ids.cgi: Add some more sanity checks when adding a new provider.

* Check if the system is online.
* Check if enough free disk space is available.
* Abort whith an error message if the ruleset could not be
  downloaded.

In error case the provider now will be removed again from the file which
keeps the configured providers. Sadly it needs to be added first because
otherwise the downloader could not read the required values from it.....

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 899e15b6614e74f70c532f9d0882957cf5e6c47e..25f8f972333ea5aa9deaf89946bc21cd5b60c877 100644 (file)
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -815,34 +815,56 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'ids apply'}) {
 
                # Check if a new provider will be added.
                if ($cgiparams{'PROVIDERS'} eq $Lang::tr{'add'}) {
-                       # Lock the webpage and print notice about downloading
-                       # a new ruleset.
-                       &working_notice("$Lang::tr{'ids working'}");
+                       # Check if the red device is active.
+                       unless (-e "${General::swroot}/red/active") {
+                               $errormessage = "$Lang::tr{'ids could not add provider'} - $Lang::tr{'system is offline'}";
+                       }
+
+                       # Check if enough free disk space is availabe.
+                       if(&IDS::checkdiskspace()) {
+                               $errormessage = "$Lang::tr{'ids could not add provider'} - $Lang::tr{'not enough disk space'}";
+                       }
 
-                       # Download the ruleset.
-                       &IDS::downloadruleset($provider);
+                       # Check if any errors happend.
+                       unless ($errormessage) {
+                               # Lock the webpage and print notice about downloading
+                               # a new ruleset.
+                               &working_notice("$Lang::tr{'ids working'}");
 
-                       # Extract the ruleset
-                       &IDS::extractruleset($provider);
+                               # Download the ruleset.
+                               if(&IDS::downloadruleset($provider)) {
+                                       $errormessage = "$Lang::tr{'ids could not add provider'} - $Lang::tr{'ids unable to download the ruleset'}";
 
-                       # Move the ruleset.
-                       &IDS::move_tmp_ruleset();
+                                       # Call function to store the errormessage.
+                                       &IDS::_store_error_message($errormessage);
 
-                       # Cleanup temporary directory.
-                       &IDS::cleanup_tmp_directory();
+                                       # Remove the configured provider again.
+                                       &remove_provider($id);
+                               } else {
+                                       # Extract the ruleset
+                                       &IDS::extractruleset($provider);
 
-                       # Create new empty file for used rulefiles
-                       # for this provider.
-                       &IDS::write_used_provider_rulefiles_file($provider);
+                                       # Move the ruleset.
+                                       &IDS::move_tmp_ruleset();
 
-                       # Perform a reload of the page.
-                       &reload();
+                                       # Cleanup temporary directory.
+                                       &IDS::cleanup_tmp_directory();
+
+                                       # Create new empty file for used rulefiles
+                                       # for this provider.
+                                       &IDS::write_used_provider_rulefiles_file($provider);
+                               }
+
+                               # Perform a reload of the page.
+                               &reload();
+                       }
                }
 
-               # Undefine providers flag.
-               undef($cgiparams{'PROVIDERS'});
        }
 
+       # Undefine providers flag.
+       undef($cgiparams{'PROVIDERS'});
+
 ## Toggle Enabled/Disabled for an existing provider.
 #
 } elsif ($cgiparams{'PROVIDERS'} eq $Lang::tr{'toggle enable disable'}) {

diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 9fdda51eea4d129a2bec70a8ab6538b56a7e2e24..f5f818bf2915783702a8a1e0bd944cd178c3ffd2 100644 (file)
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -1369,6 +1369,7 @@
 'ids apply ruleset changes' => 'Regeländerungen werden übernommen. Bitte warten Sie, bis dieser Vorgang erfolgreich beendet wurde...',
 'ids autoupdates' => 'Automatische Updates',
 'ids automatic rules update' => 'Automatische Regelaktualisierung',
+'ids could not add provider' => 'Provider konnte nicht hinzugefügt werden',
 'ids customize ruleset' => 'Regelset anpassen',
 'ids download new ruleset' => 'Das neue Regelset wird heruntergeladen und entpackt. Bitte warten Sie, bis dieser Vorgang erfolgreich beendet wurde...',
 'ids enable' => 'Einbruchsverhinderungssystem aktivieren',
@@ -1392,6 +1393,7 @@
 'ids ruleset settings' => 'Regelsatzeinstellungen',
 'ids show' => 'Anzeigen',
 'ids the choosen provider is already in use' => 'Der gewhählte Provider wird bereits verwendet.',
+'ids unable to download the ruleset' => 'Das Regelset konnte nicht heruntergeladen werden.',
 'ids visit provider website' => 'Anbieter-Webseite besuchen',
 'ids working' => 'Änderungen werden übernommen. Bitte warten Sie, bis dieser Vorgang erfolgreich beendet wurde.',
 'iface' => 'Iface',

diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index 56a85365ce598a418415a8d37712b6ae4d947172..10d3f16d068b2c424bd4fd7227131424dc0713c2 100644 (file)
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -1398,6 +1398,7 @@
 'ids apply ruleset changes' => 'The ruleset changes are being applied. Please wait until all operations have completed successfully...',
 'ids autoupdates' => 'Automatic updates',
 'ids automatic rules update' => 'Automatic Rule Update',
+'ids could not add provider' => 'Could not add provider',
 'ids customize ruleset' => 'Customize ruleset',
 'ids download new ruleset' => 'Downloading and unpacking new ruleset. Please wait until all operations have completed successfully...',
 'ids enable' => 'Enable Intrusion Prevention System',
@@ -1421,6 +1422,7 @@
 'ids ruleset settings' => 'Ruleset Settings',
 'ids show' => 'Show',
 'ids the choosen provider is already in use' => 'The choosen provider is already in use.',
+'ids unable to download the ruleset' => 'Unable to download the ruleset',
 'ids visit provider website' => 'Visit provider website',
 'ids working' => 'Changes are being applied. Please wait until all operations have completed successfully...',
 'iface' => 'Iface',