-
Notifications
You must be signed in to change notification settings - Fork 5
/
bro-daemon.py
42 lines (35 loc) · 999 Bytes
/
bro-daemon.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
#!/opt/local/bin/python
import broccoli
import sqlite3
import random
import sys
import re
import select # for select loop
# Bro event loop
def bro_event_loop(bro_conn):
try:
bro_conn_fd=bro_conn_get_fd(bro_conn)
while True:
select.select((bro_conn_fd),(bro_conn_fd),(bro_conn_fd))
bro_conn.processInput()
except:
while True:
bro_conn.processInput()
sleep(.1)
@broccoli.event
def remote_check_URL(seqno, host, uri):
# Receive a URL from bro, and send a return signal back
# if it should be blocked.
category = check_database(host,uri)
if category:
if check_category(category):
# If the category signals a block
bro_conn.send("stomper_block",seqno)
return
#Main program - Initialize and call event loop
# Setup the connection to bro
bro_conn = broccoli.Connection("127.0.0.1:47758")
# Event loop
bro_event_loop(bro_conn)
# Everything under this is never executed.
sys.exit(0)