core143: add suricata http port changes

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

diff --git a/config/rootfiles/core/143/filelists/files b/config/rootfiles/core/143/filelists/files
index 816fffe9a240858bb136838fabbe027912718aa2..e052d0e12c79915bb42ae721cc39fa84f8bedb61 100644 (file)
--- a/config/rootfiles/core/143/filelists/files
+++ b/config/rootfiles/core/143/filelists/files
@@ -11,8 +11,10 @@ srv/web/ipfire/cgi-bin/ids.cgi
 srv/web/ipfire/cgi-bin/mail.cgi
 srv/web/ipfire/cgi-bin/netother.cgi
 srv/web/ipfire/cgi-bin/ovpnmain.cgi
+srv/web/ipfire/cgi-bin/proxy.cgi
 srv/web/ipfire/cgi-bin/vpnmain.cgi
 usr/lib/firewall/rules.pl
+usr/sbin/convert-snort
 var/ipfire/backup/bin/backup.pl
 var/ipfire/backup/include
 var/ipfire/ids-functions.pl

diff --git a/config/rootfiles/core/143/update.sh b/config/rootfiles/core/143/update.sh
index cb07bbb59c5a7fc06434e38f12d30f3b361c07a2..9cd426447a0b4d8fadfe50c72ee15ae364a6045d 100644 (file)
--- a/config/rootfiles/core/143/update.sh
+++ b/config/rootfiles/core/143/update.sh
@@ -75,6 +75,11 @@ telinit u
 # Apply local configuration to sshd_config
 /usr/local/bin/sshctrl
 
+# Generate new http ports file for suricata
+perl -e "require '/var/ipfire/ids-functions.pl'; \
+     &IDS::generate_http_ports_file(); \
+     &IDS::set_ownership(\"\$IDS::http_ports_file\"); "
+
 # Start services
 /usr/local/bin/ipsecctrl S
 /etc/init.d/unbound restart
@@ -100,8 +105,6 @@ done
 # Filesytem cleanup
 /usr/local/bin/filesystem-cleanup
 
-# Start services
-
 # This update needs a reboot...
 #touch /var/run/need_reboot
 

diff --git a/config/suricata/suricata-generate-http-ports-file b/config/suricata/suricata-generate-http-ports-file
deleted file mode 100644 (file)
index f0d6bb8..0000000
--- a/config/suricata/suricata-generate-http-ports-file
+++ /dev/null
@@ -1,47 +0,0 @@
-#!/usr/bin/perl
-###############################################################################
-#                                                                             #
-# IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2012 IPFire Development Team <info@ipfire.org>                #
-#                                                                             #
-# This program is free software: you can redistribute it and/or modify        #
-# it under the terms of the GNU General Public License as published by        #
-# the Free Software Foundation, either version 3 of the License, or           #
-# (at your option) any later version.                                         #
-#                                                                             #
-# This program is distributed in the hope that it will be useful,             #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
-# GNU General Public License for more details.                                #
-#                                                                             #
-# You should have received a copy of the GNU General Public License           #
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
-#                                                                             #
-###############################################################################
-
-use strict;
-
-require '/var/ipfire/general-functions.pl';
-require "${General::swroot}/ids-functions.pl";
-
-exit unless(-f $IDS::ids_settings_file and -f $IDS::rules_settings_file);
-
-#
-## Step 1: Generate and write the HTTP ports file.
-#
-
-# Call subfunction to generate the HTTP ports file.
-&IDS::generate_http_ports_file();
-
-# Set correct ownership.
-&IDS::set_ownership("$IDS::http_ports_file");
-
-#
-## Step 2: Restart suricata if necessary.
-#
-
-# Check if the IDS should be started.
-if(&IDS::ids_is_running()) {
-       # Call suricatactrl and reload the rules.
-       &IDS::call_suricatactrl("restart");
-}