convert-snort: Try to download ruleset if none is present.

[ipfire-2.x.git] / config / suricata / convert-snort

diff --git a/config/suricata/convert-snort b/config/suricata/convert-snort
index 0df5a451afdf7f15e2b1eb3d02e55b9e2a1ab273..ca650b149a212d9f0074297d78626fec96d8fd11 100644 (file)
--- a/config/suricata/convert-snort
+++ b/config/suricata/convert-snort
@@ -209,6 +209,9 @@ if ($idssettings{"MONITOR_TRAFFIC_ONLY"} eq "off") {
 # Call subfunction and pass the desired IDS action.
 &IDS::write_modify_sids_file($IDS_action);
 
+# Set correct ownership.
+&IDS::set_ownership("$IDS::modify_sids_file");
+
 #
 ## Step 6: Move rulestarball to its new location.
 #
@@ -223,6 +226,14 @@ if (-f $snort_rules_tarball) {
 
        # Set correct ownership.
        &IDS::set_ownership("$IDS::rulestarball");
+
+# In case no tarball is present, try to download the ruleset.
+} else {
+       # Check if enought disk space is available.
+       if(&IDS::checkdiskspace()) {
+               # Call the download function and grab the new ruleset.
+               &IDS::downloadruleset();
+       }
 }
 
 #
@@ -233,6 +244,9 @@ if (-f $snort_rules_tarball) {
 if (-f $IDS::rulestarball) {
        # Launch oinkmaster by calling the subfunction.
        &IDS::oinkmaster();
+
+       # Set correct ownership for the rulesdir and files.
+       &IDS::set_ownership("$IDS::rulespath");
 }
 
 #