RubyGems - sagan_crafter - Versions diffs - 0.3.0 - Mend

sagan_crafter 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

checksums.yaml +7 -0
data/.gitignore +9 -0
data/.rspec +2 -0
data/.travis.yml +4 -0
data/CODE_OF_CONDUCT.md +49 -0
data/Gemfile +4 -0
data/LICENSE.txt +21 -0
data/README.md +67 -0
data/Rakefile +7 -0
data/bin/console +14 -0
data/bin/setup +8 -0
data/exe/sagan-craft +12 -0
data/lib/sagan_crafter/backends/sqlite.rb +65 -0
data/lib/sagan_crafter/cli.rb +99 -0
data/lib/sagan_crafter/factorize.rb +25 -0
data/lib/sagan_crafter/factory/fqdnlogger.rb +43 -0
data/lib/sagan_crafter/factory/iplogger.rb +43 -0
data/lib/sagan_crafter/main.rb +7 -0
data/lib/sagan_crafter/ruleset.rb +38 -0
data/lib/sagan_crafter/settings.rb +86 -0
data/lib/sagan_crafter/version.rb +3 -0
data/lib/sagan_crafter.rb +20 -0
data/sagan_crafter.gemspec +31 -0
metadata +179 -0

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 0a1b504c92f2ab3809f4b21923a1320f9d2e6dc3
+  data.tar.gz: 2d72d3a051d6a190a4b4470e6196b75ad7733d84
+SHA512:
+  metadata.gz: bbf70fe464fcbfc296c4936411e5632486b1aaa29222fe8fe9122b9b0f9cf6f9af6892144d9f971a062feeacc8794c9b12e75330ae6819cc5061cb3ad30966a1
+  data.tar.gz: 39e7666c657d3d417e8ebf44fa33e5a4aea9f589008dde47f11d1c3cb713c75e7954e08b68c880ce68d3a7f15b792587208bbae814571837abea82d7a09b379e

data/.gitignore ADDED Viewed

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/.rspec ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ --format documentation
2	+ --color

data/.travis.yml ADDED Viewed

@@ -0,0 +1,4 @@
+language: ruby
+rvm:
+  - 2.2.3
+before_install: gem install bundler -v 1.11.2

data/CODE_OF_CONDUCT.md ADDED Viewed

@@ -0,0 +1,49 @@
+# Contributor Code of Conduct
+As contributors and maintainers of this project, and in the interest of
+fostering an open and welcoming community, we pledge to respect all people who
+contribute through reporting issues, posting feature requests, updating
+documentation, submitting pull requests or patches, and other activities.
+We are committed to making participation in this project a harassment-free
+experience for everyone, regardless of level of experience, gender, gender
+identity and expression, sexual orientation, disability, personal appearance,
+body size, race, ethnicity, age, religion, or nationality.
+Examples of unacceptable behavior by participants include:
+* The use of sexualized language or imagery
+* Personal attacks
+* Trolling or insulting/derogatory comments
+* Public or private harassment
+* Publishing other's private information, such as physical or electronic
+  addresses, without explicit permission
+* Other unethical or unprofessional conduct
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+By adopting this Code of Conduct, project maintainers commit themselves to
+fairly and consistently applying these principles to every aspect of managing
+this project. Project maintainers who do not follow or enforce the Code of
+Conduct may be permanently removed from the project team.
+This code of conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community.
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting a project maintainer at shadowbq@gmail.com. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. Maintainers are
+obligated to maintain confidentiality with regard to the reporter of an
+incident.
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 1.3.0, available at
+[http://contributor-covenant.org/version/1/3/0/][version]
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/3/0/

data/Gemfile ADDED Viewed

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+# Specify your gem's dependencies in sagan_crafter.gemspec
+gemspec

data/LICENSE.txt ADDED Viewed

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+Copyright (c) 2016 shadowbq
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md ADDED Viewed

@@ -0,0 +1,67 @@
+# SaganCrafter
+Sagan Crafter is designed to help build SAGAN rules from simple backends.
+```
+alert tcp $HOME_NET any <> any any (msg:"[PASSIVEDNS] vxvault url_reputation - tscl.com.bd"; content:"tscl.com.bd"; normalize:tightstack; sid:1635309608; program:tightstack; rev:2;)
+alert tcp $HOME_NET any <> any any (msg:"[PASSIVEDNS] vxvault url_reputation - uclmfocus.com"; content:"uclmfocus.com"; normalize:tightstack; sid:1042387290; program:tightstack; rev:2;)
+alert tcp $HOME_NET any <> any any (msg:"[PASSIVEDNS] vxvault url_reputation - upstreams.info"; content:"upstreams.info"; normalize:tightstack; sid:1757176352; program:tightstack; rev:1;)
+alert tcp $HOME_NET any <> any any (msg:"[PASSIVEDNS] vxvault url_reputation - vibaavaacademy.com"; content:"vibaavaacademy.com"; normalize:tightstack; sid:1270011767; program:tightstack; rev:1;)
+alert tcp $HOME_NET any <> any any (msg:"[PASSIVEDNS] vxvault url_reputation - www.cpteducation.it"; content:"www.cpteducation.it"; normalize:tightstack; sid:1499466929; program:tightstack; rev:1;)
+alert tcp $HOME_NET any <> any any (msg:"[PASSIVEDNS] vxvault url_reputation - www.itidea.it"; content:"www.itidea.it"; normalize:tightstack; sid:1352812295; program:tightstack; rev:2;)
+```
+## Simple Backends:
+SQLITE3 -
+```sql
+CREATE TABLE fqdns ( id INTEGER PRIMARY KEY, feed_provider varchar(255), feed_name varchar(255), import_time timestamp default (strftime('%s', 'now')), name varchar(255), CONSTRAINT name_unique UNIQUE (import_time, name) )
+```
+* Threatinator - https://github.com/shadowbq/threatinator
+* Threatinator AMQP Client - https://github.com/shadowbq/threatinator-amqp-rcvr
+## Note:
+* Sagan - https://github.com/beave/sagan
+## Installation
+Install it as:
+    $ gem install sagan_crafter
+## Usage
+```
+$ sagan_crafter --help
+Usage: sagan-crafter
+    -c, --cxtracker                  Create CXTracker rules
+    -p, --passivedns                 Create Passivedns rules
+Backend
+    -s, --sqlite=                    Sqlite3 backend file location
+                                       Default: /tmp/threat.db
+Options::
+    -v, --verbose                    Run verbosely
+    -h, --help                       Display this screen
+```
+## Development
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+## Contributing
+Bug reports and pull requests are welcome on GitHub at https://github.com/shadowbq/sagan_crafter. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+## License
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).

data/Rakefile ADDED Viewed

@@ -0,0 +1,7 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+require "bump/tasks"
+RSpec::Core::RakeTask.new(:spec)
+task :default => :spec

data/bin/console ADDED Viewed

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+require "bundler/setup"
+require "sagan_crafter"
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+require "irb"
+IRB.start

data/bin/setup ADDED Viewed

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+bundle install
+# Do any other automated setup that you need to do here

data/exe/sagan-craft ADDED Viewed

@@ -0,0 +1,12 @@
+#!/usr/bin/env ruby
+begin
+  require 'rubygems'
+  require 'bundler'
+  Bundler.setup(:default)
+rescue ::Exception => e
+end
+# Executable with absolute path to lib for hacking and development
+require File.join(File.dirname(__FILE__), '..', 'lib', 'sagan_crafter', 'cli')
+SaganCrafter::CLI.invoke

