ptr and regexp ptr searching now works
This commit is contained in:
父節點
5fb4f34090
當前提交
13184cf0d5
|
@ -95,6 +95,8 @@ sub new{
|
|||
protocols=>{},
|
||||
ports=>{},
|
||||
states=>{},
|
||||
ptrs=>{},
|
||||
resolver=>Net::DNS::Resolver->new,
|
||||
};
|
||||
bless $self;
|
||||
|
||||
|
@ -190,6 +192,26 @@ sub get_states{
|
|||
return keys( %{ $self->{states} } );
|
||||
}
|
||||
|
||||
=head2 get_ptrs
|
||||
|
||||
Gets the list of PTRs to search for.
|
||||
|
||||
The returned value is a array. Each item is a PTR.
|
||||
|
||||
my @PTRs=$search->get_ptrs;
|
||||
|
||||
=cut
|
||||
|
||||
sub get_ptrs{
|
||||
my $self=$_[0];
|
||||
|
||||
if( ! $self->errorblank ){
|
||||
return undef;
|
||||
}
|
||||
|
||||
return keys( %{ $self->{ptrs} } );
|
||||
}
|
||||
|
||||
=head2 search
|
||||
|
||||
This runs the search results.
|
||||
|
@ -226,6 +248,8 @@ sub search{
|
|||
my $cidr_require=0;
|
||||
my $protocol_require=0;
|
||||
my $state_require=0;
|
||||
my $ptr_require=0;
|
||||
my $ptr_r_require=0;
|
||||
|
||||
# figure out what we need to check for
|
||||
if (defined( $self->{cidrs}[0] )){
|
||||
|
@ -240,6 +264,12 @@ sub search{
|
|||
if (defined( (keys(%{ $self->{states} }))[0] )){
|
||||
$state_require=1;
|
||||
}
|
||||
if (defined( (keys(%{ $self->{ptrs} }))[0] )){
|
||||
$ptr_require=1;
|
||||
}
|
||||
if (defined( $self->{ptrs_r}[0] )){
|
||||
$ptr_r_require=1;
|
||||
}
|
||||
|
||||
my $res_int=0;
|
||||
while ( defined( $res->[2]->{active_conns}->[$res_int] ) ){
|
||||
|
@ -292,23 +322,19 @@ sub search{
|
|||
my $port_meet=1;
|
||||
my $cidr_meet=1;
|
||||
my $protocol_meet=1;
|
||||
my $ptr_meet=1;
|
||||
my $ptr_r_meet=1;
|
||||
my $protocol_search=lc( $protocol );
|
||||
my $state_meet=1;
|
||||
my $state_search=lc( $state );
|
||||
|
||||
# reset the meet checks
|
||||
if ( $port_require ) {
|
||||
$port_meet=0;
|
||||
}
|
||||
if ( $cidr_require ) {
|
||||
$cidr_meet=0;
|
||||
}
|
||||
if ( $protocol_require ) {
|
||||
$protocol_meet=0;
|
||||
}
|
||||
if ( $state_require ) {
|
||||
$state_meet=0;
|
||||
}
|
||||
# XOR the meet and require, setting the meet to false if required
|
||||
$port_meet = $port_meet ^ $port_require;
|
||||
$cidr_meet = $cidr_meet ^ $cidr_require;
|
||||
$protocol_meet = $protocol_meet ^ $protocol_require;
|
||||
$state_meet = $state_meet ^ $state_require;
|
||||
$ptr_meet = $ptr_meet ^ $ptr_require;
|
||||
$ptr_r_meet = $ptr_r_meet ^ $ptr_r_require;
|
||||
|
||||
# checks the forient port against each CIDR
|
||||
my @cidrs=@{ $self->{cidrs} };
|
||||
|
@ -363,9 +389,82 @@ sub search{
|
|||
$state_meet=1;
|
||||
}
|
||||
|
||||
# check if the PTR of any matches
|
||||
if ( $ptr_require ){
|
||||
#look both up
|
||||
my $answer_f=$self->{resolver}->search( $foreign_host );
|
||||
my $answer_l=$self->{resolver}->search( $local_host );
|
||||
|
||||
# figure out if we have a ptr or not for foriegn host and if so grab it
|
||||
my $ptr_f='NOTFOUND';
|
||||
if ( defined( $answer_f->{answer}[0] ) &&
|
||||
( ref( $answer_f->{answer}[0] ) eq 'Net::DNS::RR::PTR' )
|
||||
){
|
||||
$ptr_f=lc($answer_f->{answer}[0]->ptrdname);
|
||||
}
|
||||
|
||||
# figure out if we have a ptr or not for foriegn host and if so grab it
|
||||
my $ptr_l='NOTFOUND';
|
||||
if ( defined( $answer_l->{answer}[0] ) &&
|
||||
( ref( $answer_l->{answer}[0] ) eq 'Net::DNS::RR::PTR' )
|
||||
){
|
||||
$ptr_l=lc($answer_l->{answer}[0]->ptrdname);
|
||||
}
|
||||
|
||||
# now that we have it, check if either are defined in the lookup table
|
||||
if (
|
||||
defined( $self->{ptrs}{$ptr_l} ) ||
|
||||
defined( $self->{ptrs}{$ptr_f} )
|
||||
){
|
||||
$ptr_meet=1;
|
||||
}
|
||||
}
|
||||
|
||||
# check if the PTR of any matches
|
||||
if ( $ptr_r_require ){
|
||||
#look both up
|
||||
my $answer_f=$self->{resolver}->search( $foreign_host );
|
||||
