+ } else {
+ # Look if the rule is enabled.
+ if ($idsrules{$rulefile}{$sid}{'State'} eq "on") {
+ # Check if the state is 'on' and should be disabled.
+ # In this case there is no entry
+ # for the sid in the cgiparams hash.
+ # Add/Modify it to/in the enabled_disabled_sids hash.
+ $enabled_disabled_sids{$sid} = "disabled";
+
+ # Drop item from cgiparams hash.
+ delete $cgiparams{$rulefile}{$sid};
+ }
+ }
+ }
+ }
+
+ # Open enabled sid's file for writing.
+ open(ENABLED_FILE, ">$IDS::enabled_sids_file") or die "Could not write to $IDS::enabled_sids_file. $!\n";
+
+ # Open disabled sid's file for writing.
+ open(DISABLED_FILE, ">$IDS::disabled_sids_file") or die "Could not write to $IDS::disabled_sids_file. $!\n";
+
+ # Write header to the files.
+ print ENABLED_FILE "#Autogenerated file. Any custom changes will be overwritten!\n";
+ print DISABLED_FILE "#Autogenerated file. Any custom changes will be overwritten!\n";
+
+ # Check if the hash for enabled/disabled files contains any entries.
+ if (%enabled_disabled_sids) {
+ # Loop through the hash.
+ foreach my $sid (keys %enabled_disabled_sids) {
+ # Check if the sid is enabled.
+ if ($enabled_disabled_sids{$sid} eq "enabled") {
+ # Print the sid to the enabled_sids file.
+ print ENABLED_FILE "enablesid $sid\n";
+ # Check if the sid is disabled.
+ } elsif ($enabled_disabled_sids{$sid} eq "disabled") {
+ # Print the sid to the disabled_sids file.
+ print DISABLED_FILE "disablesid $sid\n";
+ # Something strange happende - skip the current sid.
+ } else {
+ next;
+ }
+ }
+ }
+
+ # Close file for enabled_sids after writing.
+ close(ENABLED_FILE);
+
+ # Close file for disabled_sids after writing.
+ close(DISABLED_FILE);
+
+ # Call function to generate and write the used rulefiles file.
+ &IDS::write_used_rulefiles_file(@enabled_rulefiles);
+
+ # Lock the webpage and print message.
+ &working_notice("$Lang::tr{'ids apply ruleset changes'}");
+
+ # Call oinkmaster to alter the ruleset.
+ &IDS::oinkmaster();
+
+ # Check if the IDS is running.
+ if(&IDS::ids_is_running()) {
+ # Call suricatactrl to perform a reload.
+ &IDS::call_suricatactrl("reload");
+ }
+
+ # Reload page.
+ &reload();
+
+# Download new ruleset.
+} elsif ($cgiparams{'RULESET'} eq $Lang::tr{'update ruleset'}) {
+ # Check if the red device is active.
+ unless (-e "${General::swroot}/red/active") {
+ $errormessage = "$Lang::tr{'could not download latest updates'} - $Lang::tr{'system is offline'}";
+ }
+
+ # Check if enought free disk space is availabe.
+ if(&IDS::checkdiskspace()) {
+ $errormessage = "$Lang::tr{'not enough disk space'}";
+ }
+
+ # Check if any errors happend.
+ unless ($errormessage) {
+ # Lock the webpage and print notice about downloading
+ # a new ruleset.
+ &working_notice("$Lang::tr{'ids download new ruleset'}");
+
+ # Call subfunction to download the ruleset.
+ if(&IDS::downloadruleset()) {
+ $errormessage = $Lang::tr{'could not download latest updates'};
+
+ # Call function to store the errormessage.
+ &IDS::_store_error_message($errormessage);
+
+ # Preform a reload of the page.
+ &reload();
+ } else {
+ # Call subfunction to launch oinkmaster.
+ &IDS::oinkmaster();
+
+ # Check if the IDS is running.
+ if(&IDS::ids_is_running()) {
+ # Call suricatactrl to perform a reload.
+ &IDS::call_suricatactrl("reload");