From b1f3e31be392df619d794daa714f61a858d3e35c Mon Sep 17 00:00:00 2001 From: Olivier Blin Date: Thu, 18 Aug 2005 14:06:36 +0000 Subject: new name is Interactive Firewall --- perl-install/network/activefw.pm | 104 ------------------------------------- perl-install/network/ifw.pm | 104 +++++++++++++++++++++++++++++++++++++ perl-install/standalone/drakids | 24 ++++----- perl-install/standalone/net_applet | 24 ++++----- 4 files changed, 128 insertions(+), 128 deletions(-) delete mode 100644 perl-install/network/activefw.pm create mode 100644 perl-install/network/ifw.pm diff --git a/perl-install/network/activefw.pm b/perl-install/network/activefw.pm deleted file mode 100644 index ef6fdf8b9..000000000 --- a/perl-install/network/activefw.pm +++ /dev/null @@ -1,104 +0,0 @@ -package network::activefw; - -use dbus_object; -use Socket; - -our @ISA = qw(dbus_object); - -sub new { - my ($type, $bus, $filter) = @_; - - my $con = $bus->{connection}; - $con->add_filter($filter); - $con->add_match("type='signal',interface='com.mandriva.monitoring.activefw'"); - - my $o = dbus_object::new($type, - $bus, - "com.mandriva.monitoring", - "/com/mandriva/monitoring/activefw", - "com.mandriva.monitoring.activefw"); - dbus_object::set_gtk2_watch($o); - $o; -} - -sub blacklist { - my ($o, $seq, $blacklist) = @_; - $o->call_method('Blacklist', - Net::DBus::Binding::Value->new(&Net::DBus::Binding::Message::TYPE_UINT32, $seq), - Net::DBus::Binding::Value->new(&Net::DBus::Binding::Message::TYPE_UINT32, $blacklist)); -} - -sub unblacklist { - my ($o, $addr) = @_; - $o->call_method('UnBlacklist', - Net::DBus::Binding::Value->new(&Net::DBus::Binding::Message::TYPE_UINT32, $addr)); -} - -sub whitelist { - my ($o, $addr) = @_; - $o->call_method('Whitelist', - Net::DBus::Binding::Value->new(&Net::DBus::Binding::Message::TYPE_UINT32, $addr)); -} - -sub unwhitelist { - my ($o, $addr) = @_; - $o->call_method('UnWhitelist', - Net::DBus::Binding::Value->new(&Net::DBus::Binding::Message::TYPE_UINT32, $addr)); -} - -sub get_interactive { - my ($o) = @_; - $o->call_method('GetMode'); -} - -sub set_interactive { - my ($o, $mode) = @_; - $o->call_method('SetMode', - Net::DBus::Binding::Value->new(&Net::DBus::Binding::Message::TYPE_UINT32, $mode)); -} - -sub get_reports { - my ($o) = @_; - $o->call_method('GetReports'); -} - -sub get_blacklist { - my ($o) = @_; - $o->call_method('GetBlacklist'); -} - -sub get_whitelist { - my ($o) = @_; - $o->call_method('GetWhitelist'); -} - -sub format_date { - my ($timestamp) = @_; - require c; - c::strftime("%c", localtime($timestamp)); -} - -sub get_service { - my ($port) = @_; - getservbyport($port, undef) || $port; -} - -sub get_ip_address { - my ($addr) = @_; - inet_ntoa(pack('L', $addr)); -} - -sub resolve_address { - my ($ip_addr) = @_; - #- try to resolve address, timeout after 2 seconds - my $hostname; - eval { - local $SIG{ALRM} = sub { die "ALARM" }; - alarm 2; - $hostname = gethostbyaddr(inet_aton($ip_addr), AF_INET); - alarm 0; - }; - $hostname || $ip_addr; -} - -1; diff --git a/perl-install/network/ifw.pm b/perl-install/network/ifw.pm new file mode 100644 index 000000000..99ca87944 --- /dev/null +++ b/perl-install/network/ifw.pm @@ -0,0 +1,104 @@ +package network::ifw; + +use dbus_object; +use Socket; + +our @ISA = qw(dbus_object); + +sub new { + my ($type, $bus, $filter) = @_; + + my $con = $bus->{connection}; + $con->add_filter($filter); + $con->add_match("type='signal',interface='com.mandriva.monitoring.ifw'"); + + my $o = dbus_object::new($type, + $bus, + "com.mandriva.monitoring", + "/com/mandriva/monitoring/ifw", + "com.mandriva.monitoring.ifw"); + dbus_object::set_gtk2_watch($o); + $o; +} + +sub blacklist { + my ($o, $seq, $blacklist) = @_; + $o->call_method('Blacklist', + Net::DBus::Binding::Value->new(&Net::DBus::Binding::Message::TYPE_UINT32, $seq), + Net::DBus::Binding::Value->new(&Net::DBus::Binding::Message::TYPE_UINT32, $blacklist)); +} + +sub unblacklist { + my ($o, $addr) = @_; + $o->call_method('UnBlacklist', + Net::DBus::Binding::Value->new(&Net::DBus::Binding::Message::TYPE_UINT32, $addr)); +} + +sub