ids.cgi: Add some more sanity checks when adding a new provider.

* Check if the system is online.
* Check if enough free disk space is available.
* Abort whith an error message if the ruleset could not be
  downloaded.

In error case the provider now will be removed again from the file which
keeps the configured providers. Sadly it needs to be added first because
otherwise the downloader could not read the required values from it.....

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 899e15b6614e74f70c532f9d0882957cf5e6c47e..25f8f972333ea5aa9deaf89946bc21cd5b60c877 100644 (file)
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -815,34 +815,56 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'ids apply'}) {
 
                # Check if a new provider will be added.
                if ($cgiparams{'PROVIDERS'} eq $Lang::tr{'add'}) {
-                       # Lock the webpage and print notice about downloading
-                       # a new ruleset.
-                       &working_notice("$Lang::tr{'ids working'}");
+                       # Check if the red device is active.
+                       unless (-e "${General::swroot}/red/active") {
+                               $errormessage = "$Lang::tr{'ids could not add provider'} - $Lang::tr{'system is offline'}";
+                       }
+
+                       # Check if enough free disk space is availabe.
+                       if(&IDS::checkdiskspace()) {
+                               $errormessage = "$Lang::tr{'ids could not add provider'} - $Lang::tr{'not enough disk space'}";
+                       }
 
-                       # Download the ruleset.
-                       &IDS::downloadruleset($provider);
+                       # Check if any errors happend.
+                       unless ($errormessage) {
+                               # Lock the webpage and print notice about downloading
+                               # a new ruleset.
+                               &working_notice("$Lang::tr{'ids working'}");
 
-                       # Extract the ruleset
-                       &IDS::extractruleset($provider);
+                               # Download the ruleset.
+                               if(&IDS::downloadruleset($provider)) {
+                                       $errormessage = "$Lang::tr{'ids could not add provider'} - $Lang::tr{'ids unable to download the ruleset'}";
 
-                       # Move the ruleset.
-                       &IDS::move_tmp_ruleset();
+                                       # Call function to store the errormessage.
+                                       &IDS::_store_error_message($errormessage);
 
-                       # Cleanup temporary directory.
-                       &IDS::cleanup_tmp_directory();
+                                       # Remove the configured provider again.
+                                       &remove_provider($id);
+                               } else {
+                                       # Extract the ruleset
+                                       &IDS::extractruleset($provider);
 
-                       # Create new empty file for used rulefiles
-                       # for this provider.
-                       &IDS::write_used_provider_rulefiles_file($provider);
+                                       # Move the ruleset.
+                                       &IDS::move_tmp_ruleset();
 
-                       # Perform a reload of the page.
-                       &reload();
+                                       # Cleanup temporary directory.
+                                       &IDS::cleanup_tmp_directory();
+
+                                       # Create new empty file for used rulefiles
+                                       # for this provider.
+                                       &IDS::write_used_provider_rulefiles_file($provider);
+                               }
+
+                               # Perform a reload of the page.
+                               &reload();
+                       }
                }
 
-               # Undefine providers flag.
-               undef($cgiparams{'PROVIDERS'});
        }
 
+       # Undefine providers flag.
+       undef($cgiparams{'PROVIDERS'});
+
 ## Toggle Enabled/Disabled for an existing provider.
 #
 } elsif ($cgiparams{'PROVIDERS'} eq $Lang::tr{'toggle enable disable'}) {

diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index bb1f0ed30b53a12189734ee68305bc53e08e912d..aa80c2131e6c2a41b0114e7df142d03fd41667af 100644 (file)
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -1369,6 +1369,7 @@
 'ids apply ruleset changes' => 'Regeländerungen werden übernommen. Bitte warten Sie, bis dieser Vorgang erfolgreich beendet wurde...',
 'ids autoupdates' => 'Automatische Updates',
 'ids automatic rules update' => 'Automatische Regelaktualisierung',
+'ids could not add provider' => 'Provider konnte nicht hinzugefügt werden',
 'ids customize ruleset' => 'Regelset anpassen',
 'ids download new ruleset' => 'Das neue Regelset wird heruntergeladen und entpackt. Bitte warten Sie, bis dieser Vorgang erfolgreich beendet wurde...',
 'ids enable' => 'Einbruchsverhinderungssystem aktivieren',
@@ -1392,6 +1393,7 @@
 'ids ruleset settings' => 'Regelsatzeinstellungen',
 'ids show' => 'Anzeigen',
 'ids the choosen provider is already in use' => 'Der gewhählte Provider wird bereits verwendet.',
+'ids unable to download the ruleset' => 'Das Regelset konnte nicht heruntergeladen werden.',
 'ids visit provider website' => 'Anbieter-Webseite besuchen',
 'ids working' => 'Änderungen werden übernommen. Bitte warten Sie, bis dieser Vorgang erfolgreich beendet wurde.',
 'iface' => 'Iface',

diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index 20386aff2b364374e8416193cea53b4ab3ea5c84..9b2f9b0f54cadbcbe230a7dcff244cbe12f04038 100644 (file)
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -1398,6 +1398,7 @@
 'ids apply ruleset changes' => 'The ruleset changes are being applied. Please wait until all operations have completed successfully...',
 'ids autoupdates' => 'Automatic updates',
 'ids automatic rules update' => 'Automatic Rule Update',
+'ids could not add provider' => 'Could not add provider',
 'ids customize ruleset' => 'Customize ruleset',
 'ids download new ruleset' => 'Downloading and unpacking new ruleset. Please wait until all operations have completed successfully...',
 'ids enable' => 'Enable Intrusion Prevention System',
@@ -1421,6 +1422,7 @@
 'ids ruleset settings' => 'Ruleset Settings',
 'ids show' => 'Show',
 'ids the choosen provider is already in use' => 'The choosen provider is already in use.',
+'ids unable to download the ruleset' => 'Unable to download the ruleset',
 'ids visit provider website' => 'Visit provider website',
 'ids working' => 'Changes are being applied. Please wait until all operations have completed successfully...',
 'iface' => 'Iface',