/* Get Windows directory */
static void get_win_dir(char *file, int f_size)
{
ExpandEnvironmentStrings("%WINDIR%", file, f_size);
if (!direxist(file)) {
strncpy(file, "C:\\WINDOWS", f_size);
}
}
void Add_Path(char *s,int warn)
{
int x=0;
char temp[MAX_LINE];
#if 0
temp2[MAX_LINE];
#endif
if (!s)
return;
while (*s && (s[x=strlen(s)-1]==' ' || s[x]=='\t'))
s[x]='\0';
if (*s && s[x] != PATH_DELIM)
{
s[++x]=PATH_DELIM;
s[++x]='\0';
}
#if 0
if (prm.sys_path)
{
if (! (s[1]==':' || *s=='\\' || *s=='/'))
{
strcpy(temp,strings+prm.sys_path);
strcat(temp,s);
}
else strcpy(temp,s);
if (temp[1] != ':')
{
temp2[0]=*(strings+prm.sys_path);
temp2[1]=':';
temp2[2]='\0';
strcat(temp2,temp);
strcpy(temp,temp2);
}
}
else
#endif
strcpy(temp,s);
/* If no path, default to the system path */
if (! *temp)
strcpy(temp, strings+prm.sys_path);
if (warn && !direxist(temp))
{
printf("\nWarning! Path `%s' does not exist!\n",fancy_fn(temp));
Compiling(-1,NULL,NULL);
}
strcpy(s,temp);
}
static void near assert_msgarea(char *path, word type, word killbyage,
word killbynum, word killskip)
{
HAREA ha;
char szPath[PATHLEN];
char szUp[PATHLEN];
dword dwKillByNum = killbynum ? (dword)killbynum : (dword)-1L;
dword dwKillSkip = killskip ? (dword)killskip : (dword)-1L;
dword dwKillByAge = killbyage ? (dword)killbyage : (dword)-1L;
strcpy(szPath, path);
/* Make sure that path does not contain a trailing backslash */
if (strlen(szPath) > 3)
Strip_Trailing(szPath, PATH_DELIM);
if ((ha=MsgOpenArea(szPath, MSGAREA_CRIFNEC, type))==NULL)
{
char *p;
strcpy(szUp, szPath);
if ((p=strrstr(szUp, ":\\/")) != NULL)
*p=0;
if (*szUp && !direxist(szUp))
makedir(szUp);
if ((ha=MsgOpenArea(szPath, MSGAREA_CRIFNEC, type))==NULL)
{
printf("\a\nError creating area %s!\n", path);
Compiling(-1,NULL,NULL);
return;
}
}
/* Set the parameters for a Squish area */
if (type & MSGTYPE_SQUISH)
SquishSetMaxMsg(ha, dwKillByNum, dwKillSkip, dwKillByAge);
MsgCloseArea(ha);
}
int config_dir(char *name, char *dir, char *vfile)
{
FILE *fp;
if (!direxist(dir)) {
return (0);
}
if (dogrep(OSSECCONF, vfile)) {
printf("%s: Log file already configured: '%s'.\n",
name, vfile);
return (1);
}
printf("%s: IIS directory found, but no valid log.\n", name);
printf("%s: You may have it configured in a format different\n"
" than W3C Extended or you just don't have today's\n"
" log available.\n", name);
printf("%s: http://www.ossec.net/en/manual.html#iis\n\n", name);
/* Add IIS config */
fp = fopen(OSSECCONF, "a");
if (!fp) {
printf("%s: Unable to edit configuration file.\n", name);
return (1);
}
fprintf(fp, "\r\n"
"\r\n"
"<!-- IIS log file -->\r\n"
"<ossec_config>\r\n"
" <localfile>\r\n"
" <location>%s</location>\r\n"
" <log_format>iis</log_format>\r\n"
" </localfile>\r\n"
"</ossec_config>\r\n\r\n", vfile);
printf("%s: Action completed.\n", name);
total++;
fclose(fp);
return (1);
}
int Parse_Matrix(FILE *ctlfile)
{
int x,y;
char temp[MAX_LINE], /* Contains entire line */
temp2[MAX_LINE], /* Temporary holding tank */
p[MAX_LINE], /* First word on line */
*s2;
linenum++;
while (fgets(line,MAX_LINE,ctlfile))
{
Strip_Comment(line);
if (*line)
{
strcpy(temp,line);
getword(line,p,ctl_delim,1);
if (! *p)
;
else if (eqstri(p,"end"))
break;
else if (eqstri(p,"address"))
{
if (alias_count==ALIAS_CNT)
{
printf("\n\aToo many network addresses on line %d of CTL file!\n",
linenum);
Compiling(-1,NULL,NULL);
}
else
{
getword(line,p,ctl_delim,2);
prm.address[alias_count].zone=1;
prm.address[alias_count].net=-1;
prm.address[alias_count].node=-1;
prm.address[alias_count].point=0;
Parse_NetNode(p,&prm.address[alias_count].zone,
&prm.address[alias_count].net,
&prm.address[alias_count].node,
&prm.address[alias_count].point);
alias_count++;
}
}
else if (eqstri(p,"gate"))
prm.flags2 |= FLAG2_gate;
else if (eqstri(p,"path"))
