mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-28 03:33:25 +02:00
ids-functions.pl: Introduce private _get_dl_rulesfile() function.
This function can be used to generate/get the absolute file and path for a given ruleset provider. The files will be stored in the usual "/var/tmp" folder with a new file format based on the dl_file type and the provider. Examples could be: * /var/ipfire/idsrules-emerging.tar.gz * /var/ipfire/idsrules-registered.tar.gz * /var/ipfire/idsrules-somprovider.rules Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This commit is contained in:
Stefan Schantl
@@ -65,9 +65,12 @@ our $providers_settings_file = "$settingsdir/providers-settings";
|
||||
# File which stores the configured settings for whitelisted addresses.
|
||||
our $ignored_file = "$settingsdir/ignored";
|
||||
|
||||
# Location and name of the tarball which contains the ruleset.
|
||||
# DEPRECATED - Location and name of the tarball which contains the ruleset.
|
||||
our $rulestarball = "/var/tmp/idsrules.tar.gz";
|
||||
|
||||
# Location where the downloaded rulesets are stored.
|
||||
our $dl_rules_path = "/var/tmp";
|
||||
|
||||
# File to store any errors, which also will be read and displayed by the wui.
|
||||
our $storederrorfile = "/tmp/ids_storederror";
|
||||
|
||||
@@ -93,6 +96,9 @@ our $idspidfile = "/var/run/suricata.pid";
|
||||
# Location of suricatactrl.
|
||||
my $suricatactrl = "/usr/local/bin/suricatactrl";
|
||||
|
||||
# Prefix for each downloaded ruleset.
|
||||
my $dl_rulesfile_prefix = "idsrules";
|
||||
|
||||
# Array with allowed commands of suricatactrl.
|
||||
my @suricatactrl_cmds = ( 'start', 'stop', 'restart', 'reload', 'fix-rules-dir', 'cron' );
|
||||
|
||||
@@ -103,6 +109,12 @@ my @cron_intervals = ('off', 'daily', 'weekly' );
|
||||
# http_ports_file.
|
||||
my @http_ports = ('80', '81');
|
||||
|
||||
# Hash which allows to convert the download type (dl_type) to a file suffix.
|
||||
my %dl_type_to_suffix = (
|
||||
"archive" => ".tar.gz",
|
||||
"plain" => ".rules",
|
||||
);
|
||||
|
||||
#
|
||||
## Function to check and create all IDS related files, if the does not exist.
|
||||
#
|
||||
@@ -431,6 +443,31 @@ sub _store_error_message ($) {
|
||||
&set_ownership("$storederrorfile");
|
||||
}
|
||||
|
||||
#
|
||||
## Private function to get the path and filename for a downloaded ruleset by a given provider.
|
||||
#
|
||||
sub _get_dl_rulesfile($) {
|
||||
my ($provider) = @_;
|
||||
|
||||
# Gather the download type for the given provider.
|
||||
my $dl_type = $IDS::Ruleset::Providers{$provider}{'dl_type'};
|
||||
|
||||
# Obtain the file suffix for the download file type.
|
||||
my $suffix = $dl_type_to_suffix{$dl_type};
|
||||
|
||||
# Check if a suffix has been found.
|
||||
unless ($suffix) {
|
||||
# Abort return - nothing.
|
||||
return;
|
||||
}
|
||||
|
||||
# Generate the full filename and path for the stored rules file.
|
||||
my $rulesfile = "$dl_rules_path/$dl_rulesfile_prefix-$provider$suffix";
|
||||
|
||||
# Return the generated filename.
|
||||
return $rulesfile;
|
||||
}
|
||||
|
||||
#
|
||||
## Function to check if the IDS is running.
|
||||
#
|
||||
|
||||
Reference in New Issue
Block a user