- Timestamp:
- Sep 30, 2007, 11:50:44 AM (17 years ago)
- Location:
- trunk
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/configure.ac
r124 r127 13 13 dnl start 14 14 dnl 15 AM_INIT_AUTOMAKE(samhain, 2.3. 7)15 AM_INIT_AUTOMAKE(samhain, 2.3.8) 16 16 AC_CANONICAL_HOST 17 17 -
trunk/docs/Changelog
r125 r127 1 2.3.8: 2 * new option PortCheckIgnore = interface:portlist 3 1 4 2.3.7: 2 5 * Makefile.in: fix 'make deb' target, wrong name of config file -
trunk/src/sh_portcheck.c
r109 r127 79 79 #define SH_PORT_REQ 1 80 80 #define SH_PORT_OPT 2 81 #define SH_PORT_IGN 3 81 82 82 83 #define SH_PORT_MISS 0 … … 118 119 #endif 119 120 121 /* Exported interface to add ignoreable ports as 'iface:portlist' 122 */ 123 static int sh_portchk_add_ignore (const char * str); 124 120 125 /* Exported interface to add required ports as 'iface:portlist' 121 126 */ … … 184 189 N_("portcheckoptional"), 185 190 sh_portchk_add_optional, 191 }, 192 { 193 N_("portcheckignore"), 194 sh_portchk_add_ignore, 186 195 }, 187 196 { … … 330 339 /* Don't report missing ports that are marked as optional 331 340 */ 332 if (ptr->flag != SH_PORT_OPT )341 if (ptr->flag != SH_PORT_OPT && ptr->flag != SH_PORT_IGN) 333 342 { 334 343 snprintf (errbuf, sizeof(errbuf), _("POLICY [ServiceMissing] port %s:%d/%s (%s)"), … … 455 464 sh_portchk_add_to_list (proto, port, haddr, service, SH_PORT_NOT, SH_PORT_ISOK); 456 465 } 457 else if (portent->status == SH_PORT_MISS )466 else if (portent->status == SH_PORT_MISS && portent->flag != SH_PORT_IGN) 458 467 { 459 468 snprintf (errbuf, sizeof(errbuf), _("POLICY [ServiceRestarted] port %s:%d/%s to %d/%s (%s)"), … … 478 487 MSG_PORT_REPORT, errbuf); 479 488 #endif 480 489 portent->port = port; 481 490 portent->status = SH_PORT_ISOK; 482 491 } … … 504 513 sh_portchk_add_to_list (proto, port, haddr, service, SH_PORT_NOT, SH_PORT_ISOK); 505 514 } 506 else if (portent->status == SH_PORT_MISS )515 else if (portent->status == SH_PORT_MISS && portent->flag != SH_PORT_IGN) 507 516 { 508 517 snprintf (errbuf, sizeof(errbuf), _("POLICY [ServiceRestarted] port %s:%d/%s (%s)"), … … 1214 1223 } 1215 1224 1225 /* User interface to add ignoreable ports as 'iface:portlist' 1226 */ 1227 static int sh_portchk_add_ignore (const char * str) 1228 { 1229 return sh_portchk_add_required_generic (str, SH_PORT_IGN); 1230 } 1231 1216 1232 /* Interface to run port check 1217 1233 */ … … 1273 1289 sh_portchk_add_to_list ("tcp", 8002, haddr_local, NULL, SH_PORT_REQ, SH_PORT_UNKN); 1274 1290 sh_portchk_add_to_list ("tcp", 8003, haddr_local, NULL, SH_PORT_NOT, SH_PORT_UNKN); 1291 sh_portchk_add_to_list ("tcp", 8004, haddr_local, NULL, SH_PORT_IGN, SH_PORT_UNKN); 1275 1292 sh_portchk_add_to_list ("tcp", -1, haddr_local, "foo1", SH_PORT_NOT, SH_PORT_UNKN); 1276 1293 sh_portchk_add_to_list ("tcp", -1, haddr_local, "foo2", SH_PORT_REQ, SH_PORT_UNKN); 1277 1294 sh_portchk_add_to_list ("tcp", -1, haddr_local, "foo3", SH_PORT_NOT, SH_PORT_UNKN); 1278 1295 sh_portchk_add_to_list ("tcp", -1, haddr_local, "foo4", SH_PORT_REQ, SH_PORT_UNKN); 1296 sh_portchk_add_to_list ("tcp", -1, haddr_local, "foo5", SH_PORT_IGN, SH_PORT_UNKN); 1279 1297 1280 1298 sh_portchk_check_list (&portlist_tcp, "tcp", SH_PORT_NOREPT); … … 1293 1311 portent = sh_portchk_get_from_list("tcp", 8003, haddr_local, NULL); 1294 1312 CuAssertTrue(tc, NULL == portent); 1313 1314 portent = sh_portchk_get_from_list("tcp", 8004, haddr_local, NULL); 1315 CuAssertPtrNotNull(tc, portent); 1295 1316 1296 1317 portent = sh_portchk_get_from_list("tcp", 8000, haddr_local, "foo1"); … … 1307 1328 CuAssertPtrNotNull(tc, portent); 1308 1329 CuAssertTrue(tc, 0 == strcmp(portent->service, "foo4")); 1330 1331 portent = sh_portchk_get_from_list("tcp", 8000, haddr_local, "foo5"); 1332 CuAssertPtrNotNull(tc, portent); 1333 CuAssertTrue(tc, 0 == strcmp(portent->service, "foo5")); 1309 1334 #else 1310 1335 (void) tc; /* fix compiler warning */
Note:
See TracChangeset
for help on using the changeset viewer.