uprava nazvu promennych podle code policy

6dc7cb60 · Tomáš Plesník · 4282259d · 6dc7cb60 · 6dc7cb60
Commit 6dc7cb60 authored 10 years ago by Tomáš Plesník
--- a/src/warden-server/etc/warden-watchdog.conf.tmpl
+++ b/src/warden-server/etc/warden-watchdog.conf.tmpl
@@ -6,29 +6,24 @@
 # Use of this source is governed by a BSD-style license, see LICENSE file.

 #-------------------------------------------------------------------------------
-# domain_name - server full domain name
+# DOMAIN_NAME - server full domain name
 #-------------------------------------------------------------------------------
-$domain_name = "_HOSTNAME_";
+$DOMAIN_NAME = "_DOMAIN_NAME_";

 #-------------------------------------------------------------------------------
-# contact - contact to server administrator
+# EMAIL_SUBJECT - subject of an report for Warden watchdog script
 #-------------------------------------------------------------------------------
-$contact = "_CONTACT_";
+$EMAIL_SUBJECT = "Database check of a Warden server ($DOMAIN_NAME)";

 #-------------------------------------------------------------------------------
-# email_subject - ...
+# EMAIL_SERVER_CONF - path and params of an email server for reports sending
 #-------------------------------------------------------------------------------
-$email_subject = "Database check of a Warden server ($domain_name)";
+$EMAIL_SERVER_CONF = '|/usr/sbin/sendmail -oi -t';

 #-------------------------------------------------------------------------------
-# email_server_conf - path and params of an email server for reports sending
+# SQL_PRECONDITION - array of procedures which are executed "before" main action
 #-------------------------------------------------------------------------------
-$email_server_conf = '|/usr/sbin/sendmail -oi -t';
-
-#-------------------------------------------------------------------------------
-# sql_precondition - array of procedures which are executed "before" main action
-#-------------------------------------------------------------------------------
-@sql_precondition = ('DROP FUNCTION IF EXISTS iptest;', 'CREATE FUNCTION iptest(ip VARCHAR(15)) RETURNS TINYINT(1) DETERMINISTIC
+@SQL_PRECONDITION = ('DROP FUNCTION IF EXISTS iptest;', 'CREATE FUNCTION iptest(ip VARCHAR(15)) RETURNS TINYINT(1) DETERMINISTIC
 BEGIN
 SET @nip = INET_ATON(ip);
 IF(
@@ -55,7 +50,7 @@ BEGIN
 END;');

