Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
tree: 30120fbc5d
Fetching contributors…

Cannot retrieve contributors at this time

executable file 113 lines (87 sloc) 3.101 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113
#!/usr/bin/perl -w

use strict;

### path to default psad library directory for psad perl modules
my $psad_lib_dir = '/usr/lib/psad';

### import psad perl modules
&import_psad_perl_modules();

my $ipt = new IPTables::ChainMgr(
    'iptables' => '/sbin/iptables',
    'verbose' => 1
);
my $total_rules = 0;

my ($rv, $out_ar, $err_ar) = $ipt->create_chain('filter', 'PSAD');
print "create_chain() rv: $rv\n";
print "$_\n" for @$out_ar;
print "$_\n" for @$err_ar;

($rv, $out_ar, $err_ar) = $ipt->add_jump_rule('filter', 'INPUT', 'PSAD');
print "add_jump_rule() rv: $rv\n";
print "$_\n" for @$out_ar;
print "$_\n" for @$err_ar;

($rv, $out_ar, $err_ar) = $ipt->add_ip_rule('1.1.1.1',
    '0.0.0.0/0', 10, 'filter', 'PSAD', 'DROP');
print "add_ip_rule() rv: $rv\n";
print "$_\n" for @$out_ar;
print "$_\n" for @$err_ar;

($rv, $total_rules) = $ipt->find_ip_rule('1.1.1.1', '0.0.0.0/0', 'filter', 'PSAD', 'DROP');
print "find ip: $rv, total chain rules: $total_rules\n";

($rv, $out_ar, $err_ar) = $ipt->add_ip_rule('2.2.1.1', '0.0.0.0/0', 10,
    'filter', 'PSAD', 'DROP');
print "add_ip_rule() rv: $rv\n";
print "$_\n" for @$out_ar;
print "$_\n" for @$err_ar;

($rv, $out_ar, $err_ar) = $ipt->add_ip_rule('2.2.4.1', '0.0.0.0/0', 10,
    'filter', 'PSAD', 'DROP');
print "add_ip_rule() rv: $rv\n";
print "$_\n" for @$out_ar;
print "$_\n" for @$err_ar;

($rv, $out_ar, $err_ar) = $ipt->delete_ip_rule('1.1.1.1', '0.0.0.0/0',
    'filter', 'PSAD', 'DROP');
print "delete_ip_rule() rv: $rv\n";
print "$_\n" for @$out_ar;
print "$_\n" for @$err_ar;

($rv, $out_ar, $err_ar) = $ipt->delete_chain('filter', 'INPUT', 'PSAD');
print "delete_chain() rv: $rv\n";
print "$_\n" for @$out_ar;
print "$_\n" for @$err_ar;

($rv, $out_ar, $err_ar) = $ipt->run_ipt_cmd('/sbin/iptables -nL INPUT');
print "list on 'INPUT' chain rv: $rv\n";
print for @$out_ar;
print for @$err_ar;

($rv, $out_ar, $err_ar) = $ipt->run_ipt_cmd('/sbin/iptables -nL INPU');
print "bogus list on 'INPU' chain rv: $rv (this is expected).\n";
print for @$out_ar;
print for @$err_ar;

exit 0;

sub import_psad_perl_modules() {

    my $mod_paths_ar = &get_psad_mod_paths();

    push @$mod_paths_ar, @INC;
    splice @INC, 0, $#$mod_paths_ar+1, @$mod_paths_ar;

    require IPTables::Parse;
    require IPTables::ChainMgr;

    return;
}

sub get_psad_mod_paths() {

    my @paths = ();

    unless (-d $psad_lib_dir) {
        my $dir_tmp = $psad_lib_dir;
        $dir_tmp =~ s|lib/|lib64/|;
        if (-d $dir_tmp) {
            $psad_lib_dir = $dir_tmp;
        } else {
            die "[*] psad lib directory: $psad_lib_dir does not exist, ",
                "use --Lib-dir <dir>";
        }
    }

    opendir D, $psad_lib_dir or die "[*] Could not open $psad_lib_dir: $!";
    my @dirs = readdir D;
    closedir D;
    shift @dirs; shift @dirs;

    push @paths, $psad_lib_dir;

    for my $dir (@dirs) {
        ### get directories like "/usr/lib/psad/x86_64-linux"
        next unless -d "$psad_lib_dir/$dir";
        push @paths, "$psad_lib_dir/$dir"
            if $dir =~ m|linux| or $dir =~ m|thread|;
    }
    return \@paths;
}
Something went wrong with that request. Please try again.