(ids) add suricata scripts to list registered classtypes

2026-03-20 11:26:13 +00:00 · 2015-06-11 18:55:03 +02:00 · 2015-06-11 18:55:03 +02:00 · 101101fa94
commit 101101fa94
parent ca8e54ef6d
2 changed files with 59 additions and 0 deletions
--- a/src/opnsense/scripts/suricata/listClasstypes.py
+++ b/src/opnsense/scripts/suricata/listClasstypes.py
@ -0,0 +1,45 @@
+#!/usr/bin/env python2.7
+"""
+    Copyright (c) 2015 Ad Schellevis
+
+    part of OPNsense (https://www.opnsense.org/)
+
+    All rights reserved.
+
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are met:
+
+    1. Redistributions of source code must retain the above copyright notice,
+     this list of conditions and the following disclaimer.
+
+    2. Redistributions in binary form must reproduce the above copyright
+     notice, this list of conditions and the following disclaimer in the
+     documentation and/or other materials provided with the distribution.
+
+    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+    POSSIBILITY OF SUCH DAMAGE.
+
+    --------------------------------------------------------------------------------------
+    script to fetch all classtypes from the installed suricata rules using the shared rule cache:
+"""
+import json
+from rulecache import RuleCache
+
+if __name__ == '__main__':
+    rc = RuleCache()
+    if rc.isChanged():
+        rc.create()
+
+    items=rc.listClassTypes()
+    result = {'items': items, 'count':len(items)}
+
+    print (json.dumps(result))
+
--- a/src/opnsense/scripts/suricata/rulecache.py
+++ b/src/opnsense/scripts/suricata/rulecache.py
@ -199,3 +199,17 @@ class RuleCache(object):
            result['rows'].append(record)

        return result
+
+    def listClassTypes(self):
+        """
+        :return: list of installed classtypes
+        """
+        result = []
+        db = sqlite3.connect(self.cachefile)
+        cur = db.cursor()
+        cur.execute('select distinct classtype from rules')
+        for record in cur.fetchall():
+            result.append(record[0])
+
+        return sorted(result)
+