 #-------------------------------------------------------------------------------
-# sql_queries - array of hashes of actions for the WardenWatchdog script.
+# SQL_QUERIES - array of hashes of actions for the WardenWatchdog script.
 #               Each action has three followin parts:
 #               query   => sql query of an action (check) on Warden database
 #               text    => body of an email which is send to a admin of an client
@@ -63,13 +58,13 @@ END;');
 #               contact => contact for message, which overrides contact collumn
 #                          in a database table.
 #-------------------------------------------------------------------------------
-@sql_queries = (
- {query => "SELECT hostname, service, MAX(received) FROM events WHERE valid = 't' GROUP BY hostname, service ORDER BY MAX(received) ASC;", text => "These clients do not report any events for a long time. It is possible, that they are misconfigured or not running.", contact => "$contact"},
- {query => "SELECT clients.* FROM clients JOIN events ON clients.service=events.service WHERE events.detected > '$date' AND NOT FIND_IN_SET(events.type, 'portscan,bruteforce,probe,spam,phishing,botnet_c_c,dos,malware,copyright,webattack,test,other') AND events.valid = 't' GROUP BY requestor;", text => "Following client(s) report unsupported or obsolete type of event to a Warden server.", contact => "$contact"},
- {query => "SELECT hostname, service, type, COUNT(*) FROM events WHERE detected - received > 0 AND received > '$date' GROUP BY hostname, service, type;", text => "Following client(s) report events to a Warden server with a timestamp from future. Server timestamp (received) has to be always greater or equal to a timestam of detection.", contact => "$contact"},
- {query => "SELECT hostname, service, received, source, count(source) AS c, min(received), max(received) FROM events WHERE valid = 't' AND source_type = 'IP' AND iptest(source) GROUP BY hostname, service, source ORDER BY c DESC;", text => "Following client(s) report events to a Warden server with a private or invalid IPv4 address.", contact => "$contact"});
+@SQL_QUERIES = (
+ {query => "SELECT hostname, service, MAX(received) FROM events WHERE valid = 't' GROUP BY hostname, service ORDER BY MAX(received) ASC;", text => "These clients do not report any events for a long time. It is possible, that they are misconfigured or not running.", contact => "jakubcegan@cesnet.cz, ph@cesnet.cz"},
+ {query => "SELECT clients.* FROM clients JOIN events ON clients.service=events.service WHERE events.detected > '$date' AND NOT FIND_IN_SET(events.type, 'portscan,bruteforce,probe,spam,phishing,botnet_c_c,dos,malware,copyright,webattack,test,other') AND events.valid = 't' GROUP BY requestor;", text => "Following client(s) report unsupported or obsolete type of event to a Warden server.", contact => "jakubcegan@cesnet.cz, ph@cesnet.cz"},
+ {query => "SELECT hostname, service, type, COUNT(*) FROM events WHERE detected - received > 0 AND received > '$date' GROUP BY hostname, service, type;", text => "Following client(s) report events to a Warden server with a timestamp from future. Server timestamp (received) has to be always greater or equal to a timestam of detection.", contact => "jakubcegan@cesnet.cz, ph@cesnet.cz"},
+ {query => "SELECT hostname, service, received, source, count(source) AS c, min(received), max(received) FROM events WHERE valid = 't' AND source_type = 'IP' AND iptest(source) GROUP BY hostname, service, source ORDER BY c DESC;", text => "Following client(s) report events to a Warden server with a private or invalid IPv4 address.", contact => "jakubcegan@cesnet.cz, ph@cesnet.cz"});

 #-------------------------------------------------------------------------------
-# sql_postcondition - array of procedures which are executed "after" main action
+# SQL_POSTCONDITION - array of procedures which are executed "after" main action
 #-------------------------------------------------------------------------------
-@sql_postcondition = ('DROP FUNCTION IF EXISTS iptest;');
+@SQL_POSTCONDITION = ('DROP FUNCTION IF EXISTS iptest;');
--- a/src/warden-server/etc/warden-watchdog.conf.tmpl.update
+++ b/src/warden-server/etc/warden-watchdog.conf.tmpl.update
@@ -6,29 +6,24 @@
 # Use of this source is governed by a BSD-style license, see LICENSE file.

 #-------------------------------------------------------------------------------
-# domain_name - server full domain name
+# DOMAIN_NAME - server full domain name
 #-------------------------------------------------------------------------------
-$domain_name = "_HOSTNAME_";
+$DOMAIN_NAME = "_DOMAIN_NAME_";

 #-------------------------------------------------------------------------------
-# contact - contact to server administrator
+# EMAIL_SUBJECT - subject of an report for Warden watchdog script
 #-------------------------------------------------------------------------------
-$contact = "_CONTACT_";
+$EMAIL_SUBJECT = "_EMAIL_SUBJECT_";

 #-------------------------------------------------------------------------------
-# email_subject - ...
+# EMAIL_SERVER_CONF - path and params of an email server for reports sending
 #-------------------------------------------------------------------------------
-$email_subject = "_EMAIL_SUBJECT_";
+$EMAIL_SERVER_CONF = '_EMAIL_SERVER_CONF_';

 #-------------------------------------------------------------------------------
-# email_server_conf - path and params of an email server for reports sending
+# SQL_PRECONDITION - array of procedures which are executed "before" main action
 #-------------------------------------------------------------------------------
-$email_server_conf = "_EMAIL_SERVER_CONF_";
-
-#-------------------------------------------------------------------------------
-# sql_precondition - array of procedures which are executed "before" main action
-#-------------------------------------------------------------------------------
-@sql_precondition = ('DROP FUNCTION IF EXISTS iptest;', 'CREATE FUNCTION iptest(ip VARCHAR(15)) RETURNS TINYINT(1) DETERMINISTIC
+@SQL_PRECONDITION = ('DROP FUNCTION IF EXISTS iptest;', 'CREATE FUNCTION iptest(ip VARCHAR(15)) RETURNS TINYINT(1) DETERMINISTIC
 BEGIN
 SET @nip = INET_ATON(ip);
 IF(
@@ -55,7 +50,7 @@ BEGIN
 END;');

