#
# Credits: (see the CREDITS file bundled with the psad sources.)
#
-# Copyright (C) 1999-2007 Michael Rash (mbr@cipherdyne.org)
+# Copyright (C) 1999-2012 Michael Rash (mbr@cipherdyne.org)
#
# License (GNU Public License):
#
my $intf_inet_count = 0;
my $num_intf = 0;
for my $line (@if_out) {
- if ($line =~ /^\d+:\s+(\S+): </) {
+ if ($line =~ /^\d+:\s+(\S+)\:\s</) {
$intf_name = $1;
if ($intf_inet_count > 0) {
$num_intf++;
my $rv = 1;
my $ipt = new IPTables::Parse 'iptables' => $cmds{'iptables'}
- or die "[*] Could not acquite IPTables::Parse object: $!";
+ or die "[*] Could not acquire IPTables::Parse object: $!";
if ($fw_analyze) {
print "[+] Parsing iptables $chain chain rules.\n";
if ($fw_search_all) {
### we are not looking for specific log
### prefixes, but we need _some_ logging rule
- my $ipt_log = $ipt->default_log('filter', $chain, $fw_file);
- return 0 unless $ipt_log;
+ my ($ipt_log, $ipt_rv) = $ipt->default_log('filter', $chain, $fw_file);
+ return 0 unless $ipt_rv;
if (defined $ipt_log->{'all'}) {
### found real default logging rule (assuming it is above a default
### drop rule, which we are not actually checking here).
} else {
my $log_protos = '';
my $no_log_protos = '';
- for my $proto qw(tcp udp icmp) {
+ for my $proto (qw(tcp udp icmp)) {
if (defined $ipt_log->{$proto}) {
$log_protos .= "$proto/";
} else {
### for now we are only looking at the filter table, so if
### the iptables ruleset includes the log and drop rules in
### a user defined chain then psad will not see this.
- my $ld_hr = $ipt->default_drop('filter', $chain, $fw_file);
+ my ($ld_hr, $ipt_rv) = $ipt->default_drop('filter', $chain, $fw_file);
+
+ return 0 unless $ipt_rv;
my $num_keys = 0;
if (defined $ld_hr and keys %$ld_hr) {
$num_keys++;
my @protos;
if (defined $ld_hr->{'all'}) {
- @protos = qw(all);
+ @protos = (qw(all));
} else {
- @protos = qw(tcp udp icmp);
+ @protos = (qw(tcp udp icmp));
}
for my $proto (@protos) {
my $str1;
sub check_commands() {
my $exceptions_hr = shift;
my $caller = $0;
- my @path = qw(
+ my @path = (qw(
/bin
/sbin
/usr/bin
/usr/sbin
/usr/local/bin
/usr/local/sbin
- );
+ ));
CMD: for my $cmd (keys %cmds) {
### both mail and sendmail are special cases, mail is not required
### if "nomail" is set in REPORT_METHOD, and sendmail is only
'force-install' => 0,
'mod-dir' => 'Date-Calc'
},
- 'NetAddr:IP' => {
+ 'NetAddr::IP' => {
'force-install' => 0,
'mod-dir' => 'NetAddr-IP'
},
&perms_ownership($prod_file, 0600);
### install auto_dl, signatures, icmp_types, posf, and pf.os files
- for my $filename qw(signatures icmp_types
- posf auto_dl snort_rule_dl pf.os ip_options) {
+ for my $filename (qw(signatures icmp_types
+ posf auto_dl snort_rule_dl pf.os ip_options)) {
my $file = $config{$file_vars{$filename}};
if (-e $file) {
&archive($file) unless $noarchive;
}
### archive and remove legacy config files
- for my $filename qw(kmsgsd.conf psadwatchd.conf alert.conf
- fw_search.conf) {
+ for my $filename (qw(kmsgsd.conf psadwatchd.conf alert.conf
+ fw_search.conf)) {
my $path = "$config{'PSAD_CONF_DIR'}/$filename";
if (-e $path) {
&archive($path);
}
sub required_vars() {
- my @vars = qw(
+ my @vars = (qw(
INSTALL_LOG_FILE PSAD_DIR PSAD_RUN_DIR PSAD_LIBS_DIR
SIG_UPDATE_URL PSAD_FIFO_DIR PSAD_FIFO_FILE SNORT_RULES_DIR
IP_OPTS_FILE SIGS_FILE AUTO_DL_FILE SNORT_RULE_DL_FILE
POSF_FILE P0F_FILE IP_OPTS_FILE FW_DATA_FILE
- );
+ ));
for my $var (@vars) {
die "[*] Missing required var: $var in $psad_conf_file"
unless defined $config{$var};
projects / psad.git / commitdiff