]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b85901a)
rules-reload: fix reload with -s or -S 1743/head
authorEric Leblond <eric@regit.org>
Thu, 22 Oct 2015 18:31:13 +0000 (20:31 +0200)
committerVictor Julien <victor@inliniac.net>
Tue, 17 Nov 2015 13:08:25 +0000 (14:08 +0100)
When using the -S or -s option, the reload was causing the specified
rules file to be forgotten and the default rules to be loaded at
reload time.

src/detect-engine.c patch | blob | blame | history
src/detect-engine.h patch | blob | blame | history
src/suricata.c patch | blob | blame | history

diff --git a/src/detect-engine.c b/src/detect-engine.c
index c6e1a83f4c5f24c157ca049d2181126b188b6282..431f4b2aa7329fbbf456e8e91be775e58aeca1cc 100644 (file)
--- a/src/detect-engine.c
+++ b/src/detect-engine.c
@@ -2340,7 +2340,7 @@ static int reloads = 0;
  *  \retval -1 error
  *  \retval 0 ok
  */
-int DetectEngineReload(const char *filename)
+int DetectEngineReload(const char *filename, SCInstance *suri)
 {
     DetectEngineCtx *new_de_ctx = NULL;
     DetectEngineCtx *old_de_ctx = NULL;
@@ -2377,7 +2377,8 @@ int DetectEngineReload(const char *filename)
         DetectEngineDeReference(&old_de_ctx);
         return -1;
     }
-    if (SigLoadSignatures(new_de_ctx, NULL, 0) != 0) {
+    if (SigLoadSignatures(new_de_ctx,
+                          suri->sig_file, suri->sig_file_exclusive) != 0) {
         DetectEngineCtxFree(new_de_ctx);
         DetectEngineDeReference(&old_de_ctx);
         return -1;
diff --git a/src/detect-engine.h b/src/detect-engine.h
index ce4862134d01c856794aba31208982fe0be64084..7b62171007b25db0d68755eb771a0f60ef1ee6c0 100644 (file)
--- a/src/detect-engine.h
+++ b/src/detect-engine.h
@@ -75,7 +75,7 @@ void DetectEnginePruneFreeList(void);
 int DetectEngineMoveToFreeList(DetectEngineCtx *de_ctx);
 DetectEngineCtx *DetectEngineReference(DetectEngineCtx *);
 void DetectEngineDeReference(DetectEngineCtx **de_ctx);
-int DetectEngineReload(const char *filename);
+int DetectEngineReload(const char *filename, SCInstance *suri);
 int DetectEngineEnabled(void);
 int DetectEngineMTApply(void);
 int DetectEngineMultiTenantEnabled(void);
diff --git a/src/suricata.c b/src/suricata.c
index 0b8363e58e05724fadc1997454e94a06204567e4..173ef75fb46edf4aa6a9bce02230e0fc67304427 100644 (file)
--- a/src/suricata.c
+++ b/src/suricata.c
@@ -2386,7 +2386,7 @@ int main(int argc, char **argv)
 
     if (suri.delayed_detect) {
         /* force 'reload', this will load the rules and swap engines */
-        DetectEngineReload(NULL);
+        DetectEngineReload(NULL, &suri);
 
         if (suri.sig_file != NULL)
             UtilSignalHandlerSetup(SIGUSR2, SignalHandlerSigusr2SigFileStartup);
@@ -2419,10 +2419,10 @@ int main(int argc, char **argv)
         }
 
         if (sigusr2_count > 0) {
-            DetectEngineReload(conf_filename);
+            DetectEngineReload(conf_filename, &suri);
             sigusr2_count--;
         } else if (DetectEngineReloadIsStart()) {
-            DetectEngineReload(conf_filename);
+            DetectEngineReload(conf_filename, &suri);
             DetectEngineReloadSetDone();
         }
 
Mirror of https://github.com/OISF/suricata.git