data/lib/sagan_crafter/backends/sqlite.rb ADDED Viewed

@@ -0,0 +1,65 @@
+module SaganCrafter
+  module Backends
+    # :: Source of rule data
+    # select DISTINCT count(*), max(import_time), name from fqdns group by name;
+    # :: Rule output
+    # alert tcp $HOME_NET any -> any any (msg: "[PASSIVEDNS] BH1 Hit bighealthtree.com."; content: bighealthtree.com."; normalize: tightstack; classtype: suspicious-traffic; program: tightstack; sid:5100002; rev:2;)
+    # CREATE TABLE fqdns ( id INTEGER PRIMARY KEY, feed_provider varchar(255), feed_name varchar(255), import_time timestamp default (strftime('%s', 'now')), name varchar(255), CONSTRAINT name_unique UNIQUE (import_time, name) )
+    # ATTACH DATABASE '/tmp/oph_threat.db' As 'O';
+    # create temp view merge_fqdns as select * from F.fqdns union select * from M.fqdns union select * from O.fqdns;
+    # select DISTINCT count(*) as cnt, max(sub1.import_time) as max_import_time, sub1.name, sub1.feed_name, sub1.feed_provider from (select * from F.fqdns union select * from M.fqdns union select * from O.fqdns) sub1 group by sub1.name;
+    class SQLite
+      attr_reader :rule_collection
+      def initialize(factory)
+        @db = connect(SaganCrafter::Settings.sql_file_location)
+        @factory = factory
+        @db.results_as_hash = true
+        @rule_collection = []
+      end
+      def size
+        count = db.get_first_value("select count(DISTINCT name) from #{SaganCrafter::Settings.sql_table_name}")
+        puts "#{}count(*): #{count}"
+      end
+      def validate!
+        @db.execute("PRAGMA table_info(#{SaganCrafter::Settings.sql_table_name});") do |row|
+          raise UnknownDBSchemaError, "Unknown Schema" unless ["id","feed_provider","feed_name", "import_time","name"].include? row["name"]
+        end
+        puts "#[sagan-crafter] schema validated" if SaganCrafter::Settings.verbose
+      end
+      def build
+        @db.execute("select DISTINCT count(*) as cnt, max(import_time) as max_import_time, name, feed_name, feed_provider from #{SaganCrafter::Settings.sql_table_name} group by name") do |row|
+          @rule_collection << @factory.rule(row["name"], row["feed_provider"], row["feed_name"], row["cnt"], row["max_import_time"])
+        end
+        @rule_collection
+      end
+      def to_s
+        @rule_collection.to_s
+      end
+      private
+      def connect(file)
+        begin
+          db = SQLite3::Database.open(file)
+          return db
+        rescue ::SQLite3::Exception => e
+          puts "Exception occurred"
+          puts e
+          db.close if db
+        end
+      end
+    end
+  end
+end

data/lib/sagan_crafter/cli.rb ADDED Viewed

@@ -0,0 +1,99 @@
+require 'optparse'
+require 'sagan_crafter'
+module SaganCrafter
+    class CLI
+      def self.invoke
+        self.new
+      end
+      def initialize
+        options = {}
+        options[:cxtracker] = false
+        options[:passivedns] = false
+        options[:sqlite] = false
+        options[:sqlite_location] = SaganCrafter::Settings.sql_file_location
+        opt_parser = OptionParser.new do |opt|
+          opt.banner = "Usage: sagan-crafter"
+          opt.separator ""
+          opt.on("-c", "--cxtracker", "Create CXTracker rules") do
+            options[:cxtracker] = true
+            SaganCrafter::Settings.sql_table_name = "ipv4"
+          end
+          opt.on("-p", "--passivedns", "Create Passivedns rules") do
+            options[:passivedns] = true
+            SaganCrafter::Settings.sql_table_name = "fqdns"
+          end
+          opt.separator ""
+          opt.separator "Backend"
+          opt.separator ""
+          opt.on("-s", "--sqlite=", "Sqlite3 backend file location","  Default: #{options[:sqlite_location]}") do |value|
+            options[:sqlite] = true
+            options[:sqlite_location] = value
+          end
+          opt.separator "Options::"
+          opt.on("-v", "--verbose", "Run verbosely") do
+            options[:verbose] = true
+          end
+          opt.on_tail("-h","--help","Display this screen") do
+            puts opt_parser
+            exit 0
+          end
+        end
+        #Verify the options
+        begin
+          raise unless ARGV.size > 0
+          opt_parser.parse!
+        #If options fail display help
+        #rescue Exception => e
+        #  puts e.message
+        #  puts e.backtrace.inspect
+        rescue
+          puts opt_parser
+          exit
+        end
+        # Boolean switch
+        SaganCrafter::Settings.verbose = options[:verbose]
+        SaganCrafter::Settings.sql_file_location = options[:sqlite_location]
+        if SaganCrafter::Settings.verbose
+          puts "++++++++++++++++++++++++++++++++++++++++++++++"
+          puts "Sagan-Crafter!"
+          SaganCrafter::Settings.print
+          puts "++++++++++++++++++++++++++++++++++++++++++++++\n"
+        end
+        if options[:passivedns]
+          ruleset = FQDNRuleset.new(['sqlite3'])
+        end
+        if options[:cxtracker]
+          ruleset = IPRuleset.new(['sqlite3'])
+        end
+        puts ruleset.rules
+      end
+    end #Class
+end #module

