mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-24 01:42:58 +02:00
ids.cgi: Move and rename GenerateIgnoreList() function to ids-functions.pl
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This commit is contained in:
Stefan Schantl
@@ -746,4 +746,52 @@ sub get_suricata_version($) {
|
||||
}
|
||||
}
|
||||
|
||||
#
|
||||
## Function to generate the rules file with whitelisted addresses.
|
||||
#
|
||||
sub generate_ignore_file() {
|
||||
my %ignored = ();
|
||||
|
||||
# SID range 1000000-1999999 Reserved for Local Use
|
||||
# Put your custom rules in this range to avoid conflicts
|
||||
my $sid = 1500000;
|
||||
|
||||
# Read-in ignoredfile.
|
||||
&General::readhasharray($IDS::ignored_file, \%ignored);
|
||||
|
||||
# Open ignorefile for writing.
|
||||
open(FILE, ">$IDS::whitelist_file") or die "Could not write to $IDS::whitelist_file. $!\n";
|
||||
|
||||
# Config file header.
|
||||
print FILE "# Autogenerated file.\n";
|
||||
print FILE "# All user modifications will be overwritten.\n\n";
|
||||
|
||||
# Add all user defined addresses to the whitelist.
|
||||
#
|
||||
# Check if the hash contains any elements.
|
||||
if (keys (%ignored)) {
|
||||
# Loop through the entire hash and write the host/network
|
||||
# and remark to the ignore file.
|
||||
while ( (my $key) = each %ignored) {
|
||||
my $address = $ignored{$key}[0];
|
||||
my $remark = $ignored{$key}[1];
|
||||
my $status = $ignored{$key}[2];
|
||||
|
||||
# Check if the status of the entry is "enabled".
|
||||
if ($status eq "enabled") {
|
||||
# Check if the address/network is valid.
|
||||
if ((&General::validip($address)) || (&General::validipandmask($address))) {
|
||||
# Write rule line to the file to pass any traffic from this IP
|
||||
print FILE "pass ip $address any -> any any (msg:\"pass all traffic from/to $address\"\; sid:$sid\;)\n";
|
||||
|
||||
# Increment sid.
|
||||
$sid++;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
close(FILE);
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
@@ -131,7 +131,7 @@ if (($cgiparams{'WHITELIST'} eq $Lang::tr{'add'}) || ($cgiparams{'WHITELIST'} eq
|
||||
&General::writehasharray($IDS::ignored_file, \%ignored);
|
||||
|
||||
# Regenerate the ignore file.
|
||||
&GenerateIgnoreFile();
|
||||
&IDS::generate_ignore_file();
|
||||
}
|
||||
|
||||
# Check if the IDS is running.
|
||||
@@ -174,7 +174,7 @@ if (($cgiparams{'WHITELIST'} eq $Lang::tr{'add'}) || ($cgiparams{'WHITELIST'} eq
|
||||
&General::writehasharray($IDS::ignored_file, \%ignored);
|
||||
|
||||
# Regenerate the ignore file.
|
||||
&GenerateIgnoreFile();
|
||||
&IDS::generate_ignore_file();
|
||||
|
||||
# Check if the IDS is running.
|
||||
if(&IDS::ids_is_running()) {
|
||||
@@ -201,7 +201,7 @@ if (($cgiparams{'WHITELIST'} eq $Lang::tr{'add'}) || ($cgiparams{'WHITELIST'} eq
|
||||
&General::writehasharray($IDS::ignored_file, \%ignored);
|
||||
|
||||
# Regenerate the ignore file.
|
||||
&GenerateIgnoreFile();
|
||||
&IDS::generate_ignore_file();
|
||||
|
||||
# Check if the IDS is running.
|
||||
if(&IDS::ids_is_running()) {
|
||||
@@ -1208,54 +1208,6 @@ sub get_memory_usage($) {
|
||||
return;
|
||||
}
|
||||
|
||||
#
|
||||
## Function to generate the rules file with whitelisted addresses.
|
||||
#
|
||||
sub GenerateIgnoreFile() {
|
||||
my %ignored = ();
|
||||
|
||||
# SID range 1000000-1999999 Reserved for Local Use
|
||||
# Put your custom rules in this range to avoid conflicts
|
||||
my $sid = 1500000;
|
||||
|
||||
# Read-in ignoredfile.
|
||||
&General::readhasharray($IDS::ignored_file, \%ignored);
|
||||
|
||||
# Open ignorefile for writing.
|
||||
open(FILE, ">$IDS::whitelist_file") or die "Could not write to $IDS::whitelist_file. $!\n";
|
||||
|
||||
# Config file header.
|
||||
print FILE "# Autogenerated file.\n";
|
||||
print FILE "# All user modifications will be overwritten.\n\n";
|
||||
|
||||
# Add all user defined addresses to the whitelist.
|
||||
#
|
||||
# Check if the hash contains any elements.
|
||||
if (keys (%ignored)) {
|
||||
# Loop through the entire hash and write the host/network
|
||||
# and remark to the ignore file.
|
||||
while ( (my $key) = each %ignored) {
|
||||
my $address = $ignored{$key}[0];
|
||||
my $remark = $ignored{$key}[1];
|
||||
my $status = $ignored{$key}[2];
|
||||
|
||||
# Check if the status of the entry is "enabled".
|
||||
if ($status eq "enabled") {
|
||||
# Check if the address/network is valid.
|
||||
if ((&General::validip($address)) || (&General::validipandmask($address))) {
|
||||
# Write rule line to the file to pass any traffic from this IP
|
||||
print FILE "pass ip $address any -> any any (msg:\"pass all traffic from/to $address\"\; sid:$sid\;)\n";
|
||||
|
||||
# Increment sid.
|
||||
$sid++;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
close(FILE);
|
||||
}
|
||||
|
||||
#
|
||||
## Function to read-in the given enabled or disables sids file.
|
||||
#
|
||||
|
||||
Reference in New Issue
Block a user