[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-dev] ossec-hids: README (NEW) manager.c (HEAD) [dcid]

To: dancid@xxxxxxxxxxxxxxx
Subject: [ossec-dev] ossec-hids: README (NEW) manager.c (HEAD) [dcid]
From: OSSEC CVS <cvs-commit@xxxxxxxxx>
Date: Tue, 29 Aug 2006 16:35:45 -0300 (ADT)
Content-transfer-encoding: 8bit

Module name:	ossec-hids
Changes by:	dcid	06/08/29 16:35:43

Modified files:
	manager.c
Added files:
	README

Log message:
Description: More fixes for the client/server control. Added global ossec lock and some new rules..
Reviewed by: dcid
Bug:

--- NEW FILE: README ---
How Remoted works:

Three daemons (forked):

-Secured (udp port 1514)
-Syslogd (udp port 514)
-Syslogd (tcp port 514)


-How secured works:

-Three threads.

-Main thread (remote receiver).
  - Receives data from remote clients.
  - If the data is a log, send to analysisd.
  - If data is connection related, send to the manager thread
    (by save_controlmsg).
-AR_Forward (local receiver).
  - Receives data (active responses) locally from analysisd.
  - Forward them to the configured agent.
-Manager (sends data to remote clients).
  - Waits for messages from the main thread (wait_for_msgs).


Index: manager.c
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/remoted/manager.c,v
diff -u -r1.28 -r1.29
--- manager.c	28 Aug 2006 18:45:27 -0000	1.28
+++ manager.c	29 Aug 2006 19:35:42 -0000	1.29
@@ -338,16 +338,16 @@
 
     char *uname;
     char agent_file[OS_MAXSTR +1];
+    char msg_ack[OS_FLSIZE +1];
 
     FILE *fp;
     
+    msg_ack[OS_FLSIZE] = '\0';
     
     /* Startup message  -- communicate back to the agent */
     if(strcmp(msg, HC_STARTUP) == 0)
     {
-        char msg_ack[OS_FLSIZE +1];
-        msg_ack[OS_FLSIZE] = '\0';
-        snprintf(msg_ack, OS_FLSIZE, "%s%s", CONTROL_HEADER, HC_STARTUP_ACK);
+        snprintf(msg_ack, OS_FLSIZE, "%s%s", CONTROL_HEADER, HC_ACK);
         send_msg(agentid, msg_ack);
         
         return;    
@@ -363,6 +363,12 @@
                                                        keys.ips[agentid]);
         return;
     }
+
+
+    /* Uname received, send ok to agent */
+    snprintf(msg_ack, OS_FLSIZE, "%s%s", CONTROL_HEADER, HC_ACK);
+    send_msg(agentid, msg_ack);
+    
 
     *msg = '\0';
     msg++;

Prev by Date: [ossec-dev] ossec-hids: ossec2base.conf (HEAD) [meirm]
Next by Date: [ossec-dev] ossec-hids: monitor_agents.c (NEW) main.c (HEAD) monitord.c (HEAD) monitord.h (HEAD) [dcid]
Previous by thread: [ossec-dev] ossec-hids: ossec2base.conf (HEAD) [meirm]
Next by thread: [ossec-dev] ossec-hids: monitor_agents.c (NEW) main.c (HEAD) monitord.c (HEAD) monitord.h (HEAD) [dcid]
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.