1#!/usr/local/bin/perl -w 2# sysmon_convert: attempt to make a decent sysmon v 0.91 config file from 3# an old config file. 4# 5# Last modified: Sat Dec 22 02:48:12 PST 2001 SWI 6# 7 8$LASTNF = 0; 9$ROOT = 0; 10$ROOTDEP = ""; 11%LABELS = (); 12 13print "config noheartbeat;\n"; 14 15while (<>) { 16 if (/^[;#](.*)/) { print "#$1\n"; next; } 17 if (/^\s*config\s+/i) { print &mangle_config_line($_); next; } 18 if (/^\s+$/) { print; next; } 19 chomp; 20 $device = &parse_line($_); 21 &emit($device); 22} 23 24# /* ex: hostname tcp # desc "spawn" email { } */ 25# /* ex: hostname udp # desc "spawn" email { }*/ 26# /* ex: hostname ping desc "spawn" email { }*/ 27# /* ex: hostname nntp desc "spawn" email { }*/ 28# /* ex: hostname smtp desc "spawn" email { }*/ 29# /* ex: hostname sysmon desc "spawn" email { }*/ 30# /* ex: hostname ssh desc "spawn" email { }*/ 31# /* ex: hostname umichx500 desc "spawn" email { }*/ 32# /* ex: hostname imap user pw desc "spawn" email { }*/ 33# /* ex: hostname pop3 user pw desc "spawn" email { }*/ 34# /* ex: hostname pop2 user pw desc "spawn" email { }*/ 35# /* ex: hostname http /file text desc "spawn" email { }*/ 36# /* ex: hostname radius user pw radsecret email { }*/ 37 38sub mangle_config_line { 39 my $line = $_[0]; 40 my ($type, $path); 41 42 $line =~ s/^\s+//; 43 if ($line =~ m/^config\s+statusfile/i) { 44 $line =~ m#^config\s+statusfile\s+(text|html)\s+(.*)#i; 45 return "config statusfile $1 \"$2\";\n"; 46 } elsif ($line =~ m/^config\s+logging/i) { 47 $line =~ m#^config\s+logging\s+(.*)#i; 48 return "config logging syslog \"$1\";\n"; 49 } elsif ($line =~ m/^config\s+numfailures/i) { 50 $line =~ m#^config\s+numfailures\s+(.*)#i; 51 if ($LASTNF != 0+$1) { 52 $LASTNF= $1; 53 return "config numfailures $1;\n"; 54 } else { 55 return "\n"; # suppressing multiple config-NF 56 } 57 } 58 $line =~ s/$/;/; 59 return $line; 60} 61 62sub parse_line { 63 my $line = $_[0]; 64 my %params = (); 65 66 $line =~ s/^\s+//g; 67 $line =~ s/\s+$//g; 68 if ($line =~ /}$/) { 69 pop (@depstack); return \%params; 70 } else { 71 72 my @tokens = split(/[ \t]+/, $line); 73 if (@tokens) { 74 $params{'host'} = shift(@tokens) || 'UNKNOWN'; 75 $params{'type'} = shift(@tokens) || 'UNKNOWN'; 76 if ($params{'type'} eq 'tcp') { 77 $params{'port'} = shift(@tokens); 78 $params{'desc'} = shift(@tokens); 79 $params{'email'} = shift(@tokens); 80 if ($params{'port'} eq "80") { 81 $params{'type'} = "http"; 82 $params{'url'} = "/"; 83 $params{'urltext'} = "<BODY>"; 84 } 85 } elsif ($params{'type'} eq 'udp') { 86 $params{'port'} = shift(@tokens); 87 $params{'desc'} = shift(@tokens); 88 $params{'email'} = shift(@tokens); 89 } elsif ($params{'type'} eq 'ping') { 90 $params{'desc'} = shift(@tokens); 91 $params{'email'} = shift(@tokens); 92 } elsif ($params{'type'} eq 'nntp') { 93 $params{'desc'} = shift(@tokens); 94 $params{'email'} = shift(@tokens); 95 } elsif ($params{'type'} eq 'smtp') { 96 $params{'desc'} = shift(@tokens); 97 $params{'email'} = shift(@tokens); 98 } elsif ($params{'type'} eq 'imap') { 99 $params{'user'} = shift(@tokens); 100 $params{'pw'} = shift(@tokens); 101 $params{'email'} = shift(@tokens); 102 } elsif ($params{'type'} eq 'pop3') { 103 $params{'user'} = shift(@tokens); 104 $params{'pw'} = shift(@tokens); 105 $params{'email'} = shift(@tokens); 106 } elsif ($params{'type'} eq 'radius') { 107 $params{'user'} = shift(@tokens); 108 $params{'pw'} = shift(@tokens); 109 $params{'radsecret'} = shift(@tokens); 110 $params{'email'} = shift(@tokens); 111 } else { 112 print "# UNKNOWN: $line\n"; 113 %params = (); 114 } 115 } 116 } 117 # 118 # An attempt to make the object labels friendly. 119 # 120 121 if (defined ($params{'host'}) and defined($params{'type'})) { 122 my $label = ""; 123 if (($params{'type'} eq "tcp") or 124 ($params{'type'} eq "udp")) { 125 $label = $params{'desc'}."-".$params{'host'}; 126 if (defined($LABELS{$label})) { 127 $label = $params{'type'}."-".$params{'port'}. 128 "-".$params{'host'}; 129 } 130 } elsif ($params{'type'} eq "ping") { 131 $label = $params{'host'}; 132 if (defined($LABELS{$label})) { 133 $label = $params{'type'}."-".$params{'host'}; 134 } 135 } else { 136 $label = $params{'type'}."-".$params{'host'}; 137 } 138 $params{'label'} = $label; 139 $LABELS{$label} = 1; 140 } 141 if (@depstack) { 142 $params{'depends'} = $depstack[0]; 143 } 144 if ($line =~ m#\s+[{]$#) { push (@depstack, $params{'label'}); } 145 return \%params; 146} 147 148sub emit { 149 my $href = $_[0]; 150 if ($href && defined($href->{'label'})) { 151 if (!$ROOT) { print "\nroot=\"".$href->{'label'}."\";\n\n"; $ROOT=1; 152 $ROOTDEP = $href->{'label'}; 153 } 154 print "object ",$href->{'label'}," {\n"; 155 print "\t",'ip "',$href->{'host'},'";',"\n"; 156 print "\t",'type ',$href->{'type'},';',"\n"; 157 158 if ($href->{'type'} eq 'udp') { 159 print "\t",'port ',$href->{'port'},';',"\n"; 160 } elsif ($href->{'type'} eq 'tcp') { 161 print "\t",'port ',$href->{'port'},';',"\n"; 162 } elsif ($href->{'type'} eq 'imap') { 163 print "\t",'username "',$href->{'user'},'";',"\n"; 164 print "\t",'password "',$href->{'pw'},'";',"\n"; 165 } elsif ($href->{'type'} eq 'pop3') { 166 print "\t",'username "',$href->{'user'},'";',"\n"; 167 print "\t",'password "',$href->{'pw'},'";',"\n"; 168 } elsif ($href->{'type'} eq 'radius') { 169 print "\t",'username "',$href->{'user'},'";',"\n"; 170 print "\t",'password "',$href->{'pw'},'";',"\n"; 171 print "\t",'secret "',$href->{'radsecret'},'";',"\n"; 172 } elsif ($href->{'type'} eq 'http') { 173 print "\t",'url "',$href->{'url'},'";',"\n"; 174 print "\t",'urltext "',$href->{'urltext'},'";',"\n"; 175 } elsif ($href->{'type'} eq 'nntp') { 176 print "\tport 119;\n"; 177 } else { 178 # defaults. 179 } 180 181 if (defined($href->{'depends'})) { 182 print "\t",'dep "',$href->{'depends'},'";',"\n"; 183 } else { 184 print "\t",'dep "',$ROOTDEP,'";',"\n"; 185 } 186 if (defined($href->{'desc'})) { 187 print "\t",'desc "',$href->{'desc'},'";',"\n"; 188 } 189 if (defined($href->{'email'})) { 190 print "\t",'contact "',$href->{'email'},'";',"\n"; 191 } 192 print "};\n"; 193 } 194} 195 196# EOF 197