#!/bin/bash

export LC_ALL=POSIX

CONFIGDIR="/etc/sysconfig/alterator-audit"
RULES_NAME="$CONFIGDIR/names"
RULES="$CONFIGDIR/rules"
FILTERS="$CONFIGDIR/filters"
TEMPLATES="$CONFIGDIR/templates"

alterator_api_version=1
. alterator-sh-functions
. alterator-service-functions
. shell-config

daemon_status()
{
	if service_control "auditd" is-enabled && service_control "auditd" is-active; then
		write_string_param auditd_status "Active"
	else
		write_string_param auditd_status "Inactive"
	fi
}

daemon_on()
{
	if service_control "auditd" is-enabled && service_control "auditd" is-active; then
		service_control "auditd" condstop
		/etc/init.d/auditd stop
		service_control "auditd" off
	else
		auditctl "-D"
		service_control "auditd" on
		service_control "auditd" start || :
	fi
	daemon_status
}

list_report()
{
	head= 
	size=0
	write_enum_item "auth"
	write_enum_item "avc"
	write_enum_item "config"
	write_enum_item "crypto"
	write_enum_item "event"
	write_enum_item "file"
	write_enum_item "host"
#	write_enum_item "input"		#TODO <file>
	write_enum_item "login"
	write_enum_item "mods"
	write_enum_item "mac"
	write_enum_item "pid"
	write_enum_item "response"
	write_enum_item "syscall"
	write_enum_item "terminal"
	write_enum_item "user"
	write_enum_item "executable"
}

list_size_page()
{
	write_enum_item "20" "`_ "20 lines"`"
	write_enum_item "30" "`_ "30 lines"`"
	write_enum_item "50" "`_ "50 lines"`"
	write_enum_item "100" "`_ "100 lines"`"
}

list_time()
{
	write_enum_item " "		#all
	write_enum_item "now"		#сейчас
	write_enum_item "recent"	#10 мин назад
	write_enum_item "today"		#сегодня
	write_enum_item "yesterday"
	write_enum_item "this-week"
	write_enum_item "this-month"
	write_enum_item "this-year"
	write_enum_item "another"
}

read_log()
{
	aurep_data="$(aureport $parameters --input-logs | sed -n $(($1+1))','$2'p')"
	if [ "$(echo "$aurep_data" | sed -n '6p')" = '<no events of interest were found>' ]; then
		aurep_data= 
		return
	fi
	if [ "$(echo "$aurep_data" | sed -n '1p')" = 'usage: aureport [options]' ];then
		aurep_data= 
		return
	fi
}

config_log()
{
	snum=1
	fnum=$(($snum + $in_size_page - 1))
	nstr=1000
	d_nstr=500
	dn_str=0
	parameters="--$in_report $(create_params)"
	all_lines="$(($(aureport $parameters --input-logs | wc -l) -5))"

	read_log 0 $(($nstr+5))

	data_head="$(echo "$aurep_data" | sed -n '4p')"
	head= 
	size=0
	for name in $data_head
	do
		if [ -n "$head" ]; then
			head="$head;$name"
		else
			head="$name"
		fi
		size=$(($size + 1))
	done
	
	aurep_data="$(echo "$aurep_data" | sed '1,5d')"

	if [ -n "$(echo "$in_parameter" | tr -d ' ')" ];then
		advance_search
		all_lines="$(echo "$aurep_data" | wc -l)"
		nstr=$(($all_lines+$d_nstr))
	fi
	
	write_string_param all_lines "$all_lines"
	write_string_param select_line "$snum"
}

advance_search()
{
	aurep_data="$(aureport $parameters --input-logs | sed '1,5d')"
	for search in $in_parameter
	do
		aurep_data="$(echo "$aurep_data" | grep "$search")"
	done
}

title_logtable()
{
	if [ -z "$head" ]; then head="Log Audit"; fi
	echo "$size $head"
}

