Commit 752772e2 authored by Ad Schellevis's avatar Ad Schellevis Committed by Franco Fichtner

style fix installRules.py

parent b910abd0
...@@ -34,60 +34,61 @@ from ConfigParser import ConfigParser ...@@ -34,60 +34,61 @@ from ConfigParser import ConfigParser
import lib.rulecache import lib.rulecache
from lib import rule_source_directory from lib import rule_source_directory
RuleCache = lib.rulecache.RuleCache() if __name__ == '__main__':
RuleCache = lib.rulecache.RuleCache()
rule_config_fn = ('%s../rules.config'%rule_source_directory)
rule_target_dir = ('%s../opnsense.rules'%rule_source_directory) rule_config_fn = ('%s../rules.config'%rule_source_directory)
rule_yaml_list = ('%s../installed_rules.yaml'%rule_source_directory) rule_target_dir = ('%s../opnsense.rules'%rule_source_directory)
rule_yaml_list = ('%s../installed_rules.yaml'%rule_source_directory)
# parse OPNsense rule config
rule_updates = {} # parse OPNsense rule config
if os.path.exists(rule_config_fn): rule_updates = {}
cnf = ConfigParser() if os.path.exists(rule_config_fn):
cnf.read(rule_config_fn) cnf = ConfigParser()
for section in cnf.sections(): cnf.read(rule_config_fn)
if section[0:5] == 'rule_': for section in cnf.sections():
sid = section[5:] if section[0:5] == 'rule_':
rule_updates[sid] = {} sid = section[5:]
for rule_item in cnf.items(section): rule_updates[sid] = {}
rule_updates[sid][rule_item[0]] = rule_item[1] for rule_item in cnf.items(section):
rule_updates[sid][rule_item[0]] = rule_item[1]
# create target rule directory if not existing
if not os.path.exists(rule_target_dir): # create target rule directory if not existing
os.mkdir(rule_target_dir, 0o755) if not os.path.exists(rule_target_dir):
os.mkdir(rule_target_dir, 0o755)
# install ruleset
all_installed_files = [] # install ruleset
for filename in RuleCache.listLocal(): all_installed_files = []
output_data = [] for filename in RuleCache.listLocal():
for rule_info_record in RuleCache.listRules(filename=filename): output_data = []
# default behavior, do not touch rule, only copy to output for rule_info_record in RuleCache.listRules(filename=filename):
rule = rule_info_record['rule'] # default behavior, do not touch rule, only copy to output
# change rule if in rule rule updates rule = rule_info_record['rule']
if rule_info_record['metadata'] is not None and 'sid' in rule_info_record['metadata'] \ # change rule if in rule rule updates
and rule_info_record['metadata']['sid'] in rule_updates: if rule_info_record['metadata'] is not None and 'sid' in rule_info_record['metadata'] \
# search last comment marker and rule_info_record['metadata']['sid'] in rule_updates:
for i in range(len(rule_info_record['rule'])): # search last comment marker
if rule[i] != '#': for i in range(len(rule_info_record['rule'])):
break if rule[i] != '#':
break
# generate altered rule
if 'enabled' in rule_updates[rule_info_record['metadata']['sid']]: # generate altered rule
if (rule_updates[rule_info_record['metadata']['sid']]['enabled']) == '0': if 'enabled' in rule_updates[rule_info_record['metadata']['sid']]:
rule = ('#%s'%rule[i:]) if (rule_updates[rule_info_record['metadata']['sid']]['enabled']) == '0':
else: rule = ('#%s'%rule[i:])
rule = rule[i:] else:
rule = rule[i:]
output_data.append(rule)
output_data.append(rule)
# write data to file
all_installed_files.append(filename.split('/')[-1]) # write data to file
open('%s/%s'%(rule_target_dir, filename.split('/')[-1]), 'wb').write('\n'.join(output_data)) all_installed_files.append(filename.split('/')[-1])
open('%s/%s'%(rule_target_dir, filename.split('/')[-1]), 'wb').write('\n'.join(output_data))
# flush all written rule filenames into yaml file
with open(rule_yaml_list,'wb') as f_out: # flush all written rule filenames into yaml file
f_out.write('%YAML 1.1\n') with open(rule_yaml_list,'wb') as f_out:
f_out.write('---\n') f_out.write('%YAML 1.1\n')
f_out.write('rule-files:\n') f_out.write('---\n')
for installed_file in all_installed_files: f_out.write('rule-files:\n')
f_out.write(' - %s\n'%installed_file) for installed_file in all_installed_files:
f_out.write(' - %s\n'%installed_file)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment