From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Wed, 22 Jan 2020 13:40:34 +0000 (+0100)
Subject: ids-functions.pl: Introduce file for local rules.
X-Git-Tag: v2.25-core141~34
X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff_plain;h=612bb2dff9c436f3a748c3572808ca699a21287f

ids-functions.pl: Introduce file for local rules.

This file is to be used, to store customized IDS rules.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
---

diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl
index 3fa19fab7b..3cfe837dbc 100644
--- a/config/cfgroot/ids-functions.pl
+++ b/config/cfgroot/ids-functions.pl
@@ -67,6 +67,9 @@ our $ids_page_lock_file = "/tmp/ids_page_locked";
 # Location where the rulefiles are stored.
 our $rulespath = "/var/lib/suricata";
 
+# Location to store local rules. This file will not be touched.
+our $local_rules_file = "$rulespath/local.rules";
+
 # File which contains the rules to whitelist addresses on suricata.
 our $whitelist_file = "$rulespath/whitelist.rules";
 
@@ -581,6 +584,9 @@ sub _cleanup_rulesdir() {
 		# Skip rules file for whitelisted hosts.
 		next if ("$rulespath/$file" eq $whitelist_file);
 
+		# Skip rules file with local rules.
+		next if ("$rulespath/$file" eq $local_rules_file);
+
 		# Delete the current processed file, if not, exit this function
 		# and return an error message.
 		unlink("$rulespath/$file") or return "Could not delete $rulespath/$file. $!\n";