IDS: Introduce settingsdir variable

The $settingsdir variable is declared in the ids-functions.pl and used to to
store the path where the various files which contains the settings for the IDS and
oinkmaster is located.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl
index 32002912d2d164a70bb64b17e44cf99a3b6ce786..74713d77ad9d8cde0068c5531b8ec624a04c6dbe 100644 (file)
--- a/config/cfgroot/ids-functions.pl
+++ b/config/cfgroot/ids-functions.pl
@@ -26,6 +26,9 @@ package IDS;
 require '/var/ipfire/general-functions.pl';
 require "${General::swroot}/lang.pl";
 
+# Location where all config and settings files are stored.
+our $settingsdir = "${General::swroot}/snort";
+
 # Location and name of the tarball which contains the ruleset.
 our $rulestarball = "/var/tmp/snortrules.tar.gz";
 
@@ -81,11 +84,11 @@ sub checkdiskspace () {
 sub downloadruleset {
        # Get snort settings.
        my %snortsettings=();
-       &General::readhash("${General::swroot}/snort/settings", \%snortsettings);
+       &General::readhash("$settingsdir/settings", \%snortsettings);
 
        # Get all available ruleset locations.
        my %rulesetsources=();
-       &General::readhash("${General::swroot}/snort/ruleset-sources.list", \%rulesetsources);
+       &General::readhash("$settingsdir/ruleset-sources.list", \%rulesetsources);
 
        # Read proxysettings.
        my %proxysettings=();
@@ -164,7 +167,7 @@ sub oinkmaster () {
        openlog('oinkmaster', 'cons,pid', 'user');
 
        # Call oinkmaster to generate ruleset.
-       open(OINKMASTER, "/usr/local/bin/oinkmaster.pl -v -s -u file://$rulestarball -C /var/ipfire/snort/oinkmaster.conf -o $rulespath|");
+       open(OINKMASTER, "/usr/local/bin/oinkmaster.pl -v -s -u file://$rulestarball -C $settingsdir/oinkmaster.conf -o $rulespath|");
 
        # Log output of oinkmaster to syslog.
        while(<OINKMASTER>) {

diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 7dc8793f6e03675aea674553766e48ac4235eca6..71fc1ea608496ea9a64e0c729a0b811c13cc7250 100644 (file)
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -47,7 +47,7 @@ my %selected=();
 # Get netsettings.
 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
 
-my $snortusedrulefilesfile = "${General::swroot}/snort/snort-used-rulefiles.conf";
+my $idsusedrulefilesfile = "$IDS::settingsdir/ids-used-rulefiles.conf";
 my $errormessage;
 
 &Header::showhttpheaders();
@@ -108,9 +108,9 @@ closedir(DIR);
 # Gather used rulefiles.
 #
 # Check if the file for activated rulefiles is not empty.
-if(-f $snortusedrulefilesfile) {
+if(-f $idsusedrulefilesfile) {
        # Open the file for used rulefile and read-in content.
-       open(FILE, $snortusedrulefilesfile) or die "Could not open $snortusedrulefilesfile. $!\n";
+       open(FILE, $idsusedrulefilesfile) or die "Could not open $idsusedrulefilesfile. $!\n";
 
        # Read-in content.
        my @lines = <FILE>;
@@ -141,8 +141,8 @@ if(-f $snortusedrulefilesfile) {
 
 # Save ruleset.
 if ($cgiparams{'RULESET'} eq $Lang::tr{'update'}) {
-       my $enabled_sids_file = "${General::swroot}/snort/oinkmaster-enabled-sids.conf";
-       my $disabled_sids_file = "${General::swroot}/snort/oinkmaster-disabled-sids.conf";
+       my $enabled_sids_file = "$IDS::settingsdir/oinkmaster-enabled-sids.conf";
+       my $disabled_sids_file = "$IDS::settingsdir/oinkmaster-disabled-sids.conf";
 
        # Arrays to store sid which should be added to the corresponding files.
        my @enabled_sids;
@@ -232,7 +232,7 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'update'}) {
        close(FILE);
 
        # Open file for used rulefiles.
-       open (FILE, ">$snortusedrulefilesfile") or die "Could not write to $snortusedrulefilesfile. $!\n";
+       open (FILE, ">$idsusedrulefilesfile") or die "Could not write to $idsusedrulefilesfile. $!\n";
 
        # Write header to file.
        print FILE "#Autogenerated file. Any custom changes will be overwritten!\n";
@@ -307,7 +307,7 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'update'}) {
        # Go on if there are no error messages.
        if (!$errormessage) {
                # Store settings into settings file.
-               &General::writehash("${General::swroot}/snort/settings", \%cgiparams);
+               &General::writehash("$IDS::settingsdir/settings", \%cgiparams);
 
                # Call snortctrl to restart snort
                system('/usr/local/bin/snortctrl restart >/dev/null');
@@ -315,7 +315,7 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'update'}) {
 }
 
 # Read-in snortsettings
-&General::readhash("${General::swroot}/snort/settings", \%snortsettings);
+&General::readhash("$IDS::settingsdir/settings", \%snortsettings);
 
 $checked{'ENABLE_SNORT'}{'off'} = '';
 $checked{'ENABLE_SNORT'}{'on'} = '';