ids-functions.pl: Load additional services rules files.

Load additional rule files for various services in case they
are available.

Those rules files are service related and mostly will be used
to silence to noisy rules or are not tracked by a ruleset provider yet.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl
index 88a0293841e9dd18a5a92209a33c55623e73bd62..6744da8ad4b68156d66c87cbe4773648e54930be 100644 (file)
--- a/config/cfgroot/ids-functions.pl
+++ b/config/cfgroot/ids-functions.pl
@@ -1519,6 +1519,23 @@ sub write_used_rulefiles_file (@) {
                }
        }
 
+       print FILE "\n#Load additional service related rules to avoid log flooding.\n";
+
+       # Loop through the array of supported port helper services.
+       foreach my $service (@IDS::Ports::Helper::services) {
+               # Skip non available services (addons).
+               next unless (-f "/opt/pakfire/db/installed/meta-$service");
+
+               # Generate name of the rulesfile.
+               my $rulesfile = "$default_rulespath/ipfire-$service.rules";
+
+               # Skip services which does not own rules files.
+               next unless (-f $rulesfile);
+
+               # Write the rulesfile name to the list of rulesfiles to use.
+               print FILE " - $rulesfile\n";
+       }
+
        # Loop through the array of enabled providers.
        foreach my $provider (@providers) {
                # Skip unsupported providers.