def test_get_alert_netflow_setup_ok(self, ossim_db_mock, _):
ossim_db_mock.return_value.exec_query.return_value = self.alert_nf_db_result
control_mgr = ControlManager(self.conf)
res = control_mgr.get_alert_netflow_setup()
self.assertEqual(
res,
dict(((i['conf'], i['value']) for i in self.alert_nf_db_result)))
def test_process_get_alert_nf_setup_response_bad_command(self, ossim_db_mock, _):
ossim_db_mock.return_value.exec_query.return_value = self.alert_nf_db_result
control_mgr = ControlManager(self.conf)
ctrl_line = 'control action="get_alert_nf_setup_err"'
expected_response = 'control action="get_alert_nf_setup_err" errno="-1" error="No agents available." ackend\n'
response = control_mgr.process(self.sensor_ip, '', ctrl_line)
self.assertEqual(expected_response, response)
def test_get_alert_netflow_setup_db_err(self, ossim_db_mock, _):
ossim_db_mock.return_value.exec_query.side_effect = DatabaseError('test err')
control_mgr = ControlManager(self.conf)
res = control_mgr.get_alert_netflow_setup()
self.assertEqual(res, {})
# check that it will return 0 by default
self.assertEqual(0, res['udp_max_upload'])
self.assertEqual(0, res['tcp_max_upload'])
def test_process_get_alert_nf_setup_response_bad_command(
self, ossim_db_mock, _):
ossim_db_mock.return_value.exec_query.return_value = self.alert_nf_db_result
control_mgr = ControlManager(self.conf)
ctrl_line = 'control action="get_alert_nf_setup_err"'
expected_response = 'control action="get_alert_nf_setup_err" errno="-1" error="No agents available." ackend\n'
response = control_mgr.process(self.sensor_ip, '', ctrl_line)
self.assertEqual(expected_response, response)
def test_process_get_alert_nf_setup_response_ok(self, ossim_db_mock, _):
ossim_db_mock.return_value.exec_query.return_value = self.alert_nf_db_result
control_mgr = ControlManager(self.conf)
ctrl_line = 'control action="get_alert_nf_setup"'
expected_response = 'control get_alert_nf_setup ' \
'agg_function="1" inspection_window="2" tcp_max_download="100" tcp_max_upload="10" ' \
'udp_max_download="100" udp_max_upload="10" ackend\n'
response = control_mgr.process(self.sensor_ip, '', ctrl_line)
self.assertEqual(expected_response, response)
def test_process_get_alert_nf_setup_response_ok(self, ossim_db_mock, _):
ossim_db_mock.return_value.exec_query.return_value = self.alert_nf_db_result
control_mgr = ControlManager(self.conf)
ctrl_line = 'control action="get_alert_nf_setup"'
expected_response = 'control get_alert_nf_setup ' \
'agg_function="1" inspection_window="2" tcp_max_download="100" tcp_max_upload="10" ' \
'udp_max_download="100" udp_max_upload="10" ackend\n'
response = control_mgr.process(self.sensor_ip, '', ctrl_line)
self.assertEqual(expected_response, response)
def test_get_alert_netflow_setup_db_err(self, ossim_db_mock, _):
ossim_db_mock.return_value.exec_query.side_effect = DatabaseError(
'test err')
control_mgr = ControlManager(self.conf)
res = control_mgr.get_alert_netflow_setup()
self.assertEqual(res, {})
# check that it will return 0 by default
self.assertEqual(0, res['udp_max_upload'])
self.assertEqual(0, res['tcp_max_upload'])
def test_get_alert_netflow_setup_ok(self, ossim_db_mock, _):
ossim_db_mock.return_value.exec_query.return_value = self.alert_nf_db_result
control_mgr = ControlManager(self.conf)
res = control_mgr.get_alert_netflow_setup()
self.assertEqual(res, dict(((i['conf'], i['value']) for i in self.alert_nf_db_result)))
