From: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri, 12 Apr 2019 16:33:39 +0000 (+0100)
Subject: IPS logging: There is no distinguation between suricata & snort required
X-Git-Tag: v2.23-core131~35
X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff_plain;h=2eb0c326da2196c56f6f955bf5371e5d8c7ca9db

IPS logging: There is no distinguation between suricata & snort required

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/html/cgi-bin/logs.cgi/ids.dat b/html/cgi-bin/logs.cgi/ids.dat
index 5e4613753c..b2bd9f1e4b 100644
--- a/html/cgi-bin/logs.cgi/ids.dat
+++ b/html/cgi-bin/logs.cgi/ids.dat
@@ -383,7 +383,6 @@ sub processevent
 	our ($title,$classification,$priority,$date,$time,$srcip,$srcport,$destip,$destport, $sid, @refs);
 
 	my $filestr='';
-	my $readmode='';
 	if ($datediff==0) {
 		# If there is no datediff, directly assign the suricata fast.log.
 		$filestr="/var/log/suricata/fast.log";
@@ -399,9 +398,6 @@ sub processevent
 			# Assign snort alert file, the datediff and extension for compressed file.
 			$filestr = "/var/log/snort/alert.$datediff";
 			$filestr = "$filestr.gz";
-
-			# Assign "snort" as readmode.
-			$readmode="snort";
 		}
 	}
 	if (!(open (LOG,($filestr =~ /.gz$/ ? "gzip -dc $filestr |" : $filestr)))) {
@@ -411,7 +407,7 @@ sub processevent
 
 		while(<LOG>) {
 			$line++;
-			if (($_ =~ m/\[\*\*\]/) && ($readmode eq "snort")) {
+			if ($_ =~ m/\[\*\*\]/) {
 				unless ($line == 1 || $date ne "$monthstr/$daystr") {
 					&append;
 					$line = 1;
@@ -420,17 +416,6 @@ sub processevent
 				@refs = ();
 				$_ =~ m/:([0-9]{1,5})\] (.*) \[\*\*\]/;
 				$title = &Header::cleanhtml($2,"y");
-			} else {
-				&append;
-				$line = 1;
-
-				# Assign default values.
-				($title,$classification,$priority,$date,$time,$srcip,$srcport,$destip,$destport,$sid) = ("n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a", "n/a");
-				@refs = ();
-
-				# Gather title details from line.
-				$_ =~ m/:([0-9]{1,5})\] (.*) \[\*\*\]/;
-				$title = &Header::cleanhtml($2,"y");
 			}
 			if ($_ =~ m/Classification: (.*)\] \[Priority: (\d)\]/) {
 				$classification = &Header::cleanhtml($1,"y");