require '/var/ipfire/general-functions.pl';
require "${General::swroot}/lang.pl";
+# Location where all config and settings files are stored.
+our $settingsdir = "${General::swroot}/snort";
+
# Location and name of the tarball which contains the ruleset.
our $rulestarball = "/var/tmp/snortrules.tar.gz";
sub downloadruleset {
# Get snort settings.
my %snortsettings=();
- &General::readhash("${General::swroot}/snort/settings", \%snortsettings);
+ &General::readhash("$settingsdir/settings", \%snortsettings);
# Get all available ruleset locations.
my %rulesetsources=();
- &General::readhash("${General::swroot}/snort/ruleset-sources.list", \%rulesetsources);
+ &General::readhash("$settingsdir/ruleset-sources.list", \%rulesetsources);
# Read proxysettings.
my %proxysettings=();
openlog('oinkmaster', 'cons,pid', 'user');
# Call oinkmaster to generate ruleset.
- open(OINKMASTER, "/usr/local/bin/oinkmaster.pl -v -s -u file://$rulestarball -C /var/ipfire/snort/oinkmaster.conf -o $rulespath|");
+ open(OINKMASTER, "/usr/local/bin/oinkmaster.pl -v -s -u file://$rulestarball -C $settingsdir/oinkmaster.conf -o $rulespath|");
# Log output of oinkmaster to syslog.
while(<OINKMASTER>) {
# Get netsettings.
&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
-my $snortusedrulefilesfile = "${General::swroot}/snort/snort-used-rulefiles.conf";
+my $idsusedrulefilesfile = "$IDS::settingsdir/ids-used-rulefiles.conf";
my $errormessage;
&Header::showhttpheaders();
# Gather used rulefiles.
#
# Check if the file for activated rulefiles is not empty.
-if(-f $snortusedrulefilesfile) {
+if(-f $idsusedrulefilesfile) {
# Open the file for used rulefile and read-in content.
- open(FILE, $snortusedrulefilesfile) or die "Could not open $snortusedrulefilesfile. $!\n";
+ open(FILE, $idsusedrulefilesfile) or die "Could not open $idsusedrulefilesfile. $!\n";
# Read-in content.
my @lines = <FILE>;
# Save ruleset.
if ($cgiparams{'RULESET'} eq $Lang::tr{'update'}) {
- my $enabled_sids_file = "${General::swroot}/snort/oinkmaster-enabled-sids.conf";
- my $disabled_sids_file = "${General::swroot}/snort/oinkmaster-disabled-sids.conf";
+ my $enabled_sids_file = "$IDS::settingsdir/oinkmaster-enabled-sids.conf";
+ my $disabled_sids_file = "$IDS::settingsdir/oinkmaster-disabled-sids.conf";
# Arrays to store sid which should be added to the corresponding files.
my @enabled_sids;
close(FILE);
# Open file for used rulefiles.
- open (FILE, ">$snortusedrulefilesfile") or die "Could not write to $snortusedrulefilesfile. $!\n";
+ open (FILE, ">$idsusedrulefilesfile") or die "Could not write to $idsusedrulefilesfile. $!\n";
# Write header to file.
print FILE "#Autogenerated file. Any custom changes will be overwritten!\n";
# Go on if there are no error messages.
if (!$errormessage) {
# Store settings into settings file.
- &General::writehash("${General::swroot}/snort/settings", \%cgiparams);
+ &General::writehash("$IDS::settingsdir/settings", \%cgiparams);
# Call snortctrl to restart snort
system('/usr/local/bin/snortctrl restart >/dev/null');
}
# Read-in snortsettings
-&General::readhash("${General::swroot}/snort/settings", \%snortsettings);
+&General::readhash("$IDS::settingsdir/settings", \%snortsettings);
$checked{'ENABLE_SNORT'}{'off'} = '';
$checked{'ENABLE_SNORT'}{'on'} = '';