# Location where the rulefiles are stored.
our $rulespath = "/var/lib/suricata";
+# Location to store local rules. This file will not be touched.
+our $local_rules_file = "$rulespath/local.rules";
+
# File which contains the rules to whitelist addresses on suricata.
our $whitelist_file = "$rulespath/whitelist.rules";
# Skip rules file for whitelisted hosts.
next if ("$rulespath/$file" eq $whitelist_file);
+ # Skip rules file with local rules.
+ next if ("$rulespath/$file" eq $local_rules_file);
+
# Delete the current processed file, if not, exit this function
# and return an error message.
unlink("$rulespath/$file") or return "Could not delete $rulespath/$file. $!\n";
# Function to generate and write the file which contains the configured and used DNS servers.
#
sub generate_dns_servers_file() {
- # Open file which contains the current used DNS configuration.
- open (FILE, "${General::swroot}/red/dns") or die "Could not read DNS configuration from ${General::swroot}/red/dns. $!\n";
-
- # Read-in whole file content and store it in a temporary array.
- my @file_content = split(' ', <FILE>);
-
- # Close file handle.
- close(FILE);
+ # Get the used DNS servers.
+ my @nameservers = &General::get_nameservers();
# Format dns servers declaration.
- my $line = "\"\[";
-
- # Check if the current DNS configuration is using the local recursor mode.
- if ($file_content[0] eq "local" && $file_content[1] eq "recursor") {
- # The responsible DNS servers on red are directly used, and because we are not able
- # to specify each single DNS server address here, we currently have to thread each
- # address which is not part of the HOME_NET as possible DNS server.
- $line = "$line" . "!\$HOME_NET";
+ my $line = "";
+ # Check if the system has configured nameservers.
+ if (@nameservers) {
+ $line = join(",", @nameservers);
} else {
- # Loop through the array which contains the file content.
- foreach my $server (@file_content) {
- # Remove newlines.
- chomp($server);
-
- # Add the DNS server to the line.
- $line = "$line" . "$server";
-
- # Check if the current DNS server was the last in the array.
- if ($server ne $file_content[-1]) {
- # Add "," for the next DNS server.
- $line = "$line" . "\,";
- }
- }
+ $line = "\$EXTERNAL_NET";
}
- # Close the line...
- $line = "$line" . "\]\"";
-
# Open file to store the used DNS server addresses.
open(FILE, ">$dns_servers_file") or die "Could not open $dns_servers_file. $!\n";
print FILE "#Autogenerated file. Any custom changes will be overwritten!\n";
# Print the generated DNS declaration to the file.
- print FILE "DNS_SERVERS:\t$line\n";
+ print FILE "DNS_SERVERS:\t\"[$line]\"\n";
# Close file handle.
close(FILE);