From 230e9903da6d2efc7398287bd9c956e8dd43e945 Mon Sep 17 00:00:00 2001 From: "Julien (jvoisin) Voisin" Date: Wed, 25 May 2016 13:48:36 +0200 Subject: [PATCH] Fix some warnings --- nxapi/nxlog.py | 3 ++- nxapi/processing.py | 2 +- nxapi/rules.py | 2 +- nxapi/whitelist.py | 4 ++-- setup.py | 2 +- tests/test_nxlog.py | 8 ++++---- tests/test_processing.py | 34 +++++++++++++++++----------------- tests/test_rules.py | 12 ++++++------ tests/test_whitelist.py | 5 +++-- 9 files changed, 37 insertions(+), 35 deletions(-) diff --git a/nxapi/nxlog.py b/nxapi/nxlog.py index 4cc404c..f60f81b 100644 --- a/nxapi/nxlog.py +++ b/nxapi/nxlog.py @@ -4,6 +4,7 @@ from urllib.parse import parse_qs import re + def parse_nxlog(nxlog): """ @@ -22,7 +23,7 @@ def parse_nxlog(nxlog): end = nxlog.find(", ") if end < 0: - errors.append('%s is an invalid extlog, string "," not found.' %nxlog) + errors.append('%s is an invalid extlog, string "," not found.' % nxlog) return errors, ret # Flatten the dict, since parse_qs is a bit annoying diff --git a/nxapi/processing.py b/nxapi/processing.py index 59e0381..edb56b9 100644 --- a/nxapi/processing.py +++ b/nxapi/processing.py @@ -22,7 +22,7 @@ def check_whitelist(rule, nxlog): if pcre.match(mz_var, nxlog['var_name%d' % nb], pcre.I) and nxlog_zone == mz_zone[1:-6]: matched = True elif nxlog['var_name%d' % nb] == mz_var and nxlog_zone == mz_zone[1:-4]: - matched = True + matched = True elif nxlog_zone in mz: # zone without argument matched = True diff --git a/nxapi/rules.py b/nxapi/rules.py index 4e11749..906ab35 100644 --- a/nxapi/rules.py +++ b/nxapi/rules.py @@ -97,7 +97,7 @@ def parse_rule(full_str): errors.append('No closing quotation in your rule') return errors, warnings, ret - duplicate = [k for k,v in collections.Counter(split).items() if v > 1] + duplicate = [k for k, v in collections.Counter(split).items() if v > 1] if duplicate: errors.append("Duplicates elements: %s" % ', '.join(duplicate)) return errors, warnings, ret diff --git a/nxapi/whitelist.py b/nxapi/whitelist.py index 90cea2b..b86b9ba 100644 --- a/nxapi/whitelist.py +++ b/nxapi/whitelist.py @@ -103,7 +103,7 @@ def __validate_mz(warnings, errors, mz): return errors, warnings if not mz[0].startswith('$URL'): warnings.append('Your three parts matchzone does not starts with $URL') - if 1< len(mz) < 4 and mz[0].startswith('$URL') and (mz[1] == 'NAME'): + if 1 < len(mz) < 4 and mz[0].startswith('$URL') and (mz[1] == 'NAME'): errors.append('You can not use $URL and NAME') return errors, warnings return errors, warnings @@ -141,7 +141,7 @@ def __linkify_rule(_rid): else: zones = list() if wil < 0: - zones.append('except the rule {}'.format(__linkify_rule(abs(wil)))) + zones.append('except the rule {}'.format(__linkify_rule(abs(wil)))) elif not negative: zones.append('the rule {}'.format(__linkify_rule(wil))) ret += ', '.join(zones) diff --git a/setup.py b/setup.py index 7e1f240..f1706ed 100644 --- a/setup.py +++ b/setup.py @@ -8,4 +8,4 @@ packages=find_packages(), version='0.1', install_requires=['python-pcre'] -) \ No newline at end of file +) diff --git a/tests/test_nxlog.py b/tests/test_nxlog.py index 6881427..c0bb66a 100644 --- a/tests/test_nxlog.py +++ b/tests/test_nxlog.py @@ -13,7 +13,7 @@ def test_parse_nxlog(self): errors, ret = nxlog.parse_nxlog(_nxlog) self.assertEqual(errors, list()) self.assertEqual(ret, {'uri': '/phpMyAdmin-2.8.2/scripts/setup.php', 'block': '0', - 'total_blocked': '204', 'ip': 'X.X.X.X', 'server': 'Y.Y.Y.Y', - 'learning': '0', 