data/lib/sagan_crafter/factorize.rb ADDED Viewed

@@ -0,0 +1,25 @@
+module SaganCrafter
+  class Factorize
+    def self.register(factory_type)
+      case factory_type.downcase
+        when /fqdnlogger/
+          return SaganCrafter::Factory::FQDNlogger.new
+        when /iplogger/
+          return SaganCrafter::Factory::IPlogger.new
+        else
+          raise UnknownFactoryError, "Missing Class for generator invocation: (#{type})"
+      end
+    end
+  end
+end
+$:.unshift(File.dirname(__FILE__))
+%w( fqdnlogger iplogger ).each do |lib|
+  begin
+    require "factory/#{lib}"
+  rescue LoadError
+    require File.expand_path(File.join(File.dirname(__FILE__), "factory", lib))
+  end
+end

data/lib/sagan_crafter/factory/fqdnlogger.rb ADDED Viewed

@@ -0,0 +1,43 @@
+module SaganCrafter
+  module Factory
+    # :: Source of rule data
+    # select DISTINCT count(*), max(import_time), name from fqdns group by name;
+    # :: Rule output
+    # alert tcp $HOME_NET any -> any any (msg: "[PASSIVEDNS] BH1 Hit bighealthtree.com."; content: bighealthtree.com."; normalize: tightstack; classtype: suspicious-traffic; program: tightstack; sid:5100002; rev:2;)
+    class FQDNlogger
+      def initialize
+      end
+      def rule(ioc, feed_provider, feed_name, count, last_time)
+        @rule = Snort::Rule.new(
+          {
+            :enabled => true,
+            :action => 'alert',
+            :proto => 'tcp',
+            :src => '$HOME_NET',
+            :sport => 'any',
+            :dir => '<>',
+            :dst => 'any',
+            :dport => 'any',
+            :options => {
+              'msg' => "\"[#{SaganCrafter::Settings.fqdnlogger}] #{feed_provider} #{feed_name} - #{ioc}\"",
+              'content' => "\"#{ioc}\"",
+              'sid' => XXhash.xxh32(ioc) % 1000000000 + 1000000000,
+              'normalize' => SaganCrafter::Settings.normalizer,
+              'program' => SaganCrafter::Settings.program,
+              'rev' => count,
+              'metadata' => "time #{last_time}, xxhash #{XXhash.xxh64(ioc)}"
+              }
+            }
+        )
+      end
+      def to_s
+        @rule.to_s
+      end
+    end
+  end
+end