list_table()
{
	if [ -n "$aurep_data" ]; then
		if [ $fnum -gt $nstr ] || [ $snum -lt $dn_str ]; then
			nstr=$snum
			local low=$(($snum-$d_nstr+5))
			local high=$(($snum+$d_nstr+5))
			test $low -lt 5 && low=5 && high=$(($snum+$d_nstr+5))
			read_log $low $high
			dn_str=$(($snum-$d_nstr))
			test $dn_str -lt 5 && dn_str=0
		fi

		local data_page="$(echo "$aurep_data" | sed -n $(($snum-$dn_str))','$(($fnum-$dn_str))'p' | tr '\n' ' ' | sed -e 's/ \{1,\}/;;/g')"
	  	write_enum_item "$data_page"
  	else
	  	write_enum_item "Empty Log;;"
	fi
}

page_table()
{
	local psize=$in_size
	if [ "$in_page" = 'back' ]; then
		snum=$(($snum - $psize))
		fnum=$(($fnum - $psize))
		if [ $snum -lt 1 ]; then
			snum=1
			fnum=$psize
		fi
	elif [ "$in_page" = 'next' ]; then
		if [ $fnum -lt $all_lines ]; then
			snum=$(($fnum + 1))
			fnum=$(($fnum + $psize))
		fi
	elif [ "$in_page" = 'size' ]; then
			snum=$snum
			fnum=$(($snum + $psize -1))
	else
		if [ $in_page -le $all_lines ]; then
			snum=$in_page
			fnum=$(($snum + $psize - 1))
		fi
	fi
	write_string_param select_line "$snum"
	write_string_param prev_num "$snum"
}

create_params()
{
	local params= 
	if [ "$in_interplet" = '#t' ]; then params="-i"; fi
	if [ "$in_success" = '#t' ]; then params="$params --success"; fi
	if [ "$in_failed" = '#t' ]; then params="$params --failed"; fi

	if [ "$in_time" = '#t' ]; then
		if [ "$(echo $in_start_time | sed 's|[[:space:]]||g')" != "" ]; then
			if [ "$in_start_time" != 'another' ]; then
				params="$params -ts $in_start_time"
			else
				params="$(echo $params -ts "$(echo $in_s_date | sed -e 's/^.\{2\}//' | awk -F'-' '{print $2,$3,$1}' | tr ' ' '/')" "$in_s_time")"
			fi
		fi
		if [ "$(echo $in_end_time | sed 's|[[:space:]]||g')" != "" ]; then
			if [ "$in_end_time" != 'another' ]; then
				params="$params -te $in_end_time"
			else
				params="$(echo $params -te "$(echo $in_e_date | sed -e 's/^.\{2\}//' | awk -F'-' '{print $2,$3,$1}' | tr ' ' '/')" "$in_e_time")"
			fi
		fi
	fi
	if [ "$in_summary" = '#t' ]; then params="$params --summary"; fi
	echo $params
}

save_log()
{
	if [ -z "$in_path" ];then
		write_error "`_ "Empty path"`"
		return
	fi
	echo "$(echo "$head" | tr ';' ' ')" > "$in_path"
	if ! [ -f "$in_path" ];then
		write_error "`_ "Can't create file in $in_path"`"
		return
	fi
	if [ "$in_full" = "full" ];then
		if [ $nstr = $(($all_lines+$d_nstr)) ];then
			echo "$aurep_data" >> "$in_path"
		else
			read_log 5 $(($all_lines+5))
		fi
	elif [ "$in_full" = "page" ];then
		echo "$(echo "$aurep_data" | sed -n $(($snum-$dn_str))','$(($fnum-$dn_str))'p')" >> "$in_path"
	fi