 #-------------------------------------------------------------------------------
-# sql_queries - array of hashes of actions for the WardenWatchdog script.
+# SQL_QUERIES - array of hashes of actions for the WardenWatchdog script.
 #               Each action has three followin parts:
 #               query   => sql query of an action (check) on Warden database
 #               text    => body of an email which is send to a admin of an client
@@ -63,13 +58,13 @@ END;');
 #               contact => contact for message, which overrides contact collumn
 #                          in a database table.
 #-------------------------------------------------------------------------------
-@sql_queries = (
- {query => "SELECT hostname, service, MAX(received) FROM events WHERE valid = 't' GROUP BY hostname, service ORDER BY MAX(received) ASC;", text => "These clients do not report any events for a long time. It is possible, that they are misconfigured or not running.", contact => "$contact"},
- {query => "SELECT clients.* FROM clients JOIN events ON clients.service=events.service WHERE events.detected > '$date' AND NOT FIND_IN_SET(events.type, 'portscan,bruteforce,probe,spam,phishing,botnet_c_c,dos,malware,copyright,webattack,test,other') AND events.valid = 't' GROUP BY requestor;", text => "Following client(s) report unsupported or obsolete type of event to a Warden server.", contact => "$contact"},
- {query => "SELECT hostname, service, type, COUNT(*) FROM events WHERE detected - received > 0 AND received > '$date' GROUP BY hostname, service, type;", text => "Following client(s) report events to a Warden server with a timestamp from future. Server timestamp (received) has to be always greater or equal to a timestam of detection.", contact => "$contact"},
- {query => "SELECT hostname, service, received, source, count(source) AS c, min(received), max(received) FROM events WHERE valid = 't' AND source_type = 'IP' AND iptest(source) GROUP BY hostname, service, source ORDER BY c DESC;", text => "Following client(s) report events to a Warden server with a private or invalid IPv4 address.", contact => "$contact"});
+@SQL_QUERIES = (
+ {query => "SELECT hostname, service, MAX(received) FROM events WHERE valid = 't' GROUP BY hostname, service ORDER BY MAX(received) ASC;", text => "These clients do not report any events for a long time. It is possible, that they are misconfigured or not running.", contact => "jakubcegan@cesnet.cz, ph@cesnet.cz"},
+ {query => "SELECT clients.* FROM clients JOIN events ON clients.service=events.service WHERE events.detected > '$date' AND NOT FIND_IN_SET(events.type, 'portscan,bruteforce,probe,spam,phishing,botnet_c_c,dos,malware,copyright,webattack,test,other') AND events.valid = 't' GROUP BY requestor;", text => "Following client(s) report unsupported or obsolete type of event to a Warden server.", contact => "jakubcegan@cesnet.cz, ph@cesnet.cz"},
+ {query => "SELECT hostname, service, type, COUNT(*) FROM events WHERE detected - received > 0 AND received > '$date' GROUP BY hostname, service, type;", text => "Following client(s) report events to a Warden server with a timestamp from future. Server timestamp (received) has to be always greater or equal to a timestam of detection.", contact => "jakubcegan@cesnet.cz, ph@cesnet.cz"},
+ {query => "SELECT hostname, service, received, source, count(source) AS c, min(received), max(received) FROM events WHERE valid = 't' AND source_type = 'IP' AND iptest(source) GROUP BY hostname, service, source ORDER BY c DESC;", text => "Following client(s) report events to a Warden server with a private or invalid IPv4 address.", contact => "jakubcegan@cesnet.cz, ph@cesnet.cz"});

 #-------------------------------------------------------------------------------
-# sql_postcondition - array of procedures which are executed "after" main action
+# SQL_POSTCONDITION - array of procedures which are executed "after" main action
 #-------------------------------------------------------------------------------
-@sql_postcondition = ('DROP FUNCTION IF EXISTS iptest;');
+@SQL_POSTCONDITION = ('DROP FUNCTION IF EXISTS iptest;');