diff options
| author |   Stephen Wong <stephen.kf.wong@gmail.com> | 2018-04-25 06:23:21 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <gerrit@opnfv.org> | 2018-04-25 06:23:21 +0000 |
| commit | 6e64b78f544be47d20692b39ac8bb1229b33ec7c (patch) | |
| tree | 935c30debdb1de8c2b97e90e7ebd7a72770862e8 /samples/services/snort_ids/docker/grpc/snort_server.py | |
| parent | 4502257eefd9654f7ea8279f753b2b9be1c8ddd5 (diff) | |
| parent | 841cc31ad8cc6a6a2e76488bde1f7103013671ae (diff) | |
Merge "Fix snort rule with blank content & WR packet in alert" into stable/fraser
Diffstat (limited to 'samples/services/snort_ids/docker/grpc/snort_server.py')
| -rw-r--r-- | samples/services/snort_ids/docker/grpc/snort_server.py | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/samples/services/snort_ids/docker/grpc/snort_server.py b/samples/services/snort_ids/docker/grpc/snort_server.py index 9ece832..223461a 100644 --- a/samples/services/snort_ids/docker/grpc/snort_server.py +++ b/samples/services/snort_ids/docker/grpc/snort_server.py @@ -33,10 +33,16 @@ class Controller(snort_pb2_grpc.ControllerServicer): # file_local = 'testfile' file_local = '/etc/snort/rules/local.rules' f = open(file_local, 'a') - rule = 'alert {} {} {} -> {} {} '.format( - r.protocol, r.src_ip, r.src_port, r.dest_ip, r.dest_port) \ - + '(msg:"{}"; content:{}; sid:{}; rev:{};)\n'.format( - r.msg, r.content, r.sid, r.rev) + if r.content: + rule = 'alert {} {} {} -> {} {} '.format( + r.protocol, r.src_ip, r.src_port, r.dest_ip, r.dest_port) \ + + '(msg:"{}"; content:{}; sid:{}; rev:{};)\n'.format( + r.msg, r.content, r.sid, r.rev) + else: + rule = 'alert {} {} {} -> {} {} '.format( + r.protocol, r.src_ip, r.src_port, r.dest_ip, r.dest_port) \ + + '(msg:"{}"; sid:{}; rev:{};)\n'.format( + r.msg, r.sid, r.rev) f.write(rule) f.close msg = "Added to local rules" |