---- start diff ---

*** snort-stat	Tue Feb 27 10:26:02 2001
---- snort-stat.tomeck	Tue Feb 27 10:38:25 2001
***************
*** 100,110 ****
  }

  #
! ###################  print mail  ##################################
  #

! open(MAIL,"| $sendmail $to") || die $!;
! printf MAIL "To: %s\n".
  	    "Subject: %s: snort daily report\n\n".
  	    "The log begins from: %3s %02d %02d:%02d:%02d\n".
  	    "The log ends at:     %3s %02d %02d:%02d:%02d\n".
---- 100,121 ----
  }

  #
! ################### Make tempfile ################################
  #

! $cnt=0;
! while(1) {
!         $tmpfile = "/tmp/snort-stat.$$.$cnt";
! 	last unless -f $tmpfile;
! 	$cnt++;
! }
!
! #
! ################ Write report to tempfile  #######################
! #
!
! open(TMP,"> $tmpfile") || die $!;
! printf TMP "To: %s\n".
  	    "Subject: %s: snort daily report\n\n".
  	    "The log begins from: %3s %02d %02d:%02d:%02d\n".
  	    "The log ends at:     %3s %02d %02d:%02d:%02d\n".
***************
*** 129,143 ****
  $s0{$k}, $_[2],            $_[1],           $hostname
  .

! select(MAIL);
  $^	= SAME_ATTACK_TOP;
  $~	= SAME_ATTACK;

  foreach $k (sort { $s0{$b} <=> $s0{$a} } keys %s0) {
      @_ = split ",",$k;
      $hostname=`host $_[0] 2>/dev/null`;
      $hostname=$_[0] if (not defined $hostname) || ($hostname eq "");
      $hostname=~ s/Name: //g; chomp($hostname);
!     write if $s0{$k} > $treshold;
  }
! close(MAIL) || die $!;
---- 140,164 ----
  $s0{$k}, $_[2],            $_[1],           $hostname
  .

! select(TMP);
  $^	= SAME_ATTACK_TOP;
  $~	= SAME_ATTACK;

  foreach $k (sort { $s0{$b} <=> $s0{$a} } keys %s0) {
      @_ = split ",",$k;
+     last if  $s0{$k} <= $treshold;
      $hostname=`host $_[0] 2>/dev/null`;
      $hostname=$_[0] if (not defined $hostname) || ($hostname eq "");
      $hostname=~ s/Name: //g; chomp($hostname);
!     write;
  }
! select(STDOUT);
! close(TMP);
!
! #
! ###################  send mail  ##################################
! #
!
! system("cat $tmpfile | $sendmail $to");
! unlink("$tmpfile");
!

--- end diff ---
