# HG changeset patch
# User Jean-Francois Pieronne <jf.pieronne@laposte.net>
# Date 1587571513 -7200
#      Wed Apr 22 18:05:13 2020 +0200
# Node ID 23479c332cced3574f393b139426c314e70470b1
# Parent  d9b23f5382c249ff1767c3910d66a0389d709bdc
secrules/rules15.py initial version

diff --git a/secrules/rules15.py b/secrules/rules15.py
new file mode 100644
--- /dev/null
+++ b/secrules/rules15.py
@@ -0,0 +1,37 @@
+# -*- coding: iso-8859-1 -*-
+
+from common import level_rule
+import os
+from secrules import FindFile
+
+__version__ = '1.0'
+
+@level_rule(1)
+def rule1501(fo, fmt):
+    if not fmt:
+        print >>fo, 'RULE 1501'
+        print >>fo, '========='
+
+    with os.popen('TCPIP SHOW SERVICES') as p:
+        r = [x[:-1].rstrip() for x in p]
+
+    for l in r:
+        if (l == ''):
+            continue
+        if l[:7] == 'Service':
+            continue
+        s = l.split()
+        if s[0] in 'FINGER,FTP,RLOGIN,SNMP,TELNET,REXEC,RSH': 
+            if s[5]=='0.0.0.0':
+                v = '%s %s' % (s[0], s[6])
+            else: 
+                v = '%s %s' % (s[0], s[5])
+            if fmt:
+                print >>fo,  '1501�1�', v
+            else:
+                print >>fo, v
+
+if __name__ == '__main__':
+    import sys
+    fo = open(sys.argv[1], 'w') if len(sys.argv) > 1 else sys.stdout
+    rule1501(fo, len(sys.argv) > 2)