}

edit_config()
{
	local number=$(grep -n $1'=' "$CONFIGDIR/config" | awk -F':' '{print $1}')
	sed -i $number"i $1=$2" "$CONFIGDIR/config"
	sed -i $(($number+1))'d' "$CONFIGDIR/config"
}

check_name_params()
{
	local number=$(grep -n $in_name'::' $FILTERS | awk -F':' '{print $1}')
	if [ -z "$number" ]; then
		number=$(grep -n '::'"$(create_params)" $FILTERS | awk -F':' '{print $1}')
	fi
	echo "$number"
}

list_filter_log()
{
	local name= value=
	cat $FILTERS | while read line
	do
		name="$(echo $line | awk -F'::' '{print $1}')"
		value="$(echo $line | awk -F'::' '{print $2}')"
		write_enum_item "$value" "$name"
#		write_table_item "$(echo $line | awk -F'::' '{print $1}')" "$(echo $line | awk -F'::' '{print $2}')"
	done
}

change_filter()
{
	case "$in_mode" in
		"save") save_filter "add"
		;;
		"del") delete_filter
		;;
		"chan")	save_filter "ch"
		;;
	esac
	list_filter_log
}

save_filter()
{
	local params="$(create_params)"
	params="$in_name::$in_report $params"
#	if [ "$in_fo_search" = '#t' ]; then
#		params="$params --options="
#		while read fil
#		do
#			params="$params$in_fil_list"
#		done < <(echo $in_fil_list)
	if [ -n "$in_parameter" ];then
		params="$params --options=$in_parameter"
	fi
	if [ "$1" = "add" ];then
		echo "$params" >> $FILTERS
	else
		if [ $in_number != -1 ];then
			sed -i $(($in_number+1))"i $params" $FILTERS
			sed -i $(($in_number+2))'d' $FILTERS
		fi
	fi
}

delete_filter()
{
	if [ -n "$in_number" ];then
		sed -i $(($in_number+1))'d' $FILTERS
	fi
}

init_filter()
{
	local report="$(echo $in_params | awk -F' ' '{print $1}')"
	local start_time="$(echo $in_params | grep "ts " | sed -r 's/.*-ts ([^ ]+).*/\1/')"
	local end_time="$(echo $in_params | grep "te " | sed -r 's/.*-te ([^ ]+).*/\1/')"
	local s_date= s_time= e_date= e_time= 

	if [ -n "$(echo $start_time | grep '/')" ]; then
		start_time="another"
		s_date="$(echo "$in_params" | grep "ts " | sed -r 's/.*-ts ([^-]+).*/\1/')"
		s_time="$(echo "$s_date" | awk -F' ' '{print $2}')"
		s_date="$(echo "$s_date" | awk -F' ' '{print $1}' | awk -F'/' '{print $3,$1,$2}' | tr ' ' '-')"
		if [ $(echo $s_date | cut -c 1) -eq 9 ];then
			s_date="19$s_date"
		else
			s_date="20$s_date"
		fi
	fi
	if [ -n "$(echo $end_time | grep '/')" ]; then
		end_time="another"
		e_date="$(echo "$in_params" | grep "te " | sed -r 's/.*-te ([^-]+).*/\1/')"
		e_time="$(echo "$e_date" | awk -F' ' '{print $2}')"
		e_date="$(echo "$e_date" | awk -F' ' '{print $1}' | awk -F'/' '{print $3,$1,$2}' | tr ' ' '-')"
		if [ $(echo $e_date | cut -c 1) -eq 9 ];then
			e_date="19$e_date"
		else
			e_date="20$e_date"
		fi
	fi

	local options="$(echo "$in_params" | grep "options" | sed -r 's/.*--options=([^-]+).*/\1/')"
#	if [ -n "$options" ]; then
#		write_string_param 

	write_string_param report "$report"
	write_string_param start_time "$start_time"
	write_string_param end_time "$end_time"
	write_string_param s_date "$s_date"
	write_string_param e_date "$e_date"
	write_string_param s_time "$s_time"
	write_string_param e_time "$e_time"
	write_string_param search_param "$options"
}


