Module/Rule.DnsServerSetting/Convert/DnsServerSettingRule.Convert.psm1
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 |
# Copyright (c) Microsoft Corporation. All rights reserved. # Licensed under the MIT License. using module .\..\..\Common\Common.psm1 using module .\..\DnsServerSettingRule.psm1 $exclude = @($MyInvocation.MyCommand.Name,'Template.*.txt') $supportFileList = Get-ChildItem -Path $PSScriptRoot -Exclude $exclude foreach ($supportFile in $supportFileList) { Write-Verbose "Loading $($supportFile.FullName)" . $supportFile.FullName } # Header <# .SYNOPSIS Convert the contents of an xccdf check-content element into an Dns Server Setting object .DESCRIPTION The DnsServerSettingRuleConvert class is used to extract the Dns Server settings from the check-content of the xccdf. Once a STIG rule is identified as a DNS server setting, it is passed to the DnsServerSettingRuleConvert class for parsing and validation. #> class DnsServerSettingRuleConvert : DnsServerSettingRule { <# .SYNOPSIS Empty constructor for SplitFactory #> DnsServerSettingRuleConvert () { } <# .SYNOPSIS Converts a xccdf stig rule element into a Dns Server Setting Rule .PARAMETER XccdfRule The STIG rule to convert #> DnsServerSettingRuleConvert ([xml.xmlelement] $XccdfRule) : base ($XccdfRule, $true) { $this.SetDnsServerPropertyName() $this.SetDnsServerPropertyValue() $this.SetDuplicateRule() if ($this.IsExistingRule($global:stigSettings)) { $newId = Get-AvailableId -Id $this.Id $this.set_id($newId) } $this.SetDscResource() } #region Methods <# .SYNOPSIS Extracts the DNS server setting name from the check-content and sets the value .DESCRIPTION Gets the DNS server setting name from the xccdf content and sets the value. If the DNS server setting that is returned is not a valid name, the parser status is set to fail. #> [void] SetDnsServerPropertyName () { $thisDnsServerSettingPropertyName = Get-DnsServerSettingProperty -CheckContent $this.SplitCheckContent if (-not $this.SetStatus($thisDnsServerSettingPropertyName)) { $this.set_PropertyName($thisDnsServerSettingPropertyName) } } <# .SYNOPSIS Extracts the DNS server setting value from the check-content and sets the value .DESCRIPTION Gets the DNS server setting value from the xccdf content and sets the value. If the DNS server setting that is returned is not a valid property, the parser status is set to fail. #> [void] SetDnsServerPropertyValue () { $thisDnsServerSettingPropertyValue = Get-DnsServerSettingPropertyValue -CheckContent $this.SplitCheckContent if (-not $this.SetStatus($thisDnsServerSettingPropertyValue)) { $this.set_PropertyValue($thisDnsServerSettingPropertyValue) } } hidden [void] SetDscResource () { if ($null -eq $this.DuplicateOf) { $this.DscResource = 'xDnsServerSetting' } else { $this.DscResource = 'None' } } static [bool] Match ([string] $CheckContent) { if ( $CheckContent -Match 'dnsmgmt\.msc' -and $CheckContent -NotMatch 'Forward Lookup Zones' -and $CheckContent -Notmatch 'Logs\\Microsoft' -and $CheckContent -NotMatch 'Verify the \"root hints\"' ) { return $true } return $false } #endregion } |