From: Stefan Schantl Date: Sun, 24 Jul 2022 12:15:19 +0000 (+0200) Subject: ids-functions.pl: Load additional services rules files. X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c7363688b5626e8e58a3d59e2a382b064e21346b;p=people%2Fstevee%2Fipfire-2.x.git ids-functions.pl: Load additional services rules files. Load additional rule files for various services in case they are available. Those rules files are service related and mostly will be used to silence to noisy rules or are not tracked by a ruleset provider yet. Signed-off-by: Stefan Schantl --- diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl index 88a029384..6744da8ad 100644 --- a/config/cfgroot/ids-functions.pl +++ b/config/cfgroot/ids-functions.pl @@ -1519,6 +1519,23 @@ sub write_used_rulefiles_file (@) { } } + print FILE "\n#Load additional service related rules to avoid log flooding.\n"; + + # Loop through the array of supported port helper services. + foreach my $service (@IDS::Ports::Helper::services) { + # Skip non available services (addons). + next unless (-f "/opt/pakfire/db/installed/meta-$service"); + + # Generate name of the rulesfile. + my $rulesfile = "$default_rulespath/ipfire-$service.rules"; + + # Skip services which does not own rules files. + next unless (-f $rulesfile); + + # Write the rulesfile name to the list of rulesfiles to use. + print FILE " - $rulesfile\n"; + } + # Loop through the array of enabled providers. foreach my $provider (@providers) { # Skip unsupported providers.