#================================rules================



list_all_rules()
{
	local list="$(cat $RULES)"
#	local list=$(/sbin/auditctl -l | awk -F:  '{print $2}')
	if [ -z "$(echo $list|tr -d '/n')" ];then return;fi
	local stat_= i=1 name= j=1
	while read rule
	do
		name="$(sed -n $i'p' $RULES_NAME)"

		test "$(echo "$rule"|cut -c1)" != '#' && stat_="on" || rule="$(echo "$rule"|cut -c2-)"
		if [ -z "$name" ]; then
			name="rule_$j"
			j=$(($j+1))
		fi
		write_table_item name "$rule" rule "$name" check "$stat_"
		name=
		stat_= 
		i=$(($i+1))
	done < <(echo "$list")
}

delete_rule()
{
	if [ "$in_option" = "del_all" ];then
		auditctl -D
		cat /dev/null > $RULES
		cat /dev/null > $RULES_NAME
		return
	fi

	test $in_num -lt 0 && return

	local rule="$(sed -n $(($in_num+1))'p' $RULES)"
	local active=true
#	local rule="$in_rule"
	test "$(echo "$rule"|cut -c1)" = '#' && active=false
	local param_rule="$(echo "$rule" | awk -F' ' '{print $1}')"
	rule="$(echo "$rule" |cut -d ' ' -f 2- )"
	test $param_rule = '-w' && rule="-W $rule" || rule="-d $rule"

	local err= 
	if service_control "auditd" is-active; then err="$(auditctl $rule 2>&1)";fi
	if [ -n "$err" ] && $active;then
		write_error "`_ "Error deleting rules!"`""
                                 $err"
		echo "err"
		return
	fi
	
	sed -i $(($in_num+1))'d' $RULES_NAME
	sed -i $(($in_num+1))'d' $RULES
}

new_rule_simple()
{
	local err="$(auditctl -w "$1" -p $2 2>&1)"
	test -n "$err" && write_error "`_ "Error creating rule!"`""
				$err" && return
	local rule="$in_path -p $2"
	if [ -z "$err" ];then
		if [ "$in_add_rule" = 'add' ];then
			echo "-w $rule" >> $RULES
			echo "$in_name" >> $RULES_NAME
		else
			test -n delete_rule && return
			rule="-w $rule"
			sed -i $(($in_num+1))"i $rule" $RULES
			sed -i $(($in_num+1))"i $in_name" $RULES_NAME
		fi
	else
		write_error "`_ "Error creating rule: Path not found!"`"
		return
	fi
#	new_rule_name
}

new_rule()
{
	test -z "$in_name" && write_error "`_ "Empty name"`" && return
#	test -n "$(grep -x $in_name $RULES_NAME)" && write_error "`_ "This name is already exists"`" && return
	local perm=$(echo "$in_perm" | grep -o "[rwxa]" | tr -d '\n')
	test -z "$perm" && perm="rwxa"
	test "$in_expert" = '#t' && new_rule_expert || new_rule_simple "$in_path" $perm
}

config_rule()
{
	local rule="$(echo "$in_rule" | cut -c2-)"
	local i=1 param= value=
	permiss="rwxa"
	syscall=

	local string="$(echo "$rule" | awk -F'-' -F' -' '{print $1}')"

	while [ -n "$string" ]
	do
		param="$(echo "$string" | awk -F' ' '{print $1}')"
		value="$(echo "$string" | cut -c3-)"
		check_param "$param" "$value"
		i=$(($i+1))
		string="$(echo "$rule" | awk -F'-' -F' -' '{print $'$i'}')"
	done
	
	write_string_param rule_syscall "$syscall"
	test_permiss "$permiss"
}

activate_rule()
{
	if [ $in_num != -1 ];then
		local rule="$(sed -n $(($in_num+1))'p' $RULES)"
		test "$in_stat" = '#f' && rule="#$rule" || rule="$(echo "$rule"|cut -c2-)"
		sed -i $(($in_num+1))"i $rule" $RULES
		sed -i $(($in_num+2))'d' $RULES
	fi
}

reload_rules()
{
	auditctl -D
	auditctl -R $RULES
}

test_path()
{
	write_string_param path_file "$1"
	if [ -d "$1" ];then
		write_bool_param check_file false
		return
	elif [ -f "$1" ];then
		write_bool_param check_file true
	else
		write_error "`_ "Error rule: Path not found!"`"
	fi
	syscall="all"
}

test_permiss()
{
	test -n "$(echo "$1" | grep 'r')" && write_bool_param perm_r true || write_bool_param perm_r false
	test -n "$(echo "$1" | grep 'w')" && write_bool_param perm_w true || write_bool_param perm_w false
	test -n "$(echo "$1" | grep 'x')" && write_bool_param perm_x true || write_bool_param perm_x false
	test -n "$(echo "$1" | grep 'a')" && write_bool_param perm_a true || write_bool_param perm_a false
}

check_param()
{
	case "$1" in
		w)
			test_path "$2"
			write_string_param rule_list 'exit'
			write_string_param rule_action 'always'
		;;
		p)
			permiss="$2"
		;;
		a)
			write_string_param rule_list "$(echo "$2" | awk -F, '{print $1}')"
			write_string_param rule_action "$(echo "$2" | awk -F, '{print $2}')"
		;;
		F)
			local cond="$(echo $2 | grep -o "[!=<>&]")"
			local fil="$(echo $2 | awk -F$cond '{print $1}')"
			local val="$(echo $2 | awk -F$cond '{print $2}')"
			case $fil in
				perm)
					permiss="$val"
				;;
				dir|path)
					test_path "$val"
				;;
			esac
		;;
		S)
			test $2 = 'all' || syscall="$syscall $2"
		;;

	esac
}


#==============expert rules==============

list_rules()
{
	write_enum_item "task"
	write_enum_item "entry"
	write_enum_item "exit"
	write_enum_item "user"
	write_enum_item "exclude"
}

list_filters()
{
	local rule="$(echo "$in_rule" | cut -c2-)"
	test -z $rule && return
	local string="$(echo "$rule" | awk -F'-' -F' -' '{print $1}')"
        local i=1 param= value= 
	local fil= val= cond= 
	
	while [ -n "$string" ]
	do
		param="$(echo "$string" | awk -F' ' '{print $1}')"
		value="$(echo "$string" | cut -c3-)"
		case "$param" in
			F)
				cond="$(echo "$value" | grep -o "[!=<>&]")"
				fil="$(echo "$value" | awk -F$cond '{print $1}')"
				val="$(echo "$value" | awk -F$cond '{print $2}')"
				write_table_item name "$value" label "$fil" check "$cond" summary "$val"
			;;
			w)
				test -d "$value" && 
					write_table_item name "dir=$value" label "dir" check "=" summary "$value" ||
					write_table_item name "path=$value" label "path" check "=" summary "$value"
			;;
			p)
				write_table_item name "perm=$value" label "perm" check "=" summary "$value"
			;;
		esac
		i=$(($i+1))
		string="$(echo "$rule" | awk -F'-' -F' -' '{print $'$i'}')"
	done
}

list_all_filters()
{

	write_enum_item "dir"
	write_enum_item "path"
	write_enum_item "perm"
	write_enum_item "arch"
	write_enum_item "auid"
	write_enum_item "devmajor"
	write_enum_item "devminor"
	write_enum_item "egid"
	write_enum_item "euid"
	write_enum_item "exit"
	write_enum_item "fsgid"
	write_enum_item "fsuid"
	write_enum_item "gid"
	write_enum_item "inode"
	write_enum_item "key"
	write_enum_item "msgtype"
	write_enum_item "obj_user"
	write_enum_item "obj_role"
	write_enum_item "obj_type"
	write_enum_item "obj_lev_low"
	write_enum_item "obj_lev_high"
	write_enum_item "path"
	write_enum_item "perm"
	write_enum_item "pers"
	write_enum_item "pid"
	write_enum_item "ppid"
	write_enum_item "subj_user"
	write_enum_item "subj_role"
	write_enum_item "subj_type"
	write_enum_item "subj_sen"
	write_enum_item "subj_clr"
	write_enum_item "sgid"
	write_enum_item "success"
	write_enum_item "suid"
	write_enum_item "uid"
	write_enum_item "a0"
	write_enum_item "a1"
	write_enum_item "a2"
	write_enum_item "a3"
}

list_all_conditions()
{
	write_enum_item "="
	write_enum_item "!="
	write_enum_item "<"
	write_enum_item ">"
	write_enum_item "<="
	write_enum_item ">="
	write_enum_item "&"
	write_enum_item "&="
}


new_rule_name()
{
	local number=1
	local size_rules=$(wc -l $RULES_NAME | awk -F' ' '{print $1}')
	if [ $in_count > $size_rules ]; then
		for ((i=$size_rules;i<$in_count+1;i++))
		do
			echo >> $RULES_NAME
		done
	fi
#	echo >> $CONFIGDIR/Rules

	local num=$(echo $(grep -nx $in_name $RULES_NAME) | awk -F':' '{print $1}')
	if [ -z "$num" ];then
		if [ "$in_option" = "first" ];then
			sed -i '1i' "$in_name" $RULES_NAME
		else
			number=$(($in_count + 1))
			if [ "$size_rules" = "0" ];then number=$in_count;fi
			sed -i $number"i $in_name" $RULES_NAME
			sed -i $(($number+1))',$d' $RULES_NAME
		fi
	fi
	#"$in_name" "$CONFIGDIR/Rules"
#	echo "$in_name" >> $CONFIGDIR/Rules
}

new_rule_expert()
{
	local err= 
	local fil_list=$(echo "$in_filter_name" | tr ';' '\n')
	local fil_cond=$(echo "$in_filter_cond" | tr ';' '\n')
	local fil_val=$(echo "$in_filter_val" | tr ';' '\n')
	local rule= 
	
	if [ -z "$in_rule" ]; then
		write_error "`_ "Empty type of rule!"`"
		return;fi
	
	if [ -n "$in_action" ];then
		rule="$in_rule,$in_action"
	else
		rule="$in_rule,always"
	fi

	if [ "$in_option" = "syscall_all" ];then
		rule="$rule -S all"
	elif [ -n "$in_syscall" ];then
		rule="${rule}$(echo " $in_syscall" | sed 's/ \{1,\}/ /g' | sed 's/[ \t]*$//' | sed 's/ / -S /g')"
	elif [ -z "$in_filter_name"]; then
		write_error "`_ "Empty filters list!"`"
		return
	fi

	local value= cond= i=1
	while read filter
	do
		value=$(echo "$fil_val" | sed -n $i'p')
		cond=$(echo "$fil_cond" | sed -n $i'p')
		test -n "$filter" && rule="$rule -F $filter$cond$value"
		i=$(($i+1))
	done < <(echo "$fil_list")
	if [ -n "$in_name" ]; then
		err="$(auditctl -a $rule 2>&1)"
		local info="$(echo "$err" | tr -d '\n' | cut -c1)"
		if [ -z "$info" ];then
			if [ "$in_add_rule" = 'add' ];then
				echo "-a $rule" >> $RULES
				echo "$in_name" >> $RULES_NAME
			else
				test -n delete_rule && return
				rule="-a $rule"
				sed -i $(($in_num+1))"i $rule" $RULES
				sed -i $(($in_num+1))"i $in_name" $RULES_NAME
			fi
		else
		   case "$info" in
			W)
				rule="$(echo $(auditctl -l) | awk -F',| ' '{print $2}'),$(echo "$rule" | cut -d ',' -f 2-)"
				if [ "$in_add_rule" = 'add' ];then
					echo "-a $rule" >> $RULES
					echo "$in_name" >> $RULES_NAME
				else
					test -n delete_rule && return
					rule="-a $rule"
					sed -i $(($in_num+1))"i $rule" $RULES
					sed -i $(($in_num+1))"i $in_name" $RULES_NAME
				fi
			;;
			*)
				write_error "$err"
				return
			;;
		   esac
		fi
	fi
}

clean_all()
{
	write_string_param rule_action "#f"
	write_string_param filters ""
	write_string_param condition ""
	write_string_param rule_list ""
	write_string_param filter_val ""
	write_string_param name ""
}

on_message() {

    case "$in_action" in
        list)
          case "$in__objects" in
            title_table)
              title_logtable | write_enum
            ;;
#    	    filters_list)
#	      list_filters | write_enum
#	    ;;
          esac
          ;;
	read)
	;;
    esac
}