def handle(self):
global controlmanager
global bkmanager
global asechandler
self.__id = None
logger.debug("Request from: %s:%i" % (self.client_address))
while 1:
try:
line = self.rfile.readline().rstrip('\n')
if len(line) > 0:
command = line.split()[0]
# set sane default response
response = ""
# check if we are a "control" request message
if command == "control":
# spawn our control timer
if controlmanager == None:
controlmanager = ControlManager(OssimConf())
response = controlmanager.process(self, command, line)
# otherwise we are some form of standard control message
elif command == "nagios":
if self.__nagiosmanager == None:
self.__nagiosmanager = NagiosManager(OssimConf())
response = self.__nagiosmanager.process(line)
elif command == "ping":
response = "pong\n"
elif command == "add_asset" or command == "remove_asset" or command == "refresh_asset_list":
linebk = ""
if controlmanager == None:
controlmanager = ControlManager(OssimConf())
linebk = "action=\"refresh_asset_list\"\n"
response = controlmanager.process(self, command, linebk)
# elif command == "refresh_inventory_task":
# if controlmanager == None:
# controlmanager = ControlManager(OssimConf())
# response = controlmanager.process(self, command, linebk)
elif command == "refresh_sensor_list":
logger.info("Check ntop proxy configuration ...")
ap = ApacheNtopProxyManager(OssimConf())
ap.refreshConfiguration()
ap.close()
elif command == "backup":
if bkmanager == None:
bkmanager= BackupRestoreManager(OssimConf())
response = bkmanager.process(line)
elif command == "asec":
if asechandler == None:
asechandler = ASECHandler(OssimConf())
response = asechandler.process_web(self, line)
elif command == "asec_m":#struct.unpack('!H',line[0:2])[0] == 0x1F1F:
#it's a tlv
if asechandler == None:
asechandler = ASECHandler(OssimConf())
response = asechandler.process(self,line)
elif command == "ws":
[ws_data] = re.findall('ws_data=(.*)$', line)
try:
ws_json = json.loads(ws_data)
logger.info("Received new WS: %s" % str(ws_json))
except Exception, msg:
logger.warning ("WS json is invalid: '%s'" % line)
else:
if ws_json['ws_id'] != '':
for ws_id in ws_json['ws_id'].split(','):
try:
ws_handler = WSHandler(OssimConf(), ws_id)
except Exception, msg:
logger.warning (msg)
else:
# response = ws_handler.process_json(ws_type, ws_data)
response = ws_handler.process_json('insert', ws_json)
else:
logger.warning ("WS command does not contain a ws_id field: '%s'" % line)
else:
a = Action.Action(line)
a.start()
# Group Alarms
#ag = AlarmGroup.AlarmGroup()
#ag.start()
# return the response as appropriate
if len(response) > 0:
self.wfile.write(response)
line = ""
def handle(self):
global controlmanager
global bkmanager
global asechandler
self.__id = None
logger.debug("Request from: %s:%i" % (self.client_address))
while 1:
try:
line = self.rfile.readline().rstrip('\n')
if len(line) > 0 and not line.isspace():
command = line.split()[0]
# set sane default response
response = ""
# Commands available. Note that only 'ping' is opened to anyone.
if self.__check_sensor_ip(
self.client_address[0]
) or self.client_address[0] == '127.0.0.1':
if command == "ping":
response = "pong\n"
elif command == "control":
# spawn our control timer
if controlmanager == None:
controlmanager = ControlManager(OssimConf())
response = controlmanager.process(
self, command, line)
elif self.client_address[0] == '127.0.0.1':
