From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Fri, 26 Mar 2021 12:19:58 +0000 (+0100)
Subject: ids-functions.pl: Introduce private _get_dl_rulesfile() function.
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=093c10d40d683d5ebb52311a34271afae995b374;p=people%2Fstevee%2Fipfire-2.x.git

ids-functions.pl: Introduce private _get_dl_rulesfile() function.

This function can be used to generate/get the absolute file and path
for a given ruleset provider.

The files will be stored in the usual "/var/tmp" folder with a new
file format based on the dl_file type and the provider.

Examples could be:
	* /var/ipfire/idsrules-emerging.tar.gz
	* /var/ipfire/idsrules-registered.tar.gz
	* /var/ipfire/idsrules-somprovider.rules

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---

diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl
index a71305b988..51bc6a3c3a 100644
--- a/config/cfgroot/ids-functions.pl
+++ b/config/cfgroot/ids-functions.pl
@@ -65,9 +65,12 @@ our $providers_settings_file = "$settingsdir/providers-settings";
 # File which stores the configured settings for whitelisted addresses.
 our $ignored_file = "$settingsdir/ignored";
 
-# Location and name of the tarball which contains the ruleset.
+# DEPRECATED - Location and name of the tarball which contains the ruleset.
 our $rulestarball = "/var/tmp/idsrules.tar.gz";
 
+# Location where the downloaded rulesets are stored.
+our $dl_rules_path = "/var/tmp";
+
 # File to store any errors, which also will be read and displayed by the wui.
 our $storederrorfile = "/tmp/ids_storederror";
 
@@ -93,6 +96,9 @@ our $idspidfile = "/var/run/suricata.pid";
 # Location of suricatactrl.
 my $suricatactrl = "/usr/local/bin/suricatactrl";
 
+# Prefix for each downloaded ruleset.
+my $dl_rulesfile_prefix = "idsrules";
+
 # Array with allowed commands of suricatactrl.
 my @suricatactrl_cmds = ( 'start', 'stop', 'restart', 'reload', 'fix-rules-dir', 'cron' );
 
@@ -103,6 +109,12 @@ my @cron_intervals = ('off', 'daily', 'weekly' );
 # http_ports_file.
 my @http_ports = ('80', '81');
 
+# Hash which allows to convert the download type (dl_type) to a file suffix.
+my %dl_type_to_suffix = (
+	"archive" => ".tar.gz",
+	"plain" => ".rules",
+);
+
 #
 ## Function to check and create all IDS related files, if the does not exist.
 #
@@ -431,6 +443,31 @@ sub _store_error_message ($) {
 	&set_ownership("$storederrorfile");
 }
 
+#
+## Private function to get the path and filename for a downloaded ruleset by a given provider.
+#
+sub _get_dl_rulesfile($) {
+	my ($provider) = @_;
+
+	# Gather the download type for the given provider.
+	my $dl_type = $IDS::Ruleset::Providers{$provider}{'dl_type'};
+
+	# Obtain the file suffix for the download file type.
+	my $suffix = $dl_type_to_suffix{$dl_type};
+
+	# Check if a suffix has been found.
+	unless ($suffix) {
+		# Abort return - nothing.
+		return;
+	}
+
+	# Generate the full filename and path for the stored rules file.
+	my $rulesfile = "$dl_rules_path/$dl_rulesfile_prefix-$provider$suffix";
+
+	# Return the generated filename.
+	return $rulesfile;
+}
+
 #
 ## Function to check if the IDS is running.
 #