X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=blobdiff_plain;f=html%2Fcgi-bin%2Fids.cgi;fp=html%2Fcgi-bin%2Fids.cgi;h=c3e5eefdbcadcf0cff58b402d443849e214dddc4;hp=2a8a7cb261af83162f6c7fc5378325ca48ca4cab;hb=af8e5145fa969f0c99c9650c16e05bc71d7297b1;hpb=2ff56df4e045f5ebca0bc3142ce60410bc51cb30

diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 2a8a7cb261..c3e5eefdbc 100644
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -412,6 +412,9 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'save'}) {
 	# Hash to store the user-enabled and disabled sids.
 	my %enabled_disabled_sids;
 
+	# Store if a restart of suricata is required.
+	my $suricata_restart_required;
+
 	# Loop through the hash of idsrules.
 	foreach my $rulefile(keys %idsrules) {
 		# Check if the rulefile is enabled.
@@ -419,6 +422,12 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'save'}) {
 			# Add rulefile to the array of enabled rulefiles.
 			push(@enabled_rulefiles, $rulefile);
 
+			# Check if the state of the rulefile has been changed.
+			unless ($cgiparams{$rulefile} eq $idsrules{$rulefile}{'Rulefile'}{'State'}) {
+				# A restart of suricata is required to apply the changes of the used rulefiles.
+				$suricata_restart_required = 1;
+			}
+
 			# Drop item from cgiparams hash.
 			delete $cgiparams{$rulefile};
 		}
@@ -513,8 +522,14 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'save'}) {
 
 	# Check if the IDS is running.
 	if(&IDS::ids_is_running()) {
-		# Call suricatactrl to perform a reload.
-		&IDS::call_suricatactrl("reload");
+		# Check if a restart of suricata is required.
+		if ($suricata_restart_required) {
+			# Call suricatactrl to perform the restart.
+			&IDS::call_suricatactrl("restart");
+		} else {
+			# Call suricatactrl to perform a reload.
+			&IDS::call_suricatactrl("reload");
+		}
 	}
 
 	# Reload page.