By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
448,796 Members | 1,176 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 448,796 IT Pros & Developers. It's quick & easy.

socket.makefile & AF_UNIX

P: n/a
I think I'm overlooking something assumed in socket's makefile method.
Googling several hours and digging thru the python reference didn't help - I
think I'm overlooking an assumption between Python and UNIX socket objects
neither is explicitely discussing. I think my mknod

In the makefile operation on socket (pydoc socket.socket.makefile... using
AF_UNIX, allowing you to create a file object to correspond to a socket) I've
got an sample program (goal: open up unix file socket object for snort's
alert_unixsock output mode to dump to. later, take data written into file
object and process) as follows:

#######################################3
#!/usr/bin/python
## socketfile.py
## for socket file object to collect snort data via alert_unixsock output
"""makes file interface to socket. demo application takes data written to file
and prints it."""

from socket import *
import os

FILE = 'snort_alert'
#FILE = '/dev/log'

if not os.path.exists(FILE):
print "Creating file..."
os.mknod(FILE)

s = socket(AF_UNIX, SOCK_DGRAM)
# SOCK_DGRAM for UDP compatibility with /dev/log - errors
# on SOCK_STREAM reference for /dev/log

s.connect(FILE)

f = s.makefile('rw')

while 1:
print "Data: %s" % f.readline(1024)
f.flush()
#######################################3

If I guess correctly, socket.makefile might be wanting to use a block or
character file, which I may not be setting up properly. pydoc on os.mknod
refers to os.makedev which is even sparser on explanation. Part of the reason
for my guess is that:

- permissions on my snort_alert file don't look right:
-rw------- 1 sysadmin users 0 Dec 10 02:58 snort_alert

compared to:
srw-rw-rw- 1 root root 0 Dec 10 01:14 /dev/log=

And when I use /dev/log instead (which exists), it connects to the file object
and runs (though snort does not want to dump to /dev/log and the limitations
of the alert_unixsock output method limit it to /var/log/snort/snort_alert
only). Any thoughts from the socket savvy would be *greatly* appreciated!

Jamie

Jul 18 '05 #1
Share this Question
Share on Google+
1 Reply


P: n/a
Jamie Saker <w0***@firepole.com> writes:
In the makefile operation on socket (pydoc socket.socket.makefile... using
AF_UNIX, allowing you to create a file object to correspond to a socket) I've
got an sample program (goal: open up unix file socket object for snort's
alert_unixsock output mode to dump to. later, take data written into file
object and process) as follows:


If you're trying to create a Unix socket then mknod() isn't what
you need. You probably want to create a socket and bind() it to
the log file:

filename = 'snort_alert'
s = socket(AF_UNIX, SOCK_DGRAM)
s.bind(filename)

The call to bind() will probably fail if the socket file already
exists, so you might want to unlink it first (or make sure you clean
up by unlinking it whenever you exit).

Whether it's appropriate to call makefile() and use methods like
readline() depends on the format of the data that the other end
will send. If it's binary then you might need to use s.recv().

--
Michael Fuhr
http://www.fuhr.org/~mfuhr/
Jul 18 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.