our $etags_file = "$settingsdir/etags";
# Location where the downloaded rulesets are stored.
-our $dl_rules_path = "/var/tmp";
+our $dl_rules_path = "/var/cache/suricata";
# File to store any errors, which also will be read and displayed by the wui.
our $storederrorfile = "/tmp/ids_storederror";
# Prefix for each downloaded ruleset.
my $dl_rulesfile_prefix = "idsrules";
+# Temporary directory to download the rules files.
+my $tmp_dl_directory = "/var/tmp";
+
# Temporary directory where the rulesets will be extracted.
my $tmp_directory = "/tmp/ids_tmp";
my $tmp_conf_directory = "$tmp_directory/conf";
# Array with allowed commands of suricatactrl.
-my @suricatactrl_cmds = ( 'start', 'stop', 'restart', 'reload', 'fix-rules-dir', 'cron' );
-
-# Array with supported cron intervals.
-my @cron_intervals = ('off', 'daily', 'weekly' );
+my @suricatactrl_cmds = ( 'start', 'stop', 'restart', 'reload', 'fix-rules-dir' );
# Array which contains the HTTP ports, which statically will be declared as HTTP_PORTS in the
# http_ports_file.
# Pass the requested URL to the downloader.
my $request = HTTP::Request->new(GET => $url);
- # Generate temporary file name, located in "/var/tmp" and with a suffix of ".tmp".
+ # Generate temporary file name, located in the tempoary download directory and with a suffix of ".tmp".
# The downloaded file will be stored there until some sanity checks are performed.
- my $tmp = File::Temp->new( SUFFIX => ".tmp", DIR => "/var/tmp/", UNLINK => 0 );
+ my $tmp = File::Temp->new( SUFFIX => ".tmp", DIR => "$tmp_dl_directory/", UNLINK => 0 );
my $tmpfile = $tmp->filename();
# Call function to get the final path and filename for the downloaded file.
}
}
-#
-## Function to read-in the given enabled or disables sids file.
-#
-sub read_enabled_disabled_sids_file($) {
- my ($file) = @_;
-
- # Temporary hash to store the sids and their state. It will be
- # returned at the end of this function.
- my %temphash;
-
- # Open the given filename.
- open(FILE, "$file") or die "Could not open $file. $!\n";
-
- # Loop through the file.
- while(<FILE>) {
- # Remove newlines.
- chomp $_;
-
- # Skip blank lines.
- next if ($_ =~ /^\s*$/);
-
- # Skip coments.
- next if ($_ =~ /^\#/);
-
- # Splitt line into sid and state part.
- my ($state, $sid) = split(" ", $_);
-
- # Skip line if the sid is not numeric.
- next unless ($sid =~ /\d+/ );
-
- # Check if the sid was enabled.
- if ($state eq "enablesid") {
- # Add the sid and its state as enabled to the temporary hash.
- $temphash{$sid} = "enabled";
- # Check if the sid was disabled.
- } elsif ($state eq "disablesid") {
- # Add the sid and its state as disabled to the temporary hash.
- $temphash{$sid} = "disabled";
- # Invalid state - skip the current sid and state.
- } else {
- next;
- }
- }
-
- # Close filehandle.
- close(FILE);
-
- # Return the hash.
- return %temphash;
-}
-
#
## Function to check if the IDS is running.
#
# Skip current command unless the given one has been found.
next unless($cmd eq $option);
- # Check if the given command is "cron".
- if ($option eq "cron") {
- # Check if an interval has been given.
- if ($interval) {
- # Check if the given interval is valid.
- foreach my $element (@cron_intervals) {
- # Skip current element until the given one has been found.
- next unless($element eq $interval);
-
- # Call the suricatactrl binary and pass the "cron" command
- # with the requrested interval.
- &General::system("$suricatactrl", "$option", "$interval");
-
- # Return "1" - True.
- return 1;
- }
- }
+ # Call the suricatactrl binary and pass the requrested
+ # option to it.
+ &General::system("$suricatactrl", "$option");
- # If we got here, the given interval is not supported or none has been given. - Return nothing.
- return;
- } else {
- # Call the suricatactrl binary and pass the requrested
- # option to it.
- &General::system("$suricatactrl", "$option");
-
- # Return "1" - True.
- return 1;
- }
+ # Return "1" - True.
+ return 1;
}
# Command not found - return nothing.