my $tmp_conf_directory = "$tmp_directory/conf";
# Array with allowed commands of suricatactrl.
-my @suricatactrl_cmds = ( 'start', 'stop', 'restart', 'reload', 'fix-rules-dir', 'cron' );
-
-# Array with supported cron intervals.
-my @cron_intervals = ('off', 'daily', 'weekly' );
+my @suricatactrl_cmds = ( 'start', 'stop', 'restart', 'reload', 'fix-rules-dir' );
# Array which contains the HTTP ports, which statically will be declared as HTTP_PORTS in the
# http_ports_file.
# Skip current command unless the given one has been found.
next unless($cmd eq $option);
- # Check if the given command is "cron".
- if ($option eq "cron") {
- # Check if an interval has been given.
- if ($interval) {
- # Check if the given interval is valid.
- foreach my $element (@cron_intervals) {
- # Skip current element until the given one has been found.
- next unless($element eq $interval);
-
- # Call the suricatactrl binary and pass the "cron" command
- # with the requrested interval.
- &General::system("$suricatactrl", "$option", "$interval");
-
- # Return "1" - True.
- return 1;
- }
- }
-
- # If we got here, the given interval is not supported or none has been given. - Return nothing.
- return;
- } else {
- # Call the suricatactrl binary and pass the requrested
- # option to it.
- &General::system("$suricatactrl", "$option");
+ # Call the suricatactrl binary and pass the requrested
+ # option to it.
+ &General::system("$suricatactrl", "$option");
- # Return "1" - True.
- return 1;
- }
+ # Return "1" - True.
+ return 1;
}
# Command not found - return nothing.
# Update location database
%hourly,random * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-location-database >/dev/null 2>&1
+# Update surciata rules.
+%daily,random * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ids-ruleset >/dev/null 2>&1
+
# Retry sending spooled mails regularly
%hourly * /usr/sbin/dma -q
&General::writehash("$IDS::ids_settings_file", \%cgiparams);
}
- # Check if the the automatic rule update hass been touched.
- if($cgiparams{'AUTOUPDATE_INTERVAL'} ne $oldidssettings{'AUTOUPDATE_INTERVAL'}) {
- # Call suricatactrl to set the new interval.
- &IDS::call_suricatactrl("cron", $cgiparams{'AUTOUPDATE_INTERVAL'});
- }
-
# Generate file to store the home net.
&IDS::generate_home_net_file();
&General::readhash("$IDS::ids_settings_file", \%idssettings);
&General::readhasharray("$IDS::providers_settings_file", \%used_providers);
- # If no autoupdate intervall has been configured yet, set default value.
- unless(exists($idssettings{'AUTOUPDATE_INTERVAL'})) {
- # Set default to "weekly".
- $idssettings{'AUTOUPDATE_INTERVAL'} = 'weekly';
- }
-
# Read-in ignored hosts.
&General::readhasharray("$IDS::ignored_file", \%ignored) if (-e $IDS::ignored_file);
$checked{'ENABLE_IDS'}{'off'} = '';
$checked{'ENABLE_IDS'}{'on'} = '';
$checked{'ENABLE_IDS'}{$idssettings{'ENABLE_IDS'}} = "checked='checked'";
- $selected{'AUTOUPDATE_INTERVAL'}{'off'} = '';
- $selected{'AUTOUPDATE_INTERVAL'}{'daily'} = '';
- $selected{'AUTOUPDATE_INTERVAL'}{'weekly'} = '';
- $selected{'AUTOUPDATE_INTERVAL'}{$idssettings{'AUTOUPDATE_INTERVAL'}} = "selected='selected'";
# Draw current state of the IDS
&Header::openbox('100%', 'left', $Lang::tr{'intrusion detection system'});
<tr>
<td colspan='4'><b>$Lang::tr{'ids automatic rules update'}</b></td>
</tr>
-
- <tr>
- <td>
- <select name='AUTOUPDATE_INTERVAL'>
- <option value='off' $selected{'AUTOUPDATE_INTERVAL'}{'off'} >- $Lang::tr{'Disabled'} -</option>
- <option value='daily' $selected{'AUTOUPDATE_INTERVAL'}{'daily'} >$Lang::tr{'Daily'}</option>
- <option value='weekly' $selected{'AUTOUPDATE_INTERVAL'}{'weekly'} >$Lang::tr{'Weekly'}</option>
- </select>
- </td>
- </tr>
</table>
<br><br>