snort-rule 1.5.4 → 1.5.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/snort/rule.rb +18 -0
- data/lib/snort/rule/version.rb +1 -1
- data/lib/snort/ruleset.rb +4 -0
- data/test/test_snort-community-rules.rb +5 -0
- data/test/test_snort-rule.rb +6 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: dc4abe51bf78ce86a278a1dfc65d3381364dc4b7
|
|
4
|
+
data.tar.gz: 6b73e841276f7afdc8bf92abfe8cedb4a8ba1258
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 15c7248b6abc41ad804a0f2642319004511b278e0e0c59c40950a4af87c09d995d7fa75fd647cb9d7840ecc6901f796132492ae7da021066904c9e1be5248255
|
|
7
|
+
data.tar.gz: d22ab9ddf0180e75880db08ce1453dd4b3ab776b1c924ed00edd31fa8bb2256fe0c0b2abc493d57d027d7041aa067db25067c7f795e96bae5912d870dbf0ca49
|
data/lib/snort/rule.rb
CHANGED
|
@@ -67,6 +67,24 @@ module Snort
|
|
|
67
67
|
rule
|
|
68
68
|
end
|
|
69
69
|
|
|
70
|
+
def to_json(options_only=false)
|
|
71
|
+
if options_only
|
|
72
|
+
@options.to_json
|
|
73
|
+
else
|
|
74
|
+
{
|
|
75
|
+
:enabled => @enabled,
|
|
76
|
+
:action => @action,
|
|
77
|
+
:proto => @proto,
|
|
78
|
+
:src => @src,
|
|
79
|
+
:sport => @sport,
|
|
80
|
+
:dir => @dir,
|
|
81
|
+
:dst => @dst,
|
|
82
|
+
:dport => @dport,
|
|
83
|
+
:options => @options
|
|
84
|
+
}.to_json
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
|
|
70
88
|
def enable
|
|
71
89
|
@enabled = true
|
|
72
90
|
end
|
data/lib/snort/rule/version.rb
CHANGED
data/lib/snort/ruleset.rb
CHANGED
|
@@ -51,6 +51,11 @@ class TestSnortCommunityRules < Minitest::Test
|
|
|
51
51
|
assert_equal 2522, rules.count{|r| ! r.enabled}
|
|
52
52
|
assert_equal 605, rules.count{|r| r.enabled}
|
|
53
53
|
rules.disable_all
|
|
54
|
+
count = 0
|
|
55
|
+
rules.each do |rule|
|
|
56
|
+
count += 1
|
|
57
|
+
end
|
|
58
|
+
assert_equal 3127, count
|
|
54
59
|
assert_equal 0, rules.count{|r| r.enabled}
|
|
55
60
|
assert_equal 3127, rules.count{|r| ! r.enabled}
|
|
56
61
|
rules.enable_all
|
data/test/test_snort-rule.rb
CHANGED
|
@@ -94,5 +94,11 @@ class TestSnortRule < Minitest::Test
|
|
|
94
94
|
Snort::Rule.parse("pass udp 192.168.0.1 bla bla bla 53 ( sid:48; threshold:type limit,track by_src,count 1,seconds 3600; )")
|
|
95
95
|
end
|
|
96
96
|
end
|
|
97
|
+
|
|
98
|
+
def test_dump_rule_to_json
|
|
99
|
+
require 'json'
|
|
100
|
+
rule = Snort::Rule.parse(" ### pass udp 192.168.0.1 any <> any 53 ( sid:48; threshold:type limit,track by_src,count 1,seconds 3600; )")
|
|
101
|
+
puts rule.to_json
|
|
102
|
+
end
|
|
97
103
|
|
|
98
104
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: snort-rule
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.5.
|
|
4
|
+
version: 1.5.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- chrislee35
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-
|
|
11
|
+
date: 2014-12-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|