From 8fde6f967ff2dda8056a69418aa804e6149d79e7 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Thu, 15 Dec 2016 14:49:40 +0100 Subject: [PATCH] suricatasc: add/list/remove hostbit commands Syntax: add-hostbit Example: add-hostbit 1.2.3.4 blacklist 3600 Syntax: remove-hostbit Example: remove-hostbit 1.2.3.4 blacklist Syntax: list-hostbit Example: list-hostbit 1.2.3.4 --- scripts/suricatasc/src/suricatasc.py | 35 +++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) diff --git a/scripts/suricatasc/src/suricatasc.py b/scripts/suricatasc/src/suricatasc.py index 1a776a29a0..ae62cf205e 100644 --- a/scripts/suricatasc/src/suricatasc.py +++ b/scripts/suricatasc/src/suricatasc.py @@ -80,7 +80,7 @@ class SuricataCompleter: class SuricataSC: def __init__(self, sck_path, verbose=False): - self.cmd_list=['shutdown','quit','pcap-file','pcap-file-number','pcap-file-list','iface-list','iface-stat','register-tenant','unregister-tenant','register-tenant-handler','unregister-tenant-handler'] + self.cmd_list=['shutdown','quit','pcap-file','pcap-file-number','pcap-file-list','iface-list','iface-stat','register-tenant','unregister-tenant','register-tenant-handler','unregister-tenant-handler', 'add-hostbit', 'remove-hostbit', 'list-hostbit'] self.sck_path = sck_path self.verbose = verbose @@ -278,6 +278,39 @@ class SuricataSC: arguments = {} arguments["id"] = int(tenantid) arguments["filename"] = filename + elif "add-hostbit" in command: + try: + [cmd, ipaddress, hostbit, expire] = command.split(' ') + except: + raise SuricataCommandException("Arguments to command '%s' is missing" % (command)) + if cmd != "add-hostbit": + raise SuricataCommandException("Invalid command '%s'" % (command)) + else: + arguments = {} + arguments["ipaddress"] = ipaddress + arguments["hostbit"] = hostbit + arguments["expire"] = int(expire) + elif "remove-hostbit" in command: + try: + [cmd, ipaddress, hostbit] = command.split(' ', 2) + except: + raise SuricataCommandException("Arguments to command '%s' is missing" % (command)) + if cmd != "remove-hostbit": + raise SuricataCommandException("Invalid command '%s'" % (command)) + else: + arguments = {} + arguments["ipaddress"] = ipaddress + arguments["hostbit"] = hostbit + elif "list-hostbit" in command: + try: + [cmd, ipaddress] = command.split(' ') + except: + raise SuricataCommandException("Arguments to command '%s' is missing" % (command)) + if cmd != "list-hostbit": + raise SuricataCommandException("Invalid command '%s'" % (command)) + else: + arguments = {} + arguments["ipaddress"] = ipaddress else: cmd = command else: