From c00609ce56cab337d352e69599144683192dec8f Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Thu, 14 Apr 2022 05:47:55 +0200 Subject: [PATCH] convert-ids-backend-files: Successor of the convert-ids-modifications-files converter. This converter also will convert the used rulesfiles file for the providers. Signed-off-by: Stefan Schantl --- ...cation-files => convert-ids-backend-files} | 50 +++++++++++++++++++ 1 file changed, 50 insertions(+) rename config/suricata/{convert-ids-modification-files => convert-ids-backend-files} (71%) diff --git a/config/suricata/convert-ids-modification-files b/config/suricata/convert-ids-backend-files similarity index 71% rename from config/suricata/convert-ids-modification-files rename to config/suricata/convert-ids-backend-files index 555deaf181..78e8edbf1c 100644 --- a/config/suricata/convert-ids-modification-files +++ b/config/suricata/convert-ids-backend-files @@ -30,6 +30,56 @@ exit 0 unless (-f "$IDS::settingsdir/oinkmaster.conf"); # Get all supported providers. my @providers = &IDS::get_ruleset_providers(); +# +## Step 1: Convert used rules files. +# + +# Loop through the array of known providers. +foreach my $provider (@providers) { + my %used_rulesfiles = (); + + # Generate old filename which contained the used rulesfile. + my $old_used_rulesfiles_file = "$IDS::settingsdir/suricata-$provider\-used-rulefiles.yaml"; + + # Skip the provider if there is no used rulesfiles file available. + next unless (-f $old_used_rulesfiles_file); + + # Open the used rulesfiles file. + open(FILE, "$old_used_rulesfiles_file"); + + # Read-in the file content. + my @file = ; + + # Close file handle. + close(FILE); + + # Loop through the file content. + foreach my $line(@file) { + chomp($line); + + # Grab the used rulesfile name from the line. + if ($line =~ /^\s-\s(.*)/) { + my $rulesfile = $1; + + # Add the used rulesfile to the has of used rulesfile for this provider. + $used_rulesfiles{$rulesfile} = "enabled"; + } + } + + # Get the filename for the new used rulesfiles file. + my $used_rulesfiles_file = &IDS::get_provider_used_rulesfiles_file($provider); + + # Write the file. + &General::writehash("$used_rulesfiles_file", \%used_rulesfiles); + + # Set the correct ownership for the new file. + &IDS::set_ownership("$used_rulesfiles_file"); +} + +# +## Step 2: Convert ruleset modifictaion files. +# + # Loop through the array of providers. foreach my $provider (@providers) { my %modifications = (); -- 2.39.5