File Coverage

blib/lib/Ixchel/DefaultConfig.pm

Criterion	Covered	Total	%
statement	8	22	36.3
branch	0	4	0.0
condition			n/a
subroutine	3	4	75.0
pod	1	1	100.0
total	12	31	38.7

line	stmt	bran	sub	pod	time	code
1						package Ixchel::DefaultConfig;
2
3	2		2		83022	use 5.006;
	2				6
4	2		2		11	use strict;
	2				10
	2				34
5	2		2		7	use warnings;
	2				3
	2				2375
6						#use Rex::Hardware::Host;
7
8						=head1 NAME
9
10						Ixchel::DefaultConfig - The default config used for with Ixchel.
11
12						=head1 VERSION
13
14						Version 0.4.0
15
16						=cut
17
18						our $VERSION = '0.5.0';
19
20						=head1 SYNOPSIS
21
22						use Ixchel::DefaultConfig;
23						use Data::Dumper;
24
25						print Dumper( Ixchel::DefaultConfig->get );
26
27						Also can easily be dumped via...
28
29						ixchel -a dump_config --noConfig -o yaml
30
31						=head1 Functions
32
33						=head2 get
34
35						Returns a hash reference of the default config.
36
37						=cut
38
39						sub get {
40	0		0	1		my $config = {
41						suricata => {
42						multi_instance => 0,
43						config_base => '/usr/local/etc/suricata',
44						instances => {},
45						config => { 'rule-files' => [] },
46						enable => 0,
47						enable_fastlog => 1,
48						enable_syslog => 0,
49						filestore_enable => 1,
50						dhcp_in_alert_eve => 0,
51						enable_pcap_log => 0,
52						auto_threading => {
53						enable => 0,
54						exclude => undef,
55						},
56						auto_sensor_name => {
57						enable => 1,
58						full => 0,
59						},
60						base_config => 'https://raw.githubusercontent.com/OISF/suricata/master/suricata.yaml.in',
61						base_fill_in => {
62						e_logdir => '/var/log/suricata/',
63						e_magic_file_comment => '',
64						e_magic_file => '/usr/share/misc/magic',
65						e_defaultruledir => '/etc/suricata/rules',
66						},
67						logging => {
68						in_outputs => 1,
69						level => 'notice',
70						console => 'no',
71						console_json => 0,
72						file => 'yes',
73						file_level => 'info',
74						file_json => 0,
75						syslog => 'no',
76						syslog_facility => 'local5',
77						syslog_format => '[%i] <%d> -- ',
78						syslog_json => 0,
79						},
80						update => {
81						enable => 0,
82						no_reload => 0,
83						no_test => 0,
84						offline => 0,
85						fail => 0,
86						disable_conf => 1,
87						disable_file => undef,
88						enable_conf => 1,
89						disable_file => undef,
90						modify_conf => 1,
91						modify_file => undef,
92						drop_conf => 1,
93						drop_file => undef,
94						conf_file => undef,
95						update_file => undef,
96						when => '33 0 * * *',
97						},
98						},
99						lilith => {
100						enable => 0,
101						config => {},
102						auto_config => {
103						enabled => 1,
104						full => 0,
105						},
106						},
107						suricata_extract => {
108						enable => 0,
109						url => '',
110						slug => '',
111						apikey => '',
112						filestore => '',
113						ignore => '',
114						ignoreHosts => '',
115						env_proxy => 0,
116						stats_file => '/var/cache/suricata_extract_submit_stats.json',
117						stats_dir => '/var/cache/suricata_extract_submit_stats/',
118						interval => '/2 * * *',
119						},
120						sagan => {
121						multi_instance => 0,
122						merged_base_include => 1,
123						config_base => '/usr/local/etc/',
124						instances => {},
125						config => {},
126						rules => [],
127						instances_rules => {},
128						enable => 0,
129						base_config => 'https://raw.githubusercontent.com/quadrantsec/sagan/main/etc/sagan.yaml',
130						rules => 'file:///usr/local/etc/sagan-rules.yaml'
131						},
132						meer => {
133						multi_instance => 0,
134						config_base => '/usr/local/etc/meer/',
135						instances => '',
136						enable => 0,
137						},
138						cape => {
139						enable => 0,
140						eve => '/opt/CAPEv2/log/eve.json',
141						},
142						mariadb => {
143						enable => 0,
144						},
145						apache2 => {
146						enable => 0,
147						version => '2.4',
148						logdir => '/var/log/apache',
149						},
150						chronyd => {
151						enable => 0,
152						},
153						zfs => {
154						enable => 0,
155						},
156						squid => {
157						enable => 0,
158						},
159						proxy => {
160						ftp => '',
161						http => '',
162						https => '',
163						},
164						cron => {
165						enable => 1,
166						includes => [],
167						},
168						apt => {
169						proxy_https => '',
170						proxy_http => '',
171						proxy_ftp => '',
172						global => 0,
173						},
174						perl => {
175						modules => [],
176						cpanm => 0,
177						pkgs_optional => [],
178						pkgs_always_try => 1,
179						pkgs_require => [],
180						cpanm_home => undef,
181						},
182						systemd => {
183						auto => {},
184						journald => {},
185						},
186						xeno_build => {
187						build_dir => '/tmp',
188						},
189						nss_pam => {
190						nscd_enable => 0,
191						uri => '',
192						base => '',
193						ldap_version => 3,
194						scope => 'sub',
195						base_group => '',
196						base_passwd => '',
197						base_shadow => '',
198						scope_group => 'sub',
199						scope_hosts => 'sub',
200						bind_timelimit => '',
201						timelimit => '',
202						bindpw => '',
203						binddn => '',
204						rootpwmoddn => '',
205						rootpwmodpw => '',
206						ssl => '',