'zone0': 'HEADERS', 'score0': '8', - 'var_name0': 'user-agent', 'cscore0': '$UWA', 'id0': '42000227', - 'total_processed': '472', 'vers': '0.52'}) \ No newline at end of file + 'total_blocked': '204', 'ip': 'X.X.X.X', 'server': 'Y.Y.Y.Y', + 'learning': '0', 'zone0': 'HEADERS', 'score0': '8', + 'var_name0': 'user-agent', 'cscore0': '$UWA', 'id0': '42000227', + 'total_processed': '472', 'vers': '0.52'}) diff --git a/tests/test_processing.py b/tests/test_processing.py index 6387e25..75c9b71 100644 --- a/tests/test_processing.py +++ b/tests/test_processing.py @@ -8,34 +8,34 @@ class TestProcessing(TestCase): def test_short_str(self): whitelist = {'mz': ['$HEADERS_VAR:user-agent'], 'wl': [42000227]} nxlog = {'uri': '/phpMyAdmin-2.8.2/scripts/setup.php', 'block': '0', - 'total_blocked': '204', 'ip': 'X.X.X.X', 'server': 'Y.Y.Y.Y', - 'learning': '0', 'zone0': 'HEADERS', 'score0': '8', - 'var_name0': 'user-agent', 'cscore0': '$UWA', 'id0': '42000227', - 'total_processed': '472', 'vers': '0.52'} + 'total_blocked': '204', 'ip': 'X.X.X.X', 'server': 'Y.Y.Y.Y', + 'learning': '0', 'zone0': 'HEADERS', 'score0': '8', + 'var_name0': 'user-agent', 'cscore0': '$UWA', 'id0': '42000227', + 'total_processed': '472', 'vers': '0.52'} self.assertTrue(processing.check_whitelist(whitelist, nxlog)) whitelist = {'mz': ['$HEADERS_VAR:user-agent'], 'wl': [42000227]} nxlog = {'uri': '/phpMyAdmin-2.8.2/scripts/setup.php', 'block': '0', - 'total_blocked': '204', 'ip': 'X.X.X.X', 'server': 'Y.Y.Y.Y', - 'learning': '0', 'zone0': 'BODY', 'score0': '8', - 'var_name0': 'test', 'cscore0': '$UWA', 'id0': '42000227', - 'total_processed': '472', 'vers': '0.52'} + 'total_blocked': '204', 'ip': 'X.X.X.X', 'server': 'Y.Y.Y.Y', + 'learning': '0', 'zone0': 'BODY', 'score0': '8', + 'var_name0': 'test', 'cscore0': '$UWA', 'id0': '42000227', + 'total_processed': '472', 'vers': '0.52'} self.assertFalse(processing.check_whitelist(whitelist, nxlog)) whitelist = {'mz': ['$HEADERS_VAR:user-agent'], 'wl': [42000227, 10]} nxlog = {'uri': '/phpMyAdmin-2.8.2/scripts/setup.php', 'block': '0', - 'total_blocked': '204', 'ip': 'X.X.X.X', 'server': 'Y.Y.Y.Y', - 'learning': '0', 'zone0': 'HEADERS', 'score0': '8', - 'var_name0': 'user-agent', 'cscore0': '$UWA', 'id0': '10', - 'total_processed': '472', 'vers': '0.52'} + 'total_blocked': '204', 'ip': 'X.X.X.X', 'server': 'Y.Y.Y.Y', + 'learning': '0', 'zone0': 'HEADERS', 'score0': '8', + 'var_name0': 'user-agent', 'cscore0': '$UWA', 'id0': '10', + 'total_processed': '472', 'vers': '0.52'} self.assertTrue(processing.check_whitelist(whitelist, nxlog)) whitelist = {'mz': ['$HEADERS_VAR:user-agent'], 'wl': [42000227, 11]} nxlog = {'uri': '/phpMyAdmin-2.8.2/scripts/setup.php', 'block': '0', - 'total_blocked': '204', 'ip': 'X.X.X.X', 'server': 'Y.Y.Y.Y', - 'learning': '0', 'zone0': 'HEADERS', 'score0': '8', - 'var_name0': 'user-agent', 'cscore0': '$UWA', 'id0': '10', - 'total_processed': '472', 'vers': '0.52'} + 'total_blocked': '204', 'ip': 'X.X.X.X', 'server': 'Y.Y.Y.Y', + 'learning': '0', 'zone0': 'HEADERS', 'score0': '8', + 'var_name0': 'user-agent', 'cscore0': '$UWA', 'id0': '10', + 'total_processed': '472', 'vers': '0.52'} self.assertFalse(processing.check_whitelist(whitelist, nxlog)) whitelist = {'mz': ['$HEADERS_VAR_X:^user-agent$'], 'wl': [42000227, 10]} @@ -76,4 +76,4 @@ def test_short_str(self): 'learning': '0', 'zone0': 'HEADERS', 'score0': '8', 'var_name0': 'user-agent', 'cscore0': '$UWA', 'id0': '10', 'total_processed': '472', 