chrisdevette / pulledpork

Automatically exported from code.google.com/p/pulledpork
GNU General Public License v2.0
0 stars 0 forks source link

snort_control 1361 not executed after IP blacklist update #153

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. Download of IP blacklist

What is the expected output? What do you see instead?
Pulledpork should issue 'snort_control <path> 1361', but it's not done

What version of the product are you using? On what operating system?
pulledpork-0.7.0 on Centos-6.5

Please provide any additional information below.

This problem is caused by the following code fragment in the pulledpork code:

sub iprep_control {
    my ($bin,$path) = @_;
    return unless -f $bin;
    my $cmd = "$bin $path 1361";
    return unless (-f $bin && -f $path);

Unfortunately, since $path is a directory, '-f $path' is always false, and thus 
$cmd is never executed. A simple fix would address the problem:

@@ -985,7 +985,7 @@
     my ($bin,$path) = @_;
     return unless -f $bin;
     my $cmd = "$bin $path 1361";
-    return unless (-f $bin && -f $path);
+    return unless (-f $bin && -d $path);
     print "Issuing reputation socket reload command\n";
     print "Command: $cmd\n" if $Verbose;
     open(FH,"$cmd 2>&1 |");

Also, currently pulledpork expects to find the control socket in the same 
directory as IPRVersion.dat file (defined with the 'IPRVersion' configuration 
file parameter). Maybe it is worthwhile to use another configuration file 
parameter for the socket location?

Original issue reported on code.google.com by Risto.Va...@gmail.com on 14 Mar 2014 at 8:21