From 2f3080a06b1d957d3e2a122a131a799512f81741 Mon Sep 17 00:00:00 2001
From: Olivier Blin <oblin@mandriva.org>
Date: Wed, 24 Aug 2005 18:07:47 +0000
Subject: - net_applet: stop icon blink when an Interactive Firewall alert
 isn't processed - drakids: add log tab - drakids: allow to clear logs -
 net_applet: stop icon blinking when drakids is run or clear logs -
 net_applet: present drakids window on click on menu if drakids is already run
 - factorize packet reading to network::ifw::attack_to_hash

---
 perl-install/standalone/net_applet | 65 ++++++++++++++++++++++++--------------
 1 file changed, 41 insertions(+), 24 deletions(-)

(limited to 'perl-install/standalone/net_applet')

diff --git a/perl-install/standalone/net_applet b/perl-install/standalone/net_applet
index 0cfb4a978..12437f921 100644
--- a/perl-install/standalone/net_applet
+++ b/perl-install/standalone/net_applet
@@ -33,6 +33,8 @@ my $watched_interface;
 
 my %pixbufs =
   (
+      firewall => gtkcreate_pixbuf('/usr/lib/libDrakX/icons/drakfirewall.png'),
+      firewall_icon => gtkcreate_pixbuf('/usr/lib/libDrakX/icons/drakfirewall.png')->scale_simple(24, 24, 'hyper'),
       state => { map { $_ => gtkcreate_pixbuf($_) } qw(connected disconnected) },
       link_level => { map {
           my $f = "./wifi-$_.png";
@@ -94,7 +96,7 @@ $eventbox->signal_connect(button_press_event => sub {
 
 $icon->show_all;
 
-my ($dbus, $monitor, $ifw, $interactive_cb, @attacks_queue);
+my ($dbus, $monitor, $ifw, $interactive_cb, @attacks_queue, $ifw_alert);
 eval { $dbus = dbus_object::system_bus() };
 eval { $monitor = network::monitor->new($dbus) } if $dbus;
 eval {
@@ -106,6 +108,8 @@ eval {
         } elsif ($member eq 'Init') {
             $ifw->attach_object;
             checkNetworkForce();
+        } elsif ($member eq 'AlertAck') {
+            $ifw_alert = 0;
         }
     });
 } if $dbus;
@@ -114,11 +118,13 @@ $bubble = Gtk2::NotificationBubble->new;
 $bubble->attach($icon);
 $bubble->signal_connect(timeout => sub {
     #- on timeout, apply default policy
-    exists $attacks_queue[0]{handled} or set_blacklist_verdict($attacks_queue[0]{seq}, undef);
+    set_blacklist_verdict($attacks_queue[0]{seq}, undef);
 });
 $bubble->signal_connect(clicked => sub {
-    $attacks_queue[0]{handled} = 1;
     $bubble->hide;
+    $ifw_alert = 0;
+    eval { $ifw->send_alert_ack };
+    update_tray_icon();
     ask_attack_verdict($attacks_queue[0]);
 });
 
@@ -157,7 +163,12 @@ sub run_drakroam() {
     run_program::raw({ detach => 1 }, '/usr/sbin/drakroam') unless is_running('drakroam');
 }
 sub run_drakids() {
-    run_program::raw({ detach => 1 }, '/usr/sbin/drakids') unless is_running('drakids');
+    $ifw_alert = 0;
+    if (is_running('drakids')) {
+        eval { $ifw->send_manage_request };
+    } else {
+        run_program::raw({ detach => 1 }, '/usr/sbin/drakids');
+    }
 }
 sub generate_wireless_menuitem {
     my ($net) = @_;
@@ -234,14 +245,19 @@ sub go2State {
             }
             $menu->destroy;
         }
-        $menu = generate_menu($state_type, $interface);
+        $menu = generate_menu($interface);
     }
 }
+sub update_tray_icon() {
+    !$ifw_alert || $img->get_storage_type ne 'pixbuf' ?
+      $img->set_from_pixbuf($pixbufs{state}{$current_state eq 'connected' ? 'connected' : 'disconnected'}) :
+      $img->set_from_stock('gtk-dialog-warning', 'small-toolbar');
+}
 sub generate_menu {
-    my ($state_type, $interface) = @_;
+    my ($interface) = @_;
 
