = Address.CAT_IPV4 self.assertTrue(Address.istypeof(addr2)) self.assertFalse(EmailAddress.istypeof(addr2))
def load_rule_obj(stix_object): """ Load stix object as data to load rule object :param stix_object: :return: """ rulelist = [] if stix_object.observables: if stix_object.observables.observables: for observ in stix_object.observables.observables: if hasattr(observ.object_, 'properties'): if Address.istypeof(observ.object_.properties): if observ.object_.properties.category == 'ipv4-addr': rule_ = rulegen.Rule() rule_.load_address_obj(observ.object_.properties, observable_id_=observ.object_.id_) rulelist.append(rule_) # pass through properties if it's an address return rulelist
def load_ruleobs_obs(ruleobs): """ Load RuleDataObs object into stix2snort rule gen. :param ruleobs: :return: """ observ = ruleobs.observable indicator_id = ruleobs.indicator_id rulelist = [] if hasattr(observ.object_, 'properties'): if Address.istypeof(observ.object_.properties): if observ.object_.properties.category == 'ipv4-addr': rule_ = rulegen.Rule() rule_.load_address_obj(observ.object_.properties, observable_id_=observ.id_, indicator_id_=indicator_id) rule_._sid = next(_sid_counter) rulelist.append(rule_) if len(rulelist) > 0: return rulelist else: return None