diff options
Diffstat (limited to 'samples/services/snort_ids/docker/grpc/snort_server.py')
-rw-r--r-- | samples/services/snort_ids/docker/grpc/snort_server.py | 98 |
1 files changed, 98 insertions, 0 deletions
diff --git a/samples/services/snort_ids/docker/grpc/snort_server.py b/samples/services/snort_ids/docker/grpc/snort_server.py new file mode 100644 index 0000000..3c2fdb1 --- /dev/null +++ b/samples/services/snort_ids/docker/grpc/snort_server.py @@ -0,0 +1,98 @@ +# Copyright (c) Authors of Clover +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 + +from concurrent import futures +import time + +import grpc +import subprocess +import os +import logging + +import snort_pb2 +import snort_pb2_grpc + +_ONE_DAY_IN_SECONDS = 60 * 60 * 24 +GRPC_PORT = '[::]:50052' + + +class Controller(snort_pb2_grpc.ControllerServicer): + + def __init__(self): + logging.basicConfig(filename='snort.log', level=logging.DEBUG) + self.snort = 0 + self.StartSnort("", "") + + # Add custom rules + def AddRules(self, r, context): + try: + # file_local = 'testfile' + file_local = '/etc/snort/rules/local.rules' + f = open(file_local, 'a') + rule = 'alert {} {} {} -> {} {} '.format( + r.protocol, r.src_ip, r.src_port, r.dest_ip, r.dest_port) \ + + '(msg:"{}"; sid:{}; rev:{};)\n'.format(r.msg, r.sid, r.rev) + f.write(rule) + f.close + msg = "Added to local rules" + except Exception as e: + msg = "Failed to add to local rules" + logging.debug(e) + return snort_pb2.SnortReply(message=msg) + + def StartSnort(self, request, context): + try: + if self.snort == 0: + p = subprocess.Popen( + ["snort -i eth0 -u snort -g snort -c /etc/snort/snort.conf \ + -k none"], shell=True) + self.snort = p + msg = "Started Snort on pid: {}".format(p.pid) + else: + msg = "Snort already running" + except Exception as e: + self.snort = 0 + logging.debug(e) + msg = "Failed to start Snort" + return snort_pb2.SnortReply(message=msg) + + def StopSnort(self, request, context): + try: + subprocess.Popen.kill(self.snort) + msg1 = "Stopped Snort on pid: {}, ".format(self.snort.pid) + self.snort = 0 + except Exception as e: + msg1 = "Failed to stop Snort, " + logging.debug(e) + try: + # clear logs + logPath = '/var/log/snort' + logList = os.listdir(logPath) + for logName in logList: + os.remove(logPath+"/"+logName) + msg2 = "Cleared Snort logs" + except Exception as e: + msg2 = "Failed to clear logs" + logging.debug(e) + msg = msg1 + msg2 + return snort_pb2.SnortReply(message=msg) + + +def serve(): + server = grpc.server(futures.ThreadPoolExecutor(max_workers=10)) + snort_pb2_grpc.add_ControllerServicer_to_server(Controller(), server) + server.add_insecure_port(GRPC_PORT) + server.start() + try: + while True: + time.sleep(_ONE_DAY_IN_SECONDS) + except KeyboardInterrupt: + server.stop(0) + + +if __name__ == '__main__': + serve() |