From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Wed, 13 Dec 2017 13:45:27 +0000 (+0100)
Subject: ids.cgi: Introduce ruleset-source.list
X-Git-Tag: suricata-beta3~33^2~39^2~25
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=afe26a0586678f59e25a2a4ae1877737da064bfd;p=people%2Fstevee%2Fipfire-2.x.git

ids.cgi: Introduce ruleset-source.list

This new file will contain the vendor information and url
for downloading their ruleset. In future if the download location
or filename changes, we only need to adjust this one file and ship
it via a core update.

Also extend the downloadrulesfile to be able to directly call the
subfunction.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---

diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index aa4ab4eacb..9eff5233df 100644
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -606,6 +606,26 @@ sub downloadrulesfile {
 		return undef;
 	}
 
+	# Gather snort settings.
+	my %snortsettings = ();
+	&General::readhash("${General::swroot}/snort/settings", \%snortsettings);
+
+	# Get all available ruleset locations.
+	my %urls=();
+	&General::readhash("${General::swroot}/snort/ruleset-sources.list", \%urls);
+
+	# Grab the right url based on the configured vendor.
+	my $url = $urls{$snortsettings{'RULES'}};
+
+	# Check and pass oinkcode if the vendor requires one.
+	$url =~ s/\<oinkcode\>/$snortsettings{'OINKCODE'}/g;
+
+	# Abort if no url could be determined for the vendor.
+	unless($url) {
+		$errormessage = $Lang::tr{'could not download latest updates'};
+		return undef;
+	}
+
 	my %proxysettings=();
 	&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);