ids.cgi: Move and rename GenerateIgnoreList() function to ids-functions.pl

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl
index 87fc76dd09c6f6a8a087e84d4badb8ba9208fb0b..2a358b1cc114faede8a879d14113a6c5807ac837 100644 (file)
--- a/config/cfgroot/ids-functions.pl
+++ b/config/cfgroot/ids-functions.pl
@@ -746,4 +746,52 @@ sub get_suricata_version($) {
        } 
 }
 
+#
+## Function to generate the rules file with whitelisted addresses.
+#
+sub generate_ignore_file() {
+       my %ignored = ();
+
+       # SID range 1000000-1999999 Reserved for Local Use
+       # Put your custom rules in this range to avoid conflicts
+       my $sid = 1500000;
+
+       # Read-in ignoredfile.
+       &General::readhasharray($IDS::ignored_file, \%ignored);
+
+       # Open ignorefile for writing.
+       open(FILE, ">$IDS::whitelist_file") or die "Could not write to $IDS::whitelist_file. $!\n";
+
+       # Config file header.
+       print FILE "# Autogenerated file.\n";
+       print FILE "# All user modifications will be overwritten.\n\n";
+
+       # Add all user defined addresses to the whitelist.
+       #
+       # Check if the hash contains any elements.
+       if (keys (%ignored)) {
+               # Loop through the entire hash and write the host/network
+               # and remark to the ignore file.
+               while ( (my $key) = each %ignored) {
+                       my $address = $ignored{$key}[0];
+                       my $remark = $ignored{$key}[1];
+                       my $status = $ignored{$key}[2];
+
+                       # Check if the status of the entry is "enabled".
+                       if ($status eq "enabled") {
+                               # Check if the address/network is valid.
+                               if ((&General::validip($address)) || (&General::validipandmask($address))) {
+                                       # Write rule line to the file to pass any traffic from this IP
+                                       print FILE "pass ip $address any -> any any (msg:\"pass all traffic from/to $address\"\; sid:$sid\;)\n";
+
+                                       # Increment sid.
+                                       $sid++;
+                               }
+                       }
+               }
+       }
+
+       close(FILE);
+}
+
 1;

diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 0c3664547e613bf5f77835dd1423c5dcc38684d3..6807e9e05942b90627fbf04d765d9c69da916983 100644 (file)
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -131,7 +131,7 @@ if (($cgiparams{'WHITELIST'} eq $Lang::tr{'add'}) || ($cgiparams{'WHITELIST'} eq
                &General::writehasharray($IDS::ignored_file, \%ignored);
 
                # Regenerate the ignore file.
-               &GenerateIgnoreFile();
+               &IDS::generate_ignore_file();
        }
 
        # Check if the IDS is running.
@@ -174,7 +174,7 @@ if (($cgiparams{'WHITELIST'} eq $Lang::tr{'add'}) || ($cgiparams{'WHITELIST'} eq
                &General::writehasharray($IDS::ignored_file, \%ignored);
 
                # Regenerate the ignore file.
-               &GenerateIgnoreFile();
+               &IDS::generate_ignore_file();
 
                # Check if the IDS is running.
                if(&IDS::ids_is_running()) {
@@ -201,7 +201,7 @@ if (($cgiparams{'WHITELIST'} eq $Lang::tr{'add'}) || ($cgiparams{'WHITELIST'} eq
        &General::writehasharray($IDS::ignored_file, \%ignored);
 
        # Regenerate the ignore file.
-       &GenerateIgnoreFile();
+       &IDS::generate_ignore_file();
 
        # Check if the IDS is running.
        if(&IDS::ids_is_running()) {
@@ -1208,54 +1208,6 @@ sub get_memory_usage($) {
        return;
 }
 
-#
-## Function to generate the rules file with whitelisted addresses.
-#
-sub GenerateIgnoreFile() {
-       my %ignored = ();
-
-       # SID range 1000000-1999999 Reserved for Local Use
-       # Put your custom rules in this range to avoid conflicts
-       my $sid = 1500000;
-
-       # Read-in ignoredfile.
-       &General::readhasharray($IDS::ignored_file, \%ignored);
-
-       # Open ignorefile for writing.
-       open(FILE, ">$IDS::whitelist_file") or die "Could not write to $IDS::whitelist_file. $!\n";
-
-       # Config file header.
-       print FILE "# Autogenerated file.\n";
-       print FILE "# All user modifications will be overwritten.\n\n";
-
-       # Add all user defined addresses to the whitelist.
-       #
-       # Check if the hash contains any elements.
-       if (keys (%ignored)) {
-               # Loop through the entire hash and write the host/network
-               # and remark to the ignore file.
-               while ( (my $key) = each %ignored) {
-                       my $address = $ignored{$key}[0];
-                       my $remark = $ignored{$key}[1];
-                       my $status = $ignored{$key}[2];
-
-                       # Check if the status of the entry is "enabled".
-                       if ($status eq "enabled") {
-                               # Check if the address/network is valid.
-                               if ((&General::validip($address)) || (&General::validipandmask($address))) {
-                                       # Write rule line to the file to pass any traffic from this IP
-                                       print FILE "pass ip $address any -> any any (msg:\"pass all traffic from/to $address\"\; sid:$sid\;)\n";
-
-                                       # Increment sid.
-                                       $sid++;
-                               }
-                       }
-                }
-       }
-
-       close(FILE);
-}
-
 #
 ## Function to read-in the given enabled or disables sids file.
 #