overriding warninglist enforcement when full URL with resource

slight_refactoring
Sascha Rommelfangen 2018-01-04 16:12:40 +01:00
parent 80413f53b8
commit 316b73644b
1 changed files with 10 additions and 2 deletions

View File

@ -260,6 +260,10 @@ for entry in urllist:
schema = f.get_scheme().decode('utf-8', 'ignore') schema = f.get_scheme().decode('utf-8', 'ignore')
except: except:
schema = False schema = False
try:
resource_path = f.get_resource_path().decode('utf-8', 'ignore')
except:
resource_path = False
if debug: if debug:
syslog.syslog(domainname) syslog.syslog(domainname)
if domainname not in excludelist: if domainname not in excludelist:
@ -279,8 +283,12 @@ for entry in urllist:
if is_valid_ipv4_address(hostname): if is_valid_ipv4_address(hostname):
add_attribute(new_event, 'url', entry, 'Network activity', False, enforcewarninglist, sighting) add_attribute(new_event, 'url', entry, 'Network activity', False, enforcewarninglist, sighting)
else: else:
add_attribute(new_event, 'url', entry, 'Network activity', ids_flag, enforcewarninglist, if resource_path:
sighting, comment=comment) add_attribute(new_event, 'url', entry, 'Network activity', ids_flag, False,
sighting, comment=comment)
else:
add_attribute(new_event, 'url', entry, 'Network activity', ids_flag, enforcewarninglist,
sighting, comment=comment)
if debug: if debug:
syslog.syslog(hostname) syslog.syslog(hostname)
try: try: