# Snort rules tarball.
my $snort_rules_tarball = "/var/tmp/snortrules.tar.gz";
-# Check if a snort settings file exists.
-unless( -f "$snort_settings_file") {
- print "$snort_settings_file not found - Nothing to do. Exiting!\n";
- exit(0);
-}
-
-# Check if the snort settings file is empty.
-if (-z "$snort_settings_file") {
- print "$snort_settings_file is empty - Nothing to do. Exiting!\n";
- exit(0);
-}
-
#
## Step 1: Setup directory and file layout, if not present and set correct
## ownership. The converter runs as a privileged user, but the files
## needs to be full access-able by the WUI user and group (nobody:nobody).
#
-# User and group of the WUI.
-my $uname = "nobody";
-my $grname = "nobody";
-
-# The chown function implemented in perl requies the user and group as nummeric id's.
-my $uid = getpwnam($uname);
-my $gid = getgrnam($grname);
-
# Check if the settings directory exists.
unless (-d $IDS::settingsdir) {
# Create the directory.
mkdir($IDS::rulespath);
}
-# Set correct ownership for the settings and rules folder.
-chown($uid, $gid, $IDS::settingsdir);
-chown($uid, $gid, $IDS::rulespath);
-
# Create file layout, if not exists yet.
&IDS::check_and_create_filelayout();
-# Set correct ownership for the files - Open settings directory and do a directory listing.
-opendir(DIR, $IDS::settingsdir) or die $!;
- # Loop through the direcory.
- while (my $file = readdir(DIR)) {
-
- # We only want files.
- next unless (-f "$IDS::settingsdir/$file");
+# Set correct ownership for settingsdir and rulespath.
+&IDS::set_ownership("$IDS::settingsdir");
+&IDS::set_ownership("$IDS::rulespath");
- # Set correct ownership for the files.
- chown($uid, $gid, "$IDS::settingsdir/$file");
- }
+# Check if a snort settings file exists.
+unless( -f "$snort_settings_file") {
+ print "$snort_settings_file not found - Nothing to do. Exiting!\n";
+ exit(0);
+}
-closedir(DIR);
+# Check if the snort settings file is empty.
+if (-z "$snort_settings_file") {
+ print "$snort_settings_file is empty - Nothing to do. Exiting!\n";
+ exit(0);
+}
#
## Step 2: Import snort settings and convert to the required format for the new IDS
# Call subfunction and pass the desired IDS action.
&IDS::write_modify_sids_file($IDS_action);
+# Set correct ownership.
+&IDS::set_ownership("$IDS::modify_sids_file");
+
#
## Step 6: Move rulestarball to its new location.
#
move($snort_rules_tarball, $IDS::rulestarball);
# Set correct ownership.
- chown($uid, $gid, $IDS::rulestarball);
+ &IDS::set_ownership("$IDS::rulestarball");
+
+# In case no tarball is present, try to download the ruleset.
+} else {
+ # Check if enought disk space is available.
+ if(&IDS::checkdiskspace()) {
+ # Call the download function and grab the new ruleset.
+ &IDS::downloadruleset();
+ }
}
#
if (-f $IDS::rulestarball) {
# Launch oinkmaster by calling the subfunction.
&IDS::oinkmaster();
+
+ # Set correct ownership for the rulesdir and files.
+ &IDS::set_ownership("$IDS::rulespath");
}
#