diff options
| author |   Janik Kleinhoff <janik@kleinhoff.de> | 2015-09-24 01:32:11 +0000 |
|---|---|---|
| committer | Janik Kleinhoff <janik@kleinhoff.de> | 2015-09-24 01:32:11 +0000 |
| commit | 9b472795d26cd93d1bb58488ef60a062f5237295 (patch) | |
| tree | 8572778595d145176e720a1b7168c73adbd64ed4 /modules/inspect.pl | |
| parent | b93c3a24f14e0f64bc46b4945a65ae1bba62dc12 (diff) | |
Rework module paths
Diffstat (limited to 'modules/inspect.pl')
| -rw-r--r-- | modules/inspect.pl | 101 |
1 files changed, 0 insertions, 101 deletions
diff --git a/modules/inspect.pl b/modules/inspect.pl deleted file mode 100644 index df515dc..0000000 --- a/modules/inspect.pl +++ /dev/null @@ -1,101 +0,0 @@ -package ASM::Inspect; -use warnings; -use strict; -use feature qw(say); - -use Data::Dumper; -#use List::Util qw(first); -use String::Interpolate qw(interpolate); -use Carp qw(cluck); - -%::ignored = (); -sub new -{ - my $module = shift; - my $self = {}; - bless($self); - return $self; -} - -sub inspect { - our ($self, $conn, $event, $response) = @_; - my (%aonx, %dct, $rev, $chan, $id); - %aonx=(); %dct=(); $chan=""; $id=""; - my (@dnsbl, @uniq); - my ($match, $txtz, $iaddr); - my @override = []; - my $nick = lc $event->{nick}; - my $xresult; - return if (index($nick, ".") != -1); - if ( $event->{host} =~ /gateway\/web\// ) { - if ( $event->{user} =~ /([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})/ ) { - $rev = sprintf("%d.%d.%d.%d.", hex($4), hex($3), hex($2), hex($1)); - } - } - if ( (!defined($rev)) && ($event->{type} eq 'join') ) { -# Only doing DNS lookups for join events will mean that DNSBL will break if we try to do it on something other than joins, -# But it also means we cut back on the DNS lookups by a metric shitton - $iaddr = gethostbyname($event->{host}) if ($event->{host} !~ /\//); - $rev = join('.', reverse(unpack('C4', $iaddr))).'.' if (defined $iaddr); - } - ## NB: isn't there a better way to do this with grep, somehow? - %aonx = %{$::rules->{event}}; - foreach $chan ( @{$event->{to}} ) { - # don't do anything for channels we haven't synced yet - # because we can't yet respect stuff like notrigger for these - next unless $::synced{lc $chan}; - next unless $chan =~ /^#/; - next if ((defined($::channels->{channel}->{$chan}->{monitor})) and ($::channels->{channel}->{$chan}->{monitor} eq "no")); - foreach $id (keys %aonx) { - next unless ( grep { $event->{type} eq $_ } split(/[,:; ]+/, $aonx{$id}{type}) ); - if (defined($response)) { - if ($aonx{$id}{class} ne 'urlcrunch') { next; } #don't run our regular checks if this is being called from a URL checking function - else { $xresult = $::classes->check($aonx{$id}{class}, $aonx{$id}, $id, $event, $chan, $response); } - } - else { - $xresult = $::classes->check($aonx{$id}{class}, $aonx{$id}, $id, $event, $chan, $rev); # this is another bad hack done for dnsbl-related stuff - } - next unless (defined($xresult)) && ($xresult ne 0); - ASM::Util->dprint(Dumper($xresult), 'inspector'); - $dct{$id} = $aonx{$id}; - $dct{$id}{xresult} = $xresult; - } - } - foreach ( keys %dct ) { - if ( defined $dct{$_}{override} ) { - push( @override, split( /[ ,;]+/, $dct{$_}{override} ) ); - } - } - delete $dct{$_} foreach @override; - my $evcontent = $event->{args}->[0]; - my $evhost = $event->{host}; - foreach $chan (@{$event->{to}}) { - foreach $id ( keys %dct ) { - return unless (ASM::Util->notRestricted($nick, "notrigger") && ASM::Util->notRestricted($nick, "no$id")); - $xresult = $dct{$id}{xresult}; - my $nicereason = interpolate($dct{$id}{reason}); - if (defined $::db) { - $::db->record($chan, $event->{nick}, $event->{user}, $event->{host}, $::sn{lc $event->{nick}}->{gecos}, $dct{$id}{risk}, $id, $nicereason); - } - $txtz = "\x03" . $::RCOLOR{$::RISKS{$dct{$id}{risk}}} . "\u$dct{$id}{risk}\x03 risk threat [\x02$chan\x02] - ". - "\x02$event->{nick}\x02 - ${nicereason}; ping "; - $txtz = $txtz . ASM::Util->commaAndify(ASM::Util->getAlert(lc $chan, $dct{$id}{risk}, 'hilights')) if (ASM::Util->getAlert(lc $chan, $dct{$id}{risk}, 'hilights')); - $txtz = $txtz . ' !att-' . $chan . '-' . $dct{$id}{risk}; - if ($id eq 'last_measure_regex') { #TODO: Note that this is another example of things that shouldn't be hardcoded, but are. - - } - if ( - (!(defined($::ignored{$chan}) && ($::ignored{$chan} >= $::RISKS{$dct{$id}{risk}}))) || - (($::pacealerts == 0) && ($dct{$id}{risk} eq 'info')) - ) { - my @tgts = ASM::Util->getAlert($chan, $dct{$id}{risk}, 'msgs'); - ASM::Util->sendLongMsg($conn, \@tgts, $txtz); - $conn->schedule(45, sub { delete($::ignored{$chan}) if $::ignored{$chan} == $::RISKS{$dct{$id}{risk}} }); - $::ignored{$chan} = $::RISKS{$dct{$id}{risk}}; - } - $::log->incident($chan, "$chan: $dct{$id}{risk} risk: $event->{nick} - $nicereason\n"); - } - } -} - -1; |