'vers': '0.52'} - self.assertTrue(processing.check_whitelist(whitelist, nxlog)) \ No newline at end of file + self.assertTrue(processing.check_whitelist(whitelist, nxlog)) diff --git a/tests/test_rules.py b/tests/test_rules.py index ac3de55..e8d63cd 100644 --- a/tests/test_rules.py +++ b/tests/test_rules.py @@ -16,7 +16,8 @@ def test_explain(self): 'The rule number 5 is not setting the $XSS' ' score to 3 when it finds the string pif' ' the body.') - rule = {'negative': True, 'detection': 'str:pif', 'msg': 'test msg', 'mz': 'BODY|URL', 'score': '$XSS:3', 'sid': 5} + rule = {'negative': True, 'detection': 'str:pif', 'msg': 'test msg', 'mz': 'BODY|URL', 'score': '$XSS:3', + 'sid': 5} self.assertEqual(rules.explain(rule), 'The rule number 5 is not setting the $XSS' ' score to 3 when it finds the string pif' @@ -27,13 +28,15 @@ def test_parse(self): errors, warnings, ret = rules.parse_rule(rule) self.assertEqual(errors, []) self.assertEqual(warnings, ['rule IDs below 10k are reserved (5)']) - self.assertEqual(ret, {'mz:': ['BODY'], 'str:': 'str:a', 's:': '$XSS:3', 'negative': '', 'id:': '5', 'msg:': 't'}) + self.assertEqual(ret, {'mz:': ['BODY'], 'str:': 'str:a', 's:': '$XSS:3', 'negative': '', 'id:': '5', + 'msg:': 't'}) rule = 'MainRule negative "str:a" "msg:t" "mz:BODY|URL" "s:$XSS:3" id:5 ;' errors, warnings, ret = rules.parse_rule(rule) self.assertEqual(errors, []) self.assertEqual(warnings, ['rule IDs below 10k are reserved (5)']) - self.assertEqual(ret, {'mz:': ['BODY', 'URL'], 'str:': 'str:a', 's:': '$XSS:3', 'negative': '', 'id:': '5', 'msg:': 't'}) + self.assertEqual(ret, {'mz:': ['BODY', 'URL'], 'str:': 'str:a', 's:': '$XSS:3', 'negative': '', 'id:': '5', + 'msg:': 't'}) rule = 'MainRule negative "rx:^[\da-z_]+$" "mz:$ARGS_VAR:id|$BODY_VAR:id" "s:$LOG_TEST:1" id:42000456;' errors, warnings, ret = rules.parse_rule(rule) @@ -107,8 +110,6 @@ def test_parse(self): self.assertEqual(errors, ['id:POUET is not numeric', "Parsing of element 'id:POUET' failed."]) self.assertEqual(warnings, []) - - def test_validate(self): rule = {'negative': True, 'detection': 'str:pif', 'msg': 'test msg', 'mz': 'BODY', 'score': '$XSS:3', 'sid': 5} errors, warnings = rules.validate(rule) @@ -121,4 +122,3 @@ def test_validate(self): print(errors) self.assertIn("WRONG' is not a known sub-part of mz", str(errors)) self.assertEqual(warnings, []) - diff --git a/tests/test_whitelist.py b/tests/test_whitelist.py index fd4efd2..2a5aa57 100644 --- a/tests/test_whitelist.py +++ b/tests/test_whitelist.py @@ -93,7 +93,7 @@ def test_validate(self): errors, warnings = whitelist.validate(wlist) self.assertEqual(errors, ['You can not use regexp matchzone with non-regexp one']) - wlist = {'wl': [1000], 'mz': ['$ARGS_VAR_X:lol','$ARGS_VAR_X:lol','$ARGS_VAR_X:lol']} + wlist = {'wl': [1000], 'mz': ['$ARGS_VAR_X:lol', '$ARGS_VAR_X:lol', '$ARGS_VAR_X:lol']} errors, warnings = whitelist.validate(wlist) self.assertEqual(errors, ['The last argument of your matchzone with two pipes is not "NAME"']) @@ -150,4 +150,5 @@ def test_explain(self): self.assertEqual(whitelist.explain(wlist), 'Whitelist all rules if matching in $ARGS_VAR:foo in $URL:/bar.') wlist = {'mz': ['$ARGS_VAR:foo', '$URL:/bar'], 'wl': [-10]} - self.assertEqual(whitelist.explain(wlist), 'Whitelist all rules except the rule 10 if matching in $ARGS_VAR:foo in $URL:/bar.') \ No newline at end of file + self.assertEqual(whitelist.explain(wlist), + 'Whitelist all rules except the rule 10 if matching in $ARGS_VAR:foo in $URL:/bar.')