From c6bcdda1af86f803e980947aa66490f277b791d9 Mon Sep 17 00:00:00 2001
From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Wed, 13 Dec 2017 15:06:42 +0100
Subject: [PATCH] snort: Introduce ruleset-sources.list

This file contains the ruleset vendors and download urls and
will be used by the ids.cgi.

If an url or filename changes, we easily can adjust this file. In most
cases this will be needed when performing a snort update.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
 config/rootfiles/common/snort     |  1 +
 config/snort/ruleset-sources.list | 11 +++++++++++
 lfs/snort                         |  1 +
 3 files changed, 13 insertions(+)
 create mode 100644 config/snort/ruleset-sources.list

diff --git a/config/rootfiles/common/snort b/config/rootfiles/common/snort
index c83b15697d..7da84b3bdb 100644
--- a/config/rootfiles/common/snort
+++ b/config/rootfiles/common/snort
@@ -232,4 +232,5 @@ usr/sbin/snort
 #usr/share/doc/snort/WISHLIST
 #usr/share/doc/snort/generators
 #usr/share/man/man8/snort.8
+var/ipfire/snort/ruleset-sources.list
 var/log/snort
diff --git a/config/snort/ruleset-sources.list b/config/snort/ruleset-sources.list
new file mode 100644
index 0000000000..04fc2a9f1d
--- /dev/null
+++ b/config/snort/ruleset-sources.list
@@ -0,0 +1,11 @@
+# Ruleset for registered sourcefire users.
+registered = https://www.snort.org/downloads/registered/snortrules-snapshot-29110.tar.gz?oinkcode=<oinkcode>
+
+# Ruleset for registered sourcefire users with valid subscription.
+subscripted = https://www.snort.org/downloads/registered/snortrules-snapshot-29110.tar.gz?oinkcode=<oinkcode>
+
+# Community rules from sourcefire.
+community = https://www.snort.org/downloads/community/community-rules.tar.gz
+
+# Emerging threads community rules.
+emerging = http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz
diff --git a/lfs/snort b/lfs/snort
index a5d0535b00..83eba6c2e2 100644
--- a/lfs/snort
+++ b/lfs/snort
@@ -99,5 +99,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	chown -R nobody:nobody /etc/snort
 	-mkdir -p /var/log/snort
 	chown -R snort:snort /var/log/snort
+	install -m 0644 $(DIR_SRC)/config/snort/ruleset-sources.list /var/ipfire/snort
 	@rm -rf $(DIR_APP) $(DIR_SRC)/snort*
 	@$(POSTBUILD)
-- 
2.39.2