data/lib/sagan_crafter/factory/iplogger.rb ADDED Viewed

@@ -0,0 +1,43 @@
+module SaganCrafter
+  module Factory
+    # :: Source of rule data
+    # select DISTINCT count(*), max(import_time), name from fqdns group by name;
+    # :: Rule output
+    # alert tcp $HOME_NET any -> any any (msg: "[PASSIVEDNS] BH1 Hit bighealthtree.com."; content: bighealthtree.com."; normalize: tightstack; classtype: suspicious-traffic; program: tightstack; sid:5100002; rev:2;)
+    class IPlogger
+      def initialize
+      end
+      def rule(ioc, feed_provider, feed_name, count, last_time)
+        @rule = Snort::Rule.new(
+          {
+            :enabled => true,
+            :action => 'alert',
+            :proto => 'tcp',
+            :src => '$HOME_NET',
+            :sport => 'any',
+            :dir => '<>',
+            :dst => 'any',
+            :dport => 'any',
+            :options => {
+              'msg' => "\"[#{SaganCrafter::Settings.iplogger}] #{feed_provider} #{feed_name} - #{ioc}\"",
+              'content' => "\"#{ioc}\"",
+              'sid' => XXhash.xxh32(ioc) % 1000000000 + 1000000000,
+              'normalize' => SaganCrafter::Settings.normalizer,
+              'program' => SaganCrafter::Settings.program,
+              'rev' => count,
+              'metadata' => "time #{last_time}, xxhash #{XXhash.xxh64(ioc)}"
+              }
+            }
+        )
+      end
+      def to_s
+        @rule.to_s
+      end
+    end
+  end
+end

data/lib/sagan_crafter/main.rb ADDED Viewed

@@ -0,0 +1,7 @@
+module SaganCrafter
+    class CustomError < StandardError; end
+    class UnknownDBSchemaError < StandardError; end
+    class UnknownFactoryError < StandardError; end
+end

data/lib/sagan_crafter/ruleset.rb ADDED Viewed

@@ -0,0 +1,38 @@
+module SaganCrafter
+  class Ruleset
+    attr_reader :rules
+    def initialize(rule_sources)
+      @rules_builders = []
+      @rules = []
+      rule_sources.each do |source|
+        @rules << new_rule_source(source)
+      end
+      @rules
+    end
+    def to_s
+      @rules.to_s
+    end
+  end
+  class FQDNRuleset < Ruleset
+    def new_rule_source(source)
+      puts "#[sagan-crafter] #{self.class} - #{source}" if SaganCrafter::Settings.verbose
+      printer = SaganCrafter::Backends::SQLite.new(SaganCrafter::Factory::FQDNlogger.new )
+      printer.validate!
+      return printer.build
+    end
+  end
+  class IPRuleset < Ruleset
+    def new_rule_source(source)
+      puts "#[sagan-crafter] #{self.class} - #{source}" if SaganCrafter::Settings.verbose
+      printer = SaganCrafter::Backends::SQLite.new(SaganCrafter::Factory::IPlogger.new )
+      printer.validate!
+      return printer.build
+    end
+  end
+end

data/lib/sagan_crafter/settings.rb ADDED Viewed

@@ -0,0 +1,86 @@
+module SaganCrafter
+  module Settings
+    extend self
+    @@registered_settings = []
+    # SaganCrafter provides a basic single-method DSL with .parameter method
+    # being used to define a set of available settings.
+    # This method takes one or more symbols, with each one being
+    # a name of the configuration option.
+    def parameter(*names)
+      names.each do |name|
+        attr_accessor name
+        @@registered_settings.push(name)
+        # For each given symbol we generate accessor method that sets option's
+        # value being called with an argument, or returns option's current value
+        # when called without arguments
+        undef_method name if method_defined? name
+        define_method name do |*values|
+          value = values.first
+          if value
+            send("#{name}=", value)
+          else
+            instance_variable_defined?("@#{name}") ?  instance_variable_get("@#{name}") : nil
+          end
+        end
+      end
+    end
+    # And we define a wrapper for the configuration block, that we'll use to set up
+    # our set of options
+    def config &block
+      instance_eval(&block)
+    end
+    # list available settings
+    def self.list
+      @@registered_settings
+    end
+    def self.reset!
+      self.config do
+        verbose false
+        fqdnlogger  "PASSIVEDNS"
+        iplogger    "CXTRACKER"
+        normalizer  "tightstack"
+        program     "tightstack"
+        sql_table_name "fqdns"
+        sql_file_location "/tmp/threat.db"
+      end
+    end
+    def self.to_h
+      c = {}
+      SaganCrafter::Settings.list.each do |toggle|
+        c[toggle.to_sym] = SaganCrafter::Settings.send(toggle)
+      end
+      return c
+    end
+    def self.print
+      SaganCrafter::Settings.list.each do |toggle|
+        puts "#{toggle} => #{SaganCrafter::Settings.send(toggle)}"
+      end
+    end
+  end
+  # [1] pry(#<SaganCrafter::CLI>)> Settings.list
+  # => [:verbose]
+  Settings.config do
+    parameter :verbose
+    parameter :fqdnlogger
+    parameter :iplogger
+    parameter :normalizer
+    parameter :program
+    parameter :sql_table_name
+    parameter :sql_file_location
+  end
+  Settings.reset!
+end