{
getword(line,p,ctl_delim,2);
if (eqstri(p,"netinfo"))
{
s2=fchar(line,ctl_delim,3);
Make_Path(prm.net_info,s2);
if (! direxist(strings+prm.net_info))
makedir(strings+prm.net_info);
}
else Unknown_Ctl(linenum,p);
}
else if (eqstri(p,"fidouser"))
{
Make_Filename(prm.fidouser,fchar(line,ctl_delim,2));
}
else if (eqstri(p,"nodelist"))
{
getword(line,p,ctl_delim,2);
if (eqstri(p,"version"))
{
getword(line,p,ctl_delim,3);
if (eqstri(p, "5"))
prm.nlver=NLVER_5;
else if (eqstri(p, "6"))
prm.nlver=NLVER_6;
else if (eqstri(p, "7"))
prm.nlver=NLVER_7;
else if (eqstri(p, "fd"))
prm.nlver=NLVER_FD;
else Unknown_Ctl(linenum,p);
}
else Unknown_Ctl(linenum,p);
}
else if (eqstri(p,"log"))
{
getword(line,p,ctl_delim,2);
if (eqstri(p,"echomail"))
{
prm.flags |= FLAG_log_echo;
getword(line,p,ctl_delim,3);
if (! *p)
{
printf("\n\aError! No EchoToss filename specified on line %d of control file!\n",linenum);
exit(1);
}
Make_Filename(prm.echotoss_name,p);
}
else Unknown_Ctl(linenum,p);
}
else if (eqstri(p,"after"))
{
getword(line,p,ctl_delim,2);
if (eqstri(p,"edit"))
{
getword(line,p,ctl_delim,4);
prm.edit_exit=(char)atoi(p);
}
else if (eqstri(p,"echomail"))
{
getword(line,p,ctl_delim,4);
prm.echo_exit=(char)atoi(p);
}
else if (eqstri(p,"local"))
{
getword(line,p,ctl_delim,4);
prm.local_exit=(char)atoi(p);
}
else Unknown_Ctl(linenum,p);
}
else if (eqstri(p,"message"))
{
getword(line,p,ctl_delim,2);
if (eqstri(p,"show"))
{
getword(line,p,ctl_delim,3);
getword(line,temp2,ctl_delim,5);
if (eqstri(p,"ctl_a"))
prm.ctla_priv=Deduce_Priv(temp2);
else if (eqstri(p,"seenby"))
prm.seenby_priv=Deduce_Priv(temp2);
else if (eqstri(p,"private"))
prm.pvt_priv=Deduce_Priv(temp2);
else Unknown_Ctl(linenum,p);
}
else if (eqstri(p,"send"))
{
getword(line,p,ctl_delim,3);
if (eqstri(p,"unlisted"))
{
getword(line,p,ctl_delim,4);
prm.unlisted_priv=Deduce_Priv(p);
getword(line,p,ctl_delim,5);
prm.unlisted_cost=atoi(p);
}
else Unknown_Ctl(linenum,p);
}
else if (eqstri(p,"edit"))
{
getword(line,p,ctl_delim,3);
if ((x=1,eqstri(p,"ask")) || (x=2,eqstri(p,"assume")))
{
getword(line,p,ctl_delim,4);
if (x==1) /* ASK */
{
x=Deduce_Attribute(p);
getword(line,p,ctl_delim,5);
if (x==-20 && (!p || !*p))
prm.msg_localattach=0;
else
{
y=Deduce_Priv(p);
if (x==-22) /* fromfile */
prm.msg_fromfile=y;
else if (x==-20)
prm.msg_localattach=y;
else
prm.msg_ask[x]=y;
}
}
else /* ASSUME */
{
x=Deduce_Attribute(p);
getword(line,p,ctl_delim,5);
if (x==-20 && (!p || !*p))
prm.msg_localattach=0;
else
{
y=Deduce_Priv(p);
if (x==-22) /* fromfile */
prm.msg_fromfile=y;
else if (x==-20)
prm.msg_localattach=y;
else
prm.msg_assume[x]=y;
}
}
}
else Unknown_Ctl(linenum,p);
}
else Unknown_Ctl(linenum,p);
}
else if (eqstri(p,"app") || eqstri(p,"application"))
;
else Unknown_Ctl(linenum,p);
}
linenum++;
}
linenum++;
return 0;
}
void assert_dir(char *path)
{
if (!direxist(path))
makedir(path);
}
int Parse_Reader(FILE *ctlfile)
{
char temp[MAX_LINE], /* Contains entire line */
p[MAX_LINE]; /* First word on line */
linenum++;
while (fgets(line,MAX_LINE,ctlfile))
{
Strip_Comment(line);
if (*line)
{
strcpy(temp,line);
getword(line,p,ctl_delim,1);
if (! *p)
;
else if (eqstri(p,"end"))
break;
else if (eqstri(p,"archivers"))
{
getword(line,p,ctl_delim,2);
Make_Filename(prm.arc_ctl,p);
}
else if (eqstri(p,"packet"))
{
getword(line,p,ctl_delim,3);
p[8]='\0';
Make_String(prm.olr_name,p);
}
else if (eqstri(p,"work"))
{
getword(line,p,ctl_delim,3);
Make_Path(prm.olr_dir,p);
if (! direxist(p))
makedir(p);
}
else if (eqstri(p,"phone"))
{
Make_String(prm.phone_num, fchar(line, ctl_delim, 3));
}
else if (eqstri(p, "max"))
{
getword(line, p, ctl_delim, 3);
prm.max_pack=(word)atoi(p);
}
else if (eqstri(p,"app") || eqstri(p,"application"))
;
else Unknown_Ctl(linenum,p);
}
linenum++;
}
linenum++;
return 0;
}