whitelist { + my ($o, $addr) = @_; + $o->call_method('Whitelist', + Net::DBus::Binding::Value->new(&Net::DBus::Binding::Message::TYPE_UINT32, $addr)); +} + +sub unwhitelist { + my ($o, $addr) = @_; + $o->call_method('UnWhitelist', + Net::DBus::Binding::Value->new(&Net::DBus::Binding::Message::TYPE_UINT32, $addr)); +} + +sub get_interactive { + my ($o) = @_; + $o->call_method('GetMode'); +} + +sub set_interactive { + my ($o, $mode) = @_; + $o->call_method('SetMode', + Net::DBus::Binding::Value->new(&Net::DBus::Binding::Message::TYPE_UINT32, $mode)); +} + +sub get_reports { + my ($o) = @_; + $o->call_method('GetReports'); +} + +sub get_blacklist { + my ($o) = @_; + $o->call_method('GetBlacklist'); +} + +sub get_whitelist { + my ($o) = @_; + $o->call_method('GetWhitelist'); +} + +sub format_date { + my ($timestamp) = @_; + require c; + c::strftime("%c", localtime($timestamp)); +} + +sub get_service { + my ($port) = @_; + getservbyport($port, undef) || $port; +} + +sub get_ip_address { + my ($addr) = @_; + inet_ntoa(pack('L', $addr)); +} + +sub resolve_address { + my ($ip_addr) = @_; + #- try to resolve address, timeout after 2 seconds + my $hostname; + eval { + local $SIG{ALRM} = sub { die "ALARM" }; + alarm 2; + $hostname = gethostbyaddr(inet_aton($ip_addr), AF_INET); + alarm 0; + }; + $hostname || $ip_addr; +} + +1; diff --git a/perl-install/standalone/drakids b/perl-install/standalone/drakids index c3ae398ab..99c679d74 100644 --- a/perl-install/standalone/drakids +++ b/perl-install/standalone/drakids @@ -10,7 +10,7 @@ use mygtk2 qw(gtknew); use ugtk2 qw(:dialogs); use POSIX qw(strftime); use dbus_object; -use network::activefw; +use network::ifw; use Gtk2::SimpleList; @@ -42,7 +42,7 @@ $whitelist->set_headers_clickable(1); $whitelist->get_column(0)->signal_connect('clicked', \&sort_by_column, $whitelist->get_model); $whitelist->get_column(0)->set_sort_column_id(0); -my $activefw = network::activefw->new(dbus_object::system_bus(), sub { +my $ifw = network::ifw->new(dbus_object::system_bus(), sub { my ($_con, $msg) = @_; my $member = $msg->get_member; if ($member eq 'Blacklist') { @@ -93,7 +93,7 @@ sub sort_by_column { } sub handle_init() { - $activefw->attach_object; + $ifw->attach_object; init_lists(); } @@ -105,7 +105,7 @@ sub list_remove_addr { #- may throw an exception sub init_blacklist() { - my @packets = $activefw->get_blacklist; + my @packets = $ifw->get_blacklist; while (my @blacklist = splice(@packets, 0, 8)) { handle_blacklist(@blacklist); } @@ -120,13 +120,13 @@ sub handle_blacklist { push @{$blacklist->{data}}, [ $addr, $timestamp, - network::activefw::format_date($timestamp), - network::activefw::resolve_address(network::activefw::get_ip_address($addr)), + network::ifw::format_date($timestamp), + network::ifw::resolve_address(network::ifw::get_ip_address($addr)), $prefix eq 'SCAN' ? N("Port scanning") : $prefix eq 'SERV' ? N("Service attack") : $prefix eq 'PASS' ? N("Password cracking") : '', - network::activefw::get_service($port) || '', + network::ifw::get_service($port) || '', $indev, $protocol || '', ]; @@ -138,7 +138,7 @@ sub get_selected_blacklist() { sub unblacklist { my @addr = @_; - eval { $activefw->unblacklist($_) foreach @addr }; + eval { $ifw->unblacklist($_) foreach @addr }; if (!$@) { list_remove_addr($blacklist->{data}, @addr); } else { @@ -148,7 +148,7 @@ sub unblacklist { #- may throw an exception sub init_whitelist() { - handle_whitelist($_) foreach $activefw->get_whitelist; + handle_whitelist($_) foreach $ifw->get_whitelist; } sub clear_whitelist() { @@ -157,7 +157,7 @@ sub clear_whitelist() { sub handle_whitelist { my ($addr) = @_; - push @{$whitelist->{data}}, [ $addr, network::activefw::resolve_address(network::activefw::get_ip_address($addr)) ]; + push @{$whitelist->{data}}, [ $addr, network::ifw::resolve_address(network::ifw::get_ip_address($addr)) ]; } sub get_selected_whitelist() { @@ -167,13 +167,13 @@ sub get_selected_whitelist() { sub whitelist { my @addr = @_; unblacklist(@addr); - eval { $activefw->whitelist($_) foreach @addr }; + eval { $ifw->whitelist($_) foreach @addr }; $@ and err_dialog(N("Active Firewall"), N("Unable to contact daemon")); } sub unwhitelist { my @addr = @_; - eval { $activefw->unwhitelist($_) foreach @addr }; + eval { $ifw->unwhitelist($_) foreach @addr }; if (!