From: Stefan Schantl Date: Sun, 24 Jul 2022 12:06:08 +0000 (+0200) Subject: ids-ports-helper-lib.pl: New helper library X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2ccfbc3b3ed047f8837459af564da163e7144de2;p=people%2Fstevee%2Fipfire-2.x.git ids-ports-helper-lib.pl: New helper library This helper librarie contains functions to collect the used ports of various services. They are used by the IDS to generate the services and ports file, which can be used by rules files. Signed-off-by: Stefan Schantl --- diff --git a/config/cfgroot/ids-ports-helper-lib.pl b/config/cfgroot/ids-ports-helper-lib.pl new file mode 100644 index 000000000..eb740de40 --- /dev/null +++ b/config/cfgroot/ids-ports-helper-lib.pl @@ -0,0 +1,104 @@ +#!/usr/bin/perl -w +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 2 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2018-2022 IPFire Team # +# # +############################################################################ + +use strict; + +package IDS::Ports::Helper; + +require '/var/ipfire/general-functions.pl'; + +# Array which contains the currently supported services. +my @services = ( + "tor", +); + +# Pakfire DB dir (taken from pakfire conf module) +my $pakfire_dbdir = "/opt/pakfire/db"; + +# Directory where the meta files of installed packages lives. +my $pakfire_installed_dir = "$pakfire_dbdir/installed"; + +# +## The main get_service_ports function. +# +## For each supported service a "name_helper" function is required. +## This function must return a hash with the value name and the port. +# +sub get_service_ports() { + my %services = (); + + # Loop through the array of supported services. + foreach my $service (@services) { + my %ports; + + # Convert service name into lower case format. + $service = lc($service); + + # Skip service (addon) if it is not installed. + next unless (-f "$pakfire_installed_dir/meta-$service"); + + # Generate name of the service helper function and call it if + # available. + if (my $sub = __PACKAGE__->can($service . "_helper")) { + %ports = $sub->(); + } + + # Merge the main service hash and the current obtained ports hash. + %services = (%services, %ports); + } + + # Return the hash with the service ports. + return %services; +} + +# +## Helper function to deal with the tor service. +# +sub tor_helper() { + my %torsettings; + + # Default values. + my $tor_relay_port = "9001"; + my $tor_relay_dirport = "9030"; + my $tor_socks_port = "9050"; + + # Settings file, which contains the tor settings. + my $tor_settings_file = "${General::swroot}/tor/settings"; + + # Read-in tor settings if file is present. + &General::readhash("$tor_settings_file", \%torsettings) if (-e "$tor_settings_file"); + + # Assign configured tor settings. + $tor_relay_port = $torsettings{'TOR_RELAY_PORT'} if ($torsettings{'TOR_RELAY_PORT'}); + $tor_relay_dirport = $torsettings{'TOR_RELAY_DIRPORT'} if (($torsettings{'TOR_RELAY_DIRPORT'}) && ($torsettings{'TOR_RELAY_DIRPORT'} ne "0")); + $tor_socks_port = $torsettings{'TOR_SOCKS_PORT'} if ($torsettings{'TOR_SOCKS_PORT'}); + + # Create ports hash with the assigned ports. + my %ports = ( + "TOR_RELAY_PORT" => "$tor_relay_port", + "TOR_RELAY_DIRPORT" => "$tor_relay_dirport", + "TOR_SOCKS_PORT" => "$tor_socks_port" + ); + + return %ports; +}