# the list of zones in an array.
my @network_zones = &IDS::get_available_network_zones();
+# File where the used rulefiles are stored.
my $idsusedrulefilesfile = "$IDS::settingsdir/suricata-used-rulefiles.yaml";
+
+# File where the addresses of the homenet are stored.
+my $idshomenetfile = "$IDS::settingsdir/suricata-homenet.yaml";
+
my $errormessage;
&Header::showhttpheaders();
if (!$errormessage) {
# Store settings into settings file.
&General::writehash("$IDS::settingsdir/settings", \%cgiparams);
-
- # Call suricatactrl to restart the IDS
- system('/usr/local/bin/suricatactrl restart >/dev/null');
}
+
+ # Generate file to store the home net.
+ &generate_home_net_file();
}
# Read-in idssettings
}
}
-# Function to get the used memory of a given process-id.
+#
+## Function to get the used memory of a given process-id.
+#
sub get_memory_usage($) {
my $pid = @_;
return;
}
+#
+## Function to generate the file which contains the home net information.
+#
+sub generate_home_net_file() {
+ my %netsettings;
+
+ # Read-in network settings.
+ &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
+
+ # Get available network zones.
+ my @network_zones = &IDS::get_available_network_zones();
+
+ # Temporary array to store network address and prefix of the configured
+ # networks.
+ my @networks;
+
+ # Loop through the array of available network zones.
+ foreach my $zone (@network_zones) {
+ # Skip the red network - It never can be part to the home_net!
+ next if($zone eq "red");
+
+ # Convert current zone name into upper case.
+ $zone = uc($zone);
+
+ # Generate key to access the required data from the netsettings hash.
+ my $zone_netaddress = $zone . "_NETADDRESS";
+ my $zone_netmask = $zone . "_NETMASK";
+
+ # Obtain the settings from the netsettings hash.
+ my $netaddress = $netsettings{$zone_netaddress};
+ my $netmask = $netsettings{$zone_netmask};
+
+ # Convert the subnetmask into prefix notation.
+ my $prefix = &Network::convert_netmask2prefix($netmask);
+
+ # Generate full network string.
+ my $network = join("/", $netaddress,$prefix);
+
+ # Check if the network is valid.
+ if(&Network::check_subnet($network)) {
+ # Add the generated network to the array of networks.
+ push(@networks, $network);
+ }
+ }
+
+ # Format home net declaration.
+ my $line = "\"\[";
+
+ # Loop through the array of networks.
+ foreach my $network (@networks) {
+ # Add the network to the line.
+ $line = "$line" . "$network";
+
+ # Check if the current network was the last in the array.
+ if ($network eq $networks[-1]) {
+ # Close the line.
+ $line = "$line" . "\]\"";
+ } else {
+ # Add "," for the next network.
+ $line = "$line" . "\,";
+ }
+ }
+
+ # Open file to store the addresses of the home net.
+ open(FILE, ">$idshomenetfile") or die "Could not open $idshomenetfile. $!\n";
+
+ # Print yaml header.
+ print FILE "%YAML 1.1\n";
+ print FILE "---\n\n";
+
+ # Print notice about autogenerated file.
+ print FILE "#Autogenerated file. Any custom changes will be overwritten!\n";
+
+ # Print the generated and required HOME_NET declaration to the file.
+ print FILE "HOME_NET:\t$line\n";
+
+ # Close file handle.
+ close(FILE);
+
+}
projects / people / stevee / ipfire-2.x.git / commitdiff
