diff mbox series

ids-functions.pl: Introduce file for local rules.

Message ID 20200122134034.2729-1-stefan.schantl@ipfire.org
State Accepted
Commit 612bb2dff9c436f3a748c3572808ca699a21287f
Headers
Series ids-functions.pl: Introduce file for local rules. |

Commit Message

Stefan Schantl Jan. 22, 2020, 1:40 p.m. UTC 
  This file is to be used, to store customized IDS rules.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
 config/cfgroot/ids-functions.pl | 6 ++++++
 1 file changed, 6 insertions(+)

Comments

Michael Tremer Jan. 23, 2020, 10:45 p.m. UTC | #1 
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>

> On 22 Jan 2020, at 13:40, Stefan Schantl <stefan.schantl@ipfire.org> wrote:
> 
> This file is to be used, to store customized IDS rules.
> 
> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
> ---
> config/cfgroot/ids-functions.pl | 6 ++++++
> 1 file changed, 6 insertions(+)
> 
> diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl
> index 3fa19fab7..3cfe837db 100644
> --- a/config/cfgroot/ids-functions.pl
> +++ b/config/cfgroot/ids-functions.pl
> @@ -67,6 +67,9 @@ our $ids_page_lock_file = "/tmp/ids_page_locked";
> # Location where the rulefiles are stored.
> our $rulespath = "/var/lib/suricata";
> 
> +# Location to store local rules. This file will not be touched.
> +our $local_rules_file = "$rulespath/local.rules";
> +
> # File which contains the rules to whitelist addresses on suricata.
> our $whitelist_file = "$rulespath/whitelist.rules";
> 
> @@ -581,6 +584,9 @@ sub _cleanup_rulesdir() {
> 		# Skip rules file for whitelisted hosts.
> 		next if ("$rulespath/$file" eq $whitelist_file);
> 
> +		# Skip rules file with local rules.
> +		next if ("$rulespath/$file" eq $local_rules_file);
> +
> 		# Delete the current processed file, if not, exit this function
> 		# and return an error message.
> 		unlink("$rulespath/$file") or return "Could not delete $rulespath/$file. $!\n";
> -- 
> 2.25.0.rc0
>
diff mbox series

Patch

diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl
index 3fa19fab7..3cfe837db 100644
--- a/config/cfgroot/ids-functions.pl
+++ b/config/cfgroot/ids-functions.pl
@@ -67,6 +67,9 @@  our $ids_page_lock_file = "/tmp/ids_page_locked";
 # Location where the rulefiles are stored.
 our $rulespath = "/var/lib/suricata";
 
+# Location to store local rules. This file will not be touched.
+our $local_rules_file = "$rulespath/local.rules";
+
 # File which contains the rules to whitelist addresses on suricata.
 our $whitelist_file = "$rulespath/whitelist.rules";
 
@@ -581,6 +584,9 @@  sub _cleanup_rulesdir() {
 		# Skip rules file for whitelisted hosts.
 		next if ("$rulespath/$file" eq $whitelist_file);
 
+		# Skip rules file with local rules.
+		next if ("$rulespath/$file" eq $local_rules_file);
+
 		# Delete the current processed file, if not, exit this function
 		# and return an error message.
 		unlink("$rulespath/$file") or return "Could not delete $rulespath/$file. $!\n";