snort-rule 1.5.3 → 1.5.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/snort/rule.rb +6 -18
  3. data/lib/snort/rule/version.rb +1 -1
  4. data/lib/snort/ruleset.rb +11 -7
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 2a7273283fb3e512503887be54a2f8fe2f9db0ba
4
- data.tar.gz: c9805f7672b3d5728ec5c81e57189f5864ee9ab4
3
+ metadata.gz: 2edb46ba49f19aed8a02939baca0f4fcc36f1513
4
+ data.tar.gz: 50fc0ba0b7bda87b7b48da6f9e17f9e8b46ee8b2
5
5
  SHA512:
6
- metadata.gz: 54ee379bd8b7f69ffd9e67e836b6e04446d9742670d2bd44563056c93368cb01434d64c2d1675b73169d282638d17a47a3eb67d411e8988909a35b4d7505c7f6
7
- data.tar.gz: 5782bd0aa94129664cca222ad73ebea3a84bc158d656881364c54be3700a8225db5404ee60d8fce4ca6b6ce4c1ec6ac7e28d0a5dc9281664512fedba62ff027a
6
+ metadata.gz: 4518b8425bc07539da1c942024fbc82ff05e87c55777bc2736a7c77752abdeabf4c84f836e0f1c43552b2f85e9cf719e9a9bff12b4482062aa93ac11dd2841e9
7
+ data.tar.gz: b9e67ac011c246d1322c42aaf724c5990ee372456e35740603558df8a41516fb80b729d8e2b2e63b9d848ce0d12003a7661b624dda1714416d7ea45782af006f
data/lib/snort/rule.rb CHANGED
@@ -10,25 +10,9 @@ require "snort/rule/option"
10
10
  # License:: Distributes under the same terms as Ruby
11
11
  module Snort
12
12
 
13
- class Comment
14
- def initialize(comment)
15
- @comment = comment
16
- end
17
-
18
- def to_s
19
- @comment
20
- end
21
-
22
- def enable
23
- end
24
-
25
- def disable
26
- end
27
- end
28
-
29
13
  # This class stores and generates the features of a snort rule
30
14
  class Rule
31
- attr_accessor :enabled, :action, :proto, :src, :sport, :dir, :dst, :dport, :options_hash
15
+ attr_accessor :enabled, :action, :proto, :src, :sport, :dir, :dst, :dport, :options_hash, :comments
32
16
  attr_reader :options
33
17
 
34
18
  # Initializes the Rule
@@ -62,13 +46,17 @@ module Snort
62
46
  add_option(opt)
63
47
  end
64
48
  end
49
+ @comments = kwargs[:comments]
65
50
  end
66
51
 
67
52
  # Output the current object into a snort rule
68
53
  def to_s(options_only=false)
69
54
  rule = ""
55
+ if @comments
56
+ rule += @comments
57
+ end
70
58
  if not @enabled
71
- rule = "#"
59
+ rule += "#"
72
60
  end
73
61
  rule += [@action, @proto, @src, @sport, @dir, @dst, @dport].join(" ") unless options_only
74
62
  if @options.any?
data/lib/snort/rule/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Snort
2
2
  class Rule
3
- VERSION = "1.5.3"
3
+ VERSION = "1.5.4"
4
4
  end
5
5
  end
data/lib/snort/ruleset.rb CHANGED
@@ -28,20 +28,25 @@ module Snort
28
28
 
29
29
  def RuleSet::from_filehandle(fh)
30
30
  rules = RuleSet.new
31
+ comments = ""
31
32
  fh.each_line do |line|
32
33
  if line =~ /(alert|log|pass|activate|dynamic|drop|reject|sdrop)/
33
34
  begin
34
35
  rule = Snort::Rule.parse(line)
35
36
  if rule
37
+ if comments.length > 0
38
+ rule.comments = comments
39
+ comments = ""
40
+ end
36
41
  rules << rule
37
42
  else
38
- rules << Snort::Comment.new(line.strip)
43
+ comments << line
39
44
  end
40
45
  rescue ArgumentError => e
41
46
  rescue NoMethodError => e
42
47
  end
43
48
  else
44
- rules << Snort::Comment.new(line.strip)
49
+ comments << line
45
50
  end
46
51
  end
47
52
  rules
@@ -80,16 +85,16 @@ module Snort
80
85
  end
81
86
 
82
87
  def length
83
- @ruleset.find_all {|r| r.class == Snort::Rule}.length
88
+ @ruleset.length
84
89
  end
85
90
 
86
91
  def count(&block)
87
- @ruleset.find_all {|r| r.class == Snort::Rule}.count(&block)
92
+ @ruleset.count(&block)
88
93
  end
89
94
 
90
95
  def enable(&block)
91
96
  count = 0
92
- @ruleset.find_all {|r| r.class == Snort::Rule}.each do |rule|
97
+ @ruleset.each do |rule|
93
98
  if block.call(rule)
94
99
  rule.enable
95
100
  count += 1
@@ -100,7 +105,7 @@ module Snort
100
105
 
101
106
  def disable(&block)
102
107
  count = 0
103
- @ruleset.find_all {|r| r.class == Snort::Rule}.each do |rule|
108
+ @ruleset.each do |rule|
104
109
  if block.call(rule)
105
110
  rule.disable
106
111
  count += 1
@@ -112,7 +117,6 @@ module Snort
112
117
  def delete(&block)
113
118
  len = @ruleset.length
114
119
  @ruleset.each do |rule|
115
- next if rule.class == Snort::Comment
116
120
  if block.call(rule)
117
121
  @ruleset -= [rule]
118
122
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: snort-rule
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.5.3
4
+ version: 1.5.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - chrislee35