207						tls_cacertdir => '',
208						tls_cacertfile => '',
209						tls_crlcheck => '',
210						tls_randfile => '',
211						tls_ciphers => '',
212						tls_cert => '',
213						tls_key => '',
214						filter_passwd => '',
215						filter_shadow => '',
216						filter_group => '',
217						map_passwd_uid => '',
218						map_passwd_gidNumber => '',
219						map_passwd_uidNumber => '',
220						map_passwd_userPassword => '',
221						map_passwd_homeDirectory => '',
222						map_passwd_gecos => '',
223						map_passwd_loginShell => '',
224						map_group_member => '',
225						map_group_gidNumber => '',
226						map_group_cn => '',
227						map_shadow_uid => '',
228						map_shadow_userPassword => '',
229						map_shadow_shadowLastChange => '',
230						pagesize => '',
231						referrals => '',
232						idle_timelimit => '',
233						nss_initgroups_ignoreusers => '',
234						nss_min_uid => '',
235						nss_uid_offset => '',
236						nss_gid_offset => '',
237						nss_nested_groups => '',
238						nss_getgrent_skipmembers => '',
239						nss_disable_enumeration => '',
240						validnames => '',
241						ignorecase => '',
242						pam_authc_ppolicy => '',
243						pam_authc_search => '',
244						pam_authz_search => '',
245						pam_password_prohibit_message => '',
246						cache => '',
247						sasl_mech => '',
248						sasl_realm => '',
249						sasl_authcid => '',
250						sasl_authzid => '',
251						sasl_secprops => '',
252						sasl_canonicalize => '',
253						krb5_ccname => '',
254						dref => '',
255						},
256						sneck => {
257						enable => 0,
258						vars => {},
259						tests => {},
260						},
261						env => {},
262						snmp => {
263						community => 'public',
264						extend_env => 'PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin LC_ALL=C',
265						syslocation => '',
266						syscontact => '',
267						extend_base_dir => '/usr/local/etc/snmp',
268						config_file => '/usr/local/etc/snmpd.conf',
269						extend_avail_dir => '',
270						listen_types => ['array'],
271						listen_array => [ 'udp:161', 'tcp:161' ],
272						listen_file => '',
273						listen_script => '',
274						v3_limited_enable => '0',
275						v3_limited_name => '',
276						v3_limited_pass => '',
277						extends => {
278						smart => {
279						enable => 0,
280						cache => '/var/cache/smart',
281						use_cache => 0,
282						nightly_test_enable => 1,
283						nightly_test => 'long',
284						config => '/usr/local/etc/smart-extend.conf',
285						additional_update_args => '',
286						},
287						systemd => { enable => 0, cache => '/var/cache/systemd.extend', use_cache => 1 },
288						mysql => { enable => 0, host => '127.0.0.1', port => '3306', ssl => 0, timeout => 0, },
289						sneck => { enable => 0, },
290						bind => { enable => 0, },
291						borgbackup => { enable => 0, },
292						suricata_extract => { enable => 0, },
293						suricata => { enable => 0, args => '', },
294						sagan => { enable => 0, args => '', },
295						hv_monitor => { enable => 0, },
296						fail2ban => { enable => 0, },
297						lilith => { enable => 0, },
298						supvervisord => { enable => 0, },
299						linux_softnet_stat => { enable => 0, },
300						opensearch => { enable => 0, host => '127.0.0.1', port => 9200 },
301						osupdate => { enable => 1, interval => '/5 * * *', },
302						privoxy => { enable => 0, log => '/var/log/privoxy/logfile' },
303						chronyd => { enable => 0, },
304						zfs => { enable => 0, },
305						squid => { enable => 0, },
306						ifAlias => { enable => 0, },
307						ntp_client => { enable => 0, },
308						mojo_cape_submit => { enable => 0, },
309						mdadm => { enable => 0, },
310						distro => { enable => 1, },
311						logsize => {
312						enable => 0,
313						remote => 0,
314						remote_sub_dirs => 0,
315						remote_exclude => [ 'achive', ],
316						suricata_flows => 1,
317						suricata_base => 1,
318						sagan_base => 0,
319						apache2 => 1,
320						var_log => 1,
321						},
322						},
323						},
324						};
325
326						# my $host_info=Rex::Hardware::Host->get();
327
328	0	0				if ( $^O eq 'linux' ) {
		0
329	0					$config->{suricata}{config_base} = '/etc/suricata';
330	0					$config->{snmp}{extend_base_dir} = '/etc/snmp/';
331	0					$config->{snmp}{config_file} = '/etc/snmp/snmpd.conf';
332	0					$config->{snmp}{linux_softnet_stat}{enable} = 1;
333
334						# if ($host_info->{operating_system} eq 'Debian' \|\| $host_info->{operating_system} eq 'Ubuntu') {
335						# }
336						} elsif ( $^O eq 'freebsd' ) {
337	0					$config->{suricata}{base_fill_in}{e_defaultruledir} = '/var/lib/suricata/rules';
338						}
339
340	0					$config->{suricata}{update}{disable_file} = $config->{suricata}{config_base} . '/disable.conf';
341	0					$config->{suricata}{update}{enable_file} = $config->{suricata}{config_base} . '/enable.conf';
342	0					$config->{suricata}{update}{modify_file} = $config->{suricata}{config_base} . '/modify.conf';
343	0					$config->{suricata}{update}{drop_file} = $config->{suricata}{config_base} . '/drop.conf';
344	0					$config->{suricata}{update}{conf_file} = $config->{suricata}{config_base} . '/suricata.yaml';
345	0					$config->{suricata}{update}{update_file} = $config->{suricata}{config_base} . '/update.yaml';
346
347	0					return $config;
348						} ## end sub get
349
350						1;