X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;ds=sidebyside;f=src%2Futil%2Fossec-regex.c;fp=src%2Futil%2Fossec-regex.c;h=70df990bf53d88c6f86ad26f7a75ed44a5bdf5bb;hb=301048b51990573e58a30dc4a5bb4ec285cad554;hp=0000000000000000000000000000000000000000;hpb=914feba5d54f979cd5d7e69c349c3d01f630042a;p=ossec-hids.git diff --git a/src/util/ossec-regex.c b/src/util/ossec-regex.c new file mode 100644 index 0000000..70df990 --- /dev/null +++ b/src/util/ossec-regex.c @@ -0,0 +1,102 @@ +/* @(#) $Id$ */ + +/* Copyright (C) 2009 Trend Micro Inc. + * All right reserved. + * + * This program is a free software; you can redistribute it + * and/or modify it under the terms of the GNU General Public + * License (version 2) as published by the FSF - Free Software + * Foundation + */ + + +/* This tool will clear the project statistics */ + +#include "shared.h" + +#undef ARGV0 +#define ARGV0 "ossec-regex" + + +/** help **/ +void helpmsg() +{ + printf("\nOSSEC HIDS %s: ossec-regex pattern\n", ARGV0); + exit(1); +} + + +/** main **/ +int main(int argc, char **argv) +{ + char *pattern; + + char msg[OS_MAXSTR +1]; + memset(msg, '\0', OS_MAXSTR +1); + OSRegex regex; + OSMatch matcher; + + OS_SetName(ARGV0); + + + /* user arguments */ + if(argc != 2) + { + helpmsg(); + return(-1); + } + + /* User options */ + if(strcmp(argv[1], "-h") == 0) + { + helpmsg(); + return(-1); + } + + os_strdup(argv[1], pattern); + if(!OSRegex_Compile(pattern, ®ex, 0)) + { + printf("pattern does not compile with OSRegex_Compile\n"); + return(-1); + } + if(!OSMatch_Compile(pattern, &matcher, 0)) + { + printf("pattern does not compile with OSMatch_Compile\n"); + return(-1); + } + + + while((fgets(msg, OS_MAXSTR, stdin)) != NULL) + { + /* Removing new line. */ + if(msg[strlen(msg) -1] == '\n') + msg[strlen(msg) -1] = '\0'; + + /* Make sure we ignore blank lines. */ + if(strlen(msg) < 2) { continue; } + + if(OSRegex_Execute(msg, ®ex)) + printf("+OSRegex_Execute: %s\n",msg); + /* + else + printf("-OSRegex_Execute: \n"); + */ + + if(OS_Regex(pattern, msg)) + printf("+OS_Regex : %s\n", msg); + /* + else + printf("-OS_Regex: \n"); + */ + + if(OSMatch_Execute(msg, strlen(msg), &matcher)) + printf("+OSMatch_Compile: %s\n", msg); + + if(OS_Match2(pattern, msg)) + printf("+OS_Match2 : %s\n", msg); + } + return(0); +} + + +/* EOF */