Changeset 127


Ignore:
Timestamp:
Sep 30, 2007, 11:50:44 AM (12 years ago)
Author:
rainer
Message:

New portcheck option to ignore some ports.

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/configure.ac

    r124 r127  
    1313dnl start
    1414dnl
    15 AM_INIT_AUTOMAKE(samhain, 2.3.7)
     15AM_INIT_AUTOMAKE(samhain, 2.3.8)
    1616AC_CANONICAL_HOST
    1717
  • trunk/docs/Changelog

    r125 r127  
     12.3.8:
     2        * new option PortCheckIgnore = interface:portlist
     3
    142.3.7:
    25        * Makefile.in: fix 'make deb' target, wrong name of config file
  • trunk/src/sh_portcheck.c

    r109 r127  
    7979#define SH_PORT_REQ 1
    8080#define SH_PORT_OPT 2
     81#define SH_PORT_IGN 3
    8182
    8283#define SH_PORT_MISS 0
     
    118119#endif
    119120
     121/* Exported interface to add ignoreable ports as 'iface:portlist'
     122 */
     123static int sh_portchk_add_ignore (const char * str);
     124
    120125/* Exported interface to add required ports as 'iface:portlist'
    121126 */
     
    184189        N_("portcheckoptional"),
    185190        sh_portchk_add_optional,
     191    },
     192    {
     193        N_("portcheckignore"),
     194        sh_portchk_add_ignore,
    186195    },
    187196    {
     
    330339          /* Don't report missing ports that are marked as optional
    331340           */
    332           if (ptr->flag != SH_PORT_OPT)
     341          if (ptr->flag != SH_PORT_OPT && ptr->flag != SH_PORT_IGN)
    333342            {
    334343              snprintf (errbuf, sizeof(errbuf), _("POLICY [ServiceMissing] port %s:%d/%s (%s)"),
     
    455464          sh_portchk_add_to_list (proto, port, haddr, service, SH_PORT_NOT, SH_PORT_ISOK);
    456465        }
    457       else if (portent->status == SH_PORT_MISS)
     466      else if (portent->status == SH_PORT_MISS && portent->flag != SH_PORT_IGN)
    458467        {
    459468          snprintf (errbuf, sizeof(errbuf), _("POLICY [ServiceRestarted] port %s:%d/%s to %d/%s (%s)"),
     
    478487                          MSG_PORT_REPORT, errbuf);
    479488#endif
    480 
     489          portent->port   = port;
    481490          portent->status = SH_PORT_ISOK;
    482491        }
     
    504513          sh_portchk_add_to_list (proto, port, haddr, service, SH_PORT_NOT, SH_PORT_ISOK);
    505514        }
    506       else if (portent->status == SH_PORT_MISS)
     515      else if (portent->status == SH_PORT_MISS && portent->flag != SH_PORT_IGN)
    507516        {
    508517          snprintf (errbuf, sizeof(errbuf), _("POLICY [ServiceRestarted] port %s:%d/%s (%s)"),
     
    12141223}
    12151224
     1225/* User interface to add ignoreable ports as 'iface:portlist'
     1226 */
     1227static int sh_portchk_add_ignore (const char * str)
     1228{
     1229  return sh_portchk_add_required_generic (str, SH_PORT_IGN);
     1230}
     1231
    12161232/* Interface to run port check
    12171233 */
     
    12731289  sh_portchk_add_to_list ("tcp",  8002, haddr_local, NULL, SH_PORT_REQ, SH_PORT_UNKN);
    12741290  sh_portchk_add_to_list ("tcp",  8003, haddr_local, NULL, SH_PORT_NOT, SH_PORT_UNKN);
     1291  sh_portchk_add_to_list ("tcp",  8004, haddr_local, NULL, SH_PORT_IGN, SH_PORT_UNKN);
    12751292  sh_portchk_add_to_list ("tcp",    -1, haddr_local, "foo1", SH_PORT_NOT, SH_PORT_UNKN);
    12761293  sh_portchk_add_to_list ("tcp",    -1, haddr_local, "foo2", SH_PORT_REQ, SH_PORT_UNKN);
    12771294  sh_portchk_add_to_list ("tcp",    -1, haddr_local, "foo3", SH_PORT_NOT, SH_PORT_UNKN);
    12781295  sh_portchk_add_to_list ("tcp",    -1, haddr_local, "foo4", SH_PORT_REQ, SH_PORT_UNKN);
     1296  sh_portchk_add_to_list ("tcp",    -1, haddr_local, "foo5", SH_PORT_IGN, SH_PORT_UNKN);
    12791297
    12801298  sh_portchk_check_list (&portlist_tcp, "tcp", SH_PORT_NOREPT);
     
    12931311  portent = sh_portchk_get_from_list("tcp",  8003, haddr_local, NULL);
    12941312  CuAssertTrue(tc, NULL == portent);
     1313
     1314  portent = sh_portchk_get_from_list("tcp",  8004, haddr_local, NULL);
     1315  CuAssertPtrNotNull(tc, portent);
    12951316
    12961317  portent = sh_portchk_get_from_list("tcp",  8000, haddr_local, "foo1");
     
    13071328  CuAssertPtrNotNull(tc, portent);
    13081329  CuAssertTrue(tc, 0 == strcmp(portent->service, "foo4"));
     1330
     1331  portent = sh_portchk_get_from_list("tcp",  8000, haddr_local, "foo5");
     1332  CuAssertPtrNotNull(tc, portent);
     1333  CuAssertTrue(tc, 0 == strcmp(portent->service, "foo5"));
    13091334#else
    13101335  (void) tc; /* fix compiler warning */
Note: See TracChangeset for help on using the changeset viewer.