my $answer_l=$self->{resolver}->search( $local_host );
|
||||
|
||||
# figure out if we have a ptr or not for foriegn host and if so grab it
|
||||
my $ptr_f='NOTFOUND';
|
||||
if ( defined( $answer_f->{answer}[0] ) &&
|
||||
( ref( $answer_f->{answer}[0] ) eq 'Net::DNS::RR::PTR' )
|
||||
){
|
||||
$ptr_f=lc($answer_f->{answer}[0]->ptrdname);
|
||||
}
|
||||
|
||||
# figure out if we have a ptr or not for foriegn host and if so grab it
|
||||
my $ptr_l='NOTFOUND';
|
||||
if ( defined( $answer_l->{answer}[0] ) &&
|
||||
( ref( $answer_l->{answer}[0] ) eq 'Net::DNS::RR::PTR' )
|
||||
){
|
||||
$ptr_l=lc($answer_l->{answer}[0]->ptrdname);
|
||||
}
|
||||
|
||||
# check if any of them match
|
||||
my @ptrs_r=@{ $self->{ptrs_r} };
|
||||
my $ptr=pop( @ptrs_r );
|
||||
while (
|
||||
defined( $ptr ) &&
|
||||
( ! $ptr_r_meet )
|
||||
){
|
||||
|
||||
if (
|
||||
( $ptr_f =~ /$ptr/ ) ||
|
||||
( $ptr_l =~ /$ptr/ )
|
||||
){
|
||||
$ptr_r_meet=1;
|
||||
}
|
||||
|
||||
$ptr=pop( @ptrs_r );
|
||||
}
|
||||
}
|
||||
|
||||
# if these are all good, add them
|
||||
if (
|
||||
$port_meet && $protocol_meet && $cidr_meet && $state_meet
|
||||
$port_meet && $protocol_meet && $cidr_meet && $state_meet &&
|
||||
$ptr_meet && $ptr_r_meet
|
||||
){
|
||||
push( @found, {
|
||||
'foreign_port'=>$foreign_port,
|
||||
|
@ -530,9 +629,6 @@ Starting and trailing white space is removed.
|
|||
|
||||
# Set the desired ports to the contents of @protocols.
|
||||
$search->set_protocols( \@protocols );
|
||||
if ( $search->error ){
|
||||
warn("Bad value in ports array");
|
||||
}
|
||||
|
||||
# removes any previous selections
|
||||
$search->set_protocols;
|
||||
|
@ -572,6 +668,92 @@ sub set_protocols{
|
|||
return 1;
|
||||
}
|
||||
|
||||
=head2 set_ptrs
|
||||
|
||||
This sets a list of PTRs to search for.
|
||||
|
||||
One value is taken and that is a array.
|
||||
|
||||
If this is undef, then previous settings will be cleared.
|
||||
|
||||
White space, [\ \t], at the start or end of each
|
||||
item is removed. It is then converted to lowercase
|
||||
and saved for later lookup.
|
||||
|
||||
# Set the desired PTRs to the contents of @ptrs.
|
||||
$search->set_ptrs( \@ptrs );
|
||||
|
||||
# removes any previous selections
|
||||
$search->set_ptrs;
|
||||
|
||||
=cut
|
||||
|
||||
sub set_ptrs{
|
||||
my $self=$_[0];
|
||||
my @ptrs;
|
||||
if ( defined( $_[1] ) ){
|
||||
@ptrs=@{ $_[1] };
|
||||
}
|
||||
|
||||
if( ! $self->errorblank ){
|
||||
return undef;
|
||||
}
|
||||
|
||||
if ( !defined( $ptrs[0] ) ){
|
||||
$self->{ptrs}={};
|
||||
}
|
||||
|
||||
# convert each one to a array
|
||||
my %lookup_hash;
|
||||
my $ptr=pop( @ptrs );
|
||||
while( defined( $ptr ) ){
|
||||
$ptr=~s/^[\ \t]*//;
|
||||
$ptr=~s/^[\ \t]*//;
|
||||
|
||||
#create a LCed version of the ptr name
|
||||
$lookup_hash{ lc( $ptr) }=1;
|
||||
|
||||
$ptr=pop( @ptrs );
|
||||
}
|
||||
|
||||
# save it for later use
|
||||
$self->{ptrs}=\%lookup_hash;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
=head2 set_ptrs_r
|
||||
|
||||
This sets a list of PTRs to search for via regexp
|
||||
|
||||
One value is taken and that is a array.
|
||||
|
||||
If this is undef, then previous settings will be cleared.
|
||||
|
||||
# Set the desired PTRs regexps to the contents of @ptrs.
|
||||
$search->set_ptrs_r( \@ptrs );
|
||||
|
||||
# removes any previous selections
|
||||
$search->set_ptrs;
|
||||
|
||||
=cut
|
||||
|
||||
sub set_ptrs_r{
|
||||
my $self=$_[0];
|
||||
my @regexps;
|
||||
if ( defined( $_[1] ) ){
|
||||
@regexps=@{ $_[1] };
|
||||
}
|
||||
|
||||
if( ! $self->errorblank ){
|
||||
return undef;
|
||||
}
|
||||
|
||||
$self->{ptrs_r}=\@regexps;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
=head2 set_states
|
||||
|
||||
Sets the list of desired states to match.
|
||||
|
|
Loading…
Reference in New Issue