#-----------------------------templates-------------------------------------

list_templates()
{
	ls -1 "$TEMPLATES" | while read line
	do
		if [ "$line" != "system" ] && [ -z "$(echo "$line"|grep '.names')" ];then write_enum_item "$line";fi
	done

	ls -1 "$TEMPLATES/system" | while read line
	do
		write_enum_item "system/$line"
	done
}

templates()
{
	if [ "$in_what" = 'load' ];then template_load
	elif [ "$in_what" = 'save' ]; then template_save
	elif [ "$in_what" = 'remove' ]; then template_remove
	fi
}


template_load()
{
	if [ "$in_addend" != '#f' ];then
		write_error "`_ "rule: $in_template!"`"
#		auditctl -D
#		cat /dev/null > "$TEMPLATES/$in_template"
#		cat /dev/null > "$TEMPLATES/$in_template"".names"
		return
	fi
	
#	local list=$(/sbin/auditctl -l | awk -F:  '{print $2}')
	local list="$(cat $TEMPLATES/$in_template)"
#	local all_names="$(cat "$TEMPLATES/$in_template"".names")"
	local i=1 name= err=
	while read rule
	do
		err="$(auditctl $rule 2>&1)"
#		if [ -z "$all_name" ];then
			name="$(echo "$in_template"|tr '/' '_')_$i"
#		else
#			name="$(sed -n $i'p' $all_names)"
#		fi
		if [ -z "$err" ];then 
#			echo "-a$(echo $(auditctl -l | tail -n 1)| awk -F:  '{print $2}')" >> $RULES
			echo "$rule" >> $RULES
			echo "$name" >> $RULES_NAME
		else
			write_error "`_ "Error creating rules!"`""
			                ERR: $err"
			return
		fi
		name= 
		i=$(($i+1))
	done < <(echo "$list")
}

template_save()
{
	local file="$TEMPLATES/$in_name"
	if [ "$in_addend" != '#f' ];then
		if [ -n "$(echo "$in_template"|grep "^system/")" ];then
			write_error "`_ "Impossible to change. This is a systemic template!"`"
			return
		fi
		if [ -z "$in_name" ];then
			write_error "`_ "Empty name"`"
			return
		fi
		file="$TEMPLATES/$in_template"
		cat /dev/null > "$file"
		cat /dev/null > "$file"".names"
	fi
	echo "$(cat $RULES)" >> "$file"
	echo "$(cat $RULES_NAME)" >> "$file"".names"
}

template_remove()
{
	if [ -n "$(echo "$in_template"|grep "^system/")" ];then
		write_error "`_ "Impossible to remove. This is a systemic template!"`"
		return
	fi
	rm -f "$TEMPLATES/$in_template"
	rm -f "$TEMPLATES/$in_template"".names"
}

alterator_export_proc list_templates
alterator_export_proc templates

alterator_export_proc daemon_status
alterator_export_proc daemon_on

alterator_export_proc list_table
alterator_export_proc list_report
alterator_export_proc list_time
alterator_export_proc config_log
alterator_export_proc save_log
#alterator_export_proc init_config

alterator_export_proc page_table
alterator_export_proc list_size_page
alterator_export_proc list_search
alterator_export_proc change_filter
alterator_export_proc list_filter_log
alterator_export_proc init_filter

alterator_export_proc list_filters
alterator_export_proc new_rule
alterator_export_proc delete_rule
alterator_export_proc list_rules
alterator_export_proc activate_rule
alterator_export_proc reload_rules

alterator_export_proc list_all_rules
alterator_export_proc list_all_filters
alterator_export_proc list_all_conditions
alterator_export_proc config_rule
alterator_export_proc clean_all


message_loop
