From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Mon, 18 Feb 2019 09:55:27 +0000 (+0100)
Subject: ids-functions.pl: Tune rules to always monitor in both directions.
X-Git-Tag: v2.23-core131~117^2~34
X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff_plain;h=7c3b7cdcca852e4f5e5ee46b5291b8ba522535ec

ids-functions.pl: Tune rules to always monitor in both directions.

This will allow to scan the traffic from an EXTERNAL_NET to the HOME_NET and from
the HOME_NET to the EXTERNAL_NET.

Reference: 10273

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---

diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl
index 042a976910..016c0e49d6 100644
--- a/config/cfgroot/ids-functions.pl
+++ b/config/cfgroot/ids-functions.pl
@@ -742,6 +742,9 @@ sub write_modify_sids_file($) {
 	# Write file header.
 	print FILE "#Autogenerated file. Any custom changes will be overwritten!\n";
 
+	# Tune rules to monitor in both directions.
+	print FILE "modifysid \* \"\-\>\" \| \"\<\>\"\n";
+
 	# Check if the traffic only should be monitored.
 	unless($ruleaction eq "alert") {
 		# Tell oinkmaster to switch all rules from alert to drop.