From: Stefan Schantl Date: Sun, 21 Mar 2021 16:22:29 +0000 (+0100) Subject: ids.cgi: Only read-in ruleset if neccessary. X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a468b62b62d5a9f777fe1c4d4564ade7d70ed621;p=people%2Fstevee%2Fipfire-2.x.git ids.cgi: Only read-in ruleset if neccessary. This process takes some time, especially on huge rulesets. Signed-off-by: Stefan Schantl --- diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index a2d650fb0d..50a8709a70 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -250,69 +250,72 @@ if (-e $IDS::storederrorfile) { unlink($IDS::storederrorfile); } -## Grab all available rules and store them in the idsrules hash. -# -# Open rules directory and do a directory listing. -opendir(DIR, $IDS::rulespath) or die $!; - # Loop through the direcory. - while (my $file = readdir(DIR)) { +# Gather ruleset details. +if ($cgiparams{'RULESET'}) { + ## Grab all available rules and store them in the idsrules hash. + # + # Open rules directory and do a directory listing. + opendir(DIR, $IDS::rulespath) or die $!; + # Loop through the direcory. + while (my $file = readdir(DIR)) { - # We only want files. - next unless (-f "$IDS::rulespath/$file"); + # We only want files. + next unless (-f "$IDS::rulespath/$file"); - # Ignore empty files. - next if (-z "$IDS::rulespath/$file"); + # Ignore empty files. + next if (-z "$IDS::rulespath/$file"); - # Use a regular expression to find files ending in .rules - next unless ($file =~ m/\.rules$/); + # Use a regular expression to find files ending in .rules + next unless ($file =~ m/\.rules$/); - # Ignore files which are not read-able. - next unless (-R "$IDS::rulespath/$file"); + # Ignore files which are not read-able. + next unless (-R "$IDS::rulespath/$file"); - # Skip whitelist rules file. - next if( $file eq "whitelist.rules"); + # Skip whitelist rules file. + next if( $file eq "whitelist.rules"); - # Call subfunction to read-in rulefile and add rules to - # the idsrules hash. - &readrulesfile("$file"); - } + # Call subfunction to read-in rulefile and add rules to + # the idsrules hash. + &readrulesfile("$file"); + } -closedir(DIR); + closedir(DIR); -# Gather used rulefiles. -# -# Check if the file for activated rulefiles is not empty. -if(-f $IDS::used_rulefiles_file) { - # Open the file for used rulefile and read-in content. - open(FILE, $IDS::used_rulefiles_file) or die "Could not open $IDS::used_rulefiles_file. $!\n"; + # Gather used rulefiles. + # + # Check if the file for activated rulefiles is not empty. + if(-f $IDS::used_rulefiles_file) { + # Open the file for used rulefile and read-in content. + open(FILE, $IDS::used_rulefiles_file) or die "Could not open $IDS::used_rulefiles_file. $!\n"; - # Read-in content. - my @lines = ; + # Read-in content. + my @lines = ; - # Close file. - close(FILE); + # Close file. + close(FILE); - # Loop through the array. - foreach my $line (@lines) { - # Remove newlines. - chomp($line); + # Loop through the array. + foreach my $line (@lines) { + # Remove newlines. + chomp($line); - # Skip comments. - next if ($line =~ /\#/); + # Skip comments. + next if ($line =~ /\#/); - # Skip blank lines. - next if ($line =~ /^\s*$/); + # Skip blank lines. + next if ($line =~ /^\s*$/); - # Gather rule sid and message from the ruleline. - if ($line =~ /.*- (.*)/) { - my $rulefile = $1; - - # Check if the current rulefile exists in the %idsrules hash. - # If not, the file probably does not exist anymore or contains - # no rules. - if($idsrules{$rulefile}) { - # Add the rulefile state to the %idsrules hash. - $idsrules{$rulefile}{'Rulefile'}{'State'} = "on"; + # Gather rule sid and message from the ruleline. + if ($line =~ /.*- (.*)/) { + my $rulefile = $1; + + # Check if the current rulefile exists in the %idsrules hash. + # If not, the file probably does not exist anymore or contains + # no rules. + if($idsrules{$rulefile}) { + # Add the rulefile state to the %idsrules hash. + $idsrules{$rulefile}{'Rulefile'}{'State'} = "on"; + } } } }