From 9283e9b9cf8326453086d9777b264d7e50b9660a Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Tue, 22 Jan 2019 13:25:13 +0100 Subject: [PATCH] ids.cgi: Move and rename GenerateIgnoreList() function to ids-functions.pl Signed-off-by: Stefan Schantl --- config/cfgroot/ids-functions.pl | 48 +++++++++++++++++++++++++++++ html/cgi-bin/ids.cgi | 54 ++------------------------------- 2 files changed, 51 insertions(+), 51 deletions(-) diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl index 87fc76dd09..2a358b1cc1 100644 --- a/config/cfgroot/ids-functions.pl +++ b/config/cfgroot/ids-functions.pl @@ -746,4 +746,52 @@ sub get_suricata_version($) { } } +# +## Function to generate the rules file with whitelisted addresses. +# +sub generate_ignore_file() { + my %ignored = (); + + # SID range 1000000-1999999 Reserved for Local Use + # Put your custom rules in this range to avoid conflicts + my $sid = 1500000; + + # Read-in ignoredfile. + &General::readhasharray($IDS::ignored_file, \%ignored); + + # Open ignorefile for writing. + open(FILE, ">$IDS::whitelist_file") or die "Could not write to $IDS::whitelist_file. $!\n"; + + # Config file header. + print FILE "# Autogenerated file.\n"; + print FILE "# All user modifications will be overwritten.\n\n"; + + # Add all user defined addresses to the whitelist. + # + # Check if the hash contains any elements. + if (keys (%ignored)) { + # Loop through the entire hash and write the host/network + # and remark to the ignore file. + while ( (my $key) = each %ignored) { + my $address = $ignored{$key}[0]; + my $remark = $ignored{$key}[1]; + my $status = $ignored{$key}[2]; + + # Check if the status of the entry is "enabled". + if ($status eq "enabled") { + # Check if the address/network is valid. + if ((&General::validip($address)) || (&General::validipandmask($address))) { + # Write rule line to the file to pass any traffic from this IP + print FILE "pass ip $address any -> any any (msg:\"pass all traffic from/to $address\"\; sid:$sid\;)\n"; + + # Increment sid. + $sid++; + } + } + } + } + + close(FILE); +} + 1; diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index 0c3664547e..6807e9e059 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -131,7 +131,7 @@ if (($cgiparams{'WHITELIST'} eq $Lang::tr{'add'}) || ($cgiparams{'WHITELIST'} eq &General::writehasharray($IDS::ignored_file, \%ignored); # Regenerate the ignore file. - &GenerateIgnoreFile(); + &IDS::generate_ignore_file(); } # Check if the IDS is running. @@ -174,7 +174,7 @@ if (($cgiparams{'WHITELIST'} eq $Lang::tr{'add'}) || ($cgiparams{'WHITELIST'} eq &General::writehasharray($IDS::ignored_file, \%ignored); # Regenerate the ignore file. - &GenerateIgnoreFile(); + &IDS::generate_ignore_file(); # Check if the IDS is running. if(&IDS::ids_is_running()) { @@ -201,7 +201,7 @@ if (($cgiparams{'WHITELIST'} eq $Lang::tr{'add'}) || ($cgiparams{'WHITELIST'} eq &General::writehasharray($IDS::ignored_file, \%ignored); # Regenerate the ignore file. - &GenerateIgnoreFile(); + &IDS::generate_ignore_file(); # Check if the IDS is running. if(&IDS::ids_is_running()) { @@ -1208,54 +1208,6 @@ sub get_memory_usage($) { return; } -# -## Function to generate the rules file with whitelisted addresses. -# -sub GenerateIgnoreFile() { - my %ignored = (); - - # SID range 1000000-1999999 Reserved for Local Use - # Put your custom rules in this range to avoid conflicts - my $sid = 1500000; - - # Read-in ignoredfile. - &General::readhasharray($IDS::ignored_file, \%ignored); - - # Open ignorefile for writing. - open(FILE, ">$IDS::whitelist_file") or die "Could not write to $IDS::whitelist_file. $!\n"; - - # Config file header. - print FILE "# Autogenerated file.\n"; - print FILE "# All user modifications will be overwritten.\n\n"; - - # Add all user defined addresses to the whitelist. - # - # Check if the hash contains any elements. - if (keys (%ignored)) { - # Loop through the entire hash and write the host/network - # and remark to the ignore file. - while ( (my $key) = each %ignored) { - my $address = $ignored{$key}[0]; - my $remark = $ignored{$key}[1]; - my $status = $ignored{$key}[2]; - - # Check if the status of the entry is "enabled". - if ($status eq "enabled") { - # Check if the address/network is valid. - if ((&General::validip($address)) || (&General::validipandmask($address))) { - # Write rule line to the file to pass any traffic from this IP - print FILE "pass ip $address any -> any any (msg:\"pass all traffic from/to $address\"\; sid:$sid\;)\n"; - - # Increment sid. - $sid++; - } - } - } - } - - close(FILE); -} - # ## Function to read-in the given enabled or disables sids file. # -- 2.39.2