threshold 0.1.2 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 217dfa23dfdb5c98dab0b3ae3a2296e9384d5499
-  data.tar.gz: f3544de930356120894679828caf71996cc42b53
+  metadata.gz: 4b015463dff88e20e4d903cb380d5e0301b841ee
+  data.tar.gz: 89c5bb791bd7d1899d61b000e68deaa8453d9e07
 SHA512:
-  metadata.gz: 4bbea0fa7aaaedf8562fdbec8a830c0522fe5f63108e558c8d36a3dccea84765a571c11f2014df207618b113cf0733e7b4842fe1c2e1c3770f5c0c8a08feeea3
-  data.tar.gz: b3d66ffaacf6528b2f0909a92c298eb2569d2f2765a4f85cbbd058de79aaf58ac1ac709f2460e9fddf10083e0e28208ab1d91218fe96f7eaf90be24f89c5a2a1
+  metadata.gz: 949126bde1abdf49df5489e011d415ca99d1e74c8cbc79ee84ac5f5a8e7807e7b804783d3f76ef881a693044daa2416fe86d6d54ddd9a612b74daf784458f067
+  data.tar.gz: 4804ed44bc0233eec2bf2bdada4d31db030549c060ec4414ec0ab6337aef2a806cbfb75e2ea23056e58cdb43d0748c1aded21008a50c1c2e72c0ed1206ed982c

data/lib/threshold/event_filter.rb

@@ -62,13 +62,6 @@ module Threshold
           entity.comment
       end
 
-      def track_by_set?(entity)
-          entity.track_by
-      end
-
-      def type_set?(type)
-          entity.type
-      end
   end
 
   class EventFilter 
@@ -97,6 +90,10 @@ module Threshold
 
     private
 
+    def state
+      [@gid, @sid, @type, @track_by, @count, @seconds]
+    end
+
     def transform(result)
       begin
         self.gid = result["GID"].compact.first.to_i

data/lib/threshold/rate_filter.rb

@@ -130,6 +130,11 @@ module Threshold
     
     private 
 
+    #State does not track comments
+    def state
+      [@gid, @sid, @track_by, @count, @seconds, @new_action, @timeout, @apply_to]
+    end
+
     def transform(result)
       begin 
         self.gid = result["GID"].compact.first.to_i

data/lib/threshold/standalone.rb

@@ -14,6 +14,17 @@ module Threshold
       end
     end
 
+    # Equality Methods
+    def ==(an0ther)
+      an0ther.class == self.class && an0ther.hash == hash
+    end
+
+    alias_method :eql?, :==
+
+    def hash
+      state.hash
+    end
+
     #Comparable
     def <=>(anOther)
       #gid <=> anOther.gid

data/lib/threshold/suppression.rb

@@ -73,6 +73,11 @@ module Threshold
 
     private
 
+    #State does not track comments
+    def state
+      [@gid, @sid, @track_by, @ip]
+    end
+
     def transform(result)
       begin 
         self.gid = result["GID"].compact.first.to_i

data/lib/threshold/thresholds.rb

@@ -20,11 +20,11 @@ module Threshold
 
     # Write changes to the file
     def flush
+      
       begin 
         valid_existing_file?(@file)
         raise ReadOnlyThresholdsFile if @readonly
         hash = current_hash
-        
         file = File.open(@file, 'w+')
         raise ThresholdAtomicLockFailure, 'The @file state/hash changed before we could flush the file' unless stored_hash == hash
         file.write self.sort.to_s
@@ -32,11 +32,12 @@ module Threshold
 
       rescue NonExistantThresholdFile
         raise ReadOnlyThresholdsFile if @readonly
-
         file = File.open(@file, 'w')
         file.write self.sort.to_s
         file.close
       end
+
+      stored_hash=current_hash
       return true 
     end
 
@@ -60,6 +61,7 @@ module Threshold
 
     end
 
+    # Check if all objects in the Threshold Instance report .valid?
     def valid?
       begin 
         self.each do |threshold| 
@@ -75,6 +77,8 @@ module Threshold
       end
     end
     
+    # Printer
+    # Pass (true) to_s to skip the printing of InternalObjects.comment
     def to_s(skip = false)
       output = ""
 
@@ -86,27 +90,36 @@ module Threshold
       return output
     end
 
+    # The calculated hash of the threshold.conf file at load time.
     def stored_hash
       @stored_hash
     end
     
+    def to_a
+      @thresholds
+    end
+
     ## Forwardable Corrections:
     ## Corrected for forwardable due to Core Array returning new Arrays on the methods.
 
     # Array(@thresholds) Creates a new Array on @threshold.sort so.. direct forwardable delegation fails.
     
+    # Returns a new Threshold Object
     def sort
       Thresholds.new(@thresholds.sort)
     end
 
+    # Returns a new Threshold Object
     def reverse
       Thresholds.new(@thresholds.reverse)
     end
 
+    # Returns a new Threshold Object
     def shuffle
       Thresholds.new(@thresholds.shuffle)
     end
 
+    # Returns a new Threshold Object
     def reject(&blk)
       if block_given? 
         Thresholds.new(@thresholds.reject(&blk))
@@ -115,6 +128,7 @@ module Threshold
       end   
     end
 
+    # Returns a new Threshold Object
     def select(&blk)
       if block_given? 
         Thresholds.new(@thresholds.select(&blk))
@@ -124,6 +138,7 @@ module Threshold
     end
 
     #Uniques by default to printable output
+    # Returns a new Threshold Object
     def uniq(&blk)
       if block_given? 
         Thresholds.new(@thresholds.uniq(&blk))
@@ -132,11 +147,32 @@ module Threshold
       end   
     end  
 
-    ## Complex Methods
-    ## &(union), | (intersect), + (concat) 
+    ## Complex SET Methods
+    ## &(union), | (intersect), + (concat), - (Difference) 
+
+    # + (concat)
+    # Returns a new Threshold Object
+    def +(an0ther)
+      Thresholds.new(@thresholds + an0ther.to_a)
+    end
 
-    ## Should rework to perform to_s before comparison..
-    ## include?, index 
+    # | (intersect)
+    # Returns a new Threshold Object
+    def |(an0ther)
+      Thresholds.new(@thresholds | an0ther.to_a)
+    end
+    
+    # & (union)
+    # Returns a new Threshold Object
+    def &(an0ther)
+      Thresholds.new(@thresholds & an0ther.to_a)
+    end
+
+    # - (Difference) 
+    # Returns a new Threshold Object
+    def -(an0ther)
+      Thresholds.new(@thresholds - an0ther.to_a)
+    end
 
     private
 

data/lib/threshold/version.rb

@@ -1,4 +1,4 @@
   module Threshold
-    VERSION = '0.1.2'
+    VERSION = '0.2.0'
     SNORT_VERSION='~>2.9.3'
   end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: threshold
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.2.0
 platform: ruby
 authors:
 - Shadowbq