data/lib/sagan_crafter/version.rb ADDED Viewed

@@ -0,0 +1,3 @@
+module SaganCrafter
+  VERSION = "0.3.0"
+end

data/lib/sagan_crafter.rb ADDED Viewed

@@ -0,0 +1,20 @@
+require 'rubygems'
+require "sagan_crafter/version"
+require 'snort/rule'
+require 'sqlite3'
+require 'xxhash'
+require 'pry'
+module SaganCrafter
+  $:.unshift(File.dirname(__FILE__))
+  XX="myconstant"
+  require "sagan_crafter/main"
+  require "sagan_crafter/settings"
+  require "sagan_crafter/version"
+  require "sagan_crafter/ruleset"
+  require "sagan_crafter/backends/sqlite"
+  require "sagan_crafter/factorize"
+  #require "sagan_crafter/factory/fqdnlogger"
+  #require "sagan_crafter/factory/iplogger"
+end

data/sagan_crafter.gemspec ADDED Viewed

@@ -0,0 +1,31 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'sagan_crafter/version'
+Gem::Specification.new do |spec|
+  spec.name          = "sagan_crafter"
+  spec.version       = SaganCrafter::VERSION
+  spec.authors       = ["shadowbq"]
+  spec.email         = ["shadowbq@gmail.com"]
+  spec.summary       = %q{Write a short summary, because Rubygems requires one.}
+  spec.description   = %q{Write a longer description or delete this line.}
+  spec.homepage      = "https://github.com/shadowbq/sagan_crafter"
+  spec.license       = "MIT"
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+  spec.add_development_dependency "bundler", "~> 1.11"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+  spec.add_development_dependency "bump"
+  spec.add_dependency "snort-rule", "~> 1.5"
+  spec.add_dependency "sqlite3"
+  spec.add_dependency "xxhash"
+  spec.add_dependency "pry"
+end

metadata ADDED Viewed

@@ -0,0 +1,179 @@
+--- !ruby/object:Gem::Specification
+name: sagan_crafter
+version: !ruby/object:Gem::Version
+  version: 0.3.0
+platform: ruby
+authors:
+- shadowbq
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2016-10-31 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: bump
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: snort-rule
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: xxhash
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Write a longer description or delete this line.
+email:
+- shadowbq@gmail.com
+executables:
+- sagan-craft
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
+- CODE_OF_CONDUCT.md
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- exe/sagan-craft
+- lib/sagan_crafter.rb
+- lib/sagan_crafter/backends/sqlite.rb
+- lib/sagan_crafter/cli.rb
+- lib/sagan_crafter/factorize.rb
+- lib/sagan_crafter/factory/fqdnlogger.rb
+- lib/sagan_crafter/factory/iplogger.rb
+- lib/sagan_crafter/main.rb
+- lib/sagan_crafter/ruleset.rb
+- lib/sagan_crafter/settings.rb
+- lib/sagan_crafter/version.rb
+- sagan_crafter.gemspec
+homepage: https://github.com/shadowbq/sagan_crafter
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.4.8
+signing_key:
+specification_version: 4
+summary: Write a short summary, because Rubygems requires one.
+test_files: []