ids-functions.pl: Do not longer extract all rulefiles in archive.
Commit Message
Only extract rulefiles which are located in a rules directory and/or in the archive
root.
This prevents us from extracting experimental or binary rules etc. which
often are located in corresponding sub-directories.
Reference: #12794.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
config/cfgroot/ids-functions.pl | 3 +++
1 file changed, 3 insertions(+)
@@ -533,6 +533,9 @@ sub extractruleset ($) {
# Handle rules files.
} elsif ($file =~ m/\.rules$/) {
+ # Skip rule files which are not located in the rules directory or archive root.
+ next unless(($packed_file =~ /^rules\//) || ($packed_file !~ /\//));
+
my $rulesfilename;
# Splitt the filename into chunks.