/
usr
/
local
/
lp
/
apps
/
malre
/
scripts
/
File Upload :
llllll
Current File: //usr/local/lp/apps/malre/scripts/stats.pm
use warnings; use strict; my $fh_out; sub fn_open_stats { my $v_file = $_[0]; $fh_out = fn_get_lock($v_file); return $fh_out; } sub fn_close_stats { my $v_file = $_[0]; fn_release_lock($v_file); undef $fh_out; } =pod ### "lines" separated by numm characters instead of new-line characters line 0 - Actual File name line 1 - the type of scan that detected this file line 2 - file stats [PERMISSIONS] -- [USER] -- [GROUP] -- [SIZE] -- [MTIME] -- [CTIME] -- [TIME AT WHICH STATS WERE COLLECTED] If the file does ot exist, just the time that we attempted to collect stats line 3 - details about the file For Maldet and checkers, this is the details of the signature that was matched For Symlink directories, this is the number of symlinks that were found All else left blank line 4 - Whether it's a symlink, file, or directory left blank if it does not exist line 5 - Left Blank - Reserved for future use =cut sub fn_report_file { ### $_[0] = the name of the file ### $_[1] = the type of scan that found the file ### $_[2] = Stats for the file, plus the time at which the stats were gathered (leave blank if stats need to be collected) ### $_[3] = scan details (from maldet, checkers, and symlink directories only ### $_[4] = (optional) a file to open, write to, and close ### Instead of separating these with new lines, we separate these with null characters, thus newlines in filenames won't hinder us my $v_file = $_[0]; my $v_type = ( $_[1] || '' ); my $v_stats = ( $_[2] || '' ); my $v_details = ( $_[3] || '' ); my $f_open = ( $_[4] || '' ); ### Gets stats for the file my @v_stats; if ( -e $v_file && ! $v_stats ) { if ( -l $v_file ) { @v_stats = (lstat( $v_file ))[2,4,5,7,9,10]; } else { @v_stats = (stat( $v_file ))[2,4,5,7,9,10]; } ### Get the current time stamp as well $v_stats[0] = sprintf "%04o", $v_stats[0] & 07777; } else { @v_stats = split( m/ -- /, $v_stats ); } push( @v_stats, time() ); $v_stats = join( ' -- ', @v_stats ); ### Get the file type my $v_filetype; if ( -e $v_file ) { if ( -l $v_file ) { $v_filetype = 'l'; } elsif ( -d $v_file ) { $v_filetype = 'd'; } elsif ( -f $v_file ) { $v_filetype = 'f'; } else { $v_filetype = '?'; } } else { $v_filetype = ''; } ### Record it if ( defined $fh_out ) { ### Print to a file handle that's already open seek( $fh_out, 0, 2 ); print $fh_out $v_file . "\000" . $v_type . "\000" . $v_stats . "\000" . $v_details . "\000" . $v_filetype . "\000\000"; } elsif ( defined $f_open ) { ### Open a file, print to it, and close fn_open_stats($f_open); seek( $fh_out, 0, 2 ); print $fh_out $v_file . "\000" . $v_type . "\000" . $v_stats . "\000" . $v_details . "\000" . $v_filetype . "\000\000"; fn_close_stats($f_open); } else { ### Print to standard out print $v_file . "\000" . $v_type . "\000" . $v_stats . "\000" . $v_details . "\000" . $v_filetype . "\000\000"; } } =pod ### Structure for the temporary reference object $ref_report->[$num]->{'path'} <- The full path to the file $ref_report->[$num]->{'perms'} <- permissions in 4 digit format $ref_report->[$num]->{'user'} <- user in numerical format $ref_report->[$num]->{'group'} <- group in numerical format $ref_report->[$num]->{'size'} <- size in bytes $ref_report->[$num]->{'mtime'} <- mtime in epoch format $ref_report->[$num]->{'ctime'} <- ctime in epoch format $ref_report->[$num]->{'stamp'} <- the time at which the stats of the file were collected $ref_report->[$num]->{'type'} <- The type of scan that detected the file $ref_report->[$num]->{'details'} <- details from the scan that captured the file (if any) $ref_report->[$num]->{'ftype'} <- whether it was a file or directory =cut sub fn_report_to_json { my $f_report = $_[0]; my $ref_report; fn_open_stats($f_report); my $temp = $/; $/ = "\000"; seek( $fh_out, 0, 0 ); ### Parse out each set of lines my $v_count = 0; my $num; while ( <$fh_out> ) { my $_line = $_; chomp( $_line ); if ( $v_count == 0 ) { ### Increase the number for the array item $num = scalar @{ $ref_report }; ### The name of the file $ref_report->[$num]->{'path'} = $_line; } elsif ( $v_count == 1 ) { ### the scan that identified the file $ref_report->[$num]->{'type'} = $_line; } elsif ( $v_count == 2 ) { ### Stats for the file if ( $_line =~ m/ -- / ) { ( my $perms, my $user, my $group, my $size, my $mtime, my $ctime, my $stamp ) = split( m/ -- /, $_line ); $ref_report->[$num]->{'perms'} = $perms; $ref_report->[$num]->{'user'} = $user; $ref_report->[$num]->{'group'} = $group; $ref_report->[$num]->{'size'} = $size; $ref_report->[$num]->{'mtime'} = $mtime; $ref_report->[$num]->{'ctime'} = $ctime; $ref_report->[$num]->{'stamp'} = $stamp; } else { $ref_report->[$num]->{'perms'} = ''; $ref_report->[$num]->{'user'} = ''; $ref_report->[$num]->{'group'} = ''; $ref_report->[$num]->{'size'} = ''; $ref_report->[$num]->{'mtime'} = ''; $ref_report->[$num]->{'ctime'} = $_line; $ref_report->[$num]->{'stamp'} = $_line; } } elsif ( $v_count == 3 ) { ### Details on why the file or directory was listed if ( $_line =~ m/./ ) { $ref_report->[$num]->{'details'} = $_line; } else { $ref_report->[$num]->{'details'} = ''; } } elsif ( $v_count == 4 ) { ### Whether it was a file or directory $ref_report->[$num]->{'ftype'} = $_line; } elsif ( $v_count == 5 ) { ### Left blank for future use } $v_count++; if ( $v_count == 6 ) { $v_count = 0; } } $/ = $temp; ### overwrite the file if ( $v_count != 0 ) { print STDERR "Unexpected number of lines in " . $f_report . "\n"; } open( my $fh, '>', $f_report ) or die "Cannot open " . $f_report . ": $!"; close( $fh ); fn_close_stats($f_report); return $ref_report; } 1;
Copyright ©2k19 -
Hexid
|
Tex7ure