API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 14th, 2011
136
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.10 KB | None | 0 0
raw download clone embed print report
  1. From a80695fe1c8fbc9db716f439d707ab30dbeddba0 Mon Sep 17 00:00:00 2001
  2. From: Will Metcalf <wmetcalf@qualys.com>
  3. Date: Wed, 14 Sep 2011 12:59:53 -0500
  4. Subject: [PATCH] Add VRT/ET specific sig URL's along with Local range
  5.  
  6. ---
  7. app/models/event.rb | 29 +++++++++++++++++++++++------
  8. app/views/settings/index.html.erb | 12 ++++++++++--
  9. db/seeds.rb | 4 +++-
  10. 3 files changed, 36 insertions(+), 9 deletions(-)
  11.  
  12. diff --git a/app/models/event.rb b/app/models/event.rb
  13. index fa0cb4b..df648a4 100644
  14. --- a/app/models/event.rb
  15. +++ b/app/models/event.rb
  16. @@ -9,7 +9,9 @@ class Event
  17. # Included for the truncate helper method.
  18. extend ActionView::Helpers::TextHelper
  19.  
  20. - SIGNATURE_URL = "http://rootedyour.com/snortsid?sid=$$gid$$-$$sid$$"
  21. + VRT_SIGNATURE_URL = "http://rootedyour.com/snortsid?sid=$$gid$$-$$sid$$"
  22. + ET_SIGNATURE_URL = "http://doc.emergingthreats.net/bin/view/Main/$$sid$$"
  23. + LOCAL_SIGNATURE_URL = "http://localhost/"
  24.  
  25. storage_names[:default] = "event"
  26.  
  27. @@ -133,13 +135,28 @@ class Event
  28.  
  29. def signature_url
  30. sid, gid = [/\$\$sid\$\$/, /\$\$gid\$\$/]
  31. -
  32. - @signature_url = if Setting.signature_lookup?
  33. - Setting.find(:signature_lookup)
  34. + print signature.sig_sid
  35. + if signature.sig_sid <= 1000000
  36. + @signature_url = if Setting.vrt_signature_lookup?
  37. + Setting.find(:vrt_signature_lookup)
  38. + else
  39. + VRT_SIGNATURE_URL
  40. + end
  41. + elsif (signature.sig_sid > 1000000) && (signature.sig_sid < 2000000)
  42. + @signature_url = if Setting.local_signature_lookup?
  43. + Setting.find(:local_signature_lookup)
  44. + else
  45. + LOCAL_SIGNATURE_URL
  46. + end
  47. + elsif (signature.sig_sid >= 2000000) && (signature.sig_sid < 3000000)
  48. + @signature_url = if Setting.et_signature_lookup?
  49. + Setting.find(:et_signature_lookup)
  50. + else
  51. + ET_SIGNATURE_URL
  52. + end
  53. else
  54. - SIGNATURE_URL
  55. + @signature_url = "Unknown"
  56. end
  57. -
  58. @signature_url.sub(sid, signature.sig_sid.to_s).sub(gid, signature.sig_gid.to_s)
  59. end
  60.  
  61. diff --git a/app/views/settings/index.html.erb b/app/views/settings/index.html.erb
  62. index 9d6fef3..3f6ac3d 100644
  63. --- a/app/views/settings/index.html.erb
  64. +++ b/app/views/settings/index.html.erb
  65. @@ -23,8 +23,16 @@
  66. </p>
  67.  
  68. <p>
  69. - <%= label_tag 'Signature Lookup URL' %> <i>(user $$sid$$ and $$gid$$ for the get request parameters)</i><br />
  70. - <%= text_field_tag '[settings][signature_lookup]', (Setting.signature_lookup ? Setting.find(:signature_lookup) : nil), :placeholder => 'Signature Lookup URL', :autocomplete => :off, :class => 'required url' %>
  71. + <%= label_tag 'VRT Signature Lookup URL (sids 1-1000000)' %> <i>(user $$sid$$ and $$gid$$ for the get request parameters)</i><br />
  72. + <%= text_field_tag '[settings][vrt_signature_lookup]', (Setting.vrt_signature_lookup ? Setting.find(:vrt_signature_lookup) : nil), :placeholder => 'VRT Signature Lookup URL', :autocomplete => :off, :class => 'url' %>
  73. + </p>
  74. + <p>
  75. + <%= label_tag 'Local Signature Lookup URL (sids 1000001-1999999)' %> <i>(user $$sid$$ and $$gid$$ for the get request parameters)</i><br />
  76. + <%= text_field_tag '[settings][local_signature_lookup]', (Setting.local_signature_lookup ? Setting.find(:local_signature_lookup) : nil), :placeholder => 'Local Signature Lookup URL', :autocomplete => :off, :class => 'url' %>
  77. + </p>
  78. + <p>
  79. + <%= label_tag 'ET Signature Lookup URL (sids 2000000-2999999)' %> <i>(user $$sid$$ and $$gid$$ for the get request parameters)</i><br />
  80. + <%= text_field_tag '[settings][et_signature_lookup]', (Setting.et_signature_lookup ? Setting.find(:et_signature_lookup) : nil), :placeholder => 'ET Signature Lookup URL', :autocomplete => :off, :class => 'url' %>
  81. </p>
  82.  
  83. <p>
  84. diff --git a/db/seeds.rb b/db/seeds.rb
  85. index f2a4277..1376f44 100644
  86. --- a/db/seeds.rb
  87. +++ b/db/seeds.rb
  88. @@ -7,7 +7,9 @@ User.create(:name => 'Administrator', :email => 'snorby@snorby.org', :password =
  89. # Snorby General Settings
  90. Setting.set(:company, 'Snorby.org') unless Setting.company?
  91. Setting.set(:email, 'snorby@snorby.org') unless Setting.email?
  92. -Setting.set(:signature_lookup, 'http://rootedyour.com/snortsid?sid=$$gid$$:$$sid$$') unless Setting.signature_lookup?
  93. +Setting.set(:vrt_signature_lookup, 'http://rootedyour.com/snortsid?sid=$$gid$$:$$sid$$') unless Setting.vrt_signature_lookup?
  94. +Setting.set(:local_signature_lookup, 'http://localhost/') unless Setting.local_signature_lookup?
  95. +Setting.set(:et_signature_lookup, 'http://doc.emergingthreats.net/bin/view/Main/$$sid$$') unless Setting.et_signature_lookup?
  96. Setting.set(:daily, 1) unless Setting.daily?
  97. Setting.set(:weekly, 1) unless Setting.weekly?
  98. Setting.set(:monthly, 1) unless Setting.monthly?
  99. --
  100. 1.7.0.4
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!