Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100755 115 lines (87 sloc) 3.101 kB
5603e45 @mrash added chainmgr_test.pl to test IPTables::ChainMgr
authored
1 #!/usr/bin/perl -w
2
3 use strict;
4
6cff015 @mrash bugfix to calculate /usr/lib/psad directory paths to import psad perl…
authored
5 ### path to default psad library directory for psad perl modules
6 my $psad_lib_dir = '/usr/lib/psad';
7
8 ### import psad perl modules
9 &import_psad_perl_modules();
10
5603e45 @mrash added chainmgr_test.pl to test IPTables::ChainMgr
authored
11 my $ipt = new IPTables::ChainMgr(
ba5dcb5 @mrash - Completely re-worked IPTables::ChainMgr to support the return of ip…
authored
12 'iptables' => '/sbin/iptables',
13 'verbose' => 1
5603e45 @mrash added chainmgr_test.pl to test IPTables::ChainMgr
authored
14 );
ba5dcb5 @mrash - Completely re-worked IPTables::ChainMgr to support the return of ip…
authored
15 my $total_rules = 0;
5603e45 @mrash added chainmgr_test.pl to test IPTables::ChainMgr
authored
16
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
17 my ($rv, $out_ar, $err_ar) = $ipt->create_chain('filter', 'PSAD');
ba5dcb5 @mrash - Completely re-worked IPTables::ChainMgr to support the return of ip…
authored
18 print "create_chain() rv: $rv\n";
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
19 print "$_\n" for @$out_ar;
20 print "$_\n" for @$err_ar;
5603e45 @mrash added chainmgr_test.pl to test IPTables::ChainMgr
authored
21
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
22 ($rv, $out_ar, $err_ar) = $ipt->add_jump_rule('filter', 'INPUT', 'PSAD');
ba5dcb5 @mrash - Completely re-worked IPTables::ChainMgr to support the return of ip…
authored
23 print "add_jump_rule() rv: $rv\n";
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
24 print "$_\n" for @$out_ar;
25 print "$_\n" for @$err_ar;
b04be2f @mrash added call to find_ip_rule()
authored
26
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
27 ($rv, $out_ar, $err_ar) = $ipt->add_ip_rule('1.1.1.1',
ba5dcb5 @mrash - Completely re-worked IPTables::ChainMgr to support the return of ip…
authored
28 '0.0.0.0/0', 10, 'filter', 'PSAD', 'DROP');
29 print "add_ip_rule() rv: $rv\n";
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
30 print "$_\n" for @$out_ar;
31 print "$_\n" for @$err_ar;
b04be2f @mrash added call to find_ip_rule()
authored
32
ba5dcb5 @mrash - Completely re-worked IPTables::ChainMgr to support the return of ip…
authored
33 ($rv, $total_rules) = $ipt->find_ip_rule('1.1.1.1', '0.0.0.0/0', 'filter', 'PSAD', 'DROP');
34 print "find ip: $rv, total chain rules: $total_rules\n";
b04be2f @mrash added call to find_ip_rule()
authored
35
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
36 ($rv, $out_ar, $err_ar) = $ipt->add_ip_rule('2.2.1.1', '0.0.0.0/0', 10,
89f39c9 @mrash updated to include destination addresses in add and delete function c…
authored
37 'filter', 'PSAD', 'DROP');
ba5dcb5 @mrash - Completely re-worked IPTables::ChainMgr to support the return of ip…
authored
38 print "add_ip_rule() rv: $rv\n";
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
39 print "$_\n" for @$out_ar;
40 print "$_\n" for @$err_ar;
5603e45 @mrash added chainmgr_test.pl to test IPTables::ChainMgr
authored
41
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
42 ($rv, $out_ar, $err_ar) = $ipt->add_ip_rule('2.2.4.1', '0.0.0.0/0', 10,
89f39c9 @mrash updated to include destination addresses in add and delete function c…
authored
43 'filter', 'PSAD', 'DROP');
ba5dcb5 @mrash - Completely re-worked IPTables::ChainMgr to support the return of ip…
authored
44 print "add_ip_rule() rv: $rv\n";
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
45 print "$_\n" for @$out_ar;
46 print "$_\n" for @$err_ar;
5603e45 @mrash added chainmgr_test.pl to test IPTables::ChainMgr
authored
47
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
48 ($rv, $out_ar, $err_ar) = $ipt->delete_ip_rule('1.1.1.1', '0.0.0.0/0',
ba5dcb5 @mrash - Completely re-worked IPTables::ChainMgr to support the return of ip…
authored
49 'filter', 'PSAD', 'DROP');
50 print "delete_ip_rule() rv: $rv\n";
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
51 print "$_\n" for @$out_ar;
52 print "$_\n" for @$err_ar;
ba5dcb5 @mrash - Completely re-worked IPTables::ChainMgr to support the return of ip…
authored
53
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
54 ($rv, $out_ar, $err_ar) = $ipt->delete_chain('filter', 'INPUT', 'PSAD');
ba5dcb5 @mrash - Completely re-worked IPTables::ChainMgr to support the return of ip…
authored
55 print "delete_chain() rv: $rv\n";
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
56 print "$_\n" for @$out_ar;
57 print "$_\n" for @$err_ar;
ba5dcb5 @mrash - Completely re-worked IPTables::ChainMgr to support the return of ip…
authored
58
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
59 ($rv, $out_ar, $err_ar) = $ipt->run_ipt_cmd('/sbin/iptables -nL INPUT');
ba5dcb5 @mrash - Completely re-worked IPTables::ChainMgr to support the return of ip…
authored
60 print "list on 'INPUT' chain rv: $rv\n";
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
61 print for @$out_ar;
62 print for @$err_ar;
5603e45 @mrash added chainmgr_test.pl to test IPTables::ChainMgr
authored
63
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
64 ($rv, $out_ar, $err_ar) = $ipt->run_ipt_cmd('/sbin/iptables -nL INPU');
0c6c915 @mrash minor comment update
authored
65 print "bogus list on 'INPU' chain rv: $rv (this is expected).\n";
cc90ea3 @mrash Changed all '_aref' instances to '_ar'
authored
66 print for @$out_ar;
67 print for @$err_ar;
70a1703 @mrash updated to new return value
authored
68
5603e45 @mrash added chainmgr_test.pl to test IPTables::ChainMgr
authored
69 exit 0;
6cff015 @mrash bugfix to calculate /usr/lib/psad directory paths to import psad perl…
authored
70
71 sub import_psad_perl_modules() {
72
73 my $mod_paths_ar = &get_psad_mod_paths();
74
8b6875a @mrash (Philip Lawrence) bugfix for perl module path not spliced correctly i…
authored
75 push @$mod_paths_ar, @INC;
6cff015 @mrash bugfix to calculate /usr/lib/psad directory paths to import psad perl…
authored
76 splice @INC, 0, $#$mod_paths_ar+1, @$mod_paths_ar;
77
78 require IPTables::Parse;
79 require IPTables::ChainMgr;
80
81 return;
82 }
83
84 sub get_psad_mod_paths() {
85
86 my @paths = ();
87
88 unless (-d $psad_lib_dir) {
89 my $dir_tmp = $psad_lib_dir;
90 $dir_tmp =~ s|lib/|lib64/|;
91 if (-d $dir_tmp) {
92 $psad_lib_dir = $dir_tmp;
93 } else {
94 die "[*] psad lib directory: $psad_lib_dir does not exist, ",
95 "use --Lib-dir <dir>";
96 }
97 }
98
99 opendir D, $psad_lib_dir or die "[*] Could not open $psad_lib_dir: $!";
100 my @dirs = readdir D;
101 closedir D;
102 shift @dirs; shift @dirs;
103
104 push @paths, $psad_lib_dir;
105
106 for my $dir (@dirs) {
107 ### get directories like "/usr/lib/psad/x86_64-linux"
108 next unless -d "$psad_lib_dir/$dir";
109 push @paths, "$psad_lib_dir/$dir"
110 if $dir =~ m|linux| or $dir =~ m|thread|;
111 }
112 return \@paths;
113 }
114
Something went wrong with that request. Please try again.