In case a rulestarball contains several same-named rulefiles
they have been overwritten each time and so only contained the content
from the last extracted one.
Now the content of those files will be merged by appending the content
to the first extracted one for each time.
Fixes#12792.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
In case a rulestarball contains several same-named rulefiles
they have been overwritten each time and so only contained the content
from the last extracted one.
Now the content of those files will be merged by appending the content
to the first extracted one for each time.
Fixes#12792.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This commit allows the ipset_restore() function to auto-detect
which set file needs to be restored.
Currently it is limitated to country codes only, because we currently
does not support anything else.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Instead of stupidly destroying all ipsets, we now grab the already loaded sets
and compare them with the loaded sets during runtime of the script.
So we are now able to determine which sets are not longer required and
safely can destroy (unload) at a later time.
This saves us from taking care about dropping/flushing rules which are
based on ipset before we can destroy them - because only unused sets are
affected.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Inspired-by: Tim FitzGeorge <ipfr@tfitzgeorge.me.uk>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
We are almost running as an unprivileged user and therfore have not
the permissions to do this.
This will save us a lot of confusion error messages.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Sometimes, we restore a backup that has been created earlier before
exclude files have been changed. To avoid overwriting those files, we
will consider the exlude list upon restore.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This file is a system configuration file and does not contain any
configruation from the user.
Since it can be overwritten in a backup and restored to an older state,
this can cause problems such as #12788.
Fixes: #12788
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
our current suricata version not support JA3 based rules so
this drop the providers from the list.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This kernel configuration is a copy of our kernel configuration for
x86_64 on which I ran "make olddefconfig" which will set any unknown
values to their defaults.
This exists so that we have some kernel (which I did not try to boot) to
complete the build process.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This package tries to identify if it is actually installed and does that
in a rather unorthodox way. So, thoses files are needed to run the "oci"
command. Only god knows why.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
