From patchwork Tue Aug 14 20:01:53 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Stefan Schantl <stefan.schantl@ipfire.org>
X-Patchwork-Id: 1883
Return-Path: <development-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.i.ipfire.org [172.28.1.200])
	by web02.i.ipfire.org (Postfix) with ESMTP id E05F961A23
	for <patchwork@web02.i.ipfire.org>; Tue, 14 Aug 2018 12:02:01 +0200 (CEST)
Received: from mail01.i.ipfire.org (localhost [IPv6:::1])
	by mail01.ipfire.org (Postfix) with ESMTP id 296AD10FE23F;
	Tue, 14 Aug 2018 11:02:01 +0100 (BST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801;
	t=1534240921; h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:content-type:
	 content-transfer-encoding:in-reply-to:in-reply-to:
	 references:references:list-id:list-unsubscribe:list-subscribe:list-post;
	bh=dveTya+goa9639/sO+sbysjdi5C6rayIEhOpbs+wlgI=;
	b=z6aMxk6ewk9/bkhUMQ0/ceZWjy+F3o5ovFr45fSjWHf61U4q4k0uztxKu8+w7CVK0mA3kp
	erciuRgzIsxBuHMNSsxrdQ/XhPvaSy29zupbRx9RCyYrsX8ouIL+2J5eDcD7zbGYcawvvn
	1Al17HJSRSO5NCr8/oMwyyxT+JGJQK4+zxi6g/prpkkyim6YErrZ7GXHsWDtWbOG4xt4a3
	lJB/MMWCV78RRvy57Vi/JAtOjqN4b+Ipe3TBeALXjoC/7GDZLyz5A4traltDgTWfleTXfP
	GBr4zyDhKz2gKx6hi9AVNk5AVFCnVJA53r9v74IoC28fUXh+4MXGefDoGXFXkA==
Received: from tuxedo.stevee (078132082123.public.t-mobile.at [78.132.82.123])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
 bits)) (Client did not present a certificate)
 by mail01.ipfire.org (Postfix) with ESMTPSA id 12C1310A5541;
 Tue, 14 Aug 2018 11:01:57 +0100 (BST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801;
 t=1534240918;
 h=from:from:sender:reply-to:subject:subject:date:date:
 message-id:message-id:to:to:cc:cc:mime-version:content-type:
 content-transfer-encoding:in-reply-to:in-reply-to:  references:references;
 bh=dveTya+goa9639/sO+sbysjdi5C6rayIEhOpbs+wlgI=;
 b=sy6rqllKN5MKvSv+rn273xVHpksnNeU/rG7BbSyAoKRXudQjgNDtHwBs/pPrXoskvpU67x
 tNuICBEcXkEQ+VFewMY6eXCCii7Bj5FM820J6lP3a3be+4H7GEr1v/QKgcuwLG/2FQWsLa
 z+9An6GyuRY2gbS5ZVvyRe1dprSMMq0aPb/bp1DVUgC0Z4l6s1k9wkbftBjeOHnsBnh6gg
 iq3x0fbzT07pRdwrSiP9QV1DJzEfaTkHIT65IQ+N2sHnbCuXiOS8657XAkobtAK1oYPdYY
 giaicvQLExFMDkm1/Hf7YJHI+5D/tAjxiC3D4n31hkK+I5dfSyVg6yxKPWiIBg==
From: Stefan Schantl <stefan.schantl@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCHv2] logs.cgi/ids.dat: Rework linking to external rule
 documentation.
Date: Tue, 14 Aug 2018 12:01:53 +0200
Message-Id: <20180814100153.6901-1-stefan.schantl@ipfire.org>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <8653e3a2ac4ca12aa6ee5040825f1b63b5b70033.camel@ipfire.org>
References: <8653e3a2ac4ca12aa6ee5040825f1b63b5b70033.camel@ipfire.org>
Authentication-Results: mail01.ipfire.org;
 auth=pass smtp.auth=stevee smtp.mailfrom=stefan.schantl@ipfire.org
X-Spamd-Result: default: False [-6.10 / 11.00]; ARC_NA(0.00)[];
 FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[];
 TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain];
 REPLY(-4.00)[]; DKIM_SIGNED(0.00)[]; RCPT_COUNT_TWO(0.00)[2];
 MID_CONTAINS_FROM(1.00)[]; RCVD_COUNT_ZERO(0.00)[0];
 FROM_EQ_ENVFROM(0.00)[];
 ASN(0.00)[asn:8412, ipnet:78.132.0.0/17, country:AT];
 RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-3.00)[100.00%]
X-Spam-Status: No, score=-6.10
X-Rspamd-Server: mail01.i.ipfire.org
X-BeenThere: development@lists.ipfire.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IPFire development talk <development.lists.ipfire.org>
List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>,
 <mailto:development-request@lists.ipfire.org?subject=unsubscribe>
List-Archive: <https://lists.ipfire.org/pipermail/development/>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development-request@lists.ipfire.org?subject=help>
List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>,
 <mailto:development-request@lists.ipfire.org?subject=subscribe>
Errors-To: development-bounces@lists.ipfire.org
Sender: "Development" <development-bounces@lists.ipfire.org>

Check if the sid of a rule belongs to sourcefire and link to the
changed URL for gathering more details. If the sid of the rule belongs
to emergingthreads now link to the emergingthreads documentation.

Fixes #11806.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
 html/cgi-bin/logs.cgi/ids.dat | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/html/cgi-bin/logs.cgi/ids.dat b/html/cgi-bin/logs.cgi/ids.dat
index 98176d690..030fd4b64 100644
--- a/html/cgi-bin/logs.cgi/ids.dat
+++ b/html/cgi-bin/logs.cgi/ids.dat
@@ -335,10 +335,18 @@ print <<END
 <td valign='top'>
 END
 	;
-	if ($sid ne "n/a") {
-		print "<a href='https://www.snort.org/rule_docs/$sid' ";
+	if ($sid eq "n/a") {
+		print $sid;
+	} elsif ($sid < 1000000) {
+		# Link to sourcefire if the the rule sid is less than 1000000.
+		print "<a href='https://www.snort.org/rule_docs/1-$sid' ";
+		print "target='_blank'>$sid</a></td>\n";
+	} elsif ($sid >= 2000000 and $sid < 3000000) {
+		# Link to emergingthreats if the rule sid is between 2000000 and 3000000.
+		print "<a href='http://doc.emergingthreats.net/$sid' ";
 		print "target='_blank'>$sid</a></td>\n";
 	} else {
+		# No external link for user defined rules
 		print $sid;
 	}
 print <<END