From 7c3b7cdcca852e4f5e5ee46b5291b8ba522535ec Mon Sep 17 00:00:00 2001
From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Mon, 18 Feb 2019 10:55:27 +0100
Subject: [PATCH] ids-functions.pl: Tune rules to always monitor in both
 directions.

This will allow to scan the traffic from an EXTERNAL_NET to the HOME_NET and from
the HOME_NET to the EXTERNAL_NET.

Reference: 10273

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
 config/cfgroot/ids-functions.pl | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl
index 042a976910..016c0e49d6 100644
--- a/config/cfgroot/ids-functions.pl
+++ b/config/cfgroot/ids-functions.pl
@@ -742,6 +742,9 @@ sub write_modify_sids_file($) {
 	# Write file header.
 	print FILE "#Autogenerated file. Any custom changes will be overwritten!\n";
 
+	# Tune rules to monitor in both directions.
+	print FILE "modifysid \* \"\-\>\" \| \"\<\>\"\n";
+
 	# Check if the traffic only should be monitored.
 	unless($ruleaction eq "alert") {
 		# Tell oinkmaster to switch all rules from alert to drop.
-- 
2.39.2