X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Fanalysisd%2Fcompiled_rules%2Fregister_rule.sh;h=a259127626e99828427d5f92efad11cdff52b6c5;hp=4ca0771c37538c742b4b6d9100f50b17109bc1c2;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b diff --git a/src/analysisd/compiled_rules/register_rule.sh b/src/analysisd/compiled_rules/register_rule.sh index 4ca0771..a259127 100755 --- a/src/analysisd/compiled_rules/register_rule.sh +++ b/src/analysisd/compiled_rules/register_rule.sh @@ -1,11 +1,8 @@ #!/bin/sh - -# Variables - do not modify them. +# Variables - do not modify them CHF="compiled_rules.h" - - # Checking the location. ls -la register_rule.sh > /dev/null 2>&1 if [ ! $? = 0 ]; then @@ -16,10 +13,8 @@ if [ ! $? = 0 ]; then if [ ! $? = 0 ]; then echo "ERROR: You must run this script from the same directory." exit 1; - fi -fi - - + fi +fi # Arguments if [ "x$1" = "x" -o "x$1" = "xhelp" -o "x$1" = "x-h" ]; then @@ -31,15 +26,12 @@ if [ "x$1" = "x" -o "x$1" = "xhelp" -o "x$1" = "x-h" ]; then exit 0; fi - if [ "x$1" = "xlist" ]; then echo "*Available functions: " cat .function_list | sort | uniq; exit 0; - elif [ "x$1" = "xsave" ]; then - ls -la /etc/ossec-init.conf > /dev/null 2>&1 if [ ! $? = 0 ]; then echo "ERROR: Unable to save rules. You must have OSSEC installed to do so." @@ -51,11 +43,9 @@ elif [ "x$1" = "xsave" ]; then echo "ERROR: Unable to save rules. You must be root to do so." exit 1; fi - - + . /etc/ossec-init.conf - - + ls ${DIRECTORY}/compiled_rules > /dev/null 2>&1 if [ ! $? = 0 ]; then mkdir ${DIRECTORY}/compiled_rules > /dev/null 2>&1 @@ -63,23 +53,22 @@ elif [ "x$1" = "xsave" ]; then echo "ERROR: Unable to save rules. You must be root to do so." exit 1; fi - fi - - cp .function_list ${DIRECTORY}/compiled_rules/function_list > /dev/nulll 2>&1 + fi + + cp .function_list ${DIRECTORY}/compiled_rules/function_list > /dev/null 2>&1 if [ ! $? = 0 ]; then echo "ERROR: Unable to save rules. You must be root to do so." exit 1; fi - + for i in `ls *.c`; do if [ ! "x$i" = "xgeneric_samples.c" ]; then - cp $i ${DIRECTORY}/compiled_rules/ > /dev/nulll 2>&1 - fi + cp $i ${DIRECTORY}/compiled_rules/ > /dev/null 2>&1 + fi done echo "*Save completed at ${DIRECTORY}/compiled_rules/"; exit 0; - elif [ "x$1" = "xrestore" ]; then ls -la /etc/ossec-init.conf > /dev/null 2>&1 @@ -93,39 +82,35 @@ elif [ "x$1" = "xrestore" ]; then echo "ERROR: Unable to restore rules. You must be root to do so." exit 1; fi - - + . /etc/ossec-init.conf - - + ls ${DIRECTORY}/compiled_rules/function_list > /dev/null 2>&1 if [ ! $? = 0 ]; then echo "*No local compiled rules available to restore." exit 0; fi - + cat ${DIRECTORY}/compiled_rules/function_list >> .function_list if [ ! $? = 0 ]; then echo "ERROR: Unable to restore rules. Function list not present." exit 1; fi - + for i in `ls ${DIRECTORY}/compiled_rules/*.c`; do if [ ! "x$i" = "xgeneric_samples.c" ]; then - cp $i ./ > /dev/nulll 2>&1 - fi + cp $i ./ > /dev/null 2>&1 + fi done echo "*Restore completed from ${DIRECTORY}/compiled_rules/"; exit 0; - elif [ "x$1" = "xbuild" ]; then - ls -la .function_list > /dev/null 2>&1 if [ ! $? = 0 ]; then echo "ERROR: Unable to build. No function is registered." exit 1; - fi + fi # Auto generating the file. echo "/* This file is auto generated by $0. Do not touch it. */" > ${CHF} @@ -136,40 +121,37 @@ elif [ "x$1" = "xbuild" ]; then echo "void *$i(Eventinfo *lf);" >> ${CHF}; done echo "" >> ${CHF}; - + echo "/* Adding the rules list. */" >> ${CHF}; echo "void *(compiled_rules_list[]) = " >> ${CHF}; echo "{" >> ${CHF}; for i in `cat .function_list | sort| uniq`; do echo " $i," >> ${CHF}; done - echo " NULL" >> ${CHF}; + echo " NULL" >> ${CHF}; echo "};" >> ${CHF}; echo "" >> ${CHF}; - echo "/* Adding the rules list names. */" >> ${CHF}; - echo "char *(compiled_rules_name[]) = " >> ${CHF}; + echo "const char *(compiled_rules_name[]) = " >> ${CHF}; echo "{" >> ${CHF}; for i in `cat .function_list |sort | uniq`; do echo " \"$i\"," >> ${CHF}; done - echo " NULL" >> ${CHF}; + echo " NULL" >> ${CHF}; echo "};" >> ${CHF}; echo "" >> ${CHF}; echo "/* EOF */" >> ${CHF}; - echo "*Build completed." - elif [ "x$1" = "xadd" ]; then if [ "x$2" = "x" ]; then echo "ERROR: Missing function name."; echo "ex: $0 add "; exit 1; fi - + grep $2 ./*.c > /dev/null 2>&1 if [ ! $? = 0 ]; then echo "ERROR: Function '$2' not found."; @@ -181,17 +163,13 @@ elif [ "x$1" = "xadd" ]; then echo "ERROR: Function '$2' already added."; exit 1; fi - + echo $2 >> .function_list; echo "*Function $2 added." else - echo "ERROR: Invalid argument."; exit 1; - -fi - -# EOF +fi