use strict;
use threads;
use threads::shared;
+use Getopt::Long;
use Thread::Queue;
use Linux::Inotify2;
+require Guardian::Config;
require Guardian::Parser;
+require Guardian::Socket;
+
+# Define version.
+my $version ="2.0";
# Array to store the monitored logfiles.
my @monitored_files = (
"/var/log/snort/alert",
);
+# Get and store the given command line arguments in a hash.
+my %cmdargs = ();
+
+&GetOptions (\%cmdargs,
+ 'foreground|f',
+ 'config|c=s',
+ 'help|h',
+ 'version|v',
+);
+
+# Show help / version information.
+if (defined($cmdargs{"help"})) {
+ print "Guardian $version \n";
+ print "Usage: guardian <optional arguments>\n";
+ print " -c, --config\t\tspecifiy a configuration file other than the default (/etc/guardian/guardian.conf)\n";
+ print " -f, --foreground\trun in the foreground (doesn't fork, any output goes to STDOUT)\n";
+ print " -h, --help\t\tshows this help\n";
+ print " -v, --version\t\tdisplay programm version and exit.\n";
+ exit;
+} elsif (defined($cmdargs{"version"})) {
+ print "Guardian $version \n";
+ exit;
+}
+
+# Read-in the configuration file and store the settings.
+# Push the may be given config file argument.
+my %mainsettings = &Guardian::Config::UseConfig($cmdargs{"config"});
+
# Create the main queue. It is used to store and process all events which are
# reported and enqueued by the worker threads.
my $queue :shared = new Thread::Queue or die "Could not create new, empty queue. $!\n";;
## is starting.
#
sub Init () {
+ # Setup IPC mechanism via Socket in an own thread.
+ threads->create(\&Socket);
+
# Loop through the array of which files should be monitored and
# create a worker thread for each single one.
foreach my $monitored_file (@monitored_files) {
}
}
+#
+## Socket function.
+#
+## This function uses the Socket module to create and listen to an UNIX socket.
+## It automatically accepts all incomming connections and pass the recieved
+## data messages to the the Message_Parser function which is also part of the
+## socket module.
+#
+## If a valid command has been sent through the socket, the corresponding event
+## will be enqueued into the shared event queue.
+#
+sub Socket () {
+ # Create the Server socket by calling the responsible function.
+ my $server = &Guardian::Socket::Server();
+
+ # Accept incomming connections from the socket.
+ while (my $connection = $server->accept()) {
+ # Autoflush the socket after the data
+ # has been recieved.
+ $connection->autoflush(1);
+
+ # Gather all data from the connection.
+ while (my $message = <$connection>) {
+ # Remove any newlines.
+ chomp($message);
+
+ # Send the recieved data message to the
+ # socket parser.
+ my $action = &Guardian::Socket::Message_Parser($message);
+
+ # If the parser returns to perform an action,
+ # add it to the main event queue.
+ if ($action) {
+ # Lock the queue.
+ lock($queue);
+
+ # Enqueue the returned action.
+ $queue->enqueue($action);
+ }
+ }
+ }
+}
+
#
## Function for fileposition initialization.
#
projects / people / stevee / guardian.git / blobdiff