webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-27 03:07:43 +02:00
Code Issues Packages Projects Releases Wiki Activity

ids-functions.pl: Rework function write_modify_sids_file().

Browse Source 
Directly implement the logic to determine the used ruleset and if
IDS or IPS mode should be used into the function instead of pass those
details as arguments.

This helps to prevent from doing this stuff at several places again and again.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Stefan Schantl
2019-06-05 20:56:33 +02:00
committed by Michael Tremer
parent a40bcbb02c
commit 81bae51f61
2 changed files with 13 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
html/cgi-bin/ids.cgi
View File

@@ -370,21 +370,8 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'save'}) {
# a new ruleset.
&working_notice("$Lang::tr{'ids working'}");
&General::readhash("$IDS::ids_settings_file", \%idssettings);
# Temporary variable to set the ruleaction.
# Default is "drop" to use suricata as IPS.
my $ruleaction="drop";
# Check if the traffic only should be monitored.
if($idssettings{'MONITOR_TRAFFIC_ONLY'} eq 'on') {
# Switch the ruleaction to "alert".
# Suricata acts as an IDS only.
$ruleaction="alert";
}
# Write the modify sid's file and pass the taken ruleaction.
&IDS::write_modify_sids_file($ruleaction, $cgiparams{'RULES'});
&IDS::write_modify_sids_file();
# Call subfunction to download the ruleset.
if(&IDS::downloadruleset()) {
@@ -614,21 +601,8 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'save'}) {
# Generate file to store the home net.
&IDS::generate_home_net_file();
# Temporary variable to set the ruleaction.
# Default is "drop" to use suricata as IPS.
my $ruleaction="drop";
# Check if the traffic only should be monitored.
if($cgiparams{'MONITOR_TRAFFIC_ONLY'} eq 'on') {
# Switch the ruleaction to "alert".
# Suricata acts as an IDS only.
$ruleaction="alert";
}
&General::readhash("$IDS::rules_settings_file", \%rulessettings);
# Write the modify sid's file and pass the taken ruleaction.
&IDS::write_modify_sids_file($ruleaction, $rulessettings{'RULES'});
&IDS::write_modify_sids_file();
# Check if "MONITOR_TRAFFIC_ONLY" has been changed.
if($cgiparams{'MONITOR_TRAFFIC_ONLY'} ne $oldidssettings{'MONITOR_TRAFFIC_ONLY'}) {