Changeset 127


Ignore:
Timestamp:
Sep 30, 2007, 11:50:44 AM (12 years ago)
Author:
rainer
Message:

New portcheck option to ignore some ports.

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/configure.ac

    r124 r127  
    1313dnl start 
    1414dnl 
    15 AM_INIT_AUTOMAKE(samhain, 2.3.7) 
     15AM_INIT_AUTOMAKE(samhain, 2.3.8) 
    1616AC_CANONICAL_HOST 
    1717 
  • trunk/docs/Changelog

    r125 r127  
     12.3.8: 
     2        * new option PortCheckIgnore = interface:portlist 
     3 
    142.3.7: 
    25        * Makefile.in: fix 'make deb' target, wrong name of config file 
  • trunk/src/sh_portcheck.c

    r109 r127  
    7979#define SH_PORT_REQ 1 
    8080#define SH_PORT_OPT 2 
     81#define SH_PORT_IGN 3 
    8182 
    8283#define SH_PORT_MISS 0 
     
    118119#endif 
    119120 
     121/* Exported interface to add ignoreable ports as 'iface:portlist' 
     122 */ 
     123static int sh_portchk_add_ignore (const char * str); 
     124 
    120125/* Exported interface to add required ports as 'iface:portlist' 
    121126 */ 
     
    184189        N_("portcheckoptional"), 
    185190        sh_portchk_add_optional, 
     191    }, 
     192    { 
     193        N_("portcheckignore"), 
     194        sh_portchk_add_ignore, 
    186195    }, 
    187196    { 
     
    330339          /* Don't report missing ports that are marked as optional 
    331340           */ 
    332           if (ptr->flag != SH_PORT_OPT) 
     341          if (ptr->flag != SH_PORT_OPT && ptr->flag != SH_PORT_IGN) 
    333342            { 
    334343              snprintf (errbuf, sizeof(errbuf), _("POLICY [ServiceMissing] port %s:%d/%s (%s)"),  
     
    455464          sh_portchk_add_to_list (proto, port, haddr, service, SH_PORT_NOT, SH_PORT_ISOK); 
    456465        } 
    457       else if (portent->status == SH_PORT_MISS) 
     466      else if (portent->status == SH_PORT_MISS && portent->flag != SH_PORT_IGN) 
    458467        { 
    459468          snprintf (errbuf, sizeof(errbuf), _("POLICY [ServiceRestarted] port %s:%d/%s to %d/%s (%s)"),  
     
    478487                          MSG_PORT_REPORT, errbuf); 
    479488#endif 
    480  
     489          portent->port   = port; 
    481490          portent->status = SH_PORT_ISOK; 
    482491        } 
     
    504513          sh_portchk_add_to_list (proto, port, haddr, service, SH_PORT_NOT, SH_PORT_ISOK); 
    505514        } 
    506       else if (portent->status == SH_PORT_MISS) 
     515      else if (portent->status == SH_PORT_MISS && portent->flag != SH_PORT_IGN) 
    507516        { 
    508517          snprintf (errbuf, sizeof(errbuf), _("POLICY [ServiceRestarted] port %s:%d/%s (%s)"),  
     
    12141223} 
    12151224 
     1225/* User interface to add ignoreable ports as 'iface:portlist' 
     1226 */ 
     1227static int sh_portchk_add_ignore (const char * str) 
     1228{ 
     1229  return sh_portchk_add_required_generic (str, SH_PORT_IGN);  
     1230} 
     1231 
    12161232/* Interface to run port check 
    12171233 */ 
     
    12731289  sh_portchk_add_to_list ("tcp",  8002, haddr_local, NULL, SH_PORT_REQ, SH_PORT_UNKN); 
    12741290  sh_portchk_add_to_list ("tcp",  8003, haddr_local, NULL, SH_PORT_NOT, SH_PORT_UNKN); 
     1291  sh_portchk_add_to_list ("tcp",  8004, haddr_local, NULL, SH_PORT_IGN, SH_PORT_UNKN); 
    12751292  sh_portchk_add_to_list ("tcp",    -1, haddr_local, "foo1", SH_PORT_NOT, SH_PORT_UNKN); 
    12761293  sh_portchk_add_to_list ("tcp",    -1, haddr_local, "foo2", SH_PORT_REQ, SH_PORT_UNKN); 
    12771294  sh_portchk_add_to_list ("tcp",    -1, haddr_local, "foo3", SH_PORT_NOT, SH_PORT_UNKN); 
    12781295  sh_portchk_add_to_list ("tcp",    -1, haddr_local, "foo4", SH_PORT_REQ, SH_PORT_UNKN); 
     1296  sh_portchk_add_to_list ("tcp",    -1, haddr_local, "foo5", SH_PORT_IGN, SH_PORT_UNKN); 
    12791297 
    12801298  sh_portchk_check_list (&portlist_tcp, "tcp", SH_PORT_NOREPT); 
     
    12931311  portent = sh_portchk_get_from_list("tcp",  8003, haddr_local, NULL); 
    12941312  CuAssertTrue(tc, NULL == portent); 
     1313 
     1314  portent = sh_portchk_get_from_list("tcp",  8004, haddr_local, NULL); 
     1315  CuAssertPtrNotNull(tc, portent); 
    12951316 
    12961317  portent = sh_portchk_get_from_list("tcp",  8000, haddr_local, "foo1"); 
     
    13071328  CuAssertPtrNotNull(tc, portent); 
    13081329  CuAssertTrue(tc, 0 == strcmp(portent->service, "foo4")); 
     1330 
     1331  portent = sh_portchk_get_from_list("tcp",  8000, haddr_local, "foo5"); 
     1332  CuAssertPtrNotNull(tc, portent); 
     1333  CuAssertTrue(tc, 0 == strcmp(portent->service, "foo5")); 
    13091334#else 
    13101335  (void) tc; /* fix compiler warning */ 
Note: See TracChangeset for help on using the changeset viewer.