From aedc1712646e573b5ab9fb98a28ef8403a6e60ba Mon Sep 17 00:00:00 2001 From: Jean-Louis Huynen Date: Mon, 3 Jun 2019 16:31:25 +0200 Subject: [PATCH] new: [dev] initial commit --- LICENCE | 22 +++++++ balboa.go | 124 ++++++++++++++++++++++++++++++++++++++ conf.sample/balboa_socket | 1 + conf.sample/redis | 1 + conf.sample/redis_queue | 1 + go.mod | 8 +++ go.sum | 5 ++ 7 files changed, 162 insertions(+) create mode 100644 LICENCE create mode 100644 balboa.go create mode 100644 conf.sample/balboa_socket create mode 100644 conf.sample/redis create mode 100644 conf.sample/redis_queue create mode 100644 go.mod create mode 100644 go.sum diff --git a/LICENCE b/LICENCE new file mode 100644 index 0000000..0feaa58 --- /dev/null +++ b/LICENCE @@ -0,0 +1,22 @@ +MIT License + +Copyright (C) 2018 Jean-Louis Huynen +Copyright (C) 2018 CIRCL - Computer Incident Response Center Luxembourg (SMILE gie) + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. \ No newline at end of file diff --git a/balboa.go b/balboa.go new file mode 100644 index 0000000..e240a08 --- /dev/null +++ b/balboa.go @@ -0,0 +1,124 @@ +package main + +import ( + "flag" + "fmt" + "log" + "net" + "os" + "os/signal" + "strconv" + "errors" + "strings" + + "github.com/D4-project/d4-golang-utils/config" + "github.com/gomodule/redigo/redis" +) + +type ( + conf struct { + redisHost string + redisPort string + redisDB int + redisQueue string + balboaSocket string + } +) + +var ( + confdir = flag.String("c", "conf.sample", "configuration directory") + connectRedis = true + cr redis.Conn +) + +func main() { + // Control Chan + s := make(chan os.Signal, 1) + signal.Notify(s, os.Interrupt, os.Kill) + + // Usage and flags + flag.Usage = func() { + fmt.Printf("analyzer-d4-balboa - export D4 Type 8 to Balboa UNIX socket:\n\n") + fmt.Printf("\n") + fmt.Printf("Usage:\n\n analyzer-d4-balboa -c config_directory\n") + fmt.Printf("\n") + fmt.Printf("Configuration:\n\n") + fmt.Printf(" The configuration settings are stored in files in the configuration directory\n") + fmt.Printf(" specified with the -c command line switch.\n\n") + fmt.Printf("Files in the configuration directory:\n") + fmt.Printf("\n") + fmt.Printf(" redis - d4 server\n") + fmt.Printf(" | host:port/db\n") + fmt.Printf(" redis_queue - type and uuid of the redis queue\n") + fmt.Printf(" | type:uuid \n") + fmt.Printf(" balboa_socket - socket file to balboa\n") + fmt.Printf(" | /tmp/balboa.sock\n") + fmt.Printf("\n") + flag.PrintDefaults() + } + + // Config + c := conf{} + flag.Parse() + if flag.NFlag() == 0 || *confdir == "" { + flag.Usage() + os.Exit(1) + } else { + *confdir = strings.TrimSuffix(*confdir, "/") + *confdir = strings.TrimSuffix(*confdir, "\\") + } + + // Parse Redis Config + tmp := config.ReadConfigFile(*confdir, "redis") + ss := strings.Split(string(tmp), "/") + if len(ss) <= 1 { + log.Fatal("Missing Database in Redis config: should be host:port/database_name") + } + c.redisDB, _ = strconv.Atoi(ss[1]) + var ret bool + ret, ss[0] = config.IsNet(ss[0]) + if !ret { + sss := strings.Split(string(ss[0]), ":") + c.redisHost = sss[0] + c.redisPort = sss[1] + } + c.redisQueue = string(config.ReadConfigFile(*confdir, "redis_queue")) + c.balboaSocket = string(config.ReadConfigFile(*confdir, "balboa_socket")) + //TODO: handle empty ... + + initRedis(c.redisHost, c.redisPort, c.redisDB) + defer cr.Close() + cs, err := net.Dial("unix", c.balboaSocket) + //defer cs.Close() + if err != nil { + panic(err) + } + // pop redis queue + for { + dnsLine, err := redis.String(cr.Do("LPOP", "analyzer:"+c.redisQueue)) + if err != nil { + log.Fatal("Queue processed") + } + // Write in Balboa socket + cs.Write([]byte(dnsLine)) + //TODO: Check that it works... + + // Exit Signal Handle + select { + case <-s: + fmt.Println("Exiting...") + os.Exit(0) + default: + continue + } + } + +} + +func initRedis(host string, port string, d int) { + err := errors.New("") + cr, err = redis.Dial("tcp", host+":"+port, redis.DialDatabase(d)) + if err != nil { + panic(err) + } +} diff --git a/conf.sample/balboa_socket b/conf.sample/balboa_socket new file mode 100644 index 0000000..a3c69fa --- /dev/null +++ b/conf.sample/balboa_socket @@ -0,0 +1 @@ +/tmp/balboa.sock diff --git a/conf.sample/redis b/conf.sample/redis new file mode 100644 index 0000000..5d6f103 --- /dev/null +++ b/conf.sample/redis @@ -0,0 +1 @@ +localhost:6380/2 diff --git a/conf.sample/redis_queue b/conf.sample/redis_queue new file mode 100644 index 0000000..575de5b --- /dev/null +++ b/conf.sample/redis_queue @@ -0,0 +1 @@ +8:9730f-d70f-447e-8661-4a9143ad40ff diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..e5388c9 --- /dev/null +++ b/go.mod @@ -0,0 +1,8 @@ +module github.com/D4-project/analyzer-d4-balboa + +go 1.12 + +require ( + github.com/D4-project/d4-golang-utils v0.0.0-20190603131519-c10ee092655c // indirect + github.com/gomodule/redigo v2.0.0+incompatible // indirect +) diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..165f901 --- /dev/null +++ b/go.sum @@ -0,0 +1,5 @@ +github.com/D4-project/d4-golang-utils v0.0.0-20190603131519-c10ee092655c h1:NfASgeIzH3ULEOYgDZwZCmq+C+LgrcSBOzNLsWT+RAc= +github.com/D4-project/d4-golang-utils v0.0.0-20190603131519-c10ee092655c/go.mod h1:2rq8KBQnNNDocwc/49cnpaqoQA/komoSHKom7ynvqJc= +github.com/gofrs/uuid v3.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= +github.com/gomodule/redigo v2.0.0+incompatible h1:K/R+8tc58AaqLkqG2Ol3Qk+DR/TlNuhuh457pBFPtt0= +github.com/gomodule/redigo v2.0.0+incompatible/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=