# Only control messages coming from localhost.
if command == "nagios":
if self.__nagiosmanager == None:
self.__nagiosmanager = NagiosManager(
OssimConf())
response = self.__nagiosmanager.process(line)
elif command == "add_asset" or command == "remove_asset" or command == "refresh_asset_list":
linebk = ""
if controlmanager == None:
controlmanager = ControlManager(
OssimConf())
linebk = "action=\"refresh_asset_list\"\n"
response = controlmanager.process(
self, command, linebk)
elif command == "backup":
if bkmanager == None:
bkmanager = BackupRestoreManager(
OssimConf())
response = bkmanager.process(line)
elif command == "asec":
if asechandler == None:
asechandler = ASECHandler(OssimConf())
response = asechandler.process_web(self, line)
elif command == "asec_m": #struct.unpack('!H',line[0:2])[0] == 0x1F1F:
#it's a tlv
if asechandler == None:
asechandler = ASECHandler(OssimConf())
response = asechandler.process(self, line)
elif command == "ws":
try:
[ws_data
] = re.findall('ws_data=(.*)$', line)
ws_json = json.loads(ws_data)
logger.info("Received new WS: %s" %
str(ws_json))
except Exception, msg:
logger.warning("WS json is invalid: '%s'" %
line)
else:
if ws_json['ws_id'] != '':
for ws_id in ws_json['ws_id'].split(
','):
try:
ws_handler = WSHandler(
OssimConf(), ws_id)
except Exception, msg:
logger.warning(msg)
else:
response = ws_handler.process_json(
'insert', ws_json)
else:
logger.warning(
"WS command does not contain a ws_id field: '%s'"
% line)
elif command == 'event':
a = Action.Action(line)
a.start()
else:
logger.info(
"Unrecognized command from source '%s': %s"
% (self.client_address[0], command))
return
else:
logger.info(
"Unrecognized command from source '%s': %s" %
(self.client_address[0], command))
def handle(self):
global controlmanager
self.__id = None
logger.debug("Request from: %s:%i" % (self.client_address))
while 1:
try:
line = self.rfile.readline().rstrip('\n')
if len(line) > 0:
command = line.split()[0]
# set sane default response
response = ""
# check if we are a "control" request message
if command == "control":
# spawn our control timer
if controlmanager == None:
controlmanager = ControlManager(OssimConf(Const.CONFIG_FILE))
response = controlmanager.process(self, command, line)
# otherwise we are some form of standard control message
elif command == "nessus":
if self.__nessusmanager == None:
self.__nessusmanager = NessusManager
response = self.__nessusmanager.process(line)
elif command == "nagios":
if self.__nagiosmanager == None:
self.__nagiosmanager = NagiosManager(OssimConf(Const.CONFIG_FILE))
response = self.__nagiosmanager.process(line)
elif command == "ping":
response = "pong\n"
elif command == "add_asset" or command == "remove_asset" or command == "refresh_asset_list":
linebk = ""
if controlmanager == None:
controlmanager = ControlManager(OssimConf(Const.CONFIG_FILE))
linebk = "action=\"refresh_asset_list\"\n"
response = controlmanager.process(self, command, linebk)
elif command == "refresh_sensor_list":
logger.info("Check ntop proxy configuration ...")
ap = ApacheNtopProxyManager(OssimConf(Const.CONFIG_FILE))
ap.refreshConfiguration()
else:
a = Action.Action(line)
a.start()
# Group Alarms
#ag = AlarmGroup.AlarmGroup()
#ag.start()
# return the response as appropriate
if len(response) > 0:
self.wfile.write(response)
line = ""
else:
return
except socket.error, e:
logger.warning("Client disconnected..." )
except IndexError:
logger.error("IndexError")
def handle(self):
global controlmanager
global bkmanager
global asechandler
self.__id = None
logger.debug("Request from: %s:%i" % (self.client_address))
while 1:
try:
line = self.rfile.readline().rstrip('\n')
if len(line) > 0 and not line.isspace():
command = line.split()[0]
# set sane default response
response = ""
