diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 86a469cb2..accb91983 100644
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -61,6 +61,7 @@ $snortsettings{'INSTALLDATE'} = '';
&Header::getcgihash(\%cgiparams);
my $snortrulepath = "/etc/snort/rules";
+my $snortusedrulefilesfile = "${General::swroot}/snort/snort-used-rulefiles.conf";
my $restartsnortrequired = 0;
my %snortrules;
my $errormessage;
@@ -92,6 +93,40 @@ opendir(DIR, $snortrulepath) or die $!;
closedir(DIR);
+# Gather used rulefiles.
+#
+# Check if the file for activated rulefiles is not empty.
+if(-f $snortusedrulefilesfile) {
+ # Open the file for used rulefile and read-in content.
+ open(FILE, $snortusedrulefilesfile) or die "Could not open $snortusedrulefilesfile. $!\n";
+
+ # Read-in content.
+ my @lines = ;
+
+ # Close file.
+ close(FILE);
+
+ # Loop through the array.
+ foreach my $line (@lines) {
+ # Remove newlines.
+ chomp($line);
+
+ # Skip comments.
+ next if ($line =~ /\#/);
+
+ # Skip blank lines.
+ next if ($line =~ /^\s*$/);
+
+ # Gather rule sid and message from the ruleline.
+ if ($line =~ /.*include \$RULE_PATH\/(.*)/) {
+ my $rulefile = $1;
+
+ # Add the rulefile to the %snortrules hash.
+ $snortrules{$rulefile}{'Rulefile'}{'State'} = "on";
+ }
+ }
+}
+
# Save ruleset.
if ($cgiparams{'RULESET'} eq $Lang::tr{'update'}) {
my $enabled_sids_file = "${General::swroot}/snort/oinkmaster-enabled-sids.conf";
@@ -100,9 +135,16 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'update'}) {
# Arrays to store sid which should be added to the corresponding files.
my @enabled_sids;
my @disabled_sids;
+ my @enabled_rulefiles;
# Loop through the hash of snortrules.
foreach my $rulefile(keys %snortrules) {
+ # Check if the rulefile is enabled.
+ if ($cgiparams{$rulefile} eq "on") {
+ # Add rulefile to the array of enabled rulefiles.
+ push(@enabled_rulefiles, $rulefile);
+ }
+
# Loop through the single rules of the rulefile.
foreach my $sid (keys %{$snortrules{$rulefile}}) {
# Check if there exists a key in the cgiparams hash for this sid.
@@ -167,6 +209,23 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'update'}) {
# Close file after writing.
close(FILE);
}
+
+ # Open file for used rulefiles.
+ open (FILE, ">$snortusedrulefilesfile") or die "Could not wirte to $snortusedrulefilesfile. $!\n";
+
+ # Write header to file.
+ print FILE "#Autogenerated file. Any custom changes will be overwritten!\n";
+
+ # Check if the enabled_rulefiles array contains any entries.
+ if (@enabled_rulefiles) {
+ # Loop through the array of rulefiles which should be loaded and write the to the file.
+ foreach my $file (@enabled_rulefiles) {
+ print FILE "include \$RULE_PATH/$file\n";
+ }
+ }
+
+ # Close file after writing.
+ close(FILE);
}
if ($snortsettings{'OINKCODE'} ne "") {
@@ -421,14 +480,14 @@ END
my $rulechecked = '';
# Check if rule file is enabled
- if ($snortrules{$rulefile}{"State"} eq 'On') {
+ if ($snortrules{$rulefile}{'Rulefile'}{'State'} eq 'on') {
$rulechecked = 'CHECKED';
}
# Table and rows for the rule files.
print"
\n";
print"
\n";
- print"\n";
+ print"\n";
print"
\n";
print"
$rulefile
\n";
print"
\n";
@@ -453,6 +512,9 @@ END
# Local vars
my $ruledefchecked = '';
+ # Skip rulefile itself.
+ next if ($sid eq "Rulefile");
+
# If 2 rules have been displayed, start a new row
if (($lines % 2) == 0) {
print "