threshold 0.1.0 → 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/lib/threshold/event_filter.rb +3 -18
  3. data/lib/threshold/rate_filter.rb +5 -19
  4. data/lib/threshold/standalone.rb +34 -0
  5. data/lib/threshold/suppression.rb +4 -19
  6. data/lib/threshold/thresholds.rb +2 -2
  7. data/lib/threshold/version.rb +1 -1
  8. data/lib/threshold.rb +2 -0
  9. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: a1bada0dac9f9f832e9ffcc50fa9faea1ab14a3d
4
- data.tar.gz: 30cf5b417e323b2508e3d32291809d8b6d92f4a2
3
+ metadata.gz: 1042eb5ce497aa4b1213a7bd3081473c582a55af
4
+ data.tar.gz: ceb62f177c0093fdddd44348c0ec280b70a19261
5
5
  SHA512:
6
- metadata.gz: b1a99450cd9e0187944d439a0194033ddefbabac23a49f283f4e898f9f51515726751f20cc7d810774dedb10dc5e9eeeb895c0d67e2bf96d360321e2ced76fc2
7
- data.tar.gz: 3144ca335eb414503518ce1b67eed32b1c0888eb49c403955338cb214b35bc948b4c3456436e0bc5bdef60bfef56f7710f06f70584d269e1e9e074c2d974b789
6
+ metadata.gz: d0488d7dd8cd10e7b61d5cceba50ffa3c8ae55abf6a2518c6fafe49ad476073d15e5e99842ce24aaa94bdf7cc049124466445806696db66ae0176fffbaf952ef
7
+ data.tar.gz: f36ee54af3b3e38cae04b603e68f97eaedc71599ff7d823b9f1d02b76190819f0ee5a31261701842cf4dff975442167d3b6fc4f8d3196c3091c23498912051d8
data/lib/threshold/event_filter.rb CHANGED
@@ -77,14 +77,15 @@ module Threshold
77
77
 
78
78
  include Veto.model(EventFilterValidator.new)
79
79
  include Comparable
80
+ include Threshold::Standalone
80
81
 
81
82
  def initialize(line="")
82
83
  transform(line) unless line.empty?
83
84
  end
84
85
 
85
- def to_s
86
+ def to_s(skip = false)
86
87
  if self.valid?
87
- if defined?(@comment)
88
+ if comment?(skip)
88
89
  "event_filter gen_id #{@gid}, sig_id #{@sid}, type #{@type}, track by_#{@track_by}, count #{@count}, seconds #{@seconds} #{@comment}"
89
90
  else
90
91
  "event_filter gen_id #{@gid}, sig_id #{@sid}, type #{@type}, track by_#{@track_by}, count #{@count}, seconds #{@seconds}"
@@ -94,22 +95,6 @@ module Threshold
94
95
  end
95
96
  end
96
97
 
97
- #Comparable
98
- def <=>(anOther)
99
- #gid <=> anOther.gid
100
- c = self.class.to_s <=> anOther.class.to_s
101
- if c == 0 then
102
- d = self.gid <=> anOther.gid
103
- if d == 0 then
104
- self.sid <=> anOther.sid
105
- else
106
- return d
107
- end
108
- else
109
- return c
110
- end
111
- end
112
-
113
98
  private
114
99
 
115
100
  def transform(result)
data/lib/threshold/rate_filter.rb CHANGED
@@ -101,21 +101,23 @@ module Threshold
101
101
 
102
102
  include Veto.model(RateFilterValidator.new)
103
103
  include Comparable
104
+ include Threshold::Standalone
104
105
 
105
106
  def initialize(line="")
106
107
  transform(line) unless line.empty?
107
108
  end
108
109
 
109
- def to_s
110
+ def to_s(skip = false)
111
+
110
112
  if self.valid?
111
113
  if apply_to == nil then
112
- if defined?(@comment)
114
+ if comment?(skip)
113
115
  "rate_filter gen_id #{@gid}, sig_id #{@sid}, track by_#{@track_by}, count #{@count}, seconds #{@seconds}, new_action #{@new_action}, timeout #{@timeout} #{@comment}"
114
116
  else
115
117
  "rate_filter gen_id #{@gid}, sig_id #{@sid}, track by_#{@track_by}, count #{@count}, seconds #{@seconds}, new_action #{@new_action}, timeout #{@timeout}"
116
118
  end
117
119
  else
118
- if defined?(@comment)
120
+ if comment?(skip)
119
121
  "rate_filter gen_id #{@gid}, sig_id #{@sid}, count #{@count}, seconds #{@seconds}, new_action #{@new_action}, timeout #{@timeout} apply_to #{@apply_to} #{@comment}"
120
122
  else
121
123
  "rate_filter gen_id #{@gid}, sig_id #{@sid}, count #{@count}, seconds #{@seconds}, new_action #{@new_action}, timeout #{@timeout} apply_to #{@apply_to}"
@@ -125,22 +127,6 @@ module Threshold
125
127
  raise InvalidRateFilterObject, 'Rate Filter did not validate'
126
128
  end
127
129
  end
128
-
129
- #Comparable
130
- def <=>(anOther)
131
- #gid <=> anOther.gid
132
- c = self.class.to_s <=> anOther.class.to_s
133
- if c == 0 then
134
- d = self.gid <=> anOther.gid
135
- if d == 0 then
136
- self.sid <=> anOther.sid
137
- else
138
- return d
139
- end
140
- else
141
- return c
142
- end
143
- end
144
130
 
