File Coverage

blib/lib/ThreatNet/Filter/Chain.pm
Criterion Covered Total %
statement 24 25 96.0
branch 6 8 75.0
condition n/a
subroutine 7 7 100.0
pod 2 2 100.0
total 39 42 92.8


line stmt bran cond sub pod time code
1             package ThreatNet::Filter::Chain;
2              
3             =pod
4              
5             =head1 NAME
6              
7             ThreatNet::Filter::Chain - Create a chain of ThreatNet filters
8              
9             =head1 SYNOPSIS
10              
11             # After stripping junk ips, pass events through a Threat Cache,
12             # and then keep only the events that have occured in an IP range
13             # that we are responsible for.
14             my $Chain = ThreatNet::Filter::Chain->new(
15             ThreatNet::Filter::Junk->new,
16             ThreatNet::Filter::ThreatCache->new,
17             ThreatNet::Filter::Network->new( '202.123.123.0/24' ),
18             );
19            
20             sub process_message {
21             my $Message = shift;
22            
23             unless ( $Chain->keep($Message) ) {
24             return;
25             }
26            
27             print "Threat spotted in our network at " . $Message->ip . "\n";
28             }
29              
30             =head1 DESCRIPTION
31              
32             C lets you create filters that represent an
33             entire chain of filters. L objects are checked against
34             each individual filter in the same order.
35              
36             A message must pass the C method of each filter to move down the
37             chain. If a message is rejected at a point in chain, filters further down
38             the chain will not see them. This is mainly of importance to stateful
39             filters such as L.
40              
41             It is assumed you don't actual care B filter rejects a message,
42             and as such there is no way to tell this :)
43              
44             =head1 METHODS
45              
46             The methods are the same as for the parent L class, but
47             with a change to the C constructor.
48              
49             =cut
50              
51 3     3   2508 use strict;
  3         7  
  3         146  
52 3     3   23 use Params::Util '_SET', '_INSTANCE';
  3         9  
  3         229  
53 3     3   17 use base 'ThreatNet::Filter';
  3         5  
  3         694  
54              
55 3     3   14 use vars qw{$VERSION};
  3         6  
  3         122  
56             BEGIN {
57 3     3   619 $VERSION = '0.20';
58             }
59              
60             =pod
61              
62             =head2 new $Filter [, $Filter, ... ]
63              
64             The C constructor takes a set of (1 or more) L
65             objects, and creates a Filter object that acts as a I<"short-cutting
66             logical AND"> combination of them.
67              
68             Returns a new C object, or C if not
69             provided with the correct params.
70              
71             =cut
72              
73             sub new {
74 1 50   1 1 6 my $class = ref $_[0] ? ref shift : shift;
75 1 50       38 my $filters = _SET([ @_ ], 'ThreatNet::Filter') or return undef;
76              
77 1         62 my $self = $class->SUPER::new;
78 1         6 $self->{filters} = $filters;
79              
80 1         3 $self;
81             }
82              
83             =pod
84              
85             =head2 keep $Message
86              
87             The C method takes a single L object and checks
88             it against each of the child filters in turn, short-cutting if any of
89             them does not want to keep the message.
90              
91             One small note - The C method returns B the same false value
92             it recieves from the child filter, whether that is normal false or C.
93              
94             Returns true if you should keep the message, or false to discard.
95              
96             =cut
97              
98             sub keep {
99 5     5 1 3667 my $self = shift;
100 5 100       51 my $Message = _INSTANCE(shift, 'ThreatNet::Message') or return undef;
101              
102 3         6 foreach my $Filter ( @{$self->{filters}} ) {
  3         9  
103 13         50 my $rv = $Filter->keep($Message);
104 13 100       50 return $rv unless $rv; # false or undef
105             }
106              
107 0           1;
108             }
109              
110             1;
111              
112             =pod
113              
114             =head1 SUPPORT
115              
116             All bugs should be filed via the bug tracker at
117              
118             L
119              
120             For other issues, or commercial enhancement and support, contact the author
121              
122             =head1 AUTHORS
123              
124             Adam Kennedy Eadamk@cpan.orgE
125              
126             =head1 SEE ALSO
127              
128             L, L
129              
130             =head1 COPYRIGHT
131              
132             Copyright (c) 2005 Adam Kennedy. All rights reserved.
133             This program is free software; you can redistribute
134             it and/or modify it under the same terms as Perl itself.
135              
136             The full text of the license can be found in the
137             LICENSE file included with this module.
138              
139             =cut
140