1#! /usr/bin/perl 2 3# Copyright Rainer Wichmann (2004) 4# 5# License Information: 6# This program is free software; you can redistribute it and/or modify 7# it under the terms of the GNU General Public License as published by 8# the Free Software Foundation; either version 2 of the License, or 9# (at your option) any later version. 10# 11# This program is distributed in the hope that it will be useful, 12# but WITHOUT ANY WARRANTY; without even the implied warranty of 13# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14# GNU General Public License for more details. 15# 16# You should have received a copy of the GNU General Public License 17# along with this program; if not, write to the Free Software 18# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 19# 20 21use warnings; 22use strict; 23 24my $fno = 0; 25my $file = ''; 26my @last2 = (); 27my $line = ''; 28 29sub usage () { 30 print "Usage: concat.pl <list_of_database_files>\n\n"; 31 print " Will concatenate samhain file signature database files\n"; 32 print " and print to stdout.\n"; 33 print " Does not work on signed or otherwise modified\n"; 34 print " file signature databases.\n"; 35} 36 37if ($#ARGV < 0) { # must be at least one file 38 usage(); 39 exit 1; 40} elsif ($ARGV[0] =~ /^-h$/ || $ARGV[0] =~ /^--?help$/) { 41 usage(); 42 exit 0; 43} 44 45 46for $file (@ARGV) { 47 open FH, "< $file" or die "Cannot open $file: $!"; 48 if ($fno != 0) { # search and read past the start-of-file marker 49 while (<FH>) { 50 last if ($_ =~ /^\[SOF\]$/); 51 } 52 } 53 @last2 = (); 54 while (<FH>) { 55 push @last2, $_; 56 if (@last2 > 2) { 57 $line = shift @last2; 58 print $line; 59 } 60 } 61 close FH; 62 ++$fno; 63} 64 65# last two lines of last file 66$line = shift @last2; 67print $line; 68$line = shift @last2; 69print $line; 70