ids.cgi: Introduce ruleset-source.list

This new file will contain the vendor information and url
for downloading their ruleset. In future if the download location
or filename changes, we only need to adjust this one file and ship
it via a core update.

Also extend the downloadrulesfile to be able to directly call the
subfunction.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index aa4ab4eacbf306c93782a891809640e19b187141..9eff5233df1e2fa1e8b3de5b1f7ebd6d8adf168b 100644 (file)
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -606,6 +606,26 @@ sub downloadrulesfile {
                return undef;
        }
 
+       # Gather snort settings.
+       my %snortsettings = ();
+       &General::readhash("${General::swroot}/snort/settings", \%snortsettings);
+
+       # Get all available ruleset locations.
+       my %urls=();
+       &General::readhash("${General::swroot}/snort/ruleset-sources.list", \%urls);
+
+       # Grab the right url based on the configured vendor.
+       my $url = $urls{$snortsettings{'RULES'}};
+
+       # Check and pass oinkcode if the vendor requires one.
+       $url =~ s/\<oinkcode\>/$snortsettings{'OINKCODE'}/g;
+
+       # Abort if no url could be determined for the vendor.
+       unless($url) {
+               $errormessage = $Lang::tr{'could not download latest updates'};
+               return undef;
+       }
+
        my %proxysettings=();
        &General::readhash("${General::swroot}/proxy/settings", \%proxysettings);