145
131
  private
146
132
 
data/lib/threshold/standalone.rb ADDED
@@ -0,0 +1,34 @@
1
+ module Threshold
2
+ module Standalone
3
+
4
+ # Handle Comment Skipping
5
+ def comment?(skip)
6
+ if skip
7
+ return false
8
+ else
9
+ if defined?(@comment)
10
+ return true
11
+ else
12
+ return false
13
+ end
14
+ end
15
+ end
16
+
17
+ #Comparable
18
+ def <=>(anOther)
19
+ #gid <=> anOther.gid
20
+ c = self.class.to_s <=> anOther.class.to_s
21
+ if c == 0 then
22
+ d = self.gid <=> anOther.gid
23
+ if d == 0 then
24
+ self.sid <=> anOther.sid
25
+ else
26
+ return d
27
+ end
28
+ else
29
+ return c
30
+ end
31
+ end
32
+
33
+ end
34
+ end
data/lib/threshold/suppression.rb CHANGED
@@ -45,37 +45,22 @@ module Threshold
45
45
 
46
46
  include Veto.model(SuppressionValidator.new)
47
47
  include Comparable
48
+ include Threshold::Standalone
48
49
 
49
50
  def initialize(line="")
50
51
  transform(line) unless line.empty?
51
52
  end
52
53
 
53
- #Comparable
54
- def <=>(anOther)
55
- #gid <=> anOther.gid
56
- c = self.class.to_s <=> anOther.class.to_s
57
- if c == 0 then
58
- d = self.gid <=> anOther.gid
59
- if d == 0 then
60
- self.sid <=> anOther.sid
61
- else
62
- return d
63
- end
64
- else
65
- return c
66
- end
67
- end
68
-
69
- def to_s
54
+ def to_s(skip = false)
70
55
  if self.valid?
71
56
  if track_by == nil then
72
- if defined?(@comment)
57
+ if comment?(skip)
73
58
  "suppress gen_id #{@gid}, sig_id #{@sid} #{@comment}"
74
59
  else
75
60
  "suppress gen_id #{@gid}, sig_id #{@sid}"
76
61
  end
77
62
  else
78
- if defined?(@comment)
63
+ if comment?(skip)
79
64
  "suppress gen_id #{@gid}, sig_id #{@sid}, track by_#{@track_by}, ip #{@ip} #{@comment}"
80
65
  else
81
66
  "suppress gen_id #{@gid}, sig_id #{@sid}, track by_#{@track_by}, ip #{@ip}"
data/lib/threshold/thresholds.rb CHANGED
@@ -75,13 +75,13 @@ module Threshold
75
75
  end
76
76
  end
77
77
 
78
- def to_s
78
+ def to_s(skip = false)
79
79
  output = ""
80
80
 
81
81
  raise InvalidThresholdsObject, "Container object has unknown objects" unless valid?
82
82
 
83
83
  self.each do |threshold|
84
- output << threshold.to_s + "\n"
84
+ output << threshold.to_s(skip) + "\n"
85
85
  end
86
86
  return output
87
87
  end
data/lib/threshold/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  module Threshold
2
- VERSION = '0.1.0'
2
+ VERSION = '0.1.1'
3
3
  SNORT_VERSION='~>2.9.3'
4
4
  end
data/lib/threshold.rb CHANGED
@@ -6,6 +6,8 @@ require 'digest'
6
6
 
7
7
  module Threshold
8
8
  $:.unshift(File.dirname(__FILE__))
9
+ #mixin Library
10
+ require 'threshold/standalone'
9
11
 
10
12
  #require library
11
13
  require 'threshold/suppression'
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: threshold
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Shadowbq
@@ -128,6 +128,7 @@ files:
128
128
  - lib/threshold/patterns/java
129
129
  - lib/threshold/patterns/ruby
130
130
  - lib/threshold/rate_filter.rb
131
+ - lib/threshold/standalone.rb
131
132
  - lib/threshold/suppression.rb
132
133
  - lib/threshold/thresholds.rb
133
134
  - lib/threshold/version.rb