$@) { list_remove_addr($whitelist->{data}, @addr); } else { diff --git a/perl-install/standalone/net_applet b/perl-install/standalone/net_applet index 37399329c..89d531f11 100644 --- a/perl-install/standalone/net_applet +++ b/perl-install/standalone/net_applet @@ -10,7 +10,7 @@ use network::tools; use run_program; use mygtk2 qw(gtknew); use dbus_object; -use network::activefw; +use network::ifw; use network::monitor; use detect_devices; @@ -32,7 +32,7 @@ my $watched_interface; my $dbus = dbus_object::system_bus(); my $monitor = network::monitor->new($dbus); -my ($activefw, $interactive_cb, @attacks_queue); +my ($ifw, $interactive_cb, @attacks_queue); my %pixbufs = ( @@ -109,13 +109,13 @@ $balloon->signal_connect(button_press_event => sub { ask_attack_verdict($attacks_queue[0]); }); -$activefw = network::activefw->new($dbus, sub { +$ifw = network::ifw->new($dbus, sub { my ($_con, $msg) = @_; my $member = $msg->get_member; if ($member eq 'Attack') { handle_attack($msg->get_args_list); } elsif ($member eq 'Init') { - $activefw->attach_object; + $ifw->attach_object; checkNetworkForce(); } }); @@ -281,11 +281,11 @@ sub generate_menu { push @settings, $create_item->('chooseProfile'); my $interactive; - eval { $interactive = $activefw->get_interactive }; + eval { $interactive = $ifw->get_interactive }; if (defined $interactive) { $interactive_cb = gtkshow(gtksignal_connect(gtkset_active(Gtk2::CheckMenuItem->new_with_label(N("Interactive intrusion detection")), $interactive), - toggled => sub { eval { $activefw->set_interactive(to_bool($_[0]->get_active)) } })); + toggled => sub { eval { $ifw->set_interactive(to_bool($_[0]->get_active)) } })); push @settings, $interactive_cb; } push @settings, gtkshow(gtksignal_connect(gtkset_active(Gtk2::CheckMenuItem->new_with_label(N("Always launch on startup")), getAutoStart()), @@ -317,7 +317,7 @@ sub setAutoStart { } sub get_unprocessed_attacks() { - my @packets = eval { $activefw->get_reports }; + my @packets = eval { $ifw->get_reports }; while (my @attack = splice(@packets, 0, 9)) { handle_attack(@attack); } @@ -325,9 +325,9 @@ sub get_unprocessed_attacks() { sub handle_attack { my $attack = { mapn { $_[0] => $_[1] } [ 'seq', 'timestamp', 'indev', 'prefix', 'sensor', 'protocol', 'addr', 'port', 'icmp_type' ], \@_ }; - $attack->{ip_addr} = network::activefw::get_ip_address($attack->{addr}); - $attack->{hostname} = network::activefw::resolve_address($attack->{ip_addr}); - $attack->{service} = network::activefw::get_service($attack->{port}); + $attack->{ip_addr} = network::ifw::get_ip_address($attack->{addr}); + $attack->{hostname} = network::ifw::resolve_address($attack->{ip_addr}); + $attack->{service} = network::ifw::get_service($attack->{port}); $attack->{msg} = $attack->{prefix} eq "SCAN" ? N("A port scanning attack has been attempted by %s.", $attack->{hostname}) : $attack->{prefix} eq "SERV" ? N("The %s service has been attacked by %s.", $attack->{service}, $attack->{hostname}) : $attack->{prefix} eq "PASS" ? N("A password cracking attack has been attempted by %s.", $attack->{hostname}) @@ -341,7 +341,7 @@ sub set_blacklist_verdict { #- default is to blacklist defined $verdict or $verdict = 1; - eval { $activefw->blacklist($seq, $verdict) }; + eval { $ifw->blacklist($seq, $verdict) }; $@ and err_dialog(N("Active Firewall"), N("Unable to contact daemon")); shift @attacks_queue; @@ -394,7 +394,7 @@ sub ask_attack_verdict { gtknew('HBox', children => [ 0, gtknew('Label', text => " "), 1, gtknew('VBox', children_loose => [ - N("Attack time: %s", network::activefw::format_date($attack->{timestamp})), + N("Attack time: %s", network::ifw::format_date($attack->{timestamp})), N("Network interface: %s", $attack->{indev}), N("Attack type: %s", $attack->{prefix}), if_($attack->{protocol}, N("Protocol: %s", $attack->{protocol})), -- cgit v1.2.1