Rework the function to work with the latest changes and multiple
providers.
The function now does the following:
* Extract the stored rules tarballs for all enabled providers.
* Copy rules files for enabled providers which provide plain files.
* Still calls oinkmaster to set up the rules and modify them.
* Calls the merge functions for classification and sid to msg files.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This function is used to merge the individual classification files
provided by the providers.
The result will be written to the classification.config which will be
used by the IDS.
Fixes#11884.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This function is used to extract the required config and rules files
from the stored rules tarball for a given ruleset provider.
* The files will be extracted to a temporary directory layout in
"/tmp/ids_tmp".
* Names of config files will be adjusted in case multiple providers
offers the same config files, which is very common.
* The name of the single rulefiles will be adjusted to start with
the vendors name to allow assigning them very easily to a single
ruleset provider.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
multiple ruleset providers.
When calling the function now a single ruleset provider handle
can be specified to only download this ruleset or by adding "all" or
leaving the handle blank a download of all configured rulesets can be
triggered.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This function can be used to generate/get the absolute file and path
for a given ruleset provider.
The files will be stored in the usual "/var/tmp" folder with a new
file format based on the dl_file type and the provider.
Examples could be:
* /var/ipfire/idsrules-emerging.tar.gz
* /var/ipfire/idsrules-registered.tar.gz
* /var/ipfire/idsrules-somprovider.rules
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
* The page and section now supports multiple ruleset providers at once.
* Adding / Editing a ruleset provider has been moved to a own sub-page.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
The file now contains a lot more of data and easily can be extended
to provide more and new providers.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
The parsers for those are disabled in the suricata config so
the rules are not needed, on the contrary they massively will spam
warnings when launching suricate because of the disabled parsers.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
The parsers for those are disabled in the suricata config so
the rules are not needed, on the contrary they massively will spam
warnings when launching suricate because of the disabled parsers.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
- Update from 4.14.0.4 to 4.15.0.1
- Update of rootfile
- Changelog
v4.15.0.1
rebased with official coreboot repository commit 6973a3e7
v4.14.0.6
rebased with official coreboot repository commit d06c0917
Re-added GPIO bindings to fix LED and button functionality
v4.14.0.5
rebased with official coreboot repository commit d4c55353
Updated CPU declarations in ACPI to comply with newer ACPI standard
Removed GPIO bindings to fix conflict with OS drivers
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
network for download the sources has not worked with some nic's
like realtek 8169 because the phy driver was missing.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
