2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2021 IPFire Development Team <info@ipfire.org> #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
24 require '/var/ipfire/general-functions.pl';
25 require '/var/ipfire/ids-functions.pl';
27 # Exit if there is no main oinkmaster config file anymore.
28 exit 0 unless (-f
"$IDS::settingsdir/oinkmaster.conf");
30 # Get all supported providers.
31 my @providers = &IDS
::get_ruleset_providers
();
34 ## Step 1: Convert used rules files.
37 # Loop through the array of known providers.
38 foreach my $provider (@providers) {
39 my %used_rulesfiles = ();
41 # Generate old filename which contained the used rulesfile.
42 my $old_used_rulesfiles_file = "$IDS::settingsdir/suricata-$provider\-used-rulefiles.yaml";
44 # Skip the provider if there is no used rulesfiles file available.
45 next unless (-f
$old_used_rulesfiles_file);
47 # Open the used rulesfiles file.
48 open(FILE
, "$old_used_rulesfiles_file");
50 # Read-in the file content.
56 # Loop through the file content.
57 foreach my $line(@file) {
60 # Grab the used rulesfile name from the line.
61 if ($line =~ /^\s-\s(.*)/) {
64 # Add the used rulesfile to the has of used rulesfile for this provider.
65 $used_rulesfiles{$rulesfile} = "enabled";
69 # Get the filename for the new used rulesfiles file.
70 my $used_rulesfiles_file = &IDS
::get_provider_used_rulesfiles_file
($provider);
73 &General
::writehash
("$used_rulesfiles_file", \
%used_rulesfiles);
75 # Set the correct ownership for the new file.
76 &IDS
::set_ownership
("$used_rulesfiles_file");
80 ## Step 2: Convert ruleset modifictaion files.
83 # Loop through the array of providers.
84 foreach my $provider (@providers) {
85 my %modifications = ();
87 # Generate old filename which hold the ruleset modifications.
88 my $old_modifications_file = "$IDS::settingsdir/oinkmaster\-$provider\-modified-sids.conf";
90 # Skip provider if there is no modifications file.
91 next unless (-f
$old_modifications_file);
93 # Open modifications file.
94 open(FILE
, "$old_modifications_file");
96 # Read-in file content.
102 # Loop through the file content.
103 foreach my $line (@file) {
106 # Split line and assign to an temporary array.
107 my @tmp = split(/ /, $line);
109 # Assign nice human-readable variables.
110 my $action = $tmp[0];
113 # Process stored rule action and assign to the modifications hash.
114 if ($action eq "enablesid") {
115 $modifications{$sid} = "enabled";
117 } elsif ($action eq "disablesid") {
118 $modifications{$sid} = "disabled";
122 # Get new filename which will hold the ruleset modifications for this provider.
123 my $new_modifications_file = &IDS
::get_provider_ruleset_modifications_file
($provider);
125 # Write new modifications file.
126 &General
::writehash
("$new_modifications_file", \
%modifications);
128 # Set correct ownership for the new modifications file.
129 &IDS
::set_ownership
("$new_modifications_file");