summaryrefslogtreecommitdiffstats
path: root/samples/services/snort_ids/docker/grpc/snort_client.py
diff options
context:
space:
mode:
Diffstat (limited to 'samples/services/snort_ids/docker/grpc/snort_client.py')
-rw-r--r--samples/services/snort_ids/docker/grpc/snort_client.py16
1 files changed, 16 insertions, 0 deletions
diff --git a/samples/services/snort_ids/docker/grpc/snort_client.py b/samples/services/snort_ids/docker/grpc/snort_client.py
index d59b4ee..ca71af8 100644
--- a/samples/services/snort_ids/docker/grpc/snort_client.py
+++ b/samples/services/snort_ids/docker/grpc/snort_client.py
@@ -30,6 +30,8 @@ def run(args, grpc_port='50052'):
return add_tcprule(stub)
elif args['cmd'] == 'addicmp':
return add_icmprule(stub)
+ elif args['cmd'] == 'addscan':
+ return add_scanrule(stub)
elif args['cmd'] == 'start':
return start_snort(stub)
elif args['cmd'] == 'stop':
@@ -78,6 +80,20 @@ def add_icmprule(stub):
return response.message
+def add_scanrule(stub):
+ try:
+ response = stub.AddRules(snort_pb2.AddRule(
+ protocol='tcp', dest_port='any', dest_ip='$HOME_NET',
+ src_port='any', src_ip='any',
+ msg='MALWARE-CNC User-Agent ASafaWeb Scan', sid='10000003',
+ rev='001', content='"asafaweb.com"'))
+ print(stop_snort(stub))
+ print(start_snort(stub))
+ except Exception as e:
+ return e
+ return response.message
+
+
def start_snort(stub):
try:
response = stub.StartSnort(snort_pb2.ControlSnort(pid='0'))