Hi,
Thank you peter! The problem is windows doesn´t work with signals, you need
cygwin installed on it, that allow you to use linux commands on windows and
in my enviroment i can´t do that.
Risto contribute with this solution in other mail thread(I copy and paste):
Sec-2.6.2
type=single
ptype=substr
pattern=RELOAD
desc=reload sec rule files that have been modified
action=lcall %o -> ( sub { $main::sigreceived = 1; $main::softrefresh = 1;
} )
Sec-2.7.10
type=single
ptype=substr
pattern=RELOAD
desc=reload sec rule files that have been modified
action=lcall %o -> ( sub { $main::sigreceived = 1; $main::softrefresh = 1;
} )
This is what i think from the code above:
I haven´t tested properly yet, i´ll do during the weekend but as i see it
is a call to the sec library without methods or signals activating sec
funtions to read and launching the methods for reading the files again,
just activating softrefresh flag.
I´m not an expert programming in perl or sec.
@risto is it that true?
Thank you for your again. Regards. Have a nice day!.
2016-06-16 17:45 GMT+02:00 Peter Eckel <li...@eckel-edv.de>:
> Hi Jaren,
>
> > Hi,
> >
> > Is it possible to restart or reload sec file rules from a sec rule?. I?m
> > using sec 2.6.2 over windows.
> >
> > Thank you. Regards.
>
> Not sure about Windows (never used it), but on *ix you can send a signal
> (SIGABRT/SIGHUP) to a process from the shell, which you could do in a
> shellcmd.
>
> ...
> action = shellcmd /bin/kill -ABRT $( cat /var/run/sec.pid )
>
> HUP should work as well, but ABRT is sufficient.
>
> You need to find out:
>
> a) whether signals work on Windows
> b) how to send one from the shell
> c) how to figure out the PID (process ID) of the sec process
>
> Regards,
>
> Peter.
>
>
>
> ------------------------------------------------------------------------------
> What NetFlow Analyzer can do for you? Monitors network bandwidth and
> traffic
> patterns at an interface-level. Reveals which users, apps, and protocols
> are
> consuming the most bandwidth. Provides multi-vendor support for NetFlow,
> J-Flow, sFlow and other flows. Make informed decisions using capacity
> planning
> reports.
> http://pubads.g.doubleclick.net/gampad/clk?id=1444514421&iu=/41014381
> _______________________________________________
> Simple-evcorr-users mailing list
> Simple-evcorr-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/simple-evcorr-users
>
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports. http://sdm.link/zohomanageengine
_______________________________________________
Simple-evcorr-users mailing list
Simple-evcorr-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/simple-evcorr-users