# Commands available. Note that only 'ping' is opened to anyone.
if self.__check_sensor_ip(self.client_address[0]) or self.client_address[0] == '127.0.0.1':
if command == "ping":
response = "pong\n"
elif command == "control":
# spawn our control timer
if controlmanager == None:
controlmanager = ControlManager(OssimConf())
response = controlmanager.process(self, command, line)
elif self.client_address[0] == '127.0.0.1':
# Only control messages coming from localhost.
if command == "nagios":
if self.__nagiosmanager == None:
self.__nagiosmanager = NagiosManager(OssimConf())
response = self.__nagiosmanager.process(line)
elif command == "add_asset" or command == "remove_asset" or command == "refresh_asset_list":
linebk = ""
if controlmanager == None:
controlmanager = ControlManager(OssimConf())
linebk = "action=\"refresh_asset_list\"\n"
response = controlmanager.process(self, command, linebk)
elif command == "backup":
if bkmanager == None:
bkmanager= BackupRestoreManager(OssimConf())
response = bkmanager.process(line)
elif command == "asec":
if asechandler == None:
asechandler = ASECHandler(OssimConf())
response = asechandler.process_web(self, line)
elif command == "asec_m":#struct.unpack('!H',line[0:2])[0] == 0x1F1F:
#it's a tlv
if asechandler == None:
asechandler = ASECHandler(OssimConf())
response = asechandler.process(self,line)
elif command == "ws":
try:
[ws_data] = re.findall('ws_data=(.*)$', line)
ws_json = json.loads(ws_data)
logger.info("Received new WS: %s" % str(ws_json))
except Exception, msg:
logger.warning ("WS json is invalid: '%s'" % line)
else:
if ws_json['ws_id'] != '':
for ws_id in ws_json['ws_id'].split(','):
try:
ws_handler = WSHandler(OssimConf(), ws_id)
except Exception, msg:
logger.warning (msg)
else:
response = ws_handler.process_json('insert', ws_json)
else:
logger.warning ("WS command does not contain a ws_id field: '%s'" % line)
elif command == 'event':
a = Action.Action(line)
a.start()
else:
logger.info("Unrecognized command from source '%s': %s" % (self.client_address[0], command))
return
else:
logger.info("Unrecognized command from source '%s': %s" % (self.client_address[0], command))
def handle(self):
global controlmanager
self.__id = None
logger.debug("Request from: %s:%i" % (self.client_address))
while 1:
try:
line = self.rfile.readline().rstrip('\n')
if len(line) > 0:
command = line.split()[0]
# set sane default response
response = ""
# check if we are a "control" request message
if command == "control":
# spawn our control timer
if controlmanager == None:
controlmanager = ControlManager(
OssimConf(Const.CONFIG_FILE))
response = controlmanager.process(self, command, line)
# otherwise we are some form of standard control message
elif command == "nessus":
if self.__nessusmanager == None:
self.__nessusmanager = NessusManager
response = self.__nessusmanager.process(line)
elif command == "nagios":
if self.__nagiosmanager == None:
self.__nagiosmanager = NagiosManager(
OssimConf(Const.CONFIG_FILE))
response = self.__nagiosmanager.process(line)
elif command == "ping":
response = "pong\n"
elif command == "add_asset" or command == "remove_asset" or command == "refresh_asset_list":
linebk = ""
if controlmanager == None:
controlmanager = ControlManager(
OssimConf(Const.CONFIG_FILE))
linebk = "action=\"refresh_asset_list\"\n"
response = controlmanager.process(
self, command, linebk)
elif command == "refresh_sensor_list":
logger.info("Check ntop proxy configuration ...")
ap = ApacheNtopProxyManager(
OssimConf(Const.CONFIG_FILE))
ap.refreshConfiguration()
else:
a = Action.Action(line)
a.start()
# Group Alarms
#ag = AlarmGroup.AlarmGroup()
#ag.start()
# return the response as appropriate
if len(response) > 0:
self.wfile.write(response)
line = ""
else:
return
except socket.error, e:
logger.warning("Client disconnected...")
except IndexError:
logger.error("IndexError")
