[ossec-dev] ossec-hids: ossec2base.pl (HEAD) ossec2based.pl (HEAD) [meirm]

[OSSEC CVS <cvs-commit@xxxxxxxxx>]

Module name:	ossec-hids
Changes by:	meirm	06/08/30 09:35:45

Modified files:
	ossec2base.pl ossec2based.pl

Log message:
fixes

Index: ossec2base.pl
===================================================================
RCS file: /usr/cvsroot/ossec-ui/base/bin/ossec2base.pl,v
diff -u -r1.9 -r1.10
--- ossec2base.pl	30 Aug 2006 11:56:40 -0000	1.9
+++ ossec2base.pl	30 Aug 2006 12:35:45 -0000	1.10
@@ -204,6 +204,7 @@
 		# BYPASS
 		# dstip=srcip
 		#$dstip=$srcip;
+		$alerthostip=$alerthost if $alerthost=~ m/^$IP$/;
 		if ($alerthostip){
 			$dstip=$alerthostip;
 			$resolv{$alerthost}=$dstip;
@@ -259,8 +260,9 @@
 		$mail=$3;
 		$mail=$mail ? $mail : 'nomail';
 #2006 Aug 29 17:19:52 firewall -> /var/log/messages
+#2006 Aug 30 11:52:14 192.168.0.45->/var/log/secure
 #
-	}elsif ( m/^([0-9]+\s\w+\s[0-9]+\s[0-9]+:[0-9]+:[0-9]+)\s+(\S+)\s+->(.*)$/){
+	}elsif ( m/^([0-9]+\s\w+\s[0-9]+\s[0-9]+:[0-9]+:[0-9]+)\s+(\S+)\s*->(.*)$/){
 		$date=$1;
 		$alerthost=$2;
 		$datasource=$3;

Index: ossec2based.pl
===================================================================
RCS file: /usr/cvsroot/ossec-ui/base/bin/ossec2based.pl,v
diff -u -r1.10 -r1.11
--- ossec2based.pl	30 Aug 2006 11:56:40 -0000	1.10
+++ ossec2based.pl	30 Aug 2006 12:35:45 -0000	1.11
@@ -232,6 +232,7 @@
 		# dstip=srcip
 		#$dstip=$srcip;
 		#
+		$alerthostip=$alerthost if $alerthost=~ m/^$IP$/;
 		if ($alerthostip){
 			$dstip=$alerthostip;
 			$resolv{$alerthost}=$dstip;
@@ -286,8 +287,9 @@
 		$mail=$3;
 		$mail=$mail ? $mail : 'nomail';
 #2006 Aug 29 17:19:52 firewall -> /var/log/messages
+#2006 Aug 30 11:52:14 192.168.0.45->/var/log/secure
 #
-	}elsif ( m/^([0-9]+\s\w+\s[0-9]+\s[0-9]+:[0-9]+:[0-9]+)\s+(\S+)\s+->(.*)$/){
+	}elsif ( m/^([0-9]+\s\w+\s[0-9]+\s[0-9]+:[0-9]+:[0-9]+)\s+(\S+)\s*->(.*)$/){
 		$date=$1;
 		$alerthost=$2;
 		$datasource=$3;