[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ossec-dev] ossec-hids: ossec2base.pl (HEAD) ossec2based.pl (HEAD) [meirm]
- To: dancid@xxxxxxxxxxxxxxx
- Subject: [ossec-dev] ossec-hids: ossec2base.pl (HEAD) ossec2based.pl (HEAD) [meirm]
- From: OSSEC CVS <cvs-commit@xxxxxxxxx>
- Date: Tue, 29 Aug 2006 14:58:01 -0300 (ADT)
- Content-transfer-encoding: 8bit
Module name: ossec-hids
Changes by: meirm 06/08/29 14:57:58
Modified files:
ossec2base.pl ossec2based.pl
Log message:
Added -n switch for no name resolution
Index: ossec2base.pl
===================================================================
RCS file: /usr/cvsroot/ossec-ui/base/bin/ossec2base.pl,v
diff -u -r1.7 -r1.8
--- ossec2base.pl 24 Aug 2006 20:11:10 -0000 1.7
+++ ossec2base.pl 29 Aug 2006 17:57:58 -0000 1.8
@@ -22,6 +22,7 @@
$conf{dbuser}='user';
$conf{fieldseparator}=';'; # legacy - not in use
$conf{daemonize}=0;
+$conf{resolve}=1;
my($OCT) = '(?:25[012345]|2[0-4]\d|1?\d\d?)';
@@ -40,6 +41,8 @@
$conf{daemonize}=1;
}elsif ( m/^-h$|^--help$/){
&help();
+ }elsif ( m/^-n$|^--noname$/){
+ $conf{'resolve'}=0;
}elsif ( m/^-v$|^--verbose$/){
$VERBOSE=1;
}elsif ( m/^--interface$/){
@@ -124,16 +127,20 @@
#$dstip=$srcip;
if (exists $resolv{$alerthost}){
$dstip=$resolv{$alerthost};
- }else{
- $dstip=`host $alerthost 2>/dev/null | grep 'has address' `;
- if ($dstip =~m/(\d+\.\d+\.\d+\.\d+)/){
- $dstip=$1;
- }else{
- $dstip=$srcip;
- }
- $resolv{$alerthost}=$dstip;
- }
+ }else{
+ if ($conf{'resolve'}){
+ $dstip=`host $alerthost 2>/dev/null | grep 'has address' `;
+ if ($dstip =~m/(\d+\.\d+\.\d+\.\d+)/ ){
+ $dstip=$1;
+ }else{
+ $dstip=$srcip;
+ }
+ }else{
+ $dstip=$alerthost;
+ }
+ $resolv{$alerthost}=$dstip;
+ }
#
$last_cid= &prepair2basedata(
$hids_id,
Index: ossec2based.pl
===================================================================
RCS file: /usr/cvsroot/ossec-ui/base/bin/ossec2based.pl,v
diff -u -r1.8 -r1.9
--- ossec2based.pl 24 Aug 2006 20:11:10 -0000 1.8
+++ ossec2based.pl 29 Aug 2006 17:57:58 -0000 1.9
@@ -22,6 +22,7 @@
$conf{dbuser}='user';
$conf{fieldseparator}=';'; # legacy - not in use
$conf{daemonize}=0;
+$conf{resolve}=1;
my($OCT) = '(?:25[012345]|2[0-4]\d|1?\d\d?)';
@@ -40,6 +41,8 @@
$conf{daemonize}=1;
}elsif ( m/^-h$|^--help$/){
&help();
+ }elsif ( m/^-n$|^--noname$/){
+ $conf{'resolve'}=0;
}elsif ( m/^-v$|^--verbose$/){
$VERBOSE=1;
}elsif ( m/^--interface$/){
@@ -152,13 +155,18 @@
if (exists $resolv{$alerthost}){
$dstip=$resolv{$alerthost};
}else{
- $dstip=`host $alerthost 2>/dev/null | grep 'has address' `;
- if ($dstip =~m/(\d+\.\d+\.\d+\.\d+)/ ){
- $dstip=$1;
- }else{
- $dstip=$srcip;
- }
+ if ($conf{'resolve'}){
+ $dstip=`host $alerthost 2>/dev/null | grep 'has address' `;
+ if ($dstip =~m/(\d+\.\d+\.\d+\.\d+)/ ){
+ $dstip=$1;
+ }else{
+ $dstip=$srcip;
+ }
+ }else{
+ $dstip=$alerthost;
+ }
$resolv{$alerthost}=$dstip;
+
}
$last_cid= &prepair2basedata(
$hids_id,
OSSEC home |
Main Index |
Thread Index
OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.