From 39b5adb9404ae1b986e75437c4203752da8e9167 Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Mon, 11 Apr 2022 05:57:05 +0200 Subject: [PATCH] update-ids-ruleset: Only regenerate and reload ruleset on at least one successfull update. Signed-off-by: Stefan Schantl --- src/scripts/update-ids-ruleset | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/src/scripts/update-ids-ruleset b/src/scripts/update-ids-ruleset index 52df22a767..c62bdcb3b1 100644 --- a/src/scripts/update-ids-ruleset +++ b/src/scripts/update-ids-ruleset @@ -32,6 +32,9 @@ use Sys::Syslog qw(:DEFAULT setlogsock); # Variable to store if the process has written a lockfile. my $locked; +# Array to store the updated providers. +my @updated_providers = (); + # Hash to store the configured providers. my %providers = (); @@ -135,19 +138,25 @@ foreach my $id (keys %providers) { # Set correct ownership for the downloaded tarball. &IDS::set_ownership("$stored_file"); + + # Add the provider handle to the array of updated providers. + push(@updated_providers, $provider); } } -# Call oinkmaster to alter the ruleset. -&IDS::oinkmaster(); +# Check if at least one provider has been updated successfully. +if (@updated_providers) { + # Call oinkmaster to alter the ruleset. + &IDS::oinkmaster(); -# Set correct ownership for the rulesdir and files. -&IDS::set_ownership("$IDS::rulespath"); + # Set correct ownership for the rulesdir and files. + &IDS::set_ownership("$IDS::rulespath"); -# Check if the IDS is running. -if(&IDS::ids_is_running()) { - # Call suricatactrl to perform a reload. - &IDS::call_suricatactrl("reload"); + # Check if the IDS is running. + if(&IDS::ids_is_running()) { + # Call suricatactrl to perform a reload. + &IDS::call_suricatactrl("reload"); + } } # -- 2.39.5