From patchwork Tue Apr  9 04:20:18 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Stefan Schantl <stefan.schantl@ipfire.org>
X-Patchwork-Id: 2193
Return-Path: <development-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.i.ipfire.org [172.28.1.200])
	(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256
	bits)) (Client CN "mail01.ipfire.org",
	Issuer "Let's Encrypt Authority X3" (verified OK))
	by web07.i.ipfire.org (Postfix) with ESMTPS id 5500888E621
	for <patchwork@web07.i.ipfire.org>;
	Mon,  8 Apr 2019 19:20:25 +0100 (BST)
Received: from mail01.i.ipfire.org (localhost [IPv6:::1])
	by mail01.ipfire.org (Postfix) with ESMTP id 44dJcm3xb1z5Dtqg;
	Mon,  8 Apr 2019 19:20:24 +0100 (BST)
Received: from tuxedo.stevee (212095005041.public.telering.at [212.95.5.41])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (Client did not present a certificate)
	by mail01.ipfire.org (Postfix) with ESMTPSA id 44dJcj3Cmhz5DtqW;
	Mon,  8 Apr 2019 19:20:21 +0100 (BST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org;
	s=201904rsa;
	t=1554747621; h=from:from:sender:reply-to:subject:subject:date:date:
	message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	content-type:content-transfer-encoding:content-transfer-encoding:
	in-reply-to:references;
	bh=THfEeWdtalxQIY32vIMeitdNdXd/WAq4eSU3IXkFHZg=;
	b=tGQxPdp2ohUTNUybrloJr5SMNxc9aYtMgNP4Bn/fekNJPh4m0ZK2Bj0zXXF7aPhQR8L8i/
	NjmlnmuP9F9EvCkhQidAcdAr9Gz7hmgf0uVDdZddfi3jdoScKIpo2mT8g7QO8yDujHcPvt
	c5e1TH88hLeA5EPpHtunyD/33xoYomeMdw13Cz0fMpANZSGP+XesHrgkgQh2zowfJN67ww
	o+09H/0qvKLbcAagk23c4s354oWLK8VdEnixKeEkmox4PKtnM3O0x6AQemSIG2yR8HfoXE
	4CmAwn6et7/RE+FgL0YOjTCXhqLKiS8oXF153xPkgEwRgcXe2q8EV5L+d7k7cQ==
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org;
	s=201904ed25519; t=1554747621;
	h=from:from:sender:reply-to:subject:subject:date:date:
	message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	content-type:content-transfer-encoding:content-transfer-encoding:
	in-reply-to:references;
	bh=THfEeWdtalxQIY32vIMeitdNdXd/WAq4eSU3IXkFHZg=;
	b=XAkm6HBnGUlTm1H3kwn6q6/+oM9Bpi338i6Vq0+EI0w+QUhB8oKyl/Nt4NAQLoYqucJ/6T
	vjDkt3Tpn4SUbUCg==
From: Stefan Schantl <stefan.schantl@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] convert-snort: Re-order steps at end of script
Date: Mon,  8 Apr 2019 20:20:18 +0200
Message-Id: <20190408182018.5927-1-stefan.schantl@ipfire.org>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
Authentication-Results: mail01.ipfire.org;
	auth=pass smtp.auth=stevee smtp.mailfrom=stefan.schantl@ipfire.org
X-BeenThere: development@lists.ipfire.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IPFire development talk <development.lists.ipfire.org>
List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>,
	<mailto:development-request@lists.ipfire.org?subject=unsubscribe>
List-Archive: <https://lists.ipfire.org/pipermail/development/>
List-Post: <mailto:development@lists.ipfire.org>
List-Help: <mailto:development-request@lists.ipfire.org?subject=help>
List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>,
	<mailto:development-request@lists.ipfire.org?subject=subscribe>
Errors-To: development-bounces@lists.ipfire.org
Sender: "Development" <development-bounces@lists.ipfire.org>

This will ensure that the whole IDS is configured property, if
no or an empty snort config file is present.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
 config/suricata/convert-snort | 36 +++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/config/suricata/convert-snort b/config/suricata/convert-snort
index 19aa38fbc..0ad2942b1 100644
--- a/config/suricata/convert-snort
+++ b/config/suricata/convert-snort
@@ -253,7 +253,24 @@ if (-f $IDS::rulestarball) {
 }
 
 #
-## Step 8: Grab used ruleset files from snort config file and convert
+## Step 8: Generate file for the HOME Net.
+#
+
+# Call subfunction to generate the file.
+&IDS::generate_home_net_file();
+
+#
+## Step 9: Setup automatic ruleset updates.
+#
+
+# Check if a ruleset is configured.
+if($rulessettings{"RULES"}) {
+	# Call suricatactrl and setup the periodic update mechanism.
+	&IDS::call_suricatactrl("cron", $rulessettings{'AUTOUPDATE_INTERVAL'});
+}
+
+#
+## Step 10: Grab used ruleset files from snort config file and convert
 ##         them into the new format.
 #
 
@@ -298,23 +315,6 @@ close(SNORTCONF);
 # Pass the array of enabled rule files to the subfunction and write the file.
 &IDS::write_used_rulefiles_file(@enabled_rule_files);
 
-#
-## Step 9: Generate file for the HOME Net.
-#
-
-# Call subfunction to generate the file.
-&IDS::generate_home_net_file();
-
-#
-## Step 10: Setup automatic ruleset updates.
-#
-
-# Check if a ruleset is configured.
-if($rulessettings{"RULES"}) {
-	# Call suricatactrl and setup the periodic update mechanism.
-	&IDS::call_suricatactrl("cron", $rulessettings{'AUTOUPDATE_INTERVAL'});
-}
-
 #
 ## Step 11: Start the IDS if enabled.
 #