IDS: Move rulepath declaration to ids-functions.pl

This will help if the path ever changed. Also remove hard coded rulepath
from oinkmaster call.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl
index d88a5b4ca6e139962a09efafe80c7183d8db377f..32002912d2d164a70bb64b17e44cf99a3b6ce786 100644 (file)
--- a/config/cfgroot/ids-functions.pl
+++ b/config/cfgroot/ids-functions.pl
@@ -32,6 +32,9 @@ our $rulestarball = "/var/tmp/snortrules.tar.gz";
 # File to store any errors, which also will be read and displayed by the wui.
 our $storederrorfile = "/tmp/ids_storederror";
 
+# Location where the rulefiles are stored.
+our $rulespath = "/etc/snort/rules";
+
 #
 ## Function for checking if at least 300MB of free disk space are available
 ## on the "/var" partition.
@@ -161,7 +164,7 @@ sub oinkmaster () {
        openlog('oinkmaster', 'cons,pid', 'user');
 
        # Call oinkmaster to generate ruleset.
-       open(OINKMASTER, "/usr/local/bin/oinkmaster.pl -v -s -u file://$rulestarball -C /var/ipfire/snort/oinkmaster.conf -o /etc/snort/rules|");
+       open(OINKMASTER, "/usr/local/bin/oinkmaster.pl -v -s -u file://$rulestarball -C /var/ipfire/snort/oinkmaster.conf -o $rulespath|");
 
        # Log output of oinkmaster to syslog.
        while(<OINKMASTER>) {

diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index df2bfe5a58b84a3c571350e8bc4ade12ca6c3d0e..7dc8793f6e03675aea674553766e48ac4235eca6 100644 (file)
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -47,7 +47,6 @@ my %selected=();
 # Get netsettings.
 &General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
 
-my $snortrulepath = "/etc/snort/rules";
 my $snortusedrulefilesfile = "${General::swroot}/snort/snort-used-rulefiles.conf";
 my $errormessage;
 
@@ -83,21 +82,21 @@ if (-e $IDS::storederrorfile) {
 ## Grab all available snort rules and store them in the idsrules hash.
 #
 # Open snort rules directory and do a directory listing.
-opendir(DIR, $snortrulepath) or die $!;
+opendir(DIR, $IDS::rulespath) or die $!;
        # Loop through the direcory.
        while (my $file = readdir(DIR)) {
 
                # We only want files.
-               next unless (-f "$snortrulepath/$file");
+               next unless (-f "$IDS::rulespath/$file");
 
                # Ignore empty files.
-               next if (-z "$snortrulepath/$file");
+               next if (-z "$IDS::rulespath/$file");
 
                # Use a regular expression to find files ending in .rules
                next unless ($file =~ m/\.rules$/);
 
                # Ignore files which are not read-able.
-               next unless (-R "$snortrulepath/$file");
+               next unless (-R "$IDS::rulespath/$file");
 
                # Call subfunction to read-in rulefile and add rules to
                # the idsrules hash.
@@ -611,7 +610,7 @@ sub readrulesfile ($) {
        my $rulefile = shift;
 
        # Open rule file and read in contents
-       open(RULEFILE, "$snortrulepath/$rulefile") or die "Unable to read $rulefile!";
+       open(RULEFILE, "$IDS::rulespath/$rulefile") or die "Unable to read $rulefile!";
 
        # Store file content in an array.
        my @lines = <RULEFILE>;