ids.cgi: Stop suricata when the rulest source has been changed

If the ruleset source has been changed, it has to be configured again.
This happens because of different rule categories, filenames rule ID's etc.

In case suricata currently is running it has to be stopped and after the configuration
has been done by the user, it can be launched again.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 151181fdc0087aec0df98309d9c505a06eb857ea..1f096aea4a10d23c233b0e6343a00329448d69a1 100644 (file)
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -352,6 +352,14 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'save'}) {
                                &IDS::oinkmaster();
                        }
 
+                       # Check if the IDS is running.
+                       if(&IDS::ids_is_running()) {
+                               # Call suricatactrl to stop the IDS - because of the changed
+                               # ruleset - the use has to configure it before suricata can be
+                               # used again.
+                               &IDS::call_suricatactrl("stop");
+                       }
+
                        # Perform a reload of the page.
                        &reload();
                }