-    $img->set_from_pixbuf($pixbufs{state}{$state_type eq 'connected' ? 'connected' : 'disconnected'});
-    gtkset_tip(Gtk2::Tooltips->new, $eventbox, formatAlaTeX(common::sprintf_fixutf8(translate($tooltips{$state_type}), $interface)));
+    update_tray_icon();
+    gtkset_tip(Gtk2::Tooltips->new, $eventbox, formatAlaTeX(common::sprintf_fixutf8(translate($tooltips{$current_state}), $interface)));
 
     my $menu = Gtk2::Menu->new;
     my $create_item = sub {
@@ -271,15 +287,15 @@ sub generate_menu {
     my $interactive;
     eval { $interactive = $ifw->get_interactive };
 
-    if ($state_type eq 'connected') {
+    if ($current_state eq 'connected') {
         $menu->append($create_item->($_)) foreach qw(downNetwork monitorNetwork);
         $menu->append($create_item->('monitorIFW')) if defined $interactive;
-    } elsif ($state_type eq 'disconnected') {
+    } elsif ($current_state eq 'disconnected') {
         $menu->append($create_item->('upNetwork'));
     }
     $menu->append($create_item->('confNetwork'));
 
-    if ($state_type ne 'notconfigured') {
+    if ($current_state ne 'notconfigured') {
         $menu->append($create_item->('wireless')) if $has_wireless;
         push @settings, $create_item->('chooseInterface');
     }
@@ -321,21 +337,13 @@ sub setAutoStart {
 
 sub get_unprocessed_attacks() {
     my @packets = eval { $ifw->get_reports };
-    while (my @attack = splice(@packets, 0, 9)) {
+    while (my @attack = splice(@packets, 0, 10)) {
         handle_attack(@attack);
     }
 }
 
 sub handle_attack {
-    my $attack = { mapn { $_[0] => $_[1] } [ 'seq', 'timestamp', 'indev', 'prefix', 'sensor', 'protocol', 'addr', 'port', 'icmp_type' ], \@_ };
-    $attack->{ip_addr} = network::ifw::get_ip_address($attack->{addr});
-    $attack->{hostname} = network::ifw::resolve_address($attack->{ip_addr});
-    $attack->{protocol} = network::ifw::get_protocol($attack->{protocol});
-    $attack->{service} = network::ifw::get_service($attack->{port});
-    $attack->{msg} = $attack->{prefix} eq "SCAN" ? N("A port scanning attack has been attempted by %s.", $attack->{hostname})
-      : $attack->{prefix} eq "SERV" ? N("The %s service has been attacked by %s.", $attack->{service}, $attack->{hostname})
-      : $attack->{prefix} eq "PASS" ? N("A password cracking attack has been attempted by %s.", $attack->{hostname})
-      : undef;
+    my $attack = network::ifw::attack_to_hash(\@_);
     push @attacks_queue, $attack;
     @attacks_queue == 1 and notify_attack($attacks_queue[0]);
 }
@@ -359,15 +367,24 @@ sub notify_attack {
         print "unhandled attack type, skipping\n";
         return;
     }
-    $bubble->set(N("Interactive Firewall"), gtkcreate_img("/usr/lib/libDrakX/icons/drakfirewall.png"), $attack->{msg});
+    unless ($ifw_alert) {
+        $ifw_alert = 1;
+        update_tray_icon();
+        Glib::Timeout->add(1000, sub {
+            update_tray_icon();
+            $ifw_alert;
+        });
+    }
+    $bubble->set(N("Interactive Firewall"), Gtk2::Image->new_from_pixbuf($pixbufs{firewall}), $attack->{msg});
     $bubble->show(5000);
+
 }
 
 sub ask_attack_verdict {
     my ($attack) = @_;
 
     my $w = ugtk2->new(N("Interactive Firewall: intrusion detected"),
-                   icon => "/usr/lib/libDrakX/icons/drakfirewall.png");
+                       icon => "/usr/lib/libDrakX/icons/drakfirewall.png");
     my ($yes, $no, $auto);
 
     gtkadd($w->{window},
@@ -384,7 +401,7 @@ sub ask_attack_verdict {
                                         gtknew('HBox', children => [
                                             0, gtknew('Label', text => "     "),
                                             1, gtknew('VBox', children_loose => [
-                                                N("Attack time: %s", network::ifw::format_date($attack->{timestamp})),
+                                                N("Attack time: %s", $attack->{date}),
                                                 N("Network interface: %s", $attack->{indev}),
                                                 N("Attack type: %s", $attack->{prefix}),
                                                 if_($attack->{protocol}, N("Protocol: %s", $attack->{protocol})),
-- 
cgit v1.2.1