#!/usr/bin/python2

import os
import re
import sys
import logging
import logging.handlers
import syslog
import subprocess
from optparse import OptionParser

parser = OptionParser()
parser.add_option("", "--debug", dest="debugging", action='store_true', help="enable debug messages")

(options, args) = parser.parse_args()

class DirectSyslogHandler(logging.Handler):
    def __init__(self):
        self.levelmap = { 'DEBUG': syslog.LOG_DEBUG, 'INFO': syslog.LOG_INFO, 'NOTICE': syslog.LOG_NOTICE,
                          'WARNING': syslog.LOG_WARNING, 'ERROR': syslog.LOG_ERR, 'CRITICAL': syslog.LOG_CRIT }
        logging.Handler.__init__(self)

    def emit(self, record):
        try:            
            msg = self.format(record)
            level = self.levelmap.get(record.levelname, syslog.LOG_INFO)
            syslog.syslog(level, msg)
        except Exception, e:
            pass

progname = os.path.basename(os.path.abspath(sys.argv[0]))

logger = logging.getLogger(progname)
logger.setLevel(logging.INFO)

handler = DirectSyslogHandler()
handler.setFormatter(logging.Formatter(progname + '[%(process)d]: %(levelname)s: ' + '%(message)s'))
logger.addHandler(handler)

if options.debugging:
    handler2 = logging.StreamHandler(sys.stderr)
    handler2.setFormatter(logging.Formatter(progname + '[%(process)d]: %(levelname)s: ' + '%(message)s'))
    logger.addHandler(handler2)
    logger.setLevel(logging.DEBUG)

reportnum = re.compile('^Port ([0-9]+)')

portnums = set()

cfgname = '/etc/ssh/sshd_config'

logger.debug('scanning "' + cfgname + '"...')

try:
    fh = open(cfgname)

    for fullline in fh.readlines():
        line = fullline.rstrip('\n')

        mportnum = reportnum.match(line)

        if mportnum is not None:
            pnumb = mportnum.group(1)
            logger.debug('adding port number "' + pnumb + '"..')
            portnums.add(pnumb)

except IOError, e:
    logger.error('unable to open "' + cfgname + '", aborting...')
    sys.exit(1)

if len(portnums) == 0:
    strportnums = '22'
else:
    strportnums = ','.join(reversed(list(portnums)))

args = ['/usr/local/nsc/bin/snort-update-config','--ssh-ports',strportnums]

logger.debug('calling ' + str(args) + '...')
retcode = subprocess.call(args)

if retcode <> 0:
    logger.warning('calling snort-update-config returned ' + str(retcode))

sys.exit(0)

