[PATCHv2] logs.cgi/ids.dat: Rework linking to external rule documentation.
Commit Message
Check if the sid of a rule belongs to sourcefire and link to the
changed URL for gathering more details. If the sid of the rule belongs
to emergingthreads now link to the emergingthreads documentation.
Fixes #11806.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
html/cgi-bin/logs.cgi/ids.dat | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
Comments
Thanks. Merged.
On Tue, 2018-08-14 at 12:01 +0200, Stefan Schantl wrote:
> Check if the sid of a rule belongs to sourcefire and link to the
> changed URL for gathering more details. If the sid of the rule belongs
> to emergingthreads now link to the emergingthreads documentation.
>
> Fixes #11806.
>
> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
> ---
> html/cgi-bin/logs.cgi/ids.dat | 12 ++++++++++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
>
> diff --git a/html/cgi-bin/logs.cgi/ids.dat b/html/cgi-bin/logs.cgi/ids.dat
> index 98176d690..030fd4b64 100644
> --- a/html/cgi-bin/logs.cgi/ids.dat
> +++ b/html/cgi-bin/logs.cgi/ids.dat
> @@ -335,10 +335,18 @@ print <<END
> <td valign='top'>
> END
> ;
> - if ($sid ne "n/a") {
> - print "<a href='https://www.snort.org/rule_docs/$sid' ";
> + if ($sid eq "n/a") {
> + print $sid;
> + } elsif ($sid < 1000000) {
> + # Link to sourcefire if the the rule sid is less than 1000000.
> + print "<a href='https://www.snort.org/rule_docs/1-$sid' ";
> + print "target='_blank'>$sid</a></td>\n";
> + } elsif ($sid >= 2000000 and $sid < 3000000) {
> + # Link to emergingthreats if the rule sid is between 2000000 and 3000000.
> + print "<a href='http://doc.emergingthreats.net/$sid' ";
> print "target='_blank'>$sid</a></td>\n";
> } else {
> + # No external link for user defined rules
> print $sid;
> }
> print <<END
@@ -335,10 +335,18 @@ print <<END
<td valign='top'>
END
;
- if ($sid ne "n/a") {
- print "<a href='https://www.snort.org/rule_docs/$sid' ";
+ if ($sid eq "n/a") {
+ print $sid;
+ } elsif ($sid < 1000000) {
+ # Link to sourcefire if the the rule sid is less than 1000000.
+ print "<a href='https://www.snort.org/rule_docs/1-$sid' ";
+ print "target='_blank'>$sid</a></td>\n";
+ } elsif ($sid >= 2000000 and $sid < 3000000) {
+ # Link to emergingthreats if the rule sid is between 2000000 and 3000000.
+ print "<a href='http://doc.emergingthreats.net/$sid' ";
print "target='_blank'>$sid</a></td>\n";
} else {
+ # No external link for user defined